mtcqqtatbs.web.app
Open in
urlscan Pro
2620:0:890::100
Malicious Activity!
Public Scan
Submission: On July 27 via api from JP — Scanned from JP
Summary
TLS certificate: Issued by GTS CA 1D4 on July 10th 2023. Valid for: 3 months.
This is the only time mtcqqtatbs.web.app was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Adobe (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
9 | 2620:0:890::100 2620:0:890::100 | 54113 (FASTLY) (FASTLY) | |
1 | 45.95.170.184 45.95.170.184 | 211619 (MAXKO) (MAXKO) | |
10 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
web.app
mtcqqtatbs.web.app |
129 KB |
1 |
staviametech.store
staviametech.store |
145 B |
10 | 2 |
Domain | Requested by | |
---|---|---|
9 | mtcqqtatbs.web.app |
mtcqqtatbs.web.app
|
1 | staviametech.store |
mtcqqtatbs.web.app
|
10 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
web.app GTS CA 1D4 |
2023-07-10 - 2023-10-08 |
3 months | crt.sh |
staviametech.store R3 |
2023-07-02 - 2023-09-30 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://mtcqqtatbs.web.app/a.html
Frame ID: 076BE15AD55F3D3B453397800AF12A55
Requests: 10 HTTP requests in this frame
Screenshot
Page Title
View DocumentDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Mautic (Marketing Automation) Expand
Detected patterns
- [^a-z]mtc.*\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
a.html
mtcqqtatbs.web.app/ |
2 KB 902 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
mtcqqtatbs.web.app/ |
190 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.css
mtcqqtatbs.web.app/ |
50 B 159 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom.css
mtcqqtatbs.web.app/ |
604 B 394 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.jpg
mtcqqtatbs.web.app/ |
30 KB 24 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
mtcqqtatbs.web.app/ |
87 KB 27 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
mtcqqtatbs.web.app/ |
79 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
mtcqqtatbs.web.app/ |
6 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
staviametech.store/ |
0 145 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bg.png
mtcqqtatbs.web.app/ |
33 KB 34 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Adobe (Consumer)8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery number| uidEvent object| bootstrap function| userfocus function| antibot function| stopHtmlRender function| isBase640 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31556926; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
mtcqqtatbs.web.app
staviametech.store
2620:0:890::100
45.95.170.184
02e7ae1136f1173ec1994994ce0a3a35b53803efd0e0dc764dbbd84395801355
26c62dbdf527b8dcbf378ea62f129cbbba3b244730687909ba21ecd729c9d2e6
707fe5fe7c40e090b2e213f7b9729b416801495c002f8a99bcd21bedf410667c
7cc684bcd9c27eb2034a433e85efbce40d66aabd28bec095b37bc025f65fe13d
9b1ad3739e41d7b97140db97575cb95a9c3dca958f7bd4c133e28e6245c28de2
bece4ea7727db259ab498818ed613a814966e463495955d816801397e7b5a6a1
cc38eba77d7c3b5ddece1c5c36b5c2985b3f3e31e208f5a77d4714b131fd85a4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1537f39f5f3d137f9ba2d2328eabf1a58d0d38a8d30dc4dbdd921210e73eb87
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e