charleschwab.pages.dev Open in urlscan Pro
172.66.44.125 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://charleschwab.pages.dev/
Submission: On January 05 via manual (January 5th 2024, 9:03:26 pm UTC) from US — Scanned from AU

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 2 domains to perform 19 HTTP transactions. The main IP is 172.66.44.125, located in United States and belongs to CLOUDFLARENET, US. The main domain is charleschwab.pages.dev.
TLS certificate: Issued by GTS CA 1P5 on November 30th 2023. Valid for: 3 months.

This is the only time charleschwab.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Charles Schwab (Financial)

Domain & IP information

	IP Address	AS Autonomous System
1 15	172.66.44.125 172.66.44.125	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.202.230.65 23.202.230.65	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	23.202.230.74 23.202.230.74	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
19	4

15 172.66.44.125 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

charleschwab.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.202.230.65 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-202-230-65.deploy.static.akamaitechnologies.com

client.schwab.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.202.230.74 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-202-230-74.deploy.static.akamaitechnologies.com

content.schwab.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	pages.dev 1 redirects charleschwab.pages.dev	311 KB
3	schwab.com client.schwab.com — Cisco Umbrella Rank: 43507 content.schwab.com — Cisco Umbrella Rank: 59484 sws-gateway-nr.schwab.com Failed	159 KB
19	2

	Domain	Requested by
15	charleschwab.pages.dev	1 redirects charleschwab.pages.dev
2	content.schwab.com	charleschwab.pages.dev
1	client.schwab.com	charleschwab.pages.dev
0	sws-gateway-nr.schwab.com Failed	charleschwab.pages.dev
19	4

This site contains no links.

Subject Issuer	Validity	Valid
charleschwab.pages.dev GTS CA 1P5	`2023-11-30` - `2024-02-28`	3 months	crt.sh
www.schwab.com DigiCert SHA2 Extended Validation Server CA	`2023-03-07` - `2024-03-06`	a year	crt.sh
content.schwab.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-26` - `2024-06-25`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://charleschwab.pages.dev/
Frame ID: 138DFA6C49A46B8CD31DBD0724EDDB05
Requests: 13 HTTP requests in this frame

Frame: https://charleschwab.pages.dev/assets/login
Frame ID: A0E52657143CEFAFB8BCCF307D8381D3
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

19
Requests

89 %
HTTPS

0 %
IPv6

2
Domains

4
Subdomains

4
IPs

2
Countries

469 kB
Transfer

1423 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://charleschwab.pages.dev/assets/login.html HTTP 308
https://charleschwab.pages.dev/assets/login

19 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
charleschwab.pages.dev/ 155 KB
22 KB 2331ms
2304ms Document
text/html 172.66.44.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://charleschwab.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.125 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

216f5360efb2a0151cce3a57b826c8b576229a02c95cc4158d47d563e33dc4fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-ray: 840eaac49dd85729-SYD
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 05 Jan 2024 21:03:19 GMT
etag: W/"08995f2a714bda7e277118f4029aeb81"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S0BkFsR7cMEzsTw4%2Ffz%2BdlIzHMAzABNNIuLb9u9K1wwz19tDRa2NcADHr52qt3ZrODTpEbry6jwZLLjLAZuL%2FcFkrCgMcshliIHTWdhMpp1PZh8I%2FBVEHhsnTrmQ8lfd7AU3ITx1hQrV"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 login.css
charleschwab.pages.dev/assets/ 32 KB
9 KB 552ms
551ms Stylesheet
text/css 172.66.44.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://charleschwab.pages.dev/assets/login.css

Requested by

Host: charleschwab.pages.dev
URL: https://charleschwab.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.125 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df9cdbf527d39949a14f8c2ba70397c2866904c263a28a42b9bc88453e2d3ca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://charleschwab.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 21:03:20 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1a4e2cdc0a7b247cf0fee62d8da4ca24"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=12BFYAQ8N%2FhAG69RonXCtn2GWKGwdxk9O0Ia4ztsrCH9sZrvofHQzTdqSetrsCyv498MwkEdN3zF9TXlOigpYbuqRONRXBjpn6mi0u1RlzSJpKkQWsfln8dwKxaxYyII2AcOqCckgnf7"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 840eaad31f5e5729-SYD
alt-svc: h3=":443"; ma=86400

GET
H2 200 AMEXCards@2x.png
charleschwab.pages.dev/assets/ 14 KB
14 KB 323ms
323ms Image
image/png 172.66.44.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://charleschwab.pages.dev/assets/AMEXCards@2x.png

Requested by

Host: charleschwab.pages.dev
URL: https://charleschwab.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.125 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

477d30c8790540e03f7bb77f3d29d18e4e7be32c11dcec8fd7dbf67277535783

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://charleschwab.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 21:03:19 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "478c5b8788bdf27be75b123790ad5def"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IKJriKSrij%2Bk6xjZAHrUTNkENCGzwfaeiOIf%2FDLLzyAFJB647lxcHkqg%2BXVjQHGWk3xc586q%2FaLDMQZ8qlw0QZ3bfgXIjekJbfJhsK0FAkmwcMM%2BqWLVqmkUkWlTIu440JYQwHpmoQC3"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 840eaad31f5f5729-SYD
alt-svc: h3=":443"; ma=86400
content-length: 14480

GET
H2 200 4-SSlices-gift-LILO.png
charleschwab.pages.dev/assets/ 19 KB
19 KB 341ms
341ms Image
image/png 172.66.44.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://charleschwab.pages.dev/assets/4-SSlices-gift-LILO.png

Requested by

Host: charleschwab.pages.dev
URL: https://charleschwab.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.125 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

397c6656ad5e184656e9abfa07edbf03888f560d01b6301a63bad5a51afcc1b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://charleschwab.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 21:03:19 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "cca7ad863c12d977f5c3baa2ad46184e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=njRmELMt%2BLcJiQfXuDNL1k2QTjGqoM406rGTDhV5REZpkhHruo6r%2BH1y2xmNqFGA4erwBYEVeZ%2FaSIk6QZnJTA2PaVOGPKAtTNsDjZecDcwp4bLe2TVeo3qCyelNhpI1SfeLueJ3KJ0g"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 840eaad31f605729-SYD
alt-svc: h3=":443"; ma=86400
content-length: 19584

GET
H2 200 hyic%20no%20atm%20fees.png
charleschwab.pages.dev/assets/ 18 KB
18 KB 335ms
335ms Image
image/png 172.66.44.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://charleschwab.pages.dev/assets/hyic%20no%20atm%20fees.png

Requested by

Host: charleschwab.pages.dev
URL: https://charleschwab.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.125 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

070d46342d1bf3de6c47a86c333d2286b016aea22d6fd394a2e2b8be66c2222a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://charleschwab.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 21:03:19 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "ca008a7802ee42aaa29d9b360ab88c27"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BTwXDL2TsiXBA1iBquRvcKyid4NADqt%2FB0XrOmnlPVeVq1psKxDAoU%2FFf%2BJxF1u8ZdeQfl2oNIrBUsdeJcQmzJFXtU3fmRCeBJz0vQJ%2BGaL34J8ZcUvAgsJH3WC4UxV%2B6w%2F8POsylnGO"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 840eaad31f675729-SYD
alt-svc: h3=":443"; ma=86400
content-length: 18299

GET
H2 200 CS_logo_140x140.jpg
charleschwab.pages.dev/assets/ 35 KB
36 KB 460ms
459ms Image
image/jpeg 172.66.44.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://charleschwab.pages.dev/assets/CS_logo_140x140.jpg

Requested by

Host: charleschwab.pages.dev
URL: https://charleschwab.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.125 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61de0434d04b57d22f1a273ec9cf1a7fe1ee60b822a7f3f559330951414e3378

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://charleschwab.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 21:03:19 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "93770b3f9af9f1b36bc5a524bff574d5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hBeV5X8Y%2FBr3EbF9d1EK7ndplkv6nmqFizPNaiuVI8u3MqoGUdL8UVJTXNEp8KsqIcjKKURY93XDU%2BNKoe3wFmnxeTaoMsZzD4Hd%2BFRQmIKuqwno865ZDr3tOQ%2B1GTA4CjSI%2BJhk9C8l"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 840eaad31f685729-SYD
alt-svc: h3=":443"; ma=86400
content-length: 36076

GET
H2 200 powered_by_logo.svg
charleschwab.pages.dev/assets/ 5 KB
2 KB 805ms
804ms Image
image/svg+xml 172.66.44.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://charleschwab.pages.dev/assets/powered_by_logo.svg

Requested by

Host: charleschwab.pages.dev
URL: https://charleschwab.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.125 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://charleschwab.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 21:03:20 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"abfcc415dc9b4da4aa49439bb8bf3e0c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zESK48Ge77WOgrxAndFidVCIFbPK%2BcHScj6B9UC362Xk07DQrLcPdXwfdWZRlqkEvjCBFALmD7JpZzr7Wea8DiipzQ2g4sqhJyDEwjmp5EU98AtE%2FbJCwYvclcPZfMKN2NXFFHyQ30UQ"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 840eaad31f695729-SYD
alt-svc: h3=":443"; ma=86400

GET
H2

200

https://charleschwab.pages.dev/assets/login.html
https://charleschwab.pages.dev/assets/login

298 KB
35 KB

1259ms
1258ms

Document
text/html

172.66.44.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://charleschwab.pages.dev/assets/login

Requested by

Host: charleschwab.pages.dev
URL: https://charleschwab.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.125 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5b86d4721984705e119a1d59c154e8fca362994f821dd96840eff4cc59250db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://charleschwab.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-ray: 840eaad33f785729-SYD
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 05 Jan 2024 21:03:20 GMT
etag: W/"032044024e3beab6a53c41f559bafdd7"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qDChe%2B5nkT%2B9W5AOcjbN715X9nOmkCkJ4DUyngXbp57hODUpFLh2IxTPFWgz1GvU9h69wML92LoICOct19aY6nIiGXcq6rOsxDb91GpQrCLMBvVXZlc%2Fi6rDBCXncmW7zG7S4%2BXqZGWL"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-ray: 840eaad31f6c5729-SYD
content-length: 0
date: Fri, 05 Jan 2024 21:03:19 GMT
location: /assets/login
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=khdRS1bNlEcFDMbEuWe5kbSfl%2FvG8nbrvB8zXmYIxpkNOh11ug%2F5B3n%2BaX45gqzCi4DlwPPwGzSJR9wSMqu7rxIIKGMNX%2FwoYwNqjGA2PLXQtnx9WAZu%2FvjIYv551eWOcLeSeUI0FIut"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ccc4d3be744a29473fefe2f313fdae488f460b85a47e8427f748358a54ba048

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 icons.png
client.schwab.com/images/ 46 KB
46 KB 193ms
18ms Image
image/png 23.202.230.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://client.schwab.com/images/icons.png

Requested by

Host: charleschwab.pages.dev
URL: https://charleschwab.pages.dev/assets/login.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.202.230.65 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-202-230-65.deploy.static.akamaitechnologies.com

Software

Resource Hash

4f5b35239a5b6cdaeac327f090a14bdcc0957d526250ca369762fa0e74c23f30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://charleschwab.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Fri, 05 Jan 2024 21:03:20 GMT
last-modified: Fri, 01 Dec 2023 20:52:00 GMT
etag: "0d8bd3a9824da1:0"
x-frame-options: SAMEORIGIN
content-type: image/png
f5ip: 162.93.220.100
cache-control: max-age=0, no-cache, no-store
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1704488600256_399173181_284889123_106_14572_1_5_219";dur=1
accept-ranges: bytes
content-length: 46782
x-xss-protection: 1; mode=block
expires: Fri, 05 Jan 2024 21:03:20 GMT

GET
H/1.1 200
OK Login_Background.jpg
content.schwab.com/web/login/ 110 KB
110 KB 257ms
22ms Image
image/jpeg 23.202.230.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.schwab.com/web/login/Login_Background.jpg
Requested by: Host: charleschwab.pages.dev
URL: https://charleschwab.pages.dev/assets/login.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.230.74 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-202-230-74.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 3c1e405db9fdc7ea43f4ac748a546bd54161bdecec8b8756b4e29b1359f2c856

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://charleschwab.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 21:03:20 GMT
Last-Modified: Mon, 18 Jul 2022 14:43:48 GMT
Server: Akamai Image Manager
ETag: "ddd5e02fd4df958d8da39b113223dd11:1638552670.165418"
Access-Control-Allow-Methods: GET, GET
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: private, no-transform, max-age=43200
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 112358
Expires: Sat, 06 Jan 2024 09:03:20 GMT

GET
H/1.1 200
OK schwabsafe_logo.svg
content.schwab.com/web/login/ 2 KB
2 KB 446ms
212ms Image
image/svg+xml 23.202.230.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.schwab.com/web/login/schwabsafe_logo.svg
Requested by: Host: charleschwab.pages.dev
URL: https://charleschwab.pages.dev/assets/login.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.230.74 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-202-230-74.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 0c1f7d2d3fa4ed7ec3cf2519cd017ddb5bc8de757e00ed8f84cd8991059a0631

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://charleschwab.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 21:03:20 GMT
Last-Modified: Tue, 20 Jun 2017 20:14:24 GMT
Server: AkamaiNetStorage
ETag: "7449c161258eba54600debcbd1229b1d:1497989664"
Access-Control-Allow-Methods: GET
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 2058

GET
H2 200 CharlesModern-Light.woff
charleschwab.pages.dev/fonts/ 155 KB
22 KB 30ms
30ms Font
text/html 172.66.44.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://charleschwab.pages.dev/fonts/CharlesModern-Light.woff?v=1.0.0

Requested by

Host: charleschwab.pages.dev
URL: https://charleschwab.pages.dev/assets/login.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.125 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

216f5360efb2a0151cce3a57b826c8b576229a02c95cc4158d47d563e33dc4fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://charleschwab.pages.dev/assets/login.css
Origin: https://charleschwab.pages.dev
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 21:03:20 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"08995f2a714bda7e277118f4029aeb81"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2BRClrDfYX%2BQcBbOcpFx57iS%2Fi4z7evPm7LJ4Kfp3%2FHTZLqoaWcBFJizwjBfy6ZxnTEB2tEJuFZ3xMJVuUY1U9YAoi2e9L5sai0QgUfgVLhavYAW1MrsU8LPt%2B4UC1cMWcXDOml93nfS"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 840eaad689985729-SYD
alt-svc: h3=":443"; ma=86400

GET
H2 200 CharlesModern-Light.ttf
charleschwab.pages.dev/fonts/ 155 KB
22 KB 32ms
32ms Font
text/html 172.66.44.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://charleschwab.pages.dev/fonts/CharlesModern-Light.ttf?v=1.0.0

Requested by

Host: charleschwab.pages.dev
URL: https://charleschwab.pages.dev/assets/login.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.125 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

216f5360efb2a0151cce3a57b826c8b576229a02c95cc4158d47d563e33dc4fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://charleschwab.pages.dev/assets/login.css
Origin: https://charleschwab.pages.dev
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 21:03:20 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"08995f2a714bda7e277118f4029aeb81"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vLrp1cytKRJr1T11LCEZqGWcK7KYSmPsEz4Uov%2FlUnsSSilBhR6Ycv2xDH6AyUohSXdJ%2Ff%2FkIbC%2BHJ7nBkJjJK8v1XxbvhloBimLijNfhvCTc%2FSVWGqViZh8YHn3aHB5TTMSSW6j%2FiO9"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 840eaad6c9b85729-SYD
alt-svc: h3=":443"; ma=86400

GET CharlesModern-Light.49518a871252ad9f5bc3.woff
sws-gateway-nr.schwab.com/ui/host/ Frame A0E5 0
0

GET Schwab-Icon-Font.e876f3a7a6cdedc7d4a7.ttf
sws-gateway-nr.schwab.com/ui/host/ Frame A0E5 0
0

GET
H2 200 schwab-secondary.css
charleschwab.pages.dev/assets/ Frame A0E5 326 B
551 B 259ms
258ms Stylesheet
text/css 172.66.44.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://charleschwab.pages.dev/assets/schwab-secondary.css

Requested by

Host: charleschwab.pages.dev
URL: https://charleschwab.pages.dev/assets/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.125 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a19d67a16a72410c6fac73f333187c2cd36619a189456d274a1aefe5ac522682

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://charleschwab.pages.dev/assets/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 21:03:21 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6ad63706dc73cfc9242121fd3525bc0c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kgTxVZYjqWHX%2FNEBD1Xgj7SwrgQ0LHyVokkzmhKEa9h1yy90Lu2lBXt20SfPiNx4rsEFxEXDgu6OsdStaO7uMRp5J2Cpzwzd1tSt9PC2r2ZjKU%2BA9sSyzOVULbBJqhnRtLSjidvpbSrV"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 840eaadb2c435729-SYD
alt-svc: h3=":443"; ma=86400

GET
H2 200 onload_sprite.c5ffe4a565563552268f.png
charleschwab.pages.dev/assets/ Frame A0E5 64 KB
64 KB 33ms
33ms Image
text/html 172.66.44.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://charleschwab.pages.dev/assets/onload_sprite.c5ffe4a565563552268f.png

Requested by

Host: charleschwab.pages.dev
URL: https://charleschwab.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.125 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://charleschwab.pages.dev/assets/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 21:03:21 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"08995f2a714bda7e277118f4029aeb81"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EabLJfNubdJBUvhszo2OmUFsc5qDjzQY18XhvX7ilQb%2FrefBRlXji78P7yJQJhR9KOoDNkPpfiDWMH4Yj3kzwDsqWD3gIe8MMWzX9KkqQtFJFRYok4eychkK2AO7D56SqSvYKFIreH8A"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 840eaadccd685729-SYD
alt-svc: h3=":443"; ma=86400

GET
H2 200 Schwab-Icon-Font.e876f3a7a6cdedc7d4a7.ttf
charleschwab.pages.dev/assets/ Frame A0E5 155 KB
22 KB 34ms
33ms Font
text/html 172.66.44.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://charleschwab.pages.dev/assets/Schwab-Icon-Font.e876f3a7a6cdedc7d4a7.ttf?gvl1yz

Requested by

Host: charleschwab.pages.dev
URL: https://charleschwab.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.125 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

216f5360efb2a0151cce3a57b826c8b576229a02c95cc4158d47d563e33dc4fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://charleschwab.pages.dev/assets/login
Origin: https://charleschwab.pages.dev
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 21:03:21 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"08995f2a714bda7e277118f4029aeb81"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IwqU0lCBLhGmy10TttjuhKaOAWYfz3MRyLAAdpx9%2BcPxmhvnEbFbHjTcFzr8DGUzaXzWhi4UBKI2Wr5jSTxQ%2BO8ge%2BE60gwyNQv99Ccfcs7ZG4iIISRpm8DD3FezkhyUYJwhwvVrKQQs"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 840eaadccd695729-SYD
alt-svc: h3=":443"; ma=86400

GET
H2 200 Schwab-Icon-Font.91cd0da84ede93d98cff.woff
charleschwab.pages.dev/assets/ Frame A0E5 155 KB
22 KB 31ms
31ms Font
text/html 172.66.44.125
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://charleschwab.pages.dev/assets/Schwab-Icon-Font.91cd0da84ede93d98cff.woff?gvl1yz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.44.125 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

216f5360efb2a0151cce3a57b826c8b576229a02c95cc4158d47d563e33dc4fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://charleschwab.pages.dev/assets/login
Origin: https://charleschwab.pages.dev
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 21:03:21 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"08995f2a714bda7e277118f4029aeb81"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rk1SUxHmtJEWxjamWmKgTIKaRi29P56T1I17pz4MJy2ZKjb%2BhFyjhfKpTltDWNUvoPeSLpEyRKEl%2FH%2FsvDdJBT54NEh8CJW8HZOUE%2Bt3Tx38MXl4Ezc6WJ8NB642ehqAQ%2FjZ98ZHcaA%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 840eaadd0d875729-SYD
alt-svc: h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sws-gateway-nr.schwab.com
URL: https://sws-gateway-nr.schwab.com/ui/host/CharlesModern-Light.49518a871252ad9f5bc3.woff

Domain: sws-gateway-nr.schwab.com
URL: https://sws-gateway-nr.schwab.com/ui/host/Schwab-Icon-Font.e876f3a7a6cdedc7d4a7.ttf?gvl1yz

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Charles Schwab (Financial)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://charleschwab.pages.dev/ Message: Failed to decode downloaded font: https://charleschwab.pages.dev/fonts/CharlesModern-Light.woff?v=1.0.0
other	warning	URL: https://charleschwab.pages.dev/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: https://charleschwab.pages.dev/ Message: Failed to decode downloaded font: https://charleschwab.pages.dev/fonts/CharlesModern-Light.ttf?v=1.0.0
other	warning	URL: https://charleschwab.pages.dev/ Message: OTS parsing error: invalid sfntVersion: 1008813135
javascript	error	URL: https://charleschwab.pages.dev/assets/login Message: Access to font at 'https://sws-gateway-nr.schwab.com/ui/host/Schwab-Icon-Font.e876f3a7a6cdedc7d4a7.ttf?gvl1yz' from origin 'https://charleschwab.pages.dev' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://sws-gateway-nr.schwab.com' that is not equal to the supplied origin.
network	error	URL: https://sws-gateway-nr.schwab.com/ui/host/Schwab-Icon-Font.e876f3a7a6cdedc7d4a7.ttf?gvl1yz Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://charleschwab.pages.dev/assets/login Message: Access to font at 'https://sws-gateway-nr.schwab.com/ui/host/CharlesModern-Light.49518a871252ad9f5bc3.woff' from origin 'https://charleschwab.pages.dev' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://sws-gateway-nr.schwab.com' that is not equal to the supplied origin.
network	error	URL: https://sws-gateway-nr.schwab.com/ui/host/CharlesModern-Light.49518a871252ad9f5bc3.woff Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://charleschwab.pages.dev/assets/login Message: Failed to decode downloaded font: https://charleschwab.pages.dev/assets/Schwab-Icon-Font.e876f3a7a6cdedc7d4a7.ttf?gvl1yz
other	warning	URL: https://charleschwab.pages.dev/assets/login Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: https://charleschwab.pages.dev/assets/login Message: Failed to decode downloaded font: https://charleschwab.pages.dev/assets/Schwab-Icon-Font.91cd0da84ede93d98cff.woff?gvl1yz
other	warning	URL: https://charleschwab.pages.dev/assets/login Message: OTS parsing error: invalid sfntVersion: 1008813135
javascript	warning	URL: https://charleschwab.pages.dev/assets/login Message: The resource https://sws-gateway-nr.schwab.com/ui/host/CharlesModern-Light.49518a871252ad9f5bc3.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://charleschwab.pages.dev/assets/login Message: The resource https://sws-gateway-nr.schwab.com/ui/host/Schwab-Icon-Font.e876f3a7a6cdedc7d4a7.ttf?gvl1yz was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

charleschwab.pages.dev
client.schwab.com
content.schwab.com
sws-gateway-nr.schwab.com
sws-gateway-nr.schwab.com
172.66.44.125
23.202.230.65
23.202.230.74
070d46342d1bf3de6c47a86c333d2286b016aea22d6fd394a2e2b8be66c2222a
0c1f7d2d3fa4ed7ec3cf2519cd017ddb5bc8de757e00ed8f84cd8991059a0631
216f5360efb2a0151cce3a57b826c8b576229a02c95cc4158d47d563e33dc4fa
2ccc4d3be744a29473fefe2f313fdae488f460b85a47e8427f748358a54ba048
397c6656ad5e184656e9abfa07edbf03888f560d01b6301a63bad5a51afcc1b9
3c1e405db9fdc7ea43f4ac748a546bd54161bdecec8b8756b4e29b1359f2c856
477d30c8790540e03f7bb77f3d29d18e4e7be32c11dcec8fd7dbf67277535783
4f5b35239a5b6cdaeac327f090a14bdcc0957d526250ca369762fa0e74c23f30
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
61de0434d04b57d22f1a273ec9cf1a7fe1ee60b822a7f3f559330951414e3378
a19d67a16a72410c6fac73f333187c2cd36619a189456d274a1aefe5ac522682
d5b86d4721984705e119a1d59c154e8fca362994f821dd96840eff4cc59250db
df9cdbf527d39949a14f8c2ba70397c2866904c263a28a42b9bc88453e2d3ca8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

charleschwab.pages.dev Open in urlscan Pro 172.66.44.125 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

19 Requests

89 %HTTPS

0 %IPv6

2 Domains

4 Subdomains

4 IPs

2 Countries

469 kBTransfer

1423 kBSize

0 Cookies

0 Outgoing links

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

2 JavaScript Global Variables

0 Cookies

14 Console Messages

Security Headers

Indicators

charleschwab.pages.dev Open in urlscan Pro
172.66.44.125 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

89 %
HTTPS

0 %
IPv6

2
Domains

4
Subdomains

4
IPs

2
Countries

469 kB
Transfer

1423 kB
Size

0
Cookies

19 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!