fovj.ir
Open in
urlscan Pro
138.201.241.67
Malicious Activity!
Public Scan
Effective URL: http://fovj.ir/wp-content/themes/index.htm
Submission: On November 19 via manual from US
Summary
This is the only time fovj.ir was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Chase (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 103.93.16.132 103.93.16.132 | 135822 (HOSRAJA-A...) (HOSRAJA-AS Ovi Hosting Pvt Ltd) | |
1 | 138.201.241.67 138.201.241.67 | 24940 (HETZNER-AS) (HETZNER-AS) | |
15 | 2.18.234.225 2.18.234.225 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
17 | 3 |
ASN135822 (HOSRAJA-AS Ovi Hosting Pvt Ltd, IN)
PTR: server35.hostingraja.in
balamuruganinbox.in |
ASN24940 (HETZNER-AS, DE)
PTR: static.67.241.201.138.clients.your-server.de
fovj.ir |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-225.deploy.static.akamaitechnologies.com
static.chasecdn.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
chasecdn.com
static.chasecdn.com |
1 MB |
1 |
fovj.ir
fovj.ir |
16 KB |
1 |
balamuruganinbox.in
balamuruganinbox.in |
393 B |
17 | 3 |
Domain | Requested by | |
---|---|---|
15 | static.chasecdn.com |
fovj.ir
|
1 | fovj.ir | |
1 | balamuruganinbox.in | |
17 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
static.chasecdn.com Entrust Certification Authority - L1M |
2018-05-01 - 2019-05-01 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://fovj.ir/wp-content/themes/index.htm
Frame ID: 048DFCA0A7F3CCA6C7202FCC103551A8
Requests: 17 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://balamuruganinbox.in/chacha/ Page URL
- http://fovj.ir/wp-content/themes/index.htm Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
RequireJS (JavaScript Frameworks) Expand
Detected patterns
- env /^requirejs$/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- env /^jQuery$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://balamuruganinbox.in/chacha/ Page URL
- http://fovj.ir/wp-content/themes/index.htm Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
balamuruganinbox.in/chacha/ |
161 B 393 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
index.htm
fovj.ir/wp-content/themes/ |
43 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
appConfig.js
static.chasecdn.com/web/2017.11.12-1304/logon/js/ |
11 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
logon.css
static.chasecdn.com/web/2017.11.12-1304/logon/assets/ |
70 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
blue-ui.css
static.chasecdn.com/web/2017.11.12-1304/common/assets/ |
350 KB 43 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
main-ver.js
static.chasecdn.com/web/library/blue-boot/dist/blue-boot/2.12.2/js/ |
69 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
boot.js
static.chasecdn.com/web/library/blue-boot/dist/blue-boot/2.12.2/js/ |
298 B 556 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
main.js
static.chasecdn.com/web/library/blue-vendor/dist/blue-vendor/2.9.0/js/ |
373 KB 107 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
main.js
static.chasecdn.com/web/library/blue-core/dist/blue/2.10.1/js/ |
128 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
boot.js
static.chasecdn.com/web/2017.11.12-1304/logon/js/ |
819 KB 161 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
main.js
static.chasecdn.com/web/library/blue-app/dist/blue-app/2.10.1/js/ |
70 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
main.js
static.chasecdn.com/web/library/blue-view/dist/blue-view/2.8.2/js/ |
277 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
opensans-regular.woff
static.chasecdn.com/content/dam/cpo-static/fonts/ |
24 KB 24 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
background.desktop.day.10.jpeg
static.chasecdn.com/content/geo-images/images/ |
488 KB 489 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
wordmark-white.svg
static.chasecdn.com/web/2017.11.12-1304/common/assets/img/logos/ |
1 KB 1005 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
opensans-semibold.woff
static.chasecdn.com/content/dam/cpo-static/fonts/ |
25 KB 25 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
dcefont.woff
static.chasecdn.com/web/2017.11.12-1304/common/assets/fonts/ |
46 KB 27 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Chase (Banking)18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| a object| loader function| initBrowserDetect function| initAppConfig function| loaderCallback function| processClientEnvProps string| prop function| requirejs function| require function| define object| Blue undefined| envConfig undefined| appConfig object| platform function| $ function| jQuery object| Kefir object| xssFilters0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
balamuruganinbox.in
fovj.ir
static.chasecdn.com
103.93.16.132
138.201.241.67
2.18.234.225
099c4f0c3a33fe36bb19da55c630088352e710c59a26f27f61677a7ca597544a
23dff173c97bba654d7270b6260928eee70021c1076bbaefb80e776549a46236
31361db9d38026e3ed85a2bc7f71148e3e91fbbe41539357fddac9670de33a77
52403348a864f277375ad808ab1edf6e8792176dfb8d33273c5553beff682e6c
63ea598d7d2f0d7eb9e3e92d1221570cda11b67285c0941cd3c83c26cc2622b7
71154f59bc3a756cc4627fc32f5c114c1fbb45f79028bfd8b2f257c736af0647
80c06c8d68d2a1a16d9d26f9f116707cf9321fd40efadd9c5ea17b8770b7a4fa
8812988af0fc830c1e2e978fcf478ece7be6280746306ab4246773b34ec3504b
a55d60f84cb6def6b02c3d73707ff3be04bc4e0145f8995cd2edcb177731c4a2
b8422277fc69c8e6ab51112dbf25048e40425cc497490fee251b56d7ef0ca179
c37f6571cf428d544ccc8c79d8e08caeff0a16c5115bc78faea28a3902c2276b
d2113460c69de50edc6206a20deec3c2bc2733929f53817f1faca74ab34c33e3
d3bf9c143e5e360da41736b1d4e833b5ac6b6f7093ddc91ffc538233a78488d0
e05f62f3fa2d2c04a518bc05e6ff401bc3b5cfd333e8f1c7b8a44246e0d358a6
e32ff24392e4f00a2b35c49037610d32fddb7507569da3bb0410da9752af3130
ef4e79b95c3ef36198671477727f4aa6f5c8fea7d73a9ae507a88291f6cedced