dev7245.d37fig7z5i8hqr.amplifyapp.com Open in urlscan Pro
99.86.116.124 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://dev7245.d37fig7z5i8hqr.amplifyapp.com/login.html
Submission Tags: demotag1 demotag2 Search All
Submission: On September 10 via api (September 10th 2021, 12:19:57 pm UTC) from US — Scanned from DE

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 18 HTTP transactions. The main IP is 99.86.116.124, located in United States and belongs to AMAZON-02, US. The main domain is dev7245.d37fig7z5i8hqr.amplifyapp.com.
TLS certificate: Issued by Amazon on September 10th 2021. Valid for: a year.

This is the only time dev7245.d37fig7z5i8hqr.amplifyapp.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Chase (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1	99.86.116.124 99.86.116.124	16509 (AMAZON-02) (AMAZON-02)
7	142.251.5.128 142.251.5.128	15169 (GOOGLE) (GOOGLE)
2	216.58.211.10 216.58.211.10	15169 (GOOGLE) (GOOGLE)
2	104.16.19.94 104.16.19.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	5

1 99.86.116.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-116-124.lhr61.r.cloudfront.net

dev7245.d37fig7z5i8hqr.amplifyapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.251.5.128 (United States)

ASN15169 (GOOGLE, US)
PTR: wg-in-f128.1e100.net

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.211.10 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: muc03s13-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.19.94 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	googleapis.com storage.googleapis.com ajax.googleapis.com	3 MB
2	cloudflare.com cdnjs.cloudflare.com	10 KB
1	amplifyapp.com dev7245.d37fig7z5i8hqr.amplifyapp.com	4 KB
18	3

	Domain	Requested by
7	storage.googleapis.com	dev7245.d37fig7z5i8hqr.amplifyapp.com storage.googleapis.com
2	cdnjs.cloudflare.com	dev7245.d37fig7z5i8hqr.amplifyapp.com cdnjs.cloudflare.com
2	ajax.googleapis.com	dev7245.d37fig7z5i8hqr.amplifyapp.com
1	dev7245.d37fig7z5i8hqr.amplifyapp.com
18	4

This site contains no links.

Subject Issuer	Validity	Valid
*.d37fig7z5i8hqr.amplifyapp.com Amazon	`2021-09-10` - `2022-10-09`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2021-08-23` - `2021-11-15`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-23` - `2021-11-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://dev7245.d37fig7z5i8hqr.amplifyapp.com/login.html
Frame ID: D8C73A45ECF242E370C717691E9628A7
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

67 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

5
IPs

2
Countries

3156 kB
Transfer

3295 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request login.html Show response
dev7245.d37fig7z5i8hqr.amplifyapp.com/ 12 KB
4 KB 246ms
186ms Document
text/html 99.86.116.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dev7245.d37fig7z5i8hqr.amplifyapp.com/login.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.116.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-116-124.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: de7e34c59bf49da6451efffac80bfef088adf4c5455e75fa5b2230c058e65293

Request headers

:method: GET
:authority: dev7245.d37fig7z5i8hqr.amplifyapp.com
:scheme: https
:path: /login.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html
date: Fri, 10 Sep 2021 12:19:51 GMT
last-modified: Fri, 10 Sep 2021 10:29:42 GMT
etag: W/"3ef7e063ddabe5638a4dbdd25f31930d"
x-amz-server-side-encryption: AES256
cache-control: no-cache, s-maxage=2
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 ece983986e74e7e31b6830d8531f6fb9.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C1
x-amz-cf-id: ix3QL8xm86vHDtsSTUeQenNiip1JqxdTI3d8pnF_Lk2ehO4xOtOsFQ==

GET
H2 200 logon.css
storage.googleapis.com/perceptive-seat-268000.appspot.com/ch/Files/css/ 111 KB
111 KB 475ms
408ms Stylesheet
text/css 142.251.5.128
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/perceptive-seat-268000.appspot.com/ch/Files/css/logon.css
Requested by: Host: dev7245.d37fig7z5i8hqr.amplifyapp.com
URL: https://dev7245.d37fig7z5i8hqr.amplifyapp.com/login.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.5.128 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wg-in-f128.1e100.net
Software: UploadServer /
Resource Hash: 1f40ea87a66d48750ed0fd7c032e7139ba42096059bd466c2a08ec607c371ed2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dev7245.d37fig7z5i8hqr.amplifyapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 12:19:50 GMT
x-guploader-uploadid: ADPycdsaoug00N8oW4Pvts_poLY71nivQz9zxGJYPJjBQwV5Vvi4oje1q_9Qjg9EdQ2ehUvgV8rGPw8Ginxx1BrJeQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113198
last-modified: Fri, 23 Jul 2021 11:07:06 GMT
server: UploadServer
etag: "390a0e213d5d2175151d594fceb11859"
x-goog-hash: crc32c=QcYCvg==, md5=OQoOIT1dIXUVHVlPzrEYWQ==
x-goog-generation: 1627038426944217
cache-control: public, max-age=3600
x-goog-stored-content-length: 113198
accept-ranges: bytes
content-type: text/css
expires: Fri, 10 Sep 2021 13:19:50 GMT

GET
H2 200 blue-ui2.css
storage.googleapis.com/perceptive-seat-268000.appspot.com/ch/Files/css/ 480 KB
481 KB 523ms
456ms Stylesheet
text/css 142.251.5.128
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/perceptive-seat-268000.appspot.com/ch/Files/css/blue-ui2.css
Requested by: Host: dev7245.d37fig7z5i8hqr.amplifyapp.com
URL: https://dev7245.d37fig7z5i8hqr.amplifyapp.com/login.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.5.128 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wg-in-f128.1e100.net
Software: UploadServer /
Resource Hash: 43cf02a258bb39121079944d6506d7aa52a64f47af4d91fa5ba4a6a93b6921ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dev7245.d37fig7z5i8hqr.amplifyapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 12:19:50 GMT
x-guploader-uploadid: ADPycdsZTyLfuVfwUHacLx21xS8WVA2ppIHhWB_1luvvh92ipLDYhvIV3MFuYH5s0sS5cqvKzCz1i1XPUTg5hlktPzySkyRtZA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 492001
last-modified: Fri, 23 Jul 2021 11:06:57 GMT
server: UploadServer
etag: "2ad7619c8160a9c752e4a907c68048be"
x-goog-hash: crc32c=eIEZ6A==, md5=KtdhnIFgqcdS5KkHxoBIvg==
x-goog-generation: 1627038417236394
cache-control: public, max-age=3600
x-goog-stored-content-length: 492001
accept-ranges: bytes
content-type: text/css
expires: Fri, 10 Sep 2021 13:19:50 GMT

GET
H2 200 login.css
storage.googleapis.com/perceptive-seat-268000.appspot.com/ch/Files/css/ 12 KB
13 KB 432ms
366ms Stylesheet
text/css 142.251.5.128
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/perceptive-seat-268000.appspot.com/ch/Files/css/login.css
Requested by: Host: dev7245.d37fig7z5i8hqr.amplifyapp.com
URL: https://dev7245.d37fig7z5i8hqr.amplifyapp.com/login.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.5.128 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wg-in-f128.1e100.net
Software: UploadServer /
Resource Hash: 14ee14a60b6cc486ba93cf8db061a4446420e54cc63aa1921c5267f4e3ab445c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dev7245.d37fig7z5i8hqr.amplifyapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 12:19:50 GMT
x-guploader-uploadid: ADPycdsNtxPQhirh5I-NQMIIF0WOp3JaXhhbm7imwf5ZAKl3jeYWeT-PIwbDt1WG2vSP4EpkLyBoRkCYAGmucwcomGK4bRm3fg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12594
last-modified: Fri, 23 Jul 2021 11:07:02 GMT
server: UploadServer
etag: "5b7c30c604c6c7b760b1d19a45a0980b"
x-goog-hash: crc32c=KPJMfw==, md5=W3wwxgTGx7dgsdGaRaCYCw==
x-goog-generation: 1627038422675344
cache-control: public, max-age=3600
x-goog-stored-content-length: 12594
accept-ranges: bytes
content-type: text/css
expires: Fri, 10 Sep 2021 13:19:50 GMT

GET
H2 200 dashboard.css
storage.googleapis.com/perceptive-seat-268000.appspot.com/ch/Files/css/ 2 MB
2 MB 437ms
370ms Stylesheet
text/css 142.251.5.128
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/perceptive-seat-268000.appspot.com/ch/Files/css/dashboard.css
Requested by: Host: dev7245.d37fig7z5i8hqr.amplifyapp.com
URL: https://dev7245.d37fig7z5i8hqr.amplifyapp.com/login.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.5.128 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wg-in-f128.1e100.net
Software: UploadServer /
Resource Hash: dfc6ec791eba3e3aa7d36d1c20091f616eba89934ed52b526e1edf1299b0fff2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dev7245.d37fig7z5i8hqr.amplifyapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 12:19:50 GMT
x-guploader-uploadid: ADPycduPeeVQ2Mj11FpklAkpVOqMvsF87uTGbsE8DkPqa7oJLqRUoOXBpu3YVTK9IS1yI5Iz7onV_rzHYdgfGve0wodM9gtB6g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1915605
last-modified: Fri, 23 Jul 2021 11:07:09 GMT
server: UploadServer
etag: "d9197404822982289aa45af723f39f44"
x-goog-hash: crc32c=9gdIkA==, md5=2Rl0BIIpgiiapFr3I/OfRA==
x-goog-generation: 1627038429912016
cache-control: public, max-age=3600
x-goog-stored-content-length: 1915605
accept-ranges: bytes
content-type: text/css
expires: Fri, 10 Sep 2021 13:19:50 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
31 KB 151ms
46ms Script
text/javascript 216.58.211.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: dev7245.d37fig7z5i8hqr.amplifyapp.com
URL: https://dev7245.d37fig7z5i8hqr.amplifyapp.com/login.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.211.10 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

muc03s13-in-f10.1e100.net

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dev7245.d37fig7z5i8hqr.amplifyapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 22:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 309654
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Sep 2022 22:18:56 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 91 KB
32 KB 213ms
107ms Script
text/javascript 216.58.211.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Requested by

Host: dev7245.d37fig7z5i8hqr.amplifyapp.com
URL: https://dev7245.d37fig7z5i8hqr.amplifyapp.com/login.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.211.10 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

muc03s13-in-f10.1e100.net

Software

sffe /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dev7245.d37fig7z5i8hqr.amplifyapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 21:44:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 138950
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32954
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Sep 2022 21:44:00 GMT

GET
H2 200 jquery.form-validator.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-form-validator/2.3.26/ 29 KB
9 KB 51ms
19ms Script
application/javascript 104.16.19.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-form-validator/2.3.26/jquery.form-validator.min.js

Requested by

Host: dev7245.d37fig7z5i8hqr.amplifyapp.com
URL: https://dev7245.d37fig7z5i8hqr.amplifyapp.com/login.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1264020dbe3f8813dceb1e15a7d5f4a48f2142e413cb310e7a256f4999d949a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dev7245.d37fig7z5i8hqr.amplifyapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 12:19:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3866511
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8247
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-72c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vjgvYvk2slefB%2Buq8rKnBrZUc3Ayns%2Fmkgs953y6HrUv4GXYGSOohHLYdqIlDEHOgeB99H1foaN1BRfdKP0lTOHxKvo1%2BA00lsHF21izpgdUSddpAxoaI7C%2BRn8nQlgNs3dD6Y6D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 68c89b5f9f85c49f-DUS
expires: Wed, 31 Aug 2022 12:19:50 GMT

GET
H2 200 blue-ui.css
storage.googleapis.com/perceptive-seat-268000.appspot.com/ch/Files/css/ 418 KB
419 KB 350ms
350ms Stylesheet
text/css 142.251.5.128
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/perceptive-seat-268000.appspot.com/ch/Files/css/blue-ui.css
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/perceptive-seat-268000.appspot.com/ch/Files/css/dashboard.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.5.128 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wg-in-f128.1e100.net
Software: UploadServer /
Resource Hash: 4a8338e43bcd7c5fda8309619d11adbe582d7c9b48bf409029843686edfb679d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storage.googleapis.com/perceptive-seat-268000.appspot.com/ch/Files/css/dashboard.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 12:19:51 GMT
x-guploader-uploadid: ADPycdu-xFLgd2XT0MepsbBRnB6UzuuHF_XsUiVJtNCDdkSuoaJD9RSJdpcACheM2sz0fNhJlTXmBi4FJME74geb7bZG3PfFyw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 428427
last-modified: Fri, 23 Jul 2021 11:06:55 GMT
server: UploadServer
etag: "6173dcadfa33eda1ff216e5035463c4b"
x-goog-hash: crc32c=fXieeg==, md5=YXPcrfoz7aH/IW5QNUY8Sw==
x-goog-generation: 1627038414980572
cache-control: public, max-age=3600
x-goog-stored-content-length: 428427
accept-ranges: bytes
content-type: text/css
expires: Fri, 10 Sep 2021 13:19:51 GMT

GET
H3 200 wordmark-white.svg
storage.googleapis.com/perceptive-seat-268000.appspot.com/ch/Files/img/ 1 KB
1 KB 438ms
438ms Image
image/svg+xml 142.251.5.128
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/perceptive-seat-268000.appspot.com/ch/Files/img/wordmark-white.svg
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/perceptive-seat-268000.appspot.com/ch/Files/css/logon.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.5.128 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wg-in-f128.1e100.net
Software: UploadServer /
Resource Hash: d3bf9c143e5e360da41736b1d4e833b5ac6b6f7093ddc91ffc538233a78488d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storage.googleapis.com/perceptive-seat-268000.appspot.com/ch/Files/css/logon.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 12:19:51 GMT
x-guploader-uploadid: ADPycdtYcXvcMz1IAnt0UpEhUESf3-vM_sR4W4T2NJzffoY2fKy-hY2X8pnq_Z_mv9C5QSuhkEt6MvV4ZNFAQxLyrtWVazBM8A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1409
last-modified: Fri, 23 Jul 2021 11:07:28 GMT
server: UploadServer
etag: "b55b042f907bc7108f5dca2103a8476b"
x-goog-hash: crc32c=JQFT9Q==, md5=tVsEL5B7xxCPXcohA6hHaw==
x-goog-generation: 1627038448033695
cache-control: public, max-age=3600
x-goog-stored-content-length: 1409
accept-ranges: bytes
content-type: image/svg+xml
expires: Fri, 10 Sep 2021 13:19:51 GMT

GET
H3 200 background.desktop.night.12.jpeg
storage.googleapis.com/perceptive-seat-268000.appspot.com/ch/Files/img/ 183 KB
183 KB 385ms
384ms Image
image/jpeg 142.251.5.128
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/perceptive-seat-268000.appspot.com/ch/Files/img/background.desktop.night.12.jpeg
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/perceptive-seat-268000.appspot.com/ch/Files/css/login.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.5.128 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wg-in-f128.1e100.net
Software: UploadServer /
Resource Hash: 9b92c0a5ed030335751624ba19a830c8182ef2b82a33c408154d5f71d2ec2e69

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://storage.googleapis.com/perceptive-seat-268000.appspot.com/ch/Files/css/login.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 12:19:51 GMT
x-guploader-uploadid: ADPycdsrdnDavha8EtzKBCcZvcPzcnLwAgW7FoVT0r-8cJM7ll8Lvfe9wYHqswgV8eiiFeRw6dbyxmK3zoiL7R3HSKArUiePwQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 187031
last-modified: Fri, 23 Jul 2021 11:07:14 GMT
server: UploadServer
etag: "ea18a7bc097d50f19da32e98f80a36ac"
x-goog-hash: crc32c=2hftTQ==, md5=6hinvAl9UPGdoy6Y+Ao2rA==
x-goog-generation: 1627038434287721
cache-control: public, max-age=3600
x-goog-stored-content-length: 187031
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 10 Sep 2021 13:19:51 GMT

GET opensans-regular.woff
storage.googleapis.com/perceptive-seat-268000.appspot.com/ch/Files/css/fonts/ 0
0

GET dcefont.woff
storage.googleapis.com/perceptive-seat-268000.appspot.com/ch/Files/css/fonts/ 0
0

GET opensans-semibold.woff
storage.googleapis.com/perceptive-seat-268000.appspot.com/ch/Files/css/fonts/ 0
0

GET
H3 200 toggleDisabled.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-form-validator/2.3.26/ 1 KB
1 KB 32ms
19ms Script
application/javascript 104.16.19.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-form-validator/2.3.26/toggleDisabled.js

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery-form-validator/2.3.26/jquery.form-validator.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256a06c938ecc394af763d147219fa14033d3528b1ed9da5f1e2f2ddbc8d2b08

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dev7245.d37fig7z5i8hqr.amplifyapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 12:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 574481
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 628
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-5dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DabsYt2LUrVjd6HSGIfAiv0HToeSQLNCdsqHWRkOuf%2B67rb21wMfaXiVtkdOyNTXQdwF%2BQrrpgEQbKGRbOKQLR%2Ff%2B62s0YhdHKo9RDofMKYJc6CSeCvlWYo1De55eHc%2F859v9ar1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 68c89b66eb6fc4b8-DUS
expires: Wed, 31 Aug 2022 12:19:51 GMT

GET opensans-semibold.ttf
storage.googleapis.com/perceptive-seat-268000.appspot.com/ch/Files/css/fonts/ 0
0

GET dcefont.ttf
storage.googleapis.com/perceptive-seat-268000.appspot.com/ch/Files/css/fonts/ 0
0

GET opensans-regular.ttf
storage.googleapis.com/perceptive-seat-268000.appspot.com/ch/Files/css/fonts/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: storage.googleapis.com
URL: https://storage.googleapis.com/perceptive-seat-268000.appspot.com/ch/Files/css/fonts/opensans-regular.woff

Domain: storage.googleapis.com
URL: https://storage.googleapis.com/perceptive-seat-268000.appspot.com/ch/Files/css/fonts/dcefont.woff

Domain: storage.googleapis.com
URL: https://storage.googleapis.com/perceptive-seat-268000.appspot.com/ch/Files/css/fonts/opensans-semibold.woff

Domain: storage.googleapis.com
URL: https://storage.googleapis.com/perceptive-seat-268000.appspot.com/ch/Files/css/fonts/opensans-semibold.ttf

Domain: storage.googleapis.com
URL: https://storage.googleapis.com/perceptive-seat-268000.appspot.com/ch/Files/css/fonts/dcefont.ttf

Domain: storage.googleapis.com
URL: https://storage.googleapis.com/perceptive-seat-268000.appspot.com/ch/Files/css/fonts/opensans-regular.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Chase (Banking)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://dev7245.d37fig7z5i8hqr.amplifyapp.com/login.html Message: Access to font at 'https://storage.googleapis.com/perceptive-seat-268000.appspot.com/ch/Files/css/fonts/opensans-semibold.woff' from origin 'https://dev7245.d37fig7z5i8hqr.amplifyapp.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://storage.googleapis.com/perceptive-seat-268000.appspot.com/ch/Files/css/fonts/opensans-semibold.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://dev7245.d37fig7z5i8hqr.amplifyapp.com/login.html Message: Access to font at 'https://storage.googleapis.com/perceptive-seat-268000.appspot.com/ch/Files/css/fonts/dcefont.woff' from origin 'https://dev7245.d37fig7z5i8hqr.amplifyapp.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://storage.googleapis.com/perceptive-seat-268000.appspot.com/ch/Files/css/fonts/dcefont.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://dev7245.d37fig7z5i8hqr.amplifyapp.com/login.html Message: Access to font at 'https://storage.googleapis.com/perceptive-seat-268000.appspot.com/ch/Files/css/fonts/opensans-regular.woff' from origin 'https://dev7245.d37fig7z5i8hqr.amplifyapp.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://storage.googleapis.com/perceptive-seat-268000.appspot.com/ch/Files/css/fonts/opensans-regular.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://dev7245.d37fig7z5i8hqr.amplifyapp.com/login.html Message: Access to font at 'https://storage.googleapis.com/perceptive-seat-268000.appspot.com/ch/Files/css/fonts/opensans-regular.ttf' from origin 'https://dev7245.d37fig7z5i8hqr.amplifyapp.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://storage.googleapis.com/perceptive-seat-268000.appspot.com/ch/Files/css/fonts/opensans-regular.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://dev7245.d37fig7z5i8hqr.amplifyapp.com/login.html Message: Access to font at 'https://storage.googleapis.com/perceptive-seat-268000.appspot.com/ch/Files/css/fonts/opensans-semibold.ttf' from origin 'https://dev7245.d37fig7z5i8hqr.amplifyapp.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://storage.googleapis.com/perceptive-seat-268000.appspot.com/ch/Files/css/fonts/opensans-semibold.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://dev7245.d37fig7z5i8hqr.amplifyapp.com/login.html Message: Access to font at 'https://storage.googleapis.com/perceptive-seat-268000.appspot.com/ch/Files/css/fonts/dcefont.ttf' from origin 'https://dev7245.d37fig7z5i8hqr.amplifyapp.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://storage.googleapis.com/perceptive-seat-268000.appspot.com/ch/Files/css/fonts/dcefont.ttf Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
dev7245.d37fig7z5i8hqr.amplifyapp.com
storage.googleapis.com
storage.googleapis.com
104.16.19.94
142.251.5.128
216.58.211.10
99.86.116.124
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
14ee14a60b6cc486ba93cf8db061a4446420e54cc63aa1921c5267f4e3ab445c
1f40ea87a66d48750ed0fd7c032e7139ba42096059bd466c2a08ec607c371ed2
256a06c938ecc394af763d147219fa14033d3528b1ed9da5f1e2f2ddbc8d2b08
43cf02a258bb39121079944d6506d7aa52a64f47af4d91fa5ba4a6a93b6921ef
4a8338e43bcd7c5fda8309619d11adbe582d7c9b48bf409029843686edfb679d
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
9b92c0a5ed030335751624ba19a830c8182ef2b82a33c408154d5f71d2ec2e69
d3bf9c143e5e360da41736b1d4e833b5ac6b6f7093ddc91ffc538233a78488d0
de7e34c59bf49da6451efffac80bfef088adf4c5455e75fa5b2230c058e65293
dfc6ec791eba3e3aa7d36d1c20091f616eba89934ed52b526e1edf1299b0fff2
f1264020dbe3f8813dceb1e15a7d5f4a48f2142e413cb310e7a256f4999d949a

dev7245.d37fig7z5i8hqr.amplifyapp.com Open in urlscan Pro 99.86.116.124 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

18 Requests

67 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

5 IPs

2 Countries

3156 kBTransfer

3295 kBSize

0 Cookies

0 Outgoing links

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

5 JavaScript Global Variables

0 Cookies

12 Console Messages

Indicators

dev7245.d37fig7z5i8hqr.amplifyapp.com Open in urlscan Pro
99.86.116.124 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

67 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

5
IPs

2
Countries

3156 kB
Transfer

3295 kB
Size

0
Cookies

18 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!