urlscan.io logo urlscan.io
SecurityTrails logo

www.halifax-system-online-migrate.com Open in urlscan Pro
185.222.203.13  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.halifax-system-online-migrate.com/
Effective URL: https://www.halifax-system-online-migrate.com/Login.php?sslchannel=true&sessionid=0aXWBq7z8O5Znu5xedMLc4HubH1FnvLnGJkharRifWhDrnaFAXrN29hdQjSe...
Submission: On May 16 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 19 HTTP transactions. The main IP is 185.222.203.13, located in Germany and belongs to UVL2-ASN, UA. The main domain is www.halifax-system-online-migrate.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 16th 2019. Valid for: 3 months.
This is the only time www.halifax-system-online-migrate.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Halifax Bank (Banking)

Domain & IP information

IP Address AS Autonomous System
16 185.222.203.13 204725 (UVL2-ASN)
2 68.232.35.180 15133 (EDGECAST)
19 3
Domain Requested by
16 www.halifax-system-online-migrate.com www.halifax-system-online-migrate.com
2 tags.tiqcdn.com www.halifax-system-online-migrate.com
tags.tiqcdn.com
19 2

This site contains no links.

Subject Issuer Validity Valid
halifax-system-online-migrate.com
Let's Encrypt Authority X3		 2019-05-16 -
2019-08-14		 3 months crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA		 2017-10-25 -
2020-05-13		 3 years crt.sh

This page contains 1 frames:

Primary Page: https://www.halifax-system-online-migrate.com/Login.php?sslchannel=true&sessionid=0aXWBq7z8O5Znu5xedMLc4HubH1FnvLnGJkharRifWhDrnaFAXrN29hdQjSePEBvoVNymEQCB8g2vqI6n9TpjbC9uvnkaZPyVD6iiXUT5aWBBEIYOCn7O0hiwFDGFsfA6l
Frame ID: 9311B30E7B7E88FF0EA12F1261D27049
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.halifax-system-online-migrate.com/ Page URL
  2. https://www.halifax-system-online-migrate.com/Login.php?sslchannel=true&sessionid=0aXWBq7z8O5Znu5xedMLc4HubH1FnvLnGJkharRi... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • env /^s_(?:account|objectID|code|INST)$/i
Overall confidence: 100%
Detected patterns
  • script /^\/\/tags\.tiqcdn\.com\//i
Overall confidence: 100%
Detected patterns
  • env /^(?:WTOptimize|WebTrends)/i

Page Statistics

19
Requests

95 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

1307 kB
Transfer

1710 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.halifax-system-online-migrate.com/ Page URL
  2. https://www.halifax-system-online-migrate.com/Login.php?sslchannel=true&sessionid=0aXWBq7z8O5Znu5xedMLc4HubH1FnvLnGJkharRifWhDrnaFAXrN29hdQjSePEBvoVNymEQCB8g2vqI6n9TpjbC9uvnkaZPyVD6iiXUT5aWBBEIYOCn7O0hiwFDGFsfA6l Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set /
www.halifax-system-online-migrate.com/ 		254 B
656 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.halifax-system-online-migrate.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.222.203.13 , Germany, ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Host
www.halifax-system-online-migrate.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 13:11:28 GMT
Server
Apache
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Set-Cookie
PHPSESSID=6hhafl56hrbpgljn9bfh6fpiq3; path=/
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Primary Request Login.php
www.halifax-system-online-migrate.com/ 		8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.halifax-system-online-migrate.com/Login.php?sslchannel=true&sessionid=0aXWBq7z8O5Znu5xedMLc4HubH1FnvLnGJkharRifWhDrnaFAXrN29hdQjSePEBvoVNymEQCB8g2vqI6n9TpjbC9uvnkaZPyVD6iiXUT5aWBBEIYOCn7O0hiwFDGFsfA6l
Requested by
Host: www.halifax-system-online-migrate.com
URL: https://www.halifax-system-online-migrate.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.222.203.13 , Germany, ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software
Apache /
Resource Hash
e271c6425555cbdc1504cdacc8ad22a9aa2848c0531193bf1bdc70dd54ec8322

Request headers

Host
www.halifax-system-online-migrate.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://www.halifax-system-online-migrate.com/
Accept-Encoding
gzip, deflate, br
Cookie
PHPSESSID=6hhafl56hrbpgljn9bfh6fpiq3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.halifax-system-online-migrate.com/

Response headers

Date
Thu, 16 May 2019 13:11:28 GMT
Server
Apache
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
adrum-ext.js
www.halifax-system-online-migrate.com/assets/files/ 		26 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.halifax-system-online-migrate.com/assets/files/adrum-ext.js
Requested by
Host: www.halifax-system-online-migrate.com
URL: https://www.halifax-system-online-migrate.com/Login.php?sslchannel=true&sessionid=0aXWBq7z8O5Znu5xedMLc4HubH1FnvLnGJkharRifWhDrnaFAXrN29hdQjSePEBvoVNymEQCB8g2vqI6n9TpjbC9uvnkaZPyVD6iiXUT5aWBBEIYOCn7O0hiwFDGFsfA6l
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.222.203.13 , Germany, ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software
Apache /
Resource Hash
a582e146025e7bfd917b026597e89ec66f86bb56ed2bafbf354606662caa230a

Request headers

Referer
https://www.halifax-system-online-migrate.com/Login.php?sslchannel=true&sessionid=0aXWBq7z8O5Znu5xedMLc4HubH1FnvLnGJkharRifWhDrnaFAXrN29hdQjSePEBvoVNymEQCB8g2vqI6n9TpjbC9uvnkaZPyVD6iiXUT5aWBBEIYOCn7O0hiwFDGFsfA6l
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 13:11:28 GMT
Last-Modified
Sat, 06 Apr 2019 22:56:38 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
26136
utag_003.js
www.halifax-system-online-migrate.com/assets/files/ 		343 KB
344 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.halifax-system-online-migrate.com/assets/files/utag_003.js
Requested by
Host: www.halifax-system-online-migrate.com
URL: https://www.halifax-system-online-migrate.com/Login.php?sslchannel=true&sessionid=0aXWBq7z8O5Znu5xedMLc4HubH1FnvLnGJkharRifWhDrnaFAXrN29hdQjSePEBvoVNymEQCB8g2vqI6n9TpjbC9uvnkaZPyVD6iiXUT5aWBBEIYOCn7O0hiwFDGFsfA6l
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.222.203.13 , Germany, ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software
Apache /
Resource Hash
e5f05f865ddbed8b1a760cadf76ccf41a071dc3d83454da4ac4235c6e70209f6

Request headers

Referer
https://www.halifax-system-online-migrate.com/Login.php?sslchannel=true&sessionid=0aXWBq7z8O5Znu5xedMLc4HubH1FnvLnGJkharRifWhDrnaFAXrN29hdQjSePEBvoVNymEQCB8g2vqI6n9TpjbC9uvnkaZPyVD6iiXUT5aWBBEIYOCn7O0hiwFDGFsfA6l
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 13:11:30 GMT
Last-Modified
Sat, 06 Apr 2019 22:56:38 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
351514
utag-1548761392.js
www.halifax-system-online-migrate.com/assets/files/ 		267 KB
267 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.halifax-system-online-migrate.com/assets/files/utag-1548761392.js
Requested by
Host: www.halifax-system-online-migrate.com
URL: https://www.halifax-system-online-migrate.com/Login.php?sslchannel=true&sessionid=0aXWBq7z8O5Znu5xedMLc4HubH1FnvLnGJkharRifWhDrnaFAXrN29hdQjSePEBvoVNymEQCB8g2vqI6n9TpjbC9uvnkaZPyVD6iiXUT5aWBBEIYOCn7O0hiwFDGFsfA6l
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.222.203.13 , Germany, ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software
Apache /
Resource Hash
771333c2623013f4e5c21bf80438a802b8cbe764ab4d3d42f206e02b875fe2f0

Request headers

Referer
https://www.halifax-system-online-migrate.com/Login.php?sslchannel=true&sessionid=0aXWBq7z8O5Znu5xedMLc4HubH1FnvLnGJkharRifWhDrnaFAXrN29hdQjSePEBvoVNymEQCB8g2vqI6n9TpjbC9uvnkaZPyVD6iiXUT5aWBBEIYOCn7O0hiwFDGFsfA6l
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 13:11:29 GMT
Last-Modified
Sat, 06 Apr 2019 22:56:38 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
273478
base-auto-min190206.css
www.halifax-system-online-migrate.com/assets/files/ 		81 KB
82 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.halifax-system-online-migrate.com/assets/files/base-auto-min190206.css
Requested by
Host: www.halifax-system-online-migrate.com
URL: https://www.halifax-system-online-migrate.com/Login.php?sslchannel=true&sessionid=0aXWBq7z8O5Znu5xedMLc4HubH1FnvLnGJkharRifWhDrnaFAXrN29hdQjSePEBvoVNymEQCB8g2vqI6n9TpjbC9uvnkaZPyVD6iiXUT5aWBBEIYOCn7O0hiwFDGFsfA6l
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.222.203.13 , Germany, ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software
Apache /
Resource Hash
df70a50a24db92a7690e247540756ca807f27b6aa7d5048007f6f7cd2279cfe0

Request headers

Referer
https://www.halifax-system-online-migrate.com/Login.php?sslchannel=true&sessionid=0aXWBq7z8O5Znu5xedMLc4HubH1FnvLnGJkharRifWhDrnaFAXrN29hdQjSePEBvoVNymEQCB8g2vqI6n9TpjbC9uvnkaZPyVD6iiXUT5aWBBEIYOCn7O0hiwFDGFsfA6l
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 13:11:29 GMT
Last-Modified
Sat, 06 Apr 2019 22:56:38 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
83419
scriptsnippet.js
www.halifax-system-online-migrate.com/assets/files/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.halifax-system-online-migrate.com/assets/files/scriptsnippet.js
Requested by
Host: www.halifax-system-online-migrate.com
URL: https://www.halifax-system-online-migrate.com/Login.php?sslchannel=true&sessionid=0aXWBq7z8O5Znu5xedMLc4HubH1FnvLnGJkharRifWhDrnaFAXrN29hdQjSePEBvoVNymEQCB8g2vqI6n9TpjbC9uvnkaZPyVD6iiXUT5aWBBEIYOCn7O0hiwFDGFsfA6l
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.222.203.13 , Germany, ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software
Apache /
Resource Hash
1f709865a17ca0403e2a8114780a98595bbf0a465e2b15ee787163af39d4d81d

Request headers

Referer
https://www.halifax-system-online-migrate.com/Login.php?sslchannel=true&sessionid=0aXWBq7z8O5Znu5xedMLc4HubH1FnvLnGJkharRifWhDrnaFAXrN29hdQjSePEBvoVNymEQCB8g2vqI6n9TpjbC9uvnkaZPyVD6iiXUT5aWBBEIYOCn7O0hiwFDGFsfA6l
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 13:11:30 GMT
Last-Modified
Sat, 06 Apr 2019 22:56:38 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
9135
adrum.js
www.halifax-system-online-migrate.com/assets/files/ 		10 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.halifax-system-online-migrate.com/assets/files/adrum.js
Requested by
Host: www.halifax-system-online-migrate.com
URL: https://www.halifax-system-online-migrate.com/Login.php?sslchannel=true&sessionid=0aXWBq7z8O5Znu5xedMLc4HubH1FnvLnGJkharRifWhDrnaFAXrN29hdQjSePEBvoVNymEQCB8g2vqI6n9TpjbC9uvnkaZPyVD6iiXUT5aWBBEIYOCn7O0hiwFDGFsfA6l
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.222.203.13 , Germany, ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software
Apache /
Resource Hash
3b4b415fbe1b549759d923b676bea39a97210341642cb25f2ddd7ebfc81bba2f

Request headers

Referer
https://www.halifax-system-online-migrate.com/Login.php?sslchannel=true&sessionid=0aXWBq7z8O5Znu5xedMLc4HubH1FnvLnGJkharRifWhDrnaFAXrN29hdQjSePEBvoVNymEQCB8g2vqI6n9TpjbC9uvnkaZPyVD6iiXUT5aWBBEIYOCn7O0hiwFDGFsfA6l
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 13:11:30 GMT
Last-Modified
Sat, 06 Apr 2019 22:56:38 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
10534
cdApi.js
www.halifax-system-online-migrate.com/assets/files/ 		518 B
773 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.halifax-system-online-migrate.com/assets/files/cdApi.js
Requested by
Host: www.halifax-system-online-migrate.com
URL: https://www.halifax-system-online-migrate.com/Login.php?sslchannel=true&sessionid=0aXWBq7z8O5Znu5xedMLc4HubH1FnvLnGJkharRifWhDrnaFAXrN29hdQjSePEBvoVNymEQCB8g2vqI6n9TpjbC9uvnkaZPyVD6iiXUT5aWBBEIYOCn7O0hiwFDGFsfA6l
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.222.203.13 , Germany, ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software
Apache /
Resource Hash
565fe82094015a603c34cf0dd4ba24741d09a7e6a6376a494bde54778dc195d3

Request headers

Referer
https://www.halifax-system-online-migrate.com/Login.php?sslchannel=true&sessionid=0aXWBq7z8O5Znu5xedMLc4HubH1FnvLnGJkharRifWhDrnaFAXrN29hdQjSePEBvoVNymEQCB8g2vqI6n9TpjbC9uvnkaZPyVD6iiXUT5aWBBEIYOCn7O0hiwFDGFsfA6l
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 13:11:30 GMT
Last-Modified
Sat, 06 Apr 2019 22:56:38 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
518
16c9d93d.js
www.halifax-system-online-migrate.com/assets/files/ 		419 KB
420 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.halifax-system-online-migrate.com/assets/files/16c9d93d.js
Requested by
Host: www.halifax-system-online-migrate.com
URL: https://www.halifax-system-online-migrate.com/Login.php?sslchannel=true&sessionid=0aXWBq7z8O5Znu5xedMLc4HubH1FnvLnGJkharRifWhDrnaFAXrN29hdQjSePEBvoVNymEQCB8g2vqI6n9TpjbC9uvnkaZPyVD6iiXUT5aWBBEIYOCn7O0hiwFDGFsfA6l
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.222.203.13 , Germany, ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software
Apache /
Resource Hash
c3c0a0bcb82166895a42b7730fb8160bad37f44177a0aeeb9e625433b083cf79

Request headers

Referer
https://www.halifax-system-online-migrate.com/Login.php?sslchannel=true&sessionid=0aXWBq7z8O5Znu5xedMLc4HubH1FnvLnGJkharRifWhDrnaFAXrN29hdQjSePEBvoVNymEQCB8g2vqI6n9TpjbC9uvnkaZPyVD6iiXUT5aWBBEIYOCn7O0hiwFDGFsfA6l
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 13:11:30 GMT
Last-Modified
Sat, 06 Apr 2019 22:56:38 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
429456
Halifax-logo-1432115232.gif
www.halifax-system-online-migrate.com/assets/files/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.halifax-system-online-migrate.com/assets/files/Halifax-logo-1432115232.gif
Requested by
Host: www.halifax-system-online-migrate.com
URL: https://www.halifax-system-online-migrate.com/Login.php?sslchannel=true&sessionid=0aXWBq7z8O5Znu5xedMLc4HubH1FnvLnGJkharRifWhDrnaFAXrN29hdQjSePEBvoVNymEQCB8g2vqI6n9TpjbC9uvnkaZPyVD6iiXUT5aWBBEIYOCn7O0hiwFDGFsfA6l
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.222.203.13 , Germany, ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software
Apache /
Resource Hash
52f775c52a7a465d35c60169d86f01b09c6ac17d80b0ecb6c7301e17c0394fe4

Request headers

Referer
https://www.halifax-system-online-migrate.com/Login.php?sslchannel=true&sessionid=0aXWBq7z8O5Znu5xedMLc4HubH1FnvLnGJkharRifWhDrnaFAXrN29hdQjSePEBvoVNymEQCB8g2vqI6n9TpjbC9uvnkaZPyVD6iiXUT5aWBBEIYOCn7O0hiwFDGFsfA6l
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 13:11:30 GMT
Last-Modified
Sat, 06 Apr 2019 22:56:38 GMT
Server
Apache
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
6106
padlock-secure-NGB-1432115235.gif
www.halifax-system-online-migrate.com/assets/files/ 		204 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.halifax-system-online-migrate.com/assets/files/padlock-secure-NGB-1432115235.gif
Requested by
Host: www.halifax-system-online-migrate.com
URL: https://www.halifax-system-online-migrate.com/Login.php?sslchannel=true&sessionid=0aXWBq7z8O5Znu5xedMLc4HubH1FnvLnGJkharRifWhDrnaFAXrN29hdQjSePEBvoVNymEQCB8g2vqI6n9TpjbC9uvnkaZPyVD6iiXUT5aWBBEIYOCn7O0hiwFDGFsfA6l
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.222.203.13 , Germany, ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software
Apache /
Resource Hash
a32d4cb0261b95eae669b741ad8938ad02057d0e0c1cc1638f9cd493a00274de

Request headers

Referer
https://www.halifax-system-online-migrate.com/Login.php?sslchannel=true&sessionid=0aXWBq7z8O5Znu5xedMLc4HubH1FnvLnGJkharRifWhDrnaFAXrN29hdQjSePEBvoVNymEQCB8g2vqI6n9TpjbC9uvnkaZPyVD6iiXUT5aWBBEIYOCn7O0hiwFDGFsfA6l
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 13:11:30 GMT
Last-Modified
Sat, 06 Apr 2019 22:56:38 GMT
Server
Apache
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
204
hal-ngb-savings-banner-dec-2018-1543330305.jpg
www.halifax-system-online-migrate.com/assets/files/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.halifax-system-online-migrate.com/assets/files/hal-ngb-savings-banner-dec-2018-1543330305.jpg
Requested by
Host: www.halifax-system-online-migrate.com
URL: https://www.halifax-system-online-migrate.com/Login.php?sslchannel=true&sessionid=0aXWBq7z8O5Znu5xedMLc4HubH1FnvLnGJkharRifWhDrnaFAXrN29hdQjSePEBvoVNymEQCB8g2vqI6n9TpjbC9uvnkaZPyVD6iiXUT5aWBBEIYOCn7O0hiwFDGFsfA6l
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.222.203.13 , Germany, ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software
Apache /
Resource Hash
6610c0d4329959fba362cd26aabddc3f6dd9d579ea7d917995dd14f9854ed6de

Request headers

Referer
https://www.halifax-system-online-migrate.com/Login.php?sslchannel=true&sessionid=0aXWBq7z8O5Znu5xedMLc4HubH1FnvLnGJkharRifWhDrnaFAXrN29hdQjSePEBvoVNymEQCB8g2vqI6n9TpjbC9uvnkaZPyVD6iiXUT5aWBBEIYOCn7O0hiwFDGFsfA6l
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 13:11:30 GMT
Last-Modified
Sat, 06 Apr 2019 22:56:38 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
9656
fscs-ngb-logon-banner-V2-1459783745.png
www.halifax-system-online-migrate.com/assets/files/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.halifax-system-online-migrate.com/assets/files/fscs-ngb-logon-banner-V2-1459783745.png
Requested by
Host: www.halifax-system-online-migrate.com
URL: https://www.halifax-system-online-migrate.com/Login.php?sslchannel=true&sessionid=0aXWBq7z8O5Znu5xedMLc4HubH1FnvLnGJkharRifWhDrnaFAXrN29hdQjSePEBvoVNymEQCB8g2vqI6n9TpjbC9uvnkaZPyVD6iiXUT5aWBBEIYOCn7O0hiwFDGFsfA6l
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.222.203.13 , Germany, ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software
Apache /
Resource Hash
ef18a59ce2fac55baba361d886d7835b66d2e8ecf485c3a4f59dd06fd819aa3f

Request headers

Referer
https://www.halifax-system-online-migrate.com/Login.php?sslchannel=true&sessionid=0aXWBq7z8O5Znu5xedMLc4HubH1FnvLnGJkharRifWhDrnaFAXrN29hdQjSePEBvoVNymEQCB8g2vqI6n9TpjbC9uvnkaZPyVD6iiXUT5aWBBEIYOCn7O0hiwFDGFsfA6l
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 13:11:30 GMT
Last-Modified
Sat, 06 Apr 2019 22:56:38 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
33434
utag.js
tags.tiqcdn.com/utag/lbg/main/prod/ 		356 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/lbg/main/prod/utag.js
Requested by
Host: www.halifax-system-online-migrate.com
URL: https://www.halifax-system-online-migrate.com/assets/files/utag-1548761392.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.180 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40DC) /
Resource Hash
aab87286f0f0f43a24b602e05f08929f4c6bdd3b9c3c8abbca1b3cef004ae2f4

Request headers

Referer
https://www.halifax-system-online-migrate.com/Login.php?sslchannel=true&sessionid=0aXWBq7z8O5Znu5xedMLc4HubH1FnvLnGJkharRifWhDrnaFAXrN29hdQjSePEBvoVNymEQCB8g2vqI6n9TpjbC9uvnkaZPyVD6iiXUT5aWBBEIYOCn7O0hiwFDGFsfA6l
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 16 May 2019 13:11:30 GMT
content-encoding
gzip
last-modified
Thu, 02 May 2019 21:44:04 GMT
server
ECS (fcn/40DC)
etag
"2532984888"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=300
accept-ranges
bytes
content-length
91593
expires
Thu, 16 May 2019 13:16:30 GMT
chevron_right_white.png
www.halifax-system-online-migrate.com/assets/img/link_types/ 		362 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.halifax-system-online-migrate.com/assets/img/link_types/chevron_right_white.png
Requested by
Host: www.halifax-system-online-migrate.com
URL: https://www.halifax-system-online-migrate.com/Login.php?sslchannel=true&sessionid=0aXWBq7z8O5Znu5xedMLc4HubH1FnvLnGJkharRifWhDrnaFAXrN29hdQjSePEBvoVNymEQCB8g2vqI6n9TpjbC9uvnkaZPyVD6iiXUT5aWBBEIYOCn7O0hiwFDGFsfA6l
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.222.203.13 , Germany, ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software
Apache /
Resource Hash
762d51477bc2a5e0d565755456e1e81b8f2c84fafc53f090eb75db6ec2c77a0b

Request headers

Referer
https://www.halifax-system-online-migrate.com/assets/files/base-auto-min190206.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 13:11:30 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
362
Content-Type
text/html; charset=iso-8859-1
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
115 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=lbg/main/201905022143&cb=1558012290535
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/lbg/main/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.180 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41A7) /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer
https://www.halifax-system-online-migrate.com/Login.php?sslchannel=true&sessionid=0aXWBq7z8O5Znu5xedMLc4HubH1FnvLnGJkharRifWhDrnaFAXrN29hdQjSePEBvoVNymEQCB8g2vqI6n9TpjbC9uvnkaZPyVD6iiXUT5aWBBEIYOCn7O0hiwFDGFsfA6l
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 16 May 2019 13:11:30 GMT
last-modified
Thu, 14 Apr 2016 16:59:33 GMT
server
ECS (fcn/41A7)
etag
"2243872957"
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Thu, 16 May 2019 13:21:30 GMT
a3fb140c-7169-4c1c-8df2-079660af373a
https://www.halifax-system-online-migrate.com/ 		142 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.halifax-system-online-migrate.com/a3fb140c-7169-4c1c-8df2-079660af373a
Requested by
Host: www.halifax-system-online-migrate.com
URL: https://www.halifax-system-online-migrate.com/assets/files/16c9d93d.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f696ffffcdd295c108ef7ce7ae84d6720d3f15fa6558e5a02efd3260dde052e3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Length
144930
Content-Type
application/javascript
adrum-ext.e97e872f9a55953b65cb4029d2f76d20.js
www.halifax-system-online-migrate.com/assets/lib/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.halifax-system-online-migrate.com/assets/lib/adrum-ext.e97e872f9a55953b65cb4029d2f76d20.js
Requested by
Host: www.halifax-system-online-migrate.com
URL: https://www.halifax-system-online-migrate.com/assets/files/adrum.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.222.203.13 , Germany, ASN204725 (UVL2-ASN, UA),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Referer
https://www.halifax-system-online-migrate.com/Login.php?sslchannel=true&sessionid=0aXWBq7z8O5Znu5xedMLc4HubH1FnvLnGJkharRifWhDrnaFAXrN29hdQjSePEBvoVNymEQCB8g2vqI6n9TpjbC9uvnkaZPyVD6iiXUT5aWBBEIYOCn7O0hiwFDGFsfA6l
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 16 May 2019 13:11:31 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
373
Content-Type
text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Halifax Bank (Banking)

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| printAnalyticsLog object| clova2 object| clova3 object| clova3EventQueue object| utag_dataEmpty object| utag_cfg_ovrd function| runAppDynamics object| clovaAcquire function| setAnalyticsVariables function| triggerAnalyticsPageEvent boolean| loadBot object| DI object| campaignScripts undefined| index number| adrum-start-time object| ADRUM object| cdApi boolean| utag_condload boolean| isValidJson undefined| windowNameFix function| eligibleByDomain function| getEnvironmentFromScriptLocation function| eligibleByEnvironment function| ineligibleByDevice function| ineligibleByPath function| exemptionPages function| getGMTTimeInOneHour function| getGMTTimeAnHourAgo function| getGMTTimeInNinetyDays function| getParentDomain function| getBrand function| debugLog object| utag object| _gaq object| pageTracker undefined| n function| e object| s function| AppMeasurement function| s_gi function| s_pgicq function| AppMeasurement_Module_ActivityMap object| bOU object| aOU function| OU_new function| giveMeQ function| stitchCookies function| useQS function| isJsonString function| optInNoPrompt function| deleteCookie function| inheritNoPrompt function| showPrompt function| consentsCaptured function| writeSeenBeforeCookie function| writefirstSessionCookie function| seenBeforeCookieCaptured function| firstSessionCookieCaptured boolean| allowPartialMatch boolean| __tealium_privacy function| fixWTCookies function| webtrendsAsyncInit function| dcsMultiTrack object| Webtrends object| WebTrends function| Visitor object| s_c_il number| s_c_in number| s_objectID number| s_giq object| LBGAnalytics function| legacyMultiTrack

3 Cookies

Domain/Path Name / Value
.halifax-system-online-migrate.com/ Name: cdContextId
Value: 1
.halifax-system-online-migrate.com/ Name: lbgcookiedomainparent
Value: true
.halifax-system-online-migrate.com/ Name: OPTOUTMULTI
Value: 0:0%7Cc1:1%7Cc3:1%7Cc5:1%7Cc4:1%7Cc2:1