Report - sjsu.campusesp.com/t/1950851/ec?c=ed3aaf3c&redir=https://bb.ypmm5.ru.com/new/cNTkE/bWlrZS5zaGFpbkB1YnMuY29t

Report Overview

Submitted URL
sjsu.campusesp.com/t/1950851/ec?c=ed3aaf3c&redir=https://bb.ypmm5.ru.com/new/cNTkE/bWlrZS5zaGFpbkB1YnMuY29t
IP
143.204.55.89
ASN
#16509 AMAZON-02
Submitted
2024-05-07 12:51:16
Access
public
Website Title
UBS
Final URL
cloudflare-ipfs.com/ipfs/bafybeifjrwtj3v3chuwxknvikbsd327wiwvfvxgykydog5k34f426s53le/ama-num.html#mike.shain@ubs.com
Tags
phishing
urlquery detections
Phishing - Generic phishing

Detections

urlquery
2
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cloudflare-ipfs.com	75147	2018-05-30	2021-01-20	2024-03-15	1.8 kB	499 kB	104.17.96.13
t1.gstatic.com	unknown	2008-02-11	2013-05-07	2024-05-06	506 B	1.2 kB	142.250.74.164
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21	2024-05-06	676 B	1.9 kB	143.204.53.97
sjsu.campusesp.com	unknown	2013-11-08	2022-06-08	2023-11-08	269 B	566 B	143.204.55.89
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-05-07	434 B	31 kB	142.250.74.138
www.google.com	7	1997-09-15	2015-05-10	2024-03-23	448 B	815 B	142.250.74.164
ubs.com	16524	1993-02-15	2017-02-02	2024-04-24	499 B	606 B	193.134.111.71
www.ubs.com	79881	1993-02-15	2012-07-02	2024-04-24	1.5 kB	22 kB	104.110.26.106
bb.ypmm5.ru.com	unknown	unknown	No data	No data	504 B	326 B	109.123.230.85
stackpath.bootstrapcdn.com	2467	2012-05-25	2018-06-15	2024-05-06	440 B	18 kB	104.18.11.207

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

Scan Date	Severity	Indicator	Alert
2023-05-02	medium	cloudflare-ipfs.com/favicon.ico	Other
2023-05-02	medium	cloudflare-ipfs.com/ipfs/bafybeifjrwtj3v3chuwxknvikbsd327wiwvfvxgykydog5k34f426s53le/ama-num.html	Other
2023-05-02	medium	cloudflare-ipfs.com/ipfs/bafybeifjrwtj3v3chuwxknvikbsd327wiwvfvxgykydog5k34f426s53le/ama-num.html	Other

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (3)

	URL	Size	First Seen	Last Seen
	stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js	51 kB	2023-03-07	2024-05-19
Pretty URL stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js IP 104.18.11.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-05-19 16:22:13 Times Seen249882 Hash 67176c242e1bdc20603c878dee836df3 27a71b00383d61ef3c489326b3564d698fc1227c 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4 Loading...

	cloudflare-ipfs.com/ipfs/bafybeifjrwtj3v3chuwxknvikbsd327wiwvfvxgykydog5k34f426s53le/ama-num.html#mike.shain@ubs.com	4.4 kB	2024-05-07	2024-05-07
Pretty URL cloudflare-ipfs.com/ipfs/bafybeifjrwtj3v3chuwxknvikbsd327wiwvfvxgykydog5k34f426s53le/ama-num.html#mike.shain@ubs.com IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-07 08:58:26 Last Seen2024-05-07 14:51:23 Times Seen4 Hash 95de8aa260dd31d2dd7f5ff6283e223c 0c2ba4ff21db7312caf141030d99315333d0df68 ed7f268167d34cb9b4dc2e74043cb1841096ead87788fe3d2da135f23ea3068f Loading...

	ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js	86 kB	2023-03-07	2024-05-19
Pretty URL ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-19 16:33:02 Times Seen394443 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

HTTP Transactions (15)

URL IP Response Size

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
00b3cca9f944b2d9f18f931d9374672c
197492a7734dd15cdbaa9520cc408fe3d5fa480e
77f0185074b1fa5cfc25e13505d494243200e0bba8c309bf41adf7316e130bbc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 07 May 2024 12:50:50 GMT
Last-Modified: Tue, 07 May 2024 12:29:38 GMT
Server: ECAcc (ska/F69C)
X-Cache: Miss from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mVcTyVKl5rwvqOb3-V8p21Y3jgHr--Er7AzOO0XFoMR2s7qxFDmkTg==
Age: 1273

sjsu.campusesp.com/

143.204.55.89

167 B

URL
sjsu.campusesp.com/
IP
143.204.55.89:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d

HTTP Headers

GET / HTTP/1.1
Host: sjsu.campusesp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Tue, 07 May 2024 12:50:53 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://sjsu.campusesp.com/
X-Cache: Redirect from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: o2eATHYhY_sCp811ca_5rjA78CZtsMyoz46UkK4VcxeDBmnh-njF4w==

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
81c7d875a9f86dfd2341ac572e397388
a1112b05173546cb3abf4d97ab0126ef1eea9ce5
5e1a0ca8a495e2716dfad03e054e44c0c06ca4728ec75475b3487cdf6dea88c2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 07 May 2024 12:50:53 GMT
Last-Modified: Tue, 07 May 2024 11:25:08 GMT
Server: ECAcc (amb/6AE7)
X-Cache: Miss from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: nDpbPg4YiU7r6KPFWFbRta6ZksI1OncltkeaHI0E4V3iRYU4x0vN_Q==
Age: 5145

bb.ypmm5.ru.com/new/cNTkE/bWlrZS5zaGFpbkB1YnMuY29t

109.123.230.85

0 B

URL
bb.ypmm5.ru.com/new/cNTkE/bWlrZS5zaGFpbkB1YnMuY29t
IP
109.123.230.85:0
ASN
#141995 Contabo Asia Private Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /new/cNTkE/bWlrZS5zaGFpbkB1YnMuY29t HTTP/1.1
Host: bb.ypmm5.ru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 12:50:57 GMT
Server: Apache
refresh: 0;url=https://cloudflare-ipfs.com/ipfs/bafybeifjrwtj3v3chuwxknvikbsd327wiwvfvxgykydog5k34f426s53le/ama-num.html#mike.shain@ubs.com
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

104.18.11.207

200 OK

17 kB

URL GET HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeifjrwtj3v3chuwxknvikbsd327wiwvfvxgykydog5k34f426s53le/ama-num.html#mike.shain@ubs.com
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
JavaScript source, ASCII text, with very long lines (50758)
Size
17 kB (16840 bytes)
Hash
67176c242e1bdc20603c878dee836df3
27a71b00383d61ef3c489326b3564d698fc1227c
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

HTTP Headers

GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 12:50:59 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-cachedat: 11/15/2021 23:30:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: a35b0179a28ed953258d0fb41376a09c
cdn-cache: HIT
cf-cache-status: HIT
age: 578340
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 880156c189881c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

142.250.74.138

200 OK

30 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeifjrwtj3v3chuwxknvikbsd327wiwvfvxgykydog5k34f426s53le/ama-num.html#mike.shain@ubs.com
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
JavaScript source, ASCII text, with very long lines (32065)
Size
30 kB (30028 bytes)
Hash
2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

HTTP Headers

GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 23:24:47 GMT
expires: Fri, 02 May 2025 23:24:47 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 393972
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cloudflare-ipfs.com/favicon.ico

104.17.96.13

404 Not Found

14 B

URL GET HTTP/3
cloudflare-ipfs.com/favicon.ico
IP
104.17.96.13:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeifjrwtj3v3chuwxknvikbsd327wiwvfvxgykydog5k34f426s53le/ama-num.html#mike.shain@ubs.com
Certificate
IssuerLet's Encrypt
Subjectcloudflare-ipfs.com
FingerprintAF:BC:14:E3:55:D9:D8:F0:3C:8E:26:A0:4E:4A:C8:E6:13:58:A0:59
ValidityWed, 24 Apr 2024 02:22:22 GMT - Tue, 23 Jul 2024 02:22:21 GMT

File type
ASCII text, with no line terminators
Size
14 B (14 bytes)
Hash
d0fbda9855d118740f1105334305c126
bc3023b36063a7681db24681472b54fa11f0d4ec
a469ab4ca4e55bf547566e9ebfa1b809c933207e9d558156bc0c4252b17533fe

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Other

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: cloudflare-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/ipfs/bafybeifjrwtj3v3chuwxknvikbsd327wiwvfvxgykydog5k34f426s53le/ama-num.html
Cookie: __cf_bm=S29PUwHVGeXLIRgtauMhorSrrnLb1V8majx9J3BoYlM-1715086259-1.0.1.1-CqpjcCglyp2Cv6coI6aqTT5CZVqG2WqUpq_.TxDJWBDlHhcOwaMfK_mnzifBaKF2eLHvr10UeV6BfxQQHEYBIA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Tue, 07 May 2024 12:50:59 GMT
content-type: text/plain;charset=UTF-8
content-length: 14
vary: Accept-Encoding
server: cloudflare
cf-ray: 880156c3dc87b523-OSL
alt-svc: h3=":443"; ma=86400

www.google.com/s2/favicons?domain=https://ubs.com

142.250.74.164

301 Moved Permanently

328 B

URL GET HTTP/2
www.google.com/s2/favicons?domain=https://ubs.com
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeifjrwtj3v3chuwxknvikbsd327wiwvfvxgykydog5k34f426s53le/ama-num.html#mike.shain@ubs.com
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintC6:A2:DC:31:5A:53:FA:DD:55:71:A3:F4:DD:43:3D:16:71:B8:B3:99
ValidityTue, 16 Apr 2024 04:20:32 GMT - Tue, 09 Jul 2024 04:20:31 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
328 B (328 bytes)
Hash
117d65fa39592da576f739979eeb33db
4dcd23a16bf20e01724f2ca0738790b5f5d768e2
2044a5b201ad16823bd018d1875594c448252788e137e8f3af3bf0b48af12bfc

HTTP Headers

GET /s2/favicons?domain=https://ubs.com HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://ubs.com&size=16
x-content-type-options: nosniff
server: sffe
content-length: 328
x-xss-protection: 0
date: Tue, 07 May 2024 12:49:10 GMT
expires: Tue, 07 May 2024 13:19:10 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 109
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ubs.com/

193.134.111.71

302 Found

293 B

URL GET HTTP/2
ubs.com/
IP
193.134.111.71:443
ASN
#8883 UBS AG

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeifjrwtj3v3chuwxknvikbsd327wiwvfvxgykydog5k34f426s53le/ama-num.html#mike.shain@ubs.com
Certificate
IssuerDigiCert Inc
Subjectptr.ubs.com
Fingerprint0D:7D:FE:CC:78:D8:0C:5E:75:B0:E5:9D:B2:B3:4E:80:E9:6D:15:B3
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
HTML document, ASCII text
Size
293 B (293 bytes)
Hash
d291218bfed4c39071c355faf8a26da3
2057496bfd364c4e8968b069c8710bd914ea8831
e4926d17be45a9d94028a7b19d06fe0e6b5dd61201964655c49639c54a6dcc69

HTTP Headers

GET / HTTP/1.1
Host: ubs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
pragma: no-cache
strict-transport-security: max-age=31536000;
location: https://www.ubs.com/
cache-control: no-cache
x-ubs-correlation-id: 7ebEgfs8oALuazq6
content-length: 293
content-type: text/html; charset=utf-8
date: Tue, 07 May 2024 12:50:59 GMT
server: Apache
X-Firefox-Spdy: h2

t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://ubs.com&size=16

142.250.74.164

200 OK

328 B

URL GET HTTP/2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://ubs.com&size=16
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeifjrwtj3v3chuwxknvikbsd327wiwvfvxgykydog5k34f426s53le/ama-num.html#mike.shain@ubs.com
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced
Size
328 B (328 bytes)
Hash
720e675d345bba311d369b7c77745bd8
1d047397cad46c68739490e9f1f28ec31dc0847f
20971b59c3c84a4e10211c0af213f1df5fdeac22eae5509cbf1cf5aec3a6d588

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://ubs.com&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cloudflare-ipfs.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-location: https://www.ubs.com/etc/designs/fit/img/favicons/favicon-16x16.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 328
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 May 2024 12:49:10 GMT
expires: Tue, 14 May 2024 12:49:10 GMT
cache-control: public, max-age=604800
last-modified: Fri, 22 Dec 2023 15:36:01 GMT
content-type: image/png
age: 110
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.ubs.com/

104.110.26.106

302 Found

0 B

URL GET HTTP/2
www.ubs.com/
IP
104.110.26.106:443
ASN
#16625 AKAMAI-AS

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeifjrwtj3v3chuwxknvikbsd327wiwvfvxgykydog5k34f426s53le/ama-num.html#mike.shain@ubs.com
Certificate
IssuerDigiCert Inc
Subjectwww.ubs.com
FingerprintF3:9B:C1:5A:75:16:C7:AD:F5:90:3F:F8:F7:28:E8:D3:50:E5:89:51
ValidityThu, 16 Nov 2023 00:00:00 GMT - Thu, 12 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: www.ubs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cloudflare-ipfs.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: AkamaiGHost
content-length: 0
location: https://www.ubs.com/no/en.html
expires: Tue, 07 May 2024 12:51:00 GMT
cache-control: max-age=0, no-cache, private
pragma: no-cache
date: Tue, 07 May 2024 12:51:00 GMT
set-cookie: country=no; expires=Wed, 07-May-2025 12:51:00 GMT; path=/; domain=.ubs.com; secure; HttpOnly
language=en; expires=Wed, 07-May-2025 12:51:00 GMT; path=/; domain=.ubs.com; secure; HttpOnly
geo-country=NO; path=/; domain=.ubs.com; secure; HttpOnly; SameSite=None
alt-svc: h3=":443"; ma=93600
strict-transport-security: max-age=31536000; preload
content-security-policy: default-src 'none'
X-Firefox-Spdy: h2

www.ubs.com/no/en.html

104.110.26.106

200 OK

16 kB

URL GET HTTP/2
www.ubs.com/no/en.html
IP
104.110.26.106:443
ASN
#16625 AKAMAI-AS

Requested by
https://cloudflare-ipfs.com/ipfs/bafybeifjrwtj3v3chuwxknvikbsd327wiwvfvxgykydog5k34f426s53le/ama-num.html#mike.shain@ubs.com
Certificate
IssuerDigiCert Inc
Subjectwww.ubs.com
FingerprintF3:9B:C1:5A:75:16:C7:AD:F5:90:3F:F8:F7:28:E8:D3:50:E5:89:51
ValidityThu, 16 Nov 2023 00:00:00 GMT - Thu, 12 Dec 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (16719)
Size
16 kB (15514 bytes)
Hash
512a7dca596b9b035c8a897eecc66927
97b1fe5b85f83e6282d15949df6893a077719255
d52f5ce717e86191c2f16d120dc457b98f7017b87104de7eabee55c060a0762a

HTTP Headers

GET /no/en.html HTTP/1.1
Host: www.ubs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cloudflare-ipfs.com/
DNT: 1
Connection: keep-alive
Cookie: geo-country=NO
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: Apache
content-type: text/html;charset=utf-8
content-security-policy-report-only: script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.ubs.com *.ubs.net *.adobedtm.com *.demdex.net *.decibelinsight.net *.decibel.com *.adform.net *.everesttech.net *.googleapis.com *.brightcove.net *.2o7.net *.omtrdc.net *.tt.omtrdc.net *.zencdn.net *.akamaihd.net *.facebook.net *.googleadservices.com *.googletagmanager.com *.google.com *.doubleclick.net *.cloudflare.com *.zmags.com *.raisenow.com *.adobe.com fuse.ubs.com *.mkt.dynamics.com *.azureedge.net *.adnxs.com *.ipify.org *.google-analytics.com *.tiktok.com *.datatrans.com; style-src 'self' 'unsafe-inline' *.googleapis.com; object-src *.ubs.com *.ubs.net https://players.brightcove.net; base-uri 'none'; form-action *.ubs.com *.ubs.net; frame-ancestors *.ubs.com *.ubs.net *.homegate.ch *.financescout24.ch *.immoscout24.ch *.acheter-louer.ch *.buy-rent.ch *.kaufen-mieten.ch *.pwj.com; frame-src *.ubs.com *.ubs.net https://ubs.demdex.net optimus.foundation https://outlook.office365.com *.omniture.com *.adobe.com *.datatrans.com; connect-src *.ubs.com *.ubs.net wss://collection.decibelinsight.net *.decibelinsight.net *.decibel.com *.demdex.net *.brightcove.com *.brightcove.services *.boltdns.net *.brightcovecdn.com *.googleapis.com *.akamaihd.net fuseapi.ubs.com fuseconsole.ubs.com fuse.ubs.com wss://fuse.ubs.com *.mkt.dynamics.com *.azureedge.net *.google-analytics.com tt.ubs.com *.raisenow.io *.raisenow.com; img-src *.ubs.com *.ubs.net data: fuseapi.ubs.com fuseconsole.ubs.com fuse.ubs.com *.brightcove.com *.boltdns.net *.brightcovecdn.com *.gstatic.com *.googleapis.com *.twitter.com t.co *.facebook.com *.linkedin.com *.google.com *.google.ch *.doubleclick.net *.googleadservices.com *.googletagmanager.com *.yahoo.co.jp *.adform.net *.akamaihd.net *.adnxs.com *.ipify.org *.google-analytics.com *.tiktok.com *.raisenow.com *.google.com.au *.google.com.br *.google.ca *.google.cn *.google.fr *.google.de *.google.com.hk *.google.co.in *.google.co.id *.google.co.il *.google.it *.google.co.jp *.google.com.mx *.google.com.sa *.google.com.sg *.google.com.tw *.google.ae *.google.co.uk; report-uri /csp/reports
strict-transport-security: max-age=31536000; preload
alt-svc: h3=":443"; ma=93600
vary: Accept-Encoding
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.ubs.com *.ubs.net *.adobedtm.com *.demdex.net *.decibelinsight.net *.decibel.com *.adform.net *.everesttech.net *.googleapis.com *.brightcove.net *.2o7.net *.omtrdc.net *.tt.omtrdc.net *.zencdn.net *.akamaihd.net *.facebook.net *.googleadservices.com *.googletagmanager.com *.google.com *.doubleclick.net *.cloudflare.com *.zmags.com *.raisenow.com *.adobe.com fuse.ubs.com *.mkt.dynamics.com *.azureedge.net *.adnxs.com *.ipify.org *.google-analytics.com *.tiktok.com *.datatrans.com; upgrade-insecure-requests; object-src *.ubs.com *.ubs.net https://players.brightcove.net; form-action *.ubs.com *.ubs.net; frame-ancestors *.ubs.com *.ubs.net *.homegate.ch *.financescout24.ch *.immoscout24.ch *.acheter-louer.ch *.buy-rent.ch *.kaufen-mieten.ch *.pwj.com; frame-src *.ubs.com *.ubs.net https://ubs.demdex.net https://outlook.office365.com *.omniture.com *.adobe.com *.datatrans.com; connect-src *.ubs.com *.ubs.net wss://collection.decibelinsight.net *.decibelinsight.net *.decibel.com *.demdex.net *.brightcove.com *.brightcove.services *.boltdns.net *.brightcovecdn.com *.googleapis.com *.akamaihd.net fuseapi.ubs.com fuseconsole.ubs.com fuse.ubs.com wss://fuse.ubs.com *.mkt.dynamics.com *.azureedge.net *.google-analytics.com tt.ubs.com *.raisenow.io *.raisenow.com; img-src *.ubs.com *.ubs.net data: fuseapi.ubs.com fuseconsole.ubs.com fuse.ubs.com *.brightcove.com *.boltdns.net *.brightcovecdn.com *.gstatic.com *.googleapis.com *.twitter.com t.co *.facebook.com *.linkedin.com *.google.com *.google.ch *.doubleclick.net *.googleadservices.com *.googletagmanager.com *.yahoo.co.jp *.adform.net *.akamaihd.net *.adnxs.com *.ipify.org *.google-analytics.com *.tiktok.com *.raisenow.com *.google.com.au *.google.com.br *.google.ca *.google.cn *.google.fr *.google.de *.google.com.hk *.google.co.in *.google.co.id *.google.co.il *.google.it *.google.co.jp *.google.com.mx *.google.com.sa *.google.com.sg *.google.com.tw *.google.ae *.google.co.uk
x-frame-options: SAMEORIGIN
x-cors-domain: *.ubs.com *.ubs.net
feature-policy: camera 'none'; microphone 'none'
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: https://secure.ubs.com
x-varnish-cache: HIT
x-nodeid: prod-p-1 - t=1715086150912950 D=68635
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block
x-age: 25327
origin-agent-cluster: ?0
access-control-allow-methods: GET,HEAD,POST,OPTIONS
permissions-policy: microphone=(), camera=()
x-frame-ancestors: *.homegate.ch *.financescout24.ch *.immoscout24.ch *.acheter-louer.ch *.buy-rent.ch *.kaufen-mieten.ch *.pwj.com
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers,Accept,Accept-Language,Cache-Control,CSRF-Token
content-encoding: gzip
cache-control: private, max-age=300
date: Tue, 07 May 2024 12:51:00 GMT
content-length: 15514
X-Firefox-Spdy: h2

www.ubs.com/csp/reports

104.110.26.106

376 B

URL
www.ubs.com/csp/reports
IP
104.110.26.106:0
ASN
#16625 AKAMAI-AS

Certificate
IssuerDigiCert Inc
Subjectwww.ubs.com
FingerprintF3:9B:C1:5A:75:16:C7:AD:F5:90:3F:F8:F7:28:E8:D3:50:E5:89:51
ValidityThu, 16 Nov 2023 00:00:00 GMT - Thu, 12 Dec 2024 23:59:59 GMT

File type
HTML document, ASCII text
Size
376 B (376 bytes)
Hash
223a56e24148d10d26ed9b6eb7fbc3b1
8e6284caad9612da0cd8daa2d4aae889ca2e8924
e4b1d2aba292346908843a4cf4af24fa368aee980e6a5ddd2792606b6d96552b

HTTP Headers

POST /csp/reports HTTP/1.1
Host: www.ubs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 2374
Origin: https://www.ubs.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/2 200 OK
server: AkamaiGHost
mime-version: 1.0
content-type: text/html
content-length: 376
expires: Tue, 07 May 2024 12:51:00 GMT
date: Tue, 07 May 2024 12:51:00 GMT
set-cookie: geo-country=NO; path=/; domain=.ubs.com; secure; HttpOnly; SameSite=None
alt-svc: h3=":443"; ma=93600
strict-transport-security: max-age=31536000; preload
X-Firefox-Spdy: h2

cloudflare-ipfs.com/ipfs/bafybeifjrwtj3v3chuwxknvikbsd327wiwvfvxgykydog5k34f426s53le/ama-num.html

104.17.96.13

59 kB

URL
cloudflare-ipfs.com/ipfs/bafybeifjrwtj3v3chuwxknvikbsd327wiwvfvxgykydog5k34f426s53le/ama-num.html
IP
104.17.96.13:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectcloudflare-ipfs.com
FingerprintAF:BC:14:E3:55:D9:D8:F0:3C:8E:26:A0:4E:4A:C8:E6:13:58:A0:59
ValidityWed, 24 Apr 2024 02:22:22 GMT - Tue, 23 Jul 2024 02:22:21 GMT

File type
HTML document, ASCII text
Size
59 kB (59115 bytes)
Hash
bf4a10cc2c7de5329f096beede91a345
70b823148ec8a38e8b6cb57ab0db59cd65323100
95e54ef769f075a6dfb7df45dccdf28314b4313f9744c3d58ae044303632509a

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Other

HTTP Headers

GET /ipfs/bafybeifjrwtj3v3chuwxknvikbsd327wiwvfvxgykydog5k34f426s53le/ama-num.html HTTP/1.1
Host: cloudflare-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 12:50:59 GMT
content-type: text/html
cf-ray: 880156b7cc4eb4f4-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 21181
cache-control: public, max-age=29030400, immutable
etag: W/"bafkreiev4vhpo2pqowtn7n67ixom34udcs2dcp4xitb5lcxaiqydmmsqti"
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: hit
x-ipfs-path: /ipfs/bafybeifjrwtj3v3chuwxknvikbsd327wiwvfvxgykydog5k34f426s53le/ama-num.html
x-ipfs-roots: bafybeifjrwtj3v3chuwxknvikbsd327wiwvfvxgykydog5k34f426s53le,bafkreiev4vhpo2pqowtn7n67ixom34udcs2dcp4xitb5lcxaiqydmmsqti
set-cookie: __cf_bm=S29PUwHVGeXLIRgtauMhorSrrnLb1V8majx9J3BoYlM-1715086259-1.0.1.1-CqpjcCglyp2Cv6coI6aqTT5CZVqG2WqUpq_.TxDJWBDlHhcOwaMfK_mnzifBaKF2eLHvr10UeV6BfxQQHEYBIA; path=/; expires=Tue, 07-May-24 13:20:59 GMT; domain=.cloudflare-ipfs.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cloudflare-ipfs.com/ipfs/bafybeifjrwtj3v3chuwxknvikbsd327wiwvfvxgykydog5k34f426s53le/ama-num.html

104.17.96.13

200 OK

438 kB

URL User Request GET HTTP/2
cloudflare-ipfs.com/ipfs/bafybeifjrwtj3v3chuwxknvikbsd327wiwvfvxgykydog5k34f426s53le/ama-num.html
IP
104.17.96.13:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectcloudflare-ipfs.com
FingerprintAF:BC:14:E3:55:D9:D8:F0:3C:8E:26:A0:4E:4A:C8:E6:13:58:A0:59
ValidityWed, 24 Apr 2024 02:22:22 GMT - Tue, 23 Jul 2024 02:22:21 GMT

File type
HTML document, ASCII text
Size
438 kB (437715 bytes)
Hash
bf4a10cc2c7de5329f096beede91a345
70b823148ec8a38e8b6cb57ab0db59cd65323100
95e54ef769f075a6dfb7df45dccdf28314b4313f9744c3d58ae044303632509a

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Other

HTTP Headers

GET /ipfs/bafybeifjrwtj3v3chuwxknvikbsd327wiwvfvxgykydog5k34f426s53le/ama-num.html HTTP/1.1
Host: cloudflare-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 12:50:59 GMT
content-type: text/html
cf-ray: 880156b7cc4eb4f4-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 21181
cache-control: public, max-age=29030400, immutable
etag: W/"bafkreiev4vhpo2pqowtn7n67ixom34udcs2dcp4xitb5lcxaiqydmmsqti"
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: hit
x-ipfs-path: /ipfs/bafybeifjrwtj3v3chuwxknvikbsd327wiwvfvxgykydog5k34f426s53le/ama-num.html
x-ipfs-roots: bafybeifjrwtj3v3chuwxknvikbsd327wiwvfvxgykydog5k34f426s53le,bafkreiev4vhpo2pqowtn7n67ixom34udcs2dcp4xitb5lcxaiqydmmsqti
set-cookie: __cf_bm=S29PUwHVGeXLIRgtauMhorSrrnLb1V8majx9J3BoYlM-1715086259-1.0.1.1-CqpjcCglyp2Cv6coI6aqTT5CZVqG2WqUpq_.TxDJWBDlHhcOwaMfK_mnzifBaKF2eLHvr10UeV6BfxQQHEYBIA; path=/; expires=Tue, 07-May-24 13:20:59 GMT; domain=.cloudflare-ipfs.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (15)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by