urlscan.io logo urlscan.io
SecurityTrails logo

deny-application-access.com Open in urlscan Pro
162.0.209.241  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://deny-application-access.com/
Effective URL: https://deny-application-access.com/lgin.jsp.php?VT.ac=Account/Activation&t_cookie=LVZUKW58379Z9PZTKIJ3XD2V4A2OEZ5C5F4T1BW0BG1VPO69K40
Submission: On January 11 via automatic, source phishtank
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 13 HTTP transactions. The main IP is 162.0.209.241, located in Canada and belongs to NAMECHEAP-NET, US. The main domain is deny-application-access.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 8th 2021. Valid for: a year.
This is the only time deny-application-access.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Lloyds (Banking)

Domain & IP information

IP Address AS Autonomous System
1 14 162.0.209.241 22612 (NAMECHEAP...)
13 1
Apex Domain
Subdomains		 Transfer
14 deny-application-access.com
deny-application-access.com
196 KB
13 1
Domain Requested by
14 deny-application-access.com 1 redirects deny-application-access.com
13 1

This site contains no links.

Subject Issuer Validity Valid
deny-application-access.com
Sectigo RSA Domain Validation Secure Server CA		 2021-01-08 -
2022-01-08		 a year crt.sh

This page contains 1 frames:

Primary Page: https://deny-application-access.com/lgin.jsp.php?VT.ac=Account/Activation&t_cookie=LVZUKW58379Z9PZTKIJ3XD2V4A2OEZ5C5F4T1BW0BG1VPO69K40
Frame ID: 2D9F8F1A9EC2BD65C03A852AA1BB19E8
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://deny-application-access.com/ HTTP 301
    https://deny-application-access.com/ Page URL
  2. https://deny-application-access.com/lgin.jsp.php?VT.ac=Account/Activation&t_cookie=LVZUKW58379Z9PZTKIJ3XD2V4A2OE... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

196 kB
Transfer

269 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://deny-application-access.com/ HTTP 301
    https://deny-application-access.com/ Page URL
  2. https://deny-application-access.com/lgin.jsp.php?VT.ac=Account/Activation&t_cookie=LVZUKW58379Z9PZTKIJ3XD2V4A2OEZ5C5F4T1BW0BG1VPO69K40 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://deny-application-access.com/ HTTP 301
  • https://deny-application-access.com/

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
deny-application-access.com/
Redirect Chain
  • http://deny-application-access.com/
  • https://deny-application-access.com/
220 B
734 B 		Document
General
Check archive.org
Download Go to
Full URL
https://deny-application-access.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.209.241 , Canada, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business99-4.web-hosting.com
Software
Apache / PHP/7.2.34
Resource Hash
cb8f0e9c683b45323c6f6fb0ac3dfa5c3b98792dae92ac7003eafa3e33f54d77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
deny-application-access.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 11 Jan 2021 16:32:29 GMT
server
Apache
x-powered-by
PHP/7.2.34
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
set-cookie
PHPSESSID=a851f454caab0041213ebebf31832e21; path=/
vary
Accept-Encoding
content-encoding
gzip
content-length
210
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
referrer-policy
no-referrer-when-downgrade

Redirect headers

Date
Mon, 11 Jan 2021 16:32:28 GMT
Server
Apache
Location
https://deny-application-access.com/
Content-Length
244
Content-Type
text/html; charset=iso-8859-1
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload;
Referrer-Policy
no-referrer-when-downgrade
Primary Request lgin.jsp.php
deny-application-access.com/ 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://deny-application-access.com/lgin.jsp.php?VT.ac=Account/Activation&t_cookie=LVZUKW58379Z9PZTKIJ3XD2V4A2OEZ5C5F4T1BW0BG1VPO69K40
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.209.241 , Canada, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business99-4.web-hosting.com
Software
Apache / PHP/7.2.34
Resource Hash
723e2f6ca8cc6783c5d8ffd3124318240838ac41df4977fbf2d6b0a0ed22a31f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
deny-application-access.com
:scheme
https
:path
/lgin.jsp.php?VT.ac=Account/Activation&t_cookie=LVZUKW58379Z9PZTKIJ3XD2V4A2OEZ5C5F4T1BW0BG1VPO69K40
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://deny-application-access.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PHPSESSID=a851f454caab0041213ebebf31832e21
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://deny-application-access.com/

Response headers

date
Mon, 11 Jan 2021 16:32:29 GMT
server
Apache
x-powered-by
PHP/7.2.34
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Accept-Encoding
content-encoding
gzip
content-length
3557
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
referrer-policy
no-referrer-when-downgrade
styles.css
deny-application-access.com/receipts/ 		85 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://deny-application-access.com/receipts/styles.css
Requested by
Host: deny-application-access.com
URL: https://deny-application-access.com/lgin.jsp.php?VT.ac=Account/Activation&t_cookie=LVZUKW58379Z9PZTKIJ3XD2V4A2OEZ5C5F4T1BW0BG1VPO69K40
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.209.241 , Canada, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business99-4.web-hosting.com
Software
Apache /
Resource Hash
cba5c34d8867f986c18209bceb10a0afb5c515ef800045a99ee6a57c5caf982d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://deny-application-access.com/lgin.jsp.php?VT.ac=Account/Activation&t_cookie=LVZUKW58379Z9PZTKIJ3XD2V4A2OEZ5C5F4T1BW0BG1VPO69K40
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 11 Jan 2021 16:32:30 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 11 Jul 2020 13:47:38 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
16392
x-content-type-options
nosniff
caller.js
deny-application-access.com/receipts/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://deny-application-access.com/receipts/caller.js?vJDQNcnlUQMyMRMkerQypP
Requested by
Host: deny-application-access.com
URL: https://deny-application-access.com/lgin.jsp.php?VT.ac=Account/Activation&t_cookie=LVZUKW58379Z9PZTKIJ3XD2V4A2OEZ5C5F4T1BW0BG1VPO69K40
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.209.241 , Canada, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business99-4.web-hosting.com
Software
Apache /
Resource Hash
debe0b900e726ab6e7efc8d220111979c4b74aab9a8e377d314d720d00eb298f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://deny-application-access.com/lgin.jsp.php?VT.ac=Account/Activation&t_cookie=LVZUKW58379Z9PZTKIJ3XD2V4A2OEZ5C5F4T1BW0BG1VPO69K40
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 11 Jan 2021 16:32:30 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 23 Jul 2020 07:37:06 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
768
x-content-type-options
nosniff
mobile_logo.png
deny-application-access.com/receipts/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://deny-application-access.com/receipts/mobile_logo.png
Requested by
Host: deny-application-access.com
URL: https://deny-application-access.com/lgin.jsp.php?VT.ac=Account/Activation&t_cookie=LVZUKW58379Z9PZTKIJ3XD2V4A2OEZ5C5F4T1BW0BG1VPO69K40
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.209.241 , Canada, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business99-4.web-hosting.com
Software
Apache /
Resource Hash
d94b45399a9842e43a27838ef3fc9240bb7b1205378b16fb543d836256d9ad36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://deny-application-access.com/lgin.jsp.php?VT.ac=Account/Activation&t_cookie=LVZUKW58379Z9PZTKIJ3XD2V4A2OEZ5C5F4T1BW0BG1VPO69K40
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 11 Jan 2021 16:32:30 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 11 Jul 2020 06:09:08 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/png
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
4545
x-content-type-options
nosniff
logo.png
deny-application-access.com/receipts/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://deny-application-access.com/receipts/logo.png
Requested by
Host: deny-application-access.com
URL: https://deny-application-access.com/lgin.jsp.php?VT.ac=Account/Activation&t_cookie=LVZUKW58379Z9PZTKIJ3XD2V4A2OEZ5C5F4T1BW0BG1VPO69K40
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.209.241 , Canada, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business99-4.web-hosting.com
Software
Apache /
Resource Hash
7dd7cf44e2aa94fd6b014f057bb0fc124d15671f67538b87d1c502183d9ee2a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://deny-application-access.com/lgin.jsp.php?VT.ac=Account/Activation&t_cookie=LVZUKW58379Z9PZTKIJ3XD2V4A2OEZ5C5F4T1BW0BG1VPO69K40
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 11 Jan 2021 16:32:30 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 11 Jul 2020 08:07:30 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/png
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
1574
x-content-type-options
nosniff
err1.png
deny-application-access.com/receipts/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://deny-application-access.com/receipts/err1.png
Requested by
Host: deny-application-access.com
URL: https://deny-application-access.com/lgin.jsp.php?VT.ac=Account/Activation&t_cookie=LVZUKW58379Z9PZTKIJ3XD2V4A2OEZ5C5F4T1BW0BG1VPO69K40
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.209.241 , Canada, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business99-4.web-hosting.com
Software
Apache /
Resource Hash
07951109150b3a36372d8e9d5cb3d371f429f6ec6df02178483f235a3be68045
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://deny-application-access.com/lgin.jsp.php?VT.ac=Account/Activation&t_cookie=LVZUKW58379Z9PZTKIJ3XD2V4A2OEZ5C5F4T1BW0BG1VPO69K40
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 11 Jan 2021 16:32:30 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 11 Jul 2020 09:08:08 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/png
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
1927
x-content-type-options
nosniff
lloyds_bank_jack-regularWEB.woff
deny-application-access.com/receipts/ 		63 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://deny-application-access.com/receipts/lloyds_bank_jack-regularWEB.woff
Requested by
Host: deny-application-access.com
URL: https://deny-application-access.com/receipts/styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.209.241 , Canada, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business99-4.web-hosting.com
Software
Apache /
Resource Hash
991a121de8faf40ccce7ee09da5d5058a6a9fc0f116da0ae6661937d564718fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://deny-application-access.com
Referer
https://deny-application-access.com/receipts/styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 11 Jan 2021 16:32:30 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 11 Jul 2020 06:09:24 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
font/woff
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
64612
x-content-type-options
nosniff
lloyds_bank_jack-lightWEB.woff
deny-application-access.com/receipts/ 		69 KB
69 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://deny-application-access.com/receipts/lloyds_bank_jack-lightWEB.woff
Requested by
Host: deny-application-access.com
URL: https://deny-application-access.com/receipts/styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.209.241 , Canada, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business99-4.web-hosting.com
Software
Apache /
Resource Hash
9e6eda2bbb5bdf12576c5735f1a26df1654c5701f3c5df3c15ca1e42f579864b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://deny-application-access.com
Referer
https://deny-application-access.com/receipts/styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 11 Jan 2021 16:32:30 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 11 Jul 2020 06:09:24 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
font/woff
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
70356
x-content-type-options
nosniff
lloyds_bank_jack-mediumWEB.woff
deny-application-access.com/receipts/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://deny-application-access.com/receipts/lloyds_bank_jack-mediumWEB.woff
Requested by
Host: deny-application-access.com
URL: https://deny-application-access.com/receipts/styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.209.241 , Canada, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business99-4.web-hosting.com
Software
Apache /
Resource Hash
d60a6761863388fedcdd013441def41b3ce324bc2e14c5908f3dc7cd865bf829
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://deny-application-access.com
Referer
https://deny-application-access.com/receipts/styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 11 Jan 2021 16:32:30 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 11 Jul 2020 06:09:24 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
font/woff
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
31660
x-content-type-options
nosniff
out.php
deny-application-access.com/connect/ 		0
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://deny-application-access.com/connect/out.php
Requested by
Host: deny-application-access.com
URL: https://deny-application-access.com/receipts/caller.js?vJDQNcnlUQMyMRMkerQypP
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.209.241 , Canada, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business99-4.web-hosting.com
Software
Apache / PHP/7.2.34
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://deny-application-access.com/lgin.jsp.php?VT.ac=Account/Activation&t_cookie=LVZUKW58379Z9PZTKIJ3XD2V4A2OEZ5C5F4T1BW0BG1VPO69K40
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 11 Jan 2021 16:32:33 GMT
referrer-policy
no-referrer-when-downgrade
server
Apache
x-powered-by
PHP/7.2.34
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
0
x-content-type-options
nosniff
out.php
deny-application-access.com/connect/ 		0
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://deny-application-access.com/connect/out.php
Requested by
Host: deny-application-access.com
URL: https://deny-application-access.com/receipts/caller.js?vJDQNcnlUQMyMRMkerQypP
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.209.241 , Canada, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business99-4.web-hosting.com
Software
Apache / PHP/7.2.34
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://deny-application-access.com/lgin.jsp.php?VT.ac=Account/Activation&t_cookie=LVZUKW58379Z9PZTKIJ3XD2V4A2OEZ5C5F4T1BW0BG1VPO69K40
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 11 Jan 2021 16:32:36 GMT
referrer-policy
no-referrer-when-downgrade
server
Apache
x-powered-by
PHP/7.2.34
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
0
x-content-type-options
nosniff
out.php
deny-application-access.com/connect/ 		0
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://deny-application-access.com/connect/out.php
Requested by
Host: deny-application-access.com
URL: https://deny-application-access.com/receipts/caller.js?vJDQNcnlUQMyMRMkerQypP
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.209.241 , Canada, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business99-4.web-hosting.com
Software
Apache / PHP/7.2.34
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://deny-application-access.com/lgin.jsp.php?VT.ac=Account/Activation&t_cookie=LVZUKW58379Z9PZTKIJ3XD2V4A2OEZ5C5F4T1BW0BG1VPO69K40
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 11 Jan 2021 16:32:39 GMT
referrer-policy
no-referrer-when-downgrade
server
Apache
x-powered-by
PHP/7.2.34
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
0
x-content-type-options
nosniff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Lloyds (Banking)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| callerConnect function| callerAuth function| ranodmize number| action function| UHmlHP function| dyTmhLQJII

1 Cookies

Domain/Path Name / Value
deny-application-access.com/ Name: PHPSESSID
Value: a851f454caab0041213ebebf31832e21

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block