u-h-x.com Open in urlscan Pro
142.44.163.33 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://u-h-x.com/Laurentian/
Submission: On September 12 via manual (September 12th 2018, 7:12:23 pm UTC) from RU

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 22 HTTP transactions. The main IP is 142.44.163.33, located in Victoria, Canada and belongs to OVH, FR. The main domain is u-h-x.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on September 10th 2018. Valid for: 3 months.

This is the only time u-h-x.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Laurentian Bank (Banking)

Domain & IP information

	IP Address		AS Autonomous System
22	142.44.163.33 142.44.163.33		16276 (OVH) (OVH)
22	1

22 142.44.163.33 (Victoria, Canada)

ASN16276 (OVH, FR)
PTR: 33.ip-142-44-163.net

u-h-x.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	u-h-x.com u-h-x.com	327 KB
22	1

	Domain	Requested by
22	u-h-x.com	u-h-x.com
22	1

This site contains no links.

Subject Issuer	Validity	Valid
u-h-x.com cPanel, Inc. Certification Authority	`2018-09-10` - `2018-12-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://u-h-x.com/Laurentian/
Frame ID: 471D5F9C66925945791071259586BA83
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Page Statistics

22
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

327 kB
Transfer

322 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response u-h-x.com/Laurentian/	6 KB 6 KB	97ms 97ms	Document text/html	142.44.163.33 OVH
General Check archive.org Show headers Download Go to Full URL https://u-h-x.com/Laurentian/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 142.44.163.33 Victoria, Canada, ASN16276 (OVH, FR), Reverse DNS 33.ip-142-44-163.net Software Apache / Resource Hash `ccee149e4e1d164363d6bbd6261979e76ed473403ded0084458f3d3da6f0c90f` Request headers Host u-h-x.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id 471D5F9C66925945791071259586BA83 Response headers Date Wed, 12 Sep 2018 19:12:11 GMT Server Apache Last-Modified Thu, 28 Jun 2018 03:36:50 GMT Accept-Ranges bytes Content-Length 6172 Keep-Alive timeout=5, max=90 Connection Keep-Alive Content-Type text/html
GET H/1.1	200 OK	modal.js Show response u-h-x.com/Laurentian/login_files/	14 KB 14 KB	95ms 95ms	Script application/javascript	142.44.163.33 OVH
General Check archive.org Show headers Download Go to Full URL https://u-h-x.com/Laurentian/login_files/modal.js Requested by Host: u-h-x.com URL: https://u-h-x.com/Laurentian/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 142.44.163.33 Victoria, Canada, ASN16276 (OVH, FR), Reverse DNS 33.ip-142-44-163.net Software Apache / Resource Hash `3cac4b1254742ce96465863630f4eac5855ab8ae37d7a1b5f053ff9cb53a2ad0` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host u-h-x.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer https://u-h-x.com/Laurentian/ Connection keep-alive Cache-Control no-cache Referer https://u-h-x.com/Laurentian/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 12 Sep 2018 19:12:11 GMT Last-Modified Sat, 20 Jan 2018 22:28:12 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=89 Content-Length 14159
GET H/1.1	200 OK	brand$v@201711260135.css u-h-x.com/Laurentian/login_files/	70 KB 70 KB	94ms 93ms	Stylesheet text/css	142.44.163.33 OVH
General Check archive.org Show headers Download Go to Full URL https://u-h-x.com/Laurentian/login_files/brand$v@201711260135.css Requested by Host: u-h-x.com URL: https://u-h-x.com/Laurentian/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 142.44.163.33 Victoria, Canada, ASN16276 (OVH, FR), Reverse DNS 33.ip-142-44-163.net Software Apache / Resource Hash `cc3bee715d68ceb8080b561792c02cf5fdd15565406ba03a28248813201e5fe8` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host u-h-x.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,/;q=0.1 Referer https://u-h-x.com/Laurentian/ Connection keep-alive Cache-Control no-cache Referer https://u-h-x.com/Laurentian/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 12 Sep 2018 19:12:11 GMT Last-Modified Sat, 20 Jan 2018 22:28:12 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=82 Content-Length 71449
GET H/1.1	200 OK	login$forms-v2@true+v@201711260135.css u-h-x.com/Laurentian/login_files/	272 B 512 B	94ms 94ms	Stylesheet text/css	142.44.163.33 OVH
General Check archive.org Show headers Download Go to Full URL https://u-h-x.com/Laurentian/login_files/login$forms-v2@true+v@201711260135.css Requested by Host: u-h-x.com URL: https://u-h-x.com/Laurentian/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 142.44.163.33 Victoria, Canada, ASN16276 (OVH, FR), Reverse DNS 33.ip-142-44-163.net Software Apache / Resource Hash `70e9c6224ba2d419a361045660f07dd30ebb3267d10f5b20a94a311d41ef95b2` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host u-h-x.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,/;q=0.1 Referer https://u-h-x.com/Laurentian/ Connection keep-alive Cache-Control no-cache Referer https://u-h-x.com/Laurentian/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 12 Sep 2018 19:12:11 GMT Last-Modified Sat, 20 Jan 2018 22:28:12 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=81 Content-Length 272
GET H/1.1	200 OK	Logo$v@201711260135.jpg u-h-x.com/Laurentian/login_files/	23 KB 23 KB	97ms 96ms	Image image/jpeg	142.44.163.33 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://u-h-x.com/Laurentian/login_files/Logo$v@201711260135.jpg Requested by Host: u-h-x.com URL: https://u-h-x.com/Laurentian/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 142.44.163.33 Victoria, Canada, ASN16276 (OVH, FR), Reverse DNS 33.ip-142-44-163.net Software Apache / Resource Hash `4ad88d15ebf00978e07c24f4be7dc0a2d1aaa363670b9b765edfffec6ede8ee7` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host u-h-x.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://u-h-x.com/Laurentian/ Connection keep-alive Cache-Control no-cache Referer https://u-h-x.com/Laurentian/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 12 Sep 2018 19:12:11 GMT Last-Modified Sat, 20 Jan 2018 22:28:12 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=88 Content-Length 23495
GET H/1.1	200 OK	common$v@201711260135.css u-h-x.com/Laurentian/login_files/	71 KB 71 KB	95ms 95ms	Stylesheet text/css	142.44.163.33 OVH
General Check archive.org Show headers Download Go to Full URL https://u-h-x.com/Laurentian/login_files/common$v@201711260135.css Requested by Host: u-h-x.com URL: https://u-h-x.com/Laurentian/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 142.44.163.33 Victoria, Canada, ASN16276 (OVH, FR), Reverse DNS 33.ip-142-44-163.net Software Apache / Resource Hash `5fd8f9c4856d662cb122df72c712c8e0221850bac15d3b3f9e3dd40ff21e907d` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host u-h-x.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,/;q=0.1 Referer https://u-h-x.com/Laurentian/ Connection keep-alive Cache-Control no-cache Referer https://u-h-x.com/Laurentian/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 12 Sep 2018 19:12:11 GMT Last-Modified Sat, 20 Jan 2018 22:28:12 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=80 Content-Length 72888
GET H/1.1	200 OK	nav$v@201711260135.css u-h-x.com/Laurentian/login_files/	15 KB 15 KB	98ms 96ms	Stylesheet text/css	142.44.163.33 OVH
General Check archive.org Show headers Download Go to Full URL https://u-h-x.com/Laurentian/login_files/nav$v@201711260135.css Requested by Host: u-h-x.com URL: https://u-h-x.com/Laurentian/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 142.44.163.33 Victoria, Canada, ASN16276 (OVH, FR), Reverse DNS 33.ip-142-44-163.net Software Apache / Resource Hash `95de844803af0705bbe9207a83cdb4725ae77d1e349505b3d04d1687bb65d8dd` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host u-h-x.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,/;q=0.1 Referer https://u-h-x.com/Laurentian/ Connection keep-alive Cache-Control no-cache Referer https://u-h-x.com/Laurentian/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 12 Sep 2018 19:12:11 GMT Last-Modified Sat, 20 Jan 2018 22:28:12 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=90 Content-Length 15036
GET H/1.1	200 OK	portlet$v@201711260135.css u-h-x.com/Laurentian/login_files/	14 KB 14 KB	97ms 96ms	Stylesheet text/css	142.44.163.33 OVH
General Check archive.org Show headers Download Go to Full URL https://u-h-x.com/Laurentian/login_files/portlet$v@201711260135.css Requested by Host: u-h-x.com URL: https://u-h-x.com/Laurentian/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 142.44.163.33 Victoria, Canada, ASN16276 (OVH, FR), Reverse DNS 33.ip-142-44-163.net Software Apache / Resource Hash `743194f4386d391d7bcadb7af7d396d24ce4cba5d1c9fcb26b89f2fed615c4f9` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host u-h-x.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,/;q=0.1 Referer https://u-h-x.com/Laurentian/ Connection keep-alive Cache-Control no-cache Referer https://u-h-x.com/Laurentian/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 12 Sep 2018 19:12:11 GMT Last-Modified Sat, 20 Jan 2018 22:28:12 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=89 Content-Length 14349
GET H/1.1	200 OK	form$forms-v2@true+v@201711260135.css u-h-x.com/Laurentian/login_files/	69 KB 69 KB	98ms 97ms	Stylesheet text/css	142.44.163.33 OVH
General Check archive.org Show headers Download Go to Full URL https://u-h-x.com/Laurentian/login_files/form$forms-v2@true+v@201711260135.css Requested by Host: u-h-x.com URL: https://u-h-x.com/Laurentian/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 142.44.163.33 Victoria, Canada, ASN16276 (OVH, FR), Reverse DNS 33.ip-142-44-163.net Software Apache / Resource Hash `1ae3637518b620394669d7ff009213134c4527da5d8760ed4d01b64257119e95` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host u-h-x.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,/;q=0.1 Referer https://u-h-x.com/Laurentian/ Connection keep-alive Cache-Control no-cache Referer https://u-h-x.com/Laurentian/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 12 Sep 2018 19:12:11 GMT Last-Modified Sat, 20 Jan 2018 22:28:12 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=92 Content-Length 70679
GET H/1.1	200 OK	login$v@201711260135.css u-h-x.com/Laurentian/login_files/	11 KB 11 KB	287ms 95ms	Stylesheet text/css	142.44.163.33 OVH
General Check archive.org Show headers Download Go to Full URL https://u-h-x.com/Laurentian/login_files/login$v@201711260135.css Requested by Host: u-h-x.com URL: https://u-h-x.com/Laurentian/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 142.44.163.33 Victoria, Canada, ASN16276 (OVH, FR), Reverse DNS 33.ip-142-44-163.net Software Apache / Resource Hash `0b68edf0973ac7bb233d7233cf8c363f1a9de77b9a233b13c82a0ff33a66a3c0` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host u-h-x.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,/;q=0.1 Referer https://u-h-x.com/Laurentian/ Connection keep-alive Cache-Control no-cache Referer https://u-h-x.com/Laurentian/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 12 Sep 2018 19:12:12 GMT Last-Modified Sat, 20 Jan 2018 22:28:12 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=88 Content-Length 11323
GET H/1.1	200 OK	cuCustom$v@201711260135.css u-h-x.com/Laurentian/login_files/	956 B 1 KB	289ms 97ms	Stylesheet text/css	142.44.163.33 OVH
General Check archive.org Show headers Download Go to Full URL https://u-h-x.com/Laurentian/login_files/cuCustom$v@201711260135.css Requested by Host: u-h-x.com URL: https://u-h-x.com/Laurentian/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 142.44.163.33 Victoria, Canada, ASN16276 (OVH, FR), Reverse DNS 33.ip-142-44-163.net Software Apache / Resource Hash `7b79fc22675d2cb992edb9fee3520e207a50e0ed1749e22db10af437e26a7fa9` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host u-h-x.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,/;q=0.1 Referer https://u-h-x.com/Laurentian/ Connection keep-alive Cache-Control no-cache Referer https://u-h-x.com/Laurentian/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 12 Sep 2018 19:12:12 GMT Last-Modified Sat, 20 Jan 2018 22:28:12 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=87 Content-Length 956
GET H/1.1	200 OK	print$v@201711260135.css u-h-x.com/Laurentian/login_files/	7 KB 8 KB	100ms 100ms	Stylesheet text/css	142.44.163.33 OVH
General Check archive.org Show headers Download Go to Full URL https://u-h-x.com/Laurentian/login_files/print$v@201711260135.css Requested by Host: u-h-x.com URL: https://u-h-x.com/Laurentian/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 142.44.163.33 Victoria, Canada, ASN16276 (OVH, FR), Reverse DNS 33.ip-142-44-163.net Software Apache / Resource Hash `b34da48f30854018ff21f587df4fb6ebc59c20efc3a053f1a667ef73c7cfb586` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host u-h-x.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,/;q=0.1 Referer https://u-h-x.com/Laurentian/ Connection keep-alive Cache-Control no-cache Referer https://u-h-x.com/Laurentian/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 12 Sep 2018 19:12:12 GMT Last-Modified Sat, 20 Jan 2018 22:28:12 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=79 Content-Length 7609
GET H/1.1	200 OK	body_bg.gif u-h-x.com/Laurentian/login_files/	166 B 407 B	97ms 96ms	Image image/gif	142.44.163.33 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://u-h-x.com/Laurentian/login_files/body_bg.gif Requested by Host: u-h-x.com URL: https://u-h-x.com/Laurentian/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 142.44.163.33 Victoria, Canada, ASN16276 (OVH, FR), Reverse DNS 33.ip-142-44-163.net Software Apache / Resource Hash `9d07432d020a18067b4e962ca76b4d891e72f7f5c91e5b43eef3910dccbb27bd` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host u-h-x.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://u-h-x.com/Laurentian/login_files/brand$v@201711260135.css Connection keep-alive Cache-Control no-cache Referer https://u-h-x.com/Laurentian/login_files/brand$v@201711260135.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 12 Sep 2018 19:12:12 GMT Last-Modified Sat, 20 Jan 2018 22:28:12 GMT Server Apache Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=91 Content-Length 166
GET H/1.1	200 OK	footerLists_bg.png u-h-x.com/Laurentian/login_files/	330 B 571 B	98ms 97ms	Image image/png	142.44.163.33 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://u-h-x.com/Laurentian/login_files/footerLists_bg.png Requested by Host: u-h-x.com URL: https://u-h-x.com/Laurentian/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 142.44.163.33 Victoria, Canada, ASN16276 (OVH, FR), Reverse DNS 33.ip-142-44-163.net Software Apache / Resource Hash `ce9e264d5bb6686a72de27979a59e70bb96bb2a4a4f672cc3cfccd6f563a05ae` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host u-h-x.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://u-h-x.com/Laurentian/login_files/nav$v@201711260135.css Connection keep-alive Cache-Control no-cache Referer https://u-h-x.com/Laurentian/login_files/nav$v@201711260135.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 12 Sep 2018 19:12:12 GMT Last-Modified Sat, 20 Jan 2018 22:28:12 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=86 Content-Length 330
GET H/1.1	200 OK	mobile.png u-h-x.com/Laurentian/login_files/	639 B 880 B	96ms 95ms	Image image/png	142.44.163.33 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://u-h-x.com/Laurentian/login_files/mobile.png Requested by Host: u-h-x.com URL: https://u-h-x.com/Laurentian/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 142.44.163.33 Victoria, Canada, ASN16276 (OVH, FR), Reverse DNS 33.ip-142-44-163.net Software Apache / Resource Hash `9620d73f75ee5aa9a3f303e3dca9a0e5193f4e034fc9a0653ce1eec3e80a1bac` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host u-h-x.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://u-h-x.com/Laurentian/login_files/nav$v@201711260135.css Connection keep-alive Cache-Control no-cache Referer https://u-h-x.com/Laurentian/login_files/nav$v@201711260135.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 12 Sep 2018 19:12:12 GMT Last-Modified Sat, 20 Jan 2018 22:28:12 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=87 Content-Length 639
GET H/1.1	200 OK	footerArrow.gif u-h-x.com/Laurentian/login_files/	51 B 291 B	96ms 95ms	Image image/gif	142.44.163.33 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://u-h-x.com/Laurentian/login_files/footerArrow.gif Requested by Host: u-h-x.com URL: https://u-h-x.com/Laurentian/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 142.44.163.33 Victoria, Canada, ASN16276 (OVH, FR), Reverse DNS 33.ip-142-44-163.net Software Apache / Resource Hash `cc7d4d6e8c4e3deeeaaa546d9190e28e5849f4c8f4926b22e6fb5b6c79d44f2f` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host u-h-x.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://u-h-x.com/Laurentian/login_files/nav$v@201711260135.css Connection keep-alive Cache-Control no-cache Referer https://u-h-x.com/Laurentian/login_files/nav$v@201711260135.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 12 Sep 2018 19:12:12 GMT Last-Modified Sat, 20 Jan 2018 22:28:12 GMT Server Apache Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=81 Content-Length 51
GET H/1.1	200 OK	lock.png u-h-x.com/Laurentian/login_files/	2 KB 2 KB	97ms 95ms	Image image/png	142.44.163.33 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://u-h-x.com/Laurentian/login_files/lock.png Requested by Host: u-h-x.com URL: https://u-h-x.com/Laurentian/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 142.44.163.33 Victoria, Canada, ASN16276 (OVH, FR), Reverse DNS 33.ip-142-44-163.net Software Apache / Resource Hash `025b6c40e7b4a8fbd9283a0ae9d67504625474bfb977cc271a7bee851b5abbfd` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host u-h-x.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://u-h-x.com/Laurentian/login_files/common$v@201711260135.css Connection keep-alive Cache-Control no-cache Referer https://u-h-x.com/Laurentian/login_files/common$v@201711260135.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 12 Sep 2018 19:12:12 GMT Last-Modified Sat, 20 Jan 2018 22:28:12 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=89 Content-Length 1614
GET H/1.1	200 OK	outerColContainer_bg.gif u-h-x.com/Laurentian/login_files/	1 KB 2 KB	141ms 94ms	Image image/gif	142.44.163.33 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://u-h-x.com/Laurentian/login_files/outerColContainer_bg.gif Requested by Host: u-h-x.com URL: https://u-h-x.com/Laurentian/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 142.44.163.33 Victoria, Canada, ASN16276 (OVH, FR), Reverse DNS 33.ip-142-44-163.net Software Apache / Resource Hash `d9f768e0460f283a351a13405ab9f33a74e34c679314553ccdf015f1673465fa` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host u-h-x.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://u-h-x.com/Laurentian/login_files/brand$v@201711260135.css Connection keep-alive Cache-Control no-cache Referer https://u-h-x.com/Laurentian/login_files/brand$v@201711260135.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 12 Sep 2018 19:12:12 GMT Last-Modified Sat, 20 Jan 2018 22:28:12 GMT Server Apache Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=78 Content-Length 1347
GET H/1.1	200 OK	arrow_blue.png u-h-x.com/Laurentian/login_files/	476 B 717 B	158ms 96ms	Image image/png	142.44.163.33 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://u-h-x.com/Laurentian/login_files/arrow_blue.png Requested by Host: u-h-x.com URL: https://u-h-x.com/Laurentian/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 142.44.163.33 Victoria, Canada, ASN16276 (OVH, FR), Reverse DNS 33.ip-142-44-163.net Software Apache / Resource Hash `a4ebfc8f0666eda7ef0e4e0f74b3f8d5ef28d593c3822b9847488be7fee111e5` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host u-h-x.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://u-h-x.com/Laurentian/login_files/login$v@201711260135.css Connection keep-alive Cache-Control no-cache Referer https://u-h-x.com/Laurentian/login_files/login$v@201711260135.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 12 Sep 2018 19:12:12 GMT Last-Modified Sat, 20 Jan 2018 22:28:12 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=86 Content-Length 476
GET H/1.1	200 OK	continue_btn.png u-h-x.com/Laurentian/login_files/	925 B 1 KB	158ms 96ms	Image image/png	142.44.163.33 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://u-h-x.com/Laurentian/login_files/continue_btn.png Requested by Host: u-h-x.com URL: https://u-h-x.com/Laurentian/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 142.44.163.33 Victoria, Canada, ASN16276 (OVH, FR), Reverse DNS 33.ip-142-44-163.net Software Apache / Resource Hash `b962f9d101ad1e14324f64ebcfac16f112146c50b254798a854a68c262c1e301` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host u-h-x.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://u-h-x.com/Laurentian/login_files/form$forms-v2@true+v@201711260135.css Connection keep-alive Cache-Control no-cache Referer https://u-h-x.com/Laurentian/login_files/form$forms-v2@true+v@201711260135.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 12 Sep 2018 19:12:12 GMT Last-Modified Sat, 20 Jan 2018 22:28:12 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=88 Content-Length 925
GET H/1.1	200 OK	yellow_gradrient.gif u-h-x.com/Laurentian/login_files/	163 B 404 B	155ms 93ms	Image image/gif	142.44.163.33 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://u-h-x.com/Laurentian/login_files/yellow_gradrient.gif Requested by Host: u-h-x.com URL: https://u-h-x.com/Laurentian/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 142.44.163.33 Victoria, Canada, ASN16276 (OVH, FR), Reverse DNS 33.ip-142-44-163.net Software Apache / Resource Hash `2a36baf02fb0566045ab795494e93cc0f0fa52975de0ea0aa8ca3dccf3625ed1` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host u-h-x.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://u-h-x.com/Laurentian/login_files/common$v@201711260135.css Connection keep-alive Cache-Control no-cache Referer https://u-h-x.com/Laurentian/login_files/common$v@201711260135.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 12 Sep 2018 19:12:12 GMT Last-Modified Sat, 20 Jan 2018 22:28:12 GMT Server Apache Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=80 Content-Length 163
GET H/1.1	200 OK	header_bg.jpg u-h-x.com/Laurentian/login_files/	15 KB 15 KB	156ms 95ms	Image image/jpeg	142.44.163.33 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://u-h-x.com/Laurentian/login_files/header_bg.jpg Requested by Host: u-h-x.com URL: https://u-h-x.com/Laurentian/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 142.44.163.33 Victoria, Canada, ASN16276 (OVH, FR), Reverse DNS 33.ip-142-44-163.net Software Apache / Resource Hash `280ad808eebb33e59e27520272ca9d35403d1693c0201652fbab514c3831a6a8` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host u-h-x.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://u-h-x.com/Laurentian/login_files/brand$v@201711260135.css Connection keep-alive Cache-Control no-cache Referer https://u-h-x.com/Laurentian/login_files/brand$v@201711260135.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 12 Sep 2018 19:12:12 GMT Last-Modified Sat, 20 Jan 2018 22:28:12 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=90 Content-Length 15297

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Laurentian Bank (Banking)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

u-h-x.com
142.44.163.33
025b6c40e7b4a8fbd9283a0ae9d67504625474bfb977cc271a7bee851b5abbfd
0b68edf0973ac7bb233d7233cf8c363f1a9de77b9a233b13c82a0ff33a66a3c0
1ae3637518b620394669d7ff009213134c4527da5d8760ed4d01b64257119e95
280ad808eebb33e59e27520272ca9d35403d1693c0201652fbab514c3831a6a8
2a36baf02fb0566045ab795494e93cc0f0fa52975de0ea0aa8ca3dccf3625ed1
3cac4b1254742ce96465863630f4eac5855ab8ae37d7a1b5f053ff9cb53a2ad0
4ad88d15ebf00978e07c24f4be7dc0a2d1aaa363670b9b765edfffec6ede8ee7
5fd8f9c4856d662cb122df72c712c8e0221850bac15d3b3f9e3dd40ff21e907d
70e9c6224ba2d419a361045660f07dd30ebb3267d10f5b20a94a311d41ef95b2
743194f4386d391d7bcadb7af7d396d24ce4cba5d1c9fcb26b89f2fed615c4f9
7b79fc22675d2cb992edb9fee3520e207a50e0ed1749e22db10af437e26a7fa9
95de844803af0705bbe9207a83cdb4725ae77d1e349505b3d04d1687bb65d8dd
9620d73f75ee5aa9a3f303e3dca9a0e5193f4e034fc9a0653ce1eec3e80a1bac
9d07432d020a18067b4e962ca76b4d891e72f7f5c91e5b43eef3910dccbb27bd
a4ebfc8f0666eda7ef0e4e0f74b3f8d5ef28d593c3822b9847488be7fee111e5
b34da48f30854018ff21f587df4fb6ebc59c20efc3a053f1a667ef73c7cfb586
b962f9d101ad1e14324f64ebcfac16f112146c50b254798a854a68c262c1e301
cc3bee715d68ceb8080b561792c02cf5fdd15565406ba03a28248813201e5fe8
cc7d4d6e8c4e3deeeaaa546d9190e28e5849f4c8f4926b22e6fb5b6c79d44f2f
ccee149e4e1d164363d6bbd6261979e76ed473403ded0084458f3d3da6f0c90f
ce9e264d5bb6686a72de27979a59e70bb96bb2a4a4f672cc3cfccd6f563a05ae
d9f768e0460f283a351a13405ab9f33a74e34c679314553ccdf015f1673465fa

u-h-x.com Open in urlscan Pro 142.44.163.33 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

22 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

327 kBTransfer

322 kBSize

0 Cookies

0 Outgoing links

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

6 JavaScript Global Variables

0 Cookies

Indicators

u-h-x.com Open in urlscan Pro
142.44.163.33 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

327 kB
Transfer

322 kB
Size

0
Cookies

22 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!