Report - eu2.contabostorage.com/ba08be90a2aa43daad9c3bf50637ab72:gen/adobe/adobe.html

Report Overview

Submitted URL
eu2.contabostorage.com/ba08be90a2aa43daad9c3bf50637ab72:gen/adobe/adobe.html
IP
173.249.62.84
ASN
#51167 Contabo GmbH
Submitted
2024-05-09 12:28:01
Access
public
Website Title
Email Setting
Final URL
eu2.contabostorage.com/ba08be90a2aa43daad9c3bf50637ab72:gen/adobe/adobe.html
Tags
phishing suspicious
urlquery detections
Phishing - Generic phishing
Suspicious - Anti-debugging code

Detections

urlquery
6
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
eu2.contabostorage.com	unknown	2022-02-24	2022-03-14	2024-04-25	1.6 kB	46 kB	173.249.62.85
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-05-09	437 B	31 kB	142.250.74.170
zerossl.ocsp.sectigo.com	4049	2018-08-16	2020-05-09	2024-05-08	336 B	1.2 kB	104.18.38.233

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-05-07	medium	eu2.contabostorage.com/ba08be90a2aa43daad9c3bf50637ab72:gen/adobe/adobe.html	Generic/Spear Phishing

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (2)

	URL	Size	First Seen	Last Seen
	ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js	86 kB	2023-03-07	2024-05-20
Pretty URL ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-20 14:04:21 Times Seen394830 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

	eu2.contabostorage.com/ba08be90a2aa43daad9c3bf50637ab72:gen/adobe/adobe.html	3.8 kB	2024-05-07	2024-05-16
Pretty URL eu2.contabostorage.com/ba08be90a2aa43daad9c3bf50637ab72:gen/adobe/adobe.html IP 173.249.62.85 ASN #51167 Contabo GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-07 21:07:02 Last Seen2024-05-16 01:22:10 Times Seen7 Hash d6bb7c0d22cdd6f40d37d2fc6a5da7eb 81a038c0c6bd0919515eeb9550d3cc801373c9f0 4553affd0e9e7c417d629d9b671677a20e101c98ab8eda474e83fd1cd1d306e1 Loading...

HTTP Transactions (5)

URL IP Response Size

zerossl.ocsp.sectigo.com/

104.18.38.233

728 B

URL
zerossl.ocsp.sectigo.com/
IP
104.18.38.233:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
728 B (728 bytes)
Hash
944c2a63aa37c11e6529ad7485853fe2
dcc87bbadc9caf6ce253ed4c2c7c561cffb3c503
a4dae35beed4ef9a0aeaf300aa3c7cf3176784d2c191b56154ffe776f5f80b2f

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 09 May 2024 12:27:36 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Wed, 08 May 2024 12:56:01 GMT
Expires: Wed, 15 May 2024 12:56:00 GMT
Etag: "dcc87bbadc9caf6ce253ed4c2c7c561cffb3c503"
Cache-Control: max-age=520276,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 8811af407d2256ca-OSL

eu2.contabostorage.com/ba08be90a2aa43daad9c3bf50637ab72:gen/adobe/adobe.html

173.249.62.85

200 OK

4.2 kB

URL User Request GET HTTP/1.1
eu2.contabostorage.com/ba08be90a2aa43daad9c3bf50637ab72:gen/adobe/adobe.html
IP
173.249.62.85:443
ASN
#51167 Contabo GmbH

Certificate
IssuerZeroSSL
Subject*.contabostorage.com
Fingerprint46:07:3A:14:C1:19:FA:11:B8:F3:F1:B7:E9:61:9C:56:F5:A1:47:87
ValidityTue, 23 Apr 2024 00:00:00 GMT - Mon, 22 Jul 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
4.2 kB (4197 bytes)
Hash
48d52175bb66a5c190560e8087a2fe00
e0a0b39bd0e0156ba2e745b4f13161ec8dc80148
a8cb4ed04f06a1b2fe9752a4f807290fcf7264044d62dcd93496910ae4942770

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic phishing
urlquery	suspicious	Suspicious - Anti-debugging code
OpenPhish	phishing	Generic/Spear Phishing

HTTP Headers

GET /ba08be90a2aa43daad9c3bf50637ab72:gen/adobe/adobe.html HTTP/1.1
Host: eu2.contabostorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
ratelimit-limit: 250
ratelimit-remaining: 249
ratelimit-reset: 1
x-ratelimit-remaining-second: 249
x-ratelimit-limit-second: 250
server: nginx
date: Thu, 09 May 2024 12:27:36 GMT
last-modified: Tue, 07 May 2024 17:42:28 GMT
x-rgw-object-type: Normal
etag: W/"48d52175bb66a5c190560e8087a2fe00"
x-amz-request-id: tx00000e36e178f93e4f966-00663a6813-f9c9a0-default
x-proxy-cache: HIT
content-encoding: gzip
access-control-allow-origin: *
strict-transport-security: max-age=16000000; includeSubDomains; preload;

eu2.contabostorage.com/ba08be90a2aa43daad9c3bf50637ab72:gen/adobe/beegee.jpg

173.249.62.85

200 OK

41 kB

URL GET HTTP/1.1
eu2.contabostorage.com/ba08be90a2aa43daad9c3bf50637ab72:gen/adobe/beegee.jpg
IP
173.249.62.85:443
ASN
#51167 Contabo GmbH

Requested by
https://eu2.contabostorage.com/ba08be90a2aa43daad9c3bf50637ab72:gen/adobe/adobe.html
Certificate
IssuerZeroSSL
Subject*.contabostorage.com
Fingerprint46:07:3A:14:C1:19:FA:11:B8:F3:F1:B7:E9:61:9C:56:F5:A1:47:87
ValidityTue, 23 Apr 2024 00:00:00 GMT - Mon, 22 Jul 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1365x691, components 3
Size
41 kB (40774 bytes)
Hash
e59a81a40ad3fdfb1d64c11b71b1d90d
84ea360b12f24e99c22fb22bb645eada4c71f191
9f01ae299ba41e5b71e70424679f1c9829a28b326563d7a8dcee1c48d7deee9d

HTTP Headers

GET /ba08be90a2aa43daad9c3bf50637ab72:gen/adobe/beegee.jpg HTTP/1.1
Host: eu2.contabostorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eu2.contabostorage.com/ba08be90a2aa43daad9c3bf50637ab72:gen/adobe/adobe.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
content-type: image/jpeg
content-length: 40774
ratelimit-limit: 250
ratelimit-remaining: 248
ratelimit-reset: 1
x-ratelimit-remaining-second: 248
x-ratelimit-limit-second: 250
server: nginx
date: Thu, 09 May 2024 12:27:36 GMT
last-modified: Tue, 07 May 2024 17:39:21 GMT
x-rgw-object-type: Normal
etag: "e59a81a40ad3fdfb1d64c11b71b1d90d"
x-amz-request-id: tx000008f863f0b2f1338f0-00663a6813-fa3dd8-default
x-proxy-cache: HIT
accept-ranges: bytes
access-control-allow-origin: *
strict-transport-security: max-age=16000000; includeSubDomains; preload;

ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

142.250.74.170

200 OK

30 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://eu2.contabostorage.com/ba08be90a2aa43daad9c3bf50637ab72:gen/adobe/adobe.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
JavaScript source, ASCII text, with very long lines (32065)
Size
30 kB (30028 bytes)
Hash
2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

HTTP Headers

GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eu2.contabostorage.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 23:24:47 GMT
expires: Fri, 02 May 2025 23:24:47 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 565369
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

eu2.contabostorage.com/favicon.ico

173.249.62.85

401 Unauthorized

26 B

URL GET HTTP/1.1
eu2.contabostorage.com/favicon.ico
IP
173.249.62.85:443
ASN
#51167 Contabo GmbH

Requested by
https://eu2.contabostorage.com/ba08be90a2aa43daad9c3bf50637ab72:gen/adobe/adobe.html
Certificate
IssuerZeroSSL
Subject*.contabostorage.com
Fingerprint46:07:3A:14:C1:19:FA:11:B8:F3:F1:B7:E9:61:9C:56:F5:A1:47:87
ValidityTue, 23 Apr 2024 00:00:00 GMT - Mon, 22 Jul 2024 23:59:59 GMT

File type
JSON text data
Size
26 B (26 bytes)
Hash
6beba43f75111faeb2f4f15e3063e515
a658c7b65a35dbb258251e04fd160e3dbeae71bc
3e7db788e384631f8a9f299d1797e6f8af6d16d643a1c91f9e83ae15212de45c

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: eu2.contabostorage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eu2.contabostorage.com/ba08be90a2aa43daad9c3bf50637ab72:gen/adobe/adobe.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 401 Unauthorized
date: Thu, 09 May 2024 12:27:37 GMT
content-type: application/json; charset=utf-8
content-length: 26
access-control-allow-origin: *
strict-transport-security: max-age=16000000; includeSubDomains; preload;

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (5)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate