dev-myjobportal.pantheonsite.io
Open in
urlscan Pro
2620:12a:8001::2
Malicious Activity!
Public Scan
Submission: On June 15 via automatic, source openphish — Scanned from DE
Summary
TLS certificate: Issued by R3 on April 22nd 2024. Valid for: 3 months.
This is the only time dev-myjobportal.pantheonsite.io was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Visa (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 | 2620:12a:8001::2 2620:12a:8001::2 | 54113 (FASTLY) (FASTLY) | |
1 | 139.112.170.16 139.112.170.16 | 5619 (EVRY-NO T...) (EVRY-NO TietoEVRY Norway) | |
7 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
pantheonsite.io
dev-myjobportal.pantheonsite.io |
38 KB |
1 |
edb.com
secure.edb.com |
2 KB |
7 | 2 |
Domain | Requested by | |
---|---|---|
6 | dev-myjobportal.pantheonsite.io |
dev-myjobportal.pantheonsite.io
|
1 | secure.edb.com | |
7 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
pantheonsite.io R3 |
2024-04-22 - 2024-07-21 |
3 months | crt.sh |
secure.edb.com Buypass Class 3 CA 2 |
2024-03-21 - 2025-04-06 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://dev-myjobportal.pantheonsite.io/includes/8d5b33f14414f57a19d06fcff76c39fa/accept.html
Frame ID: C5E86D7D8CFE2EB8D4EF3FEA518EF937
Requests: 13 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
accept.html
dev-myjobportal.pantheonsite.io/includes/8d5b33f14414f57a19d06fcff76c39fa/ |
22 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common_auth.css
dev-myjobportal.pantheonsite.io/includes/8d5b33f14414f57a19d06fcff76c39fa/src/ |
9 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bidm.css
dev-myjobportal.pantheonsite.io/includes/8d5b33f14414f57a19d06fcff76c39fa/src/ |
42 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3625.css
dev-myjobportal.pantheonsite.io/includes/8d5b33f14414f57a19d06fcff76c39fa/src/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vbm_blu01r.png
dev-myjobportal.pantheonsite.io/includes/8d5b33f14414f57a19d06fcff76c39fa/src/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3625_banklogo.jpeg
dev-myjobportal.pantheonsite.io/includes/8d5b33f14414f57a19d06fcff76c39fa/src/ |
12 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
9 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
760 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
287 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
338 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
898 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
240 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3625.ico
secure.edb.com/static/secure3d/images/common/favicons/ |
1 KB 2 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Visa (Financial)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=300 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
dev-myjobportal.pantheonsite.io
secure.edb.com
139.112.170.16
2620:12a:8001::2
254868d92f9456d518064051d29f9ff0532bf9a5da291b06f8accb0900e40072
304c378b4700d25f783a2a7d6142c0b4d9dd9df890722064788eee96a12999d8
31412635ed02fd2c9a9ac4c4d9093c0601a687cfe305aba0dea75c1943d7dd72
5d4ff4117e8f7f9da541cba635327a05770499b79e51e32e679c2923a4bc27b2
6d1a13547d41b9e611e6ca654d8f475b821050539e2bb0714973ac35d67db02f
747312e0c4caebec5e356cb9de4a170632c78f10e784c644e0fd3b4d48faaac0
75e0432c9e18f162325427722e77798b9a5e14e333bc84d12b758df77fc92c60
7dc366a210daa822bf1d57acad65c792f1687e8f71318770b1a7c2843e9088a7
7e0590d63a4ca29f0d4e3e33f38ec65230e70b8b57915d4e6533f8b5e8948fd3
7e2036b1455c31bd42d2ad4334698ff9108f7eae94274fa6700df6f13656813f
7f766030e9de9c68acdacfc671963f8cd00ba8783fc9c25e1d3f3319ebbecbd1
e9f665238e94d159d8b439ac29f6c644dfd1e1e3843e4f1425943986e1136693
f4eb244555324863a9067686a9e08c9bd7db827ed8dd9a0de8a3cdbc32b66437