fastandsecureportal.xyz

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 7 HTTP transactions. The main IP is 172.67.153.158, located in United States and belongs to CLOUDFLARENET, US. The main domain is fastandsecureportal.xyz.
TLS certificate: Issued by WE1 on August 12th 2024. Valid for: 3 months.

This is the only time fastandsecureportal.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	172.67.153.158 172.67.153.158	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:f577	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	3

5 172.67.153.158 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

fastandsecureportal.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:f577 (United States)

ASN13335 (CLOUDFLARENET, US)

www.atb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	fastandsecureportal.xyz 1 redirects fastandsecureportal.xyz	10 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	82 KB
1	atb.com www.atb.com	6 KB
7	3

	Domain	Requested by
5	fastandsecureportal.xyz	1 redirects fastandsecureportal.xyz
2	cdnjs.cloudflare.com	fastandsecureportal.xyz cdnjs.cloudflare.com
1	www.atb.com
7	3

This site contains no links.

Subject Issuer	Validity	Valid
fastandsecureportal.xyz WE1	`2024-08-12` - `2024-11-10`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
www.atb.com Entrust Certification Authority - L1K	`2023-12-22` - `2025-01-22`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://fastandsecureportal.xyz/UpdateVerifyPrss!/ATB/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e
Frame ID: 57246738F4CBAC554B35F926F408C759
Requests: 5 HTTP requests in this frame

Frame: https://fastandsecureportal.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/769ce3c24a3b/main.js
Frame ID: 0C3701D3CA6D11B63C0543405AA26962
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login | ATB Financial

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

7
Requests

86 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

97 kB
Transfer

125 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://fastandsecureportal.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://fastandsecureportal.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/769ce3c24a3b/main.js

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
fastandsecureportal.xyz/UpdateVerifyPrss!/ATB/ 8 KB
3 KB 535ms
386ms Document
text/html 172.67.153.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fastandsecureportal.xyz/UpdateVerifyPrss!/ATB/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.153.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd51d73404e4dfc337c9d9dfe3073eb3457e155da5c31a9564832a8f58360cc7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8b25ac1afaaa83f7-LAX
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 13 Aug 2024 03:38:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xgZZZljWpOzPi5JCr7Ov0bZRHHgMfT%2Fr%2BqaC%2FvBB1%2F24YnGnasNTy7DABYpJJxi4C5fTyYXw0VGM5lqd7gcvK1iAzT4SpdNileckB0cquPNcregirMzTMqFTR%2Feu3JAyGl%2BXVGBxVyYviQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 161ms
82ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: fastandsecureportal.xyz
URL: https://fastandsecureportal.xyz/UpdateVerifyPrss!/ATB/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://fastandsecureportal.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 03:38:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 381251
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D4mHzjhgEHkXS4tNCtHkVi0BINOicRLXpNeosWyfVulQtcr90h4dzD1GXOl8xc0Ij5KVnCGVdeX00Vg%2FiqKI5JLiRyErviEv8TPSNL6PXNPrTz5pi%2FBXqulPgKPsTw29XFt6h5jz"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b25ac1e8b22239d-SJC
expires: Sun, 03 Aug 2025 03:38:26 GMT

GET
H3 200 logo_CA000219_FULL_IMAGE.svg
fastandsecureportal.xyz/UpdateVerifyPrss!/files/ 3 KB
2 KB 77ms
76ms Image
image/svg+xml 172.67.153.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fastandsecureportal.xyz/UpdateVerifyPrss!/files/logo_CA000219_FULL_IMAGE.svg
Requested by: Host: fastandsecureportal.xyz
URL: https://fastandsecureportal.xyz/UpdateVerifyPrss!/ATB/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.153.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f20957245ccf4ae9c38287fad8f482c27a44d0ea75033d9527c759956d3c824f

Request headers

Referer: https://fastandsecureportal.xyz/UpdateVerifyPrss!/ATB/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 03:38:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 22 Jun 2022 07:16:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10753
etag: W/"cd9-62b2c1d2-160090;br"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0Eb3Vl2g6rQ3vL9Q8kyPASV%2BDeTVoeCXKH3kbV3jw1rdRPJynN37ybwYJZ4sXCwGxwwGgVfUS7F2Mi2ezJvHrwDMntXiOrnlFsAMIoruC2I2zwi%2BfMUPqZrwsjWaKzWFfG0HsVBEeEO3cg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
cf-ray: 8b25ac1dfd8983f7-LAX
alt-svc: h3=":443"; ma=86400
expires: Tue, 20 Aug 2024 00:39:13 GMT

GET
H3 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 165ms
88ms Font
application/octet-stream 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://fastandsecureportal.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 03:38:27 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 381451
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DavpTSgqn57TgLmrXqAdyn7sGgFHIY99xHXs1RdqDGs66duM09GtXHChfBbAufytVopKrrEkasqm8RusTJZxMOC%2F5dDfNdNOrecSHbdiq7HJ8o7566kZHbskYdpI23J%2BPXTLu86X"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b25ac1fb826fa5a-SJC
expires: Sun, 03 Aug 2025 03:38:27 GMT

GET
H3

200

main.js Show response
fastandsecureportal.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/769ce3c24a3b/ Frame 0C37
Redirect Chain

https://fastandsecureportal.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://fastandsecureportal.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/769ce3c24a3b/main.js?

8 KB
4 KB

73ms
73ms

Script
application/javascript

172.67.153.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fastandsecureportal.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/769ce3c24a3b/main.js?

Requested by

Host: fastandsecureportal.xyz
URL: https://fastandsecureportal.xyz/UpdateVerifyPrss!/ATB/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e

Protocol

H3

Server

172.67.153.158 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e62908c207a02e38e00e5d455e4a4927b53bd4c861da9c7c6156e2f790b1eb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 03:38:27 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9cGmCuMqOvB6uAWudt3Px8LgVd99RMd9umSpU6HFfhz3Hw%2FJJ%2FxvZhbyanUEXqoiWpdtgsNgatwsFw9k47UDyeIEG24V6wl2qlO4QRFDOqoH%2FBqdnW%2BmiCdQV5D24atwElML9KfOng%2FA7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8b25ac1faed983f7-LAX
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 13 Aug 2024 03:38:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Aj2dyOemOXjV%2B0AqtEK15eTAsm8rlfYiKOYbZ4OM9OaGMZSlMkuGMqEWcWoS4DwgZHtcWqErEYpjLprGDlCvIFBZHzt6KpWNK61rW7F4N0XcfwJB%2BZrtBxVrXDe2d25r4r0JdwRyUDcgag%3D%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/769ce3c24a3b/main.js?
access-control-allow-origin: *
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8b25ac1f3e7683f7-LAX
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 8b25ac1afaaa83f7 Show response
fastandsecureportal.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 0C37 0
704 B 93ms
85ms XHR
text/plain 172.67.153.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fastandsecureportal.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/8b25ac1afaaa83f7
Requested by: Host: fastandsecureportal.xyz
URL: https://fastandsecureportal.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.153.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 13 Aug 2024 03:38:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VjSWi1cHEHTFdV2AZal7Xxauk%2FNcIUBzZLISSIbHJZeDCyQ68reNHYTq2Y0MxtLCUhnd2gE97qwIxc1PgAK%2FwWGaetlTjFRB7ymCoOrIZOYLf7BnW1yFqq8lPbuK716PRJCw%2FcgJGqhPwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 8b25ac20cfff83f7-LAX
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 favicon-32x32.png
www.atb.com//static/img/ 182 B
6 KB 635ms
80ms Other
image/webp 2606:4700::6810:f577
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.atb.com//static/img/favicon-32x32.png

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f577 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

6cb0d0f9f8d0624127b0ac7da936382ea47e1d9e5c703a138bea8cdfa39e77c4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; report-uri https://csp.atbaux.com/csp-error; default-src 'none'; connect-src 'self' https: https://tr.snapchat.com https://www.atb.com/ https://www.facebook.com https://ajax.googleapis.com https://forms.hsforms.com/emailcheck/v1/ https://ct.pinterest.com/md/ https://web-atbva-uat.k8s-prod-na.finn.ai/api/v1/finn-chat/ https://web-atbva-prod.k8s-prod-na.finn.ai/api/v1/finn-chat/ https://web-atbva-uat.k8s-prod-na.finn.ai/ https://web-atbva-prod.k8s-prod-na.finn.ai/ https://msg-atbva-uat.k8s-prod-na.finn.ai/subscriptions/finnChat/ https://msg-atbva-prod.k8s-prod-na.finn.ai/subscriptions/finnChat/ wss://msg-atbva-uat.k8s-prod-na.finn.ai/ wss://msg-atbva-prod.k8s-prod-na.finn.ai/ https://msg-atbva-prod.k8s-prod-na.finn.ai/ https://cdn.siteimprove.net https://superscribe.atbaux.com https://api.genesyscloud.com https://www.google-analytics.com/ https://dc.services.visualstudio.com/v2/track https://siteintercept.qualtrics.com https://atb.postclickmarketing.com https://interactive.atb.com https://vimeo.com https://rates.atbaux.com/ https://tags.srv.stackadapt.com/ https://ct.pinterest.com/user/ https://q.quora.com/ https://stats.g.doubleclick.net https://east.srv.stackadapt.com https://uw.srv.stackadapt.com https://bat.bing.com https://analytics.google.com https://eu.srv.stackadapt.com https://www.google.ca/ads/ga-audiences https://www.google.com/pagead/landing https://s.yimg.com https://maps.googleapis.com https://api.hubapi.com wss://pubsub.salemove.com https://.salemove.com wss://kluster.salemove.com https://.glia.com; base-uri 'none'; font-src 'self' data: https://maxcdn.bootstrapcdn.com https://fonts.gstatic.com; form-action https://www.facebook.com https://tr.snapchat.com https://forms.hsforms.com https://tr.snapchat.com/p https://tr.snapchat.com/cm/i https://feedback.atb.com; frame-ancestors 'none'; style-src 'self' 'unsafe-inline' https://tags.srv.stackadapt.com https://cloud.typography.com https://maxcdn.bootstrapcdn.com/font-awesome/ https://web-atbva-uat.k8s-prod-na.finn.ai/webchat/static/styles/styles.css https://fonts.googleapis.com https://tagmanager.google.com https://www.googletagmanager.com https://east.srv.stackadapt.com https://uw.srv.stackadapt.com https://eu.srv.stackadapt.com https://optimize.google.com/optimize/editor/css/css.css https://.salemove.com; script-src 'self' https: https://zn5hxoymepfxxwpmj-atbfeedback.siteintercept.qualtrics.com https://cdn.optimizely.com/js/26567580009.js 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://www.googleanalytics.com https://optimize.google.com https://www.googleoptimize.com https://zn5hxoymepfxxwpmj-atbfeedback.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://www.google.com/recaptcha/api.js https://www.google.com/recaptcha/enterprise.js https://www.googletagmanager.com/ https://www.google-analytics.com https://tagmanager.google.com https://az416426.vo.msecnd.net/scripts/a/ai.0.js https://maps.googleapis.com/maps/api/js https://adservice.google.com/ https://adservice.google.com/ https://www.google.com/ads/ga-audiences https://js.hs-scripts.com/4764334.js https://js.hsforms.net/forms/v2.js https://forms.hsforms.com/ https://forms.hsforms.com/submissions/v3/public/submit/formsnext/multipart/ https://znbd9nr9vkcjqslin-atbfeedback.siteintercept.qualtrics.com https://dl.episerver.net/13.2.4/epi-util/find.js https://js.hs-analytics.net/analytics/1563383400000/4764334.js https://www.workable.com/api/accounts/377831 https://www.workable.com/assets/embed.js https://extend.vimeocdn.com/ga/10780070.js https://zn5hxoymepfxxwpmj-atbfeedback.siteintercept.qualtrics.com/WRSiteInterceptEngine/ https://code.jquery.com/jquery-3.4.1.min.js https://sc-static.net/ https://static.ads-twitter.com/uwt.js https://analytics.twitter.com/i/ https://connect.facebook.net/en_US/fbevents.js https://connect.facebook.net/signals/config/ https://www.youtube.com/s/player/* https://cdn.jsdelivr.net/npm/vue@2.6.10/dist/vue.runtime.min.js https://snap.licdn.com/li.lms-analytics/insight.min.js https://s.pinimg.com/ct/core.js https://s.pinimg.com/ct/lib/ https://a.quora.com/qevents.js https://tags.srv.stackadapt.com/events.js https://east.srv.stackadapt.com/events.js https://uw.srv.stackadapt.com/events.js https://eu.srv.stackadapt.com/events.js https://platform.twitter.com/oct.js https://static.ads-twitter.com/oct.js https://www.youtube.com/iframe_api https://s.ytimg.com/yts/jsbin/ https://secure.quantserve.com/quant.js https://edge.quantserve.com/quant.js https://js.hs-banner.com https://apply.workable.com https://www.google.com/ads/ga-audiences* https://s.mitaa.io/dtag.min.js https://ionfiles.scribblecdn.net/scripts/ionizer-1.2.min.js http://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js https://web-atbva-uat.k8s-prod-na.finn.ai/webchat/static/ https://js.hs-banner.com/4764334.js https://bat.bing.com https://clarity.microsoft.com https://9897839.fls.doubleclick.net https://web-atbva-uat.k8s-prod-na.finn.ai/webchat/static/bundle.js https://web-atbva-uat.k8s-prod-na.finn.ai/webchat/static/config.js https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js https://siteimproveanalytics.com/js/siteanalyze_77682.js https://siteimproveanalytics.com/ 'sha256-AoNQZpaRmemSTxMy9xcqXX5VLwI6IMPYugO7bFHOW+U=' 'sha256-VazP97ZCwtekAsvgPBSUwPFKdrwD3unUfSGVYrahUqU=' 'sha256-CSXorXvZcTkaix6Yvo6HppcZGetbYMGWSFlBw8HfCJo=' 'sha256-27gTObPp0STAt+fV8fwrG9pRwkVFaEg7ZHzBv6L0yto=' 'sha256-2bKthQiZc2RXXJ2zuNdQgergsosNJNO0j0pY5/AMUKE=' 'sha256-3ZrSyKXyfCBhxmUPydg8a9mgpCxBzKb9p2d6IFRh3+Q=' 'sha256-kiNksdOX+M4g0/nMTqaTImuB/PHpOdvlQF6VaBmvnoE=' 'sha256-fmBnciP22+IeufKiwett0ScrQcvXA2ltLjO5AkOn/eQ=' 'sha256-GxB2ppK+t1dQ/6WHfZRc7UJL/ct7a59qHKzBE/c1SzE=' 'sha256-kN2TxtGds1lhWybMfEoIXWeS4x4Enya8DiiyBAbeyHs=' 'sha256-olgZwKESUKBk5MwFwAYxCIamu4KAcRjk5VqnZxOlat0=' 'sha256-rXnvrupdVgmIsBg96vSU/gV2uQjZSH3AKma5y9FlGaU=' 'nonce-qsk47Vz58usgXWEc/cmC2Ecaq+Bilrg92idePC35/00='; img-src 'self' data: * https://optimize.google.com https://www.google-analytics.com https://www.googletagmanager.com; media-src https://.salemove.com; frame-src https://.atb.com https://td.doubleclick.net https://www.facebook.com https://tr6.snapchat.com https://www.pinterest.com https://tr.snapchat.com https://verify.auth.atb.com/ https://verify-uat.auth-dev.atb.com/ https://www.googletagmanager.com https://va.atb.com/ https://virtual-assist-prod.atb.com/ https://virtual-assist-uat.atb.com/ https://web-atbva-prod.k8s-prod-na.finn.ai/ https://bank-api-gateway-atbva-prod.k8s-prod-na.finn.ai https://bank-api-gateway-atbva-prod.k8s-prod-na.finn.ai/ https://identity-prod.auth-dev.atb.com/ https://identity.auth.atb.com/ https://web-atbva-uat.k8s-prod-na.finn.ai/ https://bank-api-gateway-atbva-uat.k8s-prod-na.finn.ai https://bank-api-gateway-atbva-uat.k8s-prod-na.finn.ai/ https://identity-uat.auth-dev.atb.com/ https://8389598.fls.doubleclick.net/ https://www.google.com https://stats.g.doubleclick.net/ https://siteintercept.qualtrics.com/ https://feedback.atb.com/ https://www.youtube.com/ https://player.vimeo.com/ https://atb.postclickmarketing.com/ https://interactive.atb.com/ https://forms.hsforms.com/ https://tr.snapchat.com/ https://www.atbonline.com/ https://app.hubspot.com/ https://9897839.fls.doubleclick.net https://bid.g.doubleclick.net/ https://10829704.fls.doubleclick.net/ https://finn-demo-assets.finn.ai/ https://personal.atb.com/ https://www.pinterest.ca/ https://ct.pinterest.com/ https://optimize.google.com/ https://a26567580009.cdn.optimizely.com; manifest-src 'self'; child-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fastandsecureportal.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 03:38:28 GMT
content-security-policy: upgrade-insecure-requests; report-uri https://csp.atbaux.com/csp-error; default-src 'none'; connect-src 'self' https: https://tr.snapchat.com https://www.atb.com/ https://www.facebook.com https://ajax.googleapis.com https://forms.hsforms.com/emailcheck/v1/ https://ct.pinterest.com/md/ https://web-atbva-uat.k8s-prod-na.finn.ai/api/v1/finn-chat/ https://web-atbva-prod.k8s-prod-na.finn.ai/api/v1/finn-chat/ https://web-atbva-uat.k8s-prod-na.finn.ai/ https://web-atbva-prod.k8s-prod-na.finn.ai/ https://msg-atbva-uat.k8s-prod-na.finn.ai/subscriptions/finnChat/ https://msg-atbva-prod.k8s-prod-na.finn.ai/subscriptions/finnChat/ wss://msg-atbva-uat.k8s-prod-na.finn.ai/ wss://msg-atbva-prod.k8s-prod-na.finn.ai/ https://msg-atbva-prod.k8s-prod-na.finn.ai/ https://cdn.siteimprove.net https://superscribe.atbaux.com https://api.genesyscloud.com https://www.google-analytics.com/ https://dc.services.visualstudio.com/v2/track https://siteintercept.qualtrics.com https://atb.postclickmarketing.com https://interactive.atb.com https://vimeo.com https://rates.atbaux.com/ https://tags.srv.stackadapt.com/ https://ct.pinterest.com/user/ https://q.quora.com/ https://stats.g.doubleclick.net https://east.srv.stackadapt.com https://uw.srv.stackadapt.com https://bat.bing.com https://analytics.google.com https://eu.srv.stackadapt.com https://www.google.ca/ads/ga-audiences https://www.google.com/pagead/landing https://s.yimg.com https://maps.googleapis.com https://api.hubapi.com wss://pubsub.salemove.com https://*.salemove.com wss://kluster.salemove.com https://*.glia.com; base-uri 'none'; font-src 'self' data: https://maxcdn.bootstrapcdn.com https://fonts.gstatic.com; form-action https://www.facebook.com https://tr.snapchat.com https://forms.hsforms.com https://tr.snapchat.com/p https://tr.snapchat.com/cm/i https://feedback.atb.com; frame-ancestors 'none'; style-src 'self' 'unsafe-inline' https://tags.srv.stackadapt.com https://cloud.typography.com https://maxcdn.bootstrapcdn.com/font-awesome/ https://web-atbva-uat.k8s-prod-na.finn.ai/webchat/static/styles/styles.css https://fonts.googleapis.com https://tagmanager.google.com https://www.googletagmanager.com https://east.srv.stackadapt.com https://uw.srv.stackadapt.com https://eu.srv.stackadapt.com https://optimize.google.com/optimize/editor/css/css.css https://*.salemove.com; script-src 'self' https: https://zn5hxoymepfxxwpmj-atbfeedback.siteintercept.qualtrics.com https://cdn.optimizely.com/js/26567580009.js 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://www.googleanalytics.com https://optimize.google.com https://www.googleoptimize.com https://zn5hxoymepfxxwpmj-atbfeedback.siteintercept.qualtrics.com https://siteintercept.qualtrics.com https://www.google.com/recaptcha/api.js https://www.google.com/recaptcha/enterprise.js https://www.googletagmanager.com/ https://www.google-analytics.com https://tagmanager.google.com https://az416426.vo.msecnd.net/scripts/a/ai.0.js https://maps.googleapis.com/maps/api/js https://adservice.google.com/ https://adservice.google.com/* https://www.google.com/ads/ga-audiences https://js.hs-scripts.com/4764334.js https://js.hsforms.net/forms/v2.js https://forms.hsforms.com/ https://forms.hsforms.com/submissions/v3/public/submit/formsnext/multipart/ https://znbd9nr9vkcjqslin-atbfeedback.siteintercept.qualtrics.com https://dl.episerver.net/13.2.4/epi-util/find.js https://js.hs-analytics.net/analytics/1563383400000/4764334.js https://www.workable.com/api/accounts/377831 https://www.workable.com/assets/embed.js https://extend.vimeocdn.com/ga/10780070.js https://zn5hxoymepfxxwpmj-atbfeedback.siteintercept.qualtrics.com/WRSiteInterceptEngine/ https://code.jquery.com/jquery-3.4.1.min.js https://sc-static.net/ https://static.ads-twitter.com/uwt.js https://analytics.twitter.com/i/ https://connect.facebook.net/en_US/fbevents.js https://connect.facebook.net/signals/config/ https://www.youtube.com/s/player/* https://cdn.jsdelivr.net/npm/vue@2.6.10/dist/vue.runtime.min.js https://snap.licdn.com/li.lms-analytics/insight.min.js https://s.pinimg.com/ct/core.js https://s.pinimg.com/ct/lib/ https://a.quora.com/qevents.js https://tags.srv.stackadapt.com/events.js https://east.srv.stackadapt.com/events.js https://uw.srv.stackadapt.com/events.js https://eu.srv.stackadapt.com/events.js https://platform.twitter.com/oct.js https://static.ads-twitter.com/oct.js https://www.youtube.com/iframe_api https://s.ytimg.com/yts/jsbin/ https://secure.quantserve.com/quant.js https://edge.quantserve.com/quant.js https://js.hs-banner.com https://apply.workable.com https://www.google.com/ads/ga-audiences* https://s.mitaa.io/dtag.min.js https://ionfiles.scribblecdn.net/scripts/ionizer-1.2.min.js http://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js https://web-atbva-uat.k8s-prod-na.finn.ai/webchat/static/ https://js.hs-banner.com/4764334.js https://bat.bing.com https://clarity.microsoft.com https://9897839.fls.doubleclick.net https://web-atbva-uat.k8s-prod-na.finn.ai/webchat/static/bundle.js https://web-atbva-uat.k8s-prod-na.finn.ai/webchat/static/config.js https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js https://siteimproveanalytics.com/js/siteanalyze_77682.js https://siteimproveanalytics.com/ 'sha256-AoNQZpaRmemSTxMy9xcqXX5VLwI6IMPYugO7bFHOW+U=' 'sha256-VazP97ZCwtekAsvgPBSUwPFKdrwD3unUfSGVYrahUqU=' 'sha256-CSXorXvZcTkaix6Yvo6HppcZGetbYMGWSFlBw8HfCJo=' 'sha256-27gTObPp0STAt+fV8fwrG9pRwkVFaEg7ZHzBv6L0yto=' 'sha256-2bKthQiZc2RXXJ2zuNdQgergsosNJNO0j0pY5/AMUKE=' 'sha256-3ZrSyKXyfCBhxmUPydg8a9mgpCxBzKb9p2d6IFRh3+Q=' 'sha256-kiNksdOX+M4g0/nMTqaTImuB/PHpOdvlQF6VaBmvnoE=' 'sha256-fmBnciP22+IeufKiwett0ScrQcvXA2ltLjO5AkOn/eQ=' 'sha256-GxB2ppK+t1dQ/6WHfZRc7UJL/ct7a59qHKzBE/c1SzE=' 'sha256-kN2TxtGds1lhWybMfEoIXWeS4x4Enya8DiiyBAbeyHs=' 'sha256-olgZwKESUKBk5MwFwAYxCIamu4KAcRjk5VqnZxOlat0=' 'sha256-rXnvrupdVgmIsBg96vSU/gV2uQjZSH3AKma5y9FlGaU=' 'nonce-qsk47Vz58usgXWEc/cmC2Ecaq+Bilrg92idePC35/00='; img-src 'self' data: * https://optimize.google.com https://www.google-analytics.com https://www.googletagmanager.com; media-src https://*.salemove.com; frame-src https://*.atb.com https://td.doubleclick.net https://www.facebook.com https://tr6.snapchat.com https://www.pinterest.com https://tr.snapchat.com https://verify.auth.atb.com/ https://verify-uat.auth-dev.atb.com/ https://www.googletagmanager.com https://va.atb.com/ https://virtual-assist-prod.atb.com/ https://virtual-assist-uat.atb.com/ https://web-atbva-prod.k8s-prod-na.finn.ai/ https://bank-api-gateway-atbva-prod.k8s-prod-na.finn.ai https://bank-api-gateway-atbva-prod.k8s-prod-na.finn.ai/ https://identity-prod.auth-dev.atb.com/ https://identity.auth.atb.com/ https://web-atbva-uat.k8s-prod-na.finn.ai/ https://bank-api-gateway-atbva-uat.k8s-prod-na.finn.ai https://bank-api-gateway-atbva-uat.k8s-prod-na.finn.ai/ https://identity-uat.auth-dev.atb.com/ https://8389598.fls.doubleclick.net/ https://www.google.com https://stats.g.doubleclick.net/ https://siteintercept.qualtrics.com/ https://feedback.atb.com/ https://www.youtube.com/ https://player.vimeo.com/ https://atb.postclickmarketing.com/ https://interactive.atb.com/ https://forms.hsforms.com/ https://tr.snapchat.com/ https://www.atbonline.com/ https://app.hubspot.com/ https://9897839.fls.doubleclick.net https://bid.g.doubleclick.net/ https://10829704.fls.doubleclick.net/ https://finn-demo-assets.finn.ai/ https://personal.atb.com/ https://www.pinterest.ca/ https://ct.pinterest.com/ https://optimize.google.com/ https://a26567580009.cdn.optimizely.com; manifest-src 'self'; child-src 'none'; object-src 'self';
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: HIT
age: 8915
cf-polished: origFmt=png, origSize=562
x-powered-by: ASP.NET
content-disposition: inline; filename="favicon-32x32.webp"
content-length: 182
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:4bfe3162-8ed7-4ce8-a697-b34850a88b82
referrer-policy: strict-origin-when-cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Thu, 01 Aug 2024 17:32:12 GMT
server: cloudflare
vary: Accept
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: public,max-age=86400
accept-ranges: bytes
cf-ray: 8b25ac2508c908d3-LAX

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.fastandsecureportal.xyz/	1970-01-21 07:30:56	Name: cf_clearance Value: xDUnH284InUWFjCRBnrKhbrbQ1TioM0mj2EPjvN8j2w-1723520307-1.0.1.1-3esFkUpFICLgPXLapi2NhBfcvxjI_Ny5oE9P5L6eoLcm..Sx2vl36FRQFQVBLeRgV4Q92rl826WlQI9OSR5kug

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://fastandsecureportal.xyz/UpdateVerifyPrss!/ATB/?key=5050d2156464f8b75b40f3d8cba168a3d4aa145e Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fastandsecureportal.xyz
www.atb.com
104.17.25.14
172.67.153.158
2606:4700::6810:f577
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
4e62908c207a02e38e00e5d455e4a4927b53bd4c861da9c7c6156e2f790b1eb1
6cb0d0f9f8d0624127b0ac7da936382ea47e1d9e5c703a138bea8cdfa39e77c4
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
dd51d73404e4dfc337c9d9dfe3073eb3457e155da5c31a9564832a8f58360cc7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f20957245ccf4ae9c38287fad8f482c27a44d0ea75033d9527c759956d3c824f

fastandsecureportal.xyz Open in urlscan Pro 172.67.153.158 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

7 Requests

86 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

97 kBTransfer

125 kBSize

1 Cookies

0 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

fastandsecureportal.xyz Open in urlscan Pro
172.67.153.158 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

86 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

97 kB
Transfer

125 kB
Size

1
Cookies

7 HTTP transactions
0 data transactions