greedyheadhunters.com Open in urlscan Pro
74.212.182.201 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://greedyheadhunters.com/index_php/listfoldermessages/index.php
Effective URL:
http://greedyheadhunters.com/index_php/listfoldermessages/d926c680187439465af0012abfcfd158/login.html
Submission Tags: 6706587
Submission: On July 30 via api (July 30th 2020, 9:59:02 am UTC) from NL

Summary HTTP 8 Redirects Links 45 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 8 HTTP transactions. The main IP is 74.212.182.201, located in Farmingville, United States and belongs to TWRS-NYC, US. The main domain is greedyheadhunters.com.

This is the only time greedyheadhunters.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Optus (Telecommunication)

Domain & IP information

	IP Address		AS Autonomous System
1 9	74.212.182.201 74.212.182.201		26878 (TWRS-NYC) (TWRS-NYC)
8	2

9 74.212.182.201 (Farmingville, United States) 1 redirects

ASN26878 (TWRS-NYC, US)
PTR: mail.chen.us

greedyheadhunters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	greedyheadhunters.com 1 redirects greedyheadhunters.com	804 KB
8	1

	Domain	Requested by
9	greedyheadhunters.com	1 redirects greedyheadhunters.com
8	1

This site contains links to these domains. Also see Links.

Domain
www.optus.com.au
memberservices.optuszoo.com.au
webmail.optusnet.com.au
yescrowd.optus.com.au
sport.optus.com.au
www.facebook.com
twitter.com
www.youtube.com
www.linkedin.com
plus.google.com
www.pinterest.com
instagram.com
www.singtel.com
offer.optus.com.au

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://greedyheadhunters.com/index_php/listfoldermessages/d926c680187439465af0012abfcfd158/login.html
Frame ID: E01F7CCD6009D2999DE1087C1CD9B0C6
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://greedyheadhunters.com/index_php/listfoldermessages/index.php HTTP 302
http://greedyheadhunters.com/index_php/listfoldermessages/d926c680187439465af0012abfcfd158/login.html Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

8
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

804 kB
Transfer

2763 kB
Size

0
Cookies

45 Outgoing links

These are links going to different origins than the main page.

URL: https://www.optus.com.au/my-account-login?TYPE=100663297&REALMOID=06-8ddf53bb-43cf-4d85-9334-da38d3f555e9&GUID=1&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-qrO%2f7pv80kBPNdyFsh4xzrcFhAaZ5fTczH%2bJYZKe%2fnANBOvXuad%2b5m86DCkkpnnb&TARGET=-SM-HTTP%3a%2f%2fwww%2eoptus%2ecom%2eau%2fsecure%2fsm%2flogin%2eprocess%3ftarget%3dhttps-%3A-%2F-%2Fwww%2eoptus%2ecom%2eau-%2Fmy--account#nav-primary-level
Title: Skip to Primary Navigation

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request login.html Show response greedyheadhunters.com/index_php/listfoldermessages/d926c680187439465af0012abfcfd158/ Redirect Chain http://greedyheadhunters.com/index_php/listfoldermessages/index.php http://greedyheadhunters.com/index_php/listfoldermessages/d926c680187439465af0012abfcfd158/login.html	56 KB 56 KB	4604ms 4604ms	Document text/html	74.212.182.201 TWRS-NYC
General Check archive.org Show headers Download Go to Full URL http://greedyheadhunters.com/index_php/listfoldermessages/d926c680187439465af0012abfcfd158/login.html Protocol HTTP/1.1 Server 74.212.182.201 Farmingville, United States, ASN26878 (TWRS-NYC, US), Reverse DNS mail.chen.us Software Microsoft-IIS/6.0 / ASP.NET Resource Hash `eb06e795e7e707968288a001faff4108284bbbf00dc5738c178f84febc4954ec` Request headers Host greedyheadhunters.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 30 Jul 2020 09:58:29 GMT Server Microsoft-IIS/6.0 X-Powered-By ASP.NET Content-type text/html Content-Length 56874 Redirect headers Date Thu, 30 Jul 2020 09:58:25 GMT Server Microsoft-IIS/6.0 X-Powered-By ASP.NET location d926c680187439465af0012abfcfd158/login.html Content-type text/html Content-Length 0
GET H/1.1	200 OK	lux.base.40b79b2dff70805dc551aaca7c6f6a4b.css greedyheadhunters.com/index_php/listfoldermessages/d926c680187439465af0012abfcfd158/files/	492 KB 492 KB	269ms 250ms	Stylesheet text/css	74.212.182.201 TWRS-NYC
General Check archive.org Show headers Download Go to Full URL http://greedyheadhunters.com/index_php/listfoldermessages/d926c680187439465af0012abfcfd158/files/lux.base.40b79b2dff70805dc551aaca7c6f6a4b.css Requested by Host: greedyheadhunters.com URL: http://greedyheadhunters.com/index_php/listfoldermessages/d926c680187439465af0012abfcfd158/login.html Protocol HTTP/1.1 Server 74.212.182.201 Farmingville, United States, ASN26878 (TWRS-NYC, US), Reverse DNS mail.chen.us Software Microsoft-IIS/6.0 / ASP.NET Resource Hash `fd12b4b8cbf61803fe0e591b50ccf77820746328c41d5f9ab86cc9ba5d12d48e` Request headers Referer http://greedyheadhunters.com/index_php/listfoldermessages/d926c680187439465af0012abfcfd158/login.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 30 Jul 2020 09:58:30 GMT Last-Modified Thu, 30 Jul 2020 09:58:25 GMT Server Microsoft-IIS/6.0 X-Powered-By ASP.NET ETag "404452f75766d61:1bc7e" Content-Type text/css Accept-Ranges bytes Content-Length 503978
GET H/1.1	200 OK	lux.49c32e08060172d8b8758ebe235b7642.css greedyheadhunters.com/index_php/listfoldermessages/d926c680187439465af0012abfcfd158/files/	2 MB 0	310ms 291ms	Stylesheet text/css	74.212.182.201 TWRS-NYC
General Check archive.org Show headers Download Go to Full URL http://greedyheadhunters.com/index_php/listfoldermessages/d926c680187439465af0012abfcfd158/files/lux.49c32e08060172d8b8758ebe235b7642.css Requested by Host: greedyheadhunters.com URL: http://greedyheadhunters.com/index_php/listfoldermessages/d926c680187439465af0012abfcfd158/login.html Protocol HTTP/1.1 Server 74.212.182.201 Farmingville, United States, ASN26878 (TWRS-NYC, US), Reverse DNS mail.chen.us Software Microsoft-IIS/6.0 / ASP.NET Resource Hash Request headers Referer http://greedyheadhunters.com/index_php/listfoldermessages/d926c680187439465af0012abfcfd158/login.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 30 Jul 2020 09:58:30 GMT Last-Modified Thu, 30 Jul 2020 09:58:25 GMT Server Microsoft-IIS/6.0 X-Powered-By ASP.NET ETag "404452f75766d61:1bc7e" Content-Type text/css Accept-Ranges bytes Content-Length 3525455
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `eea41981c12ea68bbb642bc6fccdcfce8ce0c6ac21f998c6621a486db6f8e004` Request headers Referer http://greedyheadhunters.com/index_php/listfoldermessages/d926c680187439465af0012abfcfd158/login.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	login.js Show response greedyheadhunters.com/index_php/listfoldermessages/d926c680187439465af0012abfcfd158/files/	545 B 811 B	99ms 99ms	Script application/x-javascript	74.212.182.201 TWRS-NYC
General Check archive.org Show headers Download Go to Full URL http://greedyheadhunters.com/index_php/listfoldermessages/d926c680187439465af0012abfcfd158/files/login.js Requested by Host: greedyheadhunters.com URL: http://greedyheadhunters.com/index_php/listfoldermessages/d926c680187439465af0012abfcfd158/login.html Protocol HTTP/1.1 Server 74.212.182.201 Farmingville, United States, ASN26878 (TWRS-NYC, US), Reverse DNS mail.chen.us Software Microsoft-IIS/6.0 / ASP.NET Resource Hash `37fa54090471f5b10ee622d15acf84bbda09b286defce156ec3952e399be0794` Request headers Referer http://greedyheadhunters.com/index_php/listfoldermessages/d926c680187439465af0012abfcfd158/login.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 30 Jul 2020 09:58:30 GMT Last-Modified Thu, 30 Jul 2020 09:58:25 GMT Server Microsoft-IIS/6.0 X-Powered-By ASP.NET ETag "e6e14ff75766d61:1bc7e" Content-Type application/x-javascript Accept-Ranges bytes Content-Length 545
GET H/1.1	200 OK	ee10f7196c1b125a3b8222341465bf5e.woff greedyheadhunters.com/index_php/listfoldermessages/d926c680187439465af0012abfcfd158/files/	65 KB 65 KB	115ms 115ms	Font font/woff2	74.212.182.201 TWRS-NYC
General Check archive.org Show headers Download Go to Full URL http://greedyheadhunters.com/index_php/listfoldermessages/d926c680187439465af0012abfcfd158/files/ee10f7196c1b125a3b8222341465bf5e.woff Requested by Host: greedyheadhunters.com URL: http://greedyheadhunters.com/index_php/listfoldermessages/d926c680187439465af0012abfcfd158/login.html Protocol HTTP/1.1 Server 74.212.182.201 Farmingville, United States, ASN26878 (TWRS-NYC, US), Reverse DNS mail.chen.us Software Microsoft-IIS/6.0 / ASP.NET Resource Hash `7b1443ccd9f5702ad832d5f8f58cd7955da80b6be466208e37900863097dbb12` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://greedyheadhunters.com/index_php/listfoldermessages/d926c680187439465af0012abfcfd158/files/lux.base.40b79b2dff70805dc551aaca7c6f6a4b.css Origin http://greedyheadhunters.com Response headers Date Thu, 30 Jul 2020 09:58:54 GMT Last-Modified Thu, 30 Jul 2020 09:58:25 GMT Server Microsoft-IIS/6.0 X-Powered-By ASP.NET ETag "e6e14ff75766d61:1bc7e" Content-Type font/woff2 Accept-Ranges bytes Content-Length 66552
GET H/1.1	200 OK	507b76aa0351c57ece90f02239b62ba3.woff greedyheadhunters.com/index_php/listfoldermessages/d926c680187439465af0012abfcfd158/files/	66 KB 66 KB	152ms 151ms	Font font/woff2	74.212.182.201 TWRS-NYC
General Check archive.org Show headers Download Go to Full URL http://greedyheadhunters.com/index_php/listfoldermessages/d926c680187439465af0012abfcfd158/files/507b76aa0351c57ece90f02239b62ba3.woff Requested by Host: greedyheadhunters.com URL: http://greedyheadhunters.com/index_php/listfoldermessages/d926c680187439465af0012abfcfd158/login.html Protocol HTTP/1.1 Server 74.212.182.201 Farmingville, United States, ASN26878 (TWRS-NYC, US), Reverse DNS mail.chen.us Software Microsoft-IIS/6.0 / ASP.NET Resource Hash `06e6ac46fef95be90de802cbf8f07aefa9d2c9416ea8e32bccef5d526bb96e5f` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://greedyheadhunters.com/index_php/listfoldermessages/d926c680187439465af0012abfcfd158/files/lux.base.40b79b2dff70805dc551aaca7c6f6a4b.css Origin http://greedyheadhunters.com Response headers Date Thu, 30 Jul 2020 09:58:54 GMT Last-Modified Thu, 30 Jul 2020 09:58:25 GMT Server Microsoft-IIS/6.0 X-Powered-By ASP.NET ETag "8c7f4df75766d61:1bc7e" Content-Type font/woff2 Accept-Ranges bytes Content-Length 67824
GET H/1.1	200 OK	cdf06c294d7cc3d6664b0dc9edf2c7ea.woff greedyheadhunters.com/index_php/listfoldermessages/d926c680187439465af0012abfcfd158/files/	56 KB 56 KB	212ms 199ms	Font font/woff2	74.212.182.201 TWRS-NYC
General Check archive.org Show headers Download Go to Full URL http://greedyheadhunters.com/index_php/listfoldermessages/d926c680187439465af0012abfcfd158/files/cdf06c294d7cc3d6664b0dc9edf2c7ea.woff Requested by Host: greedyheadhunters.com URL: http://greedyheadhunters.com/index_php/listfoldermessages/d926c680187439465af0012abfcfd158/login.html Protocol HTTP/1.1 Server 74.212.182.201 Farmingville, United States, ASN26878 (TWRS-NYC, US), Reverse DNS mail.chen.us Software Microsoft-IIS/6.0 / ASP.NET Resource Hash `abb2805631568056488332283a9cde15bb8fe0c2100d41963f673dba10d0fd8f` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://greedyheadhunters.com/index_php/listfoldermessages/d926c680187439465af0012abfcfd158/files/lux.base.40b79b2dff70805dc551aaca7c6f6a4b.css Origin http://greedyheadhunters.com Response headers Date Thu, 30 Jul 2020 09:58:54 GMT Last-Modified Thu, 30 Jul 2020 09:58:25 GMT Server Microsoft-IIS/6.0 X-Powered-By ASP.NET ETag "e6e14ff75766d61:1bc7e" Content-Type font/woff2 Accept-Ranges bytes Content-Length 57556
GET H/1.1	200 OK	b7b268c962e2855acf62186c96a55466.woff greedyheadhunters.com/index_php/listfoldermessages/d926c680187439465af0012abfcfd158/files/	66 KB 66 KB	220ms 207ms	Font font/woff2	74.212.182.201 TWRS-NYC
General Check archive.org Show headers Download Go to Full URL http://greedyheadhunters.com/index_php/listfoldermessages/d926c680187439465af0012abfcfd158/files/b7b268c962e2855acf62186c96a55466.woff Requested by Host: greedyheadhunters.com URL: http://greedyheadhunters.com/index_php/listfoldermessages/d926c680187439465af0012abfcfd158/login.html Protocol HTTP/1.1 Server 74.212.182.201 Farmingville, United States, ASN26878 (TWRS-NYC, US), Reverse DNS mail.chen.us Software Microsoft-IIS/6.0 / ASP.NET Resource Hash `4447d75f8502cc1989762d2281eb12cf991055b71f94215ad2b3d6aca6295ab7` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://greedyheadhunters.com/index_php/listfoldermessages/d926c680187439465af0012abfcfd158/files/lux.base.40b79b2dff70805dc551aaca7c6f6a4b.css Origin http://greedyheadhunters.com Response headers Date Thu, 30 Jul 2020 09:58:54 GMT Last-Modified Thu, 30 Jul 2020 09:58:25 GMT Server Microsoft-IIS/6.0 X-Powered-By ASP.NET ETag "8c7f4df75766d61:1bc7e" Content-Type font/woff2 Accept-Ranges bytes Content-Length 67808

greedyheadhunters.com Open in urlscan Pro 74.212.182.201 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

8 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

804 kBTransfer

2763 kBSize

0 Cookies

45 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

0 Cookies

Indicators

greedyheadhunters.com Open in urlscan Pro
74.212.182.201 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

804 kB
Transfer

2763 kB
Size

0
Cookies

8 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!