u1324717oe.ha004.t.justns.ru
2a00:b700::39  Malicious Activity!

URL: http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/login.php
Submission: On November 25 via automatic, source openphish — Scanned from DE

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 31 HTTP transactions. The main IP is 2a00:b700::39, located in Russian Federation and belongs to ASBAXET, RU. The main domain is u1324717oe.ha004.t.justns.ru.
This is the only time u1324717oe.ha004.t.justns.ru was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Tangerine Bank (Banking)

Domain & IP information

IP Address AS Autonomous System
29 2a00:b700::39 51659 (ASBAXET)
31 2
Domain
Subdomains
Transfer
29 justns.ru
u1324717oe.ha004.t.justns.ru
325 KB
0 tangerine.ca Failed
www.tangerine.ca Failed
0 B
31 2
Domain Requested by
29 u1324717oe.ha004.t.justns.ru u1324717oe.ha004.t.justns.ru
0 www.tangerine.ca Failed u1324717oe.ha004.t.justns.ru
31 2

This site contains links to these domains. Also see Links.

Domain
www.tangerine.ca
Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/login.php
Frame ID: 2F523E2FAC034AE982688215AAD87DF8
Requests: 31 HTTP requests in this frame

Screenshot


Page Statistics

31
Requests

0 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

325 kB
Transfer

1452 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request login.php
u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/
31 KB
8 KB
Document
General
Full URL
http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/login.php
Protocol
HTTP/1.1
Server
2a00:b700::39 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
be041d35d4f51610e2f9c9df1afae3595664dc350a0cea270da5c89cea239453

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-type
text/html; charset=UTF-8
content-length
8343
content-encoding
gzip
vary
Accept-Encoding,User-Agent
date
Thu, 25 Nov 2021 12:22:57 GMT
server
LiteSpeed
cool-2.js
u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/
14 KB
6 KB
Script
General
Full URL
http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/cool-2.js
Requested by
Host: u1324717oe.ha004.t.justns.ru
URL: http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/login.php
Protocol
HTTP/1.1
Server
2a00:b700::39 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 12:22:57 GMT
content-encoding
gzip
last-modified
Mon, 16 Apr 2018 06:44:44 GMT
server
LiteSpeed
etag
"3643-5ad4465c-118eaa0cf4fb6811;gz"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
5607
expires
Thu, 02 Dec 2021 12:22:57 GMT
ec.js
u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/
3 KB
2 KB
Script
General
Full URL
http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/ec.js
Requested by
Host: u1324717oe.ha004.t.justns.ru
URL: http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/login.php
Protocol
HTTP/1.1
Server
2a00:b700::39 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 12:22:57 GMT
content-encoding
gzip
last-modified
Mon, 16 Apr 2018 06:44:44 GMT
server
LiteSpeed
etag
"adb-5ad4465c-937e84e4dee50df6;gz"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
1355
expires
Thu, 02 Dec 2021 12:22:57 GMT
567781970021690.js
u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/
1 KB
1 KB
Script
General
Full URL
http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/567781970021690.js
Requested by
Host: u1324717oe.ha004.t.justns.ru
URL: http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/login.php
Protocol
HTTP/1.1
Server
2a00:b700::39 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
05eaedc75ba2fb416ac37d1566cc8f22542c8fe32b6fb16706e8a10c74a5906b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 12:22:57 GMT
content-encoding
gzip
last-modified
Mon, 16 Apr 2018 06:44:44 GMT
server
LiteSpeed
etag
"4b6-5ad4465c-4a15d6d1c93f3f95;gz"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
776
expires
Thu, 02 Dec 2021 12:22:57 GMT
fbevents.js
u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/
39 KB
14 KB
Script
General
Full URL
http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/fbevents.js
Requested by
Host: u1324717oe.ha004.t.justns.ru
URL: http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/login.php
Protocol
HTTP/1.1
Server
2a00:b700::39 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
29451fb716c05b025bfb8a468767f7112baad0112dbc512d1610f64dbbad4bc0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 12:22:57 GMT
content-encoding
gzip
last-modified
Mon, 16 Apr 2018 06:44:44 GMT
server
LiteSpeed
etag
"9a0b-5ad4465c-e705b613b9b9d656;gz"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
13696
expires
Thu, 02 Dec 2021 12:22:57 GMT
uwt.js
u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/
5 KB
2 KB
Script
General
Full URL
http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/uwt.js
Requested by
Host: u1324717oe.ha004.t.justns.ru
URL: http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/login.php
Protocol
HTTP/1.1
Server
2a00:b700::39 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 12:22:57 GMT
content-encoding
gzip
last-modified
Mon, 16 Apr 2018 06:44:44 GMT
server
LiteSpeed
etag
"141b-5ad4465c-670bc206c59b2179;gz"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
2046
expires
Thu, 02 Dec 2021 12:22:57 GMT
analytics.js
u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/
35 KB
16 KB
Script
General
Full URL
http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/analytics.js
Requested by
Host: u1324717oe.ha004.t.justns.ru
URL: http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/login.php
Protocol
HTTP/1.1
Server
2a00:b700::39 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 12:22:57 GMT
content-encoding
gzip
last-modified
Mon, 16 Apr 2018 06:44:44 GMT
server
LiteSpeed
etag
"8c67-5ad4465c-b698ff3dce03f04b;gz"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
15915
expires
Thu, 02 Dec 2021 12:22:57 GMT
gtm.js
u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/
287 KB
57 KB
Script
General
Full URL
http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/gtm.js
Requested by
Host: u1324717oe.ha004.t.justns.ru
URL: http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/login.php
Protocol
HTTP/1.1
Server
2a00:b700::39 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
089f9be970df498a4d6a96eeaad2e50a5a749cd5f1ad830eae1b9a11a590cbec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 12:22:57 GMT
content-encoding
gzip
last-modified
Mon, 16 Apr 2018 06:44:44 GMT
server
LiteSpeed
etag
"47cfd-5ad4465c-c5fac89ad3430f42;gz"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
58003
expires
Thu, 02 Dec 2021 12:22:57 GMT
dtagent_ICA23TVgjpqrtx_7000000031020.js
u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/
91 KB
39 KB
Script
General
Full URL
http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/dtagent_ICA23TVgjpqrtx_7000000031020.js
Requested by
Host: u1324717oe.ha004.t.justns.ru
URL: http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/login.php
Protocol
HTTP/1.1
Server
2a00:b700::39 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
11730a27d4a3e6406729363973fc6607042a61cd9fa002cebd34987ff702749f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 12:22:57 GMT
content-encoding
gzip
last-modified
Mon, 16 Apr 2018 06:44:44 GMT
server
LiteSpeed
etag
"16cfd-5ad4465c-34de78941463544c;gz"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
39459
expires
Thu, 02 Dec 2021 12:22:57 GMT
global.css
u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/
103 KB
21 KB
Stylesheet
General
Full URL
http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/global.css
Requested by
Host: u1324717oe.ha004.t.justns.ru
URL: http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/login.php
Protocol
HTTP/1.1
Server
2a00:b700::39 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
da84e9b416adb61fca22009fa86d7273f94799a1b436df907483ce2d4b32a645

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 12:22:57 GMT
content-encoding
gzip
last-modified
Mon, 16 Apr 2018 06:44:44 GMT
server
LiteSpeed
etag
"19dcb-5ad4465c-44463fd0573709f9;gz"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
20773
expires
Thu, 02 Dec 2021 12:22:57 GMT
app.css
u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/
809 KB
138 KB
Stylesheet
General
Full URL
http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/app.css
Requested by
Host: u1324717oe.ha004.t.justns.ru
URL: http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/login.php
Protocol
HTTP/1.1
Server
2a00:b700::39 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
e4a8bb18ceed53c64f287922ca7cda8dad0bc57a98f3b3780f51cb0fb5e02545

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 12:22:57 GMT
content-encoding
gzip
last-modified
Mon, 16 Apr 2018 06:44:44 GMT
server
LiteSpeed
etag
"ca417-5ad4465c-16a295eb575bc96d;gz"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
140770
expires
Thu, 02 Dec 2021 12:22:57 GMT
logo_002.js
u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/
96 B
491 B
Script
General
Full URL
http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/logo_002.js
Requested by
Host: u1324717oe.ha004.t.justns.ru
URL: http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/login.php
Protocol
HTTP/1.1
Server
2a00:b700::39 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
1c0ce71531aecd109eecce9966180782910028a34b62c6ccf850bb24dad70df7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 12:22:57 GMT
last-modified
Mon, 16 Apr 2018 06:44:44 GMT
server
LiteSpeed
etag
"60-5ad4465c-115a3275ff50d944;;;"
vary
User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
96
expires
Thu, 02 Dec 2021 12:22:57 GMT
logo.js
u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/
281 B
689 B
Script
General
Full URL
http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/logo.js
Requested by
Host: u1324717oe.ha004.t.justns.ru
URL: http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/login.php
Protocol
HTTP/1.1
Server
2a00:b700::39 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
e28333e37a1be0388e316cf72960adbc610db5510b21223ffbd1788ad5bbc736

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 12:22:57 GMT
content-encoding
gzip
last-modified
Mon, 16 Apr 2018 06:44:44 GMT
server
LiteSpeed
etag
"119-5ad4465c-7c359d8062eb693f;gz"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
252
expires
Thu, 02 Dec 2021 12:22:57 GMT
brand-white.png
u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/
2 KB
3 KB
Image
General
Full URL
http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/brand-white.png
Requested by
Host: u1324717oe.ha004.t.justns.ru
URL: http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/login.php
Protocol
HTTP/1.1
Server
2a00:b700::39 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
a900806f01bb127b471228bf4598a6c907fd1b26eae4f2c7c95cefd3adb5f9ec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 12:22:57 GMT
last-modified
Mon, 16 Apr 2018 06:44:44 GMT
server
LiteSpeed
etag
"99a-5ad4465c-c91164263a16d6f8;;;"
vary
User-Agent
content-type
image/png
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
2458
expires
Thu, 02 Dec 2021 12:22:57 GMT
brand-orange.png
u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/
2 KB
3 KB
Image
General
Full URL
http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/brand-orange.png
Requested by
Host: u1324717oe.ha004.t.justns.ru
URL: http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/login.php
Protocol
HTTP/1.1
Server
2a00:b700::39 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
b0c0092ef63e49ce2ca0c56290809c62cbd0f6c6fbf8fc5824fc183f5b49a3b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 12:22:57 GMT
last-modified
Mon, 16 Apr 2018 06:44:44 GMT
server
LiteSpeed
etag
"99e-5ad4465c-80b17436478ca013;;;"
vary
User-Agent
content-type
image/png
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
2462
expires
Thu, 02 Dec 2021 12:22:57 GMT
2.png
u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/
702 B
1 KB
Image
General
Full URL
http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/2.png
Requested by
Host: u1324717oe.ha004.t.justns.ru
URL: http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/login.php
Protocol
HTTP/1.1
Server
2a00:b700::39 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
7eb7cde1623a311ee9a0414ecede0980b00a282c9cfed274ea4b948003c5e99a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 12:22:57 GMT
last-modified
Mon, 16 Apr 2018 06:48:56 GMT
server
LiteSpeed
etag
"2be-5ad44758-49dbeb768b0b186c;;;"
vary
User-Agent
content-type
image/png
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
702
expires
Thu, 02 Dec 2021 12:22:57 GMT
3.png
u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/
869 B
1 KB
Image
General
Full URL
http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/3.png
Requested by
Host: u1324717oe.ha004.t.justns.ru
URL: http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/login.php
Protocol
HTTP/1.1
Server
2a00:b700::39 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
31fe8b1d967dadc64c2832724685c5f965ae7720481672cc7635506e7175fbea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 12:22:57 GMT
last-modified
Mon, 16 Apr 2018 06:49:12 GMT
server
LiteSpeed
etag
"365-5ad44768-d89165d6815125ab;;;"
vary
User-Agent
content-type
image/png
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
869
expires
Thu, 02 Dec 2021 12:22:57 GMT
1.png
u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/
532 B
916 B
Image
General
Full URL
http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/1.png
Requested by
Host: u1324717oe.ha004.t.justns.ru
URL: http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/login.php
Protocol
HTTP/1.1
Server
2a00:b700::39 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
23ef5e1f819afa52fc3c8a12ff076054d2934ec69ac6315f8858cad0ddbff580

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 12:22:57 GMT
last-modified
Mon, 16 Apr 2018 06:48:04 GMT
server
LiteSpeed
etag
"214-5ad44724-b4c35ae5c1dea274;;;"
vary
User-Agent
content-type
image/png
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
532
expires
Thu, 02 Dec 2021 12:22:57 GMT
4.png
u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/
398 B
782 B
Image
General
Full URL
http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/4.png
Requested by
Host: u1324717oe.ha004.t.justns.ru
URL: http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/login.php
Protocol
HTTP/1.1
Server
2a00:b700::39 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
7768bbc373cb313d7b7e643d1541ff653f436e83910f594ea9e8f018b8422e93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 12:22:57 GMT
last-modified
Mon, 16 Apr 2018 06:49:42 GMT
server
LiteSpeed
etag
"18e-5ad44786-aed2fbbff8e16418;;;"
vary
User-Agent
content-type
image/png
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
398
expires
Thu, 02 Dec 2021 12:22:57 GMT
brand.png
u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/
2 KB
3 KB
Image
General
Full URL
http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/brand.png
Requested by
Host: u1324717oe.ha004.t.justns.ru
URL: http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/login.php
Protocol
HTTP/1.1
Server
2a00:b700::39 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
a900806f01bb127b471228bf4598a6c907fd1b26eae4f2c7c95cefd3adb5f9ec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 12:22:57 GMT
last-modified
Mon, 16 Apr 2018 06:44:44 GMT
server
LiteSpeed
etag
"99a-5ad4465c-bc3e28ecc9fd8a36;;;"
vary
User-Agent
content-type
image/png
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
2458
expires
Thu, 02 Dec 2021 12:22:57 GMT
pm_fp.js
u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/
24 KB
8 KB
Script
General
Full URL
http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/pm_fp.js
Requested by
Host: u1324717oe.ha004.t.justns.ru
URL: http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/login.php
Protocol
HTTP/1.1
Server
2a00:b700::39 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
376dc44a4bcae47d222019f4f1f0434f6af04ca6d5ca6e38f8c28c2365483a23

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 12:22:57 GMT
content-encoding
gzip
last-modified
Mon, 16 Apr 2018 06:44:44 GMT
server
LiteSpeed
etag
"5f83-5ad4465c-fb23ba7d6fcd16b2;gz"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
Connection
Keep-Alive
accept-ranges
bytes
Keep-Alive
timeout=5, max=100
content-length
7550
expires
Thu, 02 Dec 2021 12:22:57 GMT
proximanova-regular-webfont.woff2
u1324717oe.ha004.t.justns.ru/directing/assets/fonts/
0
0
Font
General
Full URL
http://u1324717oe.ha004.t.justns.ru/directing/assets/fonts/proximanova-regular-webfont.woff2
Requested by
Host: u1324717oe.ha004.t.justns.ru
URL: http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/global.css
Protocol
HTTP/1.1
Server
2a00:b700::39 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash

Request headers

Referer
http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/global.css
Origin
http://u1324717oe.ha004.t.justns.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 12:22:57 GMT
content-encoding
gzip
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
text/html
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
375
proximanova-bold-webfont.woff2
u1324717oe.ha004.t.justns.ru/directing/assets/fonts/
0
0
Font
General
Full URL
http://u1324717oe.ha004.t.justns.ru/directing/assets/fonts/proximanova-bold-webfont.woff2
Requested by
Host: u1324717oe.ha004.t.justns.ru
URL: http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/global.css
Protocol
HTTP/1.1
Server
2a00:b700::39 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash

Request headers

Referer
http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/global.css
Origin
http://u1324717oe.ha004.t.justns.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 12:22:57 GMT
content-encoding
gzip
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
text/html
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
372
lineto-tangerinecircular-boldtitling.woff
u1324717oe.ha004.t.justns.ru/directing/assets/fonts/
0
0
Font
General
Full URL
http://u1324717oe.ha004.t.justns.ru/directing/assets/fonts/lineto-tangerinecircular-boldtitling.woff
Requested by
Host: u1324717oe.ha004.t.justns.ru
URL: http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/global.css
Protocol
HTTP/1.1
Server
2a00:b700::39 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash

Request headers

Referer
http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/global.css
Origin
http://u1324717oe.ha004.t.justns.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 12:22:57 GMT
content-encoding
gzip
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
text/html
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
380
proximanova-regular-webfont.woff
u1324717oe.ha004.t.justns.ru/directing/assets/fonts/
0
0
Font
General
Full URL
http://u1324717oe.ha004.t.justns.ru/directing/assets/fonts/proximanova-regular-webfont.woff
Requested by
Host: u1324717oe.ha004.t.justns.ru
URL: http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/global.css
Protocol
HTTP/1.1
Server
2a00:b700::39 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash

Request headers

Referer
http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/global.css
Origin
http://u1324717oe.ha004.t.justns.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 12:22:57 GMT
content-encoding
gzip
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
text/html
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
374
proximanova-bold-webfont.woff
u1324717oe.ha004.t.justns.ru/directing/assets/fonts/
0
0
Font
General
Full URL
http://u1324717oe.ha004.t.justns.ru/directing/assets/fonts/proximanova-bold-webfont.woff
Requested by
Host: u1324717oe.ha004.t.justns.ru
URL: http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/global.css
Protocol
HTTP/1.1
Server
2a00:b700::39 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash

Request headers

Referer
http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/global.css
Origin
http://u1324717oe.ha004.t.justns.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 12:22:57 GMT
content-encoding
gzip
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
text/html
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
371
lineto-tangerinecircular-boldtitling.ttf
u1324717oe.ha004.t.justns.ru/directing/assets/fonts/
0
0
Font
General
Full URL
http://u1324717oe.ha004.t.justns.ru/directing/assets/fonts/lineto-tangerinecircular-boldtitling.ttf
Requested by
Host: u1324717oe.ha004.t.justns.ru
URL: http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/global.css
Protocol
HTTP/1.1
Server
2a00:b700::39 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash

Request headers

Referer
http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/global.css
Origin
http://u1324717oe.ha004.t.justns.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 12:22:57 GMT
content-encoding
gzip
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
text/html
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
378
proximanova-regular-webfont.ttf
u1324717oe.ha004.t.justns.ru/directing/assets/fonts/
0
0
Font
General
Full URL
http://u1324717oe.ha004.t.justns.ru/directing/assets/fonts/proximanova-regular-webfont.ttf
Requested by
Host: u1324717oe.ha004.t.justns.ru
URL: http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/global.css
Protocol
HTTP/1.1
Server
2a00:b700::39 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash

Request headers

Referer
http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/global.css
Origin
http://u1324717oe.ha004.t.justns.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 12:22:57 GMT
content-encoding
gzip
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
text/html
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
373
proximanova-bold-webfont.ttf
u1324717oe.ha004.t.justns.ru/directing/assets/fonts/
0
0
Font
General
Full URL
http://u1324717oe.ha004.t.justns.ru/directing/assets/fonts/proximanova-bold-webfont.ttf
Requested by
Host: u1324717oe.ha004.t.justns.ru
URL: http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/global.css
Protocol
HTTP/1.1
Server
2a00:b700::39 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash

Request headers

Referer
http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/files/global.css
Origin
http://u1324717oe.ha004.t.justns.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 25 Nov 2021 12:22:57 GMT
content-encoding
gzip
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
text/html
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
370
dynaTraceMonitor?type=js&flavor=cors&referer=http%3A%2F%2Fu1324717oe.ha004.t.justns.ru%2Fdirecting%2Fsecure.tangerine.ca%2Fweb%2Flogin.php&app=www.tangerine.ca
www.tangerine.ca/
0
0

dynaTraceMonitor?type=js&flavor=cors&referer=http%3A%2F%2Fu1324717oe.ha004.t.justns.ru%2Fdirecting%2Fsecure.tangerine.ca%2Fweb%2Flogin.php&app=www.tangerine.ca
www.tangerine.ca/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.tangerine.ca
URL
https://www.tangerine.ca/dynaTraceMonitor?type=js&flavor=cors&referer=http%3A%2F%2Fu1324717oe.ha004.t.justns.ru%2Fdirecting%2Fsecure.tangerine.ca%2Fweb%2Flogin.php&app=www.tangerine.ca
Domain
www.tangerine.ca
URL
https://www.tangerine.ca/dynaTraceMonitor?type=js&flavor=cors&referer=http%3A%2F%2Fu1324717oe.ha004.t.justns.ru%2Fdirecting%2Fsecure.tangerine.ca%2Fweb%2Flogin.php&app=www.tangerine.ca

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Tangerine Bank (Banking)

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| gaplugins function| ga object| a object| dT_ object| dynaTrace object| IGLOO function| activeXDetect function| stripIllegalChars function| stripFullPath function| FingerPrint function| Hashtable function| IE_FingerPrint function| Mozilla_FingerPrint function| Opera_FingerPrint function| add_deviceprint function| urlEncode function| encode_deviceprint function| decode_deviceprint function| post_deviceprint object| twttr object| google_tag_manager function| postscribe object| dataLayer

3 Cookies

Domain/Path Name / Value
u1324717oe.ha004.t.justns.ru/ Name: dtSa
Value: -
u1324717oe.ha004.t.justns.ru/ Name: dtLatC
Value: 5
u1324717oe.ha004.t.justns.ru/ Name: dtPC
Value: -

12 Console Messages

Source Level URL
Text
network error URL: http://u1324717oe.ha004.t.justns.ru/directing/assets/fonts/proximanova-regular-webfont.woff2
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://u1324717oe.ha004.t.justns.ru/directing/assets/fonts/proximanova-bold-webfont.woff2
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://u1324717oe.ha004.t.justns.ru/directing/assets/fonts/lineto-tangerinecircular-boldtitling.woff
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://u1324717oe.ha004.t.justns.ru/directing/assets/fonts/proximanova-regular-webfont.woff
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://u1324717oe.ha004.t.justns.ru/directing/assets/fonts/proximanova-bold-webfont.woff
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://u1324717oe.ha004.t.justns.ru/directing/assets/fonts/lineto-tangerinecircular-boldtitling.ttf
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://u1324717oe.ha004.t.justns.ru/directing/assets/fonts/proximanova-regular-webfont.ttf
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://u1324717oe.ha004.t.justns.ru/directing/assets/fonts/proximanova-bold-webfont.ttf
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
javascript error URL: http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/login.php
Message:
Access to XMLHttpRequest at 'https://www.tangerine.ca/dynaTraceMonitor?type=js&flavor=cors&referer=http%3A%2F%2Fu1324717oe.ha004.t.justns.ru%2Fdirecting%2Fsecure.tangerine.ca%2Fweb%2Flogin.php&app=www.tangerine.ca' from origin 'http://u1324717oe.ha004.t.justns.ru' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains multiple values 'https://www.tangerine.ca, http://u1324717oe.ha004.t.justns.ru', but only one is allowed.
network error URL: https://www.tangerine.ca/dynaTraceMonitor?type=js&flavor=cors&referer=http%3A%2F%2Fu1324717oe.ha004.t.justns.ru%2Fdirecting%2Fsecure.tangerine.ca%2Fweb%2Flogin.php&app=www.tangerine.ca
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://u1324717oe.ha004.t.justns.ru/directing/secure.tangerine.ca/web/login.php
Message:
Access to XMLHttpRequest at 'https://www.tangerine.ca/dynaTraceMonitor?type=js&flavor=cors&referer=http%3A%2F%2Fu1324717oe.ha004.t.justns.ru%2Fdirecting%2Fsecure.tangerine.ca%2Fweb%2Flogin.php&app=www.tangerine.ca' from origin 'http://u1324717oe.ha004.t.justns.ru' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains multiple values 'https://www.tangerine.ca, http://u1324717oe.ha004.t.justns.ru', but only one is allowed.
network error URL: https://www.tangerine.ca/dynaTraceMonitor?type=js&flavor=cors&referer=http%3A%2F%2Fu1324717oe.ha004.t.justns.ru%2Fdirecting%2Fsecure.tangerine.ca%2Fweb%2Flogin.php&app=www.tangerine.ca
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

u1324717oe.ha004.t.justns.ru
www.tangerine.ca
www.tangerine.ca
2a00:b700::39
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05eaedc75ba2fb416ac37d1566cc8f22542c8fe32b6fb16706e8a10c74a5906b
089f9be970df498a4d6a96eeaad2e50a5a749cd5f1ad830eae1b9a11a590cbec
11730a27d4a3e6406729363973fc6607042a61cd9fa002cebd34987ff702749f
1c0ce71531aecd109eecce9966180782910028a34b62c6ccf850bb24dad70df7
23ef5e1f819afa52fc3c8a12ff076054d2934ec69ac6315f8858cad0ddbff580
29451fb716c05b025bfb8a468767f7112baad0112dbc512d1610f64dbbad4bc0
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
31fe8b1d967dadc64c2832724685c5f965ae7720481672cc7635506e7175fbea
376dc44a4bcae47d222019f4f1f0434f6af04ca6d5ca6e38f8c28c2365483a23
3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1
7768bbc373cb313d7b7e643d1541ff653f436e83910f594ea9e8f018b8422e93
7eb7cde1623a311ee9a0414ecede0980b00a282c9cfed274ea4b948003c5e99a
a900806f01bb127b471228bf4598a6c907fd1b26eae4f2c7c95cefd3adb5f9ec
b0c0092ef63e49ce2ca0c56290809c62cbd0f6c6fbf8fc5824fc183f5b49a3b8
be041d35d4f51610e2f9c9df1afae3595664dc350a0cea270da5c89cea239453
da84e9b416adb61fca22009fa86d7273f94799a1b436df907483ce2d4b32a645
e28333e37a1be0388e316cf72960adbc610db5510b21223ffbd1788ad5bbc736
e4a8bb18ceed53c64f287922ca7cda8dad0bc57a98f3b3780f51cb0fb5e02545
f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7