lonestarwinecellars.com
Open in
urlscan Pro
104.24.103.219
Malicious Activity!
Public Scan
Effective URL: http://lonestarwinecellars.com/one/poow/chaq.php?cmd=login_submit&id=8294712284c170e75a5565350a4f40ee8294712284c170e75a5565350a...
Submission: On February 01 via manual from FR
Summary
This is the only time lonestarwinecellars.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: DHL (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 9 | 104.24.102.219 104.24.102.219 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 5 | 104.24.103.219 104.24.103.219 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 91.198.174.208 91.198.174.208 | 14907 (WIKIMEDIA) (WIKIMEDIA - Wikimedia Foundation Inc.) | |
1 | 137.44.1.7 137.44.1.7 | 786 (JANET Jis...) (JANET Jisc Services Limited) | |
15 | 5 |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
lonestarwinecellars.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
lonestarwinecellars.com |
ASN14907 (WIKIMEDIA - Wikimedia Foundation Inc., US)
PTR: upload-lb.esams.wikimedia.org
upload.wikimedia.org |
ASN786 (JANET Jisc Services Limited, GB)
PTR: web.swan.ac.uk
www.swansea.ac.uk |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
lonestarwinecellars.com
3 redirects
lonestarwinecellars.com |
69 KB |
1 |
swansea.ac.uk
www.swansea.ac.uk |
44 KB |
1 |
wikimedia.org
upload.wikimedia.org |
14 KB |
15 | 3 |
Domain | Requested by | |
---|---|---|
14 | lonestarwinecellars.com |
3 redirects
lonestarwinecellars.com
|
1 | www.swansea.ac.uk |
lonestarwinecellars.com
|
1 | upload.wikimedia.org |
lonestarwinecellars.com
|
15 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni24768.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2018-01-30 - 2018-08-08 |
6 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://lonestarwinecellars.com/one/poow/chaq.php?cmd=login_submit&id=8294712284c170e75a5565350a4f40ee8294712284c170e75a5565350a4f40ee&session=8294712284c170e75a5565350a4f40ee8294712284c170e75a5565350a4f40ee
Frame ID: (BC940E15B6ADE22E59B9CDAC63F3AE79)
Requests: 15 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://lonestarwinecellars.com/one
HTTP 301
https://lonestarwinecellars.com/one/ HTTP 302
https://lonestarwinecellars.com/one/vac.php?cmd=login_submit&id=7f64a3e4c5d6a6b028228d6f496dfa977f64a3e4c5d6... Page URL
-
http://lonestarwinecellars.com/one/poow/
HTTP 302
http://lonestarwinecellars.com/one/poow/chaq.php?cmd=login_submit&id=8294712284c170e75a5565350a4f40ee829471... Page URL
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /cloudflare/i
Twitter Bootstrap () Expand
Detected patterns
- html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://lonestarwinecellars.com/one
HTTP 301
https://lonestarwinecellars.com/one/ HTTP 302
https://lonestarwinecellars.com/one/vac.php?cmd=login_submit&id=7f64a3e4c5d6a6b028228d6f496dfa977f64a3e4c5d6a6b028228d6f496dfa97&session=7f64a3e4c5d6a6b028228d6f496dfa977f64a3e4c5d6a6b028228d6f496dfa97 Page URL
-
http://lonestarwinecellars.com/one/poow/
HTTP 302
http://lonestarwinecellars.com/one/poow/chaq.php?cmd=login_submit&id=8294712284c170e75a5565350a4f40ee8294712284c170e75a5565350a4f40ee&session=8294712284c170e75a5565350a4f40ee8294712284c170e75a5565350a4f40ee Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://lonestarwinecellars.com/one HTTP 301
- https://lonestarwinecellars.com/one/ HTTP 302
- https://lonestarwinecellars.com/one/vac.php?cmd=login_submit&id=7f64a3e4c5d6a6b028228d6f496dfa977f64a3e4c5d6a6b028228d6f496dfa97&session=7f64a3e4c5d6a6b028228d6f496dfa977f64a3e4c5d6a6b028228d6f496dfa97
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
vac.php
lonestarwinecellars.com/one/ Redirect Chain
|
2 KB 940 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
chaq.php
lonestarwinecellars.com/one/poow/ Redirect Chain
|
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font.css
lonestarwinecellars.com/one/poow/telm_files/ |
360 B 602 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.css
lonestarwinecellars.com/one/poow/telm_files/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
input.css
lonestarwinecellars.com/one/poow/telm_files/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
stander.css
lonestarwinecellars.com/one/poow/telm_files/ |
351 B 592 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.css
lonestarwinecellars.com/one/poow/telm_files/ |
101 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap-responsive.css
lonestarwinecellars.com/one/poow/telm_files/ |
16 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap-select.css
lonestarwinecellars.com/one/poow/telm_files/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
responsive.css
lonestarwinecellars.com/one/poow/telm_files/ |
773 B 759 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
1024px-DHL_Logo.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/a/ac/DHL_Logo.svg/ |
13 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
office-2.png
www.swansea.ac.uk/it-services/software-enquiry/office-365/ |
44 KB 44 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loading_ajax.gif
lonestarwinecellars.com/one/poow/telm_files/ |
39 KB 39 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
robot.jpg
lonestarwinecellars.com/one/img/robot/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
open-sans.light-webfont.woff
lonestarwinecellars.com/one/poow/font/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- lonestarwinecellars.com
- URL
- http://lonestarwinecellars.com/one/img/robot/robot.jpg
- Domain
- lonestarwinecellars.com
- URL
- http://lonestarwinecellars.com/one/poow/font/open-sans.light-webfont.woff
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: DHL (Transportation)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.lonestarwinecellars.com/ | Name: __cfduid Value: dba593473270eb9e9772314323dc503371517490540 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
lonestarwinecellars.com
upload.wikimedia.org
www.swansea.ac.uk
lonestarwinecellars.com
104.24.102.219
104.24.103.219
137.44.1.7
91.198.174.208
421d3eb7c2f435df66dfc643c39d2d4ea8e78cd44a61bb06ee314405a6c57b02
43bdd7b311c1bbf61b833bdece51e14b34aa392f5a93ed8845d6b30787045f74
44ea85d9366fc381892e759dd859943376bf1cc39291031b7c029dd01d588a74
6022b5e8692b0eb296738f93dd335369c13b212eee36bb254f24296edfc21401
63ec3345a8266742c7991c63d7fc88af5d79502f4a8ab61f781afc56e06e41cd
6bf77277b6b68dbb5d8ed60b89dfe0c6865f43414c4d3175f4f4ec022c725079
736ecd0c8f67598738c2f8110fd4b0ce8fffdfd341026f190b6a29ae0b0de640
b35f91c6427032dafcd24c975b91bdd98d67834b0225c0a652810f932cc2ee34
c003d3dc0a85742abf0c35fa3a5301924a737a8bbe1783138e730c4b8750ae74
d35dfbf2acf25191abeaa880b3f1103fc82c007534cff25d950321f96f81bf3d
d657f5f4559dc7ca2114aa5c0b19d4da699bbcc7590e497a01f52b9967d4423d
e5dc908c683f9fedd0183d4dc8a844f0c1053575301b069852f17afd4fc082bd
f6e31d1f8352bad3486f40dcdc0bab2f5d3e88b715d65a9e36f0733a3f26aaee