www.mindworkzz.in
Open in
urlscan Pro
166.62.27.185
Malicious Activity!
Public Scan
Effective URL: http://www.mindworkzz.in/site_media/fe04b2c2-7da8-11e7-8fc6-0a95dd7a28c3/css/pnc.htm
Submission: On February 15 via manual from US
Summary
This is the only time www.mindworkzz.in was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: PNC Financial (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 69.162.109.242 69.162.109.242 | 46475 (LIMESTONE...) (LIMESTONENETWORKS - Limestone Networks) | |
1 | 166.62.27.185 166.62.27.185 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com) | |
20 | 104.109.81.44 104.109.81.44 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
7 | 162.252.74.5 162.252.74.5 | 11054 (LIVEPERSON) (LIVEPERSON - LivePerson) | |
5 | 104.109.71.17 104.109.71.17 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
34 | 5 |
ASN46475 (LIMESTONENETWORKS - Limestone Networks, Inc., US)
PTR: 242-109-162-69.static.reverse.lstn.net
www.totalclimaac.com |
ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-166-62-27-185.ip.secureserver.net
www.mindworkzz.in |
ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-81-44.deploy.static.akamaitechnologies.com
www.onlinebanking.pnc.com |
ASN11054 (LIVEPERSON - LivePerson, Inc., US)
sales.liveperson.net |
ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-71-17.deploy.static.akamaitechnologies.com
content.pncmc.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
20 |
pnc.com
www.onlinebanking.pnc.com |
122 KB |
7 |
liveperson.net
sales.liveperson.net |
82 KB |
5 |
pncmc.com
content.pncmc.com |
5 KB |
1 |
mindworkzz.in
www.mindworkzz.in |
4 KB |
1 |
totalclimaac.com
www.totalclimaac.com |
484 B |
34 | 5 |
Domain | Requested by | |
---|---|---|
20 | www.onlinebanking.pnc.com |
www.mindworkzz.in
|
7 | sales.liveperson.net |
www.onlinebanking.pnc.com
www.totalclimaac.com |
5 | content.pncmc.com | |
1 | www.mindworkzz.in | |
1 | www.totalclimaac.com | |
34 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.pnc.com |
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://www.mindworkzz.in/site_media/fe04b2c2-7da8-11e7-8fc6-0a95dd7a28c3/css/pnc.htm
Frame ID: (F49B65794E98FEB82540D58BCF243C32)
Requests: 34 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://www.totalclimaac.com/wp-content/plugins/masterposts/functions/js/forms.asp.htm Page URL
- http://www.mindworkzz.in/site_media/fe04b2c2-7da8-11e7-8fc6-0a95dd7a28c3/css/pnc.htm Page URL
Detected technologies
UNIX (Operating Systems) ExpandDetected patterns
- headers server /Unix/i
OpenSSL (Web Server Extensions) Expand
Detected patterns
- headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Home
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://www.totalclimaac.com/wp-content/plugins/masterposts/functions/js/forms.asp.htm Page URL
- http://www.mindworkzz.in/site_media/fe04b2c2-7da8-11e7-8fc6-0a95dd7a28c3/css/pnc.htm Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
34 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
forms.asp.htm
www.totalclimaac.com/wp-content/plugins/masterposts/functions/js/ |
166 B 484 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
pnc.htm
www.mindworkzz.in/site_media/fe04b2c2-7da8-11e7-8fc6-0a95dd7a28c3/css/ |
17 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common.css
www.onlinebanking.pnc.com/css2/ |
212 KB 37 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
unathenticated_mtagconfig.js
www.onlinebanking.pnc.com/JavaScriptLib/ |
6 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lock.png
www.onlinebanking.pnc.com/Images2/wrapper/ |
555 B 783 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
reset.css
www.onlinebanking.pnc.com/css2/ |
1 KB 853 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg_fade.png
www.onlinebanking.pnc.com/Images2/wrapper/ |
396 B 624 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
topHeader_bg_pop.png
www.onlinebanking.pnc.com/Images2/wrapper/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
navSprite.png
www.onlinebanking.pnc.com/Images2/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
noNav_bg_pop.png
www.onlinebanking.pnc.com/Images2/wrapper/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
footer_bot_pop.png
www.onlinebanking.pnc.com/Images2/wrapper/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
content_bg_pop.png
www.onlinebanking.pnc.com/Images2/wrapper/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
first_current.png
www.onlinebanking.pnc.com/Images2/progressBar/ |
520 B 747 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
last_incomplete.png
www.onlinebanking.pnc.com/Images2/progressBar/ |
531 B 758 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
errorPanelSprite.png
www.onlinebanking.pnc.com/Images2/ |
53 KB 53 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
topRight_gray.png
www.onlinebanking.pnc.com/Images2/panels/Error/ |
234 B 461 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_I.png
www.onlinebanking.pnc.com/Images2/Icons/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
botRight_gray.png
www.onlinebanking.pnc.com/Images2/panels/Error/ |
221 B 447 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
panelSprite.png
www.onlinebanking.pnc.com/Images2/ |
712 B 940 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
topRight.png
www.onlinebanking.pnc.com/Images2/panels/ |
269 B 497 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
panelHeadSprite.png
www.onlinebanking.pnc.com/Images2/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
button.png
www.onlinebanking.pnc.com/Images2/buttons/ |
477 B 704 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mTag.js
sales.liveperson.net/hcp/html/ |
17 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
sales.liveperson.net/hc/82247026/ |
59 KB 60 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
chatButton.png
content.pncmc.com/live/pnc/personal/onlinebanking/chat/buttons/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
repoffline.gif
content.pncmc.com/live/pnc/personal/onlinebanking/chat/buttons/ |
43 B 322 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
repoccupied.gif
content.pncmc.com/live/pnc/personal/onlinebanking/chat/buttons/ |
43 B 322 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
transparent.gif
content.pncmc.com/live/pnc/personal/onlinebanking/chat/buttons/ |
43 B 322 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
chatButton_esp.png
content.pncmc.com/live/pnc/personal/onlinebanking/chat/buttons/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
transparent.gif
sales.liveperson.net/visitor/liveperson/chat-button/ |
43 B 321 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
sales.liveperson.net/hc/82247026/ |
2 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
sales.liveperson.net/hc/82247026/ |
119 B 548 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
sales.liveperson.net/hc/82247026/ |
188 B 617 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
sales.liveperson.net/hc/82247026/ |
94 B 522 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: PNC Financial (Banking)22 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| doFocus string| lpUnit object| lpMTagConfig function| lpAddMonitorTag function| lpAddVars function| onloadEMT function| lpTrimSpaces function| lpSendData string| lpLanguage function| adjustLoadingDelays function| hcArrayStorage function| lpRequest function| lpConnectionLibrary object| lpJSLib object| lpConnLib function| lpMonitorTag object| lpLazy object| lpMTag function| lpJSLibrary object| lpOpenPlatformNS object| lpMTagDebug object| lpMTagStatic0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
content.pncmc.com
sales.liveperson.net
www.mindworkzz.in
www.onlinebanking.pnc.com
www.totalclimaac.com
104.109.71.17
104.109.81.44
162.252.74.5
166.62.27.185
69.162.109.242
01a6d77817c9b34c14b2a5f5a0d5349b8c1083b231453c20ad99aff0b168bd1e
07e62b17dac63607b07482fe1f71a83d78030b16b0bc696fcb315870d24b8154
15a2b929f53fc70438d185402f26083cc9996e2c8dddc66a8f8b343c0dddf6db
2124c34a15a29e7eba93fa7a3ac6938b050c5552a61af0757ca91cdf56c9f3d8
335ac55b62b142644fc7321db45c7d28b5a25a1ab7d0f462cc10f5dbe3cc2806
3786374716639d00ef7ec480112c955785ac2c5530cc5a5589a39c3c360a545e
4359e9ab1d413ec2b950c8be163145e2b4ca3ddb9040475d0eeb553b669b39d4
464d9fd82f088606c392c90f29931895d3179a7230289f59383dffd95b9daf28
4852b2648e5cc6cb451cd9a20555e7697b5639da502a80de8a59288ba33ae044
51bc4292bff9c58fba996f9d203903e870281d4c08aba2ee8b8f727656ad7e97
5c7484f3edb6fe12bee237d7a090c728a3a2fa2cdf61b7637953fadd404fcaa3
8971453f64f10b5cdc448381924c4667158bd75e01d69b4ba8bf1eea2d705a68
8f627a1bc41d9e386aa23d6ca285ef9a5ec29adfd370c4258543b3b776c42c24
90bb22569cb72cf79ea62f5f8e02944589bca6531d9592cc141062160adb7839
95326c99fd04b8da1c1d4ff94f4b58df67462bd340243b76886a8ff289f59d91
a6f2359e57dba10f34837d337e1b10065cdbcf3926baa09acd2e131843f3bf54
aa36793547ab221105eddf4be15c79a003df96da900b560a374da118e24b4b7b
aa748170e90aae7895d962e899dcbe51ccd857a64b0b2fa578630f32eec51276
aaa7260eb78a161f0348e3a720e043daf4e02db7e6d996fb56aaca81aa8f3aac
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42789576d10ba6b925cad8dfdee8764d94ecb5ac4094cb401fa32a397aba4cd
b741d3b9a6bdde3a6abe2ed8f2adef6e5dd4d27abd9594ae84242d122f1adfe7
baec79df3a0af5f3a8e43ca7e1064cbe8361f683fb962efcb41a976ac2205d96
c012386ef1035352701d7a103c1d372637338668b5af8cef4a0bafd3ed220b25
c0e772e4399ca6ca2283b11556bc17f9e29d857100fef9f630bd116d742b6378
c32cf8203553db41cf3ced70cf8fce2db2d937d4f775b5610e689ff7654fb088
c3394d76a2fb2f5046fa769739dfa1133853ab930bd1349023cfc31b5acb6a63
c76aa502f8ab168446cf78cc12dbc4cec0ce406b2db50dc6a1639ea432b6e28f
e562f7be86d073f2eee84384e3b9d25963de8938aa7c87e27bc72fd0711863fe
fb8dc6f43f5fef822508fe0429d55e26c1082db8e300f56bee728b6b2de58c47
fd2ac4b4a6cbe24b760d8863823e7ddc270f13e1de8f726e95bec2a1ad668aaa