06web.web.app
Open in
urlscan Pro
151.101.1.195
Malicious Activity!
Public Scan
Submission: On October 25 via automatic, source openphish
Summary
TLS certificate: Issued by GTS CA 1O1 on April 15th 2020. Valid for: a year.
This is the only time 06web.web.app was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Chase (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 151.101.1.195 151.101.1.195 | 54113 (FASTLY) (FASTLY) | |
22 | 104.75.89.229 104.75.89.229 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 204.48.24.157 204.48.24.157 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
25 | 4 |
ASN20940 (AKAMAI-ASN1, EU)
PTR: a104-75-89-229.deploy.static.akamaitechnologies.com
static.chasecdn.com |
ASN14061 (DIGITALOCEAN-ASN, US)
PTR: routes58.sytes.net
route83.viewdns.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
chasecdn.com
static.chasecdn.com |
1 MB |
2 |
web.app
06web.web.app |
230 KB |
1 |
viewdns.net
route83.viewdns.net |
11 KB |
25 | 3 |
Domain | Requested by | |
---|---|---|
22 | static.chasecdn.com |
06web.web.app
static.chasecdn.com |
2 | 06web.web.app |
06web.web.app
|
1 | route83.viewdns.net |
06web.web.app
|
25 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
web.app GTS CA 1O1 |
2020-04-15 - 2021-04-14 |
a year | crt.sh |
static.chasecdn.com Entrust Certification Authority - L1M |
2020-01-27 - 2021-01-27 |
a year | crt.sh |
route83.viewdns.net cPanel, Inc. Certification Authority |
2020-10-22 - 2021-01-20 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://06web.web.app/error2.html
Frame ID: 6D589FCA20136D4346861DA831D7B0F3
Requests: 29 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
25 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
error2.html
06web.web.app/ |
315 KB 120 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ruxitagentjs_ICA2SVfjqru_10173190807103944.js
06web.web.app/events/ |
299 KB 110 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
appConfig.js
static.chasecdn.com/web/2020.03.15-1898/logon/js/ |
24 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logon.css
static.chasecdn.com/web/2020.03.15-1898/logon/assets/ |
93 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-ver.js
static.chasecdn.com/web/library/blue-boot/dist/2.33.0/blue-boot/js/ |
107 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
blue-ui.css
static.chasecdn.com/web/2020.03.15-1898/@ccb-cxo/cxo-ui-common-utilities/dist/common/assets/ |
483 KB 46 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main_029bbaf67ce7b14c8f39351bd1c2b4c9.js
static.chasecdn.com/web/hash/@ccb-cxo/cxo-ui-common-utilities/dist/common/js/kit/ |
376 KB 81 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main_7ee0b628e14b3897fc6909092b44c79b.js
static.chasecdn.com/web/hash/appkit/js/ |
225 KB 52 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
static.chasecdn.com/web/library/blue-vendor/dist/2.15.5/blue-vendor/js/ |
413 KB 106 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
static.chasecdn.com/web/library/blue-core/dist/2.24.2/blue/js/ |
131 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boot.js
static.chasecdn.com/web/2020.03.15-1898/logon/js/ |
1 MB 185 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
locationAPI.js
static.chasecdn.com/web/library/blue-app/dist/2.23.1/blue-app/js/with/ |
1 KB 832 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
settings.js
static.chasecdn.com/web/library/blue-app/dist/2.23.1/blue-app/js/ |
189 B 541 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ZIP_CODE_REGEX.js
static.chasecdn.com/web/library/blue-app/dist/2.23.1/blue-app/js/validate/var/ |
181 B 554 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
static.chasecdn.com/web/library/blue-app/dist/2.23.1/blue-app/js/ |
91 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
static.chasecdn.com/web/library/blue-view/dist/2.18.8/blue-view/js/ |
28 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
view.js
static.chasecdn.com/web/library/blue-view-ractive/dist/1.7.0/blue-view-ractive/js/ |
263 KB 66 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
contentEvent.js
static.chasecdn.com/web/2020.03.15-1898/dashboard/js/lib/common/ |
236 B 555 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
email.png
route83.viewdns.net/unusual/ |
10 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
5 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wordmark-white.svg
static.chasecdn.com/web/2020.03.15-1898/@ccb-cxo/cxo-ui-common-utilities/dist/common/assets/img/logos/ |
1 KB 1005 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
background.desktop.day.8.jpeg
static.chasecdn.com/content/geo-images/images/ |
299 KB 300 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
opensans-regular.woff
static.chasecdn.com/content/dam/cpo-static/fonts/ |
24 KB 24 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
opensans-light.woff
static.chasecdn.com/content/dam/cpo-static/fonts/ |
24 KB 24 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dcefont.woff
static.chasecdn.com/web/2020.03.15-1898/@ccb-cxo/cxo-ui-common-utilities/dist/common/less/assets/fonts/ |
69 KB 39 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
opensans-semibold.woff
static.chasecdn.com/content/dam/cpo-static/fonts/ |
25 KB 25 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Chase (Banking)33 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| clientEnvProps string| clientDefaultLogLevel string| clientConsoleLogLevel string| clientAnalyticsLogLevel boolean| clientDefaultLogEnabled boolean| clientConsoleLogEnabled boolean| clientAnalyticsLogEnabled string| appLanguage object| logonFieldFill function| EventLogger object| p object| loader string| LANGUAGE_CODE_ENGLISH function| initAppConfig function| loaderCallback function| processClientEnvProps string| domainUrl string| authUrl object| appRoutes undefined| envConfig undefined| appConfig string| blueDomain function| requirejs function| require function| define object| Blue function| c function| Hammer object| xssFilters0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31556926; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
06web.web.app
route83.viewdns.net
static.chasecdn.com
104.75.89.229
151.101.1.195
204.48.24.157
01978e63789284edde4bb064e7d3215fad57fb5b7ea373b031b5b97021868085
1fd0f850df2c0a175f5f28d30658cbfd605ce2b08a41960808142d82ddc1afd3
2af00f33e003b87de572a559a8664c3854a53d250f1f0d771f1ecd2f7926988f
352e60103ab918a64eb79304fe230684c932a4adb5808c832d5f7d4a0017ce36
48ecc35b0e3894c3c798c4abede0e96f5727fa315bf05f3b8993eb1533d4b90f
5d64c6eb67a52f3d9a3038ae9daa1eb766ffca5d10582ae186884dae87aeb5ed
605e17d7562a4b824fbf0e982257d0664125f898479607c69b472b29dfec347e
60dad1b23e36afd173781bd2bdd546c34bdec520f85e38a176d2ecd39efba11b
6ea71f4189e78297e3d1834c586a10dd39826ed8361cb1268b847cef45e03cb1
7ddd17d6c761fb4dcc5acbfbb5c8e53109da69831743e1966bd7ec9131f6c5a7
87e1a63a0636f991c86ee77e301722d2e3ebd41ed889e378d401e579dbeb3142
8ab0fbd7b074171a155bbdc39541629995da778af817d3341e23fbf5c864f9c9
8eaab74f4e19f67dc985cc34437e3d2996c15f8b1af93773d32ce02b8fce7298
a37ad6bbb24e0ec8f683a2b4aeb89532bc503c9472f7b260a41a3b339e908de4
aa18f3c9da96ad3f4be6f380213f362582b6c208edcc8decec861178759a459b
ada79a445162730d4e05d75f665d74d673fa8aab4dcfed8f85c7ca75413158d3
b5d9825e05f0c7513d956aca4ac0efc78a9da66499ff9525beee97a231f12103
b8422277fc69c8e6ab51112dbf25048e40425cc497490fee251b56d7ef0ca179
bff78885770550d89bb43d4b0d78004b9cf455de7ca1d8b774d191efe6155e7f
c1deb74f1468d07877ea4a9408d9467e52fbe6adebf96a146ee30301b5194507
ceacb276dace27bc8b43c1c7add0735c34136dda6c17e17807d1c2f200fc7fbf
d2113460c69de50edc6206a20deec3c2bc2733929f53817f1faca74ab34c33e3
d3bf9c143e5e360da41736b1d4e833b5ac6b6f7093ddc91ffc538233a78488d0
d9ff7715ce7bc5f9852d2a14c57d57c82d1524ff0cf2262ebadaf4cd9fc2a360
dd290432dffe721261b2fb9c75bbb7b54ac213fed262b508bb04892d7b46070c
e7794cae89fb3f57ed027c66138fa75a2211bef6e596ee8ecb75f0df63ed3a8a
eb77075f884eb9065ffcaaa0ca9c55d2b5c4ca5ca995fd47a8fb8850456d73f2
f2ec4737ad1a7e794bba8b61cb3307ec8eb14fdb92697ed2a1e07c5a85b31e36
f611628387f5337e057bee8f5c387eb5cb4a856a663a37443d2f48f031b2b5d3