![](/screenshots/edc3ad60-df3f-423a-969b-0cca4131dce2.png)
www.xss.securebank.site
Open in
urlscan Pro
91.142.94.78
Public Scan
Effective URL: https://www.xss.securebank.site/
Submission: On January 28 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by R3 on January 28th 2022. Valid for: 3 months.
This is the only time www.xss.securebank.site was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 19 | 91.142.94.78 91.142.94.78 | 41722 (MIRAN-AS ...) (MIRAN-AS Miran DC) | |
1 | 2a00:1450:400... 2a00:1450:4001:808::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:831::2003 | 15169 (GOOGLE) (GOOGLE) | |
21 | 3 |
ASN41722 (MIRAN-AS Miran DC, RU)
PTR: vl2254.miran.ru
xss.securebank.site | |
www.xss.securebank.site |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
securebank.site
1 redirects
xss.securebank.site www.xss.securebank.site |
698 KB |
2 |
gstatic.com
fonts.gstatic.com |
91 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47 |
2 KB |
21 | 3 |
Domain | Requested by | |
---|---|---|
18 | www.xss.securebank.site |
www.xss.securebank.site
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | fonts.googleapis.com |
www.xss.securebank.site
|
1 | xss.securebank.site | 1 redirects |
21 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
xss.securebank.site R3 |
2022-01-28 - 2022-04-28 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2021-12-27 - 2022-03-21 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-12-27 - 2022-03-21 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.xss.securebank.site/
Frame ID: 4D600AC787C5D2B097271E05743741E6
Requests: 21 HTTP requests in this frame
Screenshot
![](/screenshots/edc3ad60-df3f-423a-969b-0cca4131dce2.png)
Page Title
XSS HunterPage URL History Show full URLs
-
https://xss.securebank.site/
HTTP 301
https://www.xss.securebank.site/ Page URL
Detected technologies
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Detected patterns
- clipboard(?:-([\d.]+))?(?:\.min)?\.js
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://xss.securebank.site/
HTTP 301
https://www.xss.securebank.site/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
www.xss.securebank.site/ Redirect Chain
|
5 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
www.xss.securebank.site/static/css/ |
111 KB 112 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
site.min.css
www.xss.securebank.site/static/css/ |
174 KB 175 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
prettify.css
www.xss.securebank.site/static/css/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
www.xss.securebank.site/static/css/ |
359 B 617 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
26 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ie-emulation-modes-warning.js
www.xss.securebank.site/static/js/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
site.min.js
www.xss.securebank.site/static/js/ |
139 KB 140 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-2.1.4.min.js
www.xss.securebank.site/static/js/ |
82 KB 83 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
www.xss.securebank.site/static/js/ |
35 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ie10-viewport-bug-workaround.js
www.xss.securebank.site/static/js/ |
641 B 913 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
prettify.js
www.xss.securebank.site/static/js/ |
62 KB 62 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clipboard.min.js
www.xss.securebank.site/static/js/ |
9 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
www.xss.securebank.site/static/js/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
homepage.css
www.xss.securebank.site/static/css/ |
269 B 527 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
homepage.js
www.xss.securebank.site/static/js/ |
0 270 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg.png
www.xss.securebank.site/static/img/ |
46 KB 47 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
glyphicons-halflings-regular.woff
www.xss.securebank.site/static/fonts/ |
23 KB 23 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ |
44 KB 44 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v27/ |
47 KB 47 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
xss_the_wrong_way.mp4
www.xss.securebank.site/static/video/ |
208 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
27 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery object| jQuery110109954413378753937 string| _determinate string| _indeterminate string| _update string| _type string| _click string| _touch string| _add string| _remove string| _callback string| _label string| _cursor boolean| _mobile boolean| IN_GLOBAL_SCOPE function| prettyPrintOne function| prettyPrint boolean| PR_SHOULD_USE_CONTINUATION object| PR function| hide_loading_bar function| show_loading_bar function| set_loading_bar function| api_request string| API_SERVER string| CSRF_TOKEN object| USER0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self' xss.delab.site api.xss.delab.site; style-src 'self' fonts.googleapis.com; img-src 'self' api.xss.delab.site; font-src 'self' fonts.googleapis.com fonts.gstatic.com; script-src 'self'; frame-src 'self' |
X-Content-Type-Options | nosniff |
X-Frame-Options | deny |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.googleapis.com
fonts.gstatic.com
www.xss.securebank.site
xss.securebank.site
2a00:1450:4001:808::200a
2a00:1450:4001:831::2003
91.142.94.78
035f76cad89b4436226962589da4573cdba89378ed3ef64029e73035d4e122c5
07713f6d9c5da30496929b8bd30a3cdbe875b591dc3893c0e654df92a7a813af
125b9cf633ec84123500c02f34b423e9ae4cedd1d6c1f4e7b48b71f763bda416
1ceae0d8158ec0e39cbfbfd5c777e3b9d754d809b7cd6160bec3901eb88ff0e1
26a234d2be5c37bdfad8118067e9ee27a4524d143eeb4cae7935034e726391c8
271319a0f7370c86291ccd62c0bfdaf058f863dc0057c636f27f68ed294e419f
3c0ccca5c6ae5c3788f3b212cc954f9a39a72ba8078357b6c45af70523f914b5
404b016f5c9a369726eec56a280c93478da17a52ed0f1fee116838330772ec70
5d51d5f4bc972e7d7c48d17fb92c191b55bd1be71533c12ef39fea6365156be0
6d7c9f6ece6c8ae31d4ac7728f3db3813364d31b8e2ca8ee816bc57d20d46aea
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
895d6b598afdcd51b9552654b012e3ef6578d44e3e0efdb59d33024ead80a5a4
abefbf9ca8bf85cb82a80089032c5db4c294798a0a5c8422996bafc2c7e0d3e2
c3faed19ca5df755d5b068a34e98abc166204d58a2a54c0d9c6d279dcdf89471
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c
f57a038a716263766ff4d7f7d8a6ea13b22701ae6fc91e8b1b52fd8784844d23
f663fd5d5698e04a8e56de60c13c54abcb6943adcb21c3d5e80866d0eda0604d
fb9355a9e732da1cddd56f3fb81bf545939e0a600e02871650daec8e59af9b21
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e