urlscan.io logo urlscan.io
SecurityTrails logo

chasingillusions.com Open in urlscan Pro
198.54.121.194  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://rebrand.ly/n150v
Effective URL: https://chasingillusions.com/swiaa/m12/index_D5QYXltZW.htm
Submission: On November 07 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 24 HTTP transactions. The main IP is 198.54.121.194, located in Los Angeles, United States and belongs to NAMECHEAP-NET, US. The main domain is chasingillusions.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 25th 2020. Valid for: a year.
This is the only time chasingillusions.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 1 3.210.56.169 14618 (AMAZON-AES)
23 198.54.121.194 22612 (NAMECHEAP...)
24 2
Apex Domain
Subdomains		 Transfer
23 chasingillusions.com
chasingillusions.com
901 KB
1 rebrand.ly
rebrand.ly
318 B
24 2
Domain Requested by
23 chasingillusions.com chasingillusions.com
1 rebrand.ly 1 redirects
24 2

This site contains no links.

Subject Issuer Validity Valid
chasingillusions.com
Sectigo RSA Domain Validation Secure Server CA		 2020-05-25 -
2021-05-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://chasingillusions.com/swiaa/m12/index_D5QYXltZW.htm
Frame ID: 49E87F2D27A6F5530D14DBC6F9D07D68
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://rebrand.ly/n150v HTTP 301
    https://chasingillusions.com/swiaa/m12/index_D5QYXltZW.htm Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

24
Requests

96 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

901 kB
Transfer

5088 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://rebrand.ly/n150v HTTP 301
    https://chasingillusions.com/swiaa/m12/index_D5QYXltZW.htm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index_D5QYXltZW.htm
chasingillusions.com/swiaa/m12/
Redirect Chain
  • https://rebrand.ly/n150v
  • https://chasingillusions.com/swiaa/m12/index_D5QYXltZW.htm
9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://chasingillusions.com/swiaa/m12/index_D5QYXltZW.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.121.194 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business67-5.web-hosting.com
Software
Apache /
Resource Hash
f5ac3c1a19ffeaadf31826e7324226461a3d12cbd7b37900a151d2b28b930e95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
chasingillusions.com
:scheme
https
:path
/swiaa/m12/index_D5QYXltZW.htm
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Sat, 07 Nov 2020 06:36:41 GMT
server
Apache
last-modified
Fri, 30 Aug 2019 09:54:18 GMT
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-length
2688
content-type
text/html
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
referrer-policy
no-referrer-when-downgrade

Redirect headers

Cache-Control
no-cache, no-store
Date
Sat, 07 Nov 2020 06:36:40 GMT
Engine
Rebrandly.redirect, version 2.0
Expires
-1
Location
https://chasingillusions.com/swiaa/m12/index_D5QYXltZW.htm
Strict-Transport-Security
max-age=15552000
Content-Length
0
Connection
keep-alive
app.css
chasingillusions.com/swiaa/m12/css/ 		82 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://chasingillusions.com/swiaa/m12/css/app.css
Requested by
Host: chasingillusions.com
URL: https://chasingillusions.com/swiaa/m12/index_D5QYXltZW.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.121.194 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business67-5.web-hosting.com
Software
Apache /
Resource Hash
2135fdd0d5513addc838912a2c4e3db19c79f7962ce462408f4a708c38e2b352
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://chasingillusions.com/swiaa/m12/index_D5QYXltZW.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 07 Nov 2020 06:36:41 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 02 Jun 2019 06:18:46 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
9901
x-content-type-options
nosniff
visitor_E08B864B.php
chasingillusions.com/swiaa/m12/php/ 		0
0
jquery.min.js
chasingillusions.com/ajax.googleapis.com/ajax/libs/jquery/2.0.0/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://chasingillusions.com/ajax.googleapis.com/ajax/libs/jquery/2.0.0/jquery.min.js
Requested by
Host: chasingillusions.com
URL: https://chasingillusions.com/swiaa/m12/index_D5QYXltZW.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.121.194 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business67-5.web-hosting.com
Software
Apache / PHP/7.2.34
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://chasingillusions.com/swiaa/m12/index_D5QYXltZW.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 07 Nov 2020 06:36:41 GMT
referrer-policy
no-referrer-when-downgrade
server
Apache
x-powered-by
PHP/7.2.34
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
status
404
x-xss-protection
1; mode=block
cache-control
no-cache, must-revalidate, max-age=0
strict-transport-security
max-age=31536000; includeSubDomains; preload;
link
<https://chasingillusions.com/wp-json/>; rel="https://api.w.org/"
content-length
0
x-content-type-options
nosniff
expires
Wed, 11 Jan 1984 05:00:00 GMT
htacess2_E1C70E79.php
chasingillusions.com/swiaa/m12/php/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://chasingillusions.com/swiaa/m12/php/htacess2_E1C70E79.php
Requested by
Host: chasingillusions.com
URL: https://chasingillusions.com/swiaa/m12/index_D5QYXltZW.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.121.194 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business67-5.web-hosting.com
Software
Apache / PHP/7.2.34
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://chasingillusions.com/swiaa/m12/index_D5QYXltZW.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 07 Nov 2020 06:36:41 GMT
referrer-policy
no-referrer-when-downgrade
server
Apache
x-powered-by
PHP/7.2.34
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
status
404
x-xss-protection
1; mode=block
cache-control
no-cache, must-revalidate, max-age=0
strict-transport-security
max-age=31536000; includeSubDomains; preload;
link
<https://chasingillusions.com/wp-json/>; rel="https://api.w.org/"
content-length
0
x-content-type-options
nosniff
expires
Wed, 11 Jan 1984 05:00:00 GMT
jquery.countdown360_4ABDBEC3.js
chasingillusions.com/swiaa/m12/css/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chasingillusions.com/swiaa/m12/css/jquery.countdown360_4ABDBEC3.js
Requested by
Host: chasingillusions.com
URL: https://chasingillusions.com/swiaa/m12/index_D5QYXltZW.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.121.194 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business67-5.web-hosting.com
Software
Apache /
Resource Hash
b191fc2a19092f05f36c8426ceca55d04d57aabd570a6a5d6ff8fd6043653c02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://chasingillusions.com/swiaa/m12/index_D5QYXltZW.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 07 Nov 2020 06:36:41 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 29 May 2019 21:44:52 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
1874
x-content-type-options
nosniff
pg1.png
chasingillusions.com/swiaa/m12/images/ 		139 KB
139 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://chasingillusions.com/swiaa/m12/images/pg1.png
Requested by
Host: chasingillusions.com
URL: https://chasingillusions.com/swiaa/m12/index_D5QYXltZW.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.121.194 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business67-5.web-hosting.com
Software
Apache /
Resource Hash
47fb150ac15d564636aab906aaec0ccc631f7b28c85de09076705f6fa311387e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://chasingillusions.com/swiaa/m12/index_D5QYXltZW.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 07 Nov 2020 06:36:43 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 30 Aug 2019 08:04:34 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
142036
x-content-type-options
nosniff
footer.png
chasingillusions.com/swiaa/m12/images/ 		152 KB
153 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://chasingillusions.com/swiaa/m12/images/footer.png
Requested by
Host: chasingillusions.com
URL: https://chasingillusions.com/swiaa/m12/index_D5QYXltZW.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.121.194 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business67-5.web-hosting.com
Software
Apache /
Resource Hash
4d8f0b7e1570619977fc6dc953afb69b39746f7faa46884926b77497df45bb70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://chasingillusions.com/swiaa/m12/index_D5QYXltZW.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 07 Nov 2020 06:36:43 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 01 Jun 2019 17:46:06 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
155855
x-content-type-options
nosniff
xt.png
chasingillusions.com/swiaa/m12/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://chasingillusions.com/swiaa/m12/images/xt.png
Requested by
Host: chasingillusions.com
URL: https://chasingillusions.com/swiaa/m12/index_D5QYXltZW.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.121.194 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business67-5.web-hosting.com
Software
Apache /
Resource Hash
8eb32b396c1f7ddb858f67e3055e109e1dafbc826ec8fd601953bb070c129e6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://chasingillusions.com/swiaa/m12/index_D5QYXltZW.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 07 Nov 2020 06:36:43 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 21 Aug 2020 14:20:30 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
1046
x-content-type-options
nosniff
app.min-blessed14.css
chasingillusions.com/swiaa/m12/css/blessed/ 		286 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://chasingillusions.com/swiaa/m12/css/blessed/app.min-blessed14.css?z=1541089678609
Requested by
Host: chasingillusions.com
URL: https://chasingillusions.com/swiaa/m12/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.121.194 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business67-5.web-hosting.com
Software
Apache /
Resource Hash
cc1dfafb451e1afe041eb55279b87be4dea1e7596385a6d2f20f07a3b8e33f97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://chasingillusions.com/swiaa/m12/css/app.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 07 Nov 2020 06:36:42 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 29 May 2019 21:47:02 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
32332
x-content-type-options
nosniff
app.min-blessed13.css
chasingillusions.com/swiaa/m12/css/blessed/ 		164 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://chasingillusions.com/swiaa/m12/css/blessed/app.min-blessed13.css?z=1541089678609
Requested by
Host: chasingillusions.com
URL: https://chasingillusions.com/swiaa/m12/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.121.194 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business67-5.web-hosting.com
Software
Apache /
Resource Hash
8d1a939bfdd2323107be4cbacd50073e5220eccf1bfc4185bcdb0aff72871dba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://chasingillusions.com/swiaa/m12/css/app.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 07 Nov 2020 06:36:42 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 29 May 2019 21:46:58 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
none
vary
Accept-Encoding
content-length
7368
x-content-type-options
nosniff
app.min-blessed12.css
chasingillusions.com/swiaa/m12/css/blessed/ 		220 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://chasingillusions.com/swiaa/m12/css/blessed/app.min-blessed12.css?z=1541089678609
Requested by
Host: chasingillusions.com
URL: https://chasingillusions.com/swiaa/m12/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.121.194 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business67-5.web-hosting.com
Software
Apache /
Resource Hash
5e696e91201269e7c2ae030fea54074f00971da28293c3f8c8d1dcaa947194bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://chasingillusions.com/swiaa/m12/css/app.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 07 Nov 2020 06:36:42 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 29 May 2019 21:46:58 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
10577
x-content-type-options
nosniff
app.min-blessed11.css
chasingillusions.com/swiaa/m12/css/blessed/ 		277 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://chasingillusions.com/swiaa/m12/css/blessed/app.min-blessed11.css?z=1541089678609
Requested by
Host: chasingillusions.com
URL: https://chasingillusions.com/swiaa/m12/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.121.194 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business67-5.web-hosting.com
Software
Apache /
Resource Hash
b6a46d8a1dd1e7a9992f67b1d852c3f6ccc1e59d632236bde90bb6ee751d0518
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://chasingillusions.com/swiaa/m12/css/app.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 07 Nov 2020 06:36:42 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 29 May 2019 21:46:54 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
13096
x-content-type-options
nosniff
app.min-blessed10.css
chasingillusions.com/swiaa/m12/css/blessed/ 		310 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://chasingillusions.com/swiaa/m12/css/blessed/app.min-blessed10.css?z=1541089678609
Requested by
Host: chasingillusions.com
URL: https://chasingillusions.com/swiaa/m12/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.121.194 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business67-5.web-hosting.com
Software
Apache /
Resource Hash
c5739f3304650d32714e427d28f7d9b2cd2d5b1d72248ae817ebe008266d5295
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://chasingillusions.com/swiaa/m12/css/app.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 07 Nov 2020 06:36:42 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 29 May 2019 21:46:54 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
18624
x-content-type-options
nosniff
app.min-blessed8.css
chasingillusions.com/swiaa/m12/css/blessed/ 		341 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://chasingillusions.com/swiaa/m12/css/blessed/app.min-blessed8.css?z=1541089678609
Requested by
Host: chasingillusions.com
URL: https://chasingillusions.com/swiaa/m12/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.121.194 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business67-5.web-hosting.com
Software
Apache /
Resource Hash
411593ab1a3349dc402a811c80eff87d7cbe2a6f48a7c59e98c26eda19e3d4ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://chasingillusions.com/swiaa/m12/css/app.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 07 Nov 2020 06:36:42 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 02 Jun 2019 06:18:30 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
31869
x-content-type-options
nosniff
app.min-blessed7.css
chasingillusions.com/swiaa/m12/css/blessed/ 		283 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://chasingillusions.com/swiaa/m12/css/blessed/app.min-blessed7.css?z=1541089678609
Requested by
Host: chasingillusions.com
URL: https://chasingillusions.com/swiaa/m12/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.121.194 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business67-5.web-hosting.com
Software
Apache /
Resource Hash
11385b5fbe86379e5ef5f3e74c5e2e938fb0ef39a899bc684187c80b3e34a1f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://chasingillusions.com/swiaa/m12/css/app.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 07 Nov 2020 06:36:42 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 02 Jun 2019 06:18:28 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
27155
x-content-type-options
nosniff
app.min-blessed6.css
chasingillusions.com/swiaa/m12/css/blessed/ 		515 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://chasingillusions.com/swiaa/m12/css/blessed/app.min-blessed6.css?z=1541089678609
Requested by
Host: chasingillusions.com
URL: https://chasingillusions.com/swiaa/m12/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.121.194 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business67-5.web-hosting.com
Software
Apache /
Resource Hash
407e6c09aa049f48313e40aa35e8433405f5399624ae9d57ed199006ec398529
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://chasingillusions.com/swiaa/m12/css/app.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 07 Nov 2020 06:36:42 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 02 Jun 2019 06:18:28 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
19060
x-content-type-options
nosniff
app.min-blessed5.css
chasingillusions.com/swiaa/m12/css/blessed/ 		533 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://chasingillusions.com/swiaa/m12/css/blessed/app.min-blessed5.css?z=1541089678609
Requested by
Host: chasingillusions.com
URL: https://chasingillusions.com/swiaa/m12/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.121.194 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business67-5.web-hosting.com
Software
Apache /
Resource Hash
e778b8f3a99aa916cdda4cc8f93f6d33bcb5b5745624b46bbf02833627f5867b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://chasingillusions.com/swiaa/m12/css/app.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 07 Nov 2020 06:36:42 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 29 May 2019 21:47:12 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
16947
x-content-type-options
nosniff
app.min-blessed4.css
chasingillusions.com/swiaa/m12/css/blessed/ 		452 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://chasingillusions.com/swiaa/m12/css/blessed/app.min-blessed4.css?z=1541089678609
Requested by
Host: chasingillusions.com
URL: https://chasingillusions.com/swiaa/m12/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.121.194 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business67-5.web-hosting.com
Software
Apache /
Resource Hash
c2a736e58523407bbcbd22def7070fd59d9cd4aa3fa3f34200d47d9afccd1a01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://chasingillusions.com/swiaa/m12/css/app.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 07 Nov 2020 06:36:42 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 29 May 2019 21:47:10 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
22349
x-content-type-options
nosniff
app.min-blessed3.css
chasingillusions.com/swiaa/m12/css/blessed/ 		327 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://chasingillusions.com/swiaa/m12/css/blessed/app.min-blessed3.css?z=1541089678609
Requested by
Host: chasingillusions.com
URL: https://chasingillusions.com/swiaa/m12/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.121.194 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business67-5.web-hosting.com
Software
Apache /
Resource Hash
2913be31136edbc16e417b821cef6f13e2575ea796a532c8f064fc240e0ae2c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://chasingillusions.com/swiaa/m12/css/app.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 07 Nov 2020 06:36:42 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 02 Jun 2019 06:18:26 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
27362
x-content-type-options
nosniff
app.min-blessed2.css
chasingillusions.com/swiaa/m12/css/blessed/ 		378 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://chasingillusions.com/swiaa/m12/css/blessed/app.min-blessed2.css?z=1541089678609
Requested by
Host: chasingillusions.com
URL: https://chasingillusions.com/swiaa/m12/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.121.194 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business67-5.web-hosting.com
Software
Apache /
Resource Hash
3f34f08085abdb01b590c8a02bd6d304b09361e6d26f387fac1e146a5fa802fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://chasingillusions.com/swiaa/m12/css/app.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 07 Nov 2020 06:36:42 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 29 May 2019 21:47:04 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
22714
x-content-type-options
nosniff
app.min-blessed1.css
chasingillusions.com/swiaa/m12/css/blessed/ 		296 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://chasingillusions.com/swiaa/m12/css/blessed/app.min-blessed1.css?z=1541089678609
Requested by
Host: chasingillusions.com
URL: https://chasingillusions.com/swiaa/m12/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.121.194 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business67-5.web-hosting.com
Software
Apache /
Resource Hash
78e53212c9d60a4f9f4ea40cce865838e690e7c12f3d1ad4e39d93157bc6438a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://chasingillusions.com/swiaa/m12/css/app.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 07 Nov 2020 06:36:42 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 02 Jun 2019 06:18:26 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
vary
Accept-Encoding
content-length
28857
x-content-type-options
nosniff
htacess2_E1C70E79.php
chasingillusions.com/swiaa/m12/php/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://chasingillusions.com/swiaa/m12/php/htacess2_E1C70E79.php
Requested by
Host: chasingillusions.com
URL: https://chasingillusions.com/swiaa/m12/index_D5QYXltZW.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.121.194 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business67-5.web-hosting.com
Software
Apache / PHP/7.2.34
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://chasingillusions.com/swiaa/m12/index_D5QYXltZW.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 07 Nov 2020 06:36:43 GMT
referrer-policy
no-referrer-when-downgrade
server
Apache
x-powered-by
PHP/7.2.34
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
status
404
x-xss-protection
1; mode=block
cache-control
no-cache, must-revalidate, max-age=0
strict-transport-security
max-age=31536000; includeSubDomains; preload;
link
<https://chasingillusions.com/wp-json/>; rel="https://api.w.org/"
content-length
0
x-content-type-options
nosniff
expires
Wed, 11 Jan 1984 05:00:00 GMT
img_desktop_background_game@2x.jpg
chasingillusions.com/swiaa/m12/images/ 		317 KB
317 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://chasingillusions.com/swiaa/m12/images/img_desktop_background_game@2x.jpg
Requested by
Host: chasingillusions.com
URL: https://chasingillusions.com/swiaa/m12/css/blessed/app.min-blessed8.css?z=1541089678609
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.121.194 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business67-5.web-hosting.com
Software
Apache /
Resource Hash
df73d95b39abcdadbd0127ce944d953d0a335da6041a45ec3c56b501e55c3ec5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://chasingillusions.com/swiaa/m12/css/blessed/app.min-blessed8.css?z=1541089678609
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 07 Nov 2020 06:36:43 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 29 May 2019 21:45:44 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
image/jpeg
status
200
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains; preload;
accept-ranges
bytes
content-length
324227
x-content-type-options
nosniff

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
chasingillusions.com
URL
https://chasingillusions.com/swiaa/m12/php/visitor_E08B864B.php

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| MM_findObj function| MM_validateForm

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

chasingillusions.com
rebrand.ly
chasingillusions.com
198.54.121.194
3.210.56.169
11385b5fbe86379e5ef5f3e74c5e2e938fb0ef39a899bc684187c80b3e34a1f1
2135fdd0d5513addc838912a2c4e3db19c79f7962ce462408f4a708c38e2b352
2913be31136edbc16e417b821cef6f13e2575ea796a532c8f064fc240e0ae2c7
3f34f08085abdb01b590c8a02bd6d304b09361e6d26f387fac1e146a5fa802fa
407e6c09aa049f48313e40aa35e8433405f5399624ae9d57ed199006ec398529
411593ab1a3349dc402a811c80eff87d7cbe2a6f48a7c59e98c26eda19e3d4ff
47fb150ac15d564636aab906aaec0ccc631f7b28c85de09076705f6fa311387e
4d8f0b7e1570619977fc6dc953afb69b39746f7faa46884926b77497df45bb70
5e696e91201269e7c2ae030fea54074f00971da28293c3f8c8d1dcaa947194bd
78e53212c9d60a4f9f4ea40cce865838e690e7c12f3d1ad4e39d93157bc6438a
8d1a939bfdd2323107be4cbacd50073e5220eccf1bfc4185bcdb0aff72871dba
8eb32b396c1f7ddb858f67e3055e109e1dafbc826ec8fd601953bb070c129e6e
b191fc2a19092f05f36c8426ceca55d04d57aabd570a6a5d6ff8fd6043653c02
b6a46d8a1dd1e7a9992f67b1d852c3f6ccc1e59d632236bde90bb6ee751d0518
c2a736e58523407bbcbd22def7070fd59d9cd4aa3fa3f34200d47d9afccd1a01
c5739f3304650d32714e427d28f7d9b2cd2d5b1d72248ae817ebe008266d5295
cc1dfafb451e1afe041eb55279b87be4dea1e7596385a6d2f20f07a3b8e33f97
df73d95b39abcdadbd0127ce944d953d0a335da6041a45ec3c56b501e55c3ec5
e778b8f3a99aa916cdda4cc8f93f6d33bcb5b5745624b46bbf02833627f5867b
f5ac3c1a19ffeaadf31826e7324226461a3d12cbd7b37900a151d2b28b930e95