otx.alienvault.com Open in urlscan Pro
143.204.98.54  Public Scan

URL: https://otx.alienvault.com/indicator/domain/equifax.com
Submission: On November 19 via api from US — Scanned from DE

Form analysis 0 forms found in the DOM

Text Content

×

   
 * Browse
 * Scan Endpoints
 * Create Pulse
 * Submit Sample
 * API Integration
   
   
 * Login | Sign Up
   

All
   
 * Login | Sign Up
   
 * 
   


Domain
equifax.com
Add to Pulse
Pulses
2
Passive DNS
501
URLs
1K
Files
1
Analysis Overview
Verdict
Whitelisted
IP Address
107.162.153.204

Location
United States

ASN
AS55002 DEFENSE-NET

Nameservers
pdns105.ultradns.org. , 
a3-66.akam.net.
More
WHOIS
Registrar: CSC CORPORATE DOMAINS, INC.,   Creation Date:Feb 21, 1995
Related Pulses
OTX User-Created Pulses (2)
Related Tags
83 Related Tags
trojan , 
win32heim oct , 
cp idc , 
dsp cor , 
deva taia
More
Indicator Facts
Running webserver
299 subdomains
SPF record
Present in Umbrella
Present in Alexa
Present in Majestic
Present in Akamai

Certificate Issuer
C=GB, O=Sectigo Limited, CN=Sectigo RSA Organization Validation Secure Server CA
Certificate Subject
CN=www.equifax.com
External Resources
Alexa, 
Whois, 
VirusTotal, 
UrlVoid

Analysis

Related Pulses

Comments (0)



WHOIS

Show
10 25 50 100
entries
Search:
Record

Value

Emails domainabuse@cscglobal.com Name Domain Admin Name Servers NS0.EQUIFAX.COM
Org Equifax Inc Address P.O. Box 740006 City Atlanta Country US Creation Date
1995-02-21T00:00:00 Creation Date 1995-02-21T05:00:00 Dnssec unsigned

SHOWING 1 TO 10 OF 27 ENTRIES
1
2
3
Next


PASSIVE DNS

Show
10 25 50 100
entries
Search:
Status
Hostname

Query Type

Address

First Seen

Last Seen

ASN

Country

Whitelisted mobile-1-lockandalert.equifax.com A 216.46.126.101 2021-11-19
01:152021-11-19 01:16AS11409 EFXSECURE United States Whitelisted
lockandalert.equifax.com A 216.46.110.200 2021-11-19 01:152021-11-19
01:15AS11409 EFXSECURE United States Whitelisted uat-api.consumer.equifax.com A
216.46.107.167 2021-11-18 01:312021-11-18 01:32AS11409 EFXSECURE United States
Whitelisted authsvc-apac.equifax.com A 3.104.34.32 2021-11-17 05:182021-11-17
05:18AS16509 AMAZON-02 Australia Whitelisted authsvc-apac.equifax.com A
3.104.34.34 2021-11-17 05:182021-11-17 05:18AS16509 AMAZON-02 Australia
Whitelisted authsvc-apac.equifax.com A 3.104.34.33 2021-11-17 05:182021-11-17
05:18AS16509 AMAZON-02 Australia Whitelisted authsvc-beta-apac.equifax.com A
3.104.34.34 2021-11-17 05:162021-11-17 05:16AS16509 AMAZON-02 Australia
Whitelisted authsvc-beta-apac.equifax.com A 3.104.34.33 2021-11-17
05:162021-11-17 05:16AS16509 AMAZON-02 Australia Whitelisted
authsvc-beta-apac.equifax.com A 3.104.34.32 2021-11-17 05:162021-11-17
05:16AS16509 AMAZON-02 Australia Whitelisted authsvc-beta-eu.equifax.com A
99.80.88.150 2021-11-17 04:452021-11-17 04:46AS16509 AMAZON-02 Ireland

SHOWING 1 TO 10 OF 501 ENTRIES
1
2
3
4
5
...
51
Next


ASSOCIATED URLS

Show
10 25 50 100
entries

Date Checked
URL
Hostname
Server Response
IP Address
Google Safe Browsing
Antivirus Results
Nov 17, 2021http://uk.equifax.com/uk.equifax.comConnection Error Nov 17,
2021https://www.equifax.com/personal/education/covidwww.equifax.com404107.162.153.204
Nov 17,
2021https://go.equifax.com/e/892581/jfe-form-SV-5tcPI2vSzHuhnV3-/68yyz/153188777?h=tNmKf_ijdBaNEhpOytWRf11doq51r9SyaTRAc0NQes0go.equifax.com20023.216.81.117
Nov 17,
2021https://go.equifax.com/e/892581/jfe-form-SV-cOVDOUtc1TBr3cW-/68yz4/153188777?h=tNmKf_ijdBaNEhpOytWRf11doq51r9SyaTRAc0NQes0go.equifax.com20023.216.81.117
Nov 17,
2021https://go.equifax.com/webmail/892581/153188777/e7f7819ee2623d001171304aca8fbd5e6f5db7a437dc861da6f96221792d94b8go.equifax.com20052.21.178.134
Nov 17,
2021https://www.equifax.com/business/trends-insights/business-transformation/www.equifax.com200107.162.153.204
Nov 17,
2021https://go.equifax.com/e/892581/ights-business-transformation-/68yz2/153188777?h=tNmKf_ijdBaNEhpOytWRf11doq51r9SyaTRAc0NQes0go.equifax.com200107.162.153.204
Nov 17,
2021https://go.equifax.com/e/892581/l-892581-2020-10-13-4fd/68yz6/153188777?h=tNmKf_ijdBaNEhpOytWRf11doq51r9SyaTRAc0NQes0go.equifax.com20052.21.178.134
Nov 17,
2021https://go.equifax.com/r/892581/1/153188777/open/1go.equifax.com20035.174.151.106
Nov 16, 2021https://www.equifax.com/ad-Choiceswww.equifax.com200107.162.153.204

SHOWING 1 TO 10 OF 1,756 ENTRIES
1
2
3
4
5
...
176
Next


ASSOCIATED FILES

Show
10 25 50 100
entries

Date
Hash
Avast
AVG
Clamav
MSDefender
Feb 25, 2015 e511ac62fc9365ff8b1d87274d1d8a2aa5fd1db56da0fd78ed6ab43aa24371f4
Crypt3.BXMJ

SHOWING 1 TO 1 OF 1 ENTRIES


HTTP SCANS

Show
10 25 50 100
entries
Search:
Record
Value
443 Body DOCTYPE HTML PUBLIC //IETF//DTD HTML 2.0//EN html head title 301 Moved
Permanently /title /head body h1 Moved Permanently /h1 p The document has moved
a href= https://www.equifax.com/personal/ / here /a . /p /body /html 443
HeaderHTTP/1.1 301 Moved Permanently Date: Fri 08 Sep 2017 19:42:11 GMT
Location: https://www.equifax.com/personal/ / Content Type: text/html
charset=iso 8859 1 Set Cookie:
TS01926dd7=01e7cb8be350de738c5d2a161b72a467b1162f04a2015e4444fa0a19c434eb99b5dd6126cf
Path=/ Transfer Encoding: chunked 443 Certificate Crldistributionpoints
http://sg.symcb.com/sg.crl 443 Certificate Subjectaltname bi.equifax.com 443
Certificate Subjectaltname compliance.equifax.com 443 Certificate Subjectaltname
consumer.equifax.ca 443 Certificate Subjectaltname equifax.com 443 Certificate
Subjectaltname equifax.com.mx 443 Certificate Subjectaltname equifax.co.cr 443
Certificate Subjectaltname equifax.co.uk

SHOWING 1 TO 10 OF 50 ENTRIES
1
2
3
4
5
Next



RELATED DOMAINS

Show
10 25 50 100
entries
Search:
Domain

Related Via

mzstatic.com domainabuse@cscglobal.com mcafeesecure.com
domainabuse@cscglobal.com moviedata.com domainabuse@cscglobal.com comodoca.com
domainabuse@cscglobal.com apple.com domainabuse@cscglobal.com greenwichtime.com
domainabuse@cscglobal.com americanexpress.com domainabuse@cscglobal.com
bizjournals.com domainabuse@cscglobal.com about.com domainabuse@cscglobal.com
hyundaitx.com domainabuse@cscglobal.com

SHOWING 1 TO 10 OF 224 ENTRIES
1
2
3
4
5
...
23
Next
 * User Created (2)
   

en25.com and Eloqua = massive hidden fraud and data exfil via ads and fake media
co
domain Indicator Active
 * Created 10 months ago
   
 * Modified 9 months ago by dorkingbeauty1
 * Public
 * TLP: Green

CVE: 1 | FileHash-MD5: 458 | FileHash-SHA1: 180 | FileHash-SHA256: 532 | URL:
6859 | Domain: 681 | Email: 17 | Hostname: 971
Trojan:Win32/Carberp.AZRU:Glupteba-B\ [Trj), 20,000 times more than previously
reported, has been identified.
trojan,  win32heim oct,  cp idc,  dsp cor,  deva taia,  our bus,  phy onl,  uni
com,  mtb jan,  present jun,  present jul,  present may,  present dec, 
purlrecordid0,  purlsiteid1,  purlsiteid12,  capdochttp,  purlsiteid2, 
purlguid,  elqck0,  x509v3 subject,  v3 serial,  cus cndigicert,  sha2 secure, 
vhash,  ssdeep,  format magic,  ansi trid,  thumbprint,  cname,  ttl value, 
present feb,  google safe,  results mar,  present mar,  cltcrt,  s123456789688, 
results apr,  power http,  test,  tname server,  urlescape,  elqaid13261, 
elqat1,  ostname server,  online gratis,  maxads0,  purlsiteid6,  em38234, 
s639,  present jan,  present apr,  urlhttp,  present nov,  pageurlhttp, 
entries,  t seen,  ccountryus,  server response,  present oct,  present sep, 
present aug,  results sep,  st seen,  trid win32,  executable,  authentihash, 
imphash,  file type,  win32 exe,  magic pe32,  ms windows,  sha1,  sha256, 
results jul,  results may
 * 199 Subscribers

sc.omtrdc.net
domain Indicator Active
 * Created 11 months ago
   
 * Modified 10 months ago by dorkingbeauty1
 * Public
 * TLP: Green

URL: 18 | Domain: 27 | Hostname: 56

entries,  next passive,  dns show,  search,  hostname query,  type address, 
first seen,  last seen
 * 196 Subscribers


COMMENTS

You must be logged in to leave a comment.

Refresh Comments

 * © Copyright 2021 AlienVault, Inc.
   
 * Legal
   
 * Status