petvet.social Open in urlscan Pro
173.249.58.38 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://petvet.social/wp-includes/js/txt/dashboard/index
Submission: On February 05 via manual (February 5th 2020, 10:54:32 am UTC) from IE

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 9 HTTP transactions. The main IP is 173.249.58.38, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is petvet.social.
TLS certificate: Issued by cPanel, Inc. Certification Authority on November 24th 2019. Valid for: 3 months.

This is the only time petvet.social was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Chase (Banking)

Domain & IP information

	IP Address	AS Autonomous System
8	173.249.58.38 173.249.58.38	51167 (CONTABO) (CONTABO)
1	160.153.129.209 160.153.129.209	21501 (GODADDY-AMS) (GODADDY-AMS)
9	2

8 173.249.58.38 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: vps221.zthosting.com

petvet.social	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 160.153.129.209 (Scottsdale, United States)

ASN21501 (GODADDY-AMS, DE)
PTR: ip-160-153-129-209.ip.secureserver.net

js-codes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	petvet.social petvet.social	369 KB
1	js-codes.com js-codes.com	2 KB
9	2

	Domain	Requested by
8	petvet.social	petvet.social
1	js-codes.com	petvet.social
9	2

This site contains no links.

Subject Issuer	Validity	Valid
petvet.social cPanel, Inc. Certification Authority	`2019-11-24` - `2020-02-22`	3 months	crt.sh
js-codes.com Let's Encrypt Authority X3	`2019-12-23` - `2020-03-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://petvet.social/wp-includes/js/txt/dashboard/index
Frame ID: FEA92031417384FEC129716711D0C6C5
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

371 kB
Transfer

481 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set index Show response petvet.social/wp-includes/js/txt/dashboard/	4 KB 2 KB	601ms 449ms	Document text/html	173.249.58.38 CONTABO
General Check archive.org Show headers Download Go to Full URL https://petvet.social/wp-includes/js/txt/dashboard/index Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 173.249.58.38 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS vps221.zthosting.com Software / Resource Hash `b63f8e69850a35ee4afae1e8a1889751dc4226f18cd18dcf8c5d389200b0300d` Request headers Host petvet.social Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Sec-Fetch-User ?1 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site none Sec-Fetch-Mode navigate Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Sec-Fetch-User ?1 Response headers Date Wed, 05 Feb 2020 10:54:12 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate Pragma no-cache Content-Encoding gzip Vary Accept-Encoding,User-Agent Set-Cookie PHPSESSID=6557ae7c938dbacff15d1984daadf002; path=/ Content-Type text/html; charset=UTF-8 X-Varnish 37462659 Age 0 X-Cache MISS Accept-Ranges bytes Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	app.css petvet.social/wp-includes/js/txt/dashboard/styles/	23 KB 5 KB	53ms 52ms	Stylesheet text/css	173.249.58.38 CONTABO
General Check archive.org Show headers Download Go to Full URL https://petvet.social/wp-includes/js/txt/dashboard/styles/app.css Requested by Host: petvet.social URL: https://petvet.social/wp-includes/js/txt/dashboard/index Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 173.249.58.38 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS vps221.zthosting.com Software / Resource Hash `0a88aefd4808887087f78a99e3728489dda5d47a44790ddee2f6a2f0390e9e94` Request headers Referer https://petvet.social/wp-includes/js/txt/dashboard/index User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Wed, 05 Feb 2020 10:54:12 GMT Content-Encoding gzip Last-Modified Sat, 17 Nov 2018 07:53:44 GMT Age 0 Vary Accept-Encoding,User-Agent X-Cache MISS Content-Type text/css Cache-Control max-age=2592000 X-Varnish 37462661 Connection keep-alive Accept-Ranges bytes Content-Length 4803 Expires Fri, 06 Mar 2020 10:54:12 GMT
GET H2	200	modernizr.min.js Show response js-codes.com/modernizr/2.9.1/	4 KB 2 KB	110ms 32ms	Script application/javascript	160.153.129.209 GODADDY-AMS
General Check archive.org Show headers Download Go to Full URL https://js-codes.com/modernizr/2.9.1/modernizr.min.js Requested by Host: petvet.social URL: https://petvet.social/wp-includes/js/txt/dashboard/index Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 160.153.129.209 Scottsdale, United States, ASN21501 (GODADDY-AMS, DE), Reverse DNS ip-160-153-129-209.ip.secureserver.net Software Apache / Express Resource Hash `a6c3bff965978df8093c3a29f7071c21d7439a212af41e7b40ce70d94d6bcc44` Request headers Referer https://petvet.social/wp-includes/js/txt/dashboard/index User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Wed, 05 Feb 2020 10:54:13 GMT content-encoding gzip last-modified Wed, 11 Oct 2017 06:04:24 GMT server Apache x-powered-by Express etag W/"edf-15f0a08b640-gzip" vary Accept-Encoding,User-Agent content-type application/javascript; charset=UTF-8 status 200 cache-control public, max-age=0, max-age=31536000 accept-ranges bytes content-length 1788 expires Thu, 04 Feb 2021 10:54:12 GMT
GET H/1.1	200 OK	jquery-3.3.1.min.js Show response petvet.social/wp-includes/js/txt/dashboard/scripts/	85 KB 30 KB	139ms 88ms	Script application/javascript	173.249.58.38 CONTABO
General Check archive.org Show headers Download Go to Full URL https://petvet.social/wp-includes/js/txt/dashboard/scripts/jquery-3.3.1.min.js Requested by Host: petvet.social URL: https://petvet.social/wp-includes/js/txt/dashboard/index Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 173.249.58.38 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS vps221.zthosting.com Software / Resource Hash `160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef` Request headers Referer https://petvet.social/wp-includes/js/txt/dashboard/index User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Wed, 05 Feb 2020 10:54:12 GMT Content-Encoding gzip Last-Modified Sun, 24 Jun 2018 13:08:30 GMT Age 0 Vary Accept-Encoding,User-Agent X-Cache MISS Content-Type application/javascript Cache-Control max-age=2592000 X-Varnish 37462663 Connection keep-alive Accept-Ranges bytes Content-Length 30307 Expires Fri, 06 Mar 2020 10:54:12 GMT
GET H/1.1	200 OK	jquery.ccvalid.js Show response petvet.social/wp-includes/js/txt/dashboard/scripts/	7 KB 2 KB	108ms 40ms	Script application/javascript	173.249.58.38 CONTABO
General Check archive.org Show headers Download Go to Full URL https://petvet.social/wp-includes/js/txt/dashboard/scripts/jquery.ccvalid.js Requested by Host: petvet.social URL: https://petvet.social/wp-includes/js/txt/dashboard/index Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 173.249.58.38 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS vps221.zthosting.com Software / Resource Hash `ca83477931d09aca84c55e779bb2e6ef502b1af1bef668de771b8209a43eb11b` Request headers Referer https://petvet.social/wp-includes/js/txt/dashboard/index User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Wed, 05 Feb 2020 10:54:12 GMT Content-Encoding gzip Last-Modified Sat, 05 May 2018 11:05:52 GMT Age 0 Vary Accept-Encoding,User-Agent X-Cache MISS Content-Type application/javascript Cache-Control max-age=2592000 X-Varnish 13449846 Connection keep-alive Accept-Ranges bytes Content-Length 1912 Expires Fri, 06 Mar 2020 10:54:12 GMT
GET H/1.1	200 OK	jquery.mask.min.js Show response petvet.social/wp-includes/js/txt/dashboard/scripts/	8 KB 4 KB	121ms 46ms	Script application/javascript	173.249.58.38 CONTABO
General Check archive.org Show headers Download Go to Full URL https://petvet.social/wp-includes/js/txt/dashboard/scripts/jquery.mask.min.js Requested by Host: petvet.social URL: https://petvet.social/wp-includes/js/txt/dashboard/index Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 173.249.58.38 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS vps221.zthosting.com Software / Resource Hash `bbb318e841b96acb3c2614eec417a4d7caf9606ea996507dccba84e2f6724e7e` Request headers Referer https://petvet.social/wp-includes/js/txt/dashboard/index User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Wed, 05 Feb 2020 10:54:13 GMT Content-Encoding gzip Last-Modified Thu, 05 Jul 2018 09:59:48 GMT Age 0 Vary Accept-Encoding,User-Agent X-Cache MISS Content-Type application/javascript Cache-Control max-age=2592000 X-Varnish 4902008 Connection keep-alive Accept-Ranges bytes Content-Length 3396 Expires Fri, 06 Mar 2020 10:54:13 GMT
GET H/1.1	200 OK	white_logo.svg petvet.social/wp-includes/js/txt/dashboard/pics/	1 KB 1018 B	49ms 48ms	Image image/svg+xml	173.249.58.38 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://petvet.social/wp-includes/js/txt/dashboard/pics/white_logo.svg Requested by Host: petvet.social URL: https://petvet.social/wp-includes/js/txt/dashboard/index Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 173.249.58.38 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS vps221.zthosting.com Software / Resource Hash `d3bf9c143e5e360da41736b1d4e833b5ac6b6f7093ddc91ffc538233a78488d0` Request headers Referer https://petvet.social/wp-includes/js/txt/dashboard/styles/app.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Wed, 05 Feb 2020 10:54:13 GMT Content-Encoding gzip Last-Modified Mon, 20 Aug 2018 10:07:24 GMT Age 0 Vary Accept-Encoding,User-Agent X-Cache MISS Content-Type image/svg+xml Cache-Control max-age=31536000 X-Varnish 13449848 Connection keep-alive Accept-Ranges bytes Content-Length 645 Expires Thu, 04 Feb 2021 10:54:13 GMT
GET H/1.1	200 OK	1024_bg.jpeg petvet.social/wp-includes/js/txt/dashboard/pics/	295 KB 295 KB	67ms 67ms	Image image/jpeg	173.249.58.38 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://petvet.social/wp-includes/js/txt/dashboard/pics/1024_bg.jpeg Requested by Host: petvet.social URL: https://petvet.social/wp-includes/js/txt/dashboard/index Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 173.249.58.38 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS vps221.zthosting.com Software / Resource Hash `0d90c23ffd9891ceaa10448ae2ad40e81104a2ac28d234c83218a8274ad34f86` Request headers Referer https://petvet.social/wp-includes/js/txt/dashboard/styles/app.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Wed, 05 Feb 2020 10:54:13 GMT Last-Modified Mon, 20 Aug 2018 11:23:42 GMT Age 0 X-Cache MISS X-Varnish 4902010 Cache-Control max-age=31536000 Connection keep-alive Accept-Ranges bytes Content-Type image/jpeg Content-Length 302236 Expires Thu, 04 Feb 2021 10:54:13 GMT
GET H/1.1	200 OK	lighter_font.woff petvet.social/wp-includes/js/txt/dashboard/fonts/	53 KB 30 KB	63ms 62ms	Font font/woff	173.249.58.38 CONTABO
General Check archive.org Show headers Download Go to Full URL https://petvet.social/wp-includes/js/txt/dashboard/fonts/lighter_font.woff Requested by Host: petvet.social URL: https://petvet.social/wp-includes/js/txt/dashboard/index Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 173.249.58.38 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS vps221.zthosting.com Software / Resource Hash `7edd9d10f14856ef55eb7a3dd9f671f6f0afd4c64900cc8d5d6b80d2cdbe1977` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer https://petvet.social/wp-includes/js/txt/dashboard/styles/app.css Origin https://petvet.social Response headers Date Wed, 05 Feb 2020 10:54:13 GMT Content-Encoding gzip Last-Modified Mon, 20 Aug 2018 10:12:26 GMT Age 0 Vary Accept-Encoding,User-Agent X-Cache MISS X-Varnish 9306639 Connection keep-alive Accept-Ranges bytes Content-Type font/woff Content-Length 30341

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Chase (Banking)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			petvet.social/	1969-12-31 23:59:59	Name: PHPSESSID Value: 6557ae7c938dbacff15d1984daadf002

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

js-codes.com
petvet.social
160.153.129.209
173.249.58.38
0a88aefd4808887087f78a99e3728489dda5d47a44790ddee2f6a2f0390e9e94
0d90c23ffd9891ceaa10448ae2ad40e81104a2ac28d234c83218a8274ad34f86
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
7edd9d10f14856ef55eb7a3dd9f671f6f0afd4c64900cc8d5d6b80d2cdbe1977
a6c3bff965978df8093c3a29f7071c21d7439a212af41e7b40ce70d94d6bcc44
b63f8e69850a35ee4afae1e8a1889751dc4226f18cd18dcf8c5d389200b0300d
bbb318e841b96acb3c2614eec417a4d7caf9606ea996507dccba84e2f6724e7e
ca83477931d09aca84c55e779bb2e6ef502b1af1bef668de771b8209a43eb11b
d3bf9c143e5e360da41736b1d4e833b5ac6b6f7093ddc91ffc538233a78488d0

petvet.social Open in urlscan Pro 173.249.58.38 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

371 kBTransfer

481 kBSize

1 Cookies

0 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

7 JavaScript Global Variables

1 Cookies

Indicators

petvet.social Open in urlscan Pro
173.249.58.38 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

371 kB
Transfer

481 kB
Size

1
Cookies

9 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!