www.high-heels-pumps.com
Open in
urlscan Pro
212.126.64.70
Malicious Activity!
Public Scan
Submission: On January 09 via manual from US
Summary
This is the only time www.high-heels-pumps.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Chase (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 3 | 212.126.64.70 212.126.64.70 | 12401 (INTERNIC-...) (INTERNIC-AS12401 Puchsbaumplatz 2 / 7-8) | |
1 | 159.53.232.19 159.53.232.19 | 10934 (AS10934) (AS10934 - JPMorgan Chase & Co.) | |
25 | 159.53.232.37 159.53.232.37 | 7743 (AS-7743) (AS-7743 - JPMorgan Chase & Co.) | |
1 | 212.126.65.198 212.126.65.198 | 12401 (INTERNIC-...) (INTERNIC-AS12401 Puchsbaumplatz 2 / 7-8) | |
29 | 4 |
ASN12401 (INTERNIC-AS12401 Puchsbaumplatz 2 / 7-8, AT)
PTR: dns1.internic.at
www.high-heels-pumps.com |
ASN10934 (AS10934 - JPMorgan Chase & Co., US)
secure07a.chase.com |
ASN7743 (AS-7743 - JPMorgan Chase & Co., US)
secure.chasecdn.com |
ASN12401 (INTERNIC-AS12401 Puchsbaumplatz 2 / 7-8, AT)
PTR: www2.internic.at
www.internic.at |
Apex Domain Subdomains |
Transfer | |
---|---|---|
25 |
chasecdn.com
secure.chasecdn.com |
|
3 |
high-heels-pumps.com
1 redirects
www.high-heels-pumps.com |
306 B |
1 |
internic.at
www.internic.at |
|
1 |
chase.com
secure07a.chase.com |
|
29 | 4 |
Domain | Requested by | |
---|---|---|
25 | secure.chasecdn.com |
www.high-heels-pumps.com
|
3 | www.high-heels-pumps.com | 1 redirects |
1 | www.internic.at | |
1 | secure07a.chase.com |
www.high-heels-pumps.com
|
29 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/index.htm
Frame ID: (2ECC17DBF916CD41AB22CE88D373EAA9)
Requests: 29 HTTP requests in this frame
Screenshot
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- headers server /php\/?([\d.]+)?/i
UNIX (Operating Systems) Expand
Detected patterns
- headers server /Unix/i
OpenSSL (Web Server Extensions) Expand
Detected patterns
- headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
mod_ssl (Web Server Extensions) Expand
Detected patterns
- headers server /mod_ssl(?:\/([\d.]+))?/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
- headers server /mod_ssl(?:\/([\d.]+))?/i
Dynatrace (Analytics) Expand
Detected patterns
- script /dtagent.*\.js/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 26- http://www.high-heels-pumps.com/events/dynaTraceMonitor?type=js&session=VVNMIM9H6310F7RA192O11V6R0AL6OUS&flavor=post&referer=http%3A%2F%2Fwww.high-heels-pumps.com%2Fxmas%2Fwp%2Fwordpress%2Fwp-content%2Fusersultramedia%2F4%2Fmethod%2Fslot%2Findex.htm&format=lzw HTTP 302
- http://www.internic.at/bin/notfound?ERR=404
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
index.htm
www.high-heels-pumps.com/xmas/wp/wordpress/wp-content/usersultramedia/4/method/slot/ |
49 KB 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dtagent61_n_8455.js
secure07a.chase.com/events/ |
136 KB 0 |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
blue-ui.css
secure.chasecdn.com/web/1.4-554/common/assets/ |
254 KB 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logon.css
secure.chasecdn.com/web/1.4-554/logon/assets/ |
28 KB 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
secure.chasecdn.com/web/1.4-554/blue-boot/dist/blue-boot/js/ |
19 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
secure.chasecdn.com/web/1.4-554/blue-vendor/dist/blue-vendor/js/ |
372 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
secure.chasecdn.com/web/1.4-554/blue-core/dist/blue/js/ |
118 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
boot.js
secure.chasecdn.com/web/1.4-554/logon/js/ |
734 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
secure.chasecdn.com/web/1.4-554/blue-app/dist/blue-app/js/ |
119 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
secure.chasecdn.com/web/1.4-554/blue-view/dist/blue-view/js/ |
222 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hooks.js
secure.chasecdn.com/web/1.4-554/common/js/analytics/data/ |
438 B 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
blue-ui.css
secure.chasecdn.com/web/1.4-554/common/assets/ |
254 KB 0 |
XHR
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logon.css
secure.chasecdn.com/web/1.4-554/logon/assets/ |
28 KB 0 |
XHR
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
secure.chasecdn.com/web/1.4-554/blue-boot/dist/blue-boot/js/ |
19 KB 0 |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
secure.chasecdn.com/web/1.4-554/blue-vendor/dist/blue-vendor/js/ |
372 KB 0 |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
secure.chasecdn.com/web/1.4-554/blue-core/dist/blue/js/ |
118 KB 0 |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
secure.chasecdn.com/web/1.4-554/blue-app/dist/blue-app/js/ |
119 KB 0 |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
secure.chasecdn.com/web/1.4-554/blue-view/dist/blue-view/js/ |
222 KB 0 |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
boot.js
secure.chasecdn.com/web/1.4-554/logon/js/ |
734 KB 0 |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
opensans-semibold.woff
secure.chasecdn.com/content/dam/cpo-static/fonts/ |
25 KB 0 |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wordmark-white.svg
secure.chasecdn.com/web/1.4-554/common/assets/img/logos/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
opensans-regular.woff
secure.chasecdn.com/content/dam/cpo-static/fonts/ |
24 KB 0 |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
52761.jpeg
secure.chasecdn.com/content/geo-images/images/background.desktop.night.10.jpeg/ |
169 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dcefont.woff
secure.chasecdn.com/web/1.4-554/common/assets/fonts/ |
32 KB 0 |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logon.css
secure.chasecdn.com/web/1.4-554/logon/assets/ |
28 KB 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
blue-ui.css
secure.chasecdn.com/web/1.4-554/common/assets/ |
254 KB 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
secure.chasecdn.com/web/1.4-554/blue-boot/dist/blue-boot/js/ |
19 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
notfound
www.internic.at/bin/ Redirect Chain
|
0 0 |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
notfound
www.internic.at/bin/ |
0 0 |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Chase (Banking)23 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onafterprint object| onbeforeprint object| a object| dT_ object| dynaTrace object| Ext undefined| envConfig string| domainUrl string| authUrl object| appRoutes undefined| appConfig object| loader function| loaderCallback object| htmEnvConfig object| platform function| requirejs object| require function| define function| $ function| jQuery object| Kefir function| moment object| Blue4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.high-heels-pumps.com/ | Name: dtPC Value: - |
|
www.high-heels-pumps.com/ | Name: dtCookie Value: VVNMIM9H6310F7RA192O11V6R0AL6OUS |
|
www.high-heels-pumps.com/ | Name: dtLatC Value: 6 |
|
www.high-heels-pumps.com/ | Name: dtSa Value: - |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
secure.chasecdn.com
secure07a.chase.com
www.high-heels-pumps.com
www.internic.at
159.53.232.19
159.53.232.37
212.126.64.70
212.126.65.198
1517ece47aafdd809b3b6a9a59dcc4f7461032f2ef6dae3b97d699fa1403c85b
214e0bdc0cdcd8d1c19d429bcb38e73824cba19c5fe9a2824dcd272393ec6514
2e4778d2c42449ba868439b57ba6bdfd1d3fed195458e7c91c43a5171cefaee6
458e6b69bdae731c3309692303b8f0a32a4a8f2d7d852b670a98c162cccae0a4
553e786aecb1b2136c67fd1255ac80818105b8023066030b859df578c2469a29
691f2bc8573de44094b9fd7b19fdcbb664a7aab0940c2b3ccde931707bcf6922
898e8ea5eaaddead6919cc59c7feb51d761e3f8e51927d1759c67b830ca31020
8f91b285a026b05ce780675f62e0cc38e31daa445741ebe63c8526612fac7a82
9a6ae237363a74c1b907b3bdd41a3d689c98de133520fe68d8f706fe80c5c98b
afc77b9cfc834b9811c5833c9d5eea852b248a5bf5813e297e68280248ae3929
b8422277fc69c8e6ab51112dbf25048e40425cc497490fee251b56d7ef0ca179
d2113460c69de50edc6206a20deec3c2bc2733929f53817f1faca74ab34c33e3
d3bf9c143e5e360da41736b1d4e833b5ac6b6f7093ddc91ffc538233a78488d0
de1a2f764f424e05bccffc31e5e1e53c365d8fb91b8801a551a70f5a4be8984c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f776290135f55843a507409e7b549246c41b513a47c6be4f4f83b410c9e8f856
fd09ca48f802c075608cca3deefec1953cab1ae6176a4ed68367bb77831ab711