supportchazity.web.app
Open in
urlscan Pro
2620:0:890::100
Malicious Activity!
Public Scan
Effective URL: https://supportchazity.web.app/?help-case=07e76124-54fd-4c1c-9374-b9cb7dec38ce
Submission: On June 15 via api from US — Scanned from DE
Summary
TLS certificate: Issued by WR4 on May 21st 2024. Valid for: 3 months.
This is the only time supportchazity.web.app was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 198.187.29.207 198.187.29.207 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
1 2 | 2620:0:890::100 2620:0:890::100 | 54113 (FASTLY) (FASTLY) | |
1 | 2a00:1450:400... 2a00:1450:4001:831::200a | 15169 (GOOGLE) (GOOGLE) | |
7 | 199.36.158.100 199.36.158.100 | 54113 (FASTLY) (FASTLY) | |
2 | 188.114.96.3 188.114.96.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 172.67.74.152 172.67.74.152 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 188.114.97.3 188.114.97.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
14 | 7 |
ASN22612 (NAMECHEAP-NET, US)
PTR: server245-1.web-hosting.com
pagesbusine-community-standard.work |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
web.app
1 redirects
supportchazity.web.app |
2 MB |
2 |
endpointsynergy.com
ws-sv1.endpointsynergy.com |
571 B |
1 |
freeipapi.com
freeipapi.com — Cisco Umbrella Rank: 112948 |
744 B |
1 |
ipify.org
api.ipify.org — Cisco Umbrella Rank: 2557 |
154 B |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 77 |
1 KB |
1 |
pagesbusine-community-standard.work
pagesbusine-community-standard.work |
390 B |
14 | 6 |
Domain | Requested by | |
---|---|---|
9 | supportchazity.web.app |
1 redirects
pagesbusine-community-standard.work
supportchazity.web.app |
2 | ws-sv1.endpointsynergy.com |
supportchazity.web.app
|
1 | freeipapi.com |
supportchazity.web.app
|
1 | api.ipify.org |
supportchazity.web.app
|
1 | fonts.googleapis.com |
supportchazity.web.app
|
1 | pagesbusine-community-standard.work | |
14 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
pagesbusine-community-standard.work Sectigo RSA Domain Validation Secure Server CA |
2024-06-14 - 2025-06-14 |
a year | crt.sh |
web.app WR4 |
2024-05-21 - 2024-08-19 |
3 months | crt.sh |
upload.video.google.com WR2 |
2024-05-27 - 2024-08-19 |
3 months | crt.sh |
endpointsynergy.com GTS CA 1P5 |
2024-05-31 - 2024-08-29 |
3 months | crt.sh |
ipify.org GTS CA 1P5 |
2024-05-19 - 2024-08-17 |
3 months | crt.sh |
freeipapi.com Cloudflare Inc ECC CA-3 |
2024-01-21 - 2024-12-31 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://supportchazity.web.app/?help-case=07e76124-54fd-4c1c-9374-b9cb7dec38ce
Frame ID: C36C208D50B94595AF0318247EDFCABE
Requests: 13 HTTP requests in this frame
Screenshot
Page Title
Select issuePage URL History Show full URLs
- https://pagesbusine-community-standard.work/ Page URL
-
https://supportchazity.web.app//?help-case=07e76124-54fd-4c1c-9374-b9cb7dec38ce
HTTP 301
https://supportchazity.web.app/?help-case=07e76124-54fd-4c1c-9374-b9cb7dec38ce Page URL
Detected technologies
Google Font API (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://pagesbusine-community-standard.work/ Page URL
-
https://supportchazity.web.app//?help-case=07e76124-54fd-4c1c-9374-b9cb7dec38ce
HTTP 301
https://supportchazity.web.app/?help-case=07e76124-54fd-4c1c-9374-b9cb7dec38ce Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
pagesbusine-community-standard.work/ |
424 B 390 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
supportchazity.web.app/ Redirect Chain
|
2 KB 633 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
14 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.0f34b73c.js
supportchazity.web.app/static/js/ |
1 MB 266 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.eef59862.css
supportchazity.web.app/static/css/ |
88 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
loading.30c0aa7c3e2579d868a6.gif
supportchazity.web.app/static/media/ |
136 KB 121 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H3 |
settings
ws-sv1.endpointsynergy.com/ |
0 0 |
Preflight
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
api.ipify.org/ |
21 B 154 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
settings
ws-sv1.endpointsynergy.com/ |
249 B 571 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
supportchazity.web.app/ |
5 KB 2 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
80.255.7.119
freeipapi.com/api/json/ |
395 B 744 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
loadingLogo.085728eb.4eff47490162868e9ff2.gif
supportchazity.web.app/static/media/ |
1 MB 1 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
roboto-latin-400-normal.b009a76ad6afe4ebd301.woff2
supportchazity.web.app/static/media/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
supportchazity.web.app/ |
5 KB 0 |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage object| webpackChunksupport0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.ipify.org
fonts.googleapis.com
freeipapi.com
pagesbusine-community-standard.work
supportchazity.web.app
ws-sv1.endpointsynergy.com
172.67.74.152
188.114.96.3
188.114.97.3
198.187.29.207
199.36.158.100
2620:0:890::100
2a00:1450:4001:831::200a
06aaa62e1f9e61c7f18891b10f965e5af18ea57ae14e0f52d0ec488db6f641db
36d184b4a091e2b659362db806a37d7e09a4065d90b80e1376503e74bd476f59
389e7624671f84c5c6e14dd159a34d61c9126ba6c4eb8069b85faf9b00c334ae
3f6e8efb65dff0486271d787d60be7d84387c203bebd36159794e6e2c28c31f3
a0b836c0ba080a17b16b3e6030061d4149010f7ac24c4fdb0649ba52f4c91ae5
a42055575d4e18cd9d3f0b3590217a4924c857a7fbb82e5edf137b4d9764d724
b96d739c3a8ac4ef0b34212c8a2b7f23dcb7b039e0dd14ef170d8e9232972bf7
c296b7a52bb832ae0bdb761d86989ce156c5cff905215c534c34d76f0474ca2c
d7d6c6bcb21d97d57a29042a24dca5818618ecf45adc7a5bee17fb9f6ab492be
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fedd1fb82b84388842da3755d3b8da143446afe92bc4a2f9cfe5ce962cc71e88