![](/screenshots/f646aff0-6440-4ebf-817f-3e7817aa37f3.png)
userlogvrfy.anteus.com
Open in
urlscan Pro
54.200.231.170
Malicious Activity!
Public Scan
Effective URL: https://userlogvrfy.anteus.com/scms/index.php
Submission: On March 08 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by R3 on March 8th 2024. Valid for: 3 months.
This is the only time userlogvrfy.anteus.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Huntington Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 39 | 54.200.231.170 54.200.231.170 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2620:1ec:bdf::45 2620:1ec:bdf::45 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
3 | 3.124.119.57 3.124.119.57 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 96.16.54.176 96.16.54.176 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
7 | 2a00:1450:400... 2a00:1450:4001:812::2008 | 15169 (GOOGLE) (GOOGLE) | |
2 | 104.79.247.11 104.79.247.11 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 | 2a02:26f0:310... 2a02:26f0:3100::1735:2a3b | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
4 5 | 2620:1ec:21::14 2620:1ec:21::14 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 13.107.42.14 13.107.42.14 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
59 | 12 |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-200-231-170.us-west-2.compute.amazonaws.com
userlogvrfy.anteus.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
ensighten.huntingtonbank.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a96-16-54-176.deploy.static.akamaitechnologies.com
www.huntington.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16625 (AKAMAI-AS, US)
PTR: a104-79-247-11.deploy.static.akamaitechnologies.com
servedby.flashtalking.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com | |
www.linkedin.com |
ASN32934 (FACEBOOK, US)
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
39 |
anteus.com
1 redirects
userlogvrfy.anteus.com |
2 MB |
7 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40 |
529 KB |
6 |
linkedin.com
4 redirects
px.ads.linkedin.com — Cisco Umbrella Rank: 353 www.linkedin.com — Cisco Umbrella Rank: 629 px4.ads.linkedin.com — Cisco Umbrella Rank: 6596 |
3 KB |
3 |
huntingtonbank.com
ensighten.huntingtonbank.com — Cisco Umbrella Rank: 101513 |
36 KB |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180 |
71 KB |
2 |
flashtalking.com
servedby.flashtalking.com — Cisco Umbrella Rank: 1086 |
2 KB |
1 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 100 |
185 B |
1 |
licdn.com
snap.licdn.com — Cisco Umbrella Rank: 781 |
17 KB |
1 |
huntington.com
www.huntington.com — Cisco Umbrella Rank: 60254 |
2 KB |
1 |
inq.com
media-lax1.inq.com — Cisco Umbrella Rank: 45442 |
224 KB |
0 |
dynatrace-managed.com
Failed
mef957.dynatrace-managed.com Failed |
|
59 | 11 |
Domain | Requested by | |
---|---|---|
39 | userlogvrfy.anteus.com |
1 redirects
userlogvrfy.anteus.com
|
7 | www.googletagmanager.com |
userlogvrfy.anteus.com
www.googletagmanager.com |
4 | px.ads.linkedin.com |
3 redirects
userlogvrfy.anteus.com
|
3 | ensighten.huntingtonbank.com |
userlogvrfy.anteus.com
|
2 | connect.facebook.net |
userlogvrfy.anteus.com
connect.facebook.net |
2 | servedby.flashtalking.com |
ensighten.huntingtonbank.com
servedby.flashtalking.com |
1 | www.facebook.com |
userlogvrfy.anteus.com
|
1 | px4.ads.linkedin.com |
userlogvrfy.anteus.com
|
1 | www.linkedin.com | 1 redirects |
1 | snap.licdn.com |
userlogvrfy.anteus.com
|
1 | www.huntington.com |
userlogvrfy.anteus.com
|
1 | media-lax1.inq.com |
userlogvrfy.anteus.com
|
0 | mef957.dynatrace-managed.com Failed |
userlogvrfy.anteus.com
|
59 | 13 |
This site contains links to these domains. Also see Links.
Domain |
---|
outdatedbrowser.com |
www.huntington.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
userlogvrfy.anteus.com R3 |
2024-03-08 - 2024-06-06 |
3 months | crt.sh |
*.inq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-09-14 - 2024-10-11 |
a year | crt.sh |
ensighten.huntingtonbank.com Entrust Certification Authority - L1K |
2023-05-02 - 2024-05-01 |
a year | crt.sh |
huntington.com Entrust Certification Authority - L1J |
2023-08-31 - 2024-04-19 |
8 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-02-19 - 2024-05-13 |
3 months | crt.sh |
servedby.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-09-14 - 2024-09-14 |
a year | crt.sh |
snap.licdn.com DigiCert SHA2 Secure Server CA |
2023-12-13 - 2024-12-12 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-12-18 - 2024-03-17 |
3 months | crt.sh |
www.linkedin.com DigiCert SHA2 Secure Server CA |
2024-01-30 - 2024-07-30 |
6 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://userlogvrfy.anteus.com/scms/index.php
Frame ID: 6E5EBB045BED0C1300C57BBF3FCA632C
Requests: 58 HTTP requests in this frame
Frame:
https://userlogvrfy.anteus.com/scms/assets/js/nuanceChat.html
Frame ID: 3CA499E0CF8D0619A4510DF5DA1A1A29
Requests: 1 HTTP requests in this frame
Frame:
https://servedby.flashtalking.com/container/27731;136459;15264;iframe/?ft_referrer=https%3A//userlogvrfy.anteus.com/scms/index.php%3F~&ns=&cb=95223.49931676243
Frame ID: 91A48C35C9A9B9004643BC8F00CB8FE7
Requests: 2 HTTP requests in this frame
Screenshot
![](/screenshots/f646aff0-6440-4ebf-817f-3e7817aa37f3.png)
Page Title
Mobile Banking Login | Huntington BankChat with a bankerClose FlagSearchVisit Huntington's Facebook pageVisit Huntington's Twitter feedVisit Huntington's Instagram pageVisit Huntington's YouTube pageVisit Huntington's LinkedIn pageFAB_AskUsPage URL History Show full URLs
-
https://userlogvrfy.anteus.com/
HTTP 302
https://userlogvrfy.anteus.com/scms/index.php Page URL
Detected technologies
Detected patterns
- \.php(?:$|\?)
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/gtag/js
Detected patterns
- snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
8 Outgoing links
These are links going to different origins than the main page.
Title: Upgrade your browser
Search URL Search Domain Scan URL
Title: Personal Loans
Search URL Search Domain Scan URL
Title: Auto Loans Overview
Search URL Search Domain Scan URL
Title: Auto Loans
Search URL Search Domain Scan URL
Title: Auto Buying Resources
Search URL Search Domain Scan URL
Title: Private Bank
Search URL Search Domain Scan URL
Title: Business
Search URL Search Domain Scan URL
Title: Commercial
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://userlogvrfy.anteus.com/
HTTP 302
https://userlogvrfy.anteus.com/scms/index.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 55- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=291554&time=1709924691001&li_adsId=c96b45e6-0704-4f2c-b3b8-7dc287a9b512&url=https%3A%2F%2Fuserlogvrfy.anteus.com%2Fscms%2Findex.php HTTP 302
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=291554&time=1709924691001&li_adsId=c96b45e6-0704-4f2c-b3b8-7dc287a9b512&url=https%3A%2F%2Fuserlogvrfy.anteus.com%2Fscms%2Findex.php&cookiesTest=true HTTP 302
- https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D291554%26time%3D1709924691001%26li_adsId%3Dc96b45e6-0704-4f2c-b3b8-7dc287a9b512%26url%3Dhttps%253A%252F%252Fuserlogvrfy.anteus.com%252Fscms%252Findex.php%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=291554&time=1709924691001&li_adsId=c96b45e6-0704-4f2c-b3b8-7dc287a9b512&url=https%3A%2F%2Fuserlogvrfy.anteus.com%2Fscms%2Findex.php&cookiesTest=true&liSync=true HTTP 302
- https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=291554&time=1709924691001&li_adsId=c96b45e6-0704-4f2c-b3b8-7dc287a9b512&url=https%3A%2F%2Fuserlogvrfy.anteus.com%2Fscms%2Findex.php&cookiesTest=true&liSync=true&e_ipv6=AQL9pKmwMNWoHAAAAY4fdC-A-OsKMvGwfmd3AxIXs-YlXssA142K-AUWXAP4K0Zdf4HgIrsH
59 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
index.php
userlogvrfy.anteus.com/scms/ Redirect Chain
|
143 KB 26 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
121543311796381
userlogvrfy.anteus.com/scms/assets/js/ |
21 KB 21 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fbevents.js.download
userlogvrfy.anteus.com/scms/assets/js/ |
88 KB 88 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
userlogvrfy.anteus.com/scms/assets/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bat.js.download
userlogvrfy.anteus.com/scms/assets/js/ |
27 KB 27 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ytc.js.download
userlogvrfy.anteus.com/scms/assets/js/ |
15 KB 15 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
userlogvrfy.anteus.com/scms/assets/js/ |
95 KB 95 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
95b0da5c7fc415e06807cc694ee0021c.js.download
userlogvrfy.anteus.com/scms/assets/js/ |
151 KB 151 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ruxitagentjs_ICA27SVfjoqrux_10197200831173448.js.download
userlogvrfy.anteus.com/scms/assets/js/ |
178 KB 178 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
HuntingtonApexWeb-Medium.woff2
userlogvrfy.anteus.com/scms/assets/fonts/ |
20 KB 20 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
HuntingtonApexWeb-Bold.woff2
userlogvrfy.anteus.com/scms/assets/fonts/ |
19 KB 19 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
HuntingtonApexWeb-Book.woff2
userlogvrfy.anteus.com/scms/assets/fonts/ |
20 KB 20 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
HuntingtonApexWeb-MediumCaps.woff2
userlogvrfy.anteus.com/scms/assets/fonts/ |
18 KB 18 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
muli-v11-latin-700.woff2
userlogvrfy.anteus.com/scms/assets/fonts/ |
17 KB 17 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
muli-v11-latin-300.woff2
userlogvrfy.anteus.com/scms/assets/fonts/ |
16 KB 17 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
muli-v11-latin-600.woff2
userlogvrfy.anteus.com/scms/assets/fonts/ |
17 KB 17 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
toolkit.min.css
userlogvrfy.anteus.com/scms/assets/css/ |
346 KB 46 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
site-survey.min.css
userlogvrfy.anteus.com/scms/assets/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery-3.5.1.min.js.download
userlogvrfy.anteus.com/scms/assets/js/ |
87 KB 87 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
toolkit.min.js.download
userlogvrfy.anteus.com/scms/assets/js/ |
451 KB 451 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Bootstrap.js.download
userlogvrfy.anteus.com/scms/assets/js/ |
221 KB 221 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
7a8ba97f
userlogvrfy.anteus.com/scms/assets/js/ |
32 KB 32 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
inqChatLaunch10006663.js.download
userlogvrfy.anteus.com/scms/assets/js/ |
22 KB 22 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
oo_engine.min.js.download
userlogvrfy.anteus.com/scms/assets/js/ |
45 KB 45 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
lockup.svg
userlogvrfy.anteus.com/scms/assets/img/ |
4 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
oo_icon_retina_black.gif
userlogvrfy.anteus.com/scms/assets/img/ |
552 B 641 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
EHL_Black_HouseOnly.svg
userlogvrfy.anteus.com/scms/assets/img/ |
707 B 399 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo-honeycomb.svg
userlogvrfy.anteus.com/scms/assets/img/ |
844 B 441 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
outdated.min.js.download
userlogvrfy.anteus.com/scms/assets/js/ |
1 KB 1 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
site-survey.min.js.download
userlogvrfy.anteus.com/scms/assets/js/ |
7 KB 7 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
06bebd2b36rn240c2a1532a26141a767
userlogvrfy.anteus.com/scms/assets/js/ |
70 KB 70 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
InqFramework.js
media-lax1.inq.com/media/launch/ci/ |
0 224 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
lockup.svg
userlogvrfy.anteus.com/scms/assets/img/ |
4 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
oo_icon_retina_black.gif
userlogvrfy.anteus.com/scms/assets/img/ |
552 B 617 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo-honeycomb.svg
userlogvrfy.anteus.com/scms/assets/img/ |
844 B 417 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
06bebd2b36rn240c2a1532a26141a767
userlogvrfy.anteus.com/resources/ |
1 KB 795 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
nuanceChat.html
userlogvrfy.anteus.com/scms/assets/js/ Frame 3CA4 |
1 KB 727 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
serverComponent.php
ensighten.huntingtonbank.com/huntington/com/ |
317 B 589 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
9 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
157 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
site-survey.min.css
www.huntington.com/Presentation/Styles/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
06bebd2b36rn240c2a1532a26141a767
userlogvrfy.anteus.com/resources/ |
1 KB 727 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1e0310e5c368799043a36e9a346a0d48.js
ensighten.huntingtonbank.com/huntington/com/code/ |
123 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
190 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
servedby.flashtalking.com/container/27731;136459;15264;iframe/ Frame 91A4 |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e.gif
ensighten.huntingtonbank.com/error/ |
0 269 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
insight.min.js
snap.licdn.com/li.lms-analytics/ |
48 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
215 KB 58 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5140493269326436
connect.facebook.net/signals/config/ |
60 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
217 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
204 KB 75 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
216 KB 77 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
209 KB 76 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
216 KB 77 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
212 KB 77 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
pixel_7a8ba97f
userlogvrfy.anteus.com/akam/11/ |
1 KB 750 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
px4.ads.linkedin.com/ Redirect Chain
|
0 266 B |
Image
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 185 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
servedby.flashtalking.com/segment/2/read/a;;pixel/ Frame 91A4 |
42 B 515 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
px.ads.linkedin.com/wa/ |
0 199 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
55ab56e3-f58b-45f8-a01d-56e2db48866f
mef957.dynatrace-managed.com/bf/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- mef957.dynatrace-managed.com
- URL
- https://mef957.dynatrace-managed.com/bf/55ab56e3-f58b-45f8-a01d-56e2db48866f?dtCookie=-9%24K9HK35S72EU3CFIQ08IN9SH70701LF9Q;referer=https%3A%2F%2Fuserlogvrfy.anteus.com%2Fscms%2Findex.php;visitID=ICHRPORCVMMRFELEERPQHRPARCLRAJRT-0;app=0bd76d7cc9264013;end=1
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Huntington Bank (Banking)64 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| dT_ object| dtrum string| bazadebezolkohpepadr undefined| cookies undefined| cookie undefined| eqPos undefined| cookieName undefined| host undefined| url undefined| s undefined| params string| src undefined| href undefined| _script function| getParentV3LanderConfig function| getOpenerV3LanderConfig function| getV3LanderConfigProperty object| v3LanderConfig object| v3Lander object| OOo object| _cf object| _ac object| bmak string| _sd_trace function| op function| UET object| YAHOO object| google_tag_manager object| dataLayerGoogle function| $ object| webpackJsonp object| regeneratorRuntime object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI string| inputEventPatched function| objectFitPolyfill object| ensBootstraps object| Bootstrapper object| adobe function| Visitor object| s_c_il number| s_c_in object| visitor number| _delay function| _log object| _enslog string| urhehlevkedkilrobacf object| siteSurvey string| _linkedin_data_partner_id object| dataLayer function| fbq function| _fbq object| ft_onetag_15264 object| google_tag_data function| lintrk boolean| _already_called_lintrk object| ORIBILI18 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
userlogvrfy.anteus.com/ | Name: PHPSESSID Value: j55io12ksuvh34j47drch9dr1d |
|
.anteus.com/ | Name: dtCookie Value: -9$K9HK35S72EU3CFIQ08IN9SH70701LF9Q |
|
.anteus.com/ | Name: rxVisitor Value: 1709924689720CKKMRFSTLFULJRHCEI6H0NSJJN8RPSS1 |
|
.anteus.com/ | Name: dtSa Value: - |
|
userlogvrfy.anteus.com/ | Name: loginCookie Value: personalLogin |
|
userlogvrfy.anteus.com/ | Name: geolocation Value: null |
|
.anteus.com/ | Name: _gcl_au Value: 1.1.34920789.1709924691 |
|
.anteus.com/ | Name: _fbp Value: fb.1.1709924691217.782130666 |
|
.linkedin.com/ | Name: li_sugr Value: 69581b72-6685-48b3-8713-6b50f7966d96 |
|
.linkedin.com/ | Name: bcookie Value: "v=2&992eb9b4-20ce-4804-8a17-9ab94f83a4bf" |
|
.linkedin.com/ | Name: lidc Value: "b=OGST09:s=O:r=O:a=O:p=O:g=2749:u=1:x=1:i=1709924691:t=1710011091:v=2:sig=AQHW25PzV7XuMv3_ZO3QNdJNFjWxmsLq" |
|
.linkedin.com/ | Name: UserMatchHistory Value: AQJw0Ivnqa6tigAAAY4fdC3QLqMbS3Q8DXprr7CYyZ1yVJZW8rkb7UQN-xLqTm2OCGzTuX0j5BO7nQ |
|
.linkedin.com/ | Name: AnalyticsSyncHistory Value: AQLwN8G6lm6fSwAAAY4fdC3QvYu3IRFeHvBUbfJu5RoVQGlK0OD3KncEPB-5DY_c9xVgDj1EGIffRUiYtT5i5A |
|
.www.linkedin.com/ | Name: bscookie Value: "v=1&202403081904511e18cbfa-2ca8-4756-853c-90000e9701baAQFokY89xxLiUxSIugb_Ycu0Pjau2i3E" |
|
.linkedin.com/ | Name: li_gc Value: MTswOzE3MDk5MjQ2OTE7MjswMjGZ0wlBi0kRoKhecV1AoPe+7rXbRxXxNj3z3i0l4xPYIA== |
|
.flashtalking.com/ | Name: flashtalkingad1 Value: "GUID=59111ED0EDEC0E" |
|
.anteus.com/ | Name: rxvt Value: 1709926492474|1709924689721 |
|
.anteus.com/ | Name: dtPC Value: -9$524689718_996h-vICHRPORCVMMRFELEERPQHRPARCLRAJRT-0 |
42 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
connect.facebook.net
ensighten.huntingtonbank.com
media-lax1.inq.com
mef957.dynatrace-managed.com
px.ads.linkedin.com
px4.ads.linkedin.com
servedby.flashtalking.com
snap.licdn.com
userlogvrfy.anteus.com
www.facebook.com
www.googletagmanager.com
www.huntington.com
www.linkedin.com
mef957.dynatrace-managed.com
104.79.247.11
13.107.42.14
2620:1ec:21::14
2620:1ec:bdf::45
2a00:1450:4001:812::2008
2a02:26f0:3100::1735:2a3b
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.124.119.57
54.200.231.170
96.16.54.176
04de03ec90e95f24e347dc8ff91e6354eb0a73288e1431003e9e10de59e12d1d
06af35b557f7713851c46e61fd940a1dcf2381d6372582a63abc43dfdee46c33
11a2b7d65804df37c5d5801da23212eddb8530ffb15a5b67d77a8ccdcb5b8199
1358a42f383b6e651d8412fbd5ab4c3e89b8c427d325815783e78d00d95e4138
15f5836e52324d46e89eed325a5de5158f0d9bb29d59e1ffc381d961a1f6980d
1bf7836282cf0a1f1cae452a2b7d03f4857827aa682e36562831fe3bc34f30a5
21f83ced0e0baff53423642e298986956c4ae6109f9ff8f28d90cd753391b85d
34f3c7445d22c1509aeecc5d020b6d24c9e2f63b3c0514cebbc3813798965273
4249e4f7acbb2de46e66922b8ae70689820a9a6eb9a6f98a77d13190b7c2559e
4624fe42e8792d03267eb3a13b8b561cfb4df5a001f502f0086bce71a18e4d3b
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4808c0ca2576dc18bf8df509199edef7a4a2b809fde09ecc6688f998e855486e
4ab83e4abbc7770702985890bf0925a3aab44b9b24d4a3bef305a7e9af69d4f3
4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
5cd16f5174d4f1eaf208272602ce6316ddf308953db343d03f9b5d0ea273351f
63896532a7015ab5b7288359c02124980a5075e9267f0ba3fbfc7c3f5038b478
648d971972fc0140127ab99989b3b55a28e8e3c2fcbf281390bbb7edf5000f26
679e7e62b81267c93d0778083ae0fd0efe24172ff0ac581835b54165b3d9ed43
7d24af619103660b68ae10e64670d3393f5a9e679ef9d69e72a7479071aeb806
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
83acf00ba4050132d8547daca62a4fca4670029aaa75b01c5e99179cbc6d4991
83e4d5829d43cb3723521baf4e6a8f7130f0bf91cb957ee14d9c7dde2d9ccb93
8aa0a535b8d47209c6a2dfc8f3168f5922e84d5aafb98e8a9db0300dddadacaf
8c41264a3eb6b5e63ad9df296f5b0343d0446bf69e736225c9d08145baf363ec
9a5b0c5eba9dfa18bae071303b7cd96ef716a5bb6d8dcf39dd53a6e931dc6b22
9aa364658609b56150bae76849da9138758ad120cb89fea2dd947017ce1c3f25
9ce0c7443f6975ac01655f26813947926a374c68f28289dd198fc6299203beed
9fa4389dc0769eca458a622760908de5bea045b3360009df16f9065febdc2422
a637f10b550323d90adc97e5efbb21bb98eeb4fd917ceebb66080f09058f7caa
b0956b14875ceb39b9906d024cfc0b3198e32f81a6853ab7feb18060176a04c5
b76fc78ab39ecc9f11dd36ce32c32021592f72066ebb8d07bb6ae20c0cc0fbae
ba75524799716d78e4a7381fd52de9443f5dd65d1368f0f1d67235896543138d
bca48780f00e9a6e4d312ba44526882549563a769afb9adaec03f93267de0f55
ca9ee108c9cd3072864c1fcfe42f8fa40f829a33267388e0adbf41fa8b2da9a5
d09bb7e3de3760ca1d9375090796e4f1cf180f43c6457a874ed22c3b0a0b07ea
d42a94bdd0158c8df1d1ea4ae03da23f0007e9b6d5b38c05eb4797ffe90e1cf8
d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2
dbe44f4b698a44798e63a0177f6283a2dff01335f142be72dccfedd66e91554e
deb1a78860a2c7ab88ddaa4a522a47ad93e26f1cc1bdd1425d108f770ce93215
e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c3bcc9727a60be99b5dbe61517a03a4731da70ce75f9a0869e4fab14ced0f1
e521b516a7062edeee3357490601c880d89bb2adbebe7ca53307f4513ef569b5
e5973becebda7e91d869447913826e69cd123d87e1a6f2ddf8897d72a63a3c6c
e744a36d486c70943378751b1d1623c2c8f25ee10abd89365ff20162d98dd555
f43ea36b900ae7aa4ec07956e9b1223ab00dac1f766d97580b1e2bfe721cdc24
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d