teams--contract04003.web.app
Open in
urlscan Pro
2620:0:890::100
Public Scan
Submission: On March 08 via automatic, source phishtank — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1D4 on March 6th 2023. Valid for: 3 months.
This is the only time teams--contract04003.web.app was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 2620:0:890::100 2620:0:890::100 | 54113 (FASTLY) (FASTLY) | |
3 | 185.65.236.168 185.65.236.168 | 33968 (INTERNETE...) (INTERNETENGINEERINGAS) | |
4 | 2 |
ASN33968 (INTERNETENGINEERINGAS, GB)
PTR: merlin.xssl.net
pension.ninja |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
pension.ninja
pension.ninja |
30 KB |
1 |
web.app
teams--contract04003.web.app |
131 KB |
4 | 2 |
Domain | Requested by | |
---|---|---|
3 | pension.ninja |
teams--contract04003.web.app
|
1 | teams--contract04003.web.app | |
4 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
web.app GTS CA 1D4 |
2023-03-06 - 2023-06-04 |
3 months | crt.sh |
pension.ninja cPanel, Inc. Certification Authority |
2022-12-30 - 2023-03-30 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://teams--contract04003.web.app/
Frame ID: C5803E8DDB6244F65090462ED692A085
Requests: 4 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
4 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
teams--contract04003.web.app/ |
198 KB 131 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aduser.css
pension.ninja/sd/media//css/ |
15 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
helpers.js
pension.ninja/sd/media//js/ |
13 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.js
pension.ninja/sd/media//js/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
43 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless string| LIB_phrase string| LIB_view number| ____retry string| ____media string| ____b string| ____rdr object| d object| s function| validateEmail function| getUrlParameter function| getHashParameters function| capitalizeFirstLetter function| getEmailDomain function| getEmailDomainName function| getParameters function| initApp function| getExtraData function| submit function| loginUserSetup function| trueLoginUserSetup function| sendPost function| sendGet function| bindXhr function| nodeScriptReplace function| nodeScriptIs function| nodeScriptClone object| LIB_userInput object| LIB_pwdInput object| LIB_submitButton object| LIB_spinner number| LIB_trialLimit object| LIB_beforeSend object| LIB_onAppSuccess object| LIB_onComplete object| LIB_onLoginFail object| LIB_onServerError undefined| LIB_form object| LIB_submitInputs object| LIB_setup object| LIB_extraData function| LIB_validate function| bindElements0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31556926; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
pension.ninja
teams--contract04003.web.app
185.65.236.168
2620:0:890::100
4a9cbfc1ba4084b8c0b06f5fafdd304919437cbb749ed59ee0c2b031a9f60e81
6f603fe4c1d0a9f537a2e27d7cbcafc58d30a74511611ac3181c5c99d3dcb26a
d40692153eb0853f50efbce87bf2a3b1f5258068a4a770f259b257b71845e3b2
f5b36b52035797a1d9d6821574846302590cb71bc66b2049a174593b5ce056e8