jackvik.se Open in urlscan Pro
195.74.38.131  Malicious Activity! Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request index.html Show response jackvik.se/sites/default/files/ctools/www.pnc.com/en/	8 KB 8 KB	80ms 66ms	Document text/html	195.74.38.131 NET-BINERO-STHLM1
General Check archive.org Show headers Download Go to Full URL http://jackvik.se/sites/default/files/ctools/www.pnc.com/en/index.html Protocol HTTP/1.1 Server 195.74.38.131 , Sweden, ASN35041 (NET-BINERO-STHLM1, SE), Reverse DNS cl-27.atm.binero.net Software Apache / Resource Hash f8877b3b3ebe2ffcf449e234ace856eb48b0c28885dfb2c730634faf5f8f8f6a Request headers Host jackvik.se Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 22 Apr 2020 07:09:50 GMT Server Apache Last-Modified Wed, 22 Jan 2020 20:07:38 GMT ETag "a151f76-201d-59cc0137a7680" Accept-Ranges bytes Content-Length 8221 Keep-Alive timeout=5, max=200 Connection Keep-Alive Content-Type text/html
GET H2	200	header_lg.jpg m.pnc.com/device/mobile/images/	5 KB 5 KB	153ms 74ms	Image image/jpeg	23.45.110.221 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://m.pnc.com/device/mobile/images/header_lg.jpg Requested by Host: jackvik.se URL: http://jackvik.se/sites/default/files/ctools/www.pnc.com/en/index.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.45.110.221 , Netherlands, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a23-45-110-221.deploy.static.akamaitechnologies.com Software / Resource Hash acbf87594a100fec775f07670ca078830124b9c7cd60846b467ef1e20567e962 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers Referer http://jackvik.se/sites/default/files/ctools/www.pnc.com/en/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 07:09:50 GMT x-content-type-options nosniff last-modified Fri, 20 Mar 2020 17:23:48 GMT etag "1491-5a14c8c5c5100" strict-transport-security max-age=31536000 content-type image/jpeg status 200 accept-ranges bytes content-length 5265 x-xss-protection 1
GET H2	200	ForeSee_prod.js Show response m.pnc.com/foresee/	1 KB 865 B	153ms 73ms	Script application/x-javascript	23.45.110.221 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://m.pnc.com/foresee/ForeSee_prod.js Requested by Host: jackvik.se URL: http://jackvik.se/sites/default/files/ctools/www.pnc.com/en/index.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.45.110.221 , Netherlands, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a23-45-110-221.deploy.static.akamaitechnologies.com Software / Resource Hash 1be533a5456ae20e72b029965d9d51418994efff5e0abe4a4923afd4a76cb60e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers Referer http://jackvik.se/sites/default/files/ctools/www.pnc.com/en/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 07:09:50 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 27 Aug 2019 21:27:58 GMT etag "4a0-5911ff2425380" vary Accept-Encoding content-type application/x-javascript status 200 strict-transport-security max-age=31536000 accept-ranges bytes content-length 658 x-xss-protection 1
GET H2	200	pm_fp.js Show response m.pnc.com/JavaScriptLib/	11 KB 4 KB	154ms 74ms	Script application/x-javascript	23.45.110.221 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://m.pnc.com/JavaScriptLib/pm_fp.js Requested by Host: jackvik.se URL: http://jackvik.se/sites/default/files/ctools/www.pnc.com/en/index.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.45.110.221 , Netherlands, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a23-45-110-221.deploy.static.akamaitechnologies.com Software / Resource Hash 61adbe7477cd9a6e69edbaaf02c0e1c9387ae16f5386c941fb4d033d9d2bbcba Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers Referer http://jackvik.se/sites/default/files/ctools/www.pnc.com/en/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 07:09:50 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 27 Nov 2019 02:40:38 GMT etag "2d41-5984aec005580" vary Accept-Encoding content-type application/x-javascript status 200 strict-transport-security max-age=31536000 accept-ranges bytes content-length 3651 x-xss-protection 1
GET H/1.1	200 OK	ethernet.js Show response www.u47.pnc.com/783807/	47 KB 21 KB	312ms 191ms	XHR application/x-javascript	184.73.191.93 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL http://www.u47.pnc.com/783807/ethernet.js?r=0.32040566981908003 Requested by Host: jackvik.se URL: http://jackvik.se/sites/default/files/ctools/www.pnc.com/en/index.html Protocol HTTP/1.1 Server 184.73.191.93 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-184-73-191-93.compute-1.amazonaws.com Software haile / Resource Hash 76fb889bdeced1a77dafcdf65ec0ac56957212b7337c1d7ee83dd311bdf97474 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers Referer http://jackvik.se/sites/default/files/ctools/www.pnc.com/en/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 22 Apr 2020 07:09:50 GMT Content-Encoding gzip X-Content-Type-Options nosniff PICS-Label (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0)) transfer-encoding chunked P3P CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM" Connection keep-alive X-XSS-Protection 1 Pragma no-cache Server haile Strict-Transport-Security max-age=31536000 Access-Control-Allow-Methods GET, OPTIONS Content-Type application/x-javascript Access-Control-Allow-Origin http://jackvik.se Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Expires 0
GET H2	200	button_locatePNC.png m.pnc.com/device/mobile/images/	2 KB 2 KB	152ms 75ms	Image image/png	23.45.110.221 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://m.pnc.com/device/mobile/images/button_locatePNC.png Requested by Host: jackvik.se URL: http://jackvik.se/sites/default/files/ctools/www.pnc.com/en/index.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.45.110.221 , Netherlands, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a23-45-110-221.deploy.static.akamaitechnologies.com Software / Resource Hash 4690e4f3f5aca58d5ad6805da5fc3d395ba5f7a418d57ef060c01c25453cab52 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers Referer http://jackvik.se/sites/default/files/ctools/www.pnc.com/en/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 07:09:50 GMT x-content-type-options nosniff last-modified Fri, 20 Dec 2019 15:38:34 GMT etag "696-59a2478753280" strict-transport-security max-age=31536000 content-type image/png status 200 accept-ranges bytes content-length 1686 x-xss-protection 1
GET H2	200	button_aboutPNCmobile.png m.pnc.com/device/mobile/images/	2 KB 2 KB	153ms 76ms	Image image/png	23.45.110.221 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://m.pnc.com/device/mobile/images/button_aboutPNCmobile.png Requested by Host: jackvik.se URL: http://jackvik.se/sites/default/files/ctools/www.pnc.com/en/index.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.45.110.221 , Netherlands, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a23-45-110-221.deploy.static.akamaitechnologies.com Software / Resource Hash 6c6c24e8fa7714f42fdaf29daa5977cf485523473fd54bce763a14b5b1a2d5c3 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers Referer http://jackvik.se/sites/default/files/ctools/www.pnc.com/en/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 07:09:50 GMT x-content-type-options nosniff last-modified Fri, 20 Dec 2019 15:38:34 GMT etag "84c-59a2478753280" strict-transport-security max-age=31536000 content-type image/png status 200 accept-ranges bytes content-length 2124 x-xss-protection 1
GET H/1.1	404 Not Found	dc74dc3252296f7d81322f01781e2 jackvik.se/public/	0 0	44ms 44ms	Script text/html	195.74.38.131 NET-BINERO-STHLM1
General Check archive.org Show headers Download Go to Full URL http://jackvik.se/public/dc74dc3252296f7d81322f01781e2 Requested by Host: jackvik.se URL: http://jackvik.se/sites/default/files/ctools/www.pnc.com/en/index.html Protocol HTTP/1.1 Server 195.74.38.131 , Sweden, ASN35041 (NET-BINERO-STHLM1, SE), Reverse DNS cl-27.atm.binero.net Software Apache / Resource Hash Request headers Referer http://jackvik.se/sites/default/files/ctools/www.pnc.com/en/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 22 Apr 2020 07:09:50 GMT Server Apache Vary accept-language,accept-charset Content-Language en Transfer-Encoding chunked Connection Keep-Alive Accept-Ranges bytes Content-Type text/html; charset=iso-8859-1 Keep-Alive timeout=5, max=199
GET H/1.1	200 OK	calc.js Show response www.u44.pnc.com/783807/	44 KB 17 KB	313ms 193ms	Script application/x-javascript	54.197.250.80 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL http://www.u44.pnc.com/783807/calc.js?dt=login&r=0.6389257864680564 Requested by Host: jackvik.se URL: http://jackvik.se/sites/default/files/ctools/www.pnc.com/en/index.html Protocol HTTP/1.1 Server 54.197.250.80 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-197-250-80.compute-1.amazonaws.com Software haile / Resource Hash 2278cb3647809aa712b372c57329ff33797addfde0fdb4a8ca1521cdbb5e044f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers Referer http://jackvik.se/sites/default/files/ctools/www.pnc.com/en/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 22 Apr 2020 07:09:50 GMT Content-Encoding gzip X-Content-Type-Options nosniff PICS-Label (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0)) transfer-encoding chunked P3P CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM" Connection keep-alive X-XSS-Protection 1 Pragma no-cache Server haile Strict-Transport-Security max-age=31536000 Access-Control-Allow-Methods GET, OPTIONS Content-Type application/x-javascript Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Expires 0
GET H/1.1	200 OK	gateway.min.js Show response gateway.answerscloud.com/pnc/production/	38 KB 13 KB	39ms 8ms	Script application/javascript	2600:9000:2156:6e00:1b:22c5:8c40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://gateway.answerscloud.com/pnc/production/gateway.min.js Requested by Host: m.pnc.com URL: https://m.pnc.com/foresee/ForeSee_prod.js Protocol HTTP/1.1 Server 2600:9000:2156:6e00:1b:22c5:8c40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.17.3 / Resource Hash 826c0e22aa0e219f0f441121b7cb71ded6d2c5bbe2211041d3fc1592e7789989 Request headers Referer http://jackvik.se/sites/default/files/ctools/www.pnc.com/en/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 22 Apr 2020 06:22:24 GMT Content-Encoding gzip Age 2846 X-Cache Hit from cloudfront P3P CP="ok" Status 200 Connection keep-alive Content-Length 12694 Access-Control-Allow-Origin * Last-Modified Mon, 13 Apr 2020 16:38:34 GMT Server nginx/1.17.3 ETag "b68541dee2e81f017558069833eee61c" Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type application/javascript; charset=utf-8 Via 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront) Cache-Control public, max-age=14400 X-Amz-Cf-Pop FRA50-C1 Access-Control-Allow-Headers X-Requested-With X-Amz-Cf-Id EtBQqFZuGWsoVWvEvRsAF_2F-lzk9suKUiAeOgo1aPi7sPIvPA8sIw== Expires Wed, 22 Apr 2020 10:22:24 GMT
GET H/1.1	404 Not Found	dc74dc3252296f7d81322f01781e2 jackvik.se/public/	0 0	40ms 39ms	Script text/html	195.74.38.131 NET-BINERO-STHLM1
General Check archive.org Show headers Download Go to Full URL http://jackvik.se/public/dc74dc3252296f7d81322f01781e2 Requested by Host: jackvik.se URL: http://jackvik.se/sites/default/files/ctools/www.pnc.com/en/index.html Protocol HTTP/1.1 Server 195.74.38.131 , Sweden, ASN35041 (NET-BINERO-STHLM1, SE), Reverse DNS cl-27.atm.binero.net Software Apache / Resource Hash Request headers Referer http://jackvik.se/sites/default/files/ctools/www.pnc.com/en/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 22 Apr 2020 07:09:50 GMT Server Apache Vary accept-language,accept-charset Content-Language en Transfer-Encoding chunked Connection Keep-Alive Accept-Ranges bytes Content-Type text/html; charset=iso-8859-1 Keep-Alive timeout=5, max=198
GET H2	200	button_signOn.png m.pnc.com/device/mobile/images/	2 KB 2 KB	26ms 26ms	Image image/png	23.45.110.221 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://m.pnc.com/device/mobile/images/button_signOn.png Requested by Host: jackvik.se URL: http://jackvik.se/sites/default/files/ctools/www.pnc.com/en/index.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.45.110.221 , Netherlands, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS a23-45-110-221.deploy.static.akamaitechnologies.com Software / Resource Hash 90b8f5f31e649aee7ee98455c6f06ec95ee14ca5f5faa8a86308ae40a9f1cf3c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers Referer http://jackvik.se/sites/default/files/ctools/www.pnc.com/en/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 22 Apr 2020 07:09:50 GMT x-content-type-options nosniff last-modified Tue, 27 Aug 2019 21:27:58 GMT etag "630-5911ff2425380" strict-transport-security max-age=31536000 content-type image/png status 200 accept-ranges bytes content-length 1584 x-xss-protection 1
GET H/1.1	200 OK	foresee_trigger.js Show response gateway.answerscloud.com/pnc/production/trigger/	92 KB 33 KB	7ms 6ms	Script application/javascript	2600:9000:2156:6e00:1b:22c5:8c40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://gateway.answerscloud.com/pnc/production/trigger/foresee_trigger.js Requested by Host: gateway.answerscloud.com URL: http://gateway.answerscloud.com/pnc/production/gateway.min.js Protocol HTTP/1.1 Server 2600:9000:2156:6e00:1b:22c5:8c40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.17.3 / Resource Hash b9628150225533793657410f819e4c643b203ce5b48b443b72e85e96019493bf Request headers Referer http://jackvik.se/sites/default/files/ctools/www.pnc.com/en/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 22 Apr 2020 07:03:45 GMT Content-Encoding gzip Age 1155 Transfer-Encoding chunked X-Cache Hit from cloudfront P3P CP="ok" Status 200 Connection keep-alive Access-Control-Allow-Origin * Last-Modified Mon, 13 Apr 2020 16:38:34 GMT Server nginx/1.17.3 ETag "30ea17063e407d09cb7881ad3f62798d" Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type application/javascript; charset=utf-8 Via 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront) Cache-Control public, max-age=14400 X-Amz-Cf-Pop FRA50-C1 Access-Control-Allow-Headers X-Requested-With X-Amz-Cf-Id RUvg6fuVlbM4bDTkk6wcDgYJOvzhbWBJpLLvzflOrhJA1S-pA9FFEA== Expires Wed, 22 Apr 2020 10:50:35 GMT
GET H/1.1	200 OK	frameWorker.html gateway.answerscloud.com/pnc/production/trigger/ Frame 572E	0 0	7ms 6ms	Document text/html	2600:9000:2156:6e00:1b:22c5:8c40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://gateway.answerscloud.com/pnc/production/trigger/frameWorker.html Requested by Host: gateway.answerscloud.com URL: http://gateway.answerscloud.com/pnc/production/trigger/foresee_trigger.js Protocol HTTP/1.1 Server 2600:9000:2156:6e00:1b:22c5:8c40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.17.3 / Resource Hash Request headers Host gateway.answerscloud.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://jackvik.se/sites/default/files/ctools/www.pnc.com/en/index.html Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://jackvik.se/sites/default/files/ctools/www.pnc.com/en/index.html Response headers Content-Type text/html; charset=utf-8 Content-Length 576 Connection keep-alive Server nginx/1.17.3 Date Wed, 22 Apr 2020 06:23:47 GMT Access-Control-Allow-Headers X-Requested-With Access-Control-Allow-Methods GET Access-Control-Allow-Origin * Cache-Control public, max-age=14400 Content-Encoding gzip ETag W/"7d528bd740a38711380c81a8ac71ce08" Expires Wed, 22 Apr 2020 10:23:47 GMT Last-Modified Mon, 13 Apr 2020 16:38:34 GMT P3P CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR" CP="ok" Status 200 X-UA-Compatible IE=edge Vary Accept-Encoding X-Cache Hit from cloudfront Via 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA50-C1 X-Amz-Cf-Id ZfkM6OIAShxq5BmojTsMVveixXhq4uSayegTES-SwqRu96ekNwofYA== Age 2763
GET H/1.1	200 OK	foresee_surveydef.js Show response gateway.answerscloud.com/pnc/production/trigger/	15 KB 4 KB	11ms 6ms	Script application/javascript	2600:9000:2156:6e00:1b:22c5:8c40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://gateway.answerscloud.com/pnc/production/trigger/foresee_surveydef.js Requested by Host: gateway.answerscloud.com URL: http://gateway.answerscloud.com/pnc/production/trigger/foresee_trigger.js Protocol HTTP/1.1 Server 2600:9000:2156:6e00:1b:22c5:8c40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.17.3 / Resource Hash 2f611ff456b4b84a8548aa6b52a0d9834af40603c2c4039e7912f8c8f43e74e8 Request headers Referer http://jackvik.se/sites/default/files/ctools/www.pnc.com/en/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 22 Apr 2020 04:34:22 GMT Content-Encoding gzip Age 9328 X-Cache Hit from cloudfront P3P CP="ok" Status 200 Connection keep-alive Content-Length 3463 Access-Control-Allow-Origin * Last-Modified Mon, 13 Apr 2020 16:38:34 GMT Server nginx/1.17.3 ETag "0f0bac796fde5f6bea521a9003904898" Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type application/javascript; charset=utf-8 Via 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront) Cache-Control public, max-age=14400 X-Amz-Cf-Pop FRA50-C1 Access-Control-Allow-Headers X-Requested-With X-Amz-Cf-Id PKVsrzPBc3aEeJF4gIV6BHlMiKAPAyy6AluKq3Dy2zJy5NBwSPENSA== Expires Wed, 22 Apr 2020 08:34:22 GMT
GET H/1.1	200 Ok	x0QRt Show response www.u47.pnc.com/783807/	130 B 891 B	109ms 108ms	Script text/javascript	184.73.191.93 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL http://www.u47.pnc.com/783807/x0QRt?d=JTVCJTdCJTIyaWQlMjIlM0ElMjIxNiUyMiUyQyUyMmRhdGElMjIlM0ElN0IlMjJ1JTIyJTNBJTIyaHR0cCUzQSUyRiUyRmphY2t2aWsuc2UlMkZzaXRlcyUyRmRlZmF1bHQlMkZmaWxlcyUyRmN0b29scyUyRnd3dy5wbmMuY29tJTJGZW4lMkZpbmRleC5odG1sJTIyJTJDJTIydCUyMiUzQSUyMnJzJTIyJTdEJTdEJTVE&cid=16&si=1&e=http%3A%2F%2Fjackvik.se&LSESSIONID=jLd1paIf4IYhdCyEJx4o3DsJoPOSoXjdUE6yEXavFtPX08UvMctz68Sg&t=jsonp&c=svnzxaidbwyykikd&eu=http%3A%2F%2Fjackvik.se%2Fsites%2Fdefault%2Ffiles%2Fctools%2Fwww.pnc.com%2Fen%2Findex.html Requested by Host: jackvik.se URL: http://jackvik.se/sites/default/files/ctools/www.pnc.com/en/index.html Protocol HTTP/1.1 Server 184.73.191.93 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-184-73-191-93.compute-1.amazonaws.com Software haile / Resource Hash be80e0d33f035aceebeaa1d57747243a1811483807a69991300951464a66b971 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers Referer http://jackvik.se/sites/default/files/ctools/www.pnc.com/en/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 22 Apr 2020 07:09:50 GMT X-Content-Type-Options nosniff PICS-Label (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0)) P3P CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM" Connection keep-alive Content-Length 130 X-XSS-Protection 1 Pragma no-cache Server haile Strict-Transport-Security max-age=31536000 Access-Control-Allow-Methods GET, OPTIONS Content-Type text/javascript Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Expires 0
GET H/1.1	200 OK	foresee_dhtml.css gateway.answerscloud.com/pnc/production/trigger/	7 KB 3 KB	7ms 6ms	Stylesheet text/css	2600:9000:2156:6e00:1b:22c5:8c40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://gateway.answerscloud.com/pnc/production/trigger/foresee_dhtml.css Requested by Host: gateway.answerscloud.com URL: http://gateway.answerscloud.com/pnc/production/trigger/foresee_trigger.js Protocol HTTP/1.1 Server 2600:9000:2156:6e00:1b:22c5:8c40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.17.3 / Resource Hash 5cbb6604099483afd47f6d201d1d2a03941ec6168563ff88eb69e18d34500fbe Request headers Referer http://jackvik.se/sites/default/files/ctools/www.pnc.com/en/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 22 Apr 2020 05:48:19 GMT Content-Encoding gzip Age 4891 X-Cache Hit from cloudfront P3P CP="ok" Status 200 Connection keep-alive Content-Length 2151 Access-Control-Allow-Origin * Last-Modified Mon, 13 Apr 2020 16:38:34 GMT Server nginx/1.17.3 ETag W/"d08d45316f483a084076f16d9de3c225" Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type text/css; charset=utf-8 Via 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront) Cache-Control public, max-age=14400 X-Amz-Cf-Pop FRA50-C1 Access-Control-Allow-Headers X-Requested-With X-Amz-Cf-Id Nuzbv0aNqBTs8auUDh_EDZsqfgcidkpaXniVHvxPAA1PG3bRfPkVSA== Expires Wed, 22 Apr 2020 09:48:19 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PNC Financial (Banking)

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| getHandlerId function| lookForErrorMessages function| acsReady string| SEP string| PAIR string| DEV number| ver string| ua boolean| opera boolean| ie boolean| iemac number| moz string| os function| addDevicePrintToUrl function| populateDevicePrint function| validDevicePrintForm function| flashfix function| activeXDetect function| stripIllegalChars function| stripFullPath function| fingerprint_browser function| fingerprint_display function| fingerprint_software function| fingerprint_timezone function| fingerprint_language function| fingerprint_java function| fingerprint_cookie function| add_deviceprint function| Hashtable object| _cf function| _acsDefine function| _fsDefine function| _acsRequire function| _fsRequire object| FSR object| FSFB function| _acsNormalizeUrl function| _fsNormalizeUrl function| _fsNormalizeAssetUrl function| fsReady boolean| _acsDSPLYOK function| __acsReady__ function| __fsReady__ object| ForeSee object| ___so783807 object| M number| CLIWHIT string| PSESSIONID string| SSESSIONID object| regex object| match string| LSESSIONID object| __tp number| __gt object| currentSnippets string| defaultTagParam number| defaultTagLoadTime string| defaultTag function| sCallback string| t boolean| isFirst string| devicePrint object| form object| actionArray object| locationArray object| hidden boolean| __$$FSRINIT$$__ function| svnzxaidbwyykikd object| $$FSR number| n

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

gateway.answerscloud.com
jackvik.se
m.pnc.com
www.u44.pnc.com
www.u47.pnc.com
184.73.191.93
195.74.38.131
23.45.110.221
2600:9000:2156:6e00:1b:22c5:8c40:93a1
54.197.250.80
1be533a5456ae20e72b029965d9d51418994efff5e0abe4a4923afd4a76cb60e
2278cb3647809aa712b372c57329ff33797addfde0fdb4a8ca1521cdbb5e044f
2f611ff456b4b84a8548aa6b52a0d9834af40603c2c4039e7912f8c8f43e74e8
4690e4f3f5aca58d5ad6805da5fc3d395ba5f7a418d57ef060c01c25453cab52
5cbb6604099483afd47f6d201d1d2a03941ec6168563ff88eb69e18d34500fbe
61adbe7477cd9a6e69edbaaf02c0e1c9387ae16f5386c941fb4d033d9d2bbcba
6c6c24e8fa7714f42fdaf29daa5977cf485523473fd54bce763a14b5b1a2d5c3
76fb889bdeced1a77dafcdf65ec0ac56957212b7337c1d7ee83dd311bdf97474
826c0e22aa0e219f0f441121b7cb71ded6d2c5bbe2211041d3fc1592e7789989
90b8f5f31e649aee7ee98455c6f06ec95ee14ca5f5faa8a86308ae40a9f1cf3c
acbf87594a100fec775f07670ca078830124b9c7cd60846b467ef1e20567e962
b9628150225533793657410f819e4c643b203ce5b48b443b72e85e96019493bf
be80e0d33f035aceebeaa1d57747243a1811483807a69991300951464a66b971
f8877b3b3ebe2ffcf449e234ace856eb48b0c28885dfb2c730634faf5f8f8f6a