hammanhill.com Open in urlscan Pro
31.220.17.3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://hammanhill.com/Shared/
Submission: On November 14 via api (November 14th 2017, 5:29:54 am UTC) from CA

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 9 HTTP transactions. The main IP is 31.220.17.3, located in United States and belongs to HOSTINGER-AS, LT. The main domain is hammanhill.com.

This is the only time hammanhill.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Google (Online) Outlook (Online)

Domain & IP information

	IP Address		AS Autonomous System
9	31.220.17.3 31.220.17.3		47583 (HOSTINGER-AS) (HOSTINGER-AS)
9	1

9 31.220.17.3 (United States)

ASN47583 (HOSTINGER-AS, LT)
PTR: srv17-3.hosting24.com

hammanhill.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	hammanhill.com hammanhill.com	1 MB
9	1

	Domain	Requested by
9	hammanhill.com	hammanhill.com
9	1

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://hammanhill.com/Shared/
Frame ID: 7495.1
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Page Statistics

9
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1410 kB
Transfer

1410 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response hammanhill.com/Shared/	3 KB 3 KB	225ms 113ms	Document text/html	31.220.17.3 HOSTINGER-AS
General Check archive.org Show headers Download Go to Full URL http://hammanhill.com/Shared/ Protocol HTTP/1.1 Server 31.220.17.3 , United States, ASN47583 (HOSTINGER-AS, LT), Reverse DNS srv17-3.hosting24.com Software Apache / Resource Hash `7493876dabdcf991000e5e0dbcceeb7282dbba972c26a01c728589a184b7547c` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host hammanhill.com Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Cache-Control no-cache Connection keep-alive Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Tue, 14 Nov 2017 05:29:42 GMT Last-Modified Tue, 07 Mar 2017 12:46:49 GMT Server Apache Upgrade h2 Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type text/html Keep-Alive timeout=3, max=100 Content-Length 3139
GET H/1.1	200 OK	logo.jpg hammanhill.com/Shared/index_files/	117 KB 117 KB	113ms 112ms	Image image/jpeg	31.220.17.3 HOSTINGER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://hammanhill.com/Shared/index_files/logo.jpg Requested by Host: hammanhill.com URL: http://hammanhill.com/Shared/ Protocol HTTP/1.1 Server 31.220.17.3 , United States, ASN47583 (HOSTINGER-AS, LT), Reverse DNS srv17-3.hosting24.com Software Apache / Resource Hash `fd89aa73467280b82abef0680df869c98126344ad8679fd643eb5da21d0cc7ba` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host hammanhill.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://hammanhill.com/Shared/ Connection keep-alive Cache-Control no-cache Referer http://hammanhill.com/Shared/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Tue, 14 Nov 2017 05:29:42 GMT Last-Modified Tue, 07 Mar 2017 12:47:23 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=3, max=99 Content-Length 120210
GET H/1.1	200 OK	logo2.jpg hammanhill.com/Shared/index_files/	116 KB 116 KB	224ms 112ms	Image image/jpeg	31.220.17.3 HOSTINGER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://hammanhill.com/Shared/index_files/logo2.jpg Requested by Host: hammanhill.com URL: http://hammanhill.com/Shared/ Protocol HTTP/1.1 Server 31.220.17.3 , United States, ASN47583 (HOSTINGER-AS, LT), Reverse DNS srv17-3.hosting24.com Software Apache / Resource Hash `51f6b6ebad10f484025835732e6612303feb10e3879fb7800db1574d4b7971e0` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host hammanhill.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://hammanhill.com/Shared/ Connection keep-alive Cache-Control no-cache Referer http://hammanhill.com/Shared/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Tue, 14 Nov 2017 05:29:42 GMT Last-Modified Tue, 07 Mar 2017 12:47:26 GMT Server Apache Upgrade h2 Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type image/jpeg Keep-Alive timeout=3, max=100 Content-Length 118478
GET H/1.1	200 OK	ym.jpg hammanhill.com/Shared/index_files/	22 KB 22 KB	227ms 113ms	Image image/jpeg	31.220.17.3 HOSTINGER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://hammanhill.com/Shared/index_files/ym.jpg Requested by Host: hammanhill.com URL: http://hammanhill.com/Shared/ Protocol HTTP/1.1 Server 31.220.17.3 , United States, ASN47583 (HOSTINGER-AS, LT), Reverse DNS srv17-3.hosting24.com Software Apache / Resource Hash `8a46b2293f01fce4b17ddd4bb7cfb0be1b2bbbbf8296b2f74ec6a374f73e0b6d` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host hammanhill.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://hammanhill.com/Shared/ Connection keep-alive Cache-Control no-cache Referer http://hammanhill.com/Shared/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Tue, 14 Nov 2017 05:29:42 GMT Last-Modified Tue, 07 Mar 2017 12:47:36 GMT Server Apache Upgrade h2 Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type image/jpeg Keep-Alive timeout=3, max=100 Content-Length 22663
GET H/1.1	200 OK	gm2.png hammanhill.com/Shared/index_files/	416 KB 416 KB	228ms 114ms	Image image/png	31.220.17.3 HOSTINGER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://hammanhill.com/Shared/index_files/gm2.png Requested by Host: hammanhill.com URL: http://hammanhill.com/Shared/ Protocol HTTP/1.1 Server 31.220.17.3 , United States, ASN47583 (HOSTINGER-AS, LT), Reverse DNS srv17-3.hosting24.com Software Apache / Resource Hash `4fd72267e95fd21ea5cff803c24b770e18b2cf50f4ae1b8ec6fefd9441ac7968` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host hammanhill.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://hammanhill.com/Shared/ Connection keep-alive Cache-Control no-cache Referer http://hammanhill.com/Shared/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Tue, 14 Nov 2017 05:29:42 GMT Last-Modified Tue, 07 Mar 2017 12:47:22 GMT Server Apache Upgrade h2 Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type image/png Keep-Alive timeout=3, max=100 Content-Length 426095
GET H/1.1	200 OK	ok.png hammanhill.com/Shared/index_files/	16 KB 16 KB	331ms 110ms	Image image/png	31.220.17.3 HOSTINGER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://hammanhill.com/Shared/index_files/ok.png Requested by Host: hammanhill.com URL: http://hammanhill.com/Shared/ Protocol HTTP/1.1 Server 31.220.17.3 , United States, ASN47583 (HOSTINGER-AS, LT), Reverse DNS srv17-3.hosting24.com Software Apache / Resource Hash `9f7319dd6a55cff9d775f1b7fc17dfc297f4297a115a87ed2099e9bd82d714dc` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host hammanhill.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://hammanhill.com/Shared/ Connection keep-alive Cache-Control no-cache Referer http://hammanhill.com/Shared/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Tue, 14 Nov 2017 05:29:43 GMT Last-Modified Tue, 07 Mar 2017 12:47:28 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=3, max=99 Content-Length 16110
GET H/1.1	200 OK	al2.jpg hammanhill.com/Shared/index_files/	324 KB 324 KB	453ms 113ms	Image image/jpeg	31.220.17.3 HOSTINGER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://hammanhill.com/Shared/index_files/al2.jpg Requested by Host: hammanhill.com URL: http://hammanhill.com/Shared/ Protocol HTTP/1.1 Server 31.220.17.3 , United States, ASN47583 (HOSTINGER-AS, LT), Reverse DNS srv17-3.hosting24.com Software Apache / Resource Hash `415ff5c7f58d5b35054906ffffa2f5c87491321fad4a4654e0670839826ce86d` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host hammanhill.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://hammanhill.com/Shared/ Connection keep-alive Cache-Control no-cache Referer http://hammanhill.com/Shared/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Tue, 14 Nov 2017 05:29:43 GMT Last-Modified Tue, 07 Mar 2017 12:47:12 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=3, max=99 Content-Length 331881
GET H/1.1	200 OK	O001.jpg hammanhill.com/Shared/index_files/	386 KB 386 KB	220ms 112ms	Image image/jpeg	31.220.17.3 HOSTINGER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://hammanhill.com/Shared/index_files/O001.jpg Requested by Host: hammanhill.com URL: http://hammanhill.com/Shared/ Protocol HTTP/1.1 Server 31.220.17.3 , United States, ASN47583 (HOSTINGER-AS, LT), Reverse DNS srv17-3.hosting24.com Software Apache / Resource Hash `6c38467a494033bc433963830598c9e34d57c13ac60a0cfc45986dc5c94a72bf` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host hammanhill.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://hammanhill.com/Shared/ Connection keep-alive Cache-Control no-cache Referer http://hammanhill.com/Shared/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Tue, 14 Nov 2017 05:29:42 GMT Last-Modified Tue, 07 Mar 2017 12:47:32 GMT Server Apache Upgrade h2 Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type image/jpeg Keep-Alive timeout=3, max=100 Content-Length 394834
GET H/1.1	200 OK	logo_strip_2x.png hammanhill.com/Shared/index_files/	10 KB 10 KB	217ms 110ms	Image image/png	31.220.17.3 HOSTINGER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://hammanhill.com/Shared/index_files/logo_strip_2x.png Requested by Host: hammanhill.com URL: http://hammanhill.com/Shared/ Protocol HTTP/1.1 Server 31.220.17.3 , United States, ASN47583 (HOSTINGER-AS, LT), Reverse DNS srv17-3.hosting24.com Software Apache / Resource Hash `b2d3305551055e5d28aea38f218ee6ff6006afb8c80cc4f206a206bcb758df7c` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host hammanhill.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://hammanhill.com/Shared/ Connection keep-alive Cache-Control no-cache Referer http://hammanhill.com/Shared/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Tue, 14 Nov 2017 05:29:42 GMT Last-Modified Tue, 07 Mar 2017 12:47:26 GMT Server Apache Upgrade h2 Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type image/png Keep-Alive timeout=3, max=100 Content-Length 10297

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Google (Online) Outlook (Online)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

hammanhill.com
31.220.17.3
415ff5c7f58d5b35054906ffffa2f5c87491321fad4a4654e0670839826ce86d
4fd72267e95fd21ea5cff803c24b770e18b2cf50f4ae1b8ec6fefd9441ac7968
51f6b6ebad10f484025835732e6612303feb10e3879fb7800db1574d4b7971e0
6c38467a494033bc433963830598c9e34d57c13ac60a0cfc45986dc5c94a72bf
7493876dabdcf991000e5e0dbcceeb7282dbba972c26a01c728589a184b7547c
8a46b2293f01fce4b17ddd4bb7cfb0be1b2bbbbf8296b2f74ec6a374f73e0b6d
9f7319dd6a55cff9d775f1b7fc17dfc297f4297a115a87ed2099e9bd82d714dc
b2d3305551055e5d28aea38f218ee6ff6006afb8c80cc4f206a206bcb758df7c
fd89aa73467280b82abef0680df869c98126344ad8679fd643eb5da21d0cc7ba

hammanhill.com Open in urlscan Pro 31.220.17.3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

9 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

1410 kBTransfer

1410 kBSize

0 Cookies

0 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

0 Cookies

Indicators

hammanhill.com Open in urlscan Pro
31.220.17.3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1410 kB
Transfer

1410 kB
Size

0
Cookies

9 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!