lifeimprovementmedia.com
Open in
urlscan Pro
45.60.22.64
Malicious Activity!
Public Scan
Submission: On February 15 via automatic, source openphish
Summary
This is the only time lifeimprovementmedia.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Huntington Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 | 45.60.22.64 45.60.22.64 | 19551 (INCAPSULA) (INCAPSULA) | |
12 | 104.126.36.75 104.126.36.75 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
18 | 2 |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-36-75.deploy.static.akamaitechnologies.com
onlinebanking.huntington.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
huntington.com
onlinebanking.huntington.com |
36 KB |
6 |
lifeimprovementmedia.com
lifeimprovementmedia.com |
30 KB |
18 | 2 |
Domain | Requested by | |
---|---|---|
12 | onlinebanking.huntington.com |
lifeimprovementmedia.com
onlinebanking.huntington.com |
6 | lifeimprovementmedia.com |
lifeimprovementmedia.com
|
18 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.huntington.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
huntington.com GeoTrust EV RSA CA 2018 |
2020-07-08 - 2022-07-13 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
http://lifeimprovementmedia.com/huntington/card-plus/banke/oath.php
Frame ID: 55B59F7D65616B84EFFAFE7FAD56108B
Requests: 18 HTTP requests in this frame
1 Outgoing links
These are links going to different origins than the main page.
Title: Contact Us
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
oath.php
lifeimprovementmedia.com/huntington/card-plus/banke/ |
9 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
text.css
onlinebanking.huntington.com/rol/Styles/Structure/960/ |
1 KB 869 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
960_16_col.css
onlinebanking.huntington.com/rol/Styles/Structure/960/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
huntington-rol.css
onlinebanking.huntington.com/rol/Styles/Presentation/ |
57 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
propertyClasses.css
onlinebanking.huntington.com/rol/Styles/Presentation/ |
598 B 918 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widgets.css
onlinebanking.huntington.com/rol/Styles/Presentation/ |
12 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
NavBar.css
onlinebanking.huntington.com/rol/Styles/Navigation/ |
2 KB 958 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui-1.8.9.custom.css
onlinebanking.huntington.com/rol/Styles/JQueryUIThemes/custom-theme/ |
59 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modal-dialog.css
onlinebanking.huntington.com/rol/Styles/Presentation/ |
1 KB 888 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hnb.aria.common.css
onlinebanking.huntington.com/rol/Styles/ |
574 B 894 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Auth.css
onlinebanking.huntington.com/rol/Styles/Presentation/Auth/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-lg.png
lifeimprovementmedia.com/huntington/card-plus/banke/image/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lock.gif
lifeimprovementmedia.com/huntington/card-plus/banke/image/ |
870 B 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hexlogo-footer-icon.png
lifeimprovementmedia.com/huntington/card-plus/banke/image/ |
333 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
_Incapsula_Resource
lifeimprovementmedia.com/ |
136 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
huntington-rol-print.css
onlinebanking.huntington.com/rol/Styles/Presentation/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
background-960.jpg
onlinebanking.huntington.com/rol/Images/UI/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
_Incapsula_Resource
lifeimprovementmedia.com/ |
1 B 123 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Huntington Bank (Banking)5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
lifeimprovementmedia.com/ | Name: ___utmvc Value: Br1KPrjNjNv1uwpkYb/cX1xaEwbr8JFt3zaP4hoF02gPjXA9cWXs6K7C8EMeBG/KE8AesuMhQG+CNsVxyMQK/6UnmPa6aR2vzWTlA4GzV68IlV6KBSy/0CoruF1sYMKfuyGfS3sffKJVaIAs2dgxq04LpbGeqYinhVu1RposHJOAXpPKgnV2BoIEhHYq5WBi6LY1bDpZ4QEQhT1OOx5/sj9Xbohk/lCce/czhUmdCEQXDAy100bTzhsD+DZpwBHC1F9NuHnvoFvmq7s/P7cGys3OHNuwfXzrXU48D2C0SD/gBrfyf0jHVH2YMUDEjB36nbPg/bkxjkJPgr/3PcdiOhs5+plP/m0XsbkawmIA4OzyD9idirxAG75P+REctQF414xKgXWmb2vIryireE8HPjlCsgR1UXZ9UXVb9q1SnuJmTmgO/q/bxDfUy24gS5Lth6si4KdmA1/7cFtYSPoU5KNO3uEUwx9DNqejpZxK5NDuPOdupRq6R1e7x4aDXtgYOYdBg1gZd6KIdnOQjGLXC0GH1dc63foYFYMq+Gn18KZT1kdmFvb62YVk8/8nVNj2oA3g+FBSzIh8eXlpyMlYzxD/m6rVLcxrpIO4QtMD422UolZq7lyXo8WUrpXlQB8IVxkk5P24XhLb+DQJJgjlae4GnqxYqxz0a588V+4r0rV5yxUonqhytbjoRiNwJ0WeKAx6158A/gj5FKCQVX7XKB2ZAln55haDtXkopYnHxzW+2yeE2UCUxj1lGs82+Hjsg58qnaOCOAi/eqJErWRYqjkxQBcK4d3lRYv4qiX4oAAAWnhMKcBFEW7vOFLdODryONtHVN9rt+ddThIwxzFTaWo7p3zGrTdzHpVRb5JXmx4bNBnq01/R6TIcRI/3gte6WcQP7VoFqgLbKojjdcVcdls/XHvZ+B+lSPYpOg5lWpNWgGArFSumgDmjaTIo1lU7a80EHr4RJtYdghDeowCgcrvAu2Z3fX951fFBDK8aNbECkrlIrUXClSRc4IfwQpUIPMzpsfo1eJ5webV30nNGjole0CTTw0+o6ALsMZbDCAcFWxbTj+8IcBWQzNfUs9+KSZ/eqQ8Oan2J8tnYZUWR5CP56k/cMiRqKzhj30V5G4SV6gPkE0qjc/GrfpkBLjyegvSHIBFNY4VX0rcp+M/JmlBMzCVS6+7Zuf375S1Mgi2pYmoMq9ZvZBr3rBJEqKkFHebPTSU7wXo2sDMvQEOmj1Bs5oXlg9fPNi5iowPwU1LzvKAEeJeSTAw91PaZGPL8m+6p27NS6RfC5UjLb+ZGu8/WQConjCf2SvgFEdLaUTI+KXWqu5WHjjstX/07+UjRrWAG9xT/0DkI+2dQVU3gvYBNtyiZWPtQzuattroYV/c7bBGply8JXqHlHVwmmAHQ47/Do9C9uvMdI9nKakTJpVY/qE7BlBsQXpu24Nlqd5B+IyLenECJCSDiV3jbqByY+uVbDZZufSgiWVdjg6YtaYkiYls054R6OnlatctuoKdTU37oLRBMT7AkcSTQ0j3rDU1j/oLME8zutP4E12733GNl+V5COd3nL20ju/6UlwTP+19mPwF6en/P5ZN+Tb4RPlJO/hAEJu1XFyufWfmokw+Izt3UsiI3N4zA/qa28IJEusuWhwmbEJ+9Fv6xBUdUG+FUFsDp1QLctqj6wy5AlvwiaMBl5c2KWFaMZkwFg+wdYHgraArm8C2B6axCJzxkXcE6m9s2WXOGucS0kBgf6UKsbb7jR3GXfVcV2A36Ae63HFNzbjPRNeIRm7qFQ5af5GRqWktqrc/cgQoszcyeZo49M8zqnk1K3UPKKAGhd8s0F9nTph9zVOkcyVX/sifbmkZiydr//d1M+dZbKjOHJX/PfpAoKSddnh5J3M5y0MpquSsBhZEF8F5cw5xAR4GTs8v/4PtbCw1tbwOvPpbQd4oaAANY12qSubuj1h9KJ6WGuuR9uPi+aqX5WEJ+819Qbqm1nFpprRbn5AGp5v5Mx5FqjByPR86KATRy1jKKgERvp3WEO31Nw4nCoq1H7OPGLGRpZ2VzdD0xNDAzNDEscz04YTc1NjE5Nzg0NzY2M2E3OWFhYzg4NzU2MzZhN2E5OTk1YTBhNzk3N2VhMTg0OWY2OWFlODA5NTY2Njc4Mzc2OGE3NmFlODI4MDg1NmQ3MA== |
|
.lifeimprovementmedia.com/ | Name: incap_ses_1341_1829259 Value: HSjUeXZUHCeOhQ0fgTCcEk12KmAAAAAAwecQwEesM0F5i0saq7dhrA== |
|
.lifeimprovementmedia.com/ | Name: visid_incap_1829259 Value: KhXrvUUVRBq8l3BreQD2sUx2KmAAAAAAQUIPAAAAAADnPwdkfelJdbpL02plMYfh |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
lifeimprovementmedia.com
onlinebanking.huntington.com
104.126.36.75
45.60.22.64
22d1d430fb9575bcf54932ea71e39ccaccd62c19ca67270d56ef30f56d56f67e
2e5e74ec2ba4f5f0f18fbe930f9cc2be83b41e651b33d63605e15bd3e0de0545
2f9215b9ab85c0e224d2d0b37b77be86fed52ded385e96aff0f1beb32f3fe5cc
3de2992764859f7d334186c4166f0c16cfb6f38da0e1fdb0f477b7c6a08485dd
408236bad13858212891ee9591c5f10f4e11b891f6001f5327c146afe9d10d45
4183be66219d8fcbeefc40c65029ae45cd6c27e3fb469cf85633af1876b8bebf
4e397d4cdd3f6b1da8992479abdeb0443f24d852e63ec5c0c7ed2dd3f0fdc34b
5651db6cf27864f6a9fc7b44bce870b799057c58d7fc0e32f5a640172a88a7e3
65916412ccdbd807d52915f418c2d5ea5451a2bc1af904ab8702634e88e54991
70c00dd2e53aff643a9cd3f6bd7fcecf934056d5c076c3540b89c9d05a96e012
88f039834ad283597f08b9dc10a59c598a7a9f52630f49285361cc703d51da7a
895f1145b735fc25b1eb72359fa693b52b13c3e950b876799893e42ace819a36
a3d5d8736d619cf290b571c145a79c0191e3cce735f06e1cd6b682e4a6cfbb75
ac4c79f5ea44ab2c5a9871c08098066c6ad1d6b87293dd8f19045ce0559d2c19
deb61527bc56e95dddf597d429991ca5a6002890ab8990b3c268926e6920b505
e226a30e910cd4638a4ff1fbf8ba8e926ef0e01678e74dfac812c334a9985328
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f35791a298f11f56a270a7fe6e0eec32c073de76e1ba54e126b6a765ff3ae200