utnon.cf Open in urlscan Pro
162.240.233.69 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://utnon.cf/47f9a0d9e/c851?7308274b80c4b847eeb5cc471ab9c47d=600366f73d5cfaf8f23a114d218cef67
Submission Tags: tweet @atomspam #phishing #citizens #bank #financial #infosec #cybersecurity #atomspam Search All
Submission: On April 07 via api (April 7th 2023, 2:18:29 pm UTC) from FI — Scanned from FI

Summary HTTP 26 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 26 HTTP transactions. The main IP is 162.240.233.69, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is utnon.cf.

This is the only time utnon.cf was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Citizens Bank (Banking)

Domain & IP information

	IP Address		AS Autonomous System
26	162.240.233.69 162.240.233.69		46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
26	1

26 162.240.233.69 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-240-233-69.unifiedlayer.com

utnon.cf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	utnon.cf utnon.cf	599 KB
26	1

	Domain	Requested by
26	utnon.cf	utnon.cf
26	1

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://utnon.cf/47f9a0d9e/c851?7308274b80c4b847eeb5cc471ab9c47d=600366f73d5cfaf8f23a114d218cef67
Frame ID: 47A3731791064735FDC5DF06A8EE7940
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Online Login | Citizens Bank404 Not Found

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

599 kB
Transfer

593 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request c851 Show response utnon.cf/47f9a0d9e/	24 KB 24 KB	1073ms 329ms	Document text/html	162.240.233.69 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL http://utnon.cf/47f9a0d9e/c851?7308274b80c4b847eeb5cc471ab9c47d=600366f73d5cfaf8f23a114d218cef67 Protocol HTTP/1.1 Server 162.240.233.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-240-233-69.unifiedlayer.com Software Apache / Resource Hash `051bc7c07680cc9d7cabf53271a835ff420fce73726f971555df422db08f6f0f` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate Connection Upgrade, Keep-Alive Content-Type text/html; charset=UTF-8 Date Fri, 07 Apr 2023 14:18:22 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=100 Pragma no-cache Server Apache Transfer-Encoding chunked Upgrade h2,h2c
GET H/1.1	200 OK	jquery-1.9.1.min.js Show response utnon.cf/47f9a0d9e/js/	90 KB 91 KB	612ms 213ms	Script application/javascript	162.240.233.69 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL http://utnon.cf/47f9a0d9e/js/jquery-1.9.1.min.js Requested by Host: utnon.cf URL: http://utnon.cf/47f9a0d9e/c851?7308274b80c4b847eeb5cc471ab9c47d=600366f73d5cfaf8f23a114d218cef67 Protocol HTTP/1.1 Server 162.240.233.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-240-233-69.unifiedlayer.com Software Apache / Resource Hash `7933ff01db5be57ca6677daaad6bf5009d38d294ab5aa5d998de3ba47e89ca0e` Request headers accept-language fi-FI,fi;q=0.9 Referer http://utnon.cf/47f9a0d9e/c851?7308274b80c4b847eeb5cc471ab9c47d=600366f73d5cfaf8f23a114d218cef67 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Fri, 07 Apr 2023 14:18:23 GMT Last-Modified Sun, 26 Mar 2023 18:21:46 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 92635
GET H/1.1	200 OK	plugin.js Show response utnon.cf/47f9a0d9e/js/	204 KB 204 KB	609ms 204ms	Script application/javascript	162.240.233.69 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL http://utnon.cf/47f9a0d9e/js/plugin.js Requested by Host: utnon.cf URL: http://utnon.cf/47f9a0d9e/c851?7308274b80c4b847eeb5cc471ab9c47d=600366f73d5cfaf8f23a114d218cef67 Protocol HTTP/1.1 Server 162.240.233.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-240-233-69.unifiedlayer.com Software Apache / Resource Hash `2352d5519859c90f1259960f8a9307a7b07a95a1d8bb8f606d21e87ccf4b9bb3` Request headers accept-language fi-FI,fi;q=0.9 Referer http://utnon.cf/47f9a0d9e/c851?7308274b80c4b847eeb5cc471ab9c47d=600366f73d5cfaf8f23a114d218cef67 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Fri, 07 Apr 2023 14:18:23 GMT Last-Modified Sun, 26 Mar 2023 18:21:46 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 208674
GET H/1.1	200 OK	main.js Show response utnon.cf/47f9a0d9e/js/	12 KB 12 KB	615ms 207ms	Script application/javascript	162.240.233.69 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL http://utnon.cf/47f9a0d9e/js/main.js Requested by Host: utnon.cf URL: http://utnon.cf/47f9a0d9e/c851?7308274b80c4b847eeb5cc471ab9c47d=600366f73d5cfaf8f23a114d218cef67 Protocol HTTP/1.1 Server 162.240.233.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-240-233-69.unifiedlayer.com Software Apache / Resource Hash `4d825cc1794390e4680415375dad3b5ca876d00703f5201fa65ec417ea01dabc` Request headers accept-language fi-FI,fi;q=0.9 Referer http://utnon.cf/47f9a0d9e/c851?7308274b80c4b847eeb5cc471ab9c47d=600366f73d5cfaf8f23a114d218cef67 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Fri, 07 Apr 2023 14:18:23 GMT Last-Modified Sun, 26 Mar 2023 18:21:46 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 12152
GET H/1.1	200 OK	jquery-ui-1.10.3.custom.min.css utnon.cf/47f9a0d9e/styless/	19 KB 19 KB	396ms 202ms	Stylesheet text/css	162.240.233.69 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL http://utnon.cf/47f9a0d9e/styless/jquery-ui-1.10.3.custom.min.css Requested by Host: utnon.cf URL: http://utnon.cf/47f9a0d9e/c851?7308274b80c4b847eeb5cc471ab9c47d=600366f73d5cfaf8f23a114d218cef67 Protocol HTTP/1.1 Server 162.240.233.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-240-233-69.unifiedlayer.com Software Apache / Resource Hash `7aaf6df215bb7018439342fe6bcd1058de3e7dfa2c7b4e1176c842b1a8e529ac` Request headers accept-language fi-FI,fi;q=0.9 Referer http://utnon.cf/47f9a0d9e/c851?7308274b80c4b847eeb5cc471ab9c47d=600366f73d5cfaf8f23a114d218cef67 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Fri, 07 Apr 2023 14:18:23 GMT Last-Modified Sun, 26 Mar 2023 18:21:46 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 19030
GET H/1.1	200 OK	normalize.css utnon.cf/47f9a0d9e/styless/	10 KB 10 KB	404ms 203ms	Stylesheet text/css	162.240.233.69 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL http://utnon.cf/47f9a0d9e/styless/normalize.css Requested by Host: utnon.cf URL: http://utnon.cf/47f9a0d9e/c851?7308274b80c4b847eeb5cc471ab9c47d=600366f73d5cfaf8f23a114d218cef67 Protocol HTTP/1.1 Server 162.240.233.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-240-233-69.unifiedlayer.com Software Apache / Resource Hash `91afb84bded857517d6a7e43932e3d4a43eaf42d1e4d0b77a8bc9c07973e21d2` Request headers accept-language fi-FI,fi;q=0.9 Referer http://utnon.cf/47f9a0d9e/c851?7308274b80c4b847eeb5cc471ab9c47d=600366f73d5cfaf8f23a114d218cef67 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Fri, 07 Apr 2023 14:18:23 GMT Last-Modified Sun, 26 Mar 2023 18:21:46 GMT Server Apache Upgrade h2,h2c Content-Type text/css Connection Upgrade, Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 9922
GET H/1.1	200 OK	main.css utnon.cf/47f9a0d9e/styless/	61 KB 61 KB	405ms 204ms	Stylesheet text/css	162.240.233.69 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL http://utnon.cf/47f9a0d9e/styless/main.css Requested by Host: utnon.cf URL: http://utnon.cf/47f9a0d9e/c851?7308274b80c4b847eeb5cc471ab9c47d=600366f73d5cfaf8f23a114d218cef67 Protocol HTTP/1.1 Server 162.240.233.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-240-233-69.unifiedlayer.com Software Apache / Resource Hash `2f6890d706e585ea7f2fd51c88165eea82370d7fb7eff2184d0f2863512870c2` Request headers accept-language fi-FI,fi;q=0.9 Referer http://utnon.cf/47f9a0d9e/c851?7308274b80c4b847eeb5cc471ab9c47d=600366f73d5cfaf8f23a114d218cef67 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Fri, 07 Apr 2023 14:18:23 GMT Last-Modified Sun, 26 Mar 2023 18:21:46 GMT Server Apache Upgrade h2,h2c Content-Type text/css Connection Upgrade, Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 62418
GET H/1.1	200 OK	flows.css utnon.cf/47f9a0d9e/styless/	8 KB 9 KB	404ms 203ms	Stylesheet text/css	162.240.233.69 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL http://utnon.cf/47f9a0d9e/styless/flows.css Requested by Host: utnon.cf URL: http://utnon.cf/47f9a0d9e/c851?7308274b80c4b847eeb5cc471ab9c47d=600366f73d5cfaf8f23a114d218cef67 Protocol HTTP/1.1 Server 162.240.233.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-240-233-69.unifiedlayer.com Software Apache / Resource Hash `9749a485710e170958788032045f2cefb8760a4ab61adc189caadd628f8bc585` Request headers accept-language fi-FI,fi;q=0.9 Referer http://utnon.cf/47f9a0d9e/c851?7308274b80c4b847eeb5cc471ab9c47d=600366f73d5cfaf8f23a114d218cef67 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Fri, 07 Apr 2023 14:18:23 GMT Last-Modified Sun, 26 Mar 2023 18:21:46 GMT Server Apache Upgrade h2,h2c Content-Type text/css Connection Upgrade, Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 8649
GET H/1.1	200 OK	ad-containers.css utnon.cf/47f9a0d9e/styless/	8 KB 8 KB	405ms 204ms	Stylesheet text/css	162.240.233.69 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL http://utnon.cf/47f9a0d9e/styless/ad-containers.css Requested by Host: utnon.cf URL: http://utnon.cf/47f9a0d9e/c851?7308274b80c4b847eeb5cc471ab9c47d=600366f73d5cfaf8f23a114d218cef67 Protocol HTTP/1.1 Server 162.240.233.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-240-233-69.unifiedlayer.com Software Apache / Resource Hash `c8a977fd23fc151d7944387ad07220eb673de84b4343d6304efe5a8e1c061b02` Request headers accept-language fi-FI,fi;q=0.9 Referer http://utnon.cf/47f9a0d9e/c851?7308274b80c4b847eeb5cc471ab9c47d=600366f73d5cfaf8f23a114d218cef67 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Fri, 07 Apr 2023 14:18:23 GMT Last-Modified Sun, 26 Mar 2023 18:21:46 GMT Server Apache Upgrade h2,h2c Content-Type text/css Connection Upgrade, Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 7985
GET H/1.1	200 OK	citizensns.min.42588.css utnon.cf/47f9a0d9e/styless/	6 KB 6 KB	405ms 203ms	Stylesheet text/css	162.240.233.69 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL http://utnon.cf/47f9a0d9e/styless/citizensns.min.42588.css Requested by Host: utnon.cf URL: http://utnon.cf/47f9a0d9e/c851?7308274b80c4b847eeb5cc471ab9c47d=600366f73d5cfaf8f23a114d218cef67 Protocol HTTP/1.1 Server 162.240.233.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-240-233-69.unifiedlayer.com Software Apache / Resource Hash `80a21256af0f906e9289c08c8b0d7ad99cfa05e1817729775eea640ce9219457` Request headers accept-language fi-FI,fi;q=0.9 Referer http://utnon.cf/47f9a0d9e/c851?7308274b80c4b847eeb5cc471ab9c47d=600366f73d5cfaf8f23a114d218cef67 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Fri, 07 Apr 2023 14:18:23 GMT Last-Modified Sun, 26 Mar 2023 18:21:46 GMT Server Apache Upgrade h2,h2c Content-Type text/css Connection Upgrade, Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 5981
GET H/1.1	200 OK	CTZ_Green-01.png utnon.cf/47f9a0d9e/styless/	4 KB 4 KB	203ms 202ms	Image image/png	162.240.233.69 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL http://utnon.cf/47f9a0d9e/styless/CTZ_Green-01.png Requested by Host: utnon.cf URL: http://utnon.cf/47f9a0d9e/c851?7308274b80c4b847eeb5cc471ab9c47d=600366f73d5cfaf8f23a114d218cef67 Protocol HTTP/1.1 Server 162.240.233.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-240-233-69.unifiedlayer.com Software Apache / Resource Hash `c401ce328e0383e71cd811709055aa8671cee50e355c6588bd567c1320b4e4ab` Request headers accept-language fi-FI,fi;q=0.9 Referer http://utnon.cf/47f9a0d9e/c851?7308274b80c4b847eeb5cc471ab9c47d=600366f73d5cfaf8f23a114d218cef67 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Fri, 07 Apr 2023 14:18:23 GMT Last-Modified Sun, 26 Mar 2023 18:21:46 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 4206
GET H/1.1	200 OK	feedback.png utnon.cf/47f9a0d9e/styless/	824 B 1 KB	203ms 203ms	Image image/png	162.240.233.69 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL http://utnon.cf/47f9a0d9e/styless/feedback.png Requested by Host: utnon.cf URL: http://utnon.cf/47f9a0d9e/c851?7308274b80c4b847eeb5cc471ab9c47d=600366f73d5cfaf8f23a114d218cef67 Protocol HTTP/1.1 Server 162.240.233.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-240-233-69.unifiedlayer.com Software Apache / Resource Hash `713f1268435943170faadadc547d8c68bb00822783e5e0c2d1129972a784f949` Request headers accept-language fi-FI,fi;q=0.9 Referer http://utnon.cf/47f9a0d9e/c851?7308274b80c4b847eeb5cc471ab9c47d=600366f73d5cfaf8f23a114d218cef67 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Fri, 07 Apr 2023 14:18:24 GMT Last-Modified Sun, 26 Mar 2023 18:21:46 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 824
GET H/1.1	200 OK	equal-housing.gif utnon.cf/47f9a0d9e/styless/	1 KB 1 KB	202ms 202ms	Image image/gif	162.240.233.69 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL http://utnon.cf/47f9a0d9e/styless/equal-housing.gif Requested by Host: utnon.cf URL: http://utnon.cf/47f9a0d9e/c851?7308274b80c4b847eeb5cc471ab9c47d=600366f73d5cfaf8f23a114d218cef67 Protocol HTTP/1.1 Server 162.240.233.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-240-233-69.unifiedlayer.com Software Apache / Resource Hash `319d82f567037eafefea25abbc64ea902db9255c5e7231fe9ddd462e4f5b9149` Request headers accept-language fi-FI,fi;q=0.9 Referer http://utnon.cf/47f9a0d9e/c851?7308274b80c4b847eeb5cc471ab9c47d=600366f73d5cfaf8f23a114d218cef67 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Fri, 07 Apr 2023 14:18:24 GMT Last-Modified Sun, 26 Mar 2023 18:21:46 GMT Server Apache Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 1134
GET H/1.1	200 OK	footer-follow-facebook.png utnon.cf/47f9a0d9e/styless/	395 B 636 B	204ms 203ms	Image image/png	162.240.233.69 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL http://utnon.cf/47f9a0d9e/styless/footer-follow-facebook.png Requested by Host: utnon.cf URL: http://utnon.cf/47f9a0d9e/c851?7308274b80c4b847eeb5cc471ab9c47d=600366f73d5cfaf8f23a114d218cef67 Protocol HTTP/1.1 Server 162.240.233.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-240-233-69.unifiedlayer.com Software Apache / Resource Hash `eb175662762ef5f2c9011cc1c4f9d09361c50a366fad8a544bda1c439b99d3a0` Request headers accept-language fi-FI,fi;q=0.9 Referer http://utnon.cf/47f9a0d9e/c851?7308274b80c4b847eeb5cc471ab9c47d=600366f73d5cfaf8f23a114d218cef67 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Fri, 07 Apr 2023 14:18:24 GMT Last-Modified Sun, 26 Mar 2023 18:21:46 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 395
GET H/1.1	200 OK	footer-follow-twitter.png utnon.cf/47f9a0d9e/styless/	3 KB 3 KB	206ms 205ms	Image image/png	162.240.233.69 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL http://utnon.cf/47f9a0d9e/styless/footer-follow-twitter.png Requested by Host: utnon.cf URL: http://utnon.cf/47f9a0d9e/c851?7308274b80c4b847eeb5cc471ab9c47d=600366f73d5cfaf8f23a114d218cef67 Protocol HTTP/1.1 Server 162.240.233.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-240-233-69.unifiedlayer.com Software Apache / Resource Hash `9b4ffac9ea755d2aaff724fa471d90fd63ae5648e18f60a67db0a5c3bffd84e5` Request headers accept-language fi-FI,fi;q=0.9 Referer http://utnon.cf/47f9a0d9e/c851?7308274b80c4b847eeb5cc471ab9c47d=600366f73d5cfaf8f23a114d218cef67 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Fri, 07 Apr 2023 14:18:24 GMT Last-Modified Sun, 26 Mar 2023 18:21:46 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 3295
GET H/1.1	200 OK	footer-follow-linkedin.png utnon.cf/47f9a0d9e/styless/	3 KB 3 KB	205ms 204ms	Image image/png	162.240.233.69 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL http://utnon.cf/47f9a0d9e/styless/footer-follow-linkedin.png Requested by Host: utnon.cf URL: http://utnon.cf/47f9a0d9e/c851?7308274b80c4b847eeb5cc471ab9c47d=600366f73d5cfaf8f23a114d218cef67 Protocol HTTP/1.1 Server 162.240.233.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-240-233-69.unifiedlayer.com Software Apache / Resource Hash `fe3ddc37707c93f338a1f6359dfa03019e096df14454808aaccbb7538aa3c67b` Request headers accept-language fi-FI,fi;q=0.9 Referer http://utnon.cf/47f9a0d9e/c851?7308274b80c4b847eeb5cc471ab9c47d=600366f73d5cfaf8f23a114d218cef67 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Fri, 07 Apr 2023 14:18:24 GMT Last-Modified Sun, 26 Mar 2023 18:21:46 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 3239
GET H/1.1	200 OK	icon-secure.png utnon.cf/47f9a0d9e/styless/efs/efs/grafx/	292 B 533 B	206ms 205ms	Image image/png	162.240.233.69 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL http://utnon.cf/47f9a0d9e/styless/efs/efs/grafx/icon-secure.png Requested by Host: utnon.cf URL: http://utnon.cf/47f9a0d9e/styless/flows.css Protocol HTTP/1.1 Server 162.240.233.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-240-233-69.unifiedlayer.com Software Apache / Resource Hash `c8d87d770112e188f7b1482e9a416ffc441a9a6e08e2fc38a886fa2986efdb46` Request headers accept-language fi-FI,fi;q=0.9 Referer http://utnon.cf/47f9a0d9e/styless/flows.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Fri, 07 Apr 2023 14:18:24 GMT Last-Modified Sun, 26 Mar 2023 18:21:46 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 292
GET H/1.1	200 OK	flows-tooltip.png utnon.cf/47f9a0d9e/styless/efs/efs/grafx/	364 B 605 B	207ms 206ms	Image image/png	162.240.233.69 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL http://utnon.cf/47f9a0d9e/styless/efs/efs/grafx/flows-tooltip.png Requested by Host: utnon.cf URL: http://utnon.cf/47f9a0d9e/styless/flows.css Protocol HTTP/1.1 Server 162.240.233.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-240-233-69.unifiedlayer.com Software Apache / Resource Hash `dfc042f7ff75f3c2f916bcfbff48c82834bab07b698a2c564906ca073f8286b2` Request headers accept-language fi-FI,fi;q=0.9 Referer http://utnon.cf/47f9a0d9e/styless/flows.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Fri, 07 Apr 2023 14:18:24 GMT Last-Modified Sun, 26 Mar 2023 18:21:46 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 364
GET H/1.1	200 OK	arrow-button-white.png utnon.cf/47f9a0d9e/styless/efs/efs/grafx/	1017 B 1 KB	391ms 212ms	Image image/png	162.240.233.69 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL http://utnon.cf/47f9a0d9e/styless/efs/efs/grafx/arrow-button-white.png Requested by Host: utnon.cf URL: http://utnon.cf/47f9a0d9e/styless/flows.css Protocol HTTP/1.1 Server 162.240.233.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-240-233-69.unifiedlayer.com Software Apache / Resource Hash `ff327ec2a6dbd3fc76ceecf59e472d5d2f43c94dce851ced740abe5f75bb832e` Request headers accept-language fi-FI,fi;q=0.9 Referer http://utnon.cf/47f9a0d9e/styless/flows.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Fri, 07 Apr 2023 14:18:24 GMT Last-Modified Sun, 26 Mar 2023 18:21:46 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 1017
GET H/1.1	200 OK	arrow-down-blue.png utnon.cf/47f9a0d9e/styless/efs/efs/grafx/	1 KB 1 KB	570ms 203ms	Image image/png	162.240.233.69 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL http://utnon.cf/47f9a0d9e/styless/efs/efs/grafx/arrow-down-blue.png Requested by Host: utnon.cf URL: http://utnon.cf/47f9a0d9e/styless/main.css Protocol HTTP/1.1 Server 162.240.233.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-240-233-69.unifiedlayer.com Software Apache / Resource Hash `56a8532b2a60ca2ae39c213f7e1e65e47834af927e6365444457f22ed12ed79c` Request headers accept-language fi-FI,fi;q=0.9 Referer http://utnon.cf/47f9a0d9e/styless/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Fri, 07 Apr 2023 14:18:24 GMT Last-Modified Sun, 26 Mar 2023 18:21:46 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 1054
GET H/1.1	200 OK	arrow-right-orange.png utnon.cf/47f9a0d9e/styless/efs/efs/grafx/	165 B 406 B	609ms 208ms	Image image/png	162.240.233.69 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL http://utnon.cf/47f9a0d9e/styless/efs/efs/grafx/arrow-right-orange.png Requested by Host: utnon.cf URL: http://utnon.cf/47f9a0d9e/styless/main.css Protocol HTTP/1.1 Server 162.240.233.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-240-233-69.unifiedlayer.com Software Apache / Resource Hash `bbb90a8f240e6dbbda1d3da534f8848f256e623ed470d045e1d86a465e424d69` Request headers accept-language fi-FI,fi;q=0.9 Referer http://utnon.cf/47f9a0d9e/styless/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Fri, 07 Apr 2023 14:18:24 GMT Last-Modified Sun, 26 Mar 2023 18:21:46 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 165
GET H/1.1	200 OK	citizen_roman.woff utnon.cf/47f9a0d9e/styless/font/	31 KB 31 KB	394ms 203ms	Font font/woff	162.240.233.69 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL http://utnon.cf/47f9a0d9e/styless/font/citizen_roman.woff Requested by Host: utnon.cf URL: http://utnon.cf/47f9a0d9e/styless/main.css Protocol HTTP/1.1 Server 162.240.233.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-240-233-69.unifiedlayer.com Software Apache / Resource Hash `c8b1f6c22756521c86a5b0053b8565b49436f7fa19d1bb7cdf00a7808df28d42` Request headers Referer http://utnon.cf/47f9a0d9e/styless/main.css Origin http://utnon.cf accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Fri, 07 Apr 2023 14:18:24 GMT Last-Modified Sun, 26 Mar 2023 18:21:46 GMT Server Apache Content-Type font/woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 31968
GET H/1.1	200 OK	citiolb_icons.woff utnon.cf/47f9a0d9e/styless/font/	18 KB 18 KB	411ms 203ms	Font font/woff	162.240.233.69 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL http://utnon.cf/47f9a0d9e/styless/font/citiolb_icons.woff Requested by Host: utnon.cf URL: http://utnon.cf/47f9a0d9e/styless/main.css Protocol HTTP/1.1 Server 162.240.233.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-240-233-69.unifiedlayer.com Software Apache / Resource Hash `b23d0629822256b320de68cece2a79525216c20a0b040d4ee0ee6dd216b98115` Request headers Referer http://utnon.cf/47f9a0d9e/styless/main.css Origin http://utnon.cf accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Fri, 07 Apr 2023 14:18:24 GMT Last-Modified Sun, 26 Mar 2023 18:21:46 GMT Server Apache Content-Type font/woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 18524
GET H/1.1	200 OK	citizen_extrabold.woff utnon.cf/47f9a0d9e/styless/font/	27 KB 27 KB	412ms 204ms	Font font/woff	162.240.233.69 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL http://utnon.cf/47f9a0d9e/styless/font/citizen_extrabold.woff Requested by Host: utnon.cf URL: http://utnon.cf/47f9a0d9e/styless/main.css Protocol HTTP/1.1 Server 162.240.233.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-240-233-69.unifiedlayer.com Software Apache / Resource Hash `0e9485cdb6a684713287cb41c6e6c3e26d12280f17349f98402456ff86ec9759` Request headers Referer http://utnon.cf/47f9a0d9e/styless/main.css Origin http://utnon.cf accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Fri, 07 Apr 2023 14:18:24 GMT Last-Modified Sun, 26 Mar 2023 18:21:46 GMT Server Apache Content-Type font/woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 27852
GET H/1.1	200 OK	citizen_book.woff utnon.cf/47f9a0d9e/styless/font/	31 KB 31 KB	418ms 210ms	Font font/woff	162.240.233.69 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL http://utnon.cf/47f9a0d9e/styless/font/citizen_book.woff Requested by Host: utnon.cf URL: http://utnon.cf/47f9a0d9e/styless/main.css Protocol HTTP/1.1 Server 162.240.233.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-240-233-69.unifiedlayer.com Software Apache / Resource Hash `2a0a7ee3ea564db1e157dd2202c20b8092228fea9091f5cd1e83551e170ec277` Request headers Referer http://utnon.cf/47f9a0d9e/styless/main.css Origin http://utnon.cf accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Fri, 07 Apr 2023 14:18:24 GMT Last-Modified Sun, 26 Mar 2023 18:21:46 GMT Server Apache Content-Type font/woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 31864
GET H/1.1	200 OK	citizen_bold.woff utnon.cf/47f9a0d9e/styless/font/	29 KB 29 KB	415ms 207ms	Font font/woff	162.240.233.69 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL http://utnon.cf/47f9a0d9e/styless/font/citizen_bold.woff Requested by Host: utnon.cf URL: http://utnon.cf/47f9a0d9e/styless/main.css Protocol HTTP/1.1 Server 162.240.233.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-240-233-69.unifiedlayer.com Software Apache / Resource Hash `5bb2d438470a02799577010a14310fa8ac3ed7ea77ca15435aaaa154e407b3e6` Request headers Referer http://utnon.cf/47f9a0d9e/styless/main.css Origin http://utnon.cf accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Date Fri, 07 Apr 2023 14:18:24 GMT Last-Modified Sun, 26 Mar 2023 18:21:46 GMT Server Apache Content-Type font/woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=94 Content-Length 29304

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Citizens Bank (Banking)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| $ function| jQuery object| CITIZENSOLB

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			utnon.cf/	1969-12-31 23:59:59	Name: PHPSESSID Value: 96fbb170106ade0bcfded4b707a7568e

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

utnon.cf
162.240.233.69
051bc7c07680cc9d7cabf53271a835ff420fce73726f971555df422db08f6f0f
0e9485cdb6a684713287cb41c6e6c3e26d12280f17349f98402456ff86ec9759
2352d5519859c90f1259960f8a9307a7b07a95a1d8bb8f606d21e87ccf4b9bb3
2a0a7ee3ea564db1e157dd2202c20b8092228fea9091f5cd1e83551e170ec277
2f6890d706e585ea7f2fd51c88165eea82370d7fb7eff2184d0f2863512870c2
319d82f567037eafefea25abbc64ea902db9255c5e7231fe9ddd462e4f5b9149
4d825cc1794390e4680415375dad3b5ca876d00703f5201fa65ec417ea01dabc
56a8532b2a60ca2ae39c213f7e1e65e47834af927e6365444457f22ed12ed79c
5bb2d438470a02799577010a14310fa8ac3ed7ea77ca15435aaaa154e407b3e6
713f1268435943170faadadc547d8c68bb00822783e5e0c2d1129972a784f949
7933ff01db5be57ca6677daaad6bf5009d38d294ab5aa5d998de3ba47e89ca0e
7aaf6df215bb7018439342fe6bcd1058de3e7dfa2c7b4e1176c842b1a8e529ac
80a21256af0f906e9289c08c8b0d7ad99cfa05e1817729775eea640ce9219457
91afb84bded857517d6a7e43932e3d4a43eaf42d1e4d0b77a8bc9c07973e21d2
9749a485710e170958788032045f2cefb8760a4ab61adc189caadd628f8bc585
9b4ffac9ea755d2aaff724fa471d90fd63ae5648e18f60a67db0a5c3bffd84e5
b23d0629822256b320de68cece2a79525216c20a0b040d4ee0ee6dd216b98115
bbb90a8f240e6dbbda1d3da534f8848f256e623ed470d045e1d86a465e424d69
c401ce328e0383e71cd811709055aa8671cee50e355c6588bd567c1320b4e4ab
c8a977fd23fc151d7944387ad07220eb673de84b4343d6304efe5a8e1c061b02
c8b1f6c22756521c86a5b0053b8565b49436f7fa19d1bb7cdf00a7808df28d42
c8d87d770112e188f7b1482e9a416ffc441a9a6e08e2fc38a886fa2986efdb46
dfc042f7ff75f3c2f916bcfbff48c82834bab07b698a2c564906ca073f8286b2
eb175662762ef5f2c9011cc1c4f9d09361c50a366fad8a544bda1c439b99d3a0
fe3ddc37707c93f338a1f6359dfa03019e096df14454808aaccbb7538aa3c67b
ff327ec2a6dbd3fc76ceecf59e472d5d2f43c94dce851ced740abe5f75bb832e

utnon.cf Open in urlscan Pro 162.240.233.69 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

26 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

599 kBTransfer

593 kBSize

1 Cookies

0 Outgoing links

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

1 Cookies

Indicators

utnon.cf Open in urlscan Pro
162.240.233.69 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

599 kB
Transfer

593 kB
Size

1
Cookies

26 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!