charleschwab.pages.dev Open in urlscan Pro
2606:4700:310c::ac42:2f83 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://charleschwab.pages.dev/
Submission: On November 24 via automatic, source certstream-suspicious (November 24th 2023, 3:25:24 pm UTC) — Scanned from DE

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 2 domains to perform 19 HTTP transactions. The main IP is 2606:4700:310c::ac42:2f83, located in United States and belongs to CLOUDFLARENET, US. The main domain is charleschwab.pages.dev.
TLS certificate: Issued by GTS CA 1P5 on November 24th 2023. Valid for: 3 months.

This is the only time charleschwab.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Charles Schwab (Financial)

Domain & IP information

	IP Address	AS Autonomous System
1 15	2606:4700:310... 2606:4700:310c::ac42:2f83	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	92.123.104.8 92.123.104.8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2.23.209.174 2.23.209.174	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
19	4

15 2606:4700:310c::ac42:2f83 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

charleschwab.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.104.8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-104-8.deploy.static.akamaitechnologies.com

client.schwab.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.23.209.174 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-23-209-174.deploy.static.akamaitechnologies.com

content.schwab.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	pages.dev 1 redirects charleschwab.pages.dev	253 KB
3	schwab.com client.schwab.com — Cisco Umbrella Rank: 24611 content.schwab.com — Cisco Umbrella Rank: 38939 sws-gateway-nr.schwab.com Failed	159 KB
19	2

	Domain	Requested by
15	charleschwab.pages.dev	1 redirects charleschwab.pages.dev
2	content.schwab.com	charleschwab.pages.dev
1	client.schwab.com	charleschwab.pages.dev
0	sws-gateway-nr.schwab.com Failed	charleschwab.pages.dev
19	4

This site contains no links.

Subject Issuer	Validity	Valid
charleschwab.pages.dev GTS CA 1P5	`2023-11-24` - `2024-02-22`	3 months	crt.sh
www.schwab.com DigiCert SHA2 Extended Validation Server CA	`2023-03-07` - `2024-03-06`	a year	crt.sh
content.schwab.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-26` - `2024-06-25`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://charleschwab.pages.dev/
Frame ID: CBA4F3A09F7B0E55ACB9CEB5B5771FF2
Requests: 13 HTTP requests in this frame

Frame: https://charleschwab.pages.dev/assets/login
Frame ID: CE472A2F643CFEAEABEA42A66094AC60
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login | Charles Schwab Back ButtonSearch IconFilter Icon

Page Statistics

19
Requests

89 %
HTTPS

33 %
IPv6

2
Domains

4
Subdomains

4
IPs

2
Countries

411 kB
Transfer

1364 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://charleschwab.pages.dev/assets/login.html HTTP 308
https://charleschwab.pages.dev/assets/login

19 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
charleschwab.pages.dev/ 155 KB
23 KB 142ms
78ms Document
text/html 2606:4700:310c::ac42:2f83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://charleschwab.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:310c::ac42:2f83 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

216f5360efb2a0151cce3a57b826c8b576229a02c95cc4158d47d563e33dc4fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-ray: 82b2a9ec6c702c59-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 24 Nov 2023 15:25:18 GMT
etag: W/"08995f2a714bda7e277118f4029aeb81"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=two0GCwdTZUAJsRzohnIDs%2Fiv%2BIiBUPKTktQR5oEB3YC7RVWLz7782PzZfi8LpJqyLvlCbY68Y8O4f7SLZrryfihfEHv%2BMxpwWeCoirbJhyKJ4PCtY0N88T%2BKlXqbYx1VnrBQvo2DSr8exOhM2UiZfWBJiAc"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 login.css
charleschwab.pages.dev/assets/ 32 KB
9 KB 108ms
107ms Stylesheet
text/css 2606:4700:310c::ac42:2f83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://charleschwab.pages.dev/assets/login.css

Requested by

Host: charleschwab.pages.dev
URL: https://charleschwab.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:310c::ac42:2f83 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df9cdbf527d39949a14f8c2ba70397c2866904c263a28a42b9bc88453e2d3ca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charleschwab.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 15:25:18 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1a4e2cdc0a7b247cf0fee62d8da4ca24"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MuJtlpdv6e%2Fduk7Ynt8FSW7%2BkrqSdKgvLAUsL41QLwq1efPog4eUwrOyUJNJFg3GYah17I2kCNnANyupxOaYyHWMtS5wSvSHgAFaOUVBmFJc7KeEKr8f0%2BEiv9t7tACUOb%2F6%2F76pT7zLeFfdP%2FIgzJO3YBhR"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 82b2a9eced4c2c59-FRA
alt-svc: h3=":443"; ma=86400

GET
H3

200

https://charleschwab.pages.dev/assets/login.html
https://charleschwab.pages.dev/assets/login

298 KB
36 KB

113ms
113ms

Document
text/html

2606:4700:310c::ac42:2f83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://charleschwab.pages.dev/assets/login

Requested by

Host: charleschwab.pages.dev
URL: https://charleschwab.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2f83 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5b86d4721984705e119a1d59c154e8fca362994f821dd96840eff4cc59250db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://charleschwab.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-ray: 82b2a9ed3a6c6987-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 24 Nov 2023 15:25:18 GMT
etag: W/"032044024e3beab6a53c41f559bafdd7"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QzayhgmFWQ92h6A0xD4Xka4FBriZ%2BHu8JOzewXp1MOmGGReJWki2Ldujw8IG6%2Ff%2BIQrxycnGzA2%2B3nK8FxEvhZokI28JtPn4ylLW53AqQT4%2BHqrFVjYhfua%2BqjAG6pMpcdSTBmuca%2BNW3vFzqppbNeEsFPQr"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-ray: 82b2a9ecfd582c59-FRA
content-length: 0
date: Fri, 24 Nov 2023 15:25:18 GMT
location: /assets/login
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=02HfkyER3ThzaN5N1uu3l4sNHTTj20oCd65qTTWPNbg3HPa7aNZoCK69BkUJHhthwPhZ9BUdeZd2yYMI27%2BoAWZTdu7%2F%2FJpwyNgDOgYhsYM8vU%2FzUIqVKWWDADCWKbqoLK6bY5ig3fRXmC9FN%2F3E7dxI60nN"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 AMEXCards@2x.png
charleschwab.pages.dev/assets/ 14 KB
14 KB 98ms
97ms Image
image/png 2606:4700:310c::ac42:2f83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://charleschwab.pages.dev/assets/AMEXCards@2x.png

Requested by

Host: charleschwab.pages.dev
URL: https://charleschwab.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:310c::ac42:2f83 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

477d30c8790540e03f7bb77f3d29d18e4e7be32c11dcec8fd7dbf67277535783

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charleschwab.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 15:25:18 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "478c5b8788bdf27be75b123790ad5def"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4hvE%2FKdzcDxWEludfrI%2BqBGIYn44S3%2Bv4hJLL8W5g%2BFSm3A4FpbBljXMfbIttEztt1NeGTF%2B%2FsOpAkwfqUYccWcyvfW97%2FSvcPiF6SHpN18LSleZ0iuflB7NEJP%2FK3etEwXsHOKNOSQ2JREHveZW5PmUIuTg"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 82b2a9ecfd642c59-FRA
alt-svc: h3=":443"; ma=86400
content-length: 14480

GET
H2 200 4-SSlices-gift-LILO.png
charleschwab.pages.dev/assets/ 19 KB
20 KB 119ms
118ms Image
image/png 2606:4700:310c::ac42:2f83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://charleschwab.pages.dev/assets/4-SSlices-gift-LILO.png

Requested by

Host: charleschwab.pages.dev
URL: https://charleschwab.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:310c::ac42:2f83 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

397c6656ad5e184656e9abfa07edbf03888f560d01b6301a63bad5a51afcc1b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charleschwab.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 15:25:18 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "cca7ad863c12d977f5c3baa2ad46184e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gPqs6KtBH1wRKTZTzU0V93eVGjbx8TOzgNgfv%2B3OLkWJZttdcmrhsOnEAF9a6hmwRTXmMFlAbTEFZVhMEiEdTV4xKXR5iwwaTFbobZvtBN5WmCO%2BubJ%2B4HTCQesDKaxkTAb0h8YDdwwzu%2BXBF8pf%2FzcMRQwK"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 82b2a9ecfd682c59-FRA
alt-svc: h3=":443"; ma=86400
content-length: 19584

GET
H2 200 hyic%20no%20atm%20fees.png
charleschwab.pages.dev/assets/ 18 KB
18 KB 99ms
98ms Image
image/png 2606:4700:310c::ac42:2f83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://charleschwab.pages.dev/assets/hyic%20no%20atm%20fees.png

Requested by

Host: charleschwab.pages.dev
URL: https://charleschwab.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:310c::ac42:2f83 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

070d46342d1bf3de6c47a86c333d2286b016aea22d6fd394a2e2b8be66c2222a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charleschwab.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 15:25:18 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "ca008a7802ee42aaa29d9b360ab88c27"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O58W%2Fquis5xmjZVOHcMf4kAFLEzfdNAynWcRuIkCZBDt98buhByuKLbO0iNQTht7Xoaqg4S%2FobrHT8%2BHw3TE5RfvvtL%2FnuBGdjYwzsMAozyJFtaOg4Hq3c3YhU7PdzCPDF7xzpvN%2FcFWcExklrNagxEvVigr"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 82b2a9ecfd6a2c59-FRA
alt-svc: h3=":443"; ma=86400
content-length: 18299

GET
H2 200 CS_logo_140x140.jpg
charleschwab.pages.dev/assets/ 35 KB
36 KB 108ms
108ms Image
image/jpeg 2606:4700:310c::ac42:2f83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://charleschwab.pages.dev/assets/CS_logo_140x140.jpg

Requested by

Host: charleschwab.pages.dev
URL: https://charleschwab.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:310c::ac42:2f83 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61de0434d04b57d22f1a273ec9cf1a7fe1ee60b822a7f3f559330951414e3378

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charleschwab.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 15:25:18 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "93770b3f9af9f1b36bc5a524bff574d5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jjJrqevxZQmVLYGSkyxkGUyaQxUbCoGjaAv8Udb1VUR5ekTSbgvpjugWZ4psQFHuoXS1vSo3S%2FXOQuhrxs%2B2pWvnl8iquQ%2FNpRWIxRTBXxC%2BMr9r3fl4uV7QCR0MSkl7M7EvFniIOkWFgmnXiL2%2BEzEMKr4V"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 82b2a9ecfd702c59-FRA
alt-svc: h3=":443"; ma=86400
content-length: 36076

GET
H2 200 powered_by_logo.svg
charleschwab.pages.dev/assets/ 5 KB
2 KB 106ms
106ms Image
image/svg+xml 2606:4700:310c::ac42:2f83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://charleschwab.pages.dev/assets/powered_by_logo.svg

Requested by

Host: charleschwab.pages.dev
URL: https://charleschwab.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:310c::ac42:2f83 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charleschwab.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 15:25:18 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"abfcc415dc9b4da4aa49439bb8bf3e0c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L6bLN9dUIGBuhOshN0rrZH1QE58pgnG%2BTIPfx5PA5LBtE9BAmlUTLTKJskgGMtCHOc87ROm5aReKObdaxfZd%2BZXt%2BP1P1lQmxIkKP%2Bzbdb3cm%2FNjqM1r1N6XThiSJQz%2Fz%2F8so4oiwHb76P3m71w4Q0V1ue5s"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 82b2a9ecfd722c59-FRA
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ccc4d3be744a29473fefe2f313fdae488f460b85a47e8427f748358a54ba048

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 icons.png
client.schwab.com/images/ 46 KB
46 KB 152ms
41ms Image
image/png 92.123.104.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://client.schwab.com/images/icons.png

Requested by

Host: charleschwab.pages.dev
URL: https://charleschwab.pages.dev/assets/login.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

92.123.104.8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a92-123-104-8.deploy.static.akamaitechnologies.com

Software

Resource Hash

4f5b35239a5b6cdaeac327f090a14bdcc0957d526250ca369762fa0e74c23f30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charleschwab.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Fri, 24 Nov 2023 15:25:18 GMT
last-modified: Tue, 19 Sep 2023 17:11:02 GMT
etag: "0d733441cebd91:0"
x-frame-options: SAMEORIGIN
content-type: image/png
f5ip: 162.93.221.100
cache-control: max-age=0, no-cache, no-store
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1700839518403_388605832_272526193_51_13606_24_53_219";dur=1
accept-ranges: bytes
content-length: 46782
x-xss-protection: 1; mode=block
expires: Fri, 24 Nov 2023 15:25:18 GMT

GET
H/1.1 200
OK Login_Background.jpg
content.schwab.com/web/login/ 110 KB
110 KB 277ms
46ms Image
image/jpeg 2.23.209.174
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.schwab.com/web/login/Login_Background.jpg
Requested by: Host: charleschwab.pages.dev
URL: https://charleschwab.pages.dev/assets/login.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.209.174 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-209-174.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 3c1e405db9fdc7ea43f4ac748a546bd54161bdecec8b8756b4e29b1359f2c856

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charleschwab.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 24 Nov 2023 15:25:18 GMT
Last-Modified: Mon, 18 Jul 2022 14:43:48 GMT
Server: Akamai Image Manager
ETag: "ddd5e02fd4df958d8da39b113223dd11:1638552670.165418"
Access-Control-Allow-Methods: GET, GET
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: private, no-transform, max-age=43200
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 112358
Expires: Sat, 25 Nov 2023 03:25:18 GMT

GET
H/1.1 200
OK schwabsafe_logo.svg
content.schwab.com/web/login/ 2 KB
2 KB 381ms
152ms Image
image/svg+xml 2.23.209.174
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.schwab.com/web/login/schwabsafe_logo.svg
Requested by: Host: charleschwab.pages.dev
URL: https://charleschwab.pages.dev/assets/login.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.209.174 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-209-174.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 0c1f7d2d3fa4ed7ec3cf2519cd017ddb5bc8de757e00ed8f84cd8991059a0631

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charleschwab.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 24 Nov 2023 15:25:18 GMT
Last-Modified: Tue, 20 Jun 2017 20:14:24 GMT
Server: AkamaiNetStorage
ETag: "7449c161258eba54600debcbd1229b1d:1497989664"
Access-Control-Allow-Methods: GET
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 2058

GET
H3 200 CharlesModern-Light.woff
charleschwab.pages.dev/fonts/ 155 KB
22 KB 96ms
96ms Font
text/html 2606:4700:310c::ac42:2f83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://charleschwab.pages.dev/fonts/CharlesModern-Light.woff?v=1.0.0

Requested by

Host: charleschwab.pages.dev
URL: https://charleschwab.pages.dev/assets/login.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2f83 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

216f5360efb2a0151cce3a57b826c8b576229a02c95cc4158d47d563e33dc4fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://charleschwab.pages.dev/assets/login.css
Origin: https://charleschwab.pages.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 15:25:18 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"08995f2a714bda7e277118f4029aeb81"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Btr3%2Bo5lUbydvNvE9jBAcvDq%2FjRohXnKn44pZexbnKigdRbOlVyrdTzJBQszDswPUQ%2FdTYZvC4MXOlgCcHeopnGd5Eu7jAz6JencMNVRFuit16hkwN2Nv3R0uh6z9jyPTttqgmm3EtF78ZuLH5mU9hhFBhtK"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 82b2a9edab086987-FRA
alt-svc: h3=":443"; ma=86400

GET CharlesModern-Light.49518a871252ad9f5bc3.woff
sws-gateway-nr.schwab.com/ui/host/ Frame CE47 0
0

GET Schwab-Icon-Font.e876f3a7a6cdedc7d4a7.ttf
sws-gateway-nr.schwab.com/ui/host/ Frame CE47 0
0

GET
H3 200 schwab-secondary.css
charleschwab.pages.dev/assets/ Frame CE47 326 B
726 B 115ms
115ms Stylesheet
text/css 2606:4700:310c::ac42:2f83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://charleschwab.pages.dev/assets/schwab-secondary.css

Requested by

Host: charleschwab.pages.dev
URL: https://charleschwab.pages.dev/assets/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2f83 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a19d67a16a72410c6fac73f333187c2cd36619a189456d274a1aefe5ac522682

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charleschwab.pages.dev/assets/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 15:25:18 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6ad63706dc73cfc9242121fd3525bc0c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8uvL4ClGAatE1c4tYovTVvyUNaMdGv3lQ4Xo80clu1VKl0I7qfyKVtsGbIs5DroVUE%2BIGgQVdfE25OSDz00%2B2V138ChqPObDjTsv9F%2B824%2FUy%2FwW6kh8SauV52oIJYMal0hHch5g4ZTdsEu1MOSP0o8GXU2s"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 82b2a9ee1c096987-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 CharlesModern-Light.ttf
charleschwab.pages.dev/fonts/ 155 KB
22 KB 84ms
84ms Font
text/html 2606:4700:310c::ac42:2f83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://charleschwab.pages.dev/fonts/CharlesModern-Light.ttf?v=1.0.0

Requested by

Host: charleschwab.pages.dev
URL: https://charleschwab.pages.dev/assets/login.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2f83 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

216f5360efb2a0151cce3a57b826c8b576229a02c95cc4158d47d563e33dc4fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://charleschwab.pages.dev/assets/login.css
Origin: https://charleschwab.pages.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 15:25:18 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"08995f2a714bda7e277118f4029aeb81"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ov1OSCesLUmLjVz6nToVg1C46ycFp1m49G48gq9bCEcpkFn2uElPVZksEGmj6kx2GmYgR0nemnDQlR7W2QJyZl8aIe1RaD8AR4Owpu1WksAdTpTsg8hwaDcP1C9ylRFJiEpcmz%2BdeD%2FaocXZ7luy2p5FttCE"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 82b2a9ee4c3f6987-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 onload_sprite.c5ffe4a565563552268f.png
charleschwab.pages.dev/assets/ Frame CE47 5 KB
5 KB 82ms
82ms Image
text/html 2606:4700:310c::ac42:2f83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://charleschwab.pages.dev/assets/onload_sprite.c5ffe4a565563552268f.png

Requested by

Host: charleschwab.pages.dev
URL: https://charleschwab.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2f83 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charleschwab.pages.dev/assets/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 15:25:18 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"08995f2a714bda7e277118f4029aeb81"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LnLoCrjrDQMMGxbd5JtXJrHL9C9Euuw1yTmAlqRUworhZngPuM2aB5lChrpD81G%2F0piUedPqp4phnL3rrXz%2FUGw3c6pPr2U9mWvT6pJF4FmPThD9fucJhvuT09oXpv6XoUq0pGp4ZQAnLNTz1noUZgJUwNzi"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 82b2a9eedd4e6987-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 Schwab-Icon-Font.e876f3a7a6cdedc7d4a7.ttf
charleschwab.pages.dev/assets/ Frame CE47 155 KB
22 KB 115ms
115ms Font
text/html 2606:4700:310c::ac42:2f83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://charleschwab.pages.dev/assets/Schwab-Icon-Font.e876f3a7a6cdedc7d4a7.ttf?gvl1yz

Requested by

Host: charleschwab.pages.dev
URL: https://charleschwab.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2f83 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

216f5360efb2a0151cce3a57b826c8b576229a02c95cc4158d47d563e33dc4fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://charleschwab.pages.dev/assets/login
Origin: https://charleschwab.pages.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 15:25:18 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"08995f2a714bda7e277118f4029aeb81"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PUHJRk7%2BzKn1KMbBVsx%2BN8W2UTB7C0lccieJifIPnmqg3peMHNHIX0wkfVqmeTh84pLBqCYTp51%2BYcb43eR7klJef53iwjoio7qwbffBTR%2FISfnvI%2FEGiFIdQdrzYIv8QRt6B9rZogVV6f9z0ovqC5i%2FodtA"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 82b2a9eedd516987-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 Schwab-Icon-Font.91cd0da84ede93d98cff.woff
charleschwab.pages.dev/assets/ Frame CE47 155 KB
22 KB 82ms
81ms Font
text/html 2606:4700:310c::ac42:2f83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://charleschwab.pages.dev/assets/Schwab-Icon-Font.91cd0da84ede93d98cff.woff?gvl1yz

Requested by

Host: charleschwab.pages.dev
URL: https://charleschwab.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2f83 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

216f5360efb2a0151cce3a57b826c8b576229a02c95cc4158d47d563e33dc4fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://charleschwab.pages.dev/assets/login
Origin: https://charleschwab.pages.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 15:25:18 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"08995f2a714bda7e277118f4029aeb81"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D33uYoJxurdktSJ3ECdLDYpPZzwRQj9oP%2BnxrybUpGr%2BrxM0wo%2FC2bUnbeUcj2Dxji%2F8IRJKiNNKCOpZP9xWaHAIYkSjC%2B%2BtF0R0aGcl5McurdZFEwDY9z6d8hhzl9WIocqy1821Al8QZVb3YH1hebeDgdNd"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 82b2a9ef9e876987-FRA
alt-svc: h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sws-gateway-nr.schwab.com
URL: https://sws-gateway-nr.schwab.com/ui/host/CharlesModern-Light.49518a871252ad9f5bc3.woff

Domain: sws-gateway-nr.schwab.com
URL: https://sws-gateway-nr.schwab.com/ui/host/Schwab-Icon-Font.e876f3a7a6cdedc7d4a7.ttf?gvl1yz

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Charles Schwab (Financial)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://charleschwab.pages.dev/ Message: Failed to decode downloaded font: https://charleschwab.pages.dev/fonts/CharlesModern-Light.woff?v=1.0.0
other	warning	URL: https://charleschwab.pages.dev/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: https://charleschwab.pages.dev/ Message: Failed to decode downloaded font: https://charleschwab.pages.dev/fonts/CharlesModern-Light.ttf?v=1.0.0
other	warning	URL: https://charleschwab.pages.dev/ Message: OTS parsing error: invalid sfntVersion: 1008813135
javascript	error	URL: https://charleschwab.pages.dev/assets/login Message: Access to font at 'https://sws-gateway-nr.schwab.com/ui/host/CharlesModern-Light.49518a871252ad9f5bc3.woff' from origin 'https://charleschwab.pages.dev' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://sws-gateway-nr.schwab.com' that is not equal to the supplied origin.
network	error	URL: https://sws-gateway-nr.schwab.com/ui/host/CharlesModern-Light.49518a871252ad9f5bc3.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://charleschwab.pages.dev/assets/login Message: Access to font at 'https://sws-gateway-nr.schwab.com/ui/host/Schwab-Icon-Font.e876f3a7a6cdedc7d4a7.ttf?gvl1yz' from origin 'https://charleschwab.pages.dev' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://sws-gateway-nr.schwab.com' that is not equal to the supplied origin.
network	error	URL: https://sws-gateway-nr.schwab.com/ui/host/Schwab-Icon-Font.e876f3a7a6cdedc7d4a7.ttf?gvl1yz Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://charleschwab.pages.dev/assets/login Message: Failed to decode downloaded font: https://charleschwab.pages.dev/assets/Schwab-Icon-Font.e876f3a7a6cdedc7d4a7.ttf?gvl1yz
other	warning	URL: https://charleschwab.pages.dev/assets/login Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: https://charleschwab.pages.dev/assets/login Message: Failed to decode downloaded font: https://charleschwab.pages.dev/assets/Schwab-Icon-Font.91cd0da84ede93d98cff.woff?gvl1yz
other	warning	URL: https://charleschwab.pages.dev/assets/login Message: OTS parsing error: invalid sfntVersion: 1008813135
javascript	warning	URL: https://charleschwab.pages.dev/assets/login Message: The resource https://sws-gateway-nr.schwab.com/ui/host/CharlesModern-Light.49518a871252ad9f5bc3.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://charleschwab.pages.dev/assets/login Message: The resource https://sws-gateway-nr.schwab.com/ui/host/Schwab-Icon-Font.e876f3a7a6cdedc7d4a7.ttf?gvl1yz was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

charleschwab.pages.dev
client.schwab.com
content.schwab.com
sws-gateway-nr.schwab.com
sws-gateway-nr.schwab.com
2.23.209.174
2606:4700:310c::ac42:2f83
92.123.104.8
070d46342d1bf3de6c47a86c333d2286b016aea22d6fd394a2e2b8be66c2222a
0c1f7d2d3fa4ed7ec3cf2519cd017ddb5bc8de757e00ed8f84cd8991059a0631
216f5360efb2a0151cce3a57b826c8b576229a02c95cc4158d47d563e33dc4fa
2ccc4d3be744a29473fefe2f313fdae488f460b85a47e8427f748358a54ba048
397c6656ad5e184656e9abfa07edbf03888f560d01b6301a63bad5a51afcc1b9
3c1e405db9fdc7ea43f4ac748a546bd54161bdecec8b8756b4e29b1359f2c856
477d30c8790540e03f7bb77f3d29d18e4e7be32c11dcec8fd7dbf67277535783
4f5b35239a5b6cdaeac327f090a14bdcc0957d526250ca369762fa0e74c23f30
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
61de0434d04b57d22f1a273ec9cf1a7fe1ee60b822a7f3f559330951414e3378
a19d67a16a72410c6fac73f333187c2cd36619a189456d274a1aefe5ac522682
d5b86d4721984705e119a1d59c154e8fca362994f821dd96840eff4cc59250db
df9cdbf527d39949a14f8c2ba70397c2866904c263a28a42b9bc88453e2d3ca8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

charleschwab.pages.dev Open in urlscan Pro 2606:4700:310c::ac42:2f83 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

19 Requests

89 %HTTPS

33 %IPv6

2 Domains

4 Subdomains

4 IPs

2 Countries

411 kBTransfer

1364 kBSize

0 Cookies

0 Outgoing links

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

2 JavaScript Global Variables

0 Cookies

14 Console Messages

Security Headers

Indicators

charleschwab.pages.dev Open in urlscan Pro
2606:4700:310c::ac42:2f83 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

89 %
HTTPS

33 %
IPv6

2
Domains

4
Subdomains

4
IPs

2
Countries

411 kB
Transfer

1364 kB
Size

0
Cookies

19 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!