www.co.iroquois.il.us Open in urlscan Pro
96.30.35.234 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/index.html?7777...
Submission: On January 15 via manual (January 15th 2018, 10:50:06 pm UTC) from US

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 14 HTTP transactions. The main IP is 96.30.35.234, located in Lansing, United States and belongs to LIQUIDWEB - Liquid Web, L.L.C, US. The main domain is www.co.iroquois.il.us.
TLS certificate: Issued by cPanel, Inc. Certification Authority on December 31st 2017. Valid for: 3 months.

This is the only time www.co.iroquois.il.us was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Wells Fargo (Banking)

Domain & IP information

	IP Address		AS Autonomous System
14	96.30.35.234 96.30.35.234		32244 (LIQUIDWEB) (LIQUIDWEB - Liquid Web)
14	1

14 96.30.35.234 (Lansing, United States)

ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US)
PTR: host.webfoot-designs.com

www.co.iroquois.il.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	iroquois.il.us www.co.iroquois.il.us
14	1

	Domain	Requested by
14	www.co.iroquois.il.us	www.co.iroquois.il.us
14	1

This site contains no links.

Subject Issuer	Validity	Valid
co.iroquois.il.us cPanel, Inc. Certification Authority	`2017-12-31` - `2018-03-31`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/index.html?7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573
Frame ID: (55ED7004E405A064E70E569E14B18D1D)
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js/i

Twitter Bootstrap () Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i
script /(?:twitter\.github\.com\/bootstrap|bootstrap(?:\.js|\.min\.js))/i

Page Statistics

14
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

0 kB
Transfer

2069 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request index.html Show response www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/	6 KB 0	342ms 112ms	Document text/html	96.30.35.234 Liquid Web
General Check archive.org Show headers Download Go to Full URL https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/index.html?7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 96.30.35.234 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US), Reverse DNS host.webfoot-designs.com Software LiteSpeed / Resource Hash `898cd19f0ca4dadb855b503d6042c7848b98c5fdee38a98038e77eb660218fb1` Request headers :path /wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/index.html?7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573 accept-encoding gzip, deflate upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 :authority www.co.iroquois.il.us :scheme https :method GET Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Mon, 15 Jan 2018 22:49:53 GMT content-encoding gzip last-modified Tue, 16 Jan 2018 00:55:42 GMT server LiteSpeed vary Accept-Encoding content-type text/html status 200 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="35,37,38,39" content-length 1679
GET H2	200	bootstrap.min.css www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/css/	98 KB 0	113ms 112ms	Stylesheet text/css	96.30.35.234 Liquid Web
General Check archive.org Show headers Download Go to Full URL https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/css/bootstrap.min.css Requested by Host: www.co.iroquois.il.us URL: https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/index.html?7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 96.30.35.234 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US), Reverse DNS host.webfoot-designs.com Software LiteSpeed / Resource Hash `e9503448692b738dd260fbd7f7cabf2e11f09b600fa97e6eb3a56eba5b1a7e9b` Request headers :path /wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/css/bootstrap.min.css pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 accept text/css,/;q=0.1 cache-control no-cache :authority www.co.iroquois.il.us referer https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/index.html?7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573 :scheme https :method GET Referer https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/index.html?7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Mon, 15 Jan 2018 22:49:53 GMT content-encoding gzip last-modified Sat, 13 Jan 2018 05:40:38 GMT server LiteSpeed vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=604800 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="35,37,38,39" content-length 21579 expires Mon, 22 Jan 2018 22:49:53 GMT
GET H2	200	kendo.common.min.css www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/css/	162 KB 0	337ms 336ms	Stylesheet text/css	96.30.35.234 Liquid Web
General Check archive.org Show headers Download Go to Full URL https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/css/kendo.common.min.css Requested by Host: www.co.iroquois.il.us URL: https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/index.html?7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 96.30.35.234 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US), Reverse DNS host.webfoot-designs.com Software LiteSpeed / Resource Hash `def9faa85b74cc15725c43124c825d26172e3f384fa15e0b1b6f5e7c519a5610` Request headers :path /wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/css/kendo.common.min.css pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 accept text/css,/;q=0.1 cache-control no-cache :authority www.co.iroquois.il.us referer https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/index.html?7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573 :scheme https :method GET Referer https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/index.html?7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Mon, 15 Jan 2018 22:49:53 GMT content-encoding gzip last-modified Sat, 13 Jan 2018 05:41:50 GMT server LiteSpeed vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=604800 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="35,37,38,39" content-length 32014 expires Mon, 22 Jan 2018 22:49:53 GMT
GET H2	200	kendo.bootstrap.min.css www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/css/	36 KB 0	449ms 448ms	Stylesheet text/css	96.30.35.234 Liquid Web
General Check archive.org Show headers Download Go to Full URL https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/css/kendo.bootstrap.min.css Requested by Host: www.co.iroquois.il.us URL: https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/index.html?7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 96.30.35.234 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US), Reverse DNS host.webfoot-designs.com Software LiteSpeed / Resource Hash `ac76d6ad0eeb2f198437e730903979dbbda95dea0b874b4abca9b2f0e77db03c` Request headers :path /wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/css/kendo.bootstrap.min.css pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 accept text/css,/;q=0.1 cache-control no-cache :authority www.co.iroquois.il.us referer https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/index.html?7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573 :scheme https :method GET Referer https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/index.html?7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Mon, 15 Jan 2018 22:49:53 GMT content-encoding gzip last-modified Sat, 13 Jan 2018 05:42:04 GMT server LiteSpeed vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=604800 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="35,37,38,39" content-length 8299 expires Mon, 22 Jan 2018 22:49:53 GMT
GET H2	200	gv.bootstrap-form.css www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/css/	2 KB 0	449ms 448ms	Stylesheet text/css	96.30.35.234 Liquid Web
General Check archive.org Show headers Download Go to Full URL https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/css/gv.bootstrap-form.css Requested by Host: www.co.iroquois.il.us URL: https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/index.html?7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 96.30.35.234 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US), Reverse DNS host.webfoot-designs.com Software LiteSpeed / Resource Hash `82815b8946793ed112fee2240315d0a749fb323a8852fca2601d464366916af1` Request headers :path /wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/css/gv.bootstrap-form.css pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 accept text/css,/;q=0.1 cache-control no-cache :authority www.co.iroquois.il.us referer https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/index.html?7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573 :scheme https :method GET Referer https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/index.html?7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Mon, 15 Jan 2018 22:49:53 GMT content-encoding gzip last-modified Sat, 13 Jan 2018 05:42:24 GMT server LiteSpeed vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=604800 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="35,37,38,39" content-length 660 expires Mon, 22 Jan 2018 22:49:53 GMT
GET H2	200	11.png www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/img/	12 KB 0	450ms 448ms	Image image/png	96.30.35.234 Liquid Web
General Check archive.org Show headers Download Go to Show image Full URL https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/img/11.png Requested by Host: www.co.iroquois.il.us URL: https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/index.html?7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 96.30.35.234 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US), Reverse DNS host.webfoot-designs.com Software LiteSpeed / Resource Hash `f809fa596dc2e66029e195d0aef2d6d7b077ea1f7d145455441ba893875aec41` Request headers :path /wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/img/11.png pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 accept image/webp,image/apng,image/,/;q=0.8 cache-control* no-cache :authority www.co.iroquois.il.us referer https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/index.html?7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573 :scheme https :method GET Referer https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/index.html?7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Mon, 15 Jan 2018 22:49:53 GMT last-modified Fri, 12 Jan 2018 06:56:10 GMT server LiteSpeed content-type image/png status 200 cache-control public, max-age=604800 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="35,37,38,39" content-length 12501 expires Mon, 22 Jan 2018 22:49:53 GMT
GET H2	200	jquery.min.js Show response www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/img/	90 KB 0	449ms 448ms	Script application/javascript	96.30.35.234 Liquid Web
General Check archive.org Show headers Download Go to Full URL https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/img/jquery.min.js Requested by Host: www.co.iroquois.il.us URL: https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/index.html?7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 96.30.35.234 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US), Reverse DNS host.webfoot-designs.com Software LiteSpeed / Resource Hash `c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4` Request headers :path /wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/img/jquery.min.js pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 accept / cache-control no-cache :authority www.co.iroquois.il.us referer https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/index.html?7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573 :scheme https :method GET Referer https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/index.html?7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Mon, 15 Jan 2018 22:49:53 GMT content-encoding gzip last-modified Sat, 13 Jan 2018 05:43:14 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=604800 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="35,37,38,39" content-length 37959 expires Mon, 22 Jan 2018 22:49:53 GMT
GET H2	200	bootstrap.min.js Show response www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/img/	28 KB 0	449ms 448ms	Script application/javascript	96.30.35.234 Liquid Web
General Check archive.org Show headers Download Go to Full URL https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/img/bootstrap.min.js Requested by Host: www.co.iroquois.il.us URL: https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/index.html?7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 96.30.35.234 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US), Reverse DNS host.webfoot-designs.com Software LiteSpeed / Resource Hash `898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1` Request headers :path /wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/img/bootstrap.min.js pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 accept / cache-control no-cache :authority www.co.iroquois.il.us referer https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/index.html?7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573 :scheme https :method GET Referer https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/index.html?7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Mon, 15 Jan 2018 22:49:53 GMT content-encoding gzip last-modified Sat, 13 Jan 2018 05:43:32 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=604800 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="35,37,38,39" content-length 9167 expires Mon, 22 Jan 2018 22:49:53 GMT
GET H2	200	jquery.inputmask.js Show response www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/img/	55 KB 0	449ms 449ms	Script application/javascript	96.30.35.234 Liquid Web
General Check archive.org Show headers Download Go to Full URL https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/img/jquery.inputmask.js Requested by Host: www.co.iroquois.il.us URL: https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/index.html?7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 96.30.35.234 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US), Reverse DNS host.webfoot-designs.com Software LiteSpeed / Resource Hash `7bca28017bab23145774da299714f5191e3fd03f4305f495532b7764b6d08db9` Request headers :path /wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/img/jquery.inputmask.js pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 accept / cache-control no-cache :authority www.co.iroquois.il.us referer https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/index.html?7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573 :scheme https :method GET Referer https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/index.html?7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Mon, 15 Jan 2018 22:49:53 GMT content-encoding gzip last-modified Sat, 13 Jan 2018 05:44:04 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=604800 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="35,37,38,39" content-length 12459 expires Mon, 22 Jan 2018 22:49:53 GMT
GET H2	200	kendo.all.min.js Show response www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/img/	1 MB 0	450ms 449ms	Script application/javascript	96.30.35.234 Liquid Web
General Check archive.org Show headers Download Go to Full URL https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/img/kendo.all.min.js Requested by Host: www.co.iroquois.il.us URL: https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/index.html?7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 96.30.35.234 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US), Reverse DNS host.webfoot-designs.com Software LiteSpeed / Resource Hash `089b0fca5d1a850f82de0af9eb0ea9221a453c11d6d8a2968a1f4230a987562b` Request headers :path /wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/img/kendo.all.min.js pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 accept / cache-control no-cache :authority www.co.iroquois.il.us referer https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/index.html?7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573 :scheme https :method GET Referer https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/index.html?7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Mon, 15 Jan 2018 22:49:53 GMT last-modified Sat, 13 Jan 2018 05:44:20 GMT server LiteSpeed content-type application/javascript status 200 cache-control public, max-age=604800 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="35,37,38,39" content-length 1493858 expires Mon, 22 Jan 2018 22:49:53 GMT
GET H2	200	parsley.extend.js Show response www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/img/	4 KB 0	450ms 449ms	Script application/javascript	96.30.35.234 Liquid Web
General Check archive.org Show headers Download Go to Full URL https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/img/parsley.extend.js Requested by Host: www.co.iroquois.il.us URL: https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/index.html?7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 96.30.35.234 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US), Reverse DNS host.webfoot-designs.com Software LiteSpeed / Resource Hash `cbf1955e0f359859712d9af7d62f06d83f5d016c87e8d0d2478f0b0e03b243d6` Request headers :path /wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/img/parsley.extend.js pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 accept / cache-control no-cache :authority www.co.iroquois.il.us referer https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/index.html?7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573 :scheme https :method GET Referer https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/index.html?7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Mon, 15 Jan 2018 22:49:53 GMT content-encoding gzip last-modified Sat, 13 Jan 2018 05:44:32 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=604800 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="35,37,38,39" content-length 1166 expires Mon, 22 Jan 2018 22:49:53 GMT
GET H2	200	parsley.js Show response www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/img/	103 KB 0	450ms 449ms	Script application/javascript	96.30.35.234 Liquid Web
General Check archive.org Show headers Download Go to Full URL https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/img/parsley.js Requested by Host: www.co.iroquois.il.us URL: https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/index.html?7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 96.30.35.234 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US), Reverse DNS host.webfoot-designs.com Software LiteSpeed / Resource Hash `8483066a4abe308af2a3c33df198969fb46d7d6878f8ca02f024ccd10e322ec4` Request headers :path /wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/img/parsley.js pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 accept / cache-control no-cache :authority www.co.iroquois.il.us referer https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/index.html?7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573 :scheme https :method GET Referer https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/index.html?7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Mon, 15 Jan 2018 22:49:53 GMT content-encoding gzip last-modified Sat, 13 Jan 2018 05:44:44 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=604800 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="35,37,38,39" content-length 24771 expires Mon, 22 Jan 2018 22:49:53 GMT
GET H2	200	download.js Show response www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/img/	1 KB 0	450ms 449ms	Script application/javascript	96.30.35.234 Liquid Web
General Check archive.org Show headers Download Go to Full URL https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/img/download.js Requested by Host: www.co.iroquois.il.us URL: https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/index.html?7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 96.30.35.234 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US), Reverse DNS host.webfoot-designs.com Software LiteSpeed / Resource Hash `2f2374a4e0d105c09dc10011e6a447d15b7059f96f5bee0dd7e969e0290367ad` Request headers :path /wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/img/download.js pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 accept / cache-control no-cache :authority www.co.iroquois.il.us referer https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/index.html?7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573 :scheme https :method GET Referer https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/index.html?7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Mon, 15 Jan 2018 22:49:53 GMT content-encoding gzip last-modified Sat, 13 Jan 2018 05:45:00 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=604800 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="35,37,38,39" content-length 665 expires Mon, 22 Jan 2018 22:49:53 GMT
GET H2	200	protostrap.js Show response www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/img/	13 KB 0	450ms 449ms	Script application/javascript	96.30.35.234 Liquid Web
General Check archive.org Show headers Download Go to Full URL https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/img/protostrap.js Requested by Host: www.co.iroquois.il.us URL: https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/index.html?7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 96.30.35.234 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US), Reverse DNS host.webfoot-designs.com Software LiteSpeed / Resource Hash `1fbd0731e7c72b175f954716533ecad559d45056ffbcb623ded7c440c6292eb9` Request headers :path /wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/img/protostrap.js pragma no-cache accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 accept / cache-control no-cache :authority www.co.iroquois.il.us referer https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/index.html?7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573 :scheme https :method GET Referer https://www.co.iroquois.il.us/wp-admin/network/log/user/id_session/455288896523/66525_56669/responsive/5522663/index.html?7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573-7777772e636f2e69726f71756f69732e696c2e7573 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers date Mon, 15 Jan 2018 22:49:53 GMT content-encoding gzip last-modified Sat, 13 Jan 2018 05:45:14 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=604800 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="35,37,38,39" content-length 2554 expires Mon, 22 Jan 2018 22:49:53 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Wells Fargo (Banking)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.co.iroquois.il.us
96.30.35.234
089b0fca5d1a850f82de0af9eb0ea9221a453c11d6d8a2968a1f4230a987562b
1fbd0731e7c72b175f954716533ecad559d45056ffbcb623ded7c440c6292eb9
2f2374a4e0d105c09dc10011e6a447d15b7059f96f5bee0dd7e969e0290367ad
7bca28017bab23145774da299714f5191e3fd03f4305f495532b7764b6d08db9
82815b8946793ed112fee2240315d0a749fb323a8852fca2601d464366916af1
8483066a4abe308af2a3c33df198969fb46d7d6878f8ca02f024ccd10e322ec4
898cd19f0ca4dadb855b503d6042c7848b98c5fdee38a98038e77eb660218fb1
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1
ac76d6ad0eeb2f198437e730903979dbbda95dea0b874b4abca9b2f0e77db03c
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
cbf1955e0f359859712d9af7d62f06d83f5d016c87e8d0d2478f0b0e03b243d6
def9faa85b74cc15725c43124c825d26172e3f384fa15e0b1b6f5e7c519a5610
e9503448692b738dd260fbd7f7cabf2e11f09b600fa97e6eb3a56eba5b1a7e9b
f809fa596dc2e66029e195d0aef2d6d7b077ea1f7d145455441ba893875aec41

www.co.iroquois.il.us Open in urlscan Pro 96.30.35.234 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

0 kBTransfer

2069 kBSize

0 Cookies

0 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

15 JavaScript Global Variables

0 Cookies

Indicators

www.co.iroquois.il.us Open in urlscan Pro
96.30.35.234 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

0 kB
Transfer

2069 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!