www.beautytestingpanel.co.uk Open in urlscan Pro
192.254.232.240 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.beautytestingpanel.co.uk/include/css/usaacayan/usa/verify.php
Submission: On March 02 via automatic, source openphish (March 2nd 2018, 10:27:31 pm UTC)

Summary HTTP 19 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 19 HTTP transactions. The main IP is 192.254.232.240, located in Houston, United States and belongs to UNIFIEDLAYER-AS-1 - Unified Layer, US. The main domain is www.beautytestingpanel.co.uk.

This is the only time www.beautytestingpanel.co.uk was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: USAA (Banking)

Domain & IP information

	IP Address	AS Autonomous System
4	192.254.232.240 192.254.232.240	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1 - Unified Layer)
14	184.30.220.172 184.30.220.172	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	92.53.96.94 92.53.96.94	9123 (TIMEWEB-AS) (TIMEWEB-AS)
19	3

4 192.254.232.240 (Houston, United States)

ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US)

www.beautytestingpanel.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 184.30.220.172 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a184-30-220-172.deploy.static.akamaitechnologies.com

content.usaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.53.96.94 (Russian Federation) 1 redirects

ASN9123 (TIMEWEB-AS, RU)
PTR: angie.timeweb.ru

konyakov.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	usaa.com content.usaa.com	158 KB
4	beautytestingpanel.co.uk www.beautytestingpanel.co.uk	8 KB
2	konyakov.ru 1 redirects konyakov.ru	237 B
19	3

	Domain	Requested by
14	content.usaa.com	www.beautytestingpanel.co.uk
4	www.beautytestingpanel.co.uk	www.beautytestingpanel.co.uk
2	konyakov.ru	1 redirects www.beautytestingpanel.co.uk
19	3

This site contains links to these domains. Also see Links.

Domain
www.usaa.com

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://www.beautytestingpanel.co.uk/include/css/usaacayan/usa/verify.php
Frame ID: (AC7419C6102BF3EA5523697C61A757CD)
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

19
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

166 kB
Transfer

365 kB
Size

0
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.usaa.com/inet/ent_home/CpHome

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/ent_utils/McStaticPages?key=security_guarantee

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/ent_logon/Logon
Title: Log On

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/ent_contactus/CpLevelZeroContactUs?ContactUsPageId=PublicContactUs
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/ent_logon/Logon?action=INIT

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/ent_utils/McStaticPages?key=become_member_main
Title:

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/ent_utils/McStaticPages?key=products_services_main
Title:

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/ent_utils/McStaticPages?key=advice_planning_main
Title:

Search URL Search Domain Scan URL

URL: https://www.usaa.com/inet/ent_utils/McStaticPages?key=privacy_promise
Title: USAA Privacy Promise

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

http://konyakov.ru/pubs/js/javascript_form/gen_validatorv4.js HTTP 301
https://konyakov.ru/pubs/js/javascript_form/gen_validatorv4.js

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request verify.php Show response
www.beautytestingpanel.co.uk/include/css/usaacayan/usa/ 39 KB
8 KB 433ms
256ms Document
text/html 192.254.232.240
Unified Layer

General

Check archive.org

Show headers Download Go to

Full URL: http://www.beautytestingpanel.co.uk/include/css/usaacayan/usa/verify.php
Protocol: HTTP/1.1
Server: 192.254.232.240 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: fef2fe5a2d0562122696bcd00cd516669674a110cc36a7b6dc44284fc53d550f

Request headers

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Connection: keep-alive
Accept-Encoding: gzip, deflate
Host: www.beautytestingpanel.co.uk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Fri, 02 Mar 2018 22:27:20 GMT
Content-Encoding: gzip
Server: nginx/1.12.2
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html

GET
S 200 styles_member.css
content.usaa.com/mcontent/static_assets/Includes/ 229 KB
62 KB 243ms
215ms Stylesheet
text/css 184.30.220.172
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://content.usaa.com/mcontent/static_assets/Includes/styles_member.css?cacheid=3300966365

Requested by

Host: www.beautytestingpanel.co.uk
URL: http://www.beautytestingpanel.co.uk/include/css/usaacayan/usa/verify.php

Protocol

SPDY

Server

184.30.220.172 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-30-220-172.deploy.static.akamaitechnologies.com

Software

USAA-Integrity /

Resource Hash

a8f0b0fe366fa6d5c705462edbe42305764095296f5bd0e86bc65e6b264cbacb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.beautytestingpanel.co.uk/include/css/usaacayan/usa/verify.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 02 Mar 2018 22:27:20 GMT
content-encoding: gzip
last-modified: Thu, 02 Mar 2017 16:39:30 GMT
server: USAA-Integrity
etag: "394fc-549c212b6b480"
vary: Accept-Encoding
p3p: policyref="https://www.usaa.com/w3c/USAA_Full_P3P_Policy.xml", CP="IDC DSP COR CUR ADM DEV CUS DEV PSA IVA CON HIS TEL OPT OUR SAM IND PRE"
status: 200
cache-control: max-age=604772
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-type: text/css
content-length: 62237

GET
H/1.1 500
Internal Server Error cp_help_popup.js
www.beautytestingpanel.co.uk/javascript/ 0
0 186ms
183ms Script
text/html 192.254.232.240
Unified Layer

General

Check archive.org

Show headers Download Go to

Full URL: http://www.beautytestingpanel.co.uk/javascript/cp_help_popup.js?cacheid=1480593172
Requested by: Host: www.beautytestingpanel.co.uk
URL: http://www.beautytestingpanel.co.uk/include/css/usaacayan/usa/verify.php
Protocol: HTTP/1.1
Server: 192.254.232.240 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.beautytestingpanel.co.uk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://www.beautytestingpanel.co.uk/include/css/usaacayan/usa/verify.php
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.beautytestingpanel.co.uk/include/css/usaacayan/usa/verify.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Fri, 02 Mar 2018 22:27:20 GMT
Server: nginx/1.12.2
Connection: keep-alive
Content-Length: 778
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 500
Internal Server Error cp_std.js
www.beautytestingpanel.co.uk/javascript/ 0
0 370ms
183ms Script
text/html 192.254.232.240
Unified Layer

General

Check archive.org

Show headers Download Go to

Full URL: http://www.beautytestingpanel.co.uk/javascript/cp_std.js?cacheid=1367496106
Requested by: Host: www.beautytestingpanel.co.uk
URL: http://www.beautytestingpanel.co.uk/include/css/usaacayan/usa/verify.php
Protocol: HTTP/1.1
Server: 192.254.232.240 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.beautytestingpanel.co.uk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://www.beautytestingpanel.co.uk/include/css/usaacayan/usa/verify.php
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.beautytestingpanel.co.uk/include/css/usaacayan/usa/verify.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Fri, 02 Mar 2018 22:27:20 GMT
Server: nginx/1.12.2
Connection: keep-alive
Content-Length: 778
Content-Type: text/html; charset=iso-8859-1

GET
S

404

gen_validatorv4.js
konyakov.ru/pubs/js/javascript_form/
Redirect Chain

http://konyakov.ru/pubs/js/javascript_form/gen_validatorv4.js
https://konyakov.ru/pubs/js/javascript_form/gen_validatorv4.js

0
0

309ms
208ms

Script
text/html

92.53.96.94
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://konyakov.ru/pubs/js/javascript_form/gen_validatorv4.js
Requested by: Host: www.beautytestingpanel.co.uk
URL: http://www.beautytestingpanel.co.uk/include/css/usaacayan/usa/verify.php
Protocol: SPDY
Server: 92.53.96.94 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: angie.timeweb.ru
Software: nginx/1.12.1 / PHP/7.1.9
Resource Hash

Request headers

Referer: http://www.beautytestingpanel.co.uk/include/css/usaacayan/usa/verify.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 02 Mar 2018 22:27:21 GMT
content-encoding: gzip
server: nginx/1.12.1
x-powered-by: PHP/7.1.9
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
status: 404
cache-control: no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate
link: <https://konyakov.ru/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

Redirect headers

Location: https://konyakov.ru/pubs/js/javascript_form/gen_validatorv4.js
Date: Fri, 02 Mar 2018 22:27:21 GMT
Server: nginx/1.12.1
Connection: keep-alive
Content-Length: 185
Content-Type: text/html

GET
S 200 logo.gif
content.usaa.com/mcontent/static_assets/Media/ 939 B
1 KB 24ms
23ms Image
image/gif 184.30.220.172
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.usaa.com/mcontent/static_assets/Media/logo.gif?cacheid=2017356039

Requested by

Host: www.beautytestingpanel.co.uk
URL: http://www.beautytestingpanel.co.uk/include/css/usaacayan/usa/verify.php

Protocol

SPDY

Server

184.30.220.172 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-30-220-172.deploy.static.akamaitechnologies.com

Software

USAA-Integrity /

Resource Hash

fffd476414b0ee0dbed2113d4bd85a2139316998339b9bcfb2017273670e068b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.beautytestingpanel.co.uk/include/css/usaacayan/usa/verify.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 02 Mar 2018 22:27:20 GMT
last-modified: Wed, 18 Sep 2013 18:36:35 GMT
server: USAA-Integrity
etag: "3ab-4e6acb78bd2c0"
strict-transport-security: max-age=31536000
p3p: policyref="https://www.usaa.com/w3c/USAA_Full_P3P_Policy.xml", CP="IDC DSP COR CUR ADM DEV CUS DEV PSA IVA CON HIS TEL OPT OUR SAM IND PRE"
status: 200
cache-control: max-age=458759
accept-ranges: bytes
content-type: image/gif
content-length: 939

GET
S 200 navHomeActive.gif
content.usaa.com/mcontent/static_assets/Media/ 2 KB
2 KB 298ms
297ms Image
image/gif 184.30.220.172
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.usaa.com/mcontent/static_assets/Media/navHomeActive.gif?cacheid=2545320478

Requested by

Host: www.beautytestingpanel.co.uk
URL: http://www.beautytestingpanel.co.uk/include/css/usaacayan/usa/verify.php

Protocol

SPDY

Server

184.30.220.172 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-30-220-172.deploy.static.akamaitechnologies.com

Software

USAA-Integrity /

Resource Hash

4b84ff7250d75fb3e9340e2427c05dfd91c7c570755d5db1c9ce4029656373c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.beautytestingpanel.co.uk/include/css/usaacayan/usa/verify.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 02 Mar 2018 22:27:20 GMT
last-modified: Wed, 18 Sep 2013 18:36:36 GMT
server: USAA-Integrity
etag: "740-4e6acb79b1500"
strict-transport-security: max-age=31536000
p3p: policyref="https://www.usaa.com/w3c/USAA_Full_P3P_Policy.xml", CP="IDC DSP COR CUR ADM DEV CUS DEV PSA IVA CON HIS TEL OPT OUR SAM IND PRE"
status: 200
cache-control: max-age=604800
accept-ranges: bytes
content-type: image/gif
content-length: 1856

GET
S 200 navBecomeAMember.gif
content.usaa.com/mcontent/static_assets/Media/ 3 KB
4 KB 123ms
123ms Image
image/gif 184.30.220.172
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.usaa.com/mcontent/static_assets/Media/navBecomeAMember.gif?cacheid=3489125172

Requested by

Host: www.beautytestingpanel.co.uk
URL: http://www.beautytestingpanel.co.uk/include/css/usaacayan/usa/verify.php

Protocol

SPDY

Server

184.30.220.172 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-30-220-172.deploy.static.akamaitechnologies.com

Software

USAA-Integrity /

Resource Hash

605a9493ce7d174eec486de8febf29f2c9c4d532ee60928becfbfc3d43f5a75d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.beautytestingpanel.co.uk/include/css/usaacayan/usa/verify.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 02 Mar 2018 22:27:20 GMT
last-modified: Wed, 18 Sep 2013 18:36:36 GMT
server: USAA-Integrity
etag: "d1e-4e6acb79b1500"
strict-transport-security: max-age=31536000
p3p: policyref="https://www.usaa.com/w3c/USAA_Full_P3P_Policy.xml", CP="IDC DSP COR CUR ADM DEV CUS DEV PSA IVA CON HIS TEL OPT OUR SAM IND PRE"
status: 200
cache-control: max-age=573351
accept-ranges: bytes
content-type: image/gif
content-length: 3358

GET
S 200 navProducts.gif
content.usaa.com/mcontent/static_assets/Media/ 3 KB
4 KB 116ms
116ms Image
image/gif 184.30.220.172
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.usaa.com/mcontent/static_assets/Media/navProducts.gif?cacheid=1297678753

Requested by

Host: www.beautytestingpanel.co.uk
URL: http://www.beautytestingpanel.co.uk/include/css/usaacayan/usa/verify.php

Protocol

SPDY

Server

184.30.220.172 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-30-220-172.deploy.static.akamaitechnologies.com

Software

USAA-Integrity /

Resource Hash

154406c4b4526e7c37b144bd7252e740779ecdbd243dfb90847f7b8ab76bcb1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.beautytestingpanel.co.uk/include/css/usaacayan/usa/verify.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 02 Mar 2018 22:27:20 GMT
last-modified: Wed, 18 Sep 2013 18:32:28 GMT
server: USAA-Integrity
etag: "dc0-4e6aca8d2e700"
strict-transport-security: max-age=31536000
p3p: policyref="https://www.usaa.com/w3c/USAA_Full_P3P_Policy.xml", CP="IDC DSP COR CUR ADM DEV CUS DEV PSA IVA CON HIS TEL OPT OUR SAM IND PRE"
status: 200
cache-control: max-age=573432
accept-ranges: bytes
content-type: image/gif
content-length: 3520

GET
S 200 navAdvice.gif
content.usaa.com/mcontent/static_assets/Media/ 3 KB
3 KB 128ms
128ms Image
image/gif 184.30.220.172
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.usaa.com/mcontent/static_assets/Media/navAdvice.gif?cacheid=3226499640

Requested by

Host: www.beautytestingpanel.co.uk
URL: http://www.beautytestingpanel.co.uk/include/css/usaacayan/usa/verify.php

Protocol

SPDY

Server

184.30.220.172 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-30-220-172.deploy.static.akamaitechnologies.com

Software

USAA-Integrity /

Resource Hash

458e9ad7e6fb54020f8b8a8a12b60a1bd39fb0b1a3589e5a9de17a4b4acef577

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.beautytestingpanel.co.uk/include/css/usaacayan/usa/verify.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 02 Mar 2018 22:27:20 GMT
last-modified: Wed, 18 Sep 2013 18:32:28 GMT
server: USAA-Integrity
etag: "ac2-4e6aca8d2e700"
strict-transport-security: max-age=31536000
p3p: policyref="https://www.usaa.com/w3c/USAA_Full_P3P_Policy.xml", CP="IDC DSP COR CUR ADM DEV CUS DEV PSA IVA CON HIS TEL OPT OUR SAM IND PRE"
status: 200
cache-control: max-age=573431
accept-ranges: bytes
content-type: image/gif
content-length: 2754

GET
S 200 g_transparent.gif
content.usaa.com/mcontent/static_assets/Media/ 43 B
603 B 304ms
303ms Image
image/gif 184.30.220.172
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.usaa.com/mcontent/static_assets/Media/g_transparent.gif?cacheid=3007383100

Requested by

Host: www.beautytestingpanel.co.uk
URL: http://www.beautytestingpanel.co.uk/include/css/usaacayan/usa/verify.php

Protocol

SPDY

Server

184.30.220.172 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-30-220-172.deploy.static.akamaitechnologies.com

Software

USAA-Integrity /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.beautytestingpanel.co.uk/include/css/usaacayan/usa/verify.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 02 Mar 2018 22:27:20 GMT
last-modified: Sun, 15 Sep 2013 17:27:35 GMT
server: USAA-Integrity
etag: "2b-4e66f67424fc0"
strict-transport-security: max-age=31536000
p3p: policyref="https://www.usaa.com/w3c/USAA_Full_P3P_Policy.xml", CP="IDC DSP COR CUR ADM DEV CUS DEV PSA IVA CON HIS TEL OPT OUR SAM IND PRE"
status: 200
cache-control: max-age=604800
accept-ranges: bytes
content-type: image/gif
content-length: 43

GET
S 200 styles_member_print.css
content.usaa.com/mcontent/static_assets/Includes/ 7 KB
3 KB 468ms
468ms Stylesheet
text/css 184.30.220.172
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://content.usaa.com/mcontent/static_assets/Includes/styles_member_print.css?cacheid=2197796005

Requested by

Host: www.beautytestingpanel.co.uk
URL: http://www.beautytestingpanel.co.uk/include/css/usaacayan/usa/verify.php

Protocol

SPDY

Server

184.30.220.172 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-30-220-172.deploy.static.akamaitechnologies.com

Software

USAA-Integrity /

Resource Hash

ce83e2946576f73af8c783ee5b17b2a7019dda1d98bae6979a4545f340612a09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.beautytestingpanel.co.uk/include/css/usaacayan/usa/verify.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 02 Mar 2018 22:27:20 GMT
content-encoding: gzip
last-modified: Wed, 27 Aug 2014 14:11:15 GMT
server: USAA-Integrity
etag: "1da3-5019cfe3586c0"
vary: Accept-Encoding
p3p: policyref="https://www.usaa.com/w3c/USAA_Full_P3P_Policy.xml", CP="IDC DSP COR CUR ADM DEV CUS DEV PSA IVA CON HIS TEL OPT OUR SAM IND PRE"
status: 200
cache-control: max-age=604800
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-type: text/css
content-length: 2415

GET
H/1.1 500
Internal Server Error cp_std.js
www.beautytestingpanel.co.uk/javascript/ 0
0 207ms
207ms Script
text/html 192.254.232.240
Unified Layer

General

Check archive.org

Show headers Download Go to

Full URL: http://www.beautytestingpanel.co.uk/javascript/cp_std.js?cacheid=1367496106
Requested by: Host: www.beautytestingpanel.co.uk
URL: http://www.beautytestingpanel.co.uk/include/css/usaacayan/usa/verify.php
Protocol: HTTP/1.1
Server: 192.254.232.240 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.beautytestingpanel.co.uk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://www.beautytestingpanel.co.uk/include/css/usaacayan/usa/verify.php
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.beautytestingpanel.co.uk/include/css/usaacayan/usa/verify.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Fri, 02 Mar 2018 22:27:20 GMT
Server: nginx/1.12.2
Connection: keep-alive
Content-Length: 778
Content-Type: text/html; charset=iso-8859-1

GET
S 200 background_general_fb.png
content.usaa.com/mcontent/static_assets/Media/ 3 KB
3 KB 10ms
10ms Image
image/png 184.30.220.172
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.usaa.com/mcontent/static_assets/Media/background_general_fb.png

Requested by

Host: www.beautytestingpanel.co.uk
URL: http://www.beautytestingpanel.co.uk/include/css/usaacayan/usa/verify.php

Protocol

SPDY

Server

184.30.220.172 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-30-220-172.deploy.static.akamaitechnologies.com

Software

USAA-Service /

Resource Hash

e2e04a8e937f5b74a4c50cb7592a8e0bba54b40818d44e43ffd5c40c6b4fe72a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://content.usaa.com/mcontent/static_assets/Includes/styles_member.css?cacheid=3300966365
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 02 Mar 2018 22:27:21 GMT
last-modified: Mon, 16 Sep 2013 11:24:14 GMT
server: USAA-Service
etag: "b13-4e67e71a8d380"
strict-transport-security: max-age=31536000
content-type: image/png
status: 200
cache-control: max-age=548891
accept-ranges: bytes
content-length: 2835

GET
S 200 usaa-sprite-globalNav_v2.png
content.usaa.com/mcontent/static_assets/Media/ 56 KB
57 KB 17ms
16ms Image
image/png 184.30.220.172
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.usaa.com/mcontent/static_assets/Media/usaa-sprite-globalNav_v2.png?cacheid=201011301710

Requested by

Host: www.beautytestingpanel.co.uk
URL: http://www.beautytestingpanel.co.uk/include/css/usaacayan/usa/verify.php

Protocol

SPDY

Server

184.30.220.172 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-30-220-172.deploy.static.akamaitechnologies.com

Software

USAA-Service /

Resource Hash

522a5fe0b1921acbaa0925b2a50fa141b0719797d5c552ffc150415c7c44d23b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://content.usaa.com/mcontent/static_assets/Includes/styles_member.css?cacheid=3300966365
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 02 Mar 2018 22:27:21 GMT
last-modified: Fri, 13 Feb 2015 21:43:34 GMT
server: USAA-Service
etag: "e14a-50eff20d78d80"
strict-transport-security: max-age=31536000
content-type: image/png
status: 200
cache-control: max-age=547030
accept-ranges: bytes
content-length: 57674

GET
S 200 vh_navBG.gif
content.usaa.com/mcontent/static_assets/Media/ 547 B
709 B 124ms
124ms Image
image/gif 184.30.220.172
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.usaa.com/mcontent/static_assets/Media/vh_navBG.gif

Requested by

Host: www.beautytestingpanel.co.uk
URL: http://www.beautytestingpanel.co.uk/include/css/usaacayan/usa/verify.php

Protocol

SPDY

Server

184.30.220.172 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-30-220-172.deploy.static.akamaitechnologies.com

Software

USAA-Service /

Resource Hash

1d8dd235b4f8111a5735ac6ba96b29a3dfb2850ce00fb202a88a8fd5174f8215

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://content.usaa.com/mcontent/static_assets/Includes/styles_member.css?cacheid=3300966365
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 02 Mar 2018 22:27:21 GMT
last-modified: Sun, 15 Sep 2013 20:02:40 GMT
server: USAA-Service
etag: "223-4e67191e15800"
strict-transport-security: max-age=31536000
content-type: image/gif
status: 200
cache-control: max-age=562690
accept-ranges: bytes
content-length: 547

GET
S 200 bgRightColWrapper.gif
content.usaa.com/mcontent/static_assets/Media/ 89 B
249 B 27ms
27ms Image
image/gif 184.30.220.172
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.usaa.com/mcontent/static_assets/Media/bgRightColWrapper.gif

Requested by

Host: www.beautytestingpanel.co.uk
URL: http://www.beautytestingpanel.co.uk/include/css/usaacayan/usa/verify.php

Protocol

SPDY

Server

184.30.220.172 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-30-220-172.deploy.static.akamaitechnologies.com

Software

USAA-Service /

Resource Hash

a1ad84a27b9eb878f2f2c0507b98592d9bb849014c7b989d78e4d04599b65516

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://content.usaa.com/mcontent/static_assets/Includes/styles_member.css?cacheid=3300966365
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 02 Mar 2018 22:27:21 GMT
last-modified: Sun, 15 Sep 2013 18:25:39 GMT
server: USAA-Service
etag: "59-4e67036ebeec0"
strict-transport-security: max-age=31536000
content-type: image/gif
status: 200
cache-control: max-age=549101
accept-ranges: bytes
content-length: 89

GET
S 200 misc_nav_ctaButtonSpriteV1.png
content.usaa.com/mcontent/static_assets/Media/ 11 KB
11 KB 24ms
24ms Image
image/png 184.30.220.172
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.usaa.com/mcontent/static_assets/Media/misc_nav_ctaButtonSpriteV1.png

Requested by

Host: www.beautytestingpanel.co.uk
URL: http://www.beautytestingpanel.co.uk/include/css/usaacayan/usa/verify.php

Protocol

SPDY

Server

184.30.220.172 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-30-220-172.deploy.static.akamaitechnologies.com

Software

USAA-Service /

Resource Hash

5db7cec2666ed4b479df4c975a28bf84716c09f4a2bcfdafd3c628f49d3f5790

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://content.usaa.com/mcontent/static_assets/Includes/styles_member.css?cacheid=3300966365
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 02 Mar 2018 22:27:21 GMT
last-modified: Fri, 18 Apr 2014 13:44:10 GMT
server: USAA-Service
etag: "2a1c-4f7515823de80"
strict-transport-security: max-age=31536000
content-type: image/png
status: 200
cache-control: max-age=548966
accept-ranges: bytes
content-length: 10780

GET
S 200 iconMemberMd_sprite_06142008.png
content.usaa.com/mcontent/static_assets/Media/ 7 KB
7 KB 28ms
28ms Image
image/png 184.30.220.172
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.usaa.com/mcontent/static_assets/Media/iconMemberMd_sprite_06142008.png

Requested by

Host: www.beautytestingpanel.co.uk
URL: http://www.beautytestingpanel.co.uk/include/css/usaacayan/usa/verify.php

Protocol

SPDY

Server

184.30.220.172 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a184-30-220-172.deploy.static.akamaitechnologies.com

Software

USAA-Service /

Resource Hash

296dbc9d6e1ce1324e9decaca34a29285ee1c273daf46170ad23225121b5c4ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://content.usaa.com/mcontent/static_assets/Includes/styles_member.css?cacheid=3300966365
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 02 Mar 2018 22:27:21 GMT
last-modified: Mon, 16 Sep 2013 07:53:52 GMT
server: USAA-Service
etag: "1b0b-4e67b81546400"
strict-transport-security: max-age=31536000
content-type: image/png
status: 200
cache-control: max-age=581514
accept-ranges: bytes
content-length: 6923

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: USAA (Banking)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

content.usaa.com
konyakov.ru
www.beautytestingpanel.co.uk
184.30.220.172
192.254.232.240
92.53.96.94
154406c4b4526e7c37b144bd7252e740779ecdbd243dfb90847f7b8ab76bcb1a
1d8dd235b4f8111a5735ac6ba96b29a3dfb2850ce00fb202a88a8fd5174f8215
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
296dbc9d6e1ce1324e9decaca34a29285ee1c273daf46170ad23225121b5c4ec
458e9ad7e6fb54020f8b8a8a12b60a1bd39fb0b1a3589e5a9de17a4b4acef577
4b84ff7250d75fb3e9340e2427c05dfd91c7c570755d5db1c9ce4029656373c8
522a5fe0b1921acbaa0925b2a50fa141b0719797d5c552ffc150415c7c44d23b
5db7cec2666ed4b479df4c975a28bf84716c09f4a2bcfdafd3c628f49d3f5790
605a9493ce7d174eec486de8febf29f2c9c4d532ee60928becfbfc3d43f5a75d
a1ad84a27b9eb878f2f2c0507b98592d9bb849014c7b989d78e4d04599b65516
a8f0b0fe366fa6d5c705462edbe42305764095296f5bd0e86bc65e6b264cbacb
ce83e2946576f73af8c783ee5b17b2a7019dda1d98bae6979a4545f340612a09
e2e04a8e937f5b74a4c50cb7592a8e0bba54b40818d44e43ffd5c40c6b4fe72a
fef2fe5a2d0562122696bcd00cd516669674a110cc36a7b6dc44284fc53d550f
fffd476414b0ee0dbed2113d4bd85a2139316998339b9bcfb2017273670e068b

www.beautytestingpanel.co.uk Open in urlscan Pro 192.254.232.240 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

19 Requests

0 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

166 kBTransfer

365 kBSize

0 Cookies

9 Outgoing links

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

13 JavaScript Global Variables

0 Cookies

Indicators

www.beautytestingpanel.co.uk Open in urlscan Pro
192.254.232.240 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

166 kB
Transfer

365 kB
Size

0
Cookies

19 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!