www.duhr448.datact.nl
Open in
urlscan Pro
82.150.137.117
Malicious Activity!
Public Scan
Effective URL: http://www.duhr448.datact.nl/js/prototype/windows/themes/darkX/index.htm
Submission: On October 08 via manual from US
Summary
This is the only time www.duhr448.datact.nl was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Chase (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 188.166.74.234 188.166.74.234 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN - DigitalOcean) | |
1 | 82.150.137.117 82.150.137.117 | 12859 (NL-BIT BI...) (NL-BIT BIT BV) | |
15 | 2.18.234.225 2.18.234.225 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
17 | 3 |
ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
fileshax.com |
ASN12859 (NL-BIT BIT BV, NL)
PTR: mysmt117.mysmt.net
www.duhr448.datact.nl |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-225.deploy.static.akamaitechnologies.com
static.chasecdn.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
chasecdn.com
static.chasecdn.com |
728 KB |
1 |
datact.nl
www.duhr448.datact.nl |
14 KB |
1 |
fileshax.com
fileshax.com |
406 B |
17 | 3 |
Domain | Requested by | |
---|---|---|
15 | static.chasecdn.com |
www.duhr448.datact.nl
|
1 | www.duhr448.datact.nl | |
1 | fileshax.com | |
17 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
static.chasecdn.com Entrust Certification Authority - L1M |
2018-05-01 - 2019-05-01 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://www.duhr448.datact.nl/js/prototype/windows/themes/darkX/index.htm
Frame ID: A1FE3AE3107DFF18D192BC03E4E47D81
Requests: 17 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://fileshax.com/wp-content/plugins/captcha/main.htm Page URL
- http://www.duhr448.datact.nl/js/prototype/windows/themes/darkX/index.htm Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
RequireJS (JavaScript Frameworks) Expand
Detected patterns
- env /^requirejs$/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- env /^jQuery$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://fileshax.com/wp-content/plugins/captcha/main.htm Page URL
- http://www.duhr448.datact.nl/js/prototype/windows/themes/darkX/index.htm Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
main.htm
fileshax.com/wp-content/plugins/captcha/ |
155 B 406 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
index.htm
www.duhr448.datact.nl/js/prototype/windows/themes/darkX/ |
43 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
appConfig.js
static.chasecdn.com/web/2017.11.12-1304/logon/js/ |
11 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
logon.css
static.chasecdn.com/web/2017.11.12-1304/logon/assets/ |
70 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
blue-ui.css
static.chasecdn.com/web/2017.11.12-1304/common/assets/ |
350 KB 43 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
main-ver.js
static.chasecdn.com/web/library/blue-boot/dist/blue-boot/2.12.2/js/ |
69 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
boot.js
static.chasecdn.com/web/library/blue-boot/dist/blue-boot/2.12.2/js/ |
298 B 556 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
main.js
static.chasecdn.com/web/library/blue-vendor/dist/blue-vendor/2.9.0/js/ |
373 KB 107 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
main.js
static.chasecdn.com/web/library/blue-core/dist/blue/2.10.1/js/ |
128 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
boot.js
static.chasecdn.com/web/2017.11.12-1304/logon/js/ |
819 KB 161 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
main.js
static.chasecdn.com/web/library/blue-app/dist/blue-app/2.10.1/js/ |
70 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
main.js
static.chasecdn.com/web/library/blue-view/dist/blue-view/2.8.2/js/ |
277 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
opensans-regular.woff
static.chasecdn.com/content/dam/cpo-static/fonts/ |
24 KB 24 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
background.desktop.day.10.jpeg
static.chasecdn.com/content/geo-images/images/ |
169 KB 170 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
wordmark-white.svg
static.chasecdn.com/web/2017.11.12-1304/common/assets/img/logos/ |
1 KB 1006 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
opensans-semibold.woff
static.chasecdn.com/content/dam/cpo-static/fonts/ |
25 KB 25 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
dcefont.woff
static.chasecdn.com/web/2017.11.12-1304/common/assets/fonts/ |
46 KB 27 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Chase (Banking)18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| a object| loader function| initBrowserDetect function| initAppConfig function| loaderCallback function| processClientEnvProps string| prop function| requirejs function| require function| define object| Blue undefined| envConfig undefined| appConfig object| platform function| $ function| jQuery object| Kefir object| xssFilters0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fileshax.com
static.chasecdn.com
www.duhr448.datact.nl
188.166.74.234
2.18.234.225
82.150.137.117
099c4f0c3a33fe36bb19da55c630088352e710c59a26f27f61677a7ca597544a
23dff173c97bba654d7270b6260928eee70021c1076bbaefb80e776549a46236
52403348a864f277375ad808ab1edf6e8792176dfb8d33273c5553beff682e6c
5b72e132fad40b2449222e0ab33a1f4ac6ded8bfb951a6946e9883669a80a8e9
63ea598d7d2f0d7eb9e3e92d1221570cda11b67285c0941cd3c83c26cc2622b7
71154f59bc3a756cc4627fc32f5c114c1fbb45f79028bfd8b2f257c736af0647
80c06c8d68d2a1a16d9d26f9f116707cf9321fd40efadd9c5ea17b8770b7a4fa
8812988af0fc830c1e2e978fcf478ece7be6280746306ab4246773b34ec3504b
a55d60f84cb6def6b02c3d73707ff3be04bc4e0145f8995cd2edcb177731c4a2
afc77b9cfc834b9811c5833c9d5eea852b248a5bf5813e297e68280248ae3929
b8422277fc69c8e6ab51112dbf25048e40425cc497490fee251b56d7ef0ca179
c37f6571cf428d544ccc8c79d8e08caeff0a16c5115bc78faea28a3902c2276b
d2113460c69de50edc6206a20deec3c2bc2733929f53817f1faca74ab34c33e3
d3bf9c143e5e360da41736b1d4e833b5ac6b6f7093ddc91ffc538233a78488d0
e05f62f3fa2d2c04a518bc05e6ff401bc3b5cfd333e8f1c7b8a44246e0d358a6
e32ff24392e4f00a2b35c49037610d32fddb7507569da3bb0410da9752af3130
ef4e79b95c3ef36198671477727f4aa6f5c8fea7d73a9ae507a88291f6cedced