us.battle.net.login.en.cr.true.ref.account.battllee.xml.us.battle.net.battlleel.co.cc
Open in
urlscan Pro
175.126.123.219
Public Scan
Effective URL: https://us.battle.net.login.en.cr.true.ref.account.battllee.xml.us.battle.net.battlleel.co.cc/login.asp
Submission Tags: phishing malicious Search All
Submission: On November 21 via api from US
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 11th 2019. Valid for: a year.
This is the only time us.battle.net.login.en.cr.true.ref.account.battllee.xml.us.battle.net.battlleel.co.cc was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 175.126.123.219 175.126.123.219 | 9318 (SKB-AS SK...) (SKB-AS SK Broadband Co Ltd) | |
5 10 | 211.110.140.106 211.110.140.106 | 9318 (SKB-AS SK...) (SKB-AS SK Broadband Co Ltd) | |
1 | 2a00:1450:400... 2a00:1450:4001:808::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:814::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:819::2003 | 15169 (GOOGLE) (GOOGLE) | |
9 | 5 |
ASN9318 (SKB-AS SK Broadband Co Ltd, KR)
us.battle.net.login.en.cr.true.ref.account.battllee.xml.us.battle.net.battlleel.co.cc |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
cc.cc
5 redirects
www.cc.cc cc.cc |
733 KB |
2 |
gstatic.com
fonts.gstatic.com |
27 KB |
2 |
co.cc
1 redirects
us.battle.net.login.en.cr.true.ref.account.battllee.xml.us.battle.net.battlleel.co.cc |
2 KB |
1 |
googleapis.com
fonts.googleapis.com |
747 B |
9 | 4 |
Domain | Requested by | |
---|---|---|
5 | cc.cc |
us.battle.net.login.en.cr.true.ref.account.battllee.xml.us.battle.net.battlleel.co.cc
|
5 | www.cc.cc | 5 redirects |
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | us.battle.net.login.en.cr.true.ref.account.battllee.xml.us.battle.net.battlleel.co.cc | 1 redirects |
1 | fonts.googleapis.com |
cc.cc
|
9 | 5 |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.co.cc Sectigo RSA Domain Validation Secure Server CA |
2019-12-11 - 2020-12-24 |
a year | crt.sh |
*.cc.cc Sectigo RSA Domain Validation Secure Server CA |
2020-10-26 - 2021-10-26 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://us.battle.net.login.en.cr.true.ref.account.battllee.xml.us.battle.net.battlleel.co.cc/login.asp
Frame ID: 525E9DAE7088C3BA224E57675583452A
Requests: 9 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://us.battle.net.login.en.cr.true.ref.account.battllee.xml.us.battle.net.battlleel.co.cc/login.asp
HTTP 301
https://us.battle.net.login.en.cr.true.ref.account.battllee.xml.us.battle.net.battlleel.co.cc/login.asp Page URL
Detected technologies
Windows Server (Operating Systems) ExpandDetected patterns
- url /\.aspx?(?:$|\?)/i
Microsoft ASP.NET (Web Frameworks) Expand
Detected patterns
- url /\.aspx?(?:$|\?)/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
IIS (Web Servers) Expand
Detected patterns
- url /\.aspx?(?:$|\?)/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Grab Your CC.CC
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://us.battle.net.login.en.cr.true.ref.account.battllee.xml.us.battle.net.battlleel.co.cc/login.asp
HTTP 301
https://us.battle.net.login.en.cr.true.ref.account.battllee.xml.us.battle.net.battlleel.co.cc/login.asp Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://www.cc.cc/assets/libs/@fortawesome/fontawesome-free/css/all.min.css HTTP 302
- https://cc.cc/assets/libs/@fortawesome/fontawesome-free/css/all.min.css
- https://www.cc.cc/assets/css/purpose.css HTTP 302
- https://cc.cc/assets/css/purpose.css
- https://www.cc.cc/assets/js/purpose.core.js HTTP 302
- https://cc.cc/assets/js/purpose.core.js
- https://www.cc.cc/assets/js/purpose.js HTTP 302
- https://cc.cc/assets/js/purpose.js
- https://www.cc.cc/assets/js/demo.js HTTP 302
- https://cc.cc/assets/js/demo.js
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
login.asp
us.battle.net.login.en.cr.true.ref.account.battllee.xml.us.battle.net.battlleel.co.cc/ Redirect Chain
|
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
all.min.css
cc.cc/assets/libs/@fortawesome/fontawesome-free/css/ Redirect Chain
|
53 KB 53 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
purpose.css
cc.cc/assets/css/ Redirect Chain
|
455 KB 455 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
purpose.core.js
cc.cc/assets/js/ Redirect Chain
|
194 KB 194 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
purpose.js
cc.cc/assets/js/ Redirect Chain
|
25 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
demo.js
cc.cc/assets/js/ Redirect Chain
|
4 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
6 KB 747 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
XRXW3I6Li01BKofA6sKUYevIWzgPDA.woff2
fonts.gstatic.com/s/nunito/v15/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
XRXV3I6Li01BKofINeaBTMnFcQ.woff2
fonts.gstatic.com/s/nunito/v15/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
65 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| bootstrap function| inView function| SVGInjector function| EvEmitter function| imagesLoaded undefined| Layout undefined| Popover undefined| Tooltip undefined| BgImgHolder undefined| CardActions undefined| Dropdown undefined| FormControl undefined| CustomInputFile undefined| NavbarCollapse undefined| NavbarSticky undefined| NegativeMargin undefined| Pricing undefined| ScrollTo undefined| Shape undefined| Spotlight undefined| GoogleMapCustom undefined| GoogleMap undefined| TextareaAutosize undefined| Countdown undefined| Counter undefined| Datepicker undefined| Dropzones undefined| Highlight undefined| SortList undefined| Masonry undefined| Notify undefined| SingleSlider undefined| RangeSlider undefined| QuillEditor undefined| Scrollbar undefined| Select undefined| Sticky undefined| SvgInjector undefined| WpxSwiper undefined| Tags undefined| Typed undefined| Wavify undefined| randomizeArray undefined| sparklineData undefined| colorPalette undefined| spark1 undefined| options1 undefined| options2 undefined| options3 undefined| options4 undefined| options5 undefined| options6 undefined| options7 undefined| options80 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cc.cc
fonts.googleapis.com
fonts.gstatic.com
us.battle.net.login.en.cr.true.ref.account.battllee.xml.us.battle.net.battlleel.co.cc
www.cc.cc
175.126.123.219
211.110.140.106
2a00:1450:4001:808::200a
2a00:1450:4001:814::2003
2a00:1450:4001:819::2003
0fe33078077965739bd81287068a7b18cc4812e48e1aaa1bb2254cffa54077c9
1f59cbc2e57c1026fb7fe66d3c994e133d703341bfd6e4e7da2d0cde0d95faaa
4e9d0de0f754781585770d55f62f8932bb4768c8590616c49ab1003e467d1904
4fc37cd275cdd3ebc1189b75dd52e238ea1302675d1a8c970041ee964e37ed63
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf
c5f642ab5c8d614435ff9214aba24f7a21ac2b454f2798ef079467c915d2a3b2
cff4b385da31f09ccf539a2fa687afd8677a906fd47f8583049cc9eeac094d6f
f2aa8446e9b8e2c86fcb17eae9d8a595926cfe403828013e00603b6ecdfd2223
fef3eb45ca51beb2f6e8b6d0eb6bccd7c50da403f3255e1cbbd4baeaa59fb7c4