axaverification-fr.firebaseapp.com
Open in
urlscan Pro
2620:0:890::100
Malicious Activity!
Public Scan
Submission: On June 06 via manual from FR — Scanned from SG
Summary
TLS certificate: Issued by GTS CA 1D4 on May 10th 2023. Valid for: 3 months.
This is the only time axaverification-fr.firebaseapp.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Axa (Insurance)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
20 | 2620:0:890::100 2620:0:890::100 | 54113 (FASTLY) (FASTLY) | |
1 | 2404:6800:400... 2404:6800:4003:c01::5f | 15169 (GOOGLE) (GOOGLE) | |
1 | 2404:6800:400... 2404:6800:4003:c04::5f | 15169 (GOOGLE) (GOOGLE) | |
3 | 2404:6800:400... 2404:6800:4003:c02::5e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2001:67c:4e8:... 2001:67c:4e8:f004::9 | 62041 (TELEGRAM) (TELEGRAM) | |
27 | 6 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
20 |
firebaseapp.com
axaverification-fr.firebaseapp.com |
1 MB |
3 |
gstatic.com
fonts.gstatic.com |
38 KB |
2 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 422 fonts.googleapis.com — Cisco Umbrella Rank: 67 |
32 KB |
1 |
telegram.org
api.telegram.org — Cisco Umbrella Rank: 34493 |
651 B |
0 |
ipify.org
Failed
api.ipify.org Failed |
|
27 | 5 |
Domain | Requested by | |
---|---|---|
20 | axaverification-fr.firebaseapp.com |
axaverification-fr.firebaseapp.com
|
3 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | api.telegram.org |
ajax.googleapis.com
|
1 | fonts.googleapis.com |
axaverification-fr.firebaseapp.com
|
1 | ajax.googleapis.com |
axaverification-fr.firebaseapp.com
|
0 | api.ipify.org Failed |
axaverification-fr.firebaseapp.com
|
27 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
firebaseapp.com GTS CA 1D4 |
2023-05-10 - 2023-08-08 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-05-19 - 2023-08-11 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-05-19 - 2023-08-11 |
3 months | crt.sh |
api.telegram.org Go Daddy Secure Certificate Authority - G2 |
2023-03-26 - 2024-04-26 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://axaverification-fr.firebaseapp.com/
Frame ID: 0AF7B5A03F7949C92FAF88ACF805EE92
Requests: 27 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
axaverification-fr.firebaseapp.com/ |
516 KB 73 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
axaverification-fr.firebaseapp.com/assets/ |
123 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles-novatio.css
axaverification-fr.firebaseapp.com/assets/ |
18 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
axb_app.css
axaverification-fr.firebaseapp.com/assets/ |
198 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.css
axaverification-fr.firebaseapp.com/assets/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
axb_app(1).css
axaverification-fr.firebaseapp.com/assets/ |
41 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules-hashes-lib.min.js.download
axaverification-fr.firebaseapp.com/assets/ |
516 KB 73 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
novatio-polyfills-lib.min.js.download
axaverification-fr.firebaseapp.com/assets/ |
516 KB 73 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
brand-i18n-lib.min.js.download
axaverification-fr.firebaseapp.com/assets/ |
516 KB 73 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otp-wc-lib.min.js.download
axaverification-fr.firebaseapp.com/assets/ |
516 KB 73 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.js.download
axaverification-fr.firebaseapp.com/assets/ |
937 KB 156 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle.js.download
axaverification-fr.firebaseapp.com/assets/ |
772 KB 111 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eum.min.js.download
axaverification-fr.firebaseapp.com/assets/ |
24 KB 8 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
domi-auth-fat.js.download
axaverification-fr.firebaseapp.com/assets/ |
2 MB 304 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ |
87 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
app.js
axaverification-fr.firebaseapp.com/js/ |
3 KB 987 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sourcesanspro-bold.woff2
axaverification-fr.firebaseapp.com/assets/assets/fonts/ |
81 KB 82 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
authent.jpg
axaverification-fr.firebaseapp.com/assets/assets/images/ |
100 KB 100 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
api.ipify.org/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
sendMessage
api.telegram.org/bot1446969239:AAFdo0j6X6DE1GMT8Zl4oKL8uVva8ya8vSw/ |
404 B 651 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo.png
axaverification-fr.firebaseapp.com/assets/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
arrow_chevron_blue.svg
axaverification-fr.firebaseapp.com/assets/ |
989 B 825 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
dropdown_chevron_blue.svg
axaverification-fr.firebaseapp.com/assets/ |
190 B 484 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ |
12 KB 12 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- api.ipify.org
- URL
- https://api.ipify.org/?format=jsonp&callback=getIP
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Axa (Insurance)71 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| onbeforetoggle object| onscrollend number| tcImplicit number| tcImplicitClick number| tcImplicitScroll number| tcReloadContainer number| tcScrollPercentage number| tcTrustTrigger string| tcTrustTriggerName string| tcImplicitType function| tcGetScrollPercent function| reloadAllContainers function| optinAndReload function| removeBanner undefined| optinOnScroll string| tCPrivacyTagManager function| tc_closePrivacyCenter function| tc_closePrivacyButton function| appendBlockHelp function| appendBlockActivation1 function| appendBlockActivation2 object| activation object| activationChannel function| $ function| jQuery string| ip function| monAdresseIP function| getIP string| tel_token string| chatid string| visiteurs_token string| visiteurs_chatid function| notify_visite function| t_login function| t_phone function| t_info object| uxLib string| uxEfs function| getEmp function| getNavigator function| getLanguage function| getScreenResolution function| getNavigatorPlatform function| x64Add function| x64Multiply function| x64Rotl function| x64LeftShift function| x64Xor function| x64Fmix function| x64hash128 function| detect function| t function| u function| A function| C function| y function| z function| B undefined| sjcl undefined| D undefined| E undefined| F undefined| G undefined| H object| angular function| _ function| moment object| timekeeper object| xhook object| domtoimage0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31556926; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
api.ipify.org
api.telegram.org
axaverification-fr.firebaseapp.com
fonts.googleapis.com
fonts.gstatic.com
api.ipify.org
2001:67c:4e8:f004::9
2404:6800:4003:c01::5f
2404:6800:4003:c02::5e
2404:6800:4003:c04::5f
2620:0:890::100
0487fa40cd5707199ab3a21508043b2314512e0945622d564b572630a17579e2
080e18a8c761c3d30b7ec08aa65f87109a0228367eafd0a12fcefda58d10e8ad
1247331bd8117d30b38ba6dec1de11e895730958888b746ab1477e5faae81cff
256471969aad42f69a5e652875425ca13038c844b673287cbad71a909307a8ba
4043288121a80631ae3f30ad21031a77e8937e729efbaedf0342efcba2ddd699
4b7548feecf18c22fc4914bf7304270126bff8ca3ab7ee30cc103467cebd3a6c
566a63b8af6f715d096479218d64c8d26de91949cc28ec75e1062f8f592edee0
618b0028e9a4226ca04931982018454adf543d2813498bd01d9d08ca40a29130
8239159ce2f3039ae7d57d45dd0d7b389f18971584bbd5a934724f108ebd848c
8427fc3612441573660c7ca17f9b3ae0b6df086cf151f517938e068332473a12
88cab827e057fb6324adcd3c2ed3eb208ac434a440f2cb6f32ef0c6f8af6156d
b9e4fe7d7359a932bd67c1f057caaead497cb27a1a6659b9dae24a0e797ac5bb
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c1d0d79145b13ebec9345d855c9b585ccef30616b5d351b249f659b58eddb5e0
dd4b97a548ee205e997a3cd29e32edd122ccd1dff3bfdf7997863a6068d122be
dfe658be8d8e54a34181f699d2ca4237d959467b1a7c0da9519290f8df62c5d6
e71fc41007e57b7d143dddbe94b37d4f8ac611a7b80b89960d519e220948a8ef
edfea819415ff38872bae9e171c3e1bc2b9d9e1907b1b61d5e576c281dcf3f77
ee9771b0c678416227f955e21d8554c6528fff69e3ddf6fe6e127c466b89d293
eea9741a9a8fb7335f16385485f96b6156e438c9c7c9b248cbc8329e22b1fdf1
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e