jcaaa2.ga
Open in
urlscan Pro
2606:4700:3037::681b:9472
Malicious Activity!
Public Scan
Submission: On March 25 via manual from US
Summary
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on March 24th 2020. Valid for: 7 months.
This is the only time jcaaa2.ga was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Microsoft (Consumer) Generic (Online) Tech Support Scam (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
12 | 2606:4700:303... 2606:4700:3037::681b:9472 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:1a | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
1 | 2a00:1450:400... 2a00:1450:4001:808::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 209.197.3.24 209.197.3.24 | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
1 | 2a00:1450:400... 2a00:1450:4001:821::200a | 15169 (GOOGLE) (GOOGLE) | |
18 | 6 |
ASN20446 (HIGHWINDS3, US)
PTR: vip0x018.map2.ssl.hwcdn.net
code.jquery.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
jcaaa2.ga
jcaaa2.ga |
108 KB |
3 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com |
32 KB |
2 |
googleapis.com
ajax.googleapis.com fonts.googleapis.com |
32 KB |
1 |
jquery.com
code.jquery.com |
30 KB |
18 | 4 |
Domain | Requested by | |
---|---|---|
12 | jcaaa2.ga |
jcaaa2.ga
|
3 | maxcdn.bootstrapcdn.com |
jcaaa2.ga
|
1 | fonts.googleapis.com |
jcaaa2.ga
|
1 | code.jquery.com |
jcaaa2.ga
|
1 | ajax.googleapis.com |
jcaaa2.ga
|
18 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2020-03-24 - 2020-10-09 |
7 months | crt.sh |
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA |
2019-09-14 - 2020-10-13 |
a year | crt.sh |
*.storage.googleapis.com GTS CA 1O1 |
2020-03-03 - 2020-05-26 |
3 months | crt.sh |
jquery.org COMODO RSA Domain Validation Secure Server CA |
2018-10-17 - 2020-10-16 |
2 years | crt.sh |
This page contains 2 frames:
Primary Page:
https://jcaaa2.ga/own-25-8494/newchrome/chxchxchxchxchx/index.html
Frame ID: C46C73ACA4152B096E6A3CBA5813CFF2
Requests: 18 HTTP requests in this frame
Frame:
https://jcaaa2.ga/own-25-8494/newchrome/chxchxchxchxchx/beep.mp3
Frame ID: 7B16109C6A396ACF382051D8250CEF78
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /^cloudflare$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
index.html
jcaaa2.ga/own-25-8494/newchrome/chxchxchxchxchx/ |
28 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ |
118 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap-theme.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ |
23 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
jcaaa2.ga/own-25-8494/newchrome/chxchxchxchxchx/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ |
85 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.4.0/js/ |
37 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rsod.png
jcaaa2.ga/own-25-8494/newchrome/chxchxchxchxchx/images/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
335158-windows-8-window.png
jcaaa2.ga/own-25-8494/newchrome/chxchxchxchxchx/images/ |
28 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.3.1.min.js
code.jquery.com/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
jcaaa2.ga/own-25-8494/newchrome/chxchxchxchxchx/js/ |
8 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
33 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
239 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
background.png
jcaaa2.ga/own-25-8494/newchrome/chxchxchxchxchx/images/ |
41 KB 41 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
err.mp3
jcaaa2.ga/own-25-8494/newchrome/chxchxchxchxchx/ |
28 KB 0 |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
beep.mp3
jcaaa2.ga/own-25-8494/newchrome/chxchxchxchxchx/ |
8 KB 8 KB |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Funk.ogg
jcaaa2.ga/own-25-8494/newchrome/chxchxchxchxchx/ |
548 B 600 B |
Media
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
err.mp3
jcaaa2.ga/own-25-8494/newchrome/chxchxchxchxchx/ |
42 KB 0 |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
beep.mp3
jcaaa2.ga/own-25-8494/newchrome/chxchxchxchxchx/ |
8 KB 8 KB |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
beep.mp3
jcaaa2.ga/own-25-8494/newchrome/chxchxchxchxchx/ Frame 7B16 |
0 0 |
Document
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Microsoft (Consumer) Generic (Online) Tech Support Scam (Consumer)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
code.jquery.com
fonts.googleapis.com
jcaaa2.ga
maxcdn.bootstrapcdn.com
2001:4de0:ac19::1:b:1a
209.197.3.24
2606:4700:3037::681b:9472
2a00:1450:4001:808::200a
2a00:1450:4001:821::200a
0589be7715d2320e559eae6bd26f3528e97450c70293da2e1e8ce45f77f99ab1
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
194e3cea1157a5cb62a34f76bcde3e02810f47aaa52495ffbf830cf21548c8a3
312c6606235f1ba63b2141b812fef5398536390a76c85f5ab8bcc35a7aa8737e
56b9740aa347bc2b3aaa5959d13ce53c6670b790030159ac7ad9123a1d45690c
606a248227b8bfb26e81383ad9d7fa4d01a31ed02a31b282dc57790cf285d42a
653e073e97423adda5bc3917a241ee8497dd38a48f14bcde0098a4e54fd0fa5e
8a341385e96880052ae350401544af4213cb320a318d4d4c17ea0662f28d135c
909ae563eb34f7e4285a3a643ab5d7c21c5e6a80f3f455b949ac45f08d0389b4
bd08b9849632e73574f62ca80572a17f9bbd9bb1010fe8c6380e641460abd96c
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
e6155c8765cddcfc94a631542e159e26df0f7f1c2ba95358b4f415d946c0a1c0
e714878c37fd93c25a3ac18a77ae828b1a5adc8ca5d9ac8dd1fdc368de368039
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c