urlscan.io logo urlscan.io
SecurityTrails logo

samranmalik.com Open in urlscan Pro
173.249.35.108  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://samranmalik.com/wp-admin/js/bb/BBT/Online/online.html
Submission: On December 22 via automatic, source openphish
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 4 domains to perform 29 HTTP transactions. The main IP is 173.249.35.108, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is samranmalik.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 19th 2019. Valid for: 3 months.
This is the only time samranmalik.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BB&T Bank (Banking)

Domain & IP information

IP Address AS Autonomous System
10 173.249.35.108 51167 (CONTABO)
14 23.38.56.37 20940 (AKAMAI-ASN1)
1 4 52.215.246.156 16509 (AMAZON-02)
1 172.82.224.88 15224 (OMNITURE)
1 1 66.117.28.86 15224 (OMNITURE)
1 52.215.57.89 16509 (AMAZON-02)
29 5
10    173.249.35.108 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: orange.dnseasyhost.com
samranmalik.com
14    23.38.56.37 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-38-56-37.deploy.static.akamaitechnologies.com
bank.bbt.com
www.bbt.com
4    52.215.246.156 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-215-246-156.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    172.82.224.88 (United States)

ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: bbt.com.ssl.sc.omtrdc.net
sstats.bbt.com
1    66.117.28.86 (United States)

ASN15224 (OMNITURE - Adobe Systems Inc., US)
cm.everesttech.net
1    52.215.57.89 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-215-57-89.eu-west-1.compute.amazonaws.com
bbandt.demdex.net
Apex Domain
Subdomains		 Transfer
15 bbt.com
bank.bbt.com
www.bbt.com
sstats.bbt.com
362 KB
10 samranmalik.com
samranmalik.com
52 KB
5 demdex.net
dpm.demdex.net
bbandt.demdex.net
3 KB
1 everesttech.net
cm.everesttech.net
527 B
29 4
Domain Requested by
10 samranmalik.com samranmalik.com
bank.bbt.com
9 bank.bbt.com samranmalik.com
5 www.bbt.com samranmalik.com
4 dpm.demdex.net 1 redirects samranmalik.com
1 bbandt.demdex.net www.bbt.com
1 cm.everesttech.net 1 redirects
1 sstats.bbt.com www.bbt.com
29 7

This site contains links to these domains. Also see Links.

Domain
www.bbt.com
bank.bbt.com
insurance.bbt.com
www.bbtscottstringfellow.com
Subject Issuer Validity Valid
www.samranmalik.com
Let's Encrypt Authority X3		 2019-11-19 -
2020-02-17		 3 months crt.sh
www.bbt.com
DigiCert SHA2 Extended Validation Server CA		 2019-04-03 -
2021-02-08		 2 years crt.sh
*.demdex.net
DigiCert SHA2 High Assurance Server CA		 2018-01-09 -
2021-02-12		 3 years crt.sh
sstats.bbt.com
DigiCert SHA2 Secure Server CA		 2019-11-22 -
2021-11-22		 2 years crt.sh

This page contains 2 frames:

Primary Page: https://samranmalik.com/wp-admin/js/bb/BBT/Online/online.html
Frame ID: 3617D058F6AE2CE59BD41EE1983A2B31
Requests: 28 HTTP requests in this frame

Frame: https://bbandt.demdex.net/dest5.html?d_nsid=0
Frame ID: 0834C6284F6ED4A1A2042C55C20C3BB1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

29
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

7
Subdomains

5
IPs

4
Countries

416 kB
Transfer

1647 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=135D34FA53DA9B160A490D44%40AdobeOrg&d_nsid=0&ts=1577017072357 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=135D34FA53DA9B160A490D44%40AdobeOrg&d_nsid=0&ts=1577017072357
Request Chain 23
  • https://cm.everesttech.net/cm/dd?d_uuid=76994845804698210033598481649965702610 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Xf9e8AAAFwxcPBN_

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request online.html
samranmalik.com/wp-admin/js/bb/BBT/Online/ 		17 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://samranmalik.com/wp-admin/js/bb/BBT/Online/online.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.249.35.108 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
orange.dnseasyhost.com
Software
nginx/1.16.1 /
Resource Hash
c8718108f64b2e93614762012063dcef99e4789de22433319625740d89b2e573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Host
samranmalik.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User
?1
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User
?1

Response headers

Server
nginx/1.16.1
Date
Sun, 22 Dec 2019 12:17:51 GMT
Content-Type
text/html
Last-Modified
Wed, 18 Dec 2019 15:53:17 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=60
Vary
Accept-Encoding
ETag
W/"5dfa4b6d-4409"
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000
X-Cache
HIT from Backend
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Content-Encoding
gzip
logon-10142018-new.css
samranmalik.com/wp-admin/js/bb/BBT/Online/T-Dox/wpfile/ 		255 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://samranmalik.com/wp-admin/js/bb/BBT/Online/T-Dox/wpfile/logon-10142018-new.css
Requested by
Host: samranmalik.com
URL: https://samranmalik.com/wp-admin/js/bb/BBT/Online/online.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.249.35.108 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
orange.dnseasyhost.com
Software
nginx/1.16.1 /
Resource Hash
5bc9d3bf3b3f5080bcb90682a31e1a565e62f27096737bf307b710975633dc50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://samranmalik.com/wp-admin/js/bb/BBT/Online/online.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 22 Dec 2019 12:17:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 18 Dec 2019 15:53:17 GMT
Server
nginx/1.16.1
ETag
W/"5dfa4b6d-3fd37"
Strict-Transport-Security
max-age=31536000
X-Cache
HIT from Backend
Content-Type
text/css
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Keep-Alive
timeout=60
Expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-1.9.1.min.js
bank.bbt.com/bbtpassreset/content/js/ 		97 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bank.bbt.com/bbtpassreset/content/js/jquery-1.9.1.min.js
Requested by
Host: samranmalik.com
URL: https://samranmalik.com/wp-admin/js/bb/BBT/Online/online.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.56.37 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-56-37.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
754739f717dea0a4a759313c0fa9aa864761426b671e01aa609c903c3bc74f18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://samranmalik.com/wp-admin/js/bb/BBT/Online/online.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Wed, 09 Oct 2019 07:09:22 GMT
ETag
W/"99829-1570604962000"
X-Frame-Options
SAMEORIGIN
p3p
CP="NON CUR OTPi OUR NOR UNI"
Date
Sun, 22 Dec 2019 12:17:52 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
35622
jquery-3.3.1-jquery-migrate-3.0.0.min.js
bank.bbt.com/auth/js/library/ 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bank.bbt.com/auth/js/library/jquery-3.3.1-jquery-migrate-3.0.0.min.js
Requested by
Host: samranmalik.com
URL: https://samranmalik.com/wp-admin/js/bb/BBT/Online/online.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.56.37 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-56-37.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e23ecc9a204bbd478b1293ec2a74db8afe74dfcc0616acb265f23aa04afaaec9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://samranmalik.com/wp-admin/js/bb/BBT/Online/online.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Sun, 27 Oct 2019 07:01:51 GMT
ETag
"16f3f-595def51e4571"
X-Frame-Options
SAMEORIGIN
p3p
CP="NON CUR OTPi OUR NOR UNI"
Date
Sun, 22 Dec 2019 12:17:51 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
32902
modernizr-2.6.2-respond-1.1.0.min.js
bank.bbt.com/auth/js/library/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bank.bbt.com/auth/js/library/modernizr-2.6.2-respond-1.1.0.min.js
Requested by
Host: samranmalik.com
URL: https://samranmalik.com/wp-admin/js/bb/BBT/Online/online.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.56.37 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-56-37.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ce0f70d9e807bb959717d8350c21a107f5b6b7221a774b6d1ed057219468a260
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://samranmalik.com/wp-admin/js/bb/BBT/Online/online.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Sun, 27 Oct 2019 07:01:51 GMT
ETag
"4c1c-595def52029d4"
X-Frame-Options
SAMEORIGIN
p3p
CP="NON CUR OTPi OUR NOR UNI"
Date
Sun, 22 Dec 2019 12:17:51 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
8059
satellite-5c5b66d264746d4d06000688.js
www.bbt.com/assets/apps/dtm_auth/ac265c174e480c2b170c2d73fbe2ff4ca87ebaac/scripts/ 		1 KB
901 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bbt.com/assets/apps/dtm_auth/ac265c174e480c2b170c2d73fbe2ff4ca87ebaac/scripts/satellite-5c5b66d264746d4d06000688.js
Requested by
Host: samranmalik.com
URL: https://samranmalik.com/wp-admin/js/bb/BBT/Online/online.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.56.37 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-56-37.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2a4770f16d6977fd4e812cd99fa280ee162522cd6ba73f80c7f1033980868259
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://samranmalik.com/wp-admin/js/bb/BBT/Online/online.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Wed, 04 Dec 2019 19:59:35 GMT
ETag
W/"1111-1575489575000"
Vary
Accept-Encoding
p3p
CP="NON CUR OTPi OUR NOR UNI"
Date
Sun, 22 Dec 2019 12:17:51 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
517
satellite-5c5b56eb64746d57d6001e32.js
www.bbt.com/assets/apps/dtm_auth/ac265c174e480c2b170c2d73fbe2ff4ca87ebaac/scripts/ 		914 B
752 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bbt.com/assets/apps/dtm_auth/ac265c174e480c2b170c2d73fbe2ff4ca87ebaac/scripts/satellite-5c5b56eb64746d57d6001e32.js
Requested by
Host: samranmalik.com
URL: https://samranmalik.com/wp-admin/js/bb/BBT/Online/online.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.56.37 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-56-37.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6817ea3d05093629ab5afe729586d55cf5000d765ad3a3742d8d6db9fde7aecc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://samranmalik.com/wp-admin/js/bb/BBT/Online/online.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Wed, 04 Dec 2019 19:59:34 GMT
ETag
W/"914-1575489574000"
Vary
Accept-Encoding
p3p
CP="NON CUR OTPi OUR NOR UNI"
Date
Sun, 22 Dec 2019 12:17:51 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
369
satellite-5c7553e664746d44c90016f6.js
www.bbt.com/assets/apps/dtm_auth/ac265c174e480c2b170c2d73fbe2ff4ca87ebaac/scripts/ 		487 B
716 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bbt.com/assets/apps/dtm_auth/ac265c174e480c2b170c2d73fbe2ff4ca87ebaac/scripts/satellite-5c7553e664746d44c90016f6.js
Requested by
Host: samranmalik.com
URL: https://samranmalik.com/wp-admin/js/bb/BBT/Online/online.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.56.37 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-56-37.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f70a152b1ce6ca9fa65cf36616b7ac22e53950fa296e50d22d50c74cd908732d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://samranmalik.com/wp-admin/js/bb/BBT/Online/online.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency
23
strict-transport-security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Wed, 04 Dec 2019 19:59:35 GMT
X-EdgeConnect-MidMile-RTT
0
ETag
W/"487-1575489575000"
Vary
Accept-Encoding
p3p
CP="NON CUR OTPi OUR NOR UNI"
Date
Sun, 22 Dec 2019 12:17:51 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
265
u-logo.png
samranmalik.com/wp-admin/js/bb/BBT/Online/T-Dox/wpfile/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://samranmalik.com/wp-admin/js/bb/BBT/Online/T-Dox/wpfile/u-logo.png
Requested by
Host: samranmalik.com
URL: https://samranmalik.com/wp-admin/js/bb/BBT/Online/online.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.249.35.108 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
orange.dnseasyhost.com
Software
nginx/1.16.1 /
Resource Hash
4b3683b03cc22e50675b37765e8d87343c6c7acf36b341839b2e1dcce393d795
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://samranmalik.com/wp-admin/js/bb/BBT/Online/online.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 22 Dec 2019 12:17:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 18 Dec 2019 15:53:17 GMT
Server
nginx/1.16.1
ETag
W/"5dfa4b6d-2940"
Strict-Transport-Security
max-age=31536000
X-Cache
HIT from Backend
Content-Type
image/png
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Keep-Alive
timeout=60
Expires
Thu, 31 Dec 2037 23:55:55 GMT
util32-09112016.js
bank.bbt.com/auth/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bank.bbt.com/auth/js/util32-09112016.js
Requested by
Host: samranmalik.com
URL: https://samranmalik.com/wp-admin/js/bb/BBT/Online/online.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.56.37 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-56-37.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6e4b0a4fbb729b9045a733dca8d464bfee6bee9d6854401edf17a0b42be408df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://samranmalik.com/wp-admin/js/bb/BBT/Online/online.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Sun, 27 Oct 2019 07:00:42 GMT
ETag
"1b2e-595def10b71bd"
X-Frame-Options
SAMEORIGIN
p3p
CP="NON CUR OTPi OUR NOR UNI"
Date
Sun, 22 Dec 2019 12:17:52 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
2219
jquery-1.9.1.min.js
bank.bbt.com/auth/js/library/ 		99 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bank.bbt.com/auth/js/library/jquery-1.9.1.min.js
Requested by
Host: samranmalik.com
URL: https://samranmalik.com/wp-admin/js/bb/BBT/Online/online.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.56.37 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-56-37.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
24d0019d04e456f915278736590f17b97ad501f8280066b4bf5ca254ff6039be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://samranmalik.com/wp-admin/js/bb/BBT/Online/online.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Sun, 27 Oct 2019 07:00:40 GMT
ETag
"18a3a-595def0e1589a"
X-Frame-Options
SAMEORIGIN
p3p
CP="NON CUR OTPi OUR NOR UNI"
Date
Sun, 22 Dec 2019 12:17:52 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
35752
satelliteLib-2039843a7a97ef0847cd764b5a6ada6f146969bf.js
www.bbt.com/assets/apps/dtm_auth/ac265c174e480c2b170c2d73fbe2ff4ca87ebaac/ 		271 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bbt.com/assets/apps/dtm_auth/ac265c174e480c2b170c2d73fbe2ff4ca87ebaac/satelliteLib-2039843a7a97ef0847cd764b5a6ada6f146969bf.js
Requested by
Host: samranmalik.com
URL: https://samranmalik.com/wp-admin/js/bb/BBT/Online/online.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.56.37 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-56-37.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6c410032eaba889a2863070bff489d59ae5ab05c45445d6b8f36c9ac57f7522b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://samranmalik.com/wp-admin/js/bb/BBT/Online/online.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Wed, 04 Dec 2019 19:59:05 GMT
ETag
W/"277342-1575489545000"
Vary
Accept-Encoding
p3p
CP="NON CUR OTPi OUR NOR UNI"
Date
Sun, 22 Dec 2019 12:17:52 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
63887
mbox-contents-a1af2c889392435f93e3904e3cd274b9442a4d6d.js
www.bbt.com/assets/apps/dtm_auth/ac265c174e480c2b170c2d73fbe2ff4ca87ebaac/ 		77 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bbt.com/assets/apps/dtm_auth/ac265c174e480c2b170c2d73fbe2ff4ca87ebaac/mbox-contents-a1af2c889392435f93e3904e3cd274b9442a4d6d.js
Requested by
Host: samranmalik.com
URL: https://samranmalik.com/wp-admin/js/bb/BBT/Online/online.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.56.37 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-56-37.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
433f4ec46c909f71b8cf918b26f04e3c3e75ce69bfb5ac66184910ee467739b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://samranmalik.com/wp-admin/js/bb/BBT/Online/online.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency
23
strict-transport-security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Wed, 04 Dec 2019 19:59:04 GMT
X-EdgeConnect-MidMile-RTT
6
ETag
W/"79175-1575489544000"
Vary
Accept-Encoding
p3p
CP="NON CUR OTPi OUR NOR UNI"
Date
Sun, 22 Dec 2019 12:17:52 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
28393
wa-09112016.js
bank.bbt.com/auth/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bank.bbt.com/auth/js/wa-09112016.js
Requested by
Host: samranmalik.com
URL: https://samranmalik.com/wp-admin/js/bb/BBT/Online/online.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.56.37 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-56-37.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5258d6b83da024b3f12456fb76ed9976e546d451c8ab098b29993e7357008cdd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://samranmalik.com/wp-admin/js/bb/BBT/Online/online.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Sun, 27 Oct 2019 07:00:42 GMT
ETag
"1560-595def10ccd64"
X-Frame-Options
SAMEORIGIN
p3p
CP="NON CUR OTPi OUR NOR UNI"
Date
Sun, 22 Dec 2019 12:17:52 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
1855
myfi_script_v8-09112016.js
bank.bbt.com/auth/js/library/ 		524 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bank.bbt.com/auth/js/library/myfi_script_v8-09112016.js
Requested by
Host: samranmalik.com
URL: https://samranmalik.com/wp-admin/js/bb/BBT/Online/online.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.56.37 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-56-37.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
340a1fe80741b56c4d1f38c31e95b65cc27db54e752f4ffc2bf20aceecd64df0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://samranmalik.com/wp-admin/js/bb/BBT/Online/online.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Sun, 27 Oct 2019 07:01:52 GMT
ETag
"82e32-595def53747e9"
X-Frame-Options
SAMEORIGIN
p3p
CP="NON CUR OTPi OUR NOR UNI"
Date
Sun, 22 Dec 2019 12:17:52 GMT
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
Content-Type
application/javascript
Transfer-Encoding
chunked
myfi_overview_script_v7-09112016.js
bank.bbt.com/auth/js/library/ 		81 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bank.bbt.com/auth/js/library/myfi_overview_script_v7-09112016.js
Requested by
Host: samranmalik.com
URL: https://samranmalik.com/wp-admin/js/bb/BBT/Online/online.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.56.37 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-56-37.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7dcb3e436b4857605431aba0ac7be0f0d59f2d434ef302218547cf1a4f81f036
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://samranmalik.com/wp-admin/js/bb/BBT/Online/online.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Sun, 27 Oct 2019 07:01:51 GMT
ETag
"145c5-595def52532ea"
X-Frame-Options
SAMEORIGIN
p3p
CP="NON CUR OTPi OUR NOR UNI"
Date
Sun, 22 Dec 2019 12:17:52 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
19931
bai-custom-combined-12112016-old.js
bank.bbt.com/auth/js/ 		89 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bank.bbt.com/auth/js/bai-custom-combined-12112016-old.js
Requested by
Host: samranmalik.com
URL: https://samranmalik.com/wp-admin/js/bb/BBT/Online/online.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.56.37 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-56-37.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9393b681830ed1c5474a4ad3b36db18474e185d0166a9846cccb7a80278de3b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://samranmalik.com/wp-admin/js/bb/BBT/Online/online.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Sun, 27 Oct 2019 07:00:39 GMT
ETag
"1624d-595def0d4605b"
X-Frame-Options
SAMEORIGIN
p3p
CP="NON CUR OTPi OUR NOR UNI"
Date
Sun, 22 Dec 2019 12:17:52 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
22080
sourcesanspro-regular-webfont.woff
samranmalik.com/wp-admin/js/bb/BBT/Online/T-Dox/css/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://samranmalik.com/wp-admin/js/bb/BBT/Online/T-Dox/css/fonts/sourcesanspro-regular-webfont.woff
Requested by
Host: bank.bbt.com
URL: https://bank.bbt.com/auth/js/library/modernizr-2.6.2-respond-1.1.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.249.35.108 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
orange.dnseasyhost.com
Software
nginx/1.16.1 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://samranmalik.com/wp-admin/js/bb/BBT/Online/T-Dox/wpfile/logon-10142018-new.css
Origin
https://samranmalik.com

Response headers

Date
Sun, 22 Dec 2019 12:17:52 GMT
Server
nginx/1.16.1
Connection
keep-alive
Keep-Alive
timeout=60
Content-Length
538
Content-Type
text/html; charset=iso-8859-1
sourcesanspro-semibold-webfont.woff
samranmalik.com/wp-admin/js/bb/BBT/Online/T-Dox/css/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://samranmalik.com/wp-admin/js/bb/BBT/Online/T-Dox/css/fonts/sourcesanspro-semibold-webfont.woff
Requested by
Host: samranmalik.com
URL: https://samranmalik.com/wp-admin/js/bb/BBT/Online/online.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.249.35.108 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
orange.dnseasyhost.com
Software
nginx/1.16.1 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://samranmalik.com/wp-admin/js/bb/BBT/Online/T-Dox/wpfile/logon-10142018-new.css
Origin
https://samranmalik.com

Response headers

Date
Sun, 22 Dec 2019 12:17:52 GMT
Server
nginx/1.16.1
Connection
keep-alive
Keep-Alive
timeout=60
Content-Length
538
Content-Type
text/html; charset=iso-8859-1
sourcesanspro-regular-webfont.ttf
samranmalik.com/wp-admin/js/bb/BBT/Online/T-Dox/css/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://samranmalik.com/wp-admin/js/bb/BBT/Online/T-Dox/css/fonts/sourcesanspro-regular-webfont.ttf
Requested by
Host: samranmalik.com
URL: https://samranmalik.com/wp-admin/js/bb/BBT/Online/online.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.249.35.108 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
orange.dnseasyhost.com
Software
nginx/1.16.1 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://samranmalik.com/wp-admin/js/bb/BBT/Online/T-Dox/wpfile/logon-10142018-new.css
Origin
https://samranmalik.com

Response headers

Date
Sun, 22 Dec 2019 12:17:52 GMT
Server
nginx/1.16.1
Connection
keep-alive
Keep-Alive
timeout=60
Content-Length
538
Content-Type
text/html; charset=iso-8859-1
sourcesanspro-semibold-webfont.ttf
samranmalik.com/wp-admin/js/bb/BBT/Online/T-Dox/css/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://samranmalik.com/wp-admin/js/bb/BBT/Online/T-Dox/css/fonts/sourcesanspro-semibold-webfont.ttf
Requested by
Host: samranmalik.com
URL: https://samranmalik.com/wp-admin/js/bb/BBT/Online/online.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.249.35.108 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
orange.dnseasyhost.com
Software
nginx/1.16.1 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://samranmalik.com/wp-admin/js/bb/BBT/Online/T-Dox/wpfile/logon-10142018-new.css
Origin
https://samranmalik.com

Response headers

Date
Sun, 22 Dec 2019 12:17:52 GMT
Server
nginx/1.16.1
Connection
keep-alive
Keep-Alive
timeout=60
Content-Length
538
Content-Type
text/html; charset=iso-8859-1
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=135D34FA53DA9B160A490D44%40AdobeOrg&d_nsid=0&ts=1577017072357
  • https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=135D34FA53DA9B160A490D44%40AdobeOrg&d_nsid=0&ts=1577017072357
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=135D34FA53DA9B160A490D44%40AdobeOrg&d_nsid=0&ts=1577017072357
Requested by
Host: samranmalik.com
URL: https://samranmalik.com/wp-admin/js/bb/BBT/Online/online.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.246.156 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-215-246-156.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://samranmalik.com/wp-admin/js/bb/BBT/Online/online.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Location
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=135D34FA53DA9B160A490D44%40AdobeOrg&d_nsid=0&ts=1577017072357
X-TID
jeNjruOYT8Q=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://samranmalik.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Origin
https://samranmalik.com
X-TID
jeNjruOYT8Q=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=135D34FA53DA9B160A490D44%40AdobeOrg&d_nsid=0&ts=1577017072357
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rd
dpm.demdex.net/id/ 		365 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=135D34FA53DA9B160A490D44%40AdobeOrg&d_nsid=0&ts=1577017072357
Requested by
Host: samranmalik.com
URL: https://samranmalik.com/wp-admin/js/bb/BBT/Online/online.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.246.156 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-215-246-156.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
01c770037c319d63ac3ac43ae97b4832b94beb88b8ec53b37617286b02907029
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://samranmalik.com/wp-admin/js/bb/BBT/Online/online.html
Origin
https://samranmalik.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v056-07ea587f8.edge-irl1.demdex.com 5.64.2.20191219100008 3ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-TID
UPZFujXMQ5g=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://samranmalik.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
301
Expires
Thu, 01 Jan 1970 00:00:00 GMT
id
sstats.bbt.com/ 		49 B
681 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sstats.bbt.com/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=135D34FA53DA9B160A490D44%40AdobeOrg&mid=76975821062233039273600911250984275822&ts=1577017072540
Requested by
Host: www.bbt.com
URL: https://www.bbt.com/assets/apps/dtm_auth/ac265c174e480c2b170c2d73fbe2ff4ca87ebaac/satelliteLib-2039843a7a97ef0847cd764b5a6ada6f146969bf.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.82.224.88 , United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
bbt.com.ssl.sc.omtrdc.net
Software
Omniture DC/2.0.0 /
Resource Hash
3a4c01020a8c5eb4dbf1168d446bf46661ba4450d98d0b1fb5788ded632229f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://samranmalik.com/wp-admin/js/bb/BBT/Online/online.html
Origin
https://samranmalik.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Sun, 22 Dec 2019 12:17:52 GMT
X-Content-Type-Options
nosniff
Server
Omniture DC/2.0.0
xserver
www31
Vary
Origin
X-C
ms-6.11.2
P3P
CP="This is not a P3P policy"
Access-Control-Allow-Origin
https://samranmalik.com
Cache-Control
no-cache, no-store, max-age=0, no-transform, private
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/x-javascript
Keep-Alive
timeout=15
Content-Length
49
X-XSS-Protection
1; mode=block
ibs:dpid=411&dpuuid=Xf9e8AAAFwxcPBN_
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=76994845804698210033598481649965702610
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Xf9e8AAAFwxcPBN_
42 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Xf9e8AAAFwxcPBN_
Requested by
Host: samranmalik.com
URL: https://samranmalik.com/wp-admin/js/bb/BBT/Online/online.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.246.156 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-215-246-156.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://samranmalik.com/wp-admin/js/bb/BBT/Online/online.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v056-01a8f5d65.edge-irl1.demdex.com 5.64.2.20191219100008 1ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
sgJUZG3aQUI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Sun, 22 Dec 2019 12:17:52 GMT
Server
AMO-cookiemap/1.1
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Xf9e8AAAFwxcPBN_
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=15,max=100
Content-Length
0
bbtu-bai.woff
samranmalik.com/wp-admin/js/bb/BBT/Online/T-Dox/css/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://samranmalik.com/wp-admin/js/bb/BBT/Online/T-Dox/css/fonts/bbtu-bai.woff?63153398
Requested by
Host: samranmalik.com
URL: https://samranmalik.com/wp-admin/js/bb/BBT/Online/online.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.249.35.108 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
orange.dnseasyhost.com
Software
nginx/1.16.1 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://samranmalik.com/wp-admin/js/bb/BBT/Online/T-Dox/wpfile/logon-10142018-new.css
Origin
https://samranmalik.com

Response headers

Date
Sun, 22 Dec 2019 12:17:52 GMT
Server
nginx/1.16.1
Connection
keep-alive
Keep-Alive
timeout=60
Content-Length
538
Content-Type
text/html; charset=iso-8859-1
overview.png
samranmalik.com/wp-admin/js/bb/BBT/Online/T-Dox/images/ 		538 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://samranmalik.com/wp-admin/js/bb/BBT/Online/T-Dox/images/overview.png
Requested by
Host: bank.bbt.com
URL: https://bank.bbt.com/auth/js/library/jquery-1.9.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.249.35.108 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
orange.dnseasyhost.com
Software
nginx/1.16.1 /
Resource Hash
e3a4d6a832ba05f5c1fdaec23cc3391d6c276be69e31c2af338cf3820cbc587a

Request headers

Referer
https://samranmalik.com/wp-admin/js/bb/BBT/Online/T-Dox/wpfile/logon-10142018-new.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 22 Dec 2019 12:17:52 GMT
Server
nginx/1.16.1
Connection
keep-alive
Keep-Alive
timeout=60
Content-Length
538
Content-Type
text/html; charset=iso-8859-1
bbtu-bai.ttf
samranmalik.com/wp-admin/js/bb/BBT/Online/T-Dox/css/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://samranmalik.com/wp-admin/js/bb/BBT/Online/T-Dox/css/fonts/bbtu-bai.ttf?63153398
Requested by
Host: samranmalik.com
URL: https://samranmalik.com/wp-admin/js/bb/BBT/Online/online.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.249.35.108 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
orange.dnseasyhost.com
Software
nginx/1.16.1 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://samranmalik.com/wp-admin/js/bb/BBT/Online/T-Dox/wpfile/logon-10142018-new.css
Origin
https://samranmalik.com

Response headers

Date
Sun, 22 Dec 2019 12:17:52 GMT
Server
nginx/1.16.1
Connection
keep-alive
Keep-Alive
timeout=60
Content-Length
538
Content-Type
text/html; charset=iso-8859-1
Cookie set dest5.html
bbandt.demdex.net/ Frame 0834 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://bbandt.demdex.net/dest5.html?d_nsid=0
Requested by
Host: www.bbt.com
URL: https://www.bbt.com/assets/apps/dtm_auth/ac265c174e480c2b170c2d73fbe2ff4ca87ebaac/satelliteLib-2039843a7a97ef0847cd764b5a6ada6f146969bf.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.57.89 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-215-57-89.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
bbandt.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://samranmalik.com/wp-admin/js/bb/BBT/Online/online.html
Accept-Encoding
gzip, deflate, br
Cookie
demdex=76994845804698210033598481649965702610
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://samranmalik.com/wp-admin/js/bb/BBT/Online/online.html

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=21600
Content-Encoding
gzip
Content-Type
text/html
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified
Fri, 20 Dec 2019 11:34:58 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Set-Cookie
demdex=76994845804698210033598481649965702610;Path=/;Domain=.demdex.net;Expires=Fri, 19-Jun-2020 12:17:52 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding, User-Agent
X-TID
XtaeqANQS4M=
Content-Length
2764
Connection
keep-alive

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BB&T Bank (Banking)

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery object| html5 object| Modernizr function| yepnope object| respond object| digitalData object| var_ns boolean| formSubmitted function| doubleSubmitCheck function| submitMeOnEnter function| cancelButton function| submitLogin function| $j object| jQuery19106813847709429046 function| e object| adobe function| Visitor object| _satellite object| s_c_il number| s_c_in object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate object| bbt object| glbPageData string| appContextGlobalVar function| loadUpcomingPaymentsSbo function| processACHPayeeResponse function| clearACHFields function| clearACHPayeeFields function| processDomesticWirePayeeResponse function| clearDomesticWirePayeeInfoFormElements function| processInternationalWirePayeeResponse function| clearInternationalWirePayeeInfoFormElements function| gotosite function| editFieldVal object| tooltip object| trigger object| tooltipexit object| topPos function| isMobile function| tooltipShow function| tooltipHide function| checkTop undefined| resizeThrottleTooltip function| hintCommon function| leavePagePopup function| leavePageAlert function| getMinDateForPaymentCal function| equalheight function| DP_jQuery_1577017072720 object| Select2 string| ua boolean| is_ipad boolean| is_iphone boolean| is_ipod boolean| is_ios boolean| is_android boolean| is_android_tablet boolean| is_touch object| cssua undefined| resizeThrottle1 boolean| iWantToMobile object| windowSizeArray function| overflow function| tableToList function| listToTable function| headerStruct function| storeHeaders function| windowOpen function| areYouSure function| windowTimeout function| processingWindow undefined| dialogOpen function| launchModal function| closeModal function| windowOrg undefined| prevFocus object| appTour object| BBT object| MYFI boolean| oldIE boolean| is_mobile string| key object| pageDataHolder function| readMods object| waitUntilExists_Intervals

3 Cookies

Domain/Path Name / Value
.samranmalik.com/ Name: AMCV_135D34FA53DA9B160A490D44%40AdobeOrg
Value: 1585540135%7CMCIDTS%7C18253%7CMCMID%7C76975821062233039273600911250984275822%7CMCAAMLH-1577621872%7C6%7CMCAAMB-1577621872%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1577024272s%7CNONE%7CMCSYNCSOP%7C411-18260%7CMCAID%7CNONE%7CvVersion%7C4.4.0
.samranmalik.com/ Name: AMCVS_135D34FA53DA9B160A490D44%40AdobeOrg
Value: 1
.samranmalik.com/ Name: check
Value: true

1 Console Messages

Source Level URL
Text
console-api log URL: https://bank.bbt.com/auth/js/library/jquery-3.3.1-jquery-migrate-3.0.0.min.js(Line 5)
Message:
JQMIGRATE: Migrate is installed, version 3.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bank.bbt.com
bbandt.demdex.net
cm.everesttech.net
dpm.demdex.net
samranmalik.com
sstats.bbt.com
www.bbt.com
172.82.224.88
173.249.35.108
23.38.56.37
52.215.246.156
52.215.57.89
66.117.28.86
01c770037c319d63ac3ac43ae97b4832b94beb88b8ec53b37617286b02907029
24d0019d04e456f915278736590f17b97ad501f8280066b4bf5ca254ff6039be
2a4770f16d6977fd4e812cd99fa280ee162522cd6ba73f80c7f1033980868259
340a1fe80741b56c4d1f38c31e95b65cc27db54e752f4ffc2bf20aceecd64df0
3a4c01020a8c5eb4dbf1168d446bf46661ba4450d98d0b1fb5788ded632229f9
433f4ec46c909f71b8cf918b26f04e3c3e75ce69bfb5ac66184910ee467739b6
4b3683b03cc22e50675b37765e8d87343c6c7acf36b341839b2e1dcce393d795
5258d6b83da024b3f12456fb76ed9976e546d451c8ab098b29993e7357008cdd
5bc9d3bf3b3f5080bcb90682a31e1a565e62f27096737bf307b710975633dc50
6817ea3d05093629ab5afe729586d55cf5000d765ad3a3742d8d6db9fde7aecc
6c410032eaba889a2863070bff489d59ae5ab05c45445d6b8f36c9ac57f7522b
6e4b0a4fbb729b9045a733dca8d464bfee6bee9d6854401edf17a0b42be408df
754739f717dea0a4a759313c0fa9aa864761426b671e01aa609c903c3bc74f18
7dcb3e436b4857605431aba0ac7be0f0d59f2d434ef302218547cf1a4f81f036
9393b681830ed1c5474a4ad3b36db18474e185d0166a9846cccb7a80278de3b5
c8718108f64b2e93614762012063dcef99e4789de22433319625740d89b2e573
ce0f70d9e807bb959717d8350c21a107f5b6b7221a774b6d1ed057219468a260
e23ecc9a204bbd478b1293ec2a74db8afe74dfcc0616acb265f23aa04afaaec9
e3a4d6a832ba05f5c1fdaec23cc3391d6c276be69e31c2af338cf3820cbc587a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f70a152b1ce6ca9fa65cf36616b7ac22e53950fa296e50d22d50c74cd908732d