ashercorpgc.com Open in urlscan Pro
69.46.0.130 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tinyurl.com/hca3gvu
Effective URL:
http://ashercorpgc.com/press/Dirk/
Submission: On February 19 via automatic, source phishtank (February 19th 2017, 11:37:13 pm UTC)

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 20 HTTP transactions. The main IP is 69.46.0.130, located in Tampa, United States and belongs to HVC-AS - HIVELOCITY VENTURES CORP, US. The main domain is ashercorpgc.com.

This is the only time ashercorpgc.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: GDrive and other (Online)

Domain & IP information

	IP Address	AS Autonomous System
17	69.46.0.130 69.46.0.130	29802 (HVC-AS) (HVC-AS - HIVELOCITY VENTURES CORP)
1	2400:cb00:204... 2400:cb00:2048:1::6813:c466	13335 (CLOUDFLAR...) (CLOUDFLARENET - CloudFlare)
1	94.31.29.54 94.31.29.54	54104 (AS-NETDNA) (AS-NETDNA - netDNA)
1	93.184.221.200 93.184.221.200	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
20	4

17 69.46.0.130 (Tampa, United States)

ASN29802 (HVC-AS - HIVELOCITY VENTURES CORP, US)
PTR: tiger.valuetech.net

ashercorpgc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:cb00:2048:1::6813:c466 (United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.31.29.54 (United Kingdom)

ASN54104 (AS-NETDNA - netDNA, US)
PTR: 94.31.29.54.IPYX-077437-ZYO.above.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.184.221.200 (European Union)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

ajax.aspnetcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	ashercorpgc.com ashercorpgc.com	228 KB
1	aspnetcdn.com ajax.aspnetcdn.com	7 KB
1	jquery.com code.jquery.com	38 KB
1	cloudflare.com cdnjs.cloudflare.com	29 KB
20	4

	Domain	Requested by
17	ashercorpgc.com	ashercorpgc.com
1	ajax.aspnetcdn.com	ashercorpgc.com
1	code.jquery.com	ashercorpgc.com
1	cdnjs.cloudflare.com	ashercorpgc.com
20	4

This site contains no links.

Subject Issuer	Validity	Valid
code.jquery.com AlphaSSL CA - SHA256 - G2	`2016-07-20` - `2017-07-31`	a year	crt.sh
*.vo.msecnd.net Microsoft IT SSL SHA2	`2017-02-07` - `2018-04-07`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://ashercorpgc.com/press/Dirk/
Frame ID: 14518.1
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

20
Requests

10 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

302 kB
Transfer

425 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
ashercorpgc.com/press/Dirk/
Redirect Chain

http://tinyurl.com/hca3gvu
http://ashercorpgc.com/press/Dirk/

3 KB
3 KB

403ms
271ms

Document
text/html

69.46.0.130
HIVELOCITY VENTUR...

General

Check archive.org

Show headers Download Go to

Full URL: http://ashercorpgc.com/press/Dirk/
Protocol: HTTP/1.1
Server: 69.46.0.130 Tampa, United States, ASN29802 (HVC-AS - HIVELOCITY VENTURES CORP, US),
Reverse DNS: tiger.valuetech.net
Software: Apache / PHP/5.5.35
Resource Hash: fe12442a5c7b231561d7e5c7fb3da22c1930db9b2665cf097deb455888d36a50

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: ashercorpgc.com
Accept-Language: en-US,en;q=0.8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Cache-Control: no-cache
Connection: keep-alive
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Sun, 19 Feb 2017 23:37:04 GMT
Server: Apache
Connection: close
X-Powered-By: PHP/5.5.35
Transfer-Encoding: chunked
Content-Type: text/html

Redirect headers

Date: Sun, 19 Feb 2017 23:37:04 GMT
Server: cloudflare-nginx
Content-Type: text/html; charset=UTF-8
Location: http://ashercorpgc.com/press/Dirk/
Connection: keep-alive
Set-Cookie: __cfduid=dfe03cab82bcd12096fdb0222b82789741487547424; expires=Mon, 19-Feb-18 23:37:04 GMT; path=/; domain=.tinyurl.com; HttpOnly tinyUUID=8aa2c212259c000000000000; expires=Mon, 19-Feb-2018 23:37:00 GMT; Max-Age=31536000; path=/; domain=.tinyurl.com
CF-RAY: 333d8b69300463d9-FRA
Content-Length: 0
X-tiny: cache 0.0066630840301514

GET
H/1.1 200
OK mainbd.css
ashercorpgc.com/press/Dirk/css/ 4 KB
4 KB 260ms
131ms Stylesheet
text/css 69.46.0.130
HIVELOCITY VENTUR...

General

Check archive.org

Show headers Download Go to

Full URL: http://ashercorpgc.com/press/Dirk/css/mainbd.css
Requested by: Host: ashercorpgc.com
URL: http://ashercorpgc.com/press/Dirk/
Protocol: HTTP/1.1
Server: 69.46.0.130 Tampa, United States, ASN29802 (HVC-AS - HIVELOCITY VENTURES CORP, US),
Reverse DNS: tiger.valuetech.net
Software: Apache /
Resource Hash: ee257520cf12a1b4e91c189f5e25bed3fcac9bbd0cce2a1dd7acca8e68b88270

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: ashercorpgc.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://ashercorpgc.com/press/Dirk/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ashercorpgc.com/press/Dirk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Sun, 19 Feb 2017 23:37:05 GMT
Last-Modified: Tue, 12 Jan 2016 14:17:22 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 4304
Content-Type: text/css

GET
H/1.1 200
OK jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/ 82 KB
29 KB 17ms
11ms Script
application/javascript 2400:cb00:2048:1::6813:c466
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: http://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
Requested by: Host: ashercorpgc.com
URL: http://ashercorpgc.com/press/Dirk/
Protocol: HTTP/1.1
Server: 2400:cb00:2048:1::6813:c466 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: cdnjs.cloudflare.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://ashercorpgc.com/press/Dirk/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ashercorpgc.com/press/Dirk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Sun, 19 Feb 2017 23:37:04 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
CF-Cache-Status: HIT
Last-Modified: Wed, 22 Jun 2016 20:04:24 GMT
Server: cloudflare-nginx
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=30672000
Connection: keep-alive
CF-RAY: 333d8b6df4711589-FRA
Expires: Fri, 09 Feb 2018 23:37:04 GMT

GET
H/1.1 404
Not Found evalidation1.js
ashercorpgc.com/press/Dirk/js/ 0
0 267ms
134ms Script
text/html 69.46.0.130
HIVELOCITY VENTUR...

General

Check archive.org

Show headers Download Go to

Full URL: http://ashercorpgc.com/press/Dirk/js/evalidation1.js
Requested by: Host: ashercorpgc.com
URL: http://ashercorpgc.com/press/Dirk/
Protocol: HTTP/1.1
Server: 69.46.0.130 Tampa, United States, ASN29802 (HVC-AS - HIVELOCITY VENTURES CORP, US),
Reverse DNS: tiger.valuetech.net
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: ashercorpgc.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://ashercorpgc.com/press/Dirk/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ashercorpgc.com/press/Dirk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Sun, 19 Feb 2017 23:37:05 GMT
Server: Apache
Connection: close
Content-Length: 346
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 jquery-1.11.2.min.js Show response
code.jquery.com/ 94 KB
38 KB 25ms
6ms Script
application/javascript 94.31.29.54
netDNA

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.11.2.min.js
Requested by: Host: ashercorpgc.com
URL: http://ashercorpgc.com/press/Dirk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.54 , United Kingdom, ASN54104 (AS-NETDNA - netDNA, US),
Reverse DNS: 94.31.29.54.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Request headers

:path: /jquery-1.11.2.min.js
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: code.jquery.com
referer: http://ashercorpgc.com/press/Dirk/
:scheme: https
:method: GET
Referer: http://ashercorpgc.com/press/Dirk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

date: Sun, 19 Feb 2017 23:37:05 GMT
content-encoding: gzip
last-modified: Wed, 17 Dec 2014 16:05:21 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"5491a9c1-176bb"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000 public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK home_gl.png
ashercorpgc.com/press/Dirk/imgs/ 16 KB
16 KB 263ms
133ms Image
image/png 69.46.0.130
HIVELOCITY VENTUR...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ashercorpgc.com/press/Dirk/imgs/home_gl.png
Requested by: Host: ashercorpgc.com
URL: http://ashercorpgc.com/press/Dirk/
Protocol: HTTP/1.1
Server: 69.46.0.130 Tampa, United States, ASN29802 (HVC-AS - HIVELOCITY VENTURES CORP, US),
Reverse DNS: tiger.valuetech.net
Software: Apache /
Resource Hash: 15f90f4f29aa82ae18420f2bebc4a440c59be8e443def22e8a55235c792c1186

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: ashercorpgc.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://ashercorpgc.com/press/Dirk/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ashercorpgc.com/press/Dirk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Sun, 19 Feb 2017 23:37:05 GMT
Last-Modified: Mon, 04 Jan 2016 11:54:14 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 16380
Content-Type: image/png

GET
H/1.1 200
OK home_yl.png
ashercorpgc.com/press/Dirk/imgs/ 11 KB
11 KB 268ms
134ms Image
image/png 69.46.0.130
HIVELOCITY VENTUR...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ashercorpgc.com/press/Dirk/imgs/home_yl.png
Requested by: Host: ashercorpgc.com
URL: http://ashercorpgc.com/press/Dirk/
Protocol: HTTP/1.1
Server: 69.46.0.130 Tampa, United States, ASN29802 (HVC-AS - HIVELOCITY VENTURES CORP, US),
Reverse DNS: tiger.valuetech.net
Software: Apache /
Resource Hash: 5f563280ef3a437dc7ef3e57d40b54e855507dadb656cce1f80618ccf617f7d5

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: ashercorpgc.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://ashercorpgc.com/press/Dirk/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ashercorpgc.com/press/Dirk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Sun, 19 Feb 2017 23:37:05 GMT
Last-Modified: Mon, 04 Jan 2016 09:50:28 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 11631
Content-Type: image/png

GET
H/1.1 200
OK home_hm.png
ashercorpgc.com/press/Dirk/imgs/ 89 KB
89 KB 272ms
136ms Image
image/png 69.46.0.130
HIVELOCITY VENTUR...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ashercorpgc.com/press/Dirk/imgs/home_hm.png
Requested by: Host: ashercorpgc.com
URL: http://ashercorpgc.com/press/Dirk/
Protocol: HTTP/1.1
Server: 69.46.0.130 Tampa, United States, ASN29802 (HVC-AS - HIVELOCITY VENTURES CORP, US),
Reverse DNS: tiger.valuetech.net
Software: Apache /
Resource Hash: 1e0354f8e6d9fc58fffbfc39d7a2599cfa5ef9a7b31fa200fbbb2551bcf29609

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: ashercorpgc.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://ashercorpgc.com/press/Dirk/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ashercorpgc.com/press/Dirk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Sun, 19 Feb 2017 23:37:05 GMT
Last-Modified: Wed, 02 Mar 2016 23:41:00 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 91111
Content-Type: image/png

GET
H/1.1 200
OK home_al.jpg
ashercorpgc.com/press/Dirk/imgs/ 6 KB
6 KB 521ms
130ms Image
image/jpeg 69.46.0.130
HIVELOCITY VENTUR...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ashercorpgc.com/press/Dirk/imgs/home_al.jpg
Requested by: Host: ashercorpgc.com
URL: http://ashercorpgc.com/press/Dirk/
Protocol: HTTP/1.1
Server: 69.46.0.130 Tampa, United States, ASN29802 (HVC-AS - HIVELOCITY VENTURES CORP, US),
Reverse DNS: tiger.valuetech.net
Software: Apache /
Resource Hash: a8ef28aa99eb5c11fd34afaba2a61943b3e4ca36f7b6af36fe7f4e787cb6473f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: ashercorpgc.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://ashercorpgc.com/press/Dirk/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ashercorpgc.com/press/Dirk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Sun, 19 Feb 2017 23:37:05 GMT
Last-Modified: Mon, 04 Jan 2016 11:47:32 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 5849
Content-Type: image/jpeg

GET
H/1.1 200
OK ddsclickreader.js Show response
ashercorpgc.com/press/Dirk/js/ 15 KB
15 KB 300ms
132ms Script
application/javascript 69.46.0.130
HIVELOCITY VENTUR...

General

Check archive.org

Show headers Download Go to

Full URL: http://ashercorpgc.com/press/Dirk/js/ddsclickreader.js
Requested by: Host: ashercorpgc.com
URL: http://ashercorpgc.com/press/Dirk/
Protocol: HTTP/1.1
Server: 69.46.0.130 Tampa, United States, ASN29802 (HVC-AS - HIVELOCITY VENTURES CORP, US),
Reverse DNS: tiger.valuetech.net
Software: Apache /
Resource Hash: 67521f8b6e44d10808f99fc7320fe448e447bfa51b90b9ffb7484091570202d8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: ashercorpgc.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://ashercorpgc.com/press/Dirk/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ashercorpgc.com/press/Dirk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Sun, 19 Feb 2017 23:37:05 GMT
Last-Modified: Wed, 02 Mar 2016 23:49:48 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 15268
Content-Type: application/javascript

GET
H/1.1 200
OK jquery.validate.min.js Show response
ajax.aspnetcdn.com/ajax/jquery.validate/1.13.1/ 21 KB
7 KB 329ms
6ms Script
application/x-javascript 93.184.221.200
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jquery.validate/1.13.1/jquery.validate.min.js

Requested by

Host: ashercorpgc.com
URL: http://ashercorpgc.com/press/Dirk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

93.184.221.200 , European Union, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECAcc (frf/874B) /

Resource Hash

f0f5373ad203101ea91bf826c5a7ef8f7cd74887f06bad2cb9277a504503b9e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: ajax.aspnetcdn.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: */*
Referer: http://ashercorpgc.com/press/Dirk/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ashercorpgc.com/press/Dirk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Sun, 19 Feb 2017 23:37:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 31 Oct 2016 23:42:30 GMT
Server: ECAcc (frf/874B)
Etag: "0b7a471d033d21:0"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 6792
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK ashegradient.jpg
ashercorpgc.com/press/Dirk/css/ 53 KB
53 KB 611ms
132ms Image
image/jpeg 69.46.0.130
HIVELOCITY VENTUR...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ashercorpgc.com/press/Dirk/css/ashegradient.jpg
Requested by: Host: ashercorpgc.com
URL: http://ashercorpgc.com/press/Dirk/
Protocol: HTTP/1.1
Server: 69.46.0.130 Tampa, United States, ASN29802 (HVC-AS - HIVELOCITY VENTURES CORP, US),
Reverse DNS: tiger.valuetech.net
Software: Apache /
Resource Hash: 6a244e0d7f618b40f8b0723b6d8c6e684bf5e9324684ad01746368b097ddca5f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: ashercorpgc.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://ashercorpgc.com/press/Dirk/css/mainbd.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ashercorpgc.com/press/Dirk/css/mainbd.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Sun, 19 Feb 2017 23:37:05 GMT
Last-Modified: Tue, 12 Jan 2016 14:35:52 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 54312
Content-Type: image/jpeg

GET
H/1.1 200
OK G.drive-logo.png
ashercorpgc.com/press/Dirk/css/ 5 KB
5 KB 255ms
134ms Image
image/png 69.46.0.130
HIVELOCITY VENTUR...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ashercorpgc.com/press/Dirk/css/G.drive-logo.png
Requested by: Host: ashercorpgc.com
URL: http://ashercorpgc.com/press/Dirk/
Protocol: HTTP/1.1
Server: 69.46.0.130 Tampa, United States, ASN29802 (HVC-AS - HIVELOCITY VENTURES CORP, US),
Reverse DNS: tiger.valuetech.net
Software: Apache /
Resource Hash: c574195a8da72440ad1546d1f1a71e8c9e573bec685efd19786fe772457f3c9a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: ashercorpgc.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://ashercorpgc.com/press/Dirk/css/mainbd.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ashercorpgc.com/press/Dirk/css/mainbd.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Sun, 19 Feb 2017 23:37:05 GMT
Last-Modified: Tue, 12 Jan 2016 14:05:02 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 4739
Content-Type: image/png

GET
H/1.1 200
OK cdrive.png
ashercorpgc.com/press/Dirk/css/ 10 KB
10 KB 213ms
130ms Image
image/png 69.46.0.130
HIVELOCITY VENTUR...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ashercorpgc.com/press/Dirk/css/cdrive.png
Requested by: Host: ashercorpgc.com
URL: http://ashercorpgc.com/press/Dirk/
Protocol: HTTP/1.1
Server: 69.46.0.130 Tampa, United States, ASN29802 (HVC-AS - HIVELOCITY VENTURES CORP, US),
Reverse DNS: tiger.valuetech.net
Software: Apache /
Resource Hash: dfc1de71917676b8df24b7b114311a90d4f5e5aa51ad44de70b605927e394f68

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: ashercorpgc.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://ashercorpgc.com/press/Dirk/css/mainbd.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ashercorpgc.com/press/Dirk/css/mainbd.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Sun, 19 Feb 2017 23:37:05 GMT
Last-Modified: Tue, 12 Jan 2016 13:56:40 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 10739
Content-Type: image/png

GET
H/1.1 200
OK Gmll.png
ashercorpgc.com/press/Dirk/imgs/ 1 KB
1 KB 134ms
132ms Image
image/png 69.46.0.130
HIVELOCITY VENTUR...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ashercorpgc.com/press/Dirk/imgs/Gmll.png
Requested by: Host: ashercorpgc.com
URL: http://ashercorpgc.com/press/Dirk/
Protocol: HTTP/1.1
Server: 69.46.0.130 Tampa, United States, ASN29802 (HVC-AS - HIVELOCITY VENTURES CORP, US),
Reverse DNS: tiger.valuetech.net
Software: Apache /
Resource Hash: 0e95cbf733f41b43a1e2716643ad7ea8cd5fdfcb2eee2d038f4618c579bcaff7

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: ashercorpgc.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://ashercorpgc.com/press/Dirk/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ashercorpgc.com/press/Dirk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Sun, 19 Feb 2017 23:37:05 GMT
Last-Modified: Tue, 05 Jan 2016 19:00:10 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 1528
Content-Type: image/png

GET
H/1.1 200
OK ymll.png
ashercorpgc.com/press/Dirk/imgs/ 3 KB
3 KB 261ms
131ms Image
image/png 69.46.0.130
HIVELOCITY VENTUR...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ashercorpgc.com/press/Dirk/imgs/ymll.png
Requested by: Host: ashercorpgc.com
URL: http://ashercorpgc.com/press/Dirk/
Protocol: HTTP/1.1
Server: 69.46.0.130 Tampa, United States, ASN29802 (HVC-AS - HIVELOCITY VENTURES CORP, US),
Reverse DNS: tiger.valuetech.net
Software: Apache /
Resource Hash: 0b6c1e1b33c085efad5bdc32654ec90b4ddc934eb1c1aca71a439ff89867f468

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: ashercorpgc.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://ashercorpgc.com/press/Dirk/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ashercorpgc.com/press/Dirk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Sun, 19 Feb 2017 23:37:05 GMT
Last-Modified: Tue, 05 Jan 2016 19:00:32 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 2830
Content-Type: image/png

GET
H/1.1 200
OK live_outlook.png
ashercorpgc.com/press/Dirk/imgs/ 914 B
914 B 264ms
132ms Image
image/png 69.46.0.130
HIVELOCITY VENTUR...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ashercorpgc.com/press/Dirk/imgs/live_outlook.png
Requested by: Host: ashercorpgc.com
URL: http://ashercorpgc.com/press/Dirk/
Protocol: HTTP/1.1
Server: 69.46.0.130 Tampa, United States, ASN29802 (HVC-AS - HIVELOCITY VENTURES CORP, US),
Reverse DNS: tiger.valuetech.net
Software: Apache /
Resource Hash: 5e73d193aad921142e93169a28c45671f5b26cb92ee688c56742b4741fb432a5

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: ashercorpgc.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://ashercorpgc.com/press/Dirk/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ashercorpgc.com/press/Dirk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Sun, 19 Feb 2017 23:37:05 GMT
Last-Modified: Wed, 02 Mar 2016 23:56:20 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 914
Content-Type: image/png

GET
H/1.1 200
OK al.png
ashercorpgc.com/press/Dirk/imgs/ 1 KB
1 KB 259ms
130ms Image
image/png 69.46.0.130
HIVELOCITY VENTUR...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ashercorpgc.com/press/Dirk/imgs/al.png
Requested by: Host: ashercorpgc.com
URL: http://ashercorpgc.com/press/Dirk/
Protocol: HTTP/1.1
Server: 69.46.0.130 Tampa, United States, ASN29802 (HVC-AS - HIVELOCITY VENTURES CORP, US),
Reverse DNS: tiger.valuetech.net
Software: Apache /
Resource Hash: 1b5fe12e21a9d8ff78e007ecf9fa5a819947dc3e6ba7a0ca4951760d1c006adf

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: ashercorpgc.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://ashercorpgc.com/press/Dirk/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ashercorpgc.com/press/Dirk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Sun, 19 Feb 2017 23:37:05 GMT
Last-Modified: Tue, 05 Jan 2016 18:59:30 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 1183
Content-Type: image/png

GET
H/1.1 200
OK email.png
ashercorpgc.com/press/Dirk/imgs/ 3 KB
3 KB 263ms
132ms Image
image/png 69.46.0.130
HIVELOCITY VENTUR...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ashercorpgc.com/press/Dirk/imgs/email.png
Requested by: Host: ashercorpgc.com
URL: http://ashercorpgc.com/press/Dirk/
Protocol: HTTP/1.1
Server: 69.46.0.130 Tampa, United States, ASN29802 (HVC-AS - HIVELOCITY VENTURES CORP, US),
Reverse DNS: tiger.valuetech.net
Software: Apache /
Resource Hash: 73b1ce58fa539aab1d6d1424607c5ff60fc5e2f2c0becd3a776f7f4f8f3664b0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: ashercorpgc.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://ashercorpgc.com/press/Dirk/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ashercorpgc.com/press/Dirk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Sun, 19 Feb 2017 23:37:05 GMT
Last-Modified: Tue, 05 Jan 2016 19:01:38 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 2921
Content-Type: image/png

GET
H/1.1 200
OK favicon.ico
ashercorpgc.com/press/Dirk/ 6 KB
6 KB 268ms
134ms Other
image/x-icon 69.46.0.130
HIVELOCITY VENTUR...

General

Check archive.org

Show headers Download Go to

Full URL: http://ashercorpgc.com/press/Dirk/favicon.ico
Protocol: HTTP/1.1
Server: 69.46.0.130 Tampa, United States, ASN29802 (HVC-AS - HIVELOCITY VENTURES CORP, US),
Reverse DNS: tiger.valuetech.net
Software: Apache /
Resource Hash: a04c33d7c5aa98f3ba82edc2aa05c46c2af0c9c90d8617a92bca3a4f0fd3af8f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch
Host: ashercorpgc.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: http://ashercorpgc.com/press/Dirk/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ashercorpgc.com/press/Dirk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Response headers

Date: Sun, 19 Feb 2017 23:37:06 GMT
Last-Modified: Wed, 30 Dec 2015 17:41:40 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 6518
Content-Type: image/x-icon

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: GDrive and other (Online)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
ashercorpgc.com
cdnjs.cloudflare.com
code.jquery.com
2400:cb00:2048:1::6813:c466
69.46.0.130
93.184.221.200
94.31.29.54
0b6c1e1b33c085efad5bdc32654ec90b4ddc934eb1c1aca71a439ff89867f468
0e95cbf733f41b43a1e2716643ad7ea8cd5fdfcb2eee2d038f4618c579bcaff7
15f90f4f29aa82ae18420f2bebc4a440c59be8e443def22e8a55235c792c1186
1b5fe12e21a9d8ff78e007ecf9fa5a819947dc3e6ba7a0ca4951760d1c006adf
1e0354f8e6d9fc58fffbfc39d7a2599cfa5ef9a7b31fa200fbbb2551bcf29609
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
5e73d193aad921142e93169a28c45671f5b26cb92ee688c56742b4741fb432a5
5f563280ef3a437dc7ef3e57d40b54e855507dadb656cce1f80618ccf617f7d5
67521f8b6e44d10808f99fc7320fe448e447bfa51b90b9ffb7484091570202d8
6a244e0d7f618b40f8b0723b6d8c6e684bf5e9324684ad01746368b097ddca5f
73b1ce58fa539aab1d6d1424607c5ff60fc5e2f2c0becd3a776f7f4f8f3664b0
a04c33d7c5aa98f3ba82edc2aa05c46c2af0c9c90d8617a92bca3a4f0fd3af8f
a8ef28aa99eb5c11fd34afaba2a61943b3e4ca36f7b6af36fe7f4e787cb6473f
c574195a8da72440ad1546d1f1a71e8c9e573bec685efd19786fe772457f3c9a
dfc1de71917676b8df24b7b114311a90d4f5e5aa51ad44de70b605927e394f68
ee257520cf12a1b4e91c189f5e25bed3fcac9bbd0cce2a1dd7acca8e68b88270
f0f5373ad203101ea91bf826c5a7ef8f7cd74887f06bad2cb9277a504503b9e2
fe12442a5c7b231561d7e5c7fb3da22c1930db9b2665cf097deb455888d36a50

ashercorpgc.com Open in urlscan Pro 69.46.0.130 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

20 Requests

10 %HTTPS

25 %IPv6

4 Domains

4 Subdomains

4 IPs

3 Countries

302 kBTransfer

425 kBSize

0 Cookies

0 Outgoing links

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

0 Cookies

Indicators

ashercorpgc.com Open in urlscan Pro
69.46.0.130 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

10 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

302 kB
Transfer

425 kB
Size

0
Cookies

20 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!