info--ca.web.app
Open in
urlscan Pro
2620:0:890::100
Malicious Activity!
Public Scan
Submission Tags: analytics-framework
Submission: On April 19 via api from US — Scanned from CA
Summary
TLS certificate: Issued by GTS CA 1D4 on March 6th 2023. Valid for: 3 months.
This is the only time info--ca.web.app was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Credit Agricole (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 2620:0:890::100 2620:0:890::100 | 54113 (FASTLY) (FASTLY) | |
6 | 2607:f8b0:400... 2607:f8b0:4006:806::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 13.35.77.57 13.35.77.57 | 16509 (AMAZON-02) (AMAZON-02) | |
4 | 13.35.77.62 13.35.77.62 | 16509 (AMAZON-02) (AMAZON-02) | |
12 | 4 |
ASN16509 (AMAZON-02, US)
PTR: server-13-35-77-57.bos50.r.cloudfront.net
d15k2d11r6t6rl.cloudfront.net |
ASN16509 (AMAZON-02, US)
PTR: server-13-35-77-62.bos50.r.cloudfront.net
app-rsrc.getbee.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 119 |
3 KB |
4 |
getbee.io
app-rsrc.getbee.io — Cisco Umbrella Rank: 26552 |
12 KB |
1 |
cloudfront.net
d15k2d11r6t6rl.cloudfront.net |
14 KB |
1 |
web.app
info--ca.web.app |
3 KB |
12 | 4 |
Domain | Requested by | |
---|---|---|
6 | fonts.googleapis.com |
info--ca.web.app
|
4 | app-rsrc.getbee.io |
info--ca.web.app
|
1 | d15k2d11r6t6rl.cloudfront.net |
info--ca.web.app
|
1 | info--ca.web.app | |
12 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
cu75214.tw1.ru |
fr-fr.facebook.com |
twitter.com |
www.instagram.com |
www.youtube.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
web.app GTS CA 1D4 |
2023-03-06 - 2023-06-04 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-03-28 - 2023-06-20 |
3 months | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2022-12-08 - 2023-12-07 |
a year | crt.sh |
*.getbee.io Amazon RSA 2048 M01 |
2023-02-17 - 2024-03-16 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://info--ca.web.app/
Frame ID: A840E929BE161E1AD7C75CDF13CE0436
Requests: 12 HTTP requests in this frame
Screenshot
Detected technologies
Google Font API (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Title: ACTIVATION
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
info--ca.web.app/ |
16 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
714 B 779 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 628 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
356 B 362 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 592 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
1 KB 527 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 550 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
credit-agricole-vector-logo-2022.png
d15k2d11r6t6rl.cloudfront.net/public/users/Integrators/BeeProAgency/892694_876947/ |
13 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
facebook@2x.png
app-rsrc.getbee.io/public/resources/social-networks-icon-sets/t-outline-circle-default-gray/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twitter@2x.png
app-rsrc.getbee.io/public/resources/social-networks-icon-sets/t-outline-circle-default-gray/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
instagram@2x.png
app-rsrc.getbee.io/public/resources/social-networks-icon-sets/t-outline-circle-default-gray/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
youtube@2x.png
app-rsrc.getbee.io/public/resources/social-networks-icon-sets/t-outline-circle-default-gray/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Credit Agricole (Banking)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31556926; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
app-rsrc.getbee.io
d15k2d11r6t6rl.cloudfront.net
fonts.googleapis.com
info--ca.web.app
13.35.77.57
13.35.77.62
2607:f8b0:4006:806::200a
2620:0:890::100
1ba76faa5d4ebb3164eec30f91400d455c0fa552fdfdcab5a7ec4f90b19827f0
1bf18208572a399bfd13c097e683762d0201b3809ce4d9288e6e3070d8aecfc0
4f506431b3f789ffdbada9c6bc616f9e1239b1c8389121e37103a3ee048a427c
5b05ccca96b538b695a47c7e0da44490ad3cd6122a31239dccb8f797ef2c21e4
6eea8b08e21e33a057c5be3f2b5a6288f2b6ce37fbcc362a956d3aa442315919
801e6c236eee8e30d71a3d846e6a1bb673f6147061d93d2c77fa6db768289f2f
aa0c3fca044d8fdcb10fe44f8fd4289559b67f5284c7bde74d6391d8e8f6a737
b3974d529dfe79cc7959c1d293d84fe4d633f1415d60c9c9ff15cbb996fc464b
d2bb3bb3add67a8bd43259e1ef13b72f6adf3c1abc8b66fd92e77a106f12c420
e2a79eb0c9c649ca281c1ec8a831b84a611bb31033c358629d2bcc3b6e922713
fa23813692ebb023e692783bb2385c5c0299f03082969ddbb287723c131d6001
fe81f558a4210ec16be0d47586d6e297fb627e92e55ba1b730e2aee54b5a4f74