confirm-53rdteam02.serveirc.com Open in urlscan Pro
34.145.179.82 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://53rd-debit.us/
Effective URL:
https://confirm-53rdteam02.serveirc.com/6e2227e45/lin?f1558e79c0736bcc9770373fdf03dccb=4b17be88aaeda05d4cffb211331f3225
Submission: On May 26 via manual (May 26th 2022, 11:15:09 pm UTC) from US — Scanned from US

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 3 domains to perform 11 HTTP transactions. The main IP is 34.145.179.82, located in Washington, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is confirm-53rdteam02.serveirc.com.
TLS certificate: Issued by R3 on May 26th 2022. Valid for: 3 months.

This is the only time confirm-53rdteam02.serveirc.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Fifth Third Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 1	162.255.119.106 162.255.119.106	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1 1	2600:9000:21e... 2600:9000:21ec:4c00:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1 12	34.145.179.82 34.145.179.82	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
11	1

1 162.255.119.106 (United States) 1 redirects

ASN22612 (NAMECHEAP-NET, US)

53rd-debit.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21ec:4c00:19:9934:6a80:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

confirm-53rdlink.app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 34.145.179.82 (Washington, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 82.179.145.34.bc.googleusercontent.com

confirm-53rdteam02.serveirc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	serveirc.com 1 redirects confirm-53rdteam02.serveirc.com	470 KB
1	app.link 1 redirects confirm-53rdlink.app.link	600 B
1	53rd-debit.us 1 redirects 53rd-debit.us	249 B
11	3

	Domain	Requested by
12	confirm-53rdteam02.serveirc.com	1 redirects confirm-53rdteam02.serveirc.com
1	confirm-53rdlink.app.link	1 redirects
1	53rd-debit.us	1 redirects
11	3

This site contains no links.

Subject Issuer	Validity	Valid
confirm-53rdteam02.serveirc.com R3	`2022-05-26` - `2022-08-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://confirm-53rdteam02.serveirc.com/6e2227e45/lin?f1558e79c0736bcc9770373fdf03dccb=4b17be88aaeda05d4cffb211331f3225
Frame ID: 36D5F3EF129BD8473F3E2514F95D739C
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Fifth Third Login | Fifth Third

Page URL History Show full URLs

http://53rd-debit.us/ HTTP 302
https://confirm-53rdlink.app.link/e/secured HTTP 307
https://confirm-53rdteam02.serveirc.com/?%24web_only=true&_branch_match_id=1058510884548114025&utm_medium=marketing&... HTTP 302
https://confirm-53rdteam02.serveirc.com/4364 Page URL
https://confirm-53rdteam02.serveirc.com/6e2227e45/ Page URL
https://confirm-53rdteam02.serveirc.com/6e2227e45/lin?f1558e79c0736bcc9770373fdf03dccb=4b17be88aaeda05d4cffb211331f3225 Page URL

Page Statistics

11
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

1
IPs

1
Countries

469 kB
Transfer

466 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://53rd-debit.us/ HTTP 302
https://confirm-53rdlink.app.link/e/secured HTTP 307
https://confirm-53rdteam02.serveirc.com/?%24web_only=true&_branch_match_id=1058510884548114025&utm_medium=marketing&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT87PS8ssytU1NS5KycnMy9ZLLCjQAzH0U%2FWLU5NLi1JTAD29ZgwrAAAA HTTP 302
https://confirm-53rdteam02.serveirc.com/4364 Page URL
https://confirm-53rdteam02.serveirc.com/6e2227e45/ Page URL
https://confirm-53rdteam02.serveirc.com/6e2227e45/lin?f1558e79c0736bcc9770373fdf03dccb=4b17be88aaeda05d4cffb211331f3225 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://53rd-debit.us/ HTTP 302
https://confirm-53rdlink.app.link/e/secured HTTP 307
https://confirm-53rdteam02.serveirc.com/?%24web_only=true&_branch_match_id=1058510884548114025&utm_medium=marketing&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT87PS8ssytU1NS5KycnMy9ZLLCjQAzH0U%2FWLU5NLi1JTAD29ZgwrAAAA HTTP 302
https://confirm-53rdteam02.serveirc.com/4364

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	4364 Show response confirm-53rdteam02.serveirc.com/ Redirect Chain http://53rd-debit.us/ https://confirm-53rdlink.app.link/e/secured https://confirm-53rdteam02.serveirc.com/?%24web_only=true&_branch_match_id=1058510884548114025&utm_medium=marketing&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT87PS8ssytU1NS5KycnMy9ZLLCjQAzH0U%2FWLU5... https://confirm-53rdteam02.serveirc.com/4364	314 B 631 B	329ms 329ms	Document text/html	34.145.179.82 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://confirm-53rdteam02.serveirc.com/4364 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.145.179.82 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 82.179.145.34.bc.googleusercontent.com Software Apache / Resource Hash `f6bdf915220181de277190d2e0a15125c3d06ea8cc3caeb8e45e36ffe42e7cde` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Content-Type text/html; charset=UTF-8 Date Thu, 26 May 2022 23:15:04 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=99 Pragma no-cache Server Apache Transfer-Encoding chunked Redirect headers Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Content-Length 0 Content-Type text/html; charset=UTF-8 Date Thu, 26 May 2022 23:14:47 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=100 Pragma no-cache Server Apache location 4364
GET H/1.1	200 OK	/ Show response confirm-53rdteam02.serveirc.com/6e2227e45/	191 B 507 B	246ms 245ms	Document text/html	34.145.179.82 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://confirm-53rdteam02.serveirc.com/6e2227e45/ Requested by Host: confirm-53rdteam02.serveirc.com URL: https://confirm-53rdteam02.serveirc.com/4364 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.145.179.82 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 82.179.145.34.bc.googleusercontent.com Software Apache / Resource Hash `6d0b07bd8c2a76c0c1f012a45e749f31c348484ea4d763c4721de68d95fd455e` Request headers Referer https://confirm-53rdteam02.serveirc.com/4364 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Content-Type text/html; charset=UTF-8 Date Thu, 26 May 2022 23:15:04 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=98 Pragma no-cache Server Apache Transfer-Encoding chunked
GET H/1.1	200 OK	Primary Request lin Show response confirm-53rdteam02.serveirc.com/6e2227e45/	116 KB 116 KB	246ms 245ms	Document text/html	34.145.179.82 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://confirm-53rdteam02.serveirc.com/6e2227e45/lin?f1558e79c0736bcc9770373fdf03dccb=4b17be88aaeda05d4cffb211331f3225 Requested by Host: confirm-53rdteam02.serveirc.com URL: https://confirm-53rdteam02.serveirc.com/6e2227e45/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.145.179.82 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 82.179.145.34.bc.googleusercontent.com Software Apache / Resource Hash `c9882dbf33ee296e745f898285192cbd600a5d5bd4d3207c514d8f8460a711e9` Request headers Referer https://confirm-53rdteam02.serveirc.com/6e2227e45/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Content-Type text/html; charset=UTF-8 Date Thu, 26 May 2022 23:15:04 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=97 Pragma no-cache Server Apache Transfer-Encoding chunked
GET H/1.1	200 OK	clientlib-style.ff038509f95078f0bd96ef290d908123.css confirm-53rdteam02.serveirc.com/6e2227e45/fif/	233 KB 233 KB	32ms 11ms	Stylesheet text/css	34.145.179.82 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://confirm-53rdteam02.serveirc.com/6e2227e45/fif/clientlib-style.ff038509f95078f0bd96ef290d908123.css Requested by Host: confirm-53rdteam02.serveirc.com URL: https://confirm-53rdteam02.serveirc.com/6e2227e45/lin?f1558e79c0736bcc9770373fdf03dccb=4b17be88aaeda05d4cffb211331f3225 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.145.179.82 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 82.179.145.34.bc.googleusercontent.com Software Apache / Resource Hash `53a494f64e969d77cc15b1774982f029f7d40ecff39cf934e9e88b3fff0b5da5` Request headers accept-language en-US,en;q=0.9 Referer https://confirm-53rdteam02.serveirc.com/6e2227e45/lin?f1558e79c0736bcc9770373fdf03dccb=4b17be88aaeda05d4cffb211331f3225 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Thu, 26 May 2022 23:15:05 GMT Last-Modified Thu, 26 May 2022 23:15:04 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 238850
GET H/1.1	200 OK	clientlib-fonts.5a90d7c52d8174778542efb1494fd065.css confirm-53rdteam02.serveirc.com/6e2227e45/fif/	8 KB 8 KB	33ms 11ms	Stylesheet text/css	34.145.179.82 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://confirm-53rdteam02.serveirc.com/6e2227e45/fif/clientlib-fonts.5a90d7c52d8174778542efb1494fd065.css Requested by Host: confirm-53rdteam02.serveirc.com URL: https://confirm-53rdteam02.serveirc.com/6e2227e45/lin?f1558e79c0736bcc9770373fdf03dccb=4b17be88aaeda05d4cffb211331f3225 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.145.179.82 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 82.179.145.34.bc.googleusercontent.com Software Apache / Resource Hash `890b8000080278568005ba2e3c9f65b83f2cf84071bea381f25a96cae272a675` Request headers accept-language en-US,en;q=0.9 Referer https://confirm-53rdteam02.serveirc.com/6e2227e45/lin?f1558e79c0736bcc9770373fdf03dccb=4b17be88aaeda05d4cffb211331f3225 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Thu, 26 May 2022 23:15:05 GMT Last-Modified Thu, 26 May 2022 23:15:04 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 7839
GET H/1.1	200 OK	logo.svg confirm-53rdteam02.serveirc.com/6e2227e45/fif/	5 KB 5 KB	13ms 12ms	Image image/svg+xml	34.145.179.82 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://confirm-53rdteam02.serveirc.com/6e2227e45/fif/logo.svg Requested by Host: confirm-53rdteam02.serveirc.com URL: https://confirm-53rdteam02.serveirc.com/6e2227e45/lin?f1558e79c0736bcc9770373fdf03dccb=4b17be88aaeda05d4cffb211331f3225 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.145.179.82 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 82.179.145.34.bc.googleusercontent.com Software Apache / Resource Hash `617518a4c1f153f1cbcb09ac14a8b3f4be01fb80dd86159b6b02bbee52622ed3` Request headers accept-language en-US,en;q=0.9 Referer https://confirm-53rdteam02.serveirc.com/6e2227e45/lin?f1558e79c0736bcc9770373fdf03dccb=4b17be88aaeda05d4cffb211331f3225 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Thu, 26 May 2022 23:15:05 GMT Last-Modified Thu, 26 May 2022 23:15:04 GMT Server Apache Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 4875
GET H/1.1	200 OK	1440x565-ftblue-other.jpg confirm-53rdteam02.serveirc.com/6e2227e45/fif/	64 KB 65 KB	31ms 12ms	Image image/jpeg	34.145.179.82 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://confirm-53rdteam02.serveirc.com/6e2227e45/fif/1440x565-ftblue-other.jpg Requested by Host: confirm-53rdteam02.serveirc.com URL: https://confirm-53rdteam02.serveirc.com/6e2227e45/lin?f1558e79c0736bcc9770373fdf03dccb=4b17be88aaeda05d4cffb211331f3225 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.145.179.82 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 82.179.145.34.bc.googleusercontent.com Software Apache / Resource Hash `a41032b705f624b9e188124f35ffa60061fb90257f32e532f80fb51e109c8fae` Request headers accept-language en-US,en;q=0.9 Referer https://confirm-53rdteam02.serveirc.com/6e2227e45/lin?f1558e79c0736bcc9770373fdf03dccb=4b17be88aaeda05d4cffb211331f3225 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Thu, 26 May 2022 23:15:05 GMT Last-Modified Thu, 26 May 2022 23:15:04 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 65879
GET H/1.1	200 OK	autocomplete.css confirm-53rdteam02.serveirc.com/6e2227e45/fif/	3 KB 4 KB	14ms 12ms	Stylesheet text/css	34.145.179.82 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://confirm-53rdteam02.serveirc.com/6e2227e45/fif/autocomplete.css Requested by Host: confirm-53rdteam02.serveirc.com URL: https://confirm-53rdteam02.serveirc.com/6e2227e45/lin?f1558e79c0736bcc9770373fdf03dccb=4b17be88aaeda05d4cffb211331f3225 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.145.179.82 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 82.179.145.34.bc.googleusercontent.com Software Apache / Resource Hash `6c2ab9f3416084bd3ecb445e18b4b253f6acba1ee5014e829b22c7cf1a9e8082` Request headers accept-language en-US,en;q=0.9 Referer https://confirm-53rdteam02.serveirc.com/6e2227e45/lin?f1558e79c0736bcc9770373fdf03dccb=4b17be88aaeda05d4cffb211331f3225 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Thu, 26 May 2022 23:15:05 GMT Last-Modified Thu, 26 May 2022 23:15:04 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 3468
GET H/1.1	200 OK	equal_housing_logo.png confirm-53rdteam02.serveirc.com/6e2227e45/fif/	3 KB 3 KB	30ms 11ms	Image image/png	34.145.179.82 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://confirm-53rdteam02.serveirc.com/6e2227e45/fif/equal_housing_logo.png Requested by Host: confirm-53rdteam02.serveirc.com URL: https://confirm-53rdteam02.serveirc.com/6e2227e45/lin?f1558e79c0736bcc9770373fdf03dccb=4b17be88aaeda05d4cffb211331f3225 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.145.179.82 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 82.179.145.34.bc.googleusercontent.com Software Apache / Resource Hash `c9874fdc3addc2b1da577088ec110c30e79e6afd4e89a20ac6ecff47cf1b3f45` Request headers accept-language en-US,en;q=0.9 Referer https://confirm-53rdteam02.serveirc.com/6e2227e45/lin?f1558e79c0736bcc9770373fdf03dccb=4b17be88aaeda05d4cffb211331f3225 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Thu, 26 May 2022 23:15:05 GMT Last-Modified Thu, 26 May 2022 23:15:04 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 2758
GET H/1.1	200 OK	search.css confirm-53rdteam02.serveirc.com/6e2227e45/fif/	3 KB 3 KB	19ms 11ms	Stylesheet text/css	34.145.179.82 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://confirm-53rdteam02.serveirc.com/6e2227e45/fif/search.css Requested by Host: confirm-53rdteam02.serveirc.com URL: https://confirm-53rdteam02.serveirc.com/6e2227e45/lin?f1558e79c0736bcc9770373fdf03dccb=4b17be88aaeda05d4cffb211331f3225 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.145.179.82 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 82.179.145.34.bc.googleusercontent.com Software Apache / Resource Hash `d8f31d35029afd740d78227a50d3e2120c53aaea0ba50e654dd1598c9d385a44` Request headers accept-language en-US,en;q=0.9 Referer https://confirm-53rdteam02.serveirc.com/6e2227e45/lin?f1558e79c0736bcc9770373fdf03dccb=4b17be88aaeda05d4cffb211331f3225 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Thu, 26 May 2022 23:15:05 GMT Last-Modified Thu, 26 May 2022 23:15:04 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 3026
GET H/1.1	200 OK	icomoon.woff confirm-53rdteam02.serveirc.com/6e2227e45/fif/	31 KB 31 KB	12ms 12ms	Font font/woff	34.145.179.82 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://confirm-53rdteam02.serveirc.com/6e2227e45/fif/icomoon.woff Requested by Host: confirm-53rdteam02.serveirc.com URL: https://confirm-53rdteam02.serveirc.com/6e2227e45/fif/clientlib-fonts.5a90d7c52d8174778542efb1494fd065.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.145.179.82 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 82.179.145.34.bc.googleusercontent.com Software Apache / Resource Hash `1539ec89c49a493f983dbde0e0c35c310eaaa74f91aa316eac33e942285bed2c` Request headers Referer https://confirm-53rdteam02.serveirc.com/6e2227e45/fif/clientlib-fonts.5a90d7c52d8174778542efb1494fd065.css Origin https://confirm-53rdteam02.serveirc.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers Date Thu, 26 May 2022 23:15:05 GMT Last-Modified Thu, 26 May 2022 23:15:04 GMT Server Apache Content-Type font/woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 31620

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Fifth Third Bank (Banking)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.app.link/	1970-01-20 12:05:42	Name: _s Value: IfljONLNvlbIv3vA9V%2FZ83zfWD69C%2Bw5stPQsim85bVHRzWNpJteHo0zOuCVENS8
confirm-53rdteam02.serveirc.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 3966981ff083a2484675e01349cd05d5
confirm-53rdteam02.serveirc.com/	1970-01-20 04:03:18	Name: f660ad6c5744b18c1b9bbf97a1b272aa Value: a024fda13e529c576371217e5f04f612
confirm-53rdteam02.serveirc.com/	1970-01-20 04:03:18	Name: 46ce7ce7b39df8f68f5b72890a663cd1 Value: 1653606904
confirm-53rdteam02.serveirc.com/	1969-12-31 23:59:59	Name: e6c16 Value: 1600
confirm-53rdteam02.serveirc.com/	1969-12-31 23:59:59	Name: dfc44 Value: 1200

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

53rd-debit.us
confirm-53rdlink.app.link
confirm-53rdteam02.serveirc.com
162.255.119.106
2600:9000:21ec:4c00:19:9934:6a80:93a1
34.145.179.82
1539ec89c49a493f983dbde0e0c35c310eaaa74f91aa316eac33e942285bed2c
53a494f64e969d77cc15b1774982f029f7d40ecff39cf934e9e88b3fff0b5da5
617518a4c1f153f1cbcb09ac14a8b3f4be01fb80dd86159b6b02bbee52622ed3
6c2ab9f3416084bd3ecb445e18b4b253f6acba1ee5014e829b22c7cf1a9e8082
6d0b07bd8c2a76c0c1f012a45e749f31c348484ea4d763c4721de68d95fd455e
890b8000080278568005ba2e3c9f65b83f2cf84071bea381f25a96cae272a675
a41032b705f624b9e188124f35ffa60061fb90257f32e532f80fb51e109c8fae
c9874fdc3addc2b1da577088ec110c30e79e6afd4e89a20ac6ecff47cf1b3f45
c9882dbf33ee296e745f898285192cbd600a5d5bd4d3207c514d8f8460a711e9
d8f31d35029afd740d78227a50d3e2120c53aaea0ba50e654dd1598c9d385a44
f6bdf915220181de277190d2e0a15125c3d06ea8cc3caeb8e45e36ffe42e7cde

confirm-53rdteam02.serveirc.com Open in urlscan Pro 34.145.179.82 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

11 Requests

100 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

1 IPs

1 Countries

469 kBTransfer

466 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

7 JavaScript Global Variables

6 Cookies

Indicators

confirm-53rdteam02.serveirc.com Open in urlscan Pro
34.145.179.82 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

1
IPs

1
Countries

469 kB
Transfer

466 kB
Size

6
Cookies

11 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!