![](/screenshots/ec70c5da-7d95-4531-8c55-16d4e399af30.png)
secured-hub.me
Open in
urlscan Pro
203.159.80.179
Malicious Activity!
Public Scan
Effective URL: https://secured-hub.me/account/login
Submission: On April 13 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by R3 on April 13th 2021. Valid for: 3 months.
This is the only time secured-hub.me was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Halifax Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 8 | 203.159.80.179 203.159.80.179 | 213035 (SERVERION...) (SERVERION-AS Serverion B.V.) | |
33 | 23.79.155.197 23.79.155.197 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:1b | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
4 | 23.37.56.41 23.37.56.41 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 | 2600:9000:211... 2600:9000:211e:dc00:e:a6e2:4f80:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 54.171.219.200 54.171.219.200 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 15.237.76.117 15.237.76.117 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 178.249.97.23 178.249.97.23 | 11054 (LIVEPERSON) (LIVEPERSON) | |
54 | 9 |
ASN16625 (AKAMAI-AS, US)
PTR: a23-79-155-197.deploy.static.akamaitechnologies.com
www.halifax-online.co.uk |
ASN16625 (AKAMAI-AS, US)
PTR: a23-37-56-41.deploy.static.akamaitechnologies.com
tags.tiqcdn.com |
ASN16509 (AMAZON-02, US)
bcdn-16c9d93d.halifax-online.co.uk |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-219-200.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-76-117.eu-west-3.compute.amazonaws.com
lloydsbankinggroup.d3.sc.omtrdc.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
34 |
halifax-online.co.uk
www.halifax-online.co.uk bcdn-16c9d93d.halifax-online.co.uk |
349 KB |
8 |
secured-hub.me
1 redirects
secured-hub.me |
12 KB |
4 |
tiqcdn.com
tags.tiqcdn.com |
167 KB |
2 |
omtrdc.net
lloydsbankinggroup.d3.sc.omtrdc.net |
537 B |
1 |
liveperson.net
lptag.liveperson.net |
|
1 |
demdex.net
dpm.demdex.net |
1 KB |
1 |
jquery.com
code.jquery.com |
35 KB |
54 | 7 |
Domain | Requested by | |
---|---|---|
33 | www.halifax-online.co.uk |
secured-hub.me
www.halifax-online.co.uk |
8 | secured-hub.me |
1 redirects
secured-hub.me
www.halifax-online.co.uk |
4 | tags.tiqcdn.com |
www.halifax-online.co.uk
tags.tiqcdn.com |
2 | lloydsbankinggroup.d3.sc.omtrdc.net |
www.halifax-online.co.uk
|
1 | lptag.liveperson.net |
tags.tiqcdn.com
|
1 | dpm.demdex.net |
www.halifax-online.co.uk
|
1 | bcdn-16c9d93d.halifax-online.co.uk |
secured-hub.me
|
1 | code.jquery.com |
secured-hub.me
|
54 | 8 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.halifax-online.co.uk |
Subject Issuer | Validity | Valid | |
---|---|---|---|
secured-hub.me R3 |
2021-04-13 - 2021-07-12 |
3 months | crt.sh |
GLZ-IB-LBG-DESKTOP-PROD-101.lloydsbanking.com QuoVadis Europe EV SSL CA G1 |
2020-09-09 - 2021-09-09 |
a year | crt.sh |
jquery.org Sectigo RSA Domain Validation Secure Server CA |
2020-10-06 - 2021-10-16 |
a year | crt.sh |
*.tiqcdn.com DigiCert SHA2 Secure Server CA |
2020-03-16 - 2021-06-15 |
a year | crt.sh |
bcdn-16c9d93d.lloydsbank.co.uk QuoVadis Europe EV SSL CA G1 |
2020-09-16 - 2021-09-16 |
a year | crt.sh |
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1 |
2020-12-02 - 2022-01-02 |
a year | crt.sh |
*.d3.sc.omtrdc.net DigiCert SHA2 High Assurance Server CA |
2020-02-28 - 2022-03-04 |
2 years | crt.sh |
*.liveperson.net Sectigo RSA Organization Validation Secure Server CA |
2020-05-30 - 2022-05-30 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://secured-hub.me/account/login
Frame ID: F923C040C554BD37AEB7C9E3070EF086
Requests: 54 HTTP requests in this frame
Screenshot
![](/screenshots/ec70c5da-7d95-4531-8c55-16d4e399af30.png)
Page URL History Show full URLs
-
https://secured-hub.me/
HTTP 302
https://secured-hub.me/account/login Page URL
Detected technologies
![](/vendor/wappa/icons/Ubuntu.png)
Detected patterns
- headers server /Ubuntu/i
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: Legal
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: www.lloydsbankinggroup.com
Search URL Search Domain Scan URL
Title: Rates & fees
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://secured-hub.me/
HTTP 302
https://secured-hub.me/account/login Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
54 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
![]() secured-hub.me/account/ Redirect Chain
|
32 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
adrum-ext.62d0e08d9f229ec0e2a347c4a03b777b.js
www.halifax-online.co.uk//assets/lib// |
45 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
16c9d93d.js
www.halifax-online.co.uk/https://bcdn-16c9d93d.halifax-online.co.uk/scripts/16c9d93d/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.3.2.js
code.jquery.com/ |
118 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
utag.js
www.halifax-online.co.uk///tags.tiqcdn.com/utag/lbg/main/prod/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
utag-1584445422.js
www.halifax-online.co.uk//wps/wcm/connect/content_halifax_personal_banking/assets/assets/insight-tagging/ |
331 KB 112 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sca_global.css
www.halifax-online.co.uk//unauth/assets/HalifaxRetail/style/ |
316 B 631 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-min201126.js
www.halifax-online.co.uk//unauth/assets/lib/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
scriptsnippet.jspf
www.halifax-online.co.uk//static/desktop/ |
80 KB 23 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
global-min201126.js
www.halifax-online.co.uk//unauth/assets/lib/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
custom-min201126.js
www.halifax-online.co.uk//unauth/assets/HalifaxRetail/script/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
has_js.css
www.halifax-online.co.uk//unauth/assets/HalifaxRetail/style/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
adrum-4.2.2.js
www.halifax-online.co.uk//assets/lib/ |
35 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cdApi.js
www.halifax-online.co.uk//assets/lib/ |
518 B 761 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img00002a_new-1560876346.png
www.halifax-online.co.uk//wps/wcm/connect/content_halifax_personal_banking/assets/media/images/lloydstsb2009/miscellaneous/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img00004a-1561131810.png
www.halifax-online.co.uk//wps/wcm/connect/content_halifax_personal_banking/assets/media/images/lloydstsb2009/miscellaneous/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
halifax_static-1606379980.jpg
www.halifax-online.co.uk/wps/wcm/connect/content_halifax_personal_banking/assets/media/images/marketing/Logon_banner/ |
4 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
p0400lnk500a_new-1560876517.png
www.halifax-online.co.uk/wps/wcm/connect/content_halifax_personal_banking/assets/media/images/lloydstsb2009/miscellaneous/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
P04.00.js
www.halifax-online.co.uk//unauth/assets/webtrends/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
header-footer-min201126.js
www.halifax-online.co.uk//unauth/assets/lib/ress/js/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1849fdf1ui259f4dc65b3d0a9eca52
www.halifax-online.co.uk//yuolsoiifpm/ |
73 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
authentication_.js
secured-hub.me/account/public/js/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.js
tags.tiqcdn.com/utag/lbg/main/prod/ |
593 KB 136 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sca_forms.css
www.halifax-online.co.uk//unauth/assets/HalifaxRetail/style/ |
12 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sca_base.css
www.halifax-online.co.uk//unauth/assets/HalifaxRetail/style/ |
39 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sca_login.css
www.halifax-online.co.uk//unauth/assets/HalifaxRetail/style/ |
21 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fontface.css
www.halifax-online.co.uk//unauth/assets/HalifaxRetail/style/ |
2 KB 864 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
overlay.css
www.halifax-online.co.uk//unauth/assets/HalifaxRetail/style/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sca_accordion.css
www.halifax-online.co.uk//unauth/assets/HalifaxRetail/style/ |
10 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
print_base-min201126.css
www.halifax-online.co.uk//unauth/assets/HalifaxRetail/style/print/ |
0 0 |
Stylesheet
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-min201126.js
www.halifax-online.co.uk//unauth/assets/lib/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
global-min201126.js
www.halifax-online.co.uk//unauth/assets/lib/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
custom-min201126.js
www.halifax-online.co.uk//unauth/assets/HalifaxRetail/script/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
16c9d93d.js
bcdn-16c9d93d.halifax-online.co.uk/scripts/16c9d93d/ |
601 KB 112 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_hfax.png
www.halifax-online.co.uk//unauth/assets/HalifaxRetail/img/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
padlock.png
www.halifax-online.co.uk//unauth/assets/HalifaxRetail/img/ |
539 B 979 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
chevron-down.png
www.halifax-online.co.uk//unauth/assets/HalifaxRetail/img/icons/ |
379 B 819 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
agendaLight.woff
www.halifax-online.co.uk//unauth/assets/HalifaxRetail/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
HelveticaNeueW02-85Heavy.woff
www.halifax-online.co.uk//unauth/assets/HalifaxRetail/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
agendaMedium.woff
www.halifax-online.co.uk//unauth/assets/HalifaxRetail/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
header-footer-min201126.js
www.halifax-online.co.uk//unauth/assets/lib/ress/js/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
1849fdf1ui259f4dc65b3d0a9eca52
secured-hub.me/yuolsoiifpm/ |
277 B 628 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ |
2 B 243 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
dpm.demdex.net/ |
227 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
77c38c90-f117-439e-9583-187bdf2de64a
https://secured-hub.me/ |
161 KB 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
adrum-ext.62d0e08d9f229ec0e2a347c4a03b777b.js
secured-hub.me/assets/lib// |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
lloydsbankinggroup.d3.sc.omtrdc.net/ |
2 B 316 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
1849fdf1ui259f4dc65b3d0a9eca52
secured-hub.me/yuolsoiifpm/ |
277 B 628 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s53834527309222
lloydsbankinggroup.d3.sc.omtrdc.net/b/ss/lloydsbankinggroupprod/1/JS-2.10.0/ |
43 B 221 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
1849fdf1ui259f4dc65b3d0a9eca52
secured-hub.me/yuolsoiifpm/ |
277 B 628 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
1849fdf1ui259f4dc65b3d0a9eca52
secured-hub.me/yuolsoiifpm/ |
277 B 628 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.895.js
tags.tiqcdn.com/utag/lbg/main/prod/ |
76 KB 30 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.992.js
tags.tiqcdn.com/utag/lbg/main/prod/ |
2 KB 959 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag.js
lptag.liveperson.net/tag/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.halifax-online.co.uk
- URL
- https://www.halifax-online.co.uk//unauth/assets/HalifaxRetail/fonts/agendaLight.woff
- Domain
- www.halifax-online.co.uk
- URL
- https://www.halifax-online.co.uk//unauth/assets/HalifaxRetail/fonts/HelveticaNeueW02-85Heavy.woff
- Domain
- www.halifax-online.co.uk
- URL
- https://www.halifax-online.co.uk//unauth/assets/HalifaxRetail/fonts/agendaMedium.woff
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Halifax Bank (Banking)125 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| utag_data function| targetPageParams string| TealiumVersion function| printAnalyticsLog object| clova2 object| clova3 object| clova3EventQueue function| setImmediate function| clearImmediate object| utag_dataEmpty object| utag_cfg_ovrd function| runAppDynamics object| clovaAcquire function| setAnalyticsVariables function| triggerAnalyticsPageEvent boolean| loadBot boolean| utag_condload boolean| isValidJson undefined| windowNameFix function| eligibleByDomain function| getEnvironmentFromScriptLocation function| eligibleByEnvironment function| ineligibleByDevice function| ineligibleByPath function| exemptionPages function| getGMTTimeInOneHour function| getGMTTimeAnHourAgo function| getGMTTimeInNinetyDays function| getParentDomain function| getBrand function| debugLog object| utag object| _gaq object| pageTracker function| e object| s function| AppMeasurement function| s_gi function| s_pgicq function| AppMeasurement_Module_ActivityMap undefined| n object| bOU object| aOU function| OU_new function| tealium_liveperson_lib function| giveMeQ function| stitchCookies function| useQS function| isJsonString function| optInNoPrompt function| deleteCookie function| inheritNoPrompt function| showPrompt function| consentsCaptured function| writeSeenBeforeCookie function| writefirstSessionCookie function| seenBeforeCookieCaptured function| firstSessionCookieCaptured boolean| __tealium_twc_switch boolean| allowPartialMatch boolean| __tealium_privacy function| fixWTCookies number| analytics_event_count object| analytics_event_log boolean| waitingforngaconstants string| journeyProduct string| productSubGroup function| Visitor object| s_c_il number| s_c_in number| s_objectID number| s_giq function| webtrendsAsyncInit function| dcsMultiTrack object| Webtrends object| WebTrends object| LBGAnalytics object| lpTag object| campaignScripts undefined| index object| Messages object| DI number| adrum-start-time object| ADRUM function| downloadBCV2Onload function| showWebTrendForIpadCancel function| showWebTrendForIpadContinue object| _AP object| cdApi object| analyticsElementArray object| pageAnalyticsElementArray string| iosTabletAbvSixTagValue string| txtWtSiXTagValue string| txtWtTxETagValue function| webTrendsForTabletSmartAppBanner function| webTrendsForMLPT function| PageAnalyticsElement function| AnalyticsElement object| _cf object| _ac object| bmak number| bm_counter undefined| bm_script undefined| scripts undefined| bm_url undefined| url_split undefined| obfus_state_field undefined| state_field_str string| _sd_trace function| op object| cdwpb function| legacyMultiTrack object| s_i_lloydsbankinggroupprod number| webchateventinterval8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.secured-hub.me/ | Name: bmuid Value: 1618327830648-7DEA4496-D698-440C-AC2C-A32548CD824B |
|
.secured-hub.me/ | Name: OPTOUTMULTI Value: 0:0%7Cc1:1%7Cc3:1%7Cc5:1%7Cc4:1%7Cc2:1 |
|
.secured-hub.me/ | Name: utag_main Value: v_id:0178cbdafb30000c1da070ea155900072002406a00b08$_sn:1$_se:1$_ss:1$_st:1618329629298$ses_id:1618327829298%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:secured-hub.me |
|
.secured-hub.me/ | Name: AMCVS_230D643E5A2550980A495DB6%40AdobeOrg Value: 1 |
|
.secured-hub.me/ | Name: lbgcookiedomainparent Value: true |
|
.secured-hub.me/ | Name: cdContextId Value: 1 |
|
.secured-hub.me/ | Name: AMCV_230D643E5A2550980A495DB6%40AdobeOrg Value: -1303530583%7CMCIDTS%7C18731%7CMCMID%7C08240061216825144763395490742337524291%7CMCAAMLH-1618932630%7C6%7CMCAAMB-1618932630%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1618335030s%7CNONE%7CvVersion%7C3.3.0 |
|
secured-hub.me/ | Name: AUTH_SYSTEM Value: hj8dag8tp8bbl5c19s2umtbfvd |
14 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bcdn-16c9d93d.halifax-online.co.uk
code.jquery.com
dpm.demdex.net
lloydsbankinggroup.d3.sc.omtrdc.net
lptag.liveperson.net
secured-hub.me
tags.tiqcdn.com
www.halifax-online.co.uk
www.halifax-online.co.uk
15.237.76.117
178.249.97.23
2001:4de0:ac18::1:a:1b
203.159.80.179
23.37.56.41
23.79.155.197
2600:9000:211e:dc00:e:a6e2:4f80:93a1
54.171.219.200
02b9f71a39d66a43f79b95efac9f81e824ff292212dedddb8a7e36f091db68cd
10107310d0a8e1ad5db5ef540037e959d417d98783ed67513406e5ce972910c2
1398adf2a27f501144db6152713464777fa31beca33a509192e699c409beb658
147d09c18447901cc48f75190a6c2c29658396fdd60d256346540cf9883ad970
1b92f7dfd864e43824550f6766eac718fe6f79a1a9bc9f721a8fe2cb2e0d1f0c
1d7647710fb2bc7cf162729f1ab695dbdbb4d3d38a219e7bb7da6f06030bd7b7
233a5d16bee5a64bf3bc19abe3cc812a1e0619435f01c163f628773a469ff719
2d69a85bfa140a68f0df10b64225243846f9b2ff3320127f39217100515be270
31fa5577f4041dafbca07395b52d48374189248f52ef3f811d6bca852e2e3610
3489dc07aef689088266eb9ef489366332903825583dbd7b0a1d8de53fe65544
3625b66f30f0eb48056d117d7dd18a704ba574cba9019b83b85ccb8f604bc1e2
40e151e31e7f79ca6b387d310f9efbcb5de3f69c6e1ef67ccf90c6053c54bce0
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4a8d7ac91e445ef69d5610c26dcbcba4358a77fd5ebb3298854be4dd7a52f5c3
50f3bf5aaec2a11cd18064ae740934fab2b6153a649aa55d1880d3f6e64198c5
51d655f205d2cd993860a9e0adaf2d63755a91f49dc18af28ae7a875009b2e72
565fe82094015a603c34cf0dd4ba24741d09a7e6a6376a494bde54778dc195d3
62c5ea61124d555ffa80669d87b82b935073424cbf53cb6d3d6a6508c196bd1f
62e8f29d4416ae897312250f95f65ce373c7729d066db503f333e851f55a3158
78b4fa19bdbc0e8dcaed9297a68083738948aa08d4bf7f709e1fed24d32daf75
9379705376dee696e381521ef05d2d190474e4bd4214d8f9558d3009dd3de240
98b8f86627229cd57e59827557460036786e442841ebc3763a5f995dc8d9aa22
993f5ece4d271766784b870a22c358682090070421dc54f3f17655cce9a51042
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
ad9a26f295dc18cac3e6e5b1a3423e92d0764acf3d34d74fe4ff2a9898dbbb0a
b30190b89b145fe3c53320c6fe60eb991b54573cc36064952c08e7f69d741c52
c16cbba1fe93371272977d3fb0812d1e8d4bcc09f4faacd91aaf3bf6173ed4bb
c8bc330a07fc8ba4ead1f924570b2eeb220dfb170e86ea6594f7a2daef2efc16
d414dce1ac4767d3a6af1dad90052f35e15225f32b7baeb1f7adc0f0e44ca49e
dd947fd7457fca071b99ad93fb56d330948c375e55d398101b3294ecf92bf74b
e552e0bbf49865c823f19eeb7c27c8ca6f2e52a003eb12274a8f57735abef875
f5900ee462370c815bbcd389ebfa0684d532655fe5eaf7c954767eeb0408c851
fb49b35267bb4ca57b19778a897fa8186351af1c52a8b7702986337b0897bf7a
fbc1a299a425f703887fec5c156cdb750ea3b55040c4e309f791839c0a04a5d7