Report - btvoice.simdif.com/

Report Overview

Submitted URL
btvoice.simdif.com/
IP
178.33.66.216
ASN
#16276 OVH SAS
Submitted
2024-05-07 17:25:08
Access
public
Website Title
BT
Final URL
btvoice.simdif.com/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
32

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-07	931 B	20 kB	142.250.74.106
btvoice.simdif.com	unknown	unknown	No data	No data	3.8 kB	119 kB	178.33.66.216
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-05-06	1.3 kB	97 kB	104.17.25.14
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-05-07	425 B	88 kB	142.250.74.168
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-07	1.6 kB	54 kB	142.250.74.99

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-05-07	medium	btvoice.simdif.com/	BT Group plc
2024-05-07	medium	btvoice.simdif.com/	BT Group plc
2024-05-07	medium	btvoice.simdif.com/	BT Group plc
2024-05-07	medium	btvoice.simdif.com/	BT Group plc
2024-05-07	medium	btvoice.simdif.com/	BT Group plc
2024-05-07	medium	btvoice.simdif.com/	BT Group plc
2024-05-07	medium	btvoice.simdif.com/	BT Group plc
2024-05-07	medium	btvoice.simdif.com/	BT Group plc

PhishTank

Scan Date	Severity	Indicator	Alert
2024-05-07	medium	btvoice.simdif.com/	Other
2024-05-07	medium	btvoice.simdif.com/images/th/sd_6639d7fa2986e.png?no_cache=1715074083	Other
2024-05-07	medium	btvoice.simdif.com/js/sd_js.js	Other
2024-05-07	medium	btvoice.simdif.com/css/sd_style.css	Other
2024-05-07	medium	btvoice.simdif.com/img/preset/header/sd_20180413053520.jpg?no_cache=1511171054	Other
2024-05-07	medium	btvoice.simdif.com/sd_tracking.php	Other
2024-05-07	medium	btvoice.simdif.com/fonts/sdv2/SDV2.woff2?lworh0	Other
2024-05-07	medium	btvoice.simdif.com/img/preset/favicon_publish/favicon_000.ico?no_cache=1552291834	Other

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (6)

	URL	Size	First Seen	Last Seen
	unknown	16 B	2023-04-10	2024-05-19
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-10 15:57:29 Last Seen2024-05-19 16:02:42 Times Seen35635 Hash 7c3c3ddeb80438dcbb3d081d2d00e152 5a4016732ee72ec77b4f6ab17047bcea6d2ea34d 321b4f657afbf8ba49518e6ab4cbad07ea967d0b4c68f71c7deed05ed09c1187 Loading...

	btvoice.simdif.com/	319 B	2024-05-07	2024-05-07
Pretty URL btvoice.simdif.com/ IP 178.33.66.216 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-07 19:25:14 Last Seen2024-05-07 19:25:14 Times Seen1 Hash c161c2aef2e3fcf3e325593929c02cf5 0c551c828c53b8b5691cfc341dd1da02b15c5b6d 25a01506793ede04e6d8daf808a1431d93fc200b6817ad6e67b88ad258fedad6 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js	97 kB	2023-03-07	2024-05-19
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-05-19 15:48:25 Times Seen119938 Hash 4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Loading...

	cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js	254 kB	2023-03-07	2024-05-19
Pretty URL cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:34 Last Seen2024-05-19 15:39:56 Times Seen7327 Hash c15b1008dec3c8967ea657a7bb4baaec 78489e580adaef931e6e5b131dab556c397e4a1a 28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3 Loading...

	btvoice.simdif.com/js/sd_js.js	54 kB	2024-05-07	2024-05-08
Pretty URL btvoice.simdif.com/js/sd_js.js IP 178.33.66.216 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 19:25:14 Last Seen2024-05-08 17:52:33 Times Seen4 Hash bc90322853dd71d3814f67a42cccb6af 6daaf8396efab5377e00b3767d4e71411b4d945a 899d5233eb00c989afd9275e2e357581fb73ab3000c507ef0f95ae176cff459c Loading...

	www.googletagmanager.com/gtag/js?id=G-QJXQYKFDLK	246 kB	2024-05-07	2024-05-07
Pretty URL www.googletagmanager.com/gtag/js?id=G-QJXQYKFDLK IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 19:25:14 Last Seen2024-05-07 19:25:14 Times Seen2 Hash c50be299c8a6dd4264503452862509f7 ffb64d63eb52c8586ab4fb7c40ec60108584906b 68fe00323e2e46b96d4f9ef41a10ed829fcf03712e8b2fd5d0dbc67b69fc7a22 Loading...

HTTP Transactions (17)

URL IP Response Size

btvoice.simdif.com/

178.33.66.216

200 OK

16 kB

URL User Request GET HTTP/2
btvoice.simdif.com/
IP
178.33.66.216:443
ASN
#16276 OVH SAS

Certificate
IssuerGandi
Subject*.simdif.com
FingerprintD2:B6:88:3E:E6:A1:54:15:CF:28:B6:A4:DD:6A:53:48:65:49:B5:CC
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 11 May 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (63739)
Size
16 kB (16352 bytes)
Hash
9615d3778a2c62336952b252bc4d0718
569b81e3bde8c2d5692f2895a7a45159c10aff12
1e0e3874c8490d1bc3f74d42f72f5126b6967c9f0a41edda89f9cae81de7d1be

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BT Group plc
PhishTank	phishing	Other

HTTP Headers

GET / HTTP/1.1
Host: btvoice.simdif.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 17:24:41 GMT
server: Apache
x-frame-options: SAMEORIGIN
last-modified: Tue, 07 May 2024 13:25:17 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-xss-protection: 1; mode=block
cache-control: no-cache
content-length: 16352
content-type: text/html
strict-transport-security: max-age=31536000;
X-Firefox-Spdy: h2

btvoice.simdif.com/images/th/sd_6639d7fa2986e.png?no_cache=1715074083

178.33.66.216

200 OK

17 kB

URL GET HTTP/2
btvoice.simdif.com/images/th/sd_6639d7fa2986e.png?no_cache=1715074083
IP
178.33.66.216:443
ASN
#16276 OVH SAS

Requested by
https://btvoice.simdif.com/
Certificate
IssuerGandi
Subject*.simdif.com
FingerprintD2:B6:88:3E:E6:A1:54:15:CF:28:B6:A4:DD:6A:53:48:65:49:B5:CC
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 11 May 2025 23:59:59 GMT

File type
PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced
Size
17 kB (16945 bytes)
Hash
b72b09b2a06772c21b52f0868b3468d1
d274a189bca41b595d8b731dc9c2a1b0ab30d108
3700a11dad9eb6c97bcb44c9c3d57cc33ae13c04706ee6339e951490ce26783d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BT Group plc
PhishTank	phishing	Other

HTTP Headers

GET /images/th/sd_6639d7fa2986e.png?no_cache=1715074083 HTTP/1.1
Host: btvoice.simdif.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btvoice.simdif.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 07 May 2024 17:23:32 GMT
server: Apache
x-frame-options: SAMEORIGIN
last-modified: Tue, 07 May 2024 13:25:17 GMT
accept-ranges: bytes
content-length: 16945
x-xss-protection: 1; mode=block
cache-control: private, max-age=86400
content-type: image/png
strict-transport-security: max-age=31536000;
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js

104.17.25.14

200 OK

30 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://btvoice.simdif.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32077)
Size
30 kB (30360 bytes)
Hash
4f252523d4af0b478c810c2547a63e19
5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

HTTP Headers

GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btvoice.simdif.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 17:24:41 GMT
content-type: application/javascript; charset=utf-8
content-length: 30360
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-17b8b"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 502620
expires: Sun, 27 Apr 2025 17:24:41 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2o%2Fv%2FNQK4ieLfLbgU9e6VTMXibeH0Fa3nvGGt%2F0lRQ30otYqNuTzOdTtErd85D7gx9lkhKju%2F3cq9Sgg97VBPnDdTsDQUqtRnCCmtBgZlu0Nh7XRSildj9WZiIkIUeui3cjrQu3Y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8802e7b26b3fb4ed-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js

104.17.25.14

200 OK

57 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://btvoice.simdif.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32074)
Size
57 kB (57137 bytes)
Hash
c15b1008dec3c8967ea657a7bb4baaec
78489e580adaef931e6e5b131dab556c397e4a1a
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3

HTTP Headers

GET /ajax/libs/jqueryui/1.12.1/jquery-ui.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btvoice.simdif.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 17:24:42 GMT
content-type: application/javascript; charset=utf-8
content-length: 57137
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-3dee5"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 594758
expires: Sun, 27 Apr 2025 17:24:42 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7kUCYsNF5eb144ZSLbHawo9v69ko4ISGLLrfTk9ef%2FXA0D0oV0emWhcifNMa9CbiSexfmRzrnSdO3R4jtqyjlAo7u%2Fj%2FeDcAgoaNUz3AEWGatPb%2BCgfZyEVc56Gl4PPO7E91WuLy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8802e7b26b50b4ed-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

btvoice.simdif.com/js/sd_js.js

178.33.66.216

200 OK

16 kB

URL GET HTTP/2
btvoice.simdif.com/js/sd_js.js
IP
178.33.66.216:443
ASN
#16276 OVH SAS

Requested by
https://btvoice.simdif.com/
Certificate
IssuerGandi
Subject*.simdif.com
FingerprintD2:B6:88:3E:E6:A1:54:15:CF:28:B6:A4:DD:6A:53:48:65:49:B5:CC
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 11 May 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (30157)
Size
16 kB (16045 bytes)
Hash
bc90322853dd71d3814f67a42cccb6af
6daaf8396efab5377e00b3767d4e71411b4d945a
899d5233eb00c989afd9275e2e357581fb73ab3000c507ef0f95ae176cff459c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BT Group plc
PhishTank	phishing	Other

HTTP Headers

GET /js/sd_js.js HTTP/1.1
Host: btvoice.simdif.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btvoice.simdif.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 07 May 2024 17:23:32 GMT
server: Apache
x-frame-options: SAMEORIGIN
last-modified: Tue, 07 May 2024 13:25:17 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-xss-protection: 1; mode=block
cache-control: private, max-age=86400
content-length: 16045
content-type: application/javascript
strict-transport-security: max-age=31536000;
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.css

104.17.25.14

200 OK

6.7 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://btvoice.simdif.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (29137)
Size
6.7 kB (6740 bytes)
Hash
0b5729a931d113be34b6fac13bcf5b29
88ba90d2d2944315afd28a706ee5715ed980c634
ac1c8f94750b39b12327a5d0c56fdf946dabfb6d91e5d2a202879ff9a5d67e29

HTTP Headers

GET /ajax/libs/jqueryui/1.12.1/jquery-ui.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btvoice.simdif.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 17:24:42 GMT
content-type: text/css; charset=utf-8
content-length: 6740
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-7d4c"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 600381
expires: Sun, 27 Apr 2025 17:24:42 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QYuNtgukd%2FIAl4Lk5zwWh1m89kkLZros5fStFqL9IBTifjZHp2Kt7bAdfJtJ6akbwDZhlI5U25TF4%2BkEirtF%2BbrO6bh1LNQmXDnUJvj6ewJ5bku%2BIfMi4SYMNNLiEHl%2BxLBR7ygR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8802e7b38ef7b4eb-OSL
alt-svc: h3=":443"; ma=86400

btvoice.simdif.com/css/sd_style.css

178.33.66.216

200 OK

4.8 kB

URL GET HTTP/2
btvoice.simdif.com/css/sd_style.css
IP
178.33.66.216:443
ASN
#16276 OVH SAS

Requested by
https://btvoice.simdif.com/
Certificate
IssuerGandi
Subject*.simdif.com
FingerprintD2:B6:88:3E:E6:A1:54:15:CF:28:B6:A4:DD:6A:53:48:65:49:B5:CC
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 11 May 2025 23:59:59 GMT

File type
ASCII text, with very long lines (22255)
Size
4.8 kB (4806 bytes)
Hash
0ec5afed7488ca80785ebbacac33b182
69b4c47a56c1e4b1e8fde0d3c59aeec02e0da9fb
3d90bf12a0b7811c6335ab63e51b31ca7a473794f7c8203001c9ab909b9df356

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BT Group plc
PhishTank	phishing	Other

HTTP Headers

GET /css/sd_style.css HTTP/1.1
Host: btvoice.simdif.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btvoice.simdif.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 07 May 2024 17:24:42 GMT
server: Apache
x-frame-options: SAMEORIGIN
last-modified: Tue, 07 May 2024 13:25:17 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-xss-protection: 1; mode=block
cache-control: private, max-age=86400
content-length: 4806
content-type: text/css
strict-transport-security: max-age=31536000;
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-QJXQYKFDLK

142.250.74.168

200 OK

88 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-QJXQYKFDLK
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://btvoice.simdif.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (5955)
Size
88 kB (87624 bytes)
Hash
c50be299c8a6dd4264503452862509f7
ffb64d63eb52c8586ab4fb7c40ec60108584906b
68fe00323e2e46b96d4f9ef41a10ed829fcf03712e8b2fd5d0dbc67b69fc7a22

HTTP Headers

GET /gtag/js?id=G-QJXQYKFDLK HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btvoice.simdif.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 17:24:42 GMT
expires: Tue, 07 May 2024 17:24:42 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 87624
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

btvoice.simdif.com/img/preset/header/sd_20180413053520.jpg?no_cache=1511171054

178.33.66.216

200 OK

29 kB

URL GET HTTP/2
btvoice.simdif.com/img/preset/header/sd_20180413053520.jpg?no_cache=1511171054
IP
178.33.66.216:443
ASN
#16276 OVH SAS

Requested by
https://btvoice.simdif.com/
Certificate
IssuerGandi
Subject*.simdif.com
FingerprintD2:B6:88:3E:E6:A1:54:15:CF:28:B6:A4:DD:6A:53:48:65:49:B5:CC
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 11 May 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 1120x373, components 3
Size
29 kB (29396 bytes)
Hash
b4bca3743fde17f84e401307e17b56fc
409726ac09dc0af6f5cb54fe0cdefe787097470d
c6c0db1787b7fdd8edbd6cf0b06a8b7c6490005d3e912f3faa155197ee8b353c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BT Group plc
PhishTank	phishing	Other

HTTP Headers

GET /img/preset/header/sd_20180413053520.jpg?no_cache=1511171054 HTTP/1.1
Host: btvoice.simdif.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btvoice.simdif.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 07 May 2024 17:24:42 GMT
server: Apache
x-frame-options: SAMEORIGIN
last-modified: Mon, 04 Mar 2024 05:03:02 GMT
accept-ranges: bytes
content-length: 29396
x-xss-protection: 1; mode=block
cache-control: private, max-age=86400
content-type: image/jpeg
strict-transport-security: max-age=31536000;
X-Firefox-Spdy: h2

btvoice.simdif.com/sd_tracking.php

178.33.66.216

200 OK

148 B

URL GET HTTP/2
btvoice.simdif.com/sd_tracking.php
IP
178.33.66.216:443
ASN
#16276 OVH SAS

Requested by
https://btvoice.simdif.com/
Certificate
IssuerGandi
Subject*.simdif.com
FingerprintD2:B6:88:3E:E6:A1:54:15:CF:28:B6:A4:DD:6A:53:48:65:49:B5:CC
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 11 May 2025 23:59:59 GMT

File type
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced
Size
148 B (148 bytes)
Hash
66472b65128654900781a13b8443f407
fd96df3ac2c33cfbc895ce66565665d05fa1c82e
2fadcd3657f85f3145cbaa40f05e41e7b063df658a0015a42f16a9cb0ff675f2

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BT Group plc
PhishTank	phishing	Other

HTTP Headers

GET /sd_tracking.php HTTP/1.1
Host: btvoice.simdif.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btvoice.simdif.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 07 May 2024 17:23:32 GMT
server: Apache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 148
content-type: image/png
strict-transport-security: max-age=31536000;
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.99

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://btvoice.simdif.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://btvoice.simdif.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 06:08:19 GMT
expires: Sat, 03 May 2025 06:08:19 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 386183
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.99

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://btvoice.simdif.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://btvoice.simdif.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 May 2024 10:46:32 GMT
expires: Wed, 07 May 2025 10:46:32 GMT
cache-control: public, max-age=31536000
age: 23890
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

btvoice.simdif.com/fonts/sdv2/SDV2.woff2?lworh0

178.33.66.216

200 OK

27 kB

URL GET HTTP/2
btvoice.simdif.com/fonts/sdv2/SDV2.woff2?lworh0
IP
178.33.66.216:443
ASN
#16276 OVH SAS

Requested by
https://btvoice.simdif.com/
Certificate
IssuerGandi
Subject*.simdif.com
FingerprintD2:B6:88:3E:E6:A1:54:15:CF:28:B6:A4:DD:6A:53:48:65:49:B5:CC
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 11 May 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 26668, version 1.0
Size
27 kB (26668 bytes)
Hash
d8701c1069cd09f6c720479f34aeca43
39dc0dde1c6043136fc0835e7fc0a515018af418
db3f6f7cae71fd291bedd2b704bcdf958b2ef3d5de6350521c1c317a4d5a70e2

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BT Group plc
PhishTank	phishing	Other

HTTP Headers

GET /fonts/sdv2/SDV2.woff2?lworh0 HTTP/1.1
Host: btvoice.simdif.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://btvoice.simdif.com/css/sd_style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 07 May 2024 17:24:42 GMT
server: Apache
x-frame-options: SAMEORIGIN
last-modified: Mon, 04 Mar 2024 05:03:02 GMT
accept-ranges: bytes
content-length: 26668
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000;
X-Firefox-Spdy: h2

fonts.gstatic.com/s/mavenpro/v36/7Au9p_AqnyWWAxW2Wk3GzWQI.woff2

142.250.74.99

200 OK

20 kB

URL GET HTTP/2
fonts.gstatic.com/s/mavenpro/v36/7Au9p_AqnyWWAxW2Wk3GzWQI.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://btvoice.simdif.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 20064, version 1.0
Size
20 kB (20064 bytes)
Hash
06ad8b0a4d45dbe6b69e265e3d9cf72c
5ac50900659c9d0944a070943fae169d2d7f5101
8adeed9f90d6d8d483a208f54d5733a0336ee6888436fe8e2e5fb1c41433eaec

HTTP Headers

GET /s/mavenpro/v36/7Au9p_AqnyWWAxW2Wk3GzWQI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://btvoice.simdif.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20064
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 05:06:47 GMT
expires: Sat, 03 May 2025 05:06:47 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 11 Apr 2024 18:32:51 GMT
content-type: font/woff2
age: 389875
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

btvoice.simdif.com/img/preset/favicon_publish/favicon_000.ico?no_cache=1552291834

178.33.66.216

200 OK

5.9 kB

URL GET HTTP/2
btvoice.simdif.com/img/preset/favicon_publish/favicon_000.ico?no_cache=1552291834
IP
178.33.66.216:443
ASN
#16276 OVH SAS

Requested by
https://btvoice.simdif.com/
Certificate
IssuerGandi
Subject*.simdif.com
FingerprintD2:B6:88:3E:E6:A1:54:15:CF:28:B6:A4:DD:6A:53:48:65:49:B5:CC
ValidityMon, 22 Apr 2024 00:00:00 GMT - Sun, 11 May 2025 23:59:59 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
5.9 kB (5865 bytes)
Hash
d7a044f8df05c8a895c4c1a17caa2804
ec2382256458ede4260038f417bf7e62dc3f76da
556a2c52ecfe886c51a416d8d1b4b41ec7cfdf99edf275d3068266357b2f59ff

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	BT Group plc
PhishTank	phishing	Other

HTTP Headers

GET /img/preset/favicon_publish/favicon_000.ico?no_cache=1552291834 HTTP/1.1
Host: btvoice.simdif.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btvoice.simdif.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 07 May 2024 17:23:33 GMT
server: Apache
x-frame-options: SAMEORIGIN
last-modified: Mon, 04 Mar 2024 05:03:02 GMT
accept-ranges: bytes
content-length: 5865
x-xss-protection: 1; mode=block
cache-control: private, max-age=86400
content-type: image/vnd.microsoft.icon
strict-transport-security: max-age=31536000;
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900&display=swap

142.250.74.106

200 OK

14 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://btvoice.simdif.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text
Size
14 kB (14029 bytes)
Hash
9c12b57a25710853b762d48b28545b5c
57a79d40792f42232b317bd9529c98efa29fc315
35ae53cd6f0cde71e622f6e54dc576bb82ffab56c9e41b1298f932eebf963eb9

HTTP Headers

GET /css?family=Roboto:100,300,400,500,700,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btvoice.simdif.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 17:24:42 GMT
date: Tue, 07 May 2024 17:24:42 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Maven+Pro:400,500,700,900&display=swap

142.250.74.106

200 OK

4.8 kB

URL GET HTTP/3
fonts.googleapis.com/css?family=Maven+Pro:400,500,700,900&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://btvoice.simdif.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (4872), with no line terminators
Size
4.8 kB (4764 bytes)
Hash
076d7f0f464591532da912c6d2f9b418
e094f54972ef70920534594d6ef09aad5781a0e5
652ca17d54f1e4f9f0795e1a1774b64948e05055c577136e7e1ca79a641f0c92

HTTP Headers

GET /css?family=Maven+Pro:400,500,700,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btvoice.simdif.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 17:24:42 GMT
date: Tue, 07 May 2024 17:24:42 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (6)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (17)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate