usid9ky8an6-support.myvnc.com Open in urlscan Pro
18.144.69.246 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://usid9ky8an6-support.myvnc.com/
Effective URL:
https://usid9ky8an6-support.myvnc.com/Login?sslchannel=true&sessionid=zaHU0fiiRK3rhuH7mxilvt0yiBeuxLrNq1Zs1pLrm0bu19V9ZDj4KwTgyojLONJC...
Submission: On April 21 via automatic, source certstream-suspicious (April 21st 2022, 9:57:41 am UTC) — Scanned from DE

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 19 HTTP transactions. The main IP is 18.144.69.246, located in San Jose, United States and belongs to AMAZON-02, US. The main domain is usid9ky8an6-support.myvnc.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on April 21st 2022. Valid for: 3 months.

This is the only time usid9ky8an6-support.myvnc.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Huntington Bank (Banking)

Domain & IP information

	IP Address		AS Autonomous System
1 20	18.144.69.246 18.144.69.246		16509 (AMAZON-02) (AMAZON-02)
19	1

20 18.144.69.246 (San Jose, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-144-69-246.us-west-1.compute.amazonaws.com

usid9ky8an6-support.myvnc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	myvnc.com 1 redirects usid9ky8an6-support.myvnc.com	177 KB
19	1

	Domain	Requested by
20	usid9ky8an6-support.myvnc.com	1 redirects usid9ky8an6-support.myvnc.com
19	1

This site contains no links.

Subject Issuer	Validity	Valid
usid9ky8an6-support.myvnc.com cPanel, Inc. Certification Authority	`2022-04-21` - `2022-07-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://usid9ky8an6-support.myvnc.com/Login?sslchannel=true&sessionid=zaHU0fiiRK3rhuH7mxilvt0yiBeuxLrNq1Zs1pLrm0bu19V9ZDj4KwTgyojLONJCv55X8QVwlXdv6fawvL5sBVWs2W2sJUZaeEbO4REtaDBvGgNJqL40v2uMpYNIeXu13x
Frame ID: 233B7CF608F219AB3F8ED993B087864C
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Huntington Online Banking Login | Huntington

Page URL History Show full URLs

https://usid9ky8an6-support.myvnc.com/ HTTP 302
https://usid9ky8an6-support.myvnc.com/Login?sslchannel=true&sessionid=zaHU0fiiRK3rhuH7mxilvt0yiBeuxLrNq1Zs1pLrm0bu... Page URL

Page Statistics

19
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

177 kB
Transfer

172 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://usid9ky8an6-support.myvnc.com/ HTTP 302
https://usid9ky8an6-support.myvnc.com/Login?sslchannel=true&sessionid=zaHU0fiiRK3rhuH7mxilvt0yiBeuxLrNq1Zs1pLrm0bu19V9ZDj4KwTgyojLONJCv55X8QVwlXdv6fawvL5sBVWs2W2sJUZaeEbO4REtaDBvGgNJqL40v2uMpYNIeXu13x Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Login Show response usid9ky8an6-support.myvnc.com/ Redirect Chain https://usid9ky8an6-support.myvnc.com/ https://usid9ky8an6-support.myvnc.com/Login?sslchannel=true&sessionid=zaHU0fiiRK3rhuH7mxilvt0yiBeuxLrNq1Zs1pLrm0bu19V9ZDj4KwTgyojLONJCv55X8QVwlXdv6fawvL5sBVWs2W2sJUZaeEbO4REtaDBvGgNJqL40v2uMpYNIeXu13x	7 KB 8 KB	185ms 185ms	Document text/html	18.144.69.246 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://usid9ky8an6-support.myvnc.com/Login?sslchannel=true&sessionid=zaHU0fiiRK3rhuH7mxilvt0yiBeuxLrNq1Zs1pLrm0bu19V9ZDj4KwTgyojLONJCv55X8QVwlXdv6fawvL5sBVWs2W2sJUZaeEbO4REtaDBvGgNJqL40v2uMpYNIeXu13x Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.144.69.246 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-144-69-246.us-west-1.compute.amazonaws.com Software Apache / Resource Hash `b872c1160cd5cc15ecc363fdfc52b9ce263d43a47b3a1207057f788dcea42bc5` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Content-Length 7647 Content-Type text/html; charset=UTF-8 Date Thu, 21 Apr 2022 09:57:35 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=99 Pragma no-cache Server Apache Redirect headers Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Content-Length 0 Content-Type text/html; charset=UTF-8 Date Thu, 21 Apr 2022 09:57:35 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=100 Pragma no-cache Server Apache location Login?sslchannel=true&sessionid=zaHU0fiiRK3rhuH7mxilvt0yiBeuxLrNq1Zs1pLrm0bu19V9ZDj4KwTgyojLONJCv55X8QVwlXdv6fawvL5sBVWs2W2sJUZaeEbO4REtaDBvGgNJqL40v2uMpYNIeXu13x
GET H/1.1	200 OK	reset.css usid9ky8an6-support.myvnc.com/ht_assetz/css/	2 KB 2 KB	164ms 163ms	Stylesheet text/css	18.144.69.246 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://usid9ky8an6-support.myvnc.com/ht_assetz/css/reset.css Requested by Host: usid9ky8an6-support.myvnc.com URL: https://usid9ky8an6-support.myvnc.com/Login?sslchannel=true&sessionid=zaHU0fiiRK3rhuH7mxilvt0yiBeuxLrNq1Zs1pLrm0bu19V9ZDj4KwTgyojLONJCv55X8QVwlXdv6fawvL5sBVWs2W2sJUZaeEbO4REtaDBvGgNJqL40v2uMpYNIeXu13x Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.144.69.246 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-144-69-246.us-west-1.compute.amazonaws.com Software Apache / Resource Hash `24cf21f193e68d68b904cbaee94a24ee60140d7e570a6873e3e4f45724c74ef5` Request headers accept-language de-DE,de;q=0.9 Referer https://usid9ky8an6-support.myvnc.com/Login?sslchannel=true&sessionid=zaHU0fiiRK3rhuH7mxilvt0yiBeuxLrNq1Zs1pLrm0bu19V9ZDj4KwTgyojLONJCv55X8QVwlXdv6fawvL5sBVWs2W2sJUZaeEbO4REtaDBvGgNJqL40v2uMpYNIeXu13x User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Thu, 21 Apr 2022 09:57:35 GMT Last-Modified Thu, 10 Feb 2022 13:53:52 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 2179
GET H/1.1	200 OK	text.css usid9ky8an6-support.myvnc.com/ht_assetz/css/	1 KB 2 KB	557ms 393ms	Stylesheet text/css	18.144.69.246 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://usid9ky8an6-support.myvnc.com/ht_assetz/css/text.css Requested by Host: usid9ky8an6-support.myvnc.com URL: https://usid9ky8an6-support.myvnc.com/Login?sslchannel=true&sessionid=zaHU0fiiRK3rhuH7mxilvt0yiBeuxLrNq1Zs1pLrm0bu19V9ZDj4KwTgyojLONJCv55X8QVwlXdv6fawvL5sBVWs2W2sJUZaeEbO4REtaDBvGgNJqL40v2uMpYNIeXu13x Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.144.69.246 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-144-69-246.us-west-1.compute.amazonaws.com Software Apache / Resource Hash `e226a30e910cd4638a4ff1fbf8ba8e926ef0e01678e74dfac812c334a9985328` Request headers accept-language de-DE,de;q=0.9 Referer https://usid9ky8an6-support.myvnc.com/Login?sslchannel=true&sessionid=zaHU0fiiRK3rhuH7mxilvt0yiBeuxLrNq1Zs1pLrm0bu19V9ZDj4KwTgyojLONJCv55X8QVwlXdv6fawvL5sBVWs2W2sJUZaeEbO4REtaDBvGgNJqL40v2uMpYNIeXu13x User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Thu, 21 Apr 2022 09:57:36 GMT Last-Modified Thu, 10 Feb 2022 13:53:52 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 1314
GET H/1.1	200 OK	960_16_col.css usid9ky8an6-support.myvnc.com/ht_assetz/css/	4 KB 4 KB	481ms 161ms	Stylesheet text/css	18.144.69.246 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://usid9ky8an6-support.myvnc.com/ht_assetz/css/960_16_col.css Requested by Host: usid9ky8an6-support.myvnc.com URL: https://usid9ky8an6-support.myvnc.com/Login?sslchannel=true&sessionid=zaHU0fiiRK3rhuH7mxilvt0yiBeuxLrNq1Zs1pLrm0bu19V9ZDj4KwTgyojLONJCv55X8QVwlXdv6fawvL5sBVWs2W2sJUZaeEbO4REtaDBvGgNJqL40v2uMpYNIeXu13x Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.144.69.246 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-144-69-246.us-west-1.compute.amazonaws.com Software Apache / Resource Hash `2f9215b9ab85c0e224d2d0b37b77be86fed52ded385e96aff0f1beb32f3fe5cc` Request headers accept-language de-DE,de;q=0.9 Referer https://usid9ky8an6-support.myvnc.com/Login?sslchannel=true&sessionid=zaHU0fiiRK3rhuH7mxilvt0yiBeuxLrNq1Zs1pLrm0bu19V9ZDj4KwTgyojLONJCv55X8QVwlXdv6fawvL5sBVWs2W2sJUZaeEbO4REtaDBvGgNJqL40v2uMpYNIeXu13x User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Thu, 21 Apr 2022 09:57:36 GMT Last-Modified Thu, 10 Feb 2022 13:53:52 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 3827
GET H/1.1	200 OK	huntington-rol.css usid9ky8an6-support.myvnc.com/ht_assetz/css/	57 KB 57 KB	479ms 160ms	Stylesheet text/css	18.144.69.246 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://usid9ky8an6-support.myvnc.com/ht_assetz/css/huntington-rol.css Requested by Host: usid9ky8an6-support.myvnc.com URL: https://usid9ky8an6-support.myvnc.com/Login?sslchannel=true&sessionid=zaHU0fiiRK3rhuH7mxilvt0yiBeuxLrNq1Zs1pLrm0bu19V9ZDj4KwTgyojLONJCv55X8QVwlXdv6fawvL5sBVWs2W2sJUZaeEbO4REtaDBvGgNJqL40v2uMpYNIeXu13x Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.144.69.246 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-144-69-246.us-west-1.compute.amazonaws.com Software Apache / Resource Hash `a018c651ba01f0ac20faecd5449d9e034a8df724a80ee7650aafa0068b1ec3ae` Request headers accept-language de-DE,de;q=0.9 Referer https://usid9ky8an6-support.myvnc.com/Login?sslchannel=true&sessionid=zaHU0fiiRK3rhuH7mxilvt0yiBeuxLrNq1Zs1pLrm0bu19V9ZDj4KwTgyojLONJCv55X8QVwlXdv6fawvL5sBVWs2W2sJUZaeEbO4REtaDBvGgNJqL40v2uMpYNIeXu13x User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Thu, 21 Apr 2022 09:57:36 GMT Last-Modified Thu, 10 Feb 2022 14:13:14 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 58009
GET H/1.1	200 OK	propertyClasses.css usid9ky8an6-support.myvnc.com/ht_assetz/css/	598 B 839 B	516ms 161ms	Stylesheet text/css	18.144.69.246 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://usid9ky8an6-support.myvnc.com/ht_assetz/css/propertyClasses.css Requested by Host: usid9ky8an6-support.myvnc.com URL: https://usid9ky8an6-support.myvnc.com/Login?sslchannel=true&sessionid=zaHU0fiiRK3rhuH7mxilvt0yiBeuxLrNq1Zs1pLrm0bu19V9ZDj4KwTgyojLONJCv55X8QVwlXdv6fawvL5sBVWs2W2sJUZaeEbO4REtaDBvGgNJqL40v2uMpYNIeXu13x Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.144.69.246 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-144-69-246.us-west-1.compute.amazonaws.com Software Apache / Resource Hash `65916412ccdbd807d52915f418c2d5ea5451a2bc1af904ab8702634e88e54991` Request headers accept-language de-DE,de;q=0.9 Referer https://usid9ky8an6-support.myvnc.com/Login?sslchannel=true&sessionid=zaHU0fiiRK3rhuH7mxilvt0yiBeuxLrNq1Zs1pLrm0bu19V9ZDj4KwTgyojLONJCv55X8QVwlXdv6fawvL5sBVWs2W2sJUZaeEbO4REtaDBvGgNJqL40v2uMpYNIeXu13x User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Thu, 21 Apr 2022 09:57:36 GMT Last-Modified Thu, 10 Feb 2022 13:53:52 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 598
GET H/1.1	200 OK	widgets.css usid9ky8an6-support.myvnc.com/ht_assetz/css/	12 KB 12 KB	679ms 324ms	Stylesheet text/css	18.144.69.246 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://usid9ky8an6-support.myvnc.com/ht_assetz/css/widgets.css Requested by Host: usid9ky8an6-support.myvnc.com URL: https://usid9ky8an6-support.myvnc.com/Login?sslchannel=true&sessionid=zaHU0fiiRK3rhuH7mxilvt0yiBeuxLrNq1Zs1pLrm0bu19V9ZDj4KwTgyojLONJCv55X8QVwlXdv6fawvL5sBVWs2W2sJUZaeEbO4REtaDBvGgNJqL40v2uMpYNIeXu13x Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.144.69.246 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-144-69-246.us-west-1.compute.amazonaws.com Software Apache / Resource Hash `408236bad13858212891ee9591c5f10f4e11b891f6001f5327c146afe9d10d45` Request headers accept-language de-DE,de;q=0.9 Referer https://usid9ky8an6-support.myvnc.com/Login?sslchannel=true&sessionid=zaHU0fiiRK3rhuH7mxilvt0yiBeuxLrNq1Zs1pLrm0bu19V9ZDj4KwTgyojLONJCv55X8QVwlXdv6fawvL5sBVWs2W2sJUZaeEbO4REtaDBvGgNJqL40v2uMpYNIeXu13x User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Thu, 21 Apr 2022 09:57:36 GMT Last-Modified Thu, 10 Feb 2022 13:53:52 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 11799
GET H/1.1	200 OK	NavBar.css usid9ky8an6-support.myvnc.com/ht_assetz/css/	2 KB 2 KB	521ms 163ms	Stylesheet text/css	18.144.69.246 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://usid9ky8an6-support.myvnc.com/ht_assetz/css/NavBar.css Requested by Host: usid9ky8an6-support.myvnc.com URL: https://usid9ky8an6-support.myvnc.com/Login?sslchannel=true&sessionid=zaHU0fiiRK3rhuH7mxilvt0yiBeuxLrNq1Zs1pLrm0bu19V9ZDj4KwTgyojLONJCv55X8QVwlXdv6fawvL5sBVWs2W2sJUZaeEbO4REtaDBvGgNJqL40v2uMpYNIeXu13x Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.144.69.246 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-144-69-246.us-west-1.compute.amazonaws.com Software Apache / Resource Hash `3de2992764859f7d334186c4166f0c16cfb6f38da0e1fdb0f477b7c6a08485dd` Request headers accept-language de-DE,de;q=0.9 Referer https://usid9ky8an6-support.myvnc.com/Login?sslchannel=true&sessionid=zaHU0fiiRK3rhuH7mxilvt0yiBeuxLrNq1Zs1pLrm0bu19V9ZDj4KwTgyojLONJCv55X8QVwlXdv6fawvL5sBVWs2W2sJUZaeEbO4REtaDBvGgNJqL40v2uMpYNIeXu13x User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Thu, 21 Apr 2022 09:57:36 GMT Last-Modified Thu, 10 Feb 2022 13:53:52 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 1670
GET H/1.1	200 OK	jquery-ui-1.css usid9ky8an6-support.myvnc.com/ht_assetz/css/	59 KB 59 KB	798ms 318ms	Stylesheet text/css	18.144.69.246 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://usid9ky8an6-support.myvnc.com/ht_assetz/css/jquery-ui-1.css Requested by Host: usid9ky8an6-support.myvnc.com URL: https://usid9ky8an6-support.myvnc.com/Login?sslchannel=true&sessionid=zaHU0fiiRK3rhuH7mxilvt0yiBeuxLrNq1Zs1pLrm0bu19V9ZDj4KwTgyojLONJCv55X8QVwlXdv6fawvL5sBVWs2W2sJUZaeEbO4REtaDBvGgNJqL40v2uMpYNIeXu13x Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.144.69.246 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-144-69-246.us-west-1.compute.amazonaws.com Software Apache / Resource Hash `22d1d430fb9575bcf54932ea71e39ccaccd62c19ca67270d56ef30f56d56f67e` Request headers accept-language de-DE,de;q=0.9 Referer https://usid9ky8an6-support.myvnc.com/Login?sslchannel=true&sessionid=zaHU0fiiRK3rhuH7mxilvt0yiBeuxLrNq1Zs1pLrm0bu19V9ZDj4KwTgyojLONJCv55X8QVwlXdv6fawvL5sBVWs2W2sJUZaeEbO4REtaDBvGgNJqL40v2uMpYNIeXu13x User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Thu, 21 Apr 2022 09:57:36 GMT Last-Modified Thu, 10 Feb 2022 13:53:52 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 60278
GET H/1.1	200 OK	modal-dialog.css usid9ky8an6-support.myvnc.com/ht_assetz/css/	1 KB 2 KB	676ms 160ms	Stylesheet text/css	18.144.69.246 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://usid9ky8an6-support.myvnc.com/ht_assetz/css/modal-dialog.css Requested by Host: usid9ky8an6-support.myvnc.com URL: https://usid9ky8an6-support.myvnc.com/Login?sslchannel=true&sessionid=zaHU0fiiRK3rhuH7mxilvt0yiBeuxLrNq1Zs1pLrm0bu19V9ZDj4KwTgyojLONJCv55X8QVwlXdv6fawvL5sBVWs2W2sJUZaeEbO4REtaDBvGgNJqL40v2uMpYNIeXu13x Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.144.69.246 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-144-69-246.us-west-1.compute.amazonaws.com Software Apache / Resource Hash `88f039834ad283597f08b9dc10a59c598a7a9f52630f49285361cc703d51da7a` Request headers accept-language de-DE,de;q=0.9 Referer https://usid9ky8an6-support.myvnc.com/Login?sslchannel=true&sessionid=zaHU0fiiRK3rhuH7mxilvt0yiBeuxLrNq1Zs1pLrm0bu19V9ZDj4KwTgyojLONJCv55X8QVwlXdv6fawvL5sBVWs2W2sJUZaeEbO4REtaDBvGgNJqL40v2uMpYNIeXu13x User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Thu, 21 Apr 2022 09:57:36 GMT Last-Modified Thu, 10 Feb 2022 13:53:52 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 1517
GET H/1.1	200 OK	hnb.css usid9ky8an6-support.myvnc.com/ht_assetz/css/	574 B 814 B	685ms 164ms	Stylesheet text/css	18.144.69.246 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://usid9ky8an6-support.myvnc.com/ht_assetz/css/hnb.css Requested by Host: usid9ky8an6-support.myvnc.com URL: https://usid9ky8an6-support.myvnc.com/Login?sslchannel=true&sessionid=zaHU0fiiRK3rhuH7mxilvt0yiBeuxLrNq1Zs1pLrm0bu19V9ZDj4KwTgyojLONJCv55X8QVwlXdv6fawvL5sBVWs2W2sJUZaeEbO4REtaDBvGgNJqL40v2uMpYNIeXu13x Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.144.69.246 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-144-69-246.us-west-1.compute.amazonaws.com Software Apache / Resource Hash `ac4c79f5ea44ab2c5a9871c08098066c6ad1d6b87293dd8f19045ce0559d2c19` Request headers accept-language de-DE,de;q=0.9 Referer https://usid9ky8an6-support.myvnc.com/Login?sslchannel=true&sessionid=zaHU0fiiRK3rhuH7mxilvt0yiBeuxLrNq1Zs1pLrm0bu19V9ZDj4KwTgyojLONJCv55X8QVwlXdv6fawvL5sBVWs2W2sJUZaeEbO4REtaDBvGgNJqL40v2uMpYNIeXu13x User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Thu, 21 Apr 2022 09:57:36 GMT Last-Modified Thu, 10 Feb 2022 13:53:52 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 574
GET H/1.1	200 OK	Auth.css usid9ky8an6-support.myvnc.com/ht_assetz/css/	6 KB 7 KB	879ms 323ms	Stylesheet text/css	18.144.69.246 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://usid9ky8an6-support.myvnc.com/ht_assetz/css/Auth.css Requested by Host: usid9ky8an6-support.myvnc.com URL: https://usid9ky8an6-support.myvnc.com/Login?sslchannel=true&sessionid=zaHU0fiiRK3rhuH7mxilvt0yiBeuxLrNq1Zs1pLrm0bu19V9ZDj4KwTgyojLONJCv55X8QVwlXdv6fawvL5sBVWs2W2sJUZaeEbO4REtaDBvGgNJqL40v2uMpYNIeXu13x Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.144.69.246 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-144-69-246.us-west-1.compute.amazonaws.com Software Apache / Resource Hash `4e397d4cdd3f6b1da8992479abdeb0443f24d852e63ec5c0c7ed2dd3f0fdc34b` Request headers accept-language de-DE,de;q=0.9 Referer https://usid9ky8an6-support.myvnc.com/Login?sslchannel=true&sessionid=zaHU0fiiRK3rhuH7mxilvt0yiBeuxLrNq1Zs1pLrm0bu19V9ZDj4KwTgyojLONJCv55X8QVwlXdv6fawvL5sBVWs2W2sJUZaeEbO4REtaDBvGgNJqL40v2uMpYNIeXu13x User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Thu, 21 Apr 2022 09:57:36 GMT Last-Modified Thu, 10 Feb 2022 13:53:52 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 6650
GET H/1.1	200 OK	site-survey.css usid9ky8an6-support.myvnc.com/ht_assetz/css/	4 KB 5 KB	839ms 164ms	Stylesheet text/css	18.144.69.246 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://usid9ky8an6-support.myvnc.com/ht_assetz/css/site-survey.css Requested by Host: usid9ky8an6-support.myvnc.com URL: https://usid9ky8an6-support.myvnc.com/Login?sslchannel=true&sessionid=zaHU0fiiRK3rhuH7mxilvt0yiBeuxLrNq1Zs1pLrm0bu19V9ZDj4KwTgyojLONJCv55X8QVwlXdv6fawvL5sBVWs2W2sJUZaeEbO4REtaDBvGgNJqL40v2uMpYNIeXu13x Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.144.69.246 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-144-69-246.us-west-1.compute.amazonaws.com Software Apache / Resource Hash `8aa0a535b8d47209c6a2dfc8f3168f5922e84d5aafb98e8a9db0300dddadacaf` Request headers accept-language de-DE,de;q=0.9 Referer https://usid9ky8an6-support.myvnc.com/Login?sslchannel=true&sessionid=zaHU0fiiRK3rhuH7mxilvt0yiBeuxLrNq1Zs1pLrm0bu19V9ZDj4KwTgyojLONJCv55X8QVwlXdv6fawvL5sBVWs2W2sJUZaeEbO4REtaDBvGgNJqL40v2uMpYNIeXu13x User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Thu, 21 Apr 2022 09:57:36 GMT Last-Modified Thu, 10 Feb 2022 13:53:52 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 4388
GET H/1.1	200 OK	logo-lg.png usid9ky8an6-support.myvnc.com/ht_assetz/img/	3 KB 3 KB	163ms 162ms	Image image/png	18.144.69.246 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://usid9ky8an6-support.myvnc.com/ht_assetz/img/logo-lg.png Requested by Host: usid9ky8an6-support.myvnc.com URL: https://usid9ky8an6-support.myvnc.com/Login?sslchannel=true&sessionid=zaHU0fiiRK3rhuH7mxilvt0yiBeuxLrNq1Zs1pLrm0bu19V9ZDj4KwTgyojLONJCv55X8QVwlXdv6fawvL5sBVWs2W2sJUZaeEbO4REtaDBvGgNJqL40v2uMpYNIeXu13x Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.144.69.246 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-144-69-246.us-west-1.compute.amazonaws.com Software Apache / Resource Hash `4183be66219d8fcbeefc40c65029ae45cd6c27e3fb469cf85633af1876b8bebf` Request headers accept-language de-DE,de;q=0.9 Referer https://usid9ky8an6-support.myvnc.com/Login?sslchannel=true&sessionid=zaHU0fiiRK3rhuH7mxilvt0yiBeuxLrNq1Zs1pLrm0bu19V9ZDj4KwTgyojLONJCv55X8QVwlXdv6fawvL5sBVWs2W2sJUZaeEbO4REtaDBvGgNJqL40v2uMpYNIeXu13x User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Thu, 21 Apr 2022 09:57:36 GMT Last-Modified Thu, 10 Feb 2022 13:53:52 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 2560
GET H/1.1	200 OK	lock.gif usid9ky8an6-support.myvnc.com/ht_assetz/img/	870 B 1 KB	163ms 163ms	Image image/gif	18.144.69.246 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://usid9ky8an6-support.myvnc.com/ht_assetz/img/lock.gif Requested by Host: usid9ky8an6-support.myvnc.com URL: https://usid9ky8an6-support.myvnc.com/Login?sslchannel=true&sessionid=zaHU0fiiRK3rhuH7mxilvt0yiBeuxLrNq1Zs1pLrm0bu19V9ZDj4KwTgyojLONJCv55X8QVwlXdv6fawvL5sBVWs2W2sJUZaeEbO4REtaDBvGgNJqL40v2uMpYNIeXu13x Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.144.69.246 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-144-69-246.us-west-1.compute.amazonaws.com Software Apache / Resource Hash `5651db6cf27864f6a9fc7b44bce870b799057c58d7fc0e32f5a640172a88a7e3` Request headers accept-language de-DE,de;q=0.9 Referer https://usid9ky8an6-support.myvnc.com/Login?sslchannel=true&sessionid=zaHU0fiiRK3rhuH7mxilvt0yiBeuxLrNq1Zs1pLrm0bu19V9ZDj4KwTgyojLONJCv55X8QVwlXdv6fawvL5sBVWs2W2sJUZaeEbO4REtaDBvGgNJqL40v2uMpYNIeXu13x User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Thu, 21 Apr 2022 09:57:36 GMT Last-Modified Thu, 10 Feb 2022 13:53:52 GMT Server Apache Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 870
GET H/1.1	200 OK	oo_icon_retina_black.gif usid9ky8an6-support.myvnc.com/ht_assetz/img/	552 B 793 B	160ms 160ms	Image image/gif	18.144.69.246 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://usid9ky8an6-support.myvnc.com/ht_assetz/img/oo_icon_retina_black.gif Requested by Host: usid9ky8an6-support.myvnc.com URL: https://usid9ky8an6-support.myvnc.com/Login?sslchannel=true&sessionid=zaHU0fiiRK3rhuH7mxilvt0yiBeuxLrNq1Zs1pLrm0bu19V9ZDj4KwTgyojLONJCv55X8QVwlXdv6fawvL5sBVWs2W2sJUZaeEbO4REtaDBvGgNJqL40v2uMpYNIeXu13x Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.144.69.246 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-144-69-246.us-west-1.compute.amazonaws.com Software Apache / Resource Hash `15f5836e52324d46e89eed325a5de5158f0d9bb29d59e1ffc381d961a1f6980d` Request headers accept-language de-DE,de;q=0.9 Referer https://usid9ky8an6-support.myvnc.com/Login?sslchannel=true&sessionid=zaHU0fiiRK3rhuH7mxilvt0yiBeuxLrNq1Zs1pLrm0bu19V9ZDj4KwTgyojLONJCv55X8QVwlXdv6fawvL5sBVWs2W2sJUZaeEbO4REtaDBvGgNJqL40v2uMpYNIeXu13x User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Thu, 21 Apr 2022 09:57:36 GMT Last-Modified Thu, 10 Feb 2022 13:53:52 GMT Server Apache Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 552
GET H/1.1	200 OK	hexlogo-footer-icon.png usid9ky8an6-support.myvnc.com/ht_assetz/img/	333 B 574 B	163ms 162ms	Image image/png	18.144.69.246 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://usid9ky8an6-support.myvnc.com/ht_assetz/img/hexlogo-footer-icon.png Requested by Host: usid9ky8an6-support.myvnc.com URL: https://usid9ky8an6-support.myvnc.com/Login?sslchannel=true&sessionid=zaHU0fiiRK3rhuH7mxilvt0yiBeuxLrNq1Zs1pLrm0bu19V9ZDj4KwTgyojLONJCv55X8QVwlXdv6fawvL5sBVWs2W2sJUZaeEbO4REtaDBvGgNJqL40v2uMpYNIeXu13x Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.144.69.246 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-144-69-246.us-west-1.compute.amazonaws.com Software Apache / Resource Hash `deb61527bc56e95dddf597d429991ca5a6002890ab8990b3c268926e6920b505` Request headers accept-language de-DE,de;q=0.9 Referer https://usid9ky8an6-support.myvnc.com/Login?sslchannel=true&sessionid=zaHU0fiiRK3rhuH7mxilvt0yiBeuxLrNq1Zs1pLrm0bu19V9ZDj4KwTgyojLONJCv55X8QVwlXdv6fawvL5sBVWs2W2sJUZaeEbO4REtaDBvGgNJqL40v2uMpYNIeXu13x User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Thu, 21 Apr 2022 09:57:36 GMT Last-Modified Thu, 10 Feb 2022 13:53:52 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 333
GET H/1.1	200 OK	huntington-rol-print.css usid9ky8an6-support.myvnc.com/ht_assetz/css/	8 KB 8 KB	367ms 367ms	Stylesheet text/css	18.144.69.246 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://usid9ky8an6-support.myvnc.com/ht_assetz/css/huntington-rol-print.css Requested by Host: usid9ky8an6-support.myvnc.com URL: https://usid9ky8an6-support.myvnc.com/Login?sslchannel=true&sessionid=zaHU0fiiRK3rhuH7mxilvt0yiBeuxLrNq1Zs1pLrm0bu19V9ZDj4KwTgyojLONJCv55X8QVwlXdv6fawvL5sBVWs2W2sJUZaeEbO4REtaDBvGgNJqL40v2uMpYNIeXu13x Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.144.69.246 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-144-69-246.us-west-1.compute.amazonaws.com Software Apache / Resource Hash `70c00dd2e53aff643a9cd3f6bd7fcecf934056d5c076c3540b89c9d05a96e012` Request headers accept-language de-DE,de;q=0.9 Referer https://usid9ky8an6-support.myvnc.com/Login?sslchannel=true&sessionid=zaHU0fiiRK3rhuH7mxilvt0yiBeuxLrNq1Zs1pLrm0bu19V9ZDj4KwTgyojLONJCv55X8QVwlXdv6fawvL5sBVWs2W2sJUZaeEbO4REtaDBvGgNJqL40v2uMpYNIeXu13x User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Thu, 21 Apr 2022 09:57:36 GMT Last-Modified Thu, 10 Feb 2022 13:53:52 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 8363
GET H/1.1	200 OK	background-960.jpg usid9ky8an6-support.myvnc.com/ht_assetz/img/	3 KB 3 KB	159ms 159ms	Image image/jpeg	18.144.69.246 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://usid9ky8an6-support.myvnc.com/ht_assetz/img/background-960.jpg Requested by Host: usid9ky8an6-support.myvnc.com URL: https://usid9ky8an6-support.myvnc.com/ht_assetz/css/huntington-rol.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.144.69.246 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-144-69-246.us-west-1.compute.amazonaws.com Software Apache / Resource Hash `f35791a298f11f56a270a7fe6e0eec32c073de76e1ba54e126b6a765ff3ae200` Request headers accept-language de-DE,de;q=0.9 Referer https://usid9ky8an6-support.myvnc.com/ht_assetz/css/huntington-rol.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers Date Thu, 21 Apr 2022 09:57:37 GMT Last-Modified Thu, 10 Feb 2022 13:58:36 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 2997

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Huntington Bank (Banking)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			usid9ky8an6-support.myvnc.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 1d79cfdaa07570f4d0cc1e3b226a9d05

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

usid9ky8an6-support.myvnc.com
18.144.69.246
15f5836e52324d46e89eed325a5de5158f0d9bb29d59e1ffc381d961a1f6980d
22d1d430fb9575bcf54932ea71e39ccaccd62c19ca67270d56ef30f56d56f67e
24cf21f193e68d68b904cbaee94a24ee60140d7e570a6873e3e4f45724c74ef5
2f9215b9ab85c0e224d2d0b37b77be86fed52ded385e96aff0f1beb32f3fe5cc
3de2992764859f7d334186c4166f0c16cfb6f38da0e1fdb0f477b7c6a08485dd
408236bad13858212891ee9591c5f10f4e11b891f6001f5327c146afe9d10d45
4183be66219d8fcbeefc40c65029ae45cd6c27e3fb469cf85633af1876b8bebf
4e397d4cdd3f6b1da8992479abdeb0443f24d852e63ec5c0c7ed2dd3f0fdc34b
5651db6cf27864f6a9fc7b44bce870b799057c58d7fc0e32f5a640172a88a7e3
65916412ccdbd807d52915f418c2d5ea5451a2bc1af904ab8702634e88e54991
70c00dd2e53aff643a9cd3f6bd7fcecf934056d5c076c3540b89c9d05a96e012
88f039834ad283597f08b9dc10a59c598a7a9f52630f49285361cc703d51da7a
8aa0a535b8d47209c6a2dfc8f3168f5922e84d5aafb98e8a9db0300dddadacaf
a018c651ba01f0ac20faecd5449d9e034a8df724a80ee7650aafa0068b1ec3ae
ac4c79f5ea44ab2c5a9871c08098066c6ad1d6b87293dd8f19045ce0559d2c19
b872c1160cd5cc15ecc363fdfc52b9ce263d43a47b3a1207057f788dcea42bc5
deb61527bc56e95dddf597d429991ca5a6002890ab8990b3c268926e6920b505
e226a30e910cd4638a4ff1fbf8ba8e926ef0e01678e74dfac812c334a9985328
f35791a298f11f56a270a7fe6e0eec32c073de76e1ba54e126b6a765ff3ae200

usid9ky8an6-support.myvnc.com Open in urlscan Pro 18.144.69.246 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

19 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

177 kBTransfer

172 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

1 Cookies

Indicators

usid9ky8an6-support.myvnc.com Open in urlscan Pro
18.144.69.246 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

177 kB
Transfer

172 kB
Size

1
Cookies

19 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!