www.high-heels-pumps.com Open in urlscan Pro
212.126.64.70 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm
Submission: On January 09 via manual (January 9th 2018, 1:34:28 pm UTC) from US

Summary HTTP 29 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 29 HTTP transactions. The main IP is 212.126.64.70, located in Austria and belongs to INTERNIC-AS12401 Puchsbaumplatz 2 / 7-8, AT. The main domain is www.high-heels-pumps.com.

This is the only time www.high-heels-pumps.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Chase (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 3	212.126.64.70 212.126.64.70	12401 (INTERNIC-...) (INTERNIC-AS12401 Puchsbaumplatz 2 / 7-8)
1	159.53.232.19 159.53.232.19	10934 (AS10934) (AS10934 - JPMorgan Chase & Co.)
25	159.53.232.37 159.53.232.37	7743 (AS-7743) (AS-7743 - JPMorgan Chase & Co.)
1	212.126.65.198 212.126.65.198	12401 (INTERNIC-...) (INTERNIC-AS12401 Puchsbaumplatz 2 / 7-8)
29	4

3 212.126.64.70 (Austria) 1 redirects

ASN12401 (INTERNIC-AS12401 Puchsbaumplatz 2 / 7-8, AT)
PTR: dns1.internic.at

www.high-heels-pumps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.53.232.19 (New York, United States)

ASN10934 (AS10934 - JPMorgan Chase & Co., US)

secure07a.chase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 159.53.232.37 (New York, United States)

ASN7743 (AS-7743 - JPMorgan Chase & Co., US)

secure.chasecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.126.65.198 (Austria)

ASN12401 (INTERNIC-AS12401 Puchsbaumplatz 2 / 7-8, AT)
PTR: www2.internic.at

www.internic.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	chasecdn.com secure.chasecdn.com
3	high-heels-pumps.com 1 redirects www.high-heels-pumps.com	306 B
1	internic.at www.internic.at
1	chase.com secure07a.chase.com
29	4

	Domain	Requested by
25	secure.chasecdn.com	www.high-heels-pumps.com
3	www.high-heels-pumps.com	1 redirects
1	www.internic.at
1	secure07a.chase.com	www.high-heels-pumps.com
29	4

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm
Frame ID: (2ECC17DBF916CD41AB22CE88D373EAA9)
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /php\/?([\d.]+)?/i

UNIX (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Unix/i

OpenSSL (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i

mod_ssl (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /mod_ssl(?:\/([\d.]+))?/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
headers server /mod_ssl(?:\/([\d.]+))?/i

Dynatrace (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /dtagent.*\.js/i

Page Statistics

29
Requests

0 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

0 kB
Transfer

4470 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

http://www.high-heels-pumps.com/events/dynaTraceMonitor?type=js&session=VVNMIM9H6310F7RA192O11V6R0AL6OUS&flavor=post&referer=http%3A%2F%2Fwww.high-heels-pumps.com%2Fxmas%2Fwp%2Fwordpress%2Fwp-content%2Fusersultramedia%2F4%2Fmethod%2Fslot%2Findex.htm&format=lzw HTTP 302
http://www.internic.at/bin/notfound?ERR=404

29 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request index.htm Show response
www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/ 49 KB
0 52ms
40ms Document
text/html 212.126.64.70
INTERNIC-AS12401 ...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm
Protocol: HTTP/1.1
Server: 212.126.64.70 , Austria, ASN12401 (INTERNIC-AS12401 Puchsbaumplatz 2 / 7-8, AT),
Reverse DNS: dns1.internic.at
Software: Apache/2.2.34 (Unix) mod_ssl/2.2.34 OpenSSL/1.0.2h PHP/5.4.18 /
Resource Hash: 214e0bdc0cdcd8d1c19d429bcb38e73824cba19c5fe9a2824dcd272393ec6514

Request headers

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Connection: keep-alive
Accept-Encoding: gzip, deflate
Host: www.high-heels-pumps.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 09 Jan 2018 13:34:33 GMT
Last-Modified: Tue, 10 Jan 2017 17:23:28 GMT
Server: Apache/2.2.34 (Unix) mod_ssl/2.2.34 OpenSSL/1.0.2h PHP/5.4.18
ETag: "1663afa-c3d3-545c0be0b4400"
Content-Type: text/html
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=80
Content-Length: 50131

GET
H/1.1 200
OK dtagent61_n_8455.js Show response
secure07a.chase.com/events/ 136 KB
0 728ms
229ms Script
text/javascript 159.53.232.19
JPMorgan Chase & Co.

General

Check archive.org

Show headers Download Go to

Full URL

https://secure07a.chase.com/events/dtagent61_n_8455.js

Requested by

Host: www.high-heels-pumps.com
URL: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm

Protocol

HTTP/1.1

Server

159.53.232.19 New York, United States, ASN10934 (AS10934 - JPMorgan Chase & Co., US),

Reverse DNS

Software

Resource Hash

898e8ea5eaaddead6919cc59c7feb51d761e3f8e51927d1759c67b830ca31020

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 09 Jan 2018 13:34:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Content-Security-Policy: frame-ancestors 'none'
Transfer-Encoding: chunked
Connection: Keep-Alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
x-trace-id: WlTE2KlXSdkAALND83IAAAFV
Pragma: no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000; includeSubdomains
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,private
Content-Security-Policy: frame-ancestors 'none'
Keep-Alive: timeout=60, max=4754
Expires: Tue, 09 Jan 2018 14:34:16 GMT

GET
H/1.1 200
OK blue-ui.css
secure.chasecdn.com/web/1.4-554/common/assets/ 254 KB
0 514ms
99ms Stylesheet
text/css 159.53.232.37
JPMorgan Chase & Co.

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.chasecdn.com/web/1.4-554/common/assets/blue-ui.css

Requested by

Host: www.high-heels-pumps.com
URL: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm

Protocol

HTTP/1.1

Server

159.53.232.37 New York, United States, ASN7743 (AS-7743 - JPMorgan Chase & Co., US),

Reverse DNS

Software

Resource Hash

9a6ae237363a74c1b907b3bdd41a3d689c98de133520fe68d8f706fe80c5c98b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 09 Jan 2018 13:34:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 3550558
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
x-trace-id: Wh6Xeqlimo4AAIr7zoEAAAAG
Last-Modified: Thu, 18 Aug 2016 02:24:10 GMT
x-frame-options: DENY
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Expires: Thu, 29 Nov 2018 11:18:18 GMT
Cache-Control: max-age=31536000
content-security-policy: frame-ancestors 'none'
Accept-Ranges: none
Keep-Alive: timeout=30, max=998
x-content-security-policy: frame-ancestors 'none'

GET
H/1.1 200
OK logon.css
secure.chasecdn.com/web/1.4-554/logon/assets/ 28 KB
0 514ms
100ms Stylesheet
text/css 159.53.232.37
JPMorgan Chase & Co.

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.chasecdn.com/web/1.4-554/logon/assets/logon.css

Requested by

Host: www.high-heels-pumps.com
URL: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm

Protocol

HTTP/1.1

Server

159.53.232.37 New York, United States, ASN7743 (AS-7743 - JPMorgan Chase & Co., US),

Reverse DNS

Software

Resource Hash

de1a2f764f424e05bccffc31e5e1e53c365d8fb91b8801a551a70f5a4be8984c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 09 Jan 2018 13:34:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 3550558
Connection: Keep-Alive
Content-Length: 5996
X-XSS-Protection: 1; mode=block
x-trace-id: Wh6XeqlXqooAAJGEAycAAACk
Last-Modified: Thu, 18 Aug 2016 02:24:11 GMT
x-frame-options: DENY
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Expires: Thu, 29 Nov 2018 11:18:18 GMT
Cache-Control: max-age=31536000
content-security-policy: frame-ancestors 'none'
Accept-Ranges: none
Keep-Alive: timeout=30, max=999
x-content-security-policy: frame-ancestors 'none'

GET
H/1.1 200
OK main.js Show response
secure.chasecdn.com/web/1.4-554/blue-boot/dist/blue-boot/js/ 19 KB
0 514ms
99ms Script
application/javascript 159.53.232.37
JPMorgan Chase & Co.

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.chasecdn.com/web/1.4-554/blue-boot/dist/blue-boot/js/main.js

Requested by

Host: www.high-heels-pumps.com
URL: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm

Protocol

HTTP/1.1

Server

159.53.232.37 New York, United States, ASN7743 (AS-7743 - JPMorgan Chase & Co., US),

Reverse DNS

Software

Resource Hash

553e786aecb1b2136c67fd1255ac80818105b8023066030b859df578c2469a29

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 09 Jan 2018 13:34:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 3550558
Connection: Keep-Alive
Content-Length: 7573
X-XSS-Protection: 1; mode=block
x-trace-id: Wh6XeqlXqokAAO0sD8IAAAAh
Last-Modified: Thu, 18 Aug 2016 02:24:10 GMT
x-frame-options: DENY
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Expires: Thu, 29 Nov 2018 11:18:18 GMT
Cache-Control: max-age=31536000
content-security-policy: frame-ancestors 'none'
Accept-Ranges: bytes
Keep-Alive: timeout=30, max=998
x-content-security-policy: frame-ancestors 'none'

GET
H/1.1 200
OK main.js Show response
secure.chasecdn.com/web/1.4-554/blue-vendor/dist/blue-vendor/js/ 372 KB
0 94ms
93ms Script
application/javascript 159.53.232.37
JPMorgan Chase & Co.

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.chasecdn.com/web/1.4-554/blue-vendor/dist/blue-vendor/js/main.js

Requested by

Host: www.high-heels-pumps.com
URL: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm

Protocol

HTTP/1.1

Server

159.53.232.37 New York, United States, ASN7743 (AS-7743 - JPMorgan Chase & Co., US),

Reverse DNS

Software

Resource Hash

1517ece47aafdd809b3b6a9a59dcc4f7461032f2ef6dae3b97d699fa1403c85b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 09 Jan 2018 13:34:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 3510223
Connection: Keep-Alive
Content-Length: 126469
X-XSS-Protection: 1; mode=block
x-trace-id: Wh81Calimo4AAI48BXcAAABu
Last-Modified: Thu, 18 Aug 2016 02:24:10 GMT
x-frame-options: DENY
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Expires: Thu, 29 Nov 2018 22:30:33 GMT
Cache-Control: max-age=31536000
content-security-policy: frame-ancestors 'none'
Accept-Ranges: bytes
Keep-Alive: timeout=30, max=999
x-content-security-policy: frame-ancestors 'none'

GET
H/1.1 200
OK main.js Show response
secure.chasecdn.com/web/1.4-554/blue-core/dist/blue/js/ 118 KB
0 94ms
94ms Script
application/javascript 159.53.232.37
JPMorgan Chase & Co.

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.chasecdn.com/web/1.4-554/blue-core/dist/blue/js/main.js

Requested by

Host: www.high-heels-pumps.com
URL: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm

Protocol

HTTP/1.1

Server

159.53.232.37 New York, United States, ASN7743 (AS-7743 - JPMorgan Chase & Co., US),

Reverse DNS

Software

Resource Hash

fd09ca48f802c075608cca3deefec1953cab1ae6176a4ed68367bb77831ab711

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 09 Jan 2018 13:34:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 3510224
Connection: Keep-Alive
Content-Length: 37623
X-XSS-Protection: 1; mode=block
x-trace-id: Wh81CaljJYoAAQW-pYAAAAAq
Last-Modified: Thu, 18 Aug 2016 02:24:10 GMT
x-frame-options: DENY
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Expires: Thu, 29 Nov 2018 22:30:33 GMT
Cache-Control: max-age=31536000
content-security-policy: frame-ancestors 'none'
Accept-Ranges: bytes
Keep-Alive: timeout=30, max=999
x-content-security-policy: frame-ancestors 'none'

GET
H/1.1 200
OK boot.js Show response
secure.chasecdn.com/web/1.4-554/logon/js/ 734 KB
0 95ms
95ms Script
application/javascript 159.53.232.37
JPMorgan Chase & Co.

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.chasecdn.com/web/1.4-554/logon/js/boot.js

Requested by

Host: www.high-heels-pumps.com
URL: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm

Protocol

HTTP/1.1

Server

159.53.232.37 New York, United States, ASN7743 (AS-7743 - JPMorgan Chase & Co., US),

Reverse DNS

Software

Resource Hash

8f91b285a026b05ce780675f62e0cc38e31daa445741ebe63c8526612fac7a82

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 09 Jan 2018 13:34:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 3506164
Connection: Keep-Alive
Content-Length: 184671
X-XSS-Protection: 1; mode=block
x-trace-id: Wh9E5alimpAAADqZq4cAAACq
Last-Modified: Thu, 18 Aug 2016 02:24:11 GMT
x-frame-options: DENY
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Expires: Thu, 29 Nov 2018 23:38:13 GMT
Cache-Control: max-age=31536000
content-security-policy: frame-ancestors 'none'
Accept-Ranges: bytes
Keep-Alive: timeout=30, max=1000
x-content-security-policy: frame-ancestors 'none'

GET
H/1.1 200
OK main.js Show response
secure.chasecdn.com/web/1.4-554/blue-app/dist/blue-app/js/ 119 KB
0 95ms
95ms Script
application/javascript 159.53.232.37
JPMorgan Chase & Co.

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.chasecdn.com/web/1.4-554/blue-app/dist/blue-app/js/main.js

Requested by

Host: www.high-heels-pumps.com
URL: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm

Protocol

HTTP/1.1

Server

159.53.232.37 New York, United States, ASN7743 (AS-7743 - JPMorgan Chase & Co., US),

Reverse DNS

Software

Resource Hash

2e4778d2c42449ba868439b57ba6bdfd1d3fed195458e7c91c43a5171cefaee6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 09 Jan 2018 13:34:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 3510224
Connection: Keep-Alive
Content-Length: 36123
X-XSS-Protection: 1; mode=block
x-trace-id: Wh81CaljJYkAABmV9OEAAAA8
Last-Modified: Thu, 18 Aug 2016 02:24:10 GMT
x-frame-options: DENY
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Expires: Thu, 29 Nov 2018 22:30:33 GMT
Cache-Control: max-age=31536000
content-security-policy: frame-ancestors 'none'
Accept-Ranges: bytes
Keep-Alive: timeout=30, max=997
x-content-security-policy: frame-ancestors 'none'

GET
H/1.1 200
OK main.js Show response
secure.chasecdn.com/web/1.4-554/blue-view/dist/blue-view/js/ 222 KB
0 158ms
94ms Script
application/javascript 159.53.232.37
JPMorgan Chase & Co.

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.chasecdn.com/web/1.4-554/blue-view/dist/blue-view/js/main.js

Requested by

Host: www.high-heels-pumps.com
URL: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm

Protocol

HTTP/1.1

Server

159.53.232.37 New York, United States, ASN7743 (AS-7743 - JPMorgan Chase & Co., US),

Reverse DNS

Software

Resource Hash

691f2bc8573de44094b9fd7b19fdcbb664a7aab0940c2b3ccde931707bcf6922

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 09 Jan 2018 13:34:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 3510224
Connection: Keep-Alive
Content-Length: 81188
X-XSS-Protection: 1; mode=block
x-trace-id: Wh81CaljJYoAAQf4730AAADC
Last-Modified: Thu, 18 Aug 2016 02:24:10 GMT
x-frame-options: DENY
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Expires: Thu, 29 Nov 2018 22:30:33 GMT
Cache-Control: max-age=31536000
content-security-policy: frame-ancestors 'none'
Accept-Ranges: bytes
Keep-Alive: timeout=30, max=999
x-content-security-policy: frame-ancestors 'none'

GET
H/1.1 200
OK hooks.js Show response
secure.chasecdn.com/web/1.4-554/common/js/analytics/data/ 438 B
0 241ms
141ms Script
application/javascript 159.53.232.37
JPMorgan Chase & Co.

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.chasecdn.com/web/1.4-554/common/js/analytics/data/hooks.js

Requested by

Host: www.high-heels-pumps.com
URL: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm

Protocol

HTTP/1.1

Server

159.53.232.37 New York, United States, ASN7743 (AS-7743 - JPMorgan Chase & Co., US),

Reverse DNS

Software

Resource Hash

f776290135f55843a507409e7b549246c41b513a47c6be4f4f83b410c9e8f856

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 09 Jan 2018 13:34:17 GMT
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 438
X-XSS-Protection: 1; mode=block
x-trace-id: WlTE2alimo8AATbRyQwAAACL
Last-Modified: Thu, 18 Aug 2016 02:24:11 GMT
x-frame-options: DENY
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Expires: Wed, 09 Jan 2019 13:34:17 GMT
Cache-Control: max-age=31536000
content-security-policy: frame-ancestors 'none'
Accept-Ranges: bytes
Keep-Alive: timeout=30, max=1000
x-content-security-policy: frame-ancestors 'none'

GET
H/1.1 200
OK blue-ui.css Show response
secure.chasecdn.com/web/1.4-554/common/assets/ 254 KB
0 453ms
129ms XHR
text/css 159.53.232.37
JPMorgan Chase & Co.

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.chasecdn.com/web/1.4-554/common/assets/blue-ui.css

Requested by

Host: www.high-heels-pumps.com
URL: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm

Protocol

HTTP/1.1

Server

159.53.232.37 New York, United States, ASN7743 (AS-7743 - JPMorgan Chase & Co., US),

Reverse DNS

Software

Resource Hash

9a6ae237363a74c1b907b3bdd41a3d689c98de133520fe68d8f706fe80c5c98b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm
Origin: http://www.high-heels-pumps.com

Response headers

Date: Tue, 09 Jan 2018 13:34:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
x-trace-id: WlTE2alXqokAACWscBkAAAB4
Last-Modified: Thu, 18 Aug 2016 02:24:10 GMT
x-frame-options: DENY
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Expires: Wed, 09 Jan 2019 13:34:17 GMT
Cache-Control: max-age=31536000
content-security-policy: frame-ancestors 'none'
Accept-Ranges: none
Keep-Alive: timeout=30, max=1000
x-content-security-policy: frame-ancestors 'none'

GET
H/1.1 200
OK logon.css Show response
secure.chasecdn.com/web/1.4-554/logon/assets/ 28 KB
0 447ms
123ms XHR
text/css 159.53.232.37
JPMorgan Chase & Co.

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.chasecdn.com/web/1.4-554/logon/assets/logon.css

Requested by

Host: www.high-heels-pumps.com
URL: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm

Protocol

HTTP/1.1

Server

159.53.232.37 New York, United States, ASN7743 (AS-7743 - JPMorgan Chase & Co., US),

Reverse DNS

Software

Resource Hash

de1a2f764f424e05bccffc31e5e1e53c365d8fb91b8801a551a70f5a4be8984c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm
Origin: http://www.high-heels-pumps.com

Response headers

Date: Tue, 09 Jan 2018 13:34:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 5996
X-XSS-Protection: 1; mode=block
x-trace-id: WlTE2aljJYsAABiy@ywAAAA5
Last-Modified: Thu, 18 Aug 2016 02:24:11 GMT
x-frame-options: DENY
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Expires: Wed, 09 Jan 2019 13:34:17 GMT
Cache-Control: max-age=31536000
content-security-policy: frame-ancestors 'none'
Accept-Ranges: none
Keep-Alive: timeout=30, max=1000
x-content-security-policy: frame-ancestors 'none'

GET
H/1.1 200
OK main.js Show response
secure.chasecdn.com/web/1.4-554/blue-boot/dist/blue-boot/js/ 19 KB
0 454ms
126ms XHR
application/javascript 159.53.232.37
JPMorgan Chase & Co.

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.chasecdn.com/web/1.4-554/blue-boot/dist/blue-boot/js/main.js

Requested by

Host: www.high-heels-pumps.com
URL: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm

Protocol

HTTP/1.1

Server

159.53.232.37 New York, United States, ASN7743 (AS-7743 - JPMorgan Chase & Co., US),

Reverse DNS

Software

Resource Hash

553e786aecb1b2136c67fd1255ac80818105b8023066030b859df578c2469a29

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm
Origin: http://www.high-heels-pumps.com

Response headers

Date: Tue, 09 Jan 2018 13:34:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 7573
X-XSS-Protection: 1; mode=block
x-trace-id: WlTE2aljJYkAAMGztjEAAACa
Last-Modified: Thu, 18 Aug 2016 02:24:10 GMT
x-frame-options: DENY
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Expires: Wed, 09 Jan 2019 13:34:17 GMT
Cache-Control: max-age=31536000
content-security-policy: frame-ancestors 'none'
Accept-Ranges: bytes
Keep-Alive: timeout=30, max=1000
x-content-security-policy: frame-ancestors 'none'

GET
H/1.1 200
OK main.js Show response
secure.chasecdn.com/web/1.4-554/blue-vendor/dist/blue-vendor/js/ 372 KB
0 565ms
119ms XHR
application/javascript 159.53.232.37
JPMorgan Chase & Co.

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.chasecdn.com/web/1.4-554/blue-vendor/dist/blue-vendor/js/main.js

Requested by

Host: www.high-heels-pumps.com
URL: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm

Protocol

HTTP/1.1

Server

159.53.232.37 New York, United States, ASN7743 (AS-7743 - JPMorgan Chase & Co., US),

Reverse DNS

Software

Resource Hash

1517ece47aafdd809b3b6a9a59dcc4f7461032f2ef6dae3b97d699fa1403c85b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm
Origin: http://www.high-heels-pumps.com

Response headers

Date: Tue, 09 Jan 2018 13:34:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
x-trace-id: WlTE2aljJYsAABiy@y0AAAA5
Last-Modified: Thu, 18 Aug 2016 02:24:10 GMT
x-frame-options: DENY
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Expires: Wed, 09 Jan 2019 13:34:17 GMT
Cache-Control: max-age=31536000
content-security-policy: frame-ancestors 'none'
Accept-Ranges: bytes
Keep-Alive: timeout=30, max=999
x-content-security-policy: frame-ancestors 'none'

GET
H/1.1 200
OK main.js Show response
secure.chasecdn.com/web/1.4-554/blue-core/dist/blue/js/ 118 KB
0 575ms
121ms XHR
application/javascript 159.53.232.37
JPMorgan Chase & Co.

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.chasecdn.com/web/1.4-554/blue-core/dist/blue/js/main.js

Requested by

Host: www.high-heels-pumps.com
URL: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm

Protocol

HTTP/1.1

Server

159.53.232.37 New York, United States, ASN7743 (AS-7743 - JPMorgan Chase & Co., US),

Reverse DNS

Software

Resource Hash

fd09ca48f802c075608cca3deefec1953cab1ae6176a4ed68367bb77831ab711

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm
Origin: http://www.high-heels-pumps.com

Response headers

Date: Tue, 09 Jan 2018 13:34:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
x-trace-id: WlTE2aljJYkAAMGztjIAAACa
Last-Modified: Thu, 18 Aug 2016 02:24:10 GMT
x-frame-options: DENY
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Expires: Wed, 09 Jan 2019 13:34:17 GMT
Cache-Control: max-age=31536000
content-security-policy: frame-ancestors 'none'
Accept-Ranges: bytes
Keep-Alive: timeout=30, max=999
x-content-security-policy: frame-ancestors 'none'

GET
H/1.1 200
OK main.js Show response
secure.chasecdn.com/web/1.4-554/blue-app/dist/blue-app/js/ 119 KB
0 609ms
108ms XHR
application/javascript 159.53.232.37
JPMorgan Chase & Co.

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.chasecdn.com/web/1.4-554/blue-app/dist/blue-app/js/main.js

Requested by

Host: www.high-heels-pumps.com
URL: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm

Protocol

HTTP/1.1

Server

159.53.232.37 New York, United States, ASN7743 (AS-7743 - JPMorgan Chase & Co., US),

Reverse DNS

Software

Resource Hash

2e4778d2c42449ba868439b57ba6bdfd1d3fed195458e7c91c43a5171cefaee6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm
Origin: http://www.high-heels-pumps.com

Response headers

Date: Tue, 09 Jan 2018 13:34:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
x-trace-id: WlTE2alXqokAABfsjOEAAAB0
Last-Modified: Thu, 18 Aug 2016 02:24:10 GMT
x-frame-options: DENY
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Expires: Wed, 09 Jan 2019 13:34:17 GMT
Cache-Control: max-age=31536000
content-security-policy: frame-ancestors 'none'
Accept-Ranges: bytes
Keep-Alive: timeout=30, max=999
x-content-security-policy: frame-ancestors 'none'

GET
H/1.1 200
OK main.js Show response
secure.chasecdn.com/web/1.4-554/blue-view/dist/blue-view/js/ 222 KB
0 668ms
119ms XHR
application/javascript 159.53.232.37
JPMorgan Chase & Co.

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.chasecdn.com/web/1.4-554/blue-view/dist/blue-view/js/main.js

Requested by

Host: www.high-heels-pumps.com
URL: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm

Protocol

HTTP/1.1

Server

159.53.232.37 New York, United States, ASN7743 (AS-7743 - JPMorgan Chase & Co., US),

Reverse DNS

Software

Resource Hash

691f2bc8573de44094b9fd7b19fdcbb664a7aab0940c2b3ccde931707bcf6922

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm
Origin: http://www.high-heels-pumps.com

Response headers

Date: Tue, 09 Jan 2018 13:34:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
x-trace-id: WlTE2alXqooAACWe3mIAAAB3
Last-Modified: Thu, 18 Aug 2016 02:24:10 GMT
x-frame-options: DENY
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Expires: Wed, 09 Jan 2019 13:34:17 GMT
Cache-Control: max-age=31536000
content-security-policy: frame-ancestors 'none'
Accept-Ranges: bytes
Keep-Alive: timeout=30, max=999
x-content-security-policy: frame-ancestors 'none'

GET
H/1.1 200
OK boot.js Show response
secure.chasecdn.com/web/1.4-554/logon/js/ 734 KB
0 736ms
162ms XHR
application/javascript 159.53.232.37
JPMorgan Chase & Co.

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.chasecdn.com/web/1.4-554/logon/js/boot.js

Requested by

Host: www.high-heels-pumps.com
URL: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm

Protocol

HTTP/1.1

Server

159.53.232.37 New York, United States, ASN7743 (AS-7743 - JPMorgan Chase & Co., US),

Reverse DNS

Software

Resource Hash

8f91b285a026b05ce780675f62e0cc38e31daa445741ebe63c8526612fac7a82

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm
Origin: http://www.high-heels-pumps.com

Response headers

Date: Tue, 09 Jan 2018 13:34:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
x-trace-id: WlTE2alimpAAAE0bdGYAAABb
Last-Modified: Thu, 18 Aug 2016 02:24:11 GMT
x-frame-options: DENY
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Expires: Wed, 09 Jan 2019 13:34:17 GMT
Cache-Control: max-age=31536000
content-security-policy: frame-ancestors 'none'
Accept-Ranges: bytes
Keep-Alive: timeout=30, max=999
x-content-security-policy: frame-ancestors 'none'

GET
H/1.1 200
OK opensans-semibold.woff
secure.chasecdn.com/content/dam/cpo-static/fonts/ 25 KB
0 473ms
212ms Font
application/x-font-woff 159.53.232.37
JPMorgan Chase & Co.

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.chasecdn.com/content/dam/cpo-static/fonts/opensans-semibold.woff
Requested by: Host: www.high-heels-pumps.com
URL: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm
Protocol: HTTP/1.1
Server: 159.53.232.37 New York, United States, ASN7743 (AS-7743 - JPMorgan Chase & Co., US),
Reverse DNS
Software: /
Resource Hash: d2113460c69de50edc6206a20deec3c2bc2733929f53817f1faca74ab34c33e3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm
Origin: http://www.high-heels-pumps.com

Response headers

Date: Tue, 09 Jan 2018 13:34:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Jan 2018 13:34:17 GMT
Vary: Accept-Encoding
Content-Type: application/x-font-woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, s-maxage=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=30, max=1000
Content-Length: 25130

GET
H/1.1 200
OK wordmark-white.svg
secure.chasecdn.com/web/1.4-554/common/assets/img/logos/ 1 KB
0 106ms
105ms Image
image/svg+xml 159.53.232.37
JPMorgan Chase & Co.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.chasecdn.com/web/1.4-554/common/assets/img/logos/wordmark-white.svg

Requested by

Host: www.high-heels-pumps.com
URL: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm

Protocol

HTTP/1.1

Server

159.53.232.37 New York, United States, ASN7743 (AS-7743 - JPMorgan Chase & Co., US),

Reverse DNS

Software

Resource Hash

d3bf9c143e5e360da41736b1d4e833b5ac6b6f7093ddc91ffc538233a78488d0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.chasecdn.com/web/1.4-554/logon/assets/logon.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 09 Jan 2018 13:34:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 683
X-XSS-Protection: 1; mode=block
x-trace-id: WlTE2KljJYkAALlyn8MAAABd
Last-Modified: Thu, 18 Aug 2016 02:24:10 GMT
x-frame-options: DENY
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Expires: Wed, 09 Jan 2019 13:34:16 GMT
Cache-Control: max-age=31536000
content-security-policy: frame-ancestors 'none'
Accept-Ranges: bytes
Keep-Alive: timeout=30, max=1000
x-content-security-policy: frame-ancestors 'none'

GET
H/1.1 200
OK opensans-regular.woff
secure.chasecdn.com/content/dam/cpo-static/fonts/ 24 KB
0 547ms
286ms Font
application/x-font-woff 159.53.232.37
JPMorgan Chase & Co.

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.chasecdn.com/content/dam/cpo-static/fonts/opensans-regular.woff
Requested by: Host: www.high-heels-pumps.com
URL: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm
Protocol: HTTP/1.1
Server: 159.53.232.37 New York, United States, ASN7743 (AS-7743 - JPMorgan Chase & Co., US),
Reverse DNS
Software: /
Resource Hash: b8422277fc69c8e6ab51112dbf25048e40425cc497490fee251b56d7ef0ca179

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm
Origin: http://www.high-heels-pumps.com

Response headers

Date: Tue, 09 Jan 2018 13:34:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Jan 2018 13:34:17 GMT
Vary: Accept-Encoding
Content-Type: application/x-font-woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, s-maxage=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=30, max=1000
Content-Length: 24897

GET
H/1.1 200
OK 52761.jpeg
secure.chasecdn.com/content/geo-images/images/background.desktop.night.10.jpeg/ 169 KB
0 95ms
95ms Image
image/jpeg 159.53.232.37
JPMorgan Chase & Co.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.chasecdn.com/content/geo-images/images/background.desktop.night.10.jpeg/52761.jpeg
Requested by: Host: www.high-heels-pumps.com
URL: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm
Protocol: HTTP/1.1
Server: 159.53.232.37 New York, United States, ASN7743 (AS-7743 - JPMorgan Chase & Co., US),
Reverse DNS
Software: /
Resource Hash: afc77b9cfc834b9811c5833c9d5eea852b248a5bf5813e297e68280248ae3929

Request headers

Referer: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 09 Jan 2018 13:34:16 GMT
Last-Modified: Wed, 08 Nov 2017 02:32:22 GMT
Age: 759337
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000, s-maxage=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=30, max=1000
Content-Length: 173565

GET
H/1.1 200
OK dcefont.woff
secure.chasecdn.com/web/1.4-554/common/assets/fonts/ 32 KB
0 516ms
228ms Font
application/x-font-woff 159.53.232.37
JPMorgan Chase & Co.

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.chasecdn.com/web/1.4-554/common/assets/fonts/dcefont.woff

Requested by

Host: www.high-heels-pumps.com
URL: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm

Protocol

HTTP/1.1

Server

159.53.232.37 New York, United States, ASN7743 (AS-7743 - JPMorgan Chase & Co., US),

Reverse DNS

Software

Resource Hash

458e6b69bdae731c3309692303b8f0a32a4a8f2d7d852b670a98c162cccae0a4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer: https://secure.chasecdn.com/web/1.4-554/common/assets/blue-ui.css
Origin: http://www.high-heels-pumps.com

Response headers

Date: Tue, 09 Jan 2018 13:34:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 19758
X-XSS-Protection: 1; mode=block
x-trace-id: WlTE2alXqooAACWe3mAAAAB3
Last-Modified: Thu, 18 Aug 2016 02:24:10 GMT
x-frame-options: DENY
Vary: Accept-Encoding
Content-Type: application/x-font-woff
Access-Control-Allow-Origin: *
Expires: Wed, 09 Jan 2019 13:34:17 GMT
Cache-Control: max-age=31536000
content-security-policy: frame-ancestors 'none'
Accept-Ranges: bytes
Keep-Alive: timeout=30, max=1000
x-content-security-policy: frame-ancestors 'none'

GET
H/1.1 200
OK logon.css
secure.chasecdn.com/web/1.4-554/logon/assets/ 28 KB
0 95ms
95ms Stylesheet
text/css 159.53.232.37
JPMorgan Chase & Co.

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.chasecdn.com/web/1.4-554/logon/assets/logon.css

Requested by

Host: www.high-heels-pumps.com
URL: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm

Protocol

HTTP/1.1

Server

159.53.232.37 New York, United States, ASN7743 (AS-7743 - JPMorgan Chase & Co., US),

Reverse DNS

Software

Resource Hash

de1a2f764f424e05bccffc31e5e1e53c365d8fb91b8801a551a70f5a4be8984c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 09 Jan 2018 13:34:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 3550559
Connection: Keep-Alive
Content-Length: 5996
X-XSS-Protection: 1; mode=block
x-trace-id: Wh6XeqlXqooAAJGEAycAAACk
Last-Modified: Thu, 18 Aug 2016 02:24:11 GMT
x-frame-options: DENY
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Expires: Thu, 29 Nov 2018 11:18:18 GMT
Cache-Control: max-age=31536000
content-security-policy: frame-ancestors 'none'
Accept-Ranges: none
Keep-Alive: timeout=30, max=999
x-content-security-policy: frame-ancestors 'none'

GET
H/1.1 200
OK blue-ui.css
secure.chasecdn.com/web/1.4-554/common/assets/ 254 KB
0 96ms
96ms Stylesheet
text/css 159.53.232.37
JPMorgan Chase & Co.

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.chasecdn.com/web/1.4-554/common/assets/blue-ui.css

Requested by

Host: www.high-heels-pumps.com
URL: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm

Protocol

HTTP/1.1

Server

159.53.232.37 New York, United States, ASN7743 (AS-7743 - JPMorgan Chase & Co., US),

Reverse DNS

Software

Resource Hash

9a6ae237363a74c1b907b3bdd41a3d689c98de133520fe68d8f706fe80c5c98b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 09 Jan 2018 13:34:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 3550559
Transfer-Encoding: chunked
Connection: Keep-Alive
X-XSS-Protection: 1; mode=block
x-trace-id: Wh6Xeqlimo4AAIr7zoEAAAAG
Last-Modified: Thu, 18 Aug 2016 02:24:10 GMT
x-frame-options: DENY
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Expires: Thu, 29 Nov 2018 11:18:18 GMT
Cache-Control: max-age=31536000
content-security-policy: frame-ancestors 'none'
Accept-Ranges: none
Keep-Alive: timeout=30, max=998
x-content-security-policy: frame-ancestors 'none'

GET
H/1.1 200
OK main.js Show response
secure.chasecdn.com/web/1.4-554/blue-boot/dist/blue-boot/js/ 19 KB
0 178ms
93ms Script
application/javascript 159.53.232.37
JPMorgan Chase & Co.

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.chasecdn.com/web/1.4-554/blue-boot/dist/blue-boot/js/main.js

Requested by

Host: www.high-heels-pumps.com
URL: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm

Protocol

HTTP/1.1

Server

159.53.232.37 New York, United States, ASN7743 (AS-7743 - JPMorgan Chase & Co., US),

Reverse DNS

Software

Resource Hash

553e786aecb1b2136c67fd1255ac80818105b8023066030b859df578c2469a29

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 09 Jan 2018 13:34:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 3550559
Connection: Keep-Alive
Content-Length: 7573
X-XSS-Protection: 1; mode=block
x-trace-id: Wh6XeqlXqokAAO0sD8IAAAAh
Last-Modified: Thu, 18 Aug 2016 02:24:10 GMT
x-frame-options: DENY
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Expires: Thu, 29 Nov 2018 11:18:18 GMT
Cache-Control: max-age=31536000
content-security-policy: frame-ancestors 'none'
Accept-Ranges: bytes
Keep-Alive: timeout=30, max=998
x-content-security-policy: frame-ancestors 'none'

GET
H/1.1

302
Found

notfound Show response
www.internic.at/bin/
Redirect Chain

http://www.high-heels-pumps.com/events/dynaTraceMonitor?type=js&session=VVNMIM9H6310F7RA192O11V6R0AL6OUS&flavor=post&referer=http%3A%2F%2Fwww.high-heels-pumps.com%2Fxmas%2Fwp%2Fwordpress%2Fwp-conte...
http://www.internic.at/bin/notfound?ERR=404

0
0

13ms
12ms

XHR
text/html

212.126.64.70
INTERNIC-AS12401 ...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.internic.at/bin/notfound?ERR=404
Protocol: HTTP/1.1
Server: 212.126.64.70 , Austria, ASN12401 (INTERNIC-AS12401 Puchsbaumplatz 2 / 7-8, AT),
Reverse DNS: dns1.internic.at
Software: Apache/2.2.34 (Unix) mod_ssl/2.2.34 OpenSSL/1.0.2h PHP/5.4.18 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Origin: http://www.high-heels-pumps.com
Accept-Encoding: gzip, deflate
Host: www.high-heels-pumps.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Content-Type: application/octet-stream
Accept: */*
x-dtreferer: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm
Cache-Control: no-cache
Referer: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm
Cookie: dtSa=-; dtLatC=6; dtPC=504856805_161h1; dtCookie=VVNMIM9H6310F7RA192O11V6R0AL6OUS
Connection: keep-alive
Content-Length: 700
Referer: http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Location: http://www.internic.at/bin/notfound?ERR=404
Date: Tue, 09 Jan 2018 13:34:36 GMT
Server: Apache/2.2.34 (Unix) mod_ssl/2.2.34 OpenSSL/1.0.2h PHP/5.4.18
Connection: Keep-Alive
Keep-Alive: timeout=5, max=79
Content-Length: 227
Content-Type: text/html; charset=iso-8859-1

Redirect headers

Location: http://www.internic.at/bin/notfound?ERR=404
Date: Tue, 09 Jan 2018 13:34:36 GMT
Server: Apache/2.2.34 (Unix) mod_ssl/2.2.34 OpenSSL/1.0.2h PHP/5.4.18
Connection: Keep-Alive
Keep-Alive: timeout=5, max=79
Content-Length: 227
Content-Type: text/html; charset=iso-8859-1

OPTIONS
H/1.1 200
OK notfound Show response
www.internic.at/bin/ 0
0 194ms
19ms XHR
text/html 212.126.65.198
INTERNIC-AS12401 ...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.internic.at/bin/notfound?ERR=404
Protocol: HTTP/1.1
Server: 212.126.65.198 , Austria, ASN12401 (INTERNIC-AS12401 Puchsbaumplatz 2 / 7-8, AT),
Reverse DNS: www2.internic.at
Software: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/1.0.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: GET
Origin: http://www.high-heels-pumps.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Access-Control-Request-Headers: content-type,x-dtreferer

Response headers

Date: Tue, 09 Jan 2018 13:34:05 GMT
Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/1.0.2
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Chase (Banking)

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.high-heels-pumps.com/	1970-01-01 00:00:00	Name: dtPC Value: -
www.high-heels-pumps.com/	1970-01-01 00:00:00	Name: dtCookie Value: VVNMIM9H6310F7RA192O11V6R0AL6OUS
www.high-heels-pumps.com/	1970-01-01 00:00:00	Name: dtLatC Value: 6
www.high-heels-pumps.com/	1970-01-01 00:00:00	Name: dtSa Value: -

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

secure.chasecdn.com
secure07a.chase.com
www.high-heels-pumps.com
www.internic.at
159.53.232.19
159.53.232.37
212.126.64.70
212.126.65.198
1517ece47aafdd809b3b6a9a59dcc4f7461032f2ef6dae3b97d699fa1403c85b
214e0bdc0cdcd8d1c19d429bcb38e73824cba19c5fe9a2824dcd272393ec6514
2e4778d2c42449ba868439b57ba6bdfd1d3fed195458e7c91c43a5171cefaee6
458e6b69bdae731c3309692303b8f0a32a4a8f2d7d852b670a98c162cccae0a4
553e786aecb1b2136c67fd1255ac80818105b8023066030b859df578c2469a29
691f2bc8573de44094b9fd7b19fdcbb664a7aab0940c2b3ccde931707bcf6922
898e8ea5eaaddead6919cc59c7feb51d761e3f8e51927d1759c67b830ca31020
8f91b285a026b05ce780675f62e0cc38e31daa445741ebe63c8526612fac7a82
9a6ae237363a74c1b907b3bdd41a3d689c98de133520fe68d8f706fe80c5c98b
afc77b9cfc834b9811c5833c9d5eea852b248a5bf5813e297e68280248ae3929
b8422277fc69c8e6ab51112dbf25048e40425cc497490fee251b56d7ef0ca179
d2113460c69de50edc6206a20deec3c2bc2733929f53817f1faca74ab34c33e3
d3bf9c143e5e360da41736b1d4e833b5ac6b6f7093ddc91ffc538233a78488d0
de1a2f764f424e05bccffc31e5e1e53c365d8fb91b8801a551a70f5a4be8984c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f776290135f55843a507409e7b549246c41b513a47c6be4f4f83b410c9e8f856
fd09ca48f802c075608cca3deefec1953cab1ae6176a4ed68367bb77831ab711

www.high-heels-pumps.com Open in urlscan Pro 212.126.64.70 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

29 Requests

0 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

0 kBTransfer

4470 kBSize

4 Cookies

0 Outgoing links

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

www.high-heels-pumps.com Open in urlscan Pro
212.126.64.70 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

0 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

0 kB
Transfer

4470 kB
Size

4
Cookies

29 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!