cibc.bigdatauniversity.com Open in urlscan Pro
169.53.191.145 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cibc.preview.bigdatauniversity.com/
Effective URL:
https://cibc.bigdatauniversity.com/
Submission: On March 23 via manual (March 23rd 2020, 1:59:47 pm UTC) from US

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 13 HTTP transactions. The main IP is 169.53.191.145, located in United States and belongs to SOFTLAYER, US. The main domain is cibc.bigdatauniversity.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 19th 2020. Valid for: 3 months.

This is the only time cibc.bigdatauniversity.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: CIBC (Banking)

Domain & IP information

	IP Address	AS Autonomous System
2 2	169.53.191.134 169.53.191.134	36351 (SOFTLAYER) (SOFTLAYER)
11	169.53.191.145 169.53.191.145	36351 (SOFTLAYER) (SOFTLAYER)
1 3	169.55.142.91 169.55.142.91	36351 (SOFTLAYER) (SOFTLAYER)
13	2

2 169.53.191.134 (United States) 2 redirects

ASN36351 (SOFTLAYER, US)
PTR: 86.bf.35a9.ip4.static.sl-reverse.com

cibc.preview.bigdatauniversity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 169.53.191.145 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 91.bf.35a9.ip4.static.sl-reverse.com

cibc.bigdatauniversity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 169.55.142.91 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: 5b.8e.37a9.ip4.static.sl-reverse.com

cibc.courses.bigdatauniversity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	bigdatauniversity.com 3 redirects cibc.preview.bigdatauniversity.com cibc.bigdatauniversity.com cibc.courses.bigdatauniversity.com	198 KB
13	1

	Domain	Requested by
11	cibc.bigdatauniversity.com	cibc.bigdatauniversity.com
3	cibc.courses.bigdatauniversity.com	1 redirects
2	cibc.preview.bigdatauniversity.com	2 redirects
13	3

This site contains no links.

Subject Issuer	Validity	Valid
cibc.bigdatauniversity.com Let's Encrypt Authority X3	`2020-03-19` - `2020-06-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://cibc.bigdatauniversity.com/
Frame ID: 2A3B20BFFCC6155667EA2DC0D5EC2C71
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://cibc.preview.bigdatauniversity.com/ HTTP 301
https://cibc.preview.bigdatauniversity.com/ HTTP 302
https://cibc.bigdatauniversity.com/ Page URL

Detected technologies

Ruby (Programming Languages) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

3
Subdomains

2
IPs

1
Countries

197 kB
Transfer

431 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cibc.preview.bigdatauniversity.com/ HTTP 301
https://cibc.preview.bigdatauniversity.com/ HTTP 302
https://cibc.bigdatauniversity.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://cibc.courses.bigdatauniversity.com/dashboard HTTP 302
https://cibc.courses.bigdatauniversity.com/login?next=/dashboard

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
cibc.bigdatauniversity.com/
Redirect Chain

http://cibc.preview.bigdatauniversity.com/
https://cibc.preview.bigdatauniversity.com/
https://cibc.bigdatauniversity.com/

3 KB
2 KB

1075ms
698ms

Document
text/html

169.53.191.145
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://cibc.bigdatauniversity.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

169.53.191.145 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

91.bf.35a9.ip4.static.sl-reverse.com

Software

Resource Hash

e889f3c206361d67d16e120c2d2b819da6cd10b1516914cb23b281752bbdd12f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: cibc.bigdatauniversity.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Etag: W/"806985bc73724b1a8b515835f2220f28"
Set-Cookie: _BDUPortals_session=ZE1PTmdSZUxqVVFObHNtNVhHQ01MZlQ3V1pjVlZkWnJnTmJSYnAzcXRnQUJTMGhYbHMzM2pyeUZVWHpoU2Z2VlZ6ZlUzZjl1Qlkvc2J1T1FsUDNDMkxtQ3dkbGhvdmp6WHU4MTV4d3NxaVppQWpDQ3hDUTFlUnBudUQycStnVW9jcnZIM0grWUZmNnpudXFPVldoWGdQZEFnbi8yckQ4L1lFRmxNQnM3S1RDTWRPTUJXc1UwZ3hOemJwU3IvL1k5LS1CVDlsZ2ZTZk5JdHQwV1VMeUVvcHFRPT0%3D--2062c4ca23f1f737d008bda970e931bf41220392; path=/; HttpOnly
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Request-Id: bea1b1c8-7596-43ee-b00b-280cd368f06c
X-Runtime: 0.584092
X-Xss-Protection: 1; mode=block
Date: Mon, 23 Mar 2020 13:59:29 GMT
Content-Length: 1765

Redirect headers

Content-Language: en
Content-Type: text/html; charset=utf-8
Date: Mon, 23 Mar 2020 13:59:28 GMT
Location: https://cibc.bigdatauniversity.com
Set-Cookie: csrftoken=yR9YGQdmb3ksxKoKbhoH870HZgzqnjpn; expires=Mon, 22-Mar-2021 13:59:28 GMT; Max-Age=31449600; Path=/ bdu-cibc-sessionid="1|qr7h3tpv9tpg85wh00ynnc9cvmo9lp00|80YLetvyvSvE|ImRjNWYyN2YxMTZmOTZhNGVmYzM5NjdiZDgyYTY2ZjA4N2IzNTZkYWUwZTQ1NWE2Mzk0ZGI1OGRmMjliYmIzMjci:1jGNc0:ri7ftG-dxsZNEc2i44KBKEOM4Pc"; expires=Mon, 06-Apr-2020 13:59:28 GMT; httponly; Max-Age=1209600; Path=/
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Cookie, Accept-Language
X-Frame-Options: SAMEORIGIN
Content-Length: 0

GET
H/1.1 200
OK bdu-98df867d81462979a943497f71c10db26e290a69a684b229fe6941220671eba5.css
cibc.bigdatauniversity.com/assets/ 140 KB
28 KB 127ms
127ms Stylesheet
text/css 169.53.191.145
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://cibc.bigdatauniversity.com/assets/bdu-98df867d81462979a943497f71c10db26e290a69a684b229fe6941220671eba5.css
Requested by: Host: cibc.bigdatauniversity.com
URL: https://cibc.bigdatauniversity.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 169.53.191.145 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 91.bf.35a9.ip4.static.sl-reverse.com
Software: /
Resource Hash: 585283544b359b93bacf527eaab61c3cfe575ffd8efa479b2a5de3309f7ba81e

Request headers

Referer: https://cibc.bigdatauniversity.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Mon, 23 Mar 2020 13:59:29 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Dec 2019 19:33:45 GMT
Content-Length: 28629
Vary: Accept-Encoding
Content-Type: text/css

GET
H/1.1 200
OK check_open_edx_login-9c8ad1aad8292e739e2905c56f593fb5d8f9ca9aec4c695cd54687cf366fe68f.js Show response
cibc.bigdatauniversity.com/assets/ 439 B
518 B 314ms
111ms Script
application/javascript 169.53.191.145
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://cibc.bigdatauniversity.com/assets/check_open_edx_login-9c8ad1aad8292e739e2905c56f593fb5d8f9ca9aec4c695cd54687cf366fe68f.js
Requested by: Host: cibc.bigdatauniversity.com
URL: https://cibc.bigdatauniversity.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 169.53.191.145 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 91.bf.35a9.ip4.static.sl-reverse.com
Software: /
Resource Hash: 9c8ad1aad8292e739e2905c56f593fb5d8f9ca9aec4c695cd54687cf366fe68f

Request headers

Referer: https://cibc.bigdatauniversity.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 23 Mar 2020 13:59:29 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Dec 2019 19:30:04 GMT
Content-Length: 310
Vary: Accept-Encoding
Content-Type: application/javascript

GET
H/1.1 200
OK cibc.png
cibc.bigdatauniversity.com/system/portals/logos/58d9/7e0f/43bd/5900/01b6/34a7/original/ 5 KB
5 KB 326ms
123ms Image
image/png 169.53.191.145
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cibc.bigdatauniversity.com/system/portals/logos/58d9/7e0f/43bd/5900/01b6/34a7/original/cibc.png?1490779765
Requested by: Host: cibc.bigdatauniversity.com
URL: https://cibc.bigdatauniversity.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 169.53.191.145 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 91.bf.35a9.ip4.static.sl-reverse.com
Software: /
Resource Hash: 07fb0bc5d28bb939ba63a8a8d081766839681f64542dabf1a28b7ae63faf0d80

Request headers

Referer: https://cibc.bigdatauniversity.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 23 Mar 2020 13:59:29 GMT
Last-Modified: Wed, 29 Mar 2017 09:29:25 GMT
Content-Length: 5211
Content-Type: image/png

GET
H/1.1 200
OK cc-logo-b452f65532bd6a43a16865f14ba471297e03fded98430cd6407f364cc66c0019.png
cibc.bigdatauniversity.com/assets/cc/ 13 KB
13 KB 319ms
110ms Image
image/png 169.53.191.145
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cibc.bigdatauniversity.com/assets/cc/cc-logo-b452f65532bd6a43a16865f14ba471297e03fded98430cd6407f364cc66c0019.png
Requested by: Host: cibc.bigdatauniversity.com
URL: https://cibc.bigdatauniversity.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 169.53.191.145 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 91.bf.35a9.ip4.static.sl-reverse.com
Software: /
Resource Hash: b452f65532bd6a43a16865f14ba471297e03fded98430cd6407f364cc66c0019

Request headers

Referer: https://cibc.bigdatauniversity.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 23 Mar 2020 13:59:29 GMT
Last-Modified: Mon, 09 Dec 2019 19:30:04 GMT
Content-Length: 12853
Content-Type: image/png

GET
H/1.1 200
OK bdu-75def71894387d68a87b58a669562b48ddc0114a46f6436f79803fab03d06f93.js Show response
cibc.bigdatauniversity.com/assets/ 151 KB
48 KB 135ms
134ms Script
application/javascript 169.53.191.145
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://cibc.bigdatauniversity.com/assets/bdu-75def71894387d68a87b58a669562b48ddc0114a46f6436f79803fab03d06f93.js
Requested by: Host: cibc.bigdatauniversity.com
URL: https://cibc.bigdatauniversity.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 169.53.191.145 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 91.bf.35a9.ip4.static.sl-reverse.com
Software: /
Resource Hash: 75def71894387d68a87b58a669562b48ddc0114a46f6436f79803fab03d06f93

Request headers

Referer: https://cibc.bigdatauniversity.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 23 Mar 2020 13:59:29 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Dec 2019 19:35:52 GMT
Content-Length: 48665
Vary: Accept-Encoding
Content-Type: application/javascript

GET
H/1.1

302
Found

https://cibc.courses.bigdatauniversity.com/dashboard
https://cibc.courses.bigdatauniversity.com/login?next=/dashboard

0
-1 B

528ms
164ms

XHR
text/html

169.55.142.91
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://cibc.courses.bigdatauniversity.com/login?next=/dashboard

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

169.55.142.91 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

5b.8e.37a9.ip4.static.sl-reverse.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cibc.bigdatauniversity.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 23 Mar 2020 13:59:30 GMT
Location: https://cibc.courses.bigdatauniversity.com/login?next=/dashboard
X-Frame-Options: SAMEORIGIN
Vary: Accept-Language, Cookie
Content-Language: en
P3p: CP="Open edX does not have a P3P policy."
Access-Control-Allow-Origin: https://cibc.bigdatauniversity.com
Access-Control-Allow-Credentials: true
Content-Type: text/html; charset=utf-8
Content-Length: 0

Redirect headers

Date: Mon, 23 Mar 2020 13:59:30 GMT
Vary: Accept-Language, Cookie
Access-Control-Allow-Origin: https://cibc.bigdatauniversity.com
P3p: CP="Open edX does not have a P3P policy."
X-Frame-Options: SAMEORIGIN
Content-Language: en
Location: https://cibc.courses.bigdatauniversity.com/login?next=/dashboard
Access-Control-Allow-Credentials: true
Content-Type: text/html; charset=utf-8
Content-Length: 0

GET
H/1.1 200
OK OpenSans-Regular-webfont-0832cfe2e9d329bf74cebdfd233200d197d47448d8821b3fbda1af498a0a5d80.woff2
cibc.bigdatauniversity.com/assets/OpenSans/ 18 KB
18 KB 144ms
143ms Font
application/font-woff2 169.53.191.145
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://cibc.bigdatauniversity.com/assets/OpenSans/OpenSans-Regular-webfont-0832cfe2e9d329bf74cebdfd233200d197d47448d8821b3fbda1af498a0a5d80.woff2
Requested by: Host: cibc.bigdatauniversity.com
URL: https://cibc.bigdatauniversity.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 169.53.191.145 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 91.bf.35a9.ip4.static.sl-reverse.com
Software: /
Resource Hash: 0832cfe2e9d329bf74cebdfd233200d197d47448d8821b3fbda1af498a0a5d80

Request headers

Referer: https://cibc.bigdatauniversity.com/assets/bdu-98df867d81462979a943497f71c10db26e290a69a684b229fe6941220671eba5.css
Origin: https://cibc.bigdatauniversity.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 23 Mar 2020 13:59:29 GMT
Last-Modified: Mon, 09 Dec 2019 19:30:04 GMT
Content-Length: 18396
Content-Type: application/font-woff2

GET
H/1.1 200
OK OpenSans-Semibold-webfont-2a11d0feb9eb619533e3ba851dda939a181fc3d8bfd85a07a1bd1948c099894f.woff2
cibc.bigdatauniversity.com/assets/OpenSans/ 18 KB
18 KB 122ms
113ms Font
application/font-woff2 169.53.191.145
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://cibc.bigdatauniversity.com/assets/OpenSans/OpenSans-Semibold-webfont-2a11d0feb9eb619533e3ba851dda939a181fc3d8bfd85a07a1bd1948c099894f.woff2
Requested by: Host: cibc.bigdatauniversity.com
URL: https://cibc.bigdatauniversity.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 169.53.191.145 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 91.bf.35a9.ip4.static.sl-reverse.com
Software: /
Resource Hash: 2a11d0feb9eb619533e3ba851dda939a181fc3d8bfd85a07a1bd1948c099894f

Request headers

Referer: https://cibc.bigdatauniversity.com/assets/bdu-98df867d81462979a943497f71c10db26e290a69a684b229fe6941220671eba5.css
Origin: https://cibc.bigdatauniversity.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 23 Mar 2020 13:59:29 GMT
Last-Modified: Mon, 09 Dec 2019 19:30:04 GMT
Content-Length: 18560
Content-Type: application/font-woff2

GET
H/1.1 200
OK OpenSans-BoldItalic-webfont-05c4a5106e2f89000e2a7b8a44c21cef8c38806ac74970b9c250e8732688ecf2.woff2
cibc.bigdatauniversity.com/assets/OpenSans/ 20 KB
20 KB 208ms
113ms Font
application/font-woff2 169.53.191.145
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://cibc.bigdatauniversity.com/assets/OpenSans/OpenSans-BoldItalic-webfont-05c4a5106e2f89000e2a7b8a44c21cef8c38806ac74970b9c250e8732688ecf2.woff2
Requested by: Host: cibc.bigdatauniversity.com
URL: https://cibc.bigdatauniversity.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 169.53.191.145 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 91.bf.35a9.ip4.static.sl-reverse.com
Software: /
Resource Hash: 05c4a5106e2f89000e2a7b8a44c21cef8c38806ac74970b9c250e8732688ecf2

Request headers

Referer: https://cibc.bigdatauniversity.com/assets/bdu-98df867d81462979a943497f71c10db26e290a69a684b229fe6941220671eba5.css
Origin: https://cibc.bigdatauniversity.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 23 Mar 2020 13:59:29 GMT
Last-Modified: Mon, 09 Dec 2019 19:30:04 GMT
Content-Length: 20156
Content-Type: application/font-woff2

GET
H/1.1 200
OK OpenSans-Light-webfont-35a3b7169edf2dfe0716fd4b3dbc0992ae1fe04453af05e7efee198d23f8e521.woff2
cibc.bigdatauniversity.com/assets/OpenSans/ 17 KB
18 KB 288ms
142ms Font
application/font-woff2 169.53.191.145
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://cibc.bigdatauniversity.com/assets/OpenSans/OpenSans-Light-webfont-35a3b7169edf2dfe0716fd4b3dbc0992ae1fe04453af05e7efee198d23f8e521.woff2
Requested by: Host: cibc.bigdatauniversity.com
URL: https://cibc.bigdatauniversity.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 169.53.191.145 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 91.bf.35a9.ip4.static.sl-reverse.com
Software: /
Resource Hash: 35a3b7169edf2dfe0716fd4b3dbc0992ae1fe04453af05e7efee198d23f8e521

Request headers

Referer: https://cibc.bigdatauniversity.com/assets/bdu-98df867d81462979a943497f71c10db26e290a69a684b229fe6941220671eba5.css
Origin: https://cibc.bigdatauniversity.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 23 Mar 2020 13:59:30 GMT
Last-Modified: Mon, 09 Dec 2019 19:30:04 GMT
Content-Length: 17824
Content-Type: application/font-woff2

GET
H/1.1 200
OK OpenSans-Italic-webfont-a226e3f44d5e8aa9b3bb470101585ed9aa842807a25bf97c5ef898ab2ddaaa22.woff2
cibc.bigdatauniversity.com/assets/OpenSans/ 20 KB
20 KB 305ms
113ms Font
application/font-woff2 169.53.191.145
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://cibc.bigdatauniversity.com/assets/OpenSans/OpenSans-Italic-webfont-a226e3f44d5e8aa9b3bb470101585ed9aa842807a25bf97c5ef898ab2ddaaa22.woff2
Requested by: Host: cibc.bigdatauniversity.com
URL: https://cibc.bigdatauniversity.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 169.53.191.145 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 91.bf.35a9.ip4.static.sl-reverse.com
Software: /
Resource Hash: a226e3f44d5e8aa9b3bb470101585ed9aa842807a25bf97c5ef898ab2ddaaa22

Request headers

Referer: https://cibc.bigdatauniversity.com/assets/bdu-98df867d81462979a943497f71c10db26e290a69a684b229fe6941220671eba5.css
Origin: https://cibc.bigdatauniversity.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 23 Mar 2020 13:59:30 GMT
Last-Modified: Mon, 09 Dec 2019 19:30:04 GMT
Content-Length: 20396
Content-Type: application/font-woff2

GET
H/1.1 200
OK login Show response
cibc.courses.bigdatauniversity.com/ 26 KB
6 KB 446ms
446ms XHR
text/html 169.55.142.91
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://cibc.courses.bigdatauniversity.com/login?next=/dashboard

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

169.55.142.91 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

5b.8e.37a9.ip4.static.sl-reverse.com

Software

Resource Hash

de5f7f1e3047ad3afeb9a917e5d21b6c61354074bd13605643a73794d38ddaeb

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://cibc.bigdatauniversity.com/
Origin: https://cibc.bigdatauniversity.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 23 Mar 2020 13:59:30 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, Cookie, Accept-Language
P3p: CP="Open edX does not have a P3P policy."
X-Frame-Options: DENY
Content-Language: en
Access-Control-Allow-Origin: https://cibc.bigdatauniversity.com
Access-Control-Allow-Credentials: true
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: CIBC (Banking)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			cibc.bigdatauniversity.com/	1969-12-31 23:59:59	Name: _BDUPortals_session Value: ZE1PTmdSZUxqVVFObHNtNVhHQ01MZlQ3V1pjVlZkWnJnTmJSYnAzcXRnQUJTMGhYbHMzM2pyeUZVWHpoU2Z2VlZ6ZlUzZjl1Qlkvc2J1T1FsUDNDMkxtQ3dkbGhvdmp6WHU4MTV4d3NxaVppQWpDQ3hDUTFlUnBudUQycStnVW9jcnZIM0grWUZmNnpudXFPVldoWGdQZEFnbi8yckQ4L1lFRmxNQnM3S1RDTWRPTUJXc1UwZ3hOemJwU3IvL1k5LS1CVDlsZ2ZTZk5JdHQwV1VMeUVvcHFRPT0%3D--2062c4ca23f1f737d008bda970e931bf41220392

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cibc.bigdatauniversity.com
cibc.courses.bigdatauniversity.com
cibc.preview.bigdatauniversity.com
169.53.191.134
169.53.191.145
169.55.142.91
05c4a5106e2f89000e2a7b8a44c21cef8c38806ac74970b9c250e8732688ecf2
07fb0bc5d28bb939ba63a8a8d081766839681f64542dabf1a28b7ae63faf0d80
0832cfe2e9d329bf74cebdfd233200d197d47448d8821b3fbda1af498a0a5d80
2a11d0feb9eb619533e3ba851dda939a181fc3d8bfd85a07a1bd1948c099894f
35a3b7169edf2dfe0716fd4b3dbc0992ae1fe04453af05e7efee198d23f8e521
585283544b359b93bacf527eaab61c3cfe575ffd8efa479b2a5de3309f7ba81e
75def71894387d68a87b58a669562b48ddc0114a46f6436f79803fab03d06f93
9c8ad1aad8292e739e2905c56f593fb5d8f9ca9aec4c695cd54687cf366fe68f
a226e3f44d5e8aa9b3bb470101585ed9aa842807a25bf97c5ef898ab2ddaaa22
b452f65532bd6a43a16865f14ba471297e03fded98430cd6407f364cc66c0019
de5f7f1e3047ad3afeb9a917e5d21b6c61354074bd13605643a73794d38ddaeb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e889f3c206361d67d16e120c2d2b819da6cd10b1516914cb23b281752bbdd12f

cibc.bigdatauniversity.com Open in urlscan Pro 169.53.191.145 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

0 %IPv6

1 Domains

3 Subdomains

2 IPs

1 Countries

197 kBTransfer

431 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

7 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

cibc.bigdatauniversity.com Open in urlscan Pro
169.53.191.145 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

3
Subdomains

2
IPs

1
Countries

197 kB
Transfer

431 kB
Size

1
Cookies

13 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!