![](/screenshots/44a12979-9eec-47c8-bc39-8d4b5596eef5.png)
secured-login.net
Open in
urlscan Pro
3.231.232.165
Malicious Activity!
Public Scan
Effective URL: https://secured-login.net/pages/ab41ecbd4fa/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2c...
Submission: On February 16 via manual from MX — Scanned from DE
Summary
TLS certificate: Issued by Amazon RSA 2048 M02 on July 27th 2023. Valid for: a year.
This is the only time secured-login.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Phishing Simulation (Internet)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2600:9000:212... 2600:9000:2127:3000:1e:9997:2240:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
6 | 3.231.232.165 3.231.232.165 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 52.216.61.49 52.216.61.49 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2606:4700::68... 2606:4700::6810:6fd1 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
8 | 2a00:1450:400... 2a00:1450:4001:813::200e | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:830::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 2 | 2a00:1450:400... 2a00:1450:4001:809::2002 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:828::2006 | 15169 (GOOGLE) (GOOGLE) | |
4 | 2a00:1450:400... 2a00:1450:4001:82f::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:806::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:831::2016 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:82b::2001 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:82a::2003 | 15169 (GOOGLE) (GOOGLE) | |
29 | 13 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-231-232-165.compute-1.amazonaws.com
chase.com-onlinebanking.com | |
secured-login.net |
ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
helpimg.s3.amazonaws.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
static.doubleclick.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
youtube.com
www.youtube.com — Cisco Umbrella Rank: 80 |
1009 KB |
5 |
secured-login.net
secured-login.net — Cisco Umbrella Rank: 103832 |
777 KB |
4 |
googleapis.com
jnn-pa.googleapis.com — Cisco Umbrella Rank: 230 |
41 KB |
4 |
gstatic.com
fonts.gstatic.com www.gstatic.com |
48 KB |
3 |
doubleclick.net
1 redirects
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 static.doubleclick.net — Cisco Umbrella Rank: 271 |
1 KB |
1 |
ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 218 |
4 KB |
1 |
ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 102 |
11 KB |
1 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
20 KB |
1 |
hubspot.net
cdn2.hubspot.net — Cisco Umbrella Rank: 9835 |
5 KB |
1 |
amazonaws.com
helpimg.s3.amazonaws.com — Cisco Umbrella Rank: 139135 |
60 KB |
1 |
com-onlinebanking.com
chase.com-onlinebanking.com — Cisco Umbrella Rank: 189291 |
851 B |
1 |
avanan.click
1 redirects
url.avanan.click — Cisco Umbrella Rank: 75797 |
607 B |
29 | 12 |
Domain | Requested by | |
---|---|---|
8 | www.youtube.com |
secured-login.net
www.youtube.com |
5 | secured-login.net |
chase.com-onlinebanking.com
|
4 | jnn-pa.googleapis.com |
www.youtube.com
|
2 | www.gstatic.com |
www.youtube.com
www.gstatic.com |
2 | googleads.g.doubleclick.net |
1 redirects
www.youtube.com
|
2 | fonts.gstatic.com |
www.youtube.com
|
1 | yt3.ggpht.com |
www.youtube.com
|
1 | i.ytimg.com |
www.youtube.com
|
1 | www.google.com |
www.youtube.com
|
1 | static.doubleclick.net |
www.youtube.com
|
1 | cdn2.hubspot.net |
secured-login.net
|
1 | helpimg.s3.amazonaws.com |
secured-login.net
|
1 | chase.com-onlinebanking.com | |
1 | url.avanan.click | 1 redirects |
29 | 14 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.knowbe4.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
secured-login.net Amazon RSA 2048 M02 |
2023-07-27 - 2024-08-24 |
a year | crt.sh |
*.s3.amazonaws.com Amazon RSA 2048 M01 |
2023-10-10 - 2024-07-03 |
9 months | crt.sh |
hubspot.net Cloudflare Inc ECC CA-3 |
2023-04-06 - 2024-04-05 |
a year | crt.sh |
*.google.com GTS CA 1C3 |
2024-01-29 - 2024-04-22 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-01-29 - 2024-04-22 |
3 months | crt.sh |
*.doubleclick.net GTS CA 1C3 |
2024-01-29 - 2024-04-22 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-01-29 - 2024-04-22 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2024-01-29 - 2024-04-22 |
3 months | crt.sh |
edgestatic.com GTS CA 1C3 |
2024-01-29 - 2024-04-22 |
3 months | crt.sh |
*.googleusercontent.com GTS CA 1C3 |
2024-01-29 - 2024-04-22 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://secured-login.net/pages/ab41ecbd4fa/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2clFmVTlvTTh4TWRxc3NOTFduSGxDclVBSWQvb0RnamV0dUxxdEpBMHhJcDhjckRJWGdxMkp5OFU3VEZ0bm15M2I1UG5JVnlGNFN3L3NlN2RGUFMyV1VBUndxV3drUTY1OUpiNlB0SElaQzdGUjFQTDVMZmRvZGM4K21NZHRSNi0tMFEreGtNNTdNdU9scWN5Ti0tUE9ya3VSN1ErY25FQS9UOHVjVjBYdz09
Frame ID: E33F4A306B3DB0770E03067601CC5C0E
Requests: 8 HTTP requests in this frame
Frame:
https://www.youtube.com/embed/oHg5SJYRHA0?rel=0;autoplay=1
Frame ID: 4DC61A6699121FF20D97BC6D4A7EE1AB
Requests: 20 HTTP requests in this frame
Screenshot
![](/screenshots/44a12979-9eec-47c8-bc39-8d4b5596eef5.png)
Page URL History Show full URLs
-
https://url.avanan.click/v2/___https://chase.com-onlinebanking.com/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqS...
HTTP 302
https://chase.com-onlinebanking.com/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc... Page URL
- https://secured-login.net/pages/ab41ecbd4fa/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0a... Page URL
Detected technologies
![](/vendor/wappa/icons/YouTube.png)
Detected patterns
- <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)
Detected patterns
- ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://url.avanan.click/v2/___https://chase.com-onlinebanking.com/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2clFmVTlvTTh4TWRxc3NOTFduSGxDclVBSWQvb0RnamV0dUxxdEpBMHhJcDhjckRJWGdxMkp5OFU3VEZ0bm15M2I1UG5JVnlGNFN3L3NlN2RGUFMyV1VBUndxV3drUTY1OUpiNlB0SElaQzdGUjFQTDVMZmRvZGM4K21NZHRSNi0tMFEreGtNNTdNdU9scWN5Ti0tUE9ya3VSN1ErY25FQS9UOHVjVjBYdz09?cid=1918415803___.YXAzOmlub2FjdXNhOmE6bzo1NzZjNDc2YjlhZDA5NWQwMjRkNWE4ZjNmNWNmYTU4NTo2OjU2Y2U6NjgyOGIxNDU2YmMxYWQ0NDc1YjY3ZTQxMGQ4YmE2ZGFjOWNkMWE2MThkNmU3ZjY0MWI1ODQ3MjZkNWQ3NjA5NDpoOlQ
HTTP 302
https://chase.com-onlinebanking.com/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2clFmVTlvTTh4TWRxc3NOTFduSGxDclVBSWQvb0RnamV0dUxxdEpBMHhJcDhjckRJWGdxMkp5OFU3VEZ0bm15M2I1UG5JVnlGNFN3L3NlN2RGUFMyV1VBUndxV3drUTY1OUpiNlB0SElaQzdGUjFQTDVMZmRvZGM4K21NZHRSNi0tMFEreGtNNTdNdU9scWN5Ti0tUE9ya3VSN1ErY25FQS9UOHVjVjBYdz09?cid=1918415803 Page URL
- https://secured-login.net/pages/ab41ecbd4fa/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2clFmVTlvTTh4TWRxc3NOTFduSGxDclVBSWQvb0RnamV0dUxxdEpBMHhJcDhjckRJWGdxMkp5OFU3VEZ0bm15M2I1UG5JVnlGNFN3L3NlN2RGUFMyV1VBUndxV3drUTY1OUpiNlB0SElaQzdGUjFQTDVMZmRvZGM4K21NZHRSNi0tMFEreGtNNTdNdU9scWN5Ti0tUE9ya3VSN1ErY25FQS9UOHVjVjBYdz09 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://url.avanan.click/v2/___https://chase.com-onlinebanking.com/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2clFmVTlvTTh4TWRxc3NOTFduSGxDclVBSWQvb0RnamV0dUxxdEpBMHhJcDhjckRJWGdxMkp5OFU3VEZ0bm15M2I1UG5JVnlGNFN3L3NlN2RGUFMyV1VBUndxV3drUTY1OUpiNlB0SElaQzdGUjFQTDVMZmRvZGM4K21NZHRSNi0tMFEreGtNNTdNdU9scWN5Ti0tUE9ya3VSN1ErY25FQS9UOHVjVjBYdz09?cid=1918415803___.YXAzOmlub2FjdXNhOmE6bzo1NzZjNDc2YjlhZDA5NWQwMjRkNWE4ZjNmNWNmYTU4NTo2OjU2Y2U6NjgyOGIxNDU2YmMxYWQ0NDc1YjY3ZTQxMGQ4YmE2ZGFjOWNkMWE2MThkNmU3ZjY0MWI1ODQ3MjZkNWQ3NjA5NDpoOlQ HTTP 302
- https://chase.com-onlinebanking.com/XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2clFmVTlvTTh4TWRxc3NOTFduSGxDclVBSWQvb0RnamV0dUxxdEpBMHhJcDhjckRJWGdxMkp5OFU3VEZ0bm15M2I1UG5JVnlGNFN3L3NlN2RGUFMyV1VBUndxV3drUTY1OUpiNlB0SElaQzdGUjFQTDVMZmRvZGM4K21NZHRSNi0tMFEreGtNNTdNdU9scWN5Ti0tUE9ya3VSN1ErY25FQS9UOHVjVjBYdz09?cid=1918415803
- https://googleads.g.doubleclick.net/pagead/id HTTP 302
- https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2clFmVTlvTTh4TWRxc3NOTFduSGxDclVBSWQvb0RnamV0dUxxdEpBMHhJcDhjckRJWGdxMkp5OFU3VEZ0bm15M2I1UG5JVnlGNFN3L3NlN2RGUFMyV1VBUndx...
chase.com-onlinebanking.com/ Redirect Chain
|
452 B 851 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
XZFV6a1AyK1RIYU05ZWI2V1ZxREJOWkZqSXB5ajlPYnowREJueXA0K1h0aENUaVBKdHVSa2xLTjc2clFmVTlvTTh4TWRxc3NOTFduSGxDclVBSWQvb0RnamV0dUxxdEpBMHhJcDhjckRJWGdxMkp5OFU3VEZ0bm15M2I1UG5JVnlGNFN3L3NlN2RGUFMyV1VBUndx...
secured-login.net/pages/ab41ecbd4fa/ |
4 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
landing-watermark-8487e36eef1bec74f06631f19fea0aa171c208e2976373cda5bd0a4b9e230903.css
secured-login.net/assets/ |
1 KB 601 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application-1fad17ce0880f978206c332819cfbcf1a9232d0ff44aace838815115cb62d62b.js
secured-login.net/assets/ |
3 MB 750 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor-954761ad0dceb106b971.js
secured-login.net/packs/js/ |
18 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modernizr-79e0181ec91aff04bb01d87cba546535ede843f75d19f5c60f66b8dd6546971f.js
secured-login.net/assets/ |
50 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
thin-orange-header.png
helpimg.s3.amazonaws.com/landing_pages/ |
60 KB 60 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KB4-logo.png
cdn2.hubspot.net/hubfs/241394/html_file/files/img/ |
4 KB 5 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
oHg5SJYRHA0
www.youtube.com/embed/ Frame 4DC6 |
91 KB 40 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
www-player.css
www.youtube.com/s/player/5683fc5e/ Frame 4DC6 |
366 KB 47 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4DC6 |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4DC6 |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
embed.js
www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/ Frame 4DC6 |
53 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
www-embed-player.js
www.youtube.com/s/player/5683fc5e/www-embed-player.vflset/ Frame 4DC6 |
318 KB 95 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
base.js
www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/ Frame 4DC6 |
2 MB 778 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
googleads.g.doubleclick.net/pagead/ Frame 4DC6 Redirect Chain
|
100 B 242 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ad_status.js
static.doubleclick.net/instream/ Frame 4DC6 |
29 B 495 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 4DC6 |
87 KB 40 KB |
XHR
application/json+protobuf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
remote.js
www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/ Frame 4DC6 |
118 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jKwdeMg5eTlKLUq1BicdQ3joNHiQFKykZS_8AKWMVTU.js
www.google.com/js/th/ Frame 4DC6 |
51 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hqdefault.jpg
i.ytimg.com/vi/oHg5SJYRHA0/ Frame 4DC6 |
10 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 4DC6 |
175 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AIf8zZTsiujrJ4ksiu6w08OvGOwF9QHmJolUrtJJVqj-=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 4DC6 |
3 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 4DC6 |
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
generate_204
www.youtube.com/ Frame 4DC6 |
0 10 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 4DC6 |
90 B 134 B |
XHR
application/json+protobuf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H3 |
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cast_sender.js
www.gstatic.com/eureka/clank/121/ Frame 4DC6 |
50 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
log_event
www.youtube.com/youtubei/v1/ Frame 4DC6 |
28 B 50 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Phishing Simulation (Internet)27 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| _extends function| _typeof function| FlatpickrInstance function| _flatpickr function| flatpickr function| updateQueryStringParameter function| getParam function| colSort function| $ function| jQuery object| jQuery112408407226285613394 function| proj4 object| Routes function| moment object| FullCalendar function| _ object| ZeroClipboard_TableTools object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime object| html5 object| Modernizr object| gon object| kb43 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
url.avanan.click/ | Name: x-cloud-sec-ctp Value: ad0eeb32-8e89-4d50-82af-8ae6332d3195 |
|
.youtube.com/ | Name: YSC Value: Z3pPgfaO7sI |
|
.youtube.com/ | Name: VISITOR_INFO1_LIVE Value: KnN3O7Beg_k |
16 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | |
Strict-Transport-Security | max-age=63113904; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn2.hubspot.net
chase.com-onlinebanking.com
fonts.gstatic.com
googleads.g.doubleclick.net
helpimg.s3.amazonaws.com
i.ytimg.com
jnn-pa.googleapis.com
secured-login.net
static.doubleclick.net
url.avanan.click
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
2600:9000:2127:3000:1e:9997:2240:93a1
2606:4700::6810:6fd1
2a00:1450:4001:806::2004
2a00:1450:4001:809::2002
2a00:1450:4001:813::200e
2a00:1450:4001:828::2006
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a00:1450:4001:831::2016
3.231.232.165
52.216.61.49
16679cd8ae43b90a0be9f2e813144359eefa57e79713abfe1a8f70b5b642ea2b
16f13e16a7ef02fb6f94250aa1931ded83dbee5d9fad278e33dd5792d085194f
22a2eb955dc453c4f3d5a7df1481fbcd89a70151d618496c3480756e1d613387
271b8163a3ccda0ea83d4a13814a97d1fc2797c57fb363ca7d0e95e5e0df8a7c
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
52535a880872c1c5273500b7f045580dfffb0fe2a02852223e9e63db92d41cc3
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5d30bc059081f6e9647e60fc1a3650222405a7e0b910a44c0645053a4139fa9a
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6ab6e4eba28d29fd6895a376ba2678b11cdb127af54dd6ec03bad3cdbc854ad3
776d868e1a924338524d7edf48f7c4e7983068c360ee33cc97e574218141333b
80df024ef21842ec1064fd7bacc3b5c01cb2499f18ed1f8cc65def2771bdcb48
84a3d35500bed24eb5a54d480ceec5a1e3f096f2b62eb312b1931880f5d5a4ac
8797ed355bd910a9d420abea1c000cf6aed12c4d5d866c77f64824aa2a9f4d0f
8cac1d78c83979394a2d4ab506271d4378e834789014aca4652ffc00a58c5535
995d911b164843c6c2eb0a86d028f14e5d08971da5b51681b60f478bd781d8f7
a2fc54d4d5c84c4955ccba737396d18c6e3e2adc5c9f788b56f270fb82cbf8f0
a625134502f8fae2ae5f7d003418199f4dce50c1c63b89178f95455e87b9b1e5
adb0e74d3179802bb946d3487d460e61a98cdddfc16528a27fedb74e7f01de99
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
de243522428e66605f0a4ed987c61fd431cc98d27dfb2e39cd30365a54522298
e30eb44d1bd919de19f5884ded89d326c05c5537aed690c6aac1175dc4aa6179
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee94dda0af1fc5c5045741b39e54136015365eedca34095f1d3c666998bb442d
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660