Overview

URL www.urls.sg/CS/cs.html
IP104.18.38.89
ASNAS13335 CloudFlare, Inc.
Location United States
Report completed2017-09-14 09:54:13 CEST
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2017-09-14 2 www.urls.sg/CS/cs.html Phishing
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 2 reports on IP: 104.18.38.89

Date UQ / IDS / BL URL IP
2017-09-13 08:58:28 +0200
0 - 0 - 2 urls.sg/cs/cs.html 104.18.38.89
2017-09-02 01:07:25 +0200
0 - 0 - 1 iphonepaintings.co.uk/ 104.18.38.89

Last 10 reports on ASN: AS13335 CloudFlare, Inc.

Date UQ / IDS / BL URL IP
2017-11-23 04:44:52 +0100
0 - 0 - 2 www.abeautyclub.com/vvp-confent/Execufives/@* 104.24.99.115
2017-11-23 04:43:22 +0100
0 - 0 - 1 https://lps.istream.link/thankyou/mac/index.h (...) 104.28.19.163
2017-11-23 04:36:18 +0100
0 - 0 - 0 https://waa.ai/zRxK?verify&secured=redirect 104.24.113.128
2017-11-23 04:34:58 +0100
0 - 1 - 0 degreeeaveelectioneagle.tk/8wQPJVBB4xTd50VeVl (...) 104.24.105.54
2017-11-23 04:32:33 +0100
0 - 3 - 0 decryptionassociationzephyrmarriage.tk/dl?n=M (...) 104.27.188.37
2017-11-23 04:27:48 +0100
0 - 0 - 3 factorio.bid/pc/new%20outlook/ 104.31.79.43
2017-11-23 04:21:31 +0100
0 - 0 - 2 www.onread.com/downloadprogramm/Harry-Potter- (...) 104.28.18.36
2017-11-23 04:21:15 +0100
0 - 2 - 0 kamil-chojnicki.pl/ 104.27.165.202
2017-11-23 04:15:53 +0100
0 - 0 - 1 kuaptrk.com/mt/v234x284b4r2u20344r2w244p2/ 104.16.86.74
2017-11-23 04:08:44 +0100
0 - 0 - 0 pastebin.com/raw.php?i=vtdgqQRD 104.20.209.21

No other reports on domain: urls.sg



JavaScript

Executed Scripts (1)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (8)


Request Response
                                        
                                            GET /CS/cs.html HTTP/1.1 
Host: www.urls.sg
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         104.18.39.89
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Thu, 14 Sep 2017 07:53:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d6884aa9bb138ce2ce8c74264b46832401505375600; expires=Fri, 14-Sep-18 07:53:20 GMT; path=/; domain=.urls.sg; HttpOnly
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Server: cloudflare-nginx
CF-RAY: 39e1c5a0158142a3-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2615
Md5:    7858b3a4a3a5ace79895b2d32211051f
Sha1:   c95bf0c4a9aba2cee88a3eb24ec9565d6309c3d4
Sha256: 27d997641cf60cd7e4664eaedf6ad5f8e6778701f71ebcd73aede12bf1051a93

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            POST /ocsp HTTP/1.1 
Host: clients1.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 14 Sep 2017 07:53:21 GMT
Expires: Mon, 18 Sep 2017 07:53:21 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    3c2a3ddfe5954fbc220dae41ca4e0d88
Sha1:   693d3d02dd63b4a1d3add1d61e52a6deff941ef0
Sha256: 22773b8dd806890eff2e592c0447649f4acb9d8e7245a6e8c831318572013a2e
                                        
                                            POST / HTTP/1.1 
Host: g.symcd.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         23.43.139.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx/1.10.2
Content-Length: 1390
Content-Transfer-Encoding: binary
Cache-Control: max-age=408880, public, no-transform, must-revalidate
Last-Modified: Tue, 12 Sep 2017 01:23:19 GMT
Expires: Tue, 19 Sep 2017 01:23:19 GMT
Date: Thu, 14 Sep 2017 07:53:21 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1390
Md5:    775de2be162f21ece95211dfbf378ff2
Sha1:   5aa3f54491214e417e128fcc1b70119c2135565c
Sha256: 69abd56429cfa8fb3a69c040242457ab25397237c94b2f46ea2ce7b1848d55fe
                                        
                                            GET /css?family=Montserrat HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.urls.sg/CS/cs.html

                                         
                                         216.58.211.138
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Thu, 14 Sep 2017 07:53:21 GMT
Date: Thu, 14 Sep 2017 07:53:21 GMT
Cache-Control: private, max-age=86400
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   213
Md5:    c2ee2e606f43fda085cc88e61ce3ede4
Sha1:   4269cbe6a38f3deb42974f38519f30a039062afa
Sha256: 99d4cad8482c2ee8630e776a99bf191f8983e9206bbb78b7ec3833f936bd8258
                                        
                                            GET /images/mojo-landing-bg.jpg HTTP/1.1 
Host: images.mojomarketplace.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.urls.sg/CS/cs.html

                                         
                                         54.230.96.65
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Content-Length: 30781
Connection: keep-alive
Date: Sun, 13 Nov 2016 04:37:27 GMT
Last-Modified: Wed, 24 Aug 2016 17:31:22 GMT
Etag: "c83842ae44dec87c2b8820913f82952a"
Accept-Ranges: bytes
Server: AmazonS3
Age: 1053
X-Cache: Hit from cloudfront
Via: 1.1 9e6a829fab539aea0c15afd27fd9d1ad.cloudfront.net (CloudFront)
X-Amz-Cf-Id: -1RjLT_YZO38v7MqTdrrsoO1lHqdjOVXrDAiAASsunJA2pvHYbSHvw==


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   30781
Md5:    c83842ae44dec87c2b8820913f82952a
Sha1:   a5cedb9fc51d6066e2317a411fa881d1f11978f6
Sha256: 17b26113939c6be0cd3e8c69c98c071295eb87db46fa297bfd448bff0d906d65
                                        
                                            POST /ocsp HTTP/1.1 
Host: clients1.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 14 Sep 2017 07:53:22 GMT
Expires: Mon, 18 Sep 2017 07:53:22 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    ba4fec5d5bb7c7d9dedff40621bfaa4c
Sha1:   e02cf59daec99c7ed15781824c3eee18241afa2c
Sha256: 8669760aab48934ce0c25c3bee6d88f04e7141ae8adbf0f949f09c4e8a1da9e7
                                        
                                            GET /s/montserrat/v10/zhcz-_WihjSQC0oHJ9TCYBsxEYwM7FgeyaSgU71cLG0.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://fonts.googleapis.com/css?family=Montserrat
Origin: http://www.urls.sg

                                         
                                         216.58.211.131
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 18800
Date: Mon, 04 Sep 2017 16:18:28 GMT
Expires: Tue, 04 Sep 2018 16:18:28 GMT
Last-Modified: Thu, 09 Feb 2017 01:12:56 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 833694
Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,35"


--- Additional Info ---
Magic:  data
Size:   18800
Md5:    b20cc131034316b1c85d0498fb9ed5c5
Sha1:   ac2cc2149094816f45d610f6d7097c4237ac607a
Sha256: d0701b4b784dd0fa0c69a6d5ce17c785afa4465e53cab2e8262cd62ecd60cbf8
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.urls.sg
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=d6884aa9bb138ce2ce8c74264b46832401505375600

                                         
                                         104.18.39.89
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Date: Thu, 14 Sep 2017 07:53:22 GMT
Content-Length: 0
Connection: keep-alive
Last-Modified: Fri, 27 Sep 2013 12:46:29 GMT
CF-Cache-Status: REVALIDATED
Vary: Accept-Encoding
Expires: Thu, 21 Sep 2017 07:53:22 GMT
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
Server: cloudflare-nginx
CF-RAY: 39e1c5acd08b42a3-OSL


--- Additional Info ---