scvbxd3f.web.app
Open in
urlscan Pro
2620:0:890::100
Malicious Activity!
Public Scan
Submission: On June 20 via api from JP — Scanned from JP
Summary
TLS certificate: Issued by GTS CA 1D4 on May 10th 2023. Valid for: 3 months.
This is the only time scvbxd3f.web.app was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: State Bank of India (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
16 | 2620:0:890::100 2620:0:890::100 | 54113 (FASTLY) (FASTLY) | |
1 | 2606:4700:303... 2606:4700:3037::ac43:c6a7 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
17 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
web.app
scvbxd3f.web.app |
179 KB |
1 |
fire9s.store
s3.fire9s.store |
556 B |
17 | 2 |
Domain | Requested by | |
---|---|---|
16 | scvbxd3f.web.app |
scvbxd3f.web.app
|
1 | s3.fire9s.store |
scvbxd3f.web.app
|
17 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
web.app GTS CA 1D4 |
2023-05-10 - 2023-08-08 |
3 months | crt.sh |
fire9s.store GTS CA 1P5 |
2023-05-03 - 2023-08-01 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://scvbxd3f.web.app/
Frame ID: 94520A12EB7028EC19CE25E53EC23B20
Requests: 21 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
scvbxd3f.web.app/ |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
90e6928e1aedc4df.css
scvbxd3f.web.app/_next/static/css/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webpack-fd9fb29a92855ab4.js
scvbxd3f.web.app/_next/static/chunks/ |
2 KB 875 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
framework-fe99aa755573eedd.js
scvbxd3f.web.app/_next/static/chunks/ |
138 KB 39 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-a307755b2b1681d8.js
scvbxd3f.web.app/_next/static/chunks/ |
103 KB 27 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_app-620102ba3a9296b8.js
scvbxd3f.web.app/_next/static/chunks/pages/ |
916 B 546 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
345-cee1cc72e673cadd.js
scvbxd3f.web.app/_next/static/chunks/ |
11 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index-d9d8193487824b96.js
scvbxd3f.web.app/_next/static/chunks/pages/ |
14 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_buildManifest.js
scvbxd3f.web.app/_next/static/GVtcB2SqpUey8RUuzeVfO/ |
1 KB 531 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_ssgManifest.js
scvbxd3f.web.app/_next/static/GVtcB2SqpUey8RUuzeVfO/ |
77 B 175 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
42 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
loading.gif
scvbxd3f.web.app/ |
85 KB 58 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
474-307f9b5572384005.js
scvbxd3f.web.app/_next/static/chunks/ |
74 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
m1-fdfc029f0f74aedd.js
scvbxd3f.web.app/_next/static/chunks/pages/ |
9 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
79 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
79 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
csrf
s3.fire9s.store/ |
18 B 556 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
78 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
irfl.png
scvbxd3f.web.app/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ci.png
scvbxd3f.web.app/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
vy.png
scvbxd3f.web.app/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: State Bank of India (Banking)13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| onbeforetoggle object| onscrollend object| webpackChunk_N_E function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P undefined| _N_E object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31556926; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
s3.fire9s.store
scvbxd3f.web.app
2606:4700:3037::ac43:c6a7
2620:0:890::100
1a425f80d428f6350118765e5783e57a9687bbd0e3cdd406a32fe5c143b9889b
31000bc2bdfb5bc2539ac338fa356a2738b257b1cc8ce1f69dea3e12f445f1a5
3a6914a479d39bb153b085db380a34922cc5af9aa760efa097b4aace9772809f
424620e6e9bab48b0c5496325e13f91d556f2d7ee039bf6f534ac156333dcb6e
492bb09cc78bc3fc9fa5af04c15d3354c8d367519b4b1894e40207465b93d4d9
4ab3fd859be793021e8a2f84e7efad528c47462bfad6729fe1e3464f4f643af4
4bb744d9a4825212206284a1f696244359c0bfd408742b85b76b90d69ab8ccdc
6addec2f9d38dd97b2c8575d5e08f636ec504e7f99965c44cedd01a70234e95f
6d2d3b076e627ebec0a2133ac2bf41276ac20193aa680ac3d519d02497a3b8de
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
7da635e5ce6863fd052ad41ec5656a0c5690960defe45155d4f8d05aeb098755
87cf31bd36cd73061f07492c8a01f8c7d4723f0d6a8b11a14127267024d6d2f2
986829c5756fa967f63734f46eb38d24fdb060ec111bf0d6750f2453d00e889e
9bdc421a8c6f25b3a0a912095fd35e72c56155e92d76e50b80c251f21d957119
a04145f2cf897ab444a33a8b48829e68dba4abf3fbf03bda987e88c83dae1d86
b4834dea0e32b639fd548ee6639d3a9d65971c90a6aa37a256c11216af55faad
c5528c6feebcfce9f80b04128dc1cbf49d203568ad9be73dd7abeb44647c6f7e
d05b9b43ac8657604d4146899f3cfab91acb42df7a71a23eb36904e060c4db43
d46732ce62769d8c6772b44ee37094f52846381ffa1f7c543a5c6a9380b2b3e6
ebcb55a6992db8f893357b619c778aa8f53fb6e3764ec6289d9461b625f2aeda
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629