biyuthj.pages.dev
Open in
urlscan Pro
2606:4700:310c::ac42:2c8d
Malicious Activity!
Public Scan
Submission: On April 08 via api from US — Scanned from US
Summary
TLS certificate: Issued by GTS CA 1P5 on April 8th 2024. Valid for: 3 months.
This is the only time biyuthj.pages.dev was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: State Bank of India (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
7 | 2606:4700:310... 2606:4700:310c::ac42:2c8d | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2607:f8b0:400... 2607:f8b0:4006:80b::200a | 15169 (GOOGLE) (GOOGLE) | |
5 | 172.66.44.141 172.66.44.141 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 2607:f8b0:400... 2607:f8b0:4006:81d::2003 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2607:f8b0:400... 2607:f8b0:4006:809::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2607:f8b0:400... 2607:f8b0:4006:808::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2607:f8b0:400... 2607:f8b0:4006:81e::2008 | 15169 (GOOGLE) (GOOGLE) | |
22 | 7 |
ASN15169 (GOOGLE, US)
firebaseinstallations.googleapis.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
pages.dev
biyuthj.pages.dev |
182 KB |
5 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 38 firebase.googleapis.com — Cisco Umbrella Rank: 3899 firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 551 |
3 KB |
4 |
gstatic.com
fonts.gstatic.com www.gstatic.com |
125 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43 |
47 KB |
22 | 4 |
Domain | Requested by | |
---|---|---|
12 | biyuthj.pages.dev |
biyuthj.pages.dev
|
3 | www.gstatic.com |
biyuthj.pages.dev
|
2 | firebaseinstallations.googleapis.com |
www.gstatic.com
|
2 | firebase.googleapis.com |
www.gstatic.com
|
1 | www.googletagmanager.com |
www.gstatic.com
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | fonts.googleapis.com |
biyuthj.pages.dev
|
22 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
retail.onlinesbi.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
biyuthj.pages.dev GTS CA 1P5 |
2024-04-08 - 2024-07-07 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-03-04 - 2024-05-27 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-03-04 - 2024-05-27 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-03-04 - 2024-05-27 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://biyuthj.pages.dev/
Frame ID: F839FE8CBF78A70F09182C95697121AF
Requests: 20 HTTP requests in this frame
Screenshot
Page Title
State Bank of India | PAN UpdateDetected technologies
Firebase (Databases) ExpandDetected patterns
- /firebasejs/([\d.]+)/firebase
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Lock Access
Search URL Search Domain Scan URL
Title: Forgot Password
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
biyuthj.pages.dev/ |
9 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Style_Main.css
biyuthj.pages.dev/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
28 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
biyuthj.pages.dev/ |
20 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Header.png
biyuthj.pages.dev/assets/ |
28 KB 29 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Menu.png
biyuthj.pages.dev/assets/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
YONO_Logo.png
biyuthj.pages.dev/assets/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Captcha.jpg
biyuthj.pages.dev/assets/ |
29 KB 30 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
SecurityA.jpg
biyuthj.pages.dev/assets/ |
71 KB 71 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Footer.png
biyuthj.pages.dev/assets/ |
28 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ipl.svg
biyuthj.pages.dev/ |
2 KB 2 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ |
47 KB 48 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
firebase-app.js
www.gstatic.com/firebasejs/10.1.0/ |
91 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
firebase-analytics.js
www.gstatic.com/firebasejs/10.1.0/ |
29 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
firebase-database.js
www.gstatic.com/firebasejs/10.1.0/ |
182 KB 48 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:729656307273:web:2cba8e7d01f37f65805998/ |
289 B 390 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:729656307273:web:2cba8e7d01f37f65805998/ |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon-32x32.png
biyuthj.pages.dev/ |
2 KB 1 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
installations
firebaseinstallations.googleapis.com/v1/projects/biyut-ae53b/ |
625 B 679 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
installations
firebaseinstallations.googleapis.com/v1/projects/biyut-ae53b/ |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon-16x16.png
biyuthj.pages.dev/ |
2 KB 1 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
122 KB 47 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: State Bank of India (Banking)9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 string| message function| clickIE4 function| clickNS4 boolean| submitted object| dataLayer function| gtag object| google_tag_manager object| google_tag_data0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
biyuthj.pages.dev
firebase.googleapis.com
firebaseinstallations.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
www.googletagmanager.com
www.gstatic.com
172.66.44.141
2606:4700:310c::ac42:2c8d
2607:f8b0:4006:808::200a
2607:f8b0:4006:809::200a
2607:f8b0:4006:80b::200a
2607:f8b0:4006:81d::2003
2607:f8b0:4006:81e::2008
127724b9264e03352b4321b468361f3b0ed3cfe06da96f7c189c4feaecb4f325
186c1ec9e6f536adcc1b38ed84ddb63885ee6d6bd4b398c409c7211dbe8aa52f
3bc20ed504dcbaf8b8d796927955de4ee4eae0b3aab6bb21ee99df2554239c7a
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3f0b2f1f6099025b698793b69a9b5bae2ff1486979517b537c5d7db0d0bf78ae
5e49b65f22625743e144ed2ec0177bc0c50d2f7b15ecb186022e2ddadb1812c9
83c892de120304d45f34d5338687edb7166c5721e6aeb852583e7bb8bbb40c88
8c58ba744e72432b14a82846756d3de5bedca9e88403eea10e1fa38fdc4d44fc
90787ca0e77942034765d1f69eff786ed8fbb616ed49ba6fbc8e9f56207c579e
9155b652e97af387d349e5b981284d5d01f763e7cdaa0ec9807046e61c8a445b
b1116ecf93db2a2661a469cb6d1b342ce5cba037e8b3e04e57b4cbe1ae9ba8eb
b2dabedca78701a111daf52b2195b5c8819479d1e6f20480c48d67381741802d
b77b97fe780d35d18248abd1d2f42f444afbabe43f6abcd8fa8ebb3d47825eee
c70622ae897db583c1854311b48a99ed7666f4506870bdf736bb053dd013d846
d9f9f281e6a6da60cb229c80cf118a1dce9d47149584a21d097f542a9c8a3a96
e03695f0c4feb6968874ac19982ed2fede3a7e07b1cdc6488c7c8fd018602ddf
e094ef163412b7146090bae1f0e184e8c240978091cb3ba7a933ac0c22885506
e67b045d4b762e7e2ba2db72a11db7c955db1be93692c06f1e317798d3f52529