sskc5h.csb.app
Open in
urlscan Pro
2606:4700::6812:703
Malicious Activity!
Public Scan
Effective URL: https://sskc5h.csb.app/genshin-impact/primogems-generator
Submission Tags: https://phish.report @phish_report Search All
Submission: On June 19 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 30th 2023. Valid for: a year.
This is the only time sskc5h.csb.app was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Scam (Online)Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: ec2-54-67-42-145.us-west-1.compute.amazonaws.com
hoyolab.live |
ASN16509 (AMAZON-02, US)
d13pxqgp3ixdbh.cloudfront.net |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o425163.ingest.sentry.io |
ASN16509 (AMAZON-02, US)
d2punpeg7vtjci.cloudfront.net |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
cloudfront.net
d13pxqgp3ixdbh.cloudfront.net d2punpeg7vtjci.cloudfront.net |
1 MB |
4 |
codesandbox.io
codesandbox.io — Cisco Umbrella Rank: 95990 |
49 KB |
3 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 80 ajax.googleapis.com — Cisco Umbrella Rank: 422 |
31 KB |
3 |
csb.app
sskc5h.csb.app |
30 KB |
2 |
gstatic.com
fonts.gstatic.com |
31 KB |
2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 60 |
21 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 82 |
80 KB |
1 |
sentry.io
o425163.ingest.sentry.io — Cisco Umbrella Rank: 802094 |
574 B |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 379 |
8 KB |
1 |
sentry-cdn.com
browser.sentry-cdn.com — Cisco Umbrella Rank: 4781 |
21 KB |
1 |
page.link
1 redirects
giftaways.page.link |
1 KB |
1 |
hoyolab.live
1 redirects
hoyolab.live |
282 B |
29 | 12 |
Domain | Requested by | |
---|---|---|
6 | d13pxqgp3ixdbh.cloudfront.net |
sskc5h.csb.app
|
5 | d2punpeg7vtjci.cloudfront.net |
cdn.jsdelivr.net
|
4 | codesandbox.io |
sskc5h.csb.app
codesandbox.io |
3 | sskc5h.csb.app |
sskc5h.csb.app
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | www.google-analytics.com |
sskc5h.csb.app
browser.sentry-cdn.com |
2 | fonts.googleapis.com |
sskc5h.csb.app
|
1 | www.googletagmanager.com |
www.google-analytics.com
|
1 | o425163.ingest.sentry.io |
browser.sentry-cdn.com
|
1 | cdn.jsdelivr.net |
sskc5h.csb.app
|
1 | ajax.googleapis.com |
sskc5h.csb.app
|
1 | browser.sentry-cdn.com |
sskc5h.csb.app
|
1 | giftaways.page.link | 1 redirects |
1 | hoyolab.live | 1 redirects |
29 | 14 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
csb.app Cloudflare Inc ECC CA-3 |
2023-01-30 - 2024-01-29 |
a year | crt.sh |
codesandbox.io E1 |
2023-06-04 - 2023-09-02 |
3 months | crt.sh |
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2022 Q3 |
2022-09-28 - 2023-10-30 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-05-22 - 2023-08-14 |
3 months | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2022-12-08 - 2023-12-07 |
a year | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4 |
2022-12-23 - 2024-01-24 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-05-22 - 2023-08-14 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-05-22 - 2023-08-14 |
3 months | crt.sh |
ingest.sentry.io DigiCert TLS RSA SHA256 2020 CA1 |
2022-07-28 - 2023-08-28 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://sskc5h.csb.app/genshin-impact/primogems-generator
Frame ID: 7A0FB5193DE98C7E6A55942EC5B305A2
Requests: 29 HTTP requests in this frame
Screenshot
Page Title
Genshin Impact Generator (RZUSA Friendly) New 2021Genesis Crystals GENERATORPage URL History Show full URLs
-
http://hoyolab.live/
HTTP 301
https://giftaways.page.link/hoyolab HTTP 302
https://sskc5h.csb.app/genshin-impact/primogems-generator Page URL
Detected technologies
Sentry (Issue Trackers) ExpandDetected patterns
- <script[^>]*src="[^"]*browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
- browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://hoyolab.live/
HTTP 301
https://giftaways.page.link/hoyolab HTTP 302
https://sskc5h.csb.app/genshin-impact/primogems-generator Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
primogems-generator
sskc5h.csb.app/genshin-impact/ Redirect Chain
|
38 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sse-hooks.f742b80f43c5a2e0e619b0d97b5886cd.js
codesandbox.io/public/sse-hooks/ |
172 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
banner.0b5d84a2b.js
codesandbox.io/static/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle.min.js
browser.sentry-cdn.com/6.4.1/ |
66 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
sskc5h.csb.app/genshin-impact/ |
38 KB 10 KB |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
1 KB 855 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
1 KB 545 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
16071728122739a71cd2b48ead766858138d91fd52.png
d13pxqgp3ixdbh.cloudfront.net/uploads/ |
129 KB 129 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
16071728159f5f079ef007ed20f930e1df3fb20649.png
d13pxqgp3ixdbh.cloudfront.net/uploads/ |
297 KB 298 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1607172814dc25f8955d8ea02047c2119313d04feb.png
d13pxqgp3ixdbh.cloudfront.net/uploads/ |
235 KB 236 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
watermark-button.f4f9aed52.js
codesandbox.io/static/js/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.js
sskc5h.csb.app/genshin-impact/ |
38 KB 10 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ |
84 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
06cdc47.js
cdn.jsdelivr.net/gh/s3rper/js/ |
23 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
phishing
codesandbox.io/api/v1/sandboxes/sskc5h/ |
33 B 430 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
51 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
16071728132be2f422f9a1ea1dd1b4b427d3d60644.jpg
d13pxqgp3ixdbh.cloudfront.net/uploads/ |
614 KB 615 KB |
Image
image/jpg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pe0uMIWbN4JFplR2HDVyBw.woff2
fonts.gstatic.com/s/goldman/v16/ |
17 KB 17 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
16065477944c50af0438af3e56a012ee489fbfa465.png
d13pxqgp3ixdbh.cloudfront.net/uploads/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-wg.woff2
fonts.gstatic.com/s/quicksand/v30/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
o425163.ingest.sentry.io/api/5780930/store/ |
198 B 574 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
html.3866254.174e8.0.js
d2punpeg7vtjci.cloudfront.net/public/external/v2/ |
17 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css_front.css
d2punpeg7vtjci.cloudfront.net/public/external/ |
6 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
15 B 220 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
227 KB 80 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css.css
d2punpeg7vtjci.cloudfront.net/public/clockers/PrimeApps/ |
1010 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
guid
d2punpeg7vtjci.cloudfront.net/public/ |
0 278 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
check.php
d2punpeg7vtjci.cloudfront.net/public/external/ |
78 B 373 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
160654779319118d636b2ea3b4779800f01d8c318a.png
d13pxqgp3ixdbh.cloudfront.net/uploads/ |
1000 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Scam (Online)39 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 boolean| credentialless object| onbeforetoggle object| onscrollend object| Sentry object| __SENTRY__ string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins function| $ function| jQuery object| CPABUILDSETTINGS object| CPABUILDContentLocker number| __cfRLUnblockHandlers function| CPBContentLocker function| CPABuildLock function| CPABuildGetFeedURL function| CPABuildGetIframeURL function| CPABuildGetIframeHTML function| CPABuildUnlock function| CPABuildOfferComplete function| CPABuildOffersComplete function| CPABuildCheckForLead function| og_load function| CPABuildComplete function| call_locker function| SelectedCard function| generate number| valactivity number| prostep number| prostepDelay function| RecentActivity function| RecentActivity1 object| gaGlobal object| gaData object| dataLayer object| google_tag_manager5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.codesandbox.io/ | Name: _cfuvid Value: MfLCtZaGSSwQ2bpsLjISL3tvuEspChfeLMfRgwRy8rU-1687160309189-0-604800000 |
|
sskc5h.csb.app/ | Name: _cpguid Value: owh8uq7vi |
|
.csb.app/ | Name: _ga Value: GA1.2.633674197.1687160310 |
|
.csb.app/ | Name: _gid Value: GA1.2.317151689.1687160310 |
|
.csb.app/ | Name: _gat_customTemplateGlobal Value: 1 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
browser.sentry-cdn.com
cdn.jsdelivr.net
codesandbox.io
d13pxqgp3ixdbh.cloudfront.net
d2punpeg7vtjci.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
giftaways.page.link
hoyolab.live
o425163.ingest.sentry.io
sskc5h.csb.app
www.google-analytics.com
www.googletagmanager.com
2600:9000:223e:2a00:1c:b3e3:eb40:21
2600:9000:2491:4000:1c:8de0:8c80:21
2606:4700::6812:672
2606:4700::6812:703
2a00:1450:4001:801::200a
2a00:1450:4001:806::200e
2a00:1450:4001:810::200a
2a00:1450:4001:813::2003
2a00:1450:4001:828::2008
2a00:1450:4001:82b::2001
2a04:4e42:400::729
2a04:4e42:600::485
34.120.195.249
54.67.42.145
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
101e2680243e49f80d9ba85e92b0690bbd2683b01ce5ba47c53d6731bb9a6da8
22ece4ddd583540c08ccadf82d18658e2ed0eba5dd7fdca806aa259667edba56
29f73c36f7f0a1483ef56a893e62a51d5f0cc86446139d23fa4af064d61b7bdf
2d91020394c232a07e303c0caff12346b174a759ed94de8bb0eac6c8b60e2660
2dfd50d663d9053459348c51f92aeb5e35da564a35be518705f81445b93816e1
40588475840502d6102e3bab91fa085fbb37bf1e6fc775e9f04d1daa31271e3a
436ea19cd23643ba3787a1b06a2b12090a711222ff6b6f2d22e6d6aa143dd37a
5d32a15d4694a9a6cd245c8ce10acbb9ef6fe293331ca508a5ecc6ab78acc158
6263799b57cd831348db92141dc8914146cb81c490d6cfcfe0a0174d682219a4
683fbdef88b2ebf85e44c498687952697f4093fb1ff40f884eb6a2f3c74d0bb7
74fb28872a9aa416cd51eca54f00e538c643d4a45e6a2ea7e26faa420f976f97
7c94aceb05676d65cab4bc7969f5de6b4bb3711928d15e2655fef1796ff441ce
97641aaeefb8510a6caad9ba4ba96c12e16420014cd9d322d82e5ca7dc16b3ce
9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b
a4f27f3bef4d3e638b4429bc5362376835da7ae55bc370765203e8a6d9c9453c
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec
bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263
bc0ef4f46a84870bd1e9887e1ee26dc0cd38314c1e05c68efb36555c9c519671
c14e3e468b2556b4188299956d6aa2214acdb74dc7cdc275aeaa9e7ead5932e8
d0c3f1056ffa9d2f8e40aa716933ca67b98981e2bb6686146af8872147ac3a61
de28a600836c9f65067ea53a03d09829427a5400ccb6b2b44df978d5da35e003
e36165510050fc4ef1d87cc430dd4d1d0f6a705c5f4aa7b3a97493921884bb05
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
f74bf2cf5a8225beb66712ff4e859c5d4ba9c24123e6de2f427b4b9fde408928