www.janefrasier.com
Open in
urlscan Pro
74.220.215.248
Malicious Activity!
Public Scan
Submitted URL: https://www.janefrasier.com/wp-content/upgrade/dsk/user/
Effective URL: https://www.janefrasier.com/wp-content/upgrade/dsk/user/account/
Submission: On November 07 via manual from BG
Effective URL: https://www.janefrasier.com/wp-content/upgrade/dsk/user/account/
Submission: On November 07 via manual from BG
Summary
This website contacted 8 IPs
in 4 countries
across 7 domains to perform 20 HTTP transactions.
The main IP is 74.220.215.248, located in
Orem, United States and
belongs to UNIFIEDLAYER-AS-1 - Unified Layer, US.
The main domain is www.janefrasier.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 30th 2018. Valid for: 3 months.
This is the only time www.janefrasier.com was scanned on urlscan.io!
TLS certificate: Issued by Let's Encrypt Authority X3 on October 30th 2018. Valid for: 3 months.
This is the only time www.janefrasier.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: DSK Bank (Banking)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 2 5 | 74.220.215.248 74.220.215.248 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1 - Unified Layer) | |
| 9 | 195.128.225.81 195.128.225.81 | 31440 (DSK-AS) (DSK-AS) | |
| 1 | 172.217.22.66 172.217.22.66 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 | 104.111.249.240 104.111.249.240 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:820::2002 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:814::2004 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:819::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 20 | 8 |
5
74.220.215.248
(Orem, United States)
ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US)
PTR: host248.hostmonster.com
ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US)
PTR: host248.hostmonster.com
| www.janefrasier.com |
1
172.217.22.66
(Mountain View, United States)
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s17-in-f66.1e100.net
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s17-in-f66.1e100.net
| www.googleadservices.com |
1
104.111.249.240
(Amsterdam, Netherlands)
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-249-240.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-249-240.deploy.static.akamaitechnologies.com
| seal.websecurity.norton.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 9 |
dskdirect.bg
www.dskdirect.bg |
547 KB |
| 5 |
janefrasier.com
2 redirects
www.janefrasier.com |
24 KB |
| 1 |
google.de
www.google.de |
109 B |
| 1 |
google.com
www.google.com |
115 B |
| 1 |
doubleclick.net
googleads.g.doubleclick.net |
1 KB |
| 1 |
norton.com
seal.websecurity.norton.com |
217 B |
| 1 |
googleadservices.com
www.googleadservices.com |
9 KB |
| 20 | 7 |
| Domain | Requested by | |
|---|---|---|
| 9 | www.dskdirect.bg |
www.janefrasier.com
|
| 5 | www.janefrasier.com |
2 redirects
www.janefrasier.com
|
| 1 | www.google.de |
www.janefrasier.com
|
| 1 | www.google.com |
www.janefrasier.com
|
| 1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
| 1 | seal.websecurity.norton.com |
www.janefrasier.com
|
| 1 | www.googleadservices.com |
www.janefrasier.com
|
| 20 | 7 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| dskbank.bg |
| online.groupama.bg |
| www.facebook.com |
| www.youtube.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| cjjorgensen.com Let's Encrypt Authority X3 |
2018-10-30 - 2019-01-28 |
3 months | crt.sh |
| www.dskdirect.bg DigiCert SHA2 Extended Validation Server CA |
2018-03-20 - 2020-04-15 |
2 years | crt.sh |
| www.googleadservices.com Google Internet Authority G3 |
2018-10-16 - 2019-01-08 |
3 months | crt.sh |
| seal.websecurity.norton.com DigiCert SHA2 Extended Validation Server CA |
2018-04-04 - 2020-04-03 |
2 years | crt.sh |
| *.g.doubleclick.net Google Internet Authority G3 |
2018-10-16 - 2019-01-08 |
3 months | crt.sh |
| www.google.com Google Internet Authority G3 |
2018-10-16 - 2019-01-08 |
3 months | crt.sh |
| www.google.de Google Internet Authority G3 |
2018-10-16 - 2019-01-08 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.janefrasier.com/wp-content/upgrade/dsk/user/account/
Frame ID: 2FEAA5A3A74E42D2E6A9E9A48F20EFD4
Requests: 20 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://www.janefrasier.com/wp-content/upgrade/dsk/user/
HTTP 302
https://www.janefrasier.com/wp-content/upgrade/dsk/user/account HTTP 301
https://www.janefrasier.com/wp-content/upgrade/dsk/user/account/ Page URL
Detected technologies
Nginx
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
13 Outgoing links
These are links going to different origins than the main page.
URL: https://dskbank.bg/%D0%BF%D1%80%D0%B5%D0%BF%D0%BE%D1%80%D1%8A%D0%BA%D0%B8-%D0%B7%D0%B0-%D1%81%D0%B8%D0%B3%D1%83%D1%80%D0%BD%D0%BE%D1%81%D1%82
Search URL Search Domain Scan URL
URL: https://dskbank.bg/%D0%B8%D0%BD%D0%B4%D0%B8%D0%B2%D0%B8%D0%B4%D1%83%D0%B0%D0%BB%D0%BD%D0%B8-%D0%BA%D0%BB%D0%B8%D0%B5%D0%BD%D1%82%D0%B8/%D0%B1%D0%B0%D0%BD%D0%BA%D0%BE%D0%B2%D0%B8-%D0%BA%D0%B0%D1%80%D1%82%D0%B8/%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%D0%BD%D0%B8/%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%D0%BD%D0%B0-%D0%BA%D0%B0%D1%80%D1%82%D0%B0-dsk-wizzair?ConsultantReference=Direct_Wizz
Search URL Search Domain Scan URL
URL: https://online.groupama.bg/#insurances
Search URL Search Domain Scan URL
URL: https://dskbank.bg/%D0%B8%D0%BD%D0%B4%D0%B8%D0%B2%D0%B8%D0%B4%D1%83%D0%B0%D0%BB%D0%BD%D0%B8-%D0%BA%D0%BB%D0%B8%D0%B5%D0%BD%D1%82%D0%B8/%D0%B4%D1%81%D0%BA-%D0%B4%D0%B8%D1%80%D0%B5%D0%BA%D1%82/%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D0%BD%D0%B8-%D0%BF%D1%80%D0%B8%D0%BB%D0%BE%D0%B6%D0%B5%D0%BD%D0%B8%D1%8F/%D0%B4%D1%81%D0%BA-%D1%81%D0%BC%D0%B0%D1%80%D1%82
Search URL Search Domain Scan URL
URL: https://www.facebook.com/dskbank
Search URL Search Domain Scan URL
URL: http://www.youtube.com/dskbank
Search URL Search Domain Scan URL
URL: https://dskbank.bg/
Search URL Search Domain Scan URL
URL: https://dskbank.bg/docs/default-source/%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82-%D0%B1%D0%B0%D0%BD%D0%BA%D0%B8%D1%80%D0%B0%D0%BD%D0%B5/%D0%BF%D0%BE%D1%82%D1%80%D0%B5%D0%B1%D0%B8%D1%82%D0%B5%D0%BB%D1%81%D0%BA%D0%BE-%D1%80%D1%8A%D0%BA%D0%BE%D0%B2%D0%BE%D0%B4%D1%81%D1%82%D0%B2%D0%BE-%D0%B4%D1%81%D0%BA-%D0%B4%D0%B8%D1%80%D0%B5%D0%BA%D1%82.pdf
Title: Потребителско ръководство
Title: Потребителско ръководство
Search URL Search Domain Scan URL
URL: https://www.youtube.com/watch?v=L1gSLMwJJcQ&list=PLG4yq9b9q8zHLJfvQOfdWg5liNnvLz1mP
Title: Демо филм за граждани
Title: Демо филм за граждани
Search URL Search Domain Scan URL
URL: https://dskbank.bg/docs/default-source/bank-tarrif/%D1%82%D0%B0%D1%80%D0%B8%D1%84%D0%B0-%D0%B7%D0%B0-%D1%84%D0%B8%D0%B7%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8-%D0%BB%D0%B8%D1%86%D0%B0.pdf
Title: Тарифа за граждани
Title: Тарифа за граждани
Search URL Search Domain Scan URL
URL: https://dskbank.bg/docs/default-source/%D1%82%D0%B0%D1%80%D0%B8%D1%84%D0%B0-%D0%B1%D0%B8%D0%B7%D0%BD%D0%B5%D1%81-%D0%BA%D0%BB%D0%B8%D0%B5%D0%BD%D1%82%D0%B8/%D1%82%D0%B0%D1%80%D0%B8%D1%84%D0%B0-%D0%B7%D0%B0-%D0%B1%D0%B8%D0%B7%D0%BD%D0%B5%D1%81-%D0%BA%D0%BB%D0%B8%D0%B5%D0%BD%D1%82%D0%B8.pdf
Title: Тарифа за фирми
Title: Тарифа за фирми
Search URL Search Domain Scan URL
URL: https://dskbank.bg/docs/default-source/%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82-%D0%B1%D0%B0%D0%BD%D0%BA%D0%B8%D1%80%D0%B0%D0%BD%D0%B5/o%D0%B1%D1%89%D0%B8-%D1%83%D1%81%D0%BB%D0%BE%D0%B2%D0%B8%D1%8F-%D0%B7%D0%B0-%D0%BF%D0%BE%D0%BB%D0%B7%D0%B2%D0%B0%D0%BD%D0%B5-%D0%BD%D0%B0-%D0%B4%D1%81%D0%BA-%D0%B4%D0%B8%D1%80%D0%B5%D0%BA%D1%82-%D0%B7%D0%B0-%D1%84%D0%B8%D0%B7%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8-%D0%BB%D0%B8%D1%86%D0%B0.pdf
Title: Общи условия за граждани
Title: Общи условия за граждани
Search URL Search Domain Scan URL
URL: https://dskbank.bg/docs/default-source/%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82-%D0%B1%D0%B0%D0%BD%D0%BA%D0%B8%D1%80%D0%B0%D0%BD%D0%B5-%D0%B1%D0%B8%D0%B7%D0%BD%D0%B5%D1%81/%D0%BE%D0%B1%D1%89%D0%B8-%D1%83%D1%81%D0%BB%D0%BE%D0%B2%D0%B8%D1%8F-%D0%B7%D0%B0-%D0%B8%D0%B7%D0%BF%D0%BE%D0%BB%D0%B7%D0%B2%D0%B0%D0%BD%D0%B5-%D0%BD%D0%B0-%D0%B5%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%BD%D0%BE-%D0%B1%D0%B0%D0%BD%D0%BA%D0%B8%D1%80%D0%B0%D0%BD%D0%B5-%D0%B7%D0%B0-%D0%B1%D0%B8%D0%B7%D0%BD%D0%B5%D1%81-%D0%BA%D0%BB%D0%B8%D0%B5%D0%BD%D1%82%D0%B8.pdf
Title: Общи условия за фирми
Title: Общи условия за фирми
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.janefrasier.com/wp-content/upgrade/dsk/user/
HTTP 302
https://www.janefrasier.com/wp-content/upgrade/dsk/user/account HTTP 301
https://www.janefrasier.com/wp-content/upgrade/dsk/user/account/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
20 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
www.janefrasier.com/wp-content/upgrade/dsk/user/account/ Redirect Chain
|
17 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
style.direct.2018.css
www.dskdirect.bg/css/compiled/ |
772 KB 141 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
calendar.js
www.janefrasier.com/calendar/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
conversion.js
www.googleadservices.com/pagead/ |
24 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Direct.bg.svg
www.dskdirect.bg/images/svg/ |
10 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
DSK_Security_1104x74.jpg
www.janefrasier.com/repository/photos/ |
17 KB 17 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
DSK_WizzAir_DSK_Direct_1600x700px.jpg
www.dskdirect.bg/repository/photos/ |
240 KB 240 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
getseal
seal.websecurity.norton.com/ |
13 B 217 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
DSK_CarInsurance_360x160_BG.png
www.dskdirect.bg/repository/photos/banners/ |
75 KB 75 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
smart.svg
www.dskdirect.bg/images/svg/ |
42 KB 23 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
facebook.svg
www.dskdirect.bg/images/svg/ |
1 KB 912 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
youtube.svg
www.dskdirect.bg/images/svg/ |
6 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
BankaDSK_ciril_CM_White.svg
www.dskdirect.bg/images/svg/ |
8 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/850154699/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
icons.svg
www.dskdirect.bg/images/svg/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
SourceSansPro-Regular.ttf
www.dskdirect.bg/css/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
SourceSansPro-Semibold.ttf
www.dskdirect.bg/css/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
smart.png
www.dskdirect.bg/images/ |
57 KB 57 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
/
www.google.com/pagead/1p-user-list/850154699/ |
42 B 115 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
/
www.google.de/pagead/1p-user-list/850154699/ |
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.dskdirect.bg
- URL
- https://www.dskdirect.bg/images/svg/icons.svg
- Domain
- www.dskdirect.bg
- URL
- https://www.dskdirect.bg/css/fonts/SourceSansPro-Regular.ttf
- Domain
- www.dskdirect.bg
- URL
- https://www.dskdirect.bg/css/fonts/SourceSansPro-Semibold.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: DSK Bank (Banking)43 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| google_conversion_id object| google_custom_params object| google_remarketing_only function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_remarketing_for_search object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_evaluemrc object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_disable_merchant_reported_conversions function| GoToResetPage0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
googleads.g.doubleclick.net
seal.websecurity.norton.com
www.dskdirect.bg
www.google.com
www.google.de
www.googleadservices.com
www.janefrasier.com
www.dskdirect.bg
104.111.249.240
172.217.22.66
195.128.225.81
2a00:1450:4001:814::2004
2a00:1450:4001:819::2003
2a00:1450:4001:820::2002
74.220.215.248
074efc7b992be35729c3f9a5937ff8a7bab899e5e39a83bd87732e7cb24e3364
13d72f31b46b92df77add43e0a652c3713bf62350d95340a0102f8696b7f837c
1daa4277916dd050fb98fe61a6d1f584871d477094885219c4ea900ee7fc07a8
316b6e4242c188b17a802bd1885bd9bdeef9fc7c2f88a3d8303050c27751ee87
4dc2784d1bf184b593dd4d447f1037407dbbf62d5ad04d730636513b57a067bd
7a9d2e26c43294bfc2f43d7c8de599e8ebdb1e930dec633e62c58293986a50b6
7e71cb389ed5fadecddba44dbd09d5c19c1e37d324b9cceccd6ce6dab7bd502e
8d888f29e2cf2f76f7c18318c9ef75723bf0fd27af90cfba8223e50a5eb35185
9f63ed5c41846b1fb5e7544ea895bdde5ab0c06f87c374825c1bb69a334b8872
a1c0bd8d446f7cfa1f33e4c3db7dc2da67dd09bf06b337a2b73ed87b4f91f9e3
b6fb3abc677a66e3a6575b2dbaec9950f8d8630e26922f33094afdeaba7f004e
bb807cd3b9903a753407ec9d82c403490bad87e9b707458b7d0e7f165277cd2c
e96bed96b6661047079613bfe8b153b53451ae7b18a359bc82f7f4998528c6d4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6613c4bd974b120dc3c8319e187cdd40361c0e3307a19b4b8ffc2f51ce26059