vrindagarden.com Open in urlscan Pro
103.195.185.115 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://vrindagarden.com/hun/Huntington/index
Submission: On July 18 via api (July 18th 2022, 11:51:26 am UTC) from JP — Scanned from JP

Summary HTTP 148 Redirects Links 147 Behaviour Indicators

Summary

This website contacted 23 IPs in 6 countries across 19 domains to perform 148 HTTP transactions. The main IP is 103.195.185.115, located in India and belongs to PUBLIC-DOMAIN-REGISTRY, US. The main domain is vrindagarden.com.
TLS certificate: Issued by R3 on July 3rd 2022. Valid for: 3 months.

This is the only time vrindagarden.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Huntington Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
79	103.195.185.115 103.195.185.115	394695 (PUBLIC-DO...) (PUBLIC-DOMAIN-REGISTRY)
28	23.44.51.211 23.44.51.211	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.66.27 151.101.66.27	54113 (FASTLY) (FASTLY)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 6	2404:6800:400... 2404:6800:4004:822::2004	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:400a:80b::2003	15169 (GOOGLE) (GOOGLE)
4	35.186.193.174 35.186.193.174	15169 (GOOGLE) (GOOGLE)
3	52.189.67.17 52.189.67.17	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	23.44.53.97 23.44.53.97	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	54.238.98.43 54.238.98.43	16509 (AMAZON-02) (AMAZON-02)
1	2406:2000:a4:... 2406:2000:a4:9fe::1	10230 (YAHOO-SG ...) (YAHOO-SG internet content provider)
5	2404:6800:400... 2404:6800:4004:820::2008	15169 (GOOGLE) (GOOGLE)
1	2600:140b:4::... 2600:140b:4::1732:815a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f00... 2a03:2880:f00c:19:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	142.251.42.130 142.251.42.130	15169 (GOOGLE) (GOOGLE)
1 2	172.217.175.102 172.217.175.102	15169 (GOOGLE) (GOOGLE)
1	106.10.236.146 106.10.236.146	56173 (YAHOO-SG3...) (YAHOO-SG3 internet content provider)
2 4	2404:6800:400... 2404:6800:4004:820::2002	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4004:821::2003	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f10... 2a03:2880:f10f:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	100.24.162.178 100.24.162.178	14618 (AMAZON-AES) (AMAZON-AES)
148	23

79 103.195.185.115 (India)

ASN394695 (PUBLIC-DOMAIN-REGISTRY, US)
PTR: bh-in-22.webhostbox.net

vrindagarden.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 23.44.51.211 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-51-211.deploy.static.akamaitechnologies.com

www.huntington.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.27 (United States)

ASN54113 (FASTLY, US)

f1.media.brightcove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4004:822::2004 (Australia) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:400a:80b::2003 (Osaka, Japan)

ASN15169 (GOOGLE, US)

www.google.tn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.186.193.174 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 174.193.186.35.bc.googleusercontent.com

media-lax1.inq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.189.67.17 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

huntingtonbank.inq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.44.53.97 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-53-97.deploy.static.akamaitechnologies.com

players.brightcove.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.238.98.43 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-238-98-43.ap-northeast-1.compute.amazonaws.com

ensighten.huntingtonbank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:2000:a4:9fe::1 (Taiwan)

ASN10230 (YAHOO-SG internet content provider, SG)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:820::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:140b:4::1732:815a (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f00c:19:face:b00c:0:3 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.42.130 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s45-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.175.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: nrt20s21-in-f6.1e100.net

fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2782440.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 106.10.236.146 (Singapore, Singapore)

ASN56173 (YAHOO-SG3 internet content provider, SG)
PTR: spdc.pbp.vip.sg3.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:820::2002 (Australia) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:821::2003 (Australia)

ASN15169 (GOOGLE, US)

www.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:813::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f10f:83:face:b00c:0:25de (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 100.24.162.178 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-24-162-178.compute-1.amazonaws.com

mef957.dynatrace-managed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
79	vrindagarden.com vrindagarden.com	2 MB
28	huntington.com www.huntington.com — Cisco Umbrella Rank: 53449	568 KB
7	inq.com media-lax1.inq.com — Cisco Umbrella Rank: 39460 huntingtonbank.inq.com — Cisco Umbrella Rank: 87863	745 KB
7	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 17 adservice.google.com — Cisco Umbrella Rank: 103	2 KB
6	doubleclick.net 3 redirects fls.doubleclick.net — Cisco Umbrella Rank: 444 2782440.fls.doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 67	5 KB
5	google.co.jp www.google.co.jp — Cisco Umbrella Rank: 16051 adservice.google.co.jp — Cisco Umbrella Rank: 41714	1 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 101	211 KB
3	huntingtonbank.com ensighten.huntingtonbank.com — Cisco Umbrella Rank: 88087	37 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 164	110 KB
2	google.tn www.google.tn — Cisco Umbrella Rank: 28080	656 B
1	dynatrace-managed.com mef957.dynatrace-managed.com — Cisco Umbrella Rank: 871624	913 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	297 B
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 799	588 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 134	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 914	3 KB
1	yimg.com s.yimg.com — Cisco Umbrella Rank: 401	6 KB
1	brightcove.net players.brightcove.net — Cisco Umbrella Rank: 3893	111 KB
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 485	589 B
1	brightcove.com f1.media.brightcove.com — Cisco Umbrella Rank: 29345	50 KB
148	19

	Domain	Requested by
79	vrindagarden.com	vrindagarden.com
28	www.huntington.com	vrindagarden.com
6	www.google.com	2 redirects vrindagarden.com
5	www.googletagmanager.com	vrindagarden.com www.googletagmanager.com
4	www.google.co.jp	vrindagarden.com
4	googleads.g.doubleclick.net	2 redirects www.googleadservices.com
4	media-lax1.inq.com	vrindagarden.com
3	ensighten.huntingtonbank.com	vrindagarden.com
3	huntingtonbank.inq.com	vrindagarden.com
2	connect.facebook.net	vrindagarden.com connect.facebook.net
2	www.google.tn	vrindagarden.com
1	mef957.dynatrace-managed.com	vrindagarden.com
1	www.facebook.com	vrindagarden.com
1	adservice.google.co.jp	adservice.google.com
1	adservice.google.com	2782440.fls.doubleclick.net
1	sp.analytics.yahoo.com	vrindagarden.com
1	2782440.fls.doubleclick.net	vrindagarden.com
1	fls.doubleclick.net	1 redirects
1	www.googleadservices.com	vrindagarden.com
1	snap.licdn.com	vrindagarden.com
1	s.yimg.com	ensighten.huntingtonbank.com
1	players.brightcove.net	vrindagarden.com
1	px.ads.linkedin.com	vrindagarden.com
1	f1.media.brightcove.com	vrindagarden.com
148	24

This site contains links to these domains. Also see Links.

Domain
outdatedbrowser.com
www.huntington.com
secure.newportgroup.com
login2.fisglobal.com
www.wealthscapeinvestor.com
www.huntington-ir.com
careers.huntington.com
pages.huntington-email.com
selfservice.huntington.com
cms.huntington.com
huntingtoncc.fdecs.com
escrowsolutions.huntington.com
myapps.paychex.com
ht.businessonlinepayroll.com
investor.wealthscape.com
huntington.customercarenet.com
www.govone.com
players.brightcove.net
huntington-ir.com
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
www.linkedin.com

Subject Issuer	Validity	Valid
vrindagarden.com R3	`2022-07-03` - `2022-10-01`	3 months	crt.sh
huntington.com DigiCert SHA2 Extended Validation Server CA	`2022-05-10` - `2023-05-12`	a year	crt.sh
brightcove.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-06-08` - `2023-07-10`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2022-03-28` - `2022-09-28`	6 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.google.com.tn GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.inq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2021-10-12` - `2022-10-12`	a year	crt.sh
players.brightcove.net DigiCert SHA2 Secure Server CA	`2021-08-04` - `2022-08-04`	a year	crt.sh
ensighten.huntingtonbank.com Entrust Certification Authority - L1K	`2022-05-24` - `2023-06-23`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-13` - `2022-08-03`	2 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-26` - `2022-07-25`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-15` - `2022-09-07`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.google.co.jp GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
mef957.dynatrace-managed.com R3	`2022-06-28` - `2022-09-26`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://vrindagarden.com/hun/Huntington/index
Frame ID: FFDAD81671C2C113EEA0C3475697D529
Requests: 132 HTTP requests in this frame

Frame: https://vrindagarden.com/hun/Huntington/index_files/dest5.html
Frame ID: DEF0A711AB9820542A998D34D44EFCA0
Requests: 1 HTTP requests in this frame

Frame: https://vrindagarden.com/hun/Huntington/index_files/nuanceChat.html
Frame ID: CEB91753166702668103B7F16D13303B
Requests: 10 HTTP requests in this frame

Frame: https://vrindagarden.com/hun/Huntington/index_files/activityi.html
Frame ID: DA867129A8B71A9CC599F3A542ABFB64
Requests: 2 HTTP requests in this frame

Frame: https://vrindagarden.com/hun/Huntington/index_files/activityi(1).html
Frame ID: E17BDBF8940F007D87C27ADB59596302
Requests: 2 HTTP requests in this frame

Frame: https://vrindagarden.com/hun/Huntington/index_files/activityi(2).html
Frame ID: 5A8428B6B38F8A382E31ACA00C7A7622
Requests: 2 HTTP requests in this frame

Frame: https://2782440.fls.doubleclick.net/activityi;dc_pre=CMiLzeSvgvkCFU2G6QUdZE0KGw;src=2782440;type=brand313;cat=hunti038;ord=5091548896595.881
Frame ID: E5DC156A0283FBF6BF3223922B18ED11
Requests: 1 HTTP requests in this frame

Frame: https://vrindagarden.com/hun/Huntington/index_files/postToServer.min.html
Frame ID: 1F4E71E70295984B21D1E1102C5A0C97
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CMiLzeSvgvkCFU2G6QUdZE0KGw;src=2782440;type=brand313;cat=hunti038;ord=5091548896595.881;~oref=https://vrindagarden.com/
Frame ID: E86220925212523D1B7C8649EB9FB5BB
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.co.jp/ddm/fls/i/dc_pre=CMiLzeSvgvkCFU2G6QUdZE0KGw;src=2782440;type=brand313;cat=hunti038;ord=5091548896595.881;~oref=https://vrindagarden.com/
Frame ID: 090AD4BC35AD01D787611EB14CB145CD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Online Banking, Insurance, Investing, Loans & Credit Cards | Huntington BankChat with a bankerClose FlagSearchHNB_master_icon_DARK_RGBHNB_master_icon_DARK_RGBVisit Huntington's Facebook pageVisit Huntington's Twitter feedVisit Huntington's Instagram pageVisit Huntington's YouTube pageVisit Huntington's LinkedIn pageFAB_AskUs