login.verizonwireless-secure.vzauth-ui-login.com
Open in
urlscan Pro
198.252.99.131
Malicious Activity!
Public Scan
Effective URL: http://login.verizonwireless-secure.vzauth-ui-login.com/signin.php?session_id=8pR8pqrH50JduAmOIptCZdLf13929pks53f3sBXLLYxFCeXw32d9hnHG7fDl5DDmfciIdBuZK4...
Submission: On April 05 via automatic, source openphish
Summary
This is the only time login.verizonwireless-secure.vzauth-ui-login.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Verizon (Telecommunication)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
22 | 198.252.99.131 198.252.99.131 | 20068 (HAWKHOST) (HAWKHOST) | |
22 | 2 |
ASN20068 (HAWKHOST, CA)
PTR: 198.252.99.131-static.reverse.arandomserver.com
login.verizonwireless-secure.vzauth-ui-login.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
vzauth-ui-login.com
login.verizonwireless-secure.vzauth-ui-login.com |
364 KB |
22 | 1 |
Domain | Requested by | |
---|---|---|
22 | login.verizonwireless-secure.vzauth-ui-login.com |
login.verizonwireless-secure.vzauth-ui-login.com
|
22 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://login.verizonwireless-secure.vzauth-ui-login.com/signin.php?session_id=8pR8pqrH50JduAmOIptCZdLf13929pks53f3sBXLLYxFCeXw32d9hnHG7fDl5DDmfciIdBuZK4EIUw32
Frame ID: B76BC7B1ECAB5BEB17347871ED0D8501
Requests: 25 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://login.verizonwireless-secure.vzauth-ui-login.com/ Page URL
- http://login.verizonwireless-secure.vzauth-ui-login.com/signin.php?session_id=8pR8pqrH50JduAmOIptCZdLf13929pks53f3sBXLLYxFCeXw32d9hn... Page URL
Detected technologies
LiteSpeed (Web Servers) ExpandDetected patterns
- headers server /^LiteSpeed$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://login.verizonwireless-secure.vzauth-ui-login.com/ Page URL
- http://login.verizonwireless-secure.vzauth-ui-login.com/signin.php?session_id=8pR8pqrH50JduAmOIptCZdLf13929pks53f3sBXLLYxFCeXw32d9hnHG7fDl5DDmfciIdBuZK4EIUw32 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Cookie set
/
login.verizonwireless-secure.vzauth-ui-login.com/ |
190 B 593 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
signin.php
login.verizonwireless-secure.vzauth-ui-login.com/ |
25 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
oo_style.htm
login.verizonwireless-secure.vzauth-ui-login.com/media/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
foresee-dhtml.css
login.verizonwireless-secure.vzauth-ui-login.com/media/ |
8 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
globalnav-js.css
login.verizonwireless-secure.vzauth-ui-login.com/media/ |
82 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.css
login.verizonwireless-secure.vzauth-ui-login.com/media/ |
48 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
omnifooter.css
login.verizonwireless-secure.vzauth-ui-login.com/media/ |
23 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style-2.0.css
login.verizonwireless-secure.vzauth-ui-login.com/media/ |
32 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gnav.css
login.verizonwireless-secure.vzauth-ui-login.com/media/ |
45 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap-3.css
login.verizonwireless-secure.vzauth-ui-login.com/media/ |
118 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
less-space.css
login.verizonwireless-secure.vzauth-ui-login.com/media/ |
20 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style-2.css
login.verizonwireless-secure.vzauth-ui-login.com/media/ |
32 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
111518.jpg
login.verizonwireless-secure.vzauth-ui-login.com/media/ |
23 KB 23 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
chatbubbleIcon.svg
login.verizonwireless-secure.vzauth-ui-login.com/media/ |
608 B 671 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NeueHaasGroteskDisplay.woff2
login.verizonwireless-secure.vzauth-ui-login.com/media/ |
43 KB 43 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NeueHaasGroteskTextBold.woff2
login.verizonwireless-secure.vzauth-ui-login.com/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NeueHaasGroteskDisplayBold.woff2
login.verizonwireless-secure.vzauth-ui-login.com/media/ |
42 KB 42 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NHaasGroteskDSW02-75Bd.woff2
login.verizonwireless-secure.vzauth-ui-login.com/media/ |
42 KB 42 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NeueHaasGroteskText55Roman.woff
login.verizonwireless-secure.vzauth-ui-login.com/media/ |
43 KB 44 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
13 KB 13 KB |
Font
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NeueHaasGroteskTextBold.woff
login.verizonwireless-secure.vzauth-ui-login.com/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NeueHaasGroteskTextBold.ttf
login.verizonwireless-secure.vzauth-ui-login.com/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NeueHaasGroteskTextBold.woff2
login.verizonwireless-secure.vzauth-ui-login.com/media/ |
51 KB 51 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Verizon (Telecommunication)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| check1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
login.verizonwireless-secure.vzauth-ui-login.com/ | Name: PHPSESSID Value: e2b9aaf5ae5f17d887c9e8b5ad65e30f |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
login.verizonwireless-secure.vzauth-ui-login.com
198.252.99.131
1dfd0651c7e6c4d2b9bd96e10263c9c19aa8bebc525fa6a1ab96f1ae8e09a99a
1f689953c0c5d35f16fa360279c0197c46aa06c0e0b94f074cfcd9273a959197
22472a26d9ec03b0c17f71e9e53f92be4cfdc0cf3df8ff64f16df8cfe7b0fe33
2b50e0a3ad918478d346c4b7141798a5379067ad2d3c0141dfa2ad6d13234e12
41ed2741ebd4e431fe1aa1ae3d1869112c96ccdb1d77c73ee5504f4ee7d7dba4
47f4a0550aa827ef9fd8171ef7ab9eef31e5441623eb6f33717a99d8102808f1
52d08fa0a71a7772ee7f35c96db5e62ac18dd7ae74b9e75b433ceb958e2fab11
541579f34cd611a85dfae3d99517baf506c0b924cb2348143093bad926a652ca
5559d92d6c5ff3e999d02feb5ba97fa608252347ad8d33c38dfd21892a5df3c0
5f39188e40d3e27ac08c1afdc0cf32dfb9039599c70509fd1477685b23cdab1d
b1e45351cfa1020bfa509335485d0c6bae80acf2e91b63398dfe373958906dc5
b3af37c0b2080e6b056aab9e7b30f6305065c5b9a1f2588a7131fa7f913c8b02
c7177fabb0104ef5c5aba7d6f78980eb8ce8aa48ec64dac9150f6db5469260d5
d6fa67395861849e050da5ed40fc7b85cace91cfadb8a1f50e4237d1678bf8ed
dddbaba2da1b5cff8a3b446ebea78b44fabfcd38b60f23e4a2d98b47f25af2da
e5d807c2b6dc322e71c74ca564731d4db6182315ddc7af69e7f3ff7dbfe3f921
e5f02a7f2e1dc57907fe087cbab3814df7dccc8fe7382dfe319b03739258ec7d
f5e2bfc852795fccb848c4d20732043efa7eeaeaec9922d794f9b065f54d83aa
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fd17d1b160190594fa70210e44e0e65e64565eb89eb21e57cf0351a12c7237d1