shdj5vty.web.app
Open in
urlscan Pro
2620:0:890::100
Malicious Activity!
Public Scan
Submission: On November 02 via api from US — Scanned from US
Summary
TLS certificate: Issued by GTS CA 1D4 on September 11th 2023. Valid for: 3 months.
This is the only time shdj5vty.web.app was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: State Bank of India (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
20 | 2620:0:890::100 2620:0:890::100 | 54113 (FASTLY) (FASTLY) | |
1 | 2606:4700:303... 2606:4700:3037::ac43:c6a7 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
21 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
20 |
web.app
shdj5vty.web.app |
236 KB |
1 |
fire9s.store
s3.fire9s.store |
553 B |
21 | 2 |
Domain | Requested by | |
---|---|---|
20 | shdj5vty.web.app |
shdj5vty.web.app
|
1 | s3.fire9s.store |
shdj5vty.web.app
|
21 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
web.app GTS CA 1D4 |
2023-09-11 - 2023-12-10 |
3 months | crt.sh |
fire9s.store GTS CA 1P5 |
2023-10-27 - 2024-01-25 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://shdj5vty.web.app/zoc
Frame ID: FB2F45594B6E50B5900DE5517D7565ED
Requests: 21 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
zoc
shdj5vty.web.app/ |
2 KB 976 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d0dfcb0560db59a8.css
shdj5vty.web.app/_next/static/css/ |
226 B 220 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d71af37c6f724682.css
shdj5vty.web.app/_next/static/css/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webpack-2555a4296ab7a1b2.js
shdj5vty.web.app/_next/static/chunks/ |
2 KB 896 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
framework-0c7baedefba6b077.js
shdj5vty.web.app/_next/static/chunks/ |
138 KB 39 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-42179ded43970b77.js
shdj5vty.web.app/_next/static/chunks/ |
113 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_app-20a99e2f084b1c2f.js
shdj5vty.web.app/_next/static/chunks/pages/ |
518 B 395 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
345-13de6a4b2bb01440.js
shdj5vty.web.app/_next/static/chunks/ |
10 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index-af7acf9ef88590c6.js
shdj5vty.web.app/_next/static/chunks/pages/ |
18 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_buildManifest.js
shdj5vty.web.app/_next/static/tn4N0BzsyfS7RDBWWwGJi/ |
1 KB 564 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_ssgManifest.js
shdj5vty.web.app/_next/static/tn4N0BzsyfS7RDBWWwGJi/ |
77 B 175 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ujnyj.gif
shdj5vty.web.app/ |
84 KB 57 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
354-4e020a05081b574c.js
shdj5vty.web.app/_next/static/chunks/ |
52 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
zoc-ec93f71f8da9221e.js
shdj5vty.web.app/_next/static/chunks/pages/ |
14 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
d71af37c6f724682.css
shdj5vty.web.app/_next/static/css/ |
6 KB 2 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
eog.json
shdj5vty.web.app/ |
3 KB 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
csrf
s3.fire9s.store/ |
18 B 553 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ujnyj.gif
shdj5vty.web.app/ |
84 KB 57 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
nhdgz.png
shdj5vty.web.app/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pemju.png
shdj5vty.web.app/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
zpmqp.png
shdj5vty.web.app/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: State Bank of India (Banking)11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture object| webpackChunk_N_E function| __next_set_public_path__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31556926; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
s3.fire9s.store
shdj5vty.web.app
2606:4700:3037::ac43:c6a7
2620:0:890::100
18d88c6fb86e31d9715e71ff60570abfb768363d7670cb84737a0474d2f5913a
1cd1cca3aebcdd10c33d713a95479909354ddbc5d5ad9761466ac27ea528895d
39e8187a6f09a1ddd94989c429ccc81c9c5163789a673bac36a6421099ed3e0a
5b4cab169c84a00f0abfbeb25c5423d24e145d9cfefed5aa4340380b295ae897
5ee00fbff07ffe556b1e31f6b867ae27c8ea161f6d893625a46c2f1c93eb974e
69a63c47f61edeff7561553a7ead0adf7c2769c64edb8dca44278c9f0eec4e57
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
7dc9f0f8fef396471dea6e48b61ce730dcab6c60a67f98e0728a9361d5beafbe
8548f0e5d0ad9f008612807170927d4e3126c46496c184c05f0fb1ce4b728003
a0fbb2f835713a0319bc2e5b516fc9005ab3856dcb374244adbfaeb9bee345e1
b175feb97a2c81c37b10b1b9ddca900b7b782cdde0f531438d2207a568702d66
bd0088f2443653ac5308ecf3abd635cebb2f55d362caf535585402e5e8bfb7e7
c16b2c1c170a6a51a9b90eebd52ba6d4bfe241ec8ce08e1a7ce503225f3a8cc6
d475792eb994ab10747563a804164114f676511cda598b21343da540e3d1e826
e13a140eb02881e258066cfae7898eea20fb047befb4feddfe37ac4ec9d43b16
eaeb62fecd7b97b1d577a44839c23770c5d161d9756329ed412670563971eb7e
eb8ad9692cfcff75653ab24817eb6660bcab14315171561893622653f6df644d
f20341d10f38cdd21682e82ea27bfbf02b5501f3da28c76b1596a1318b331da6
f20ced2117169de6d2fccf64a35e1dd34542868a5a7072f4380a20877cfac873