Report - schwab-abcd.top/us/

Report Overview

Visited public
2025-06-17 15:21:53
Tags
Submit Tags
URL
schwab-abcd.top/us/
Finishing URL
schwab-abcd.top/us/
IP / ASN
23.94.207.213
#36352 AS-COLOCROSSING
Title
Quality Women's Leather Shoes and Accessories | Maguire Shoes

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
schwab-abcd.top	unknown	unknown	No data	No data	14 kB	1.4 MB	23.94.207.213

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-06-17	medium	schwab-abcd.top	Sinkholed
2025-06-17	medium	schwab-abcd.top	Sinkholed
2025-06-17	medium	schwab-abcd.top	Sinkholed
2025-06-17	medium	schwab-abcd.top	Sinkholed
2025-06-17	medium	schwab-abcd.top	Sinkholed
2025-06-17	medium	schwab-abcd.top	Sinkholed
2025-06-17	medium	schwab-abcd.top	Sinkholed
2025-06-17	medium	schwab-abcd.top	Sinkholed
2025-06-17	medium	schwab-abcd.top	Sinkholed
2025-06-17	medium	schwab-abcd.top	Sinkholed
2025-06-17	medium	schwab-abcd.top	Sinkholed
2025-06-17	medium	schwab-abcd.top	Sinkholed
2025-06-17	medium	schwab-abcd.top	Sinkholed
2025-06-17	medium	schwab-abcd.top	Sinkholed
2025-06-17	medium	schwab-abcd.top	Sinkholed
2025-06-17	medium	schwab-abcd.top	Sinkholed
2025-06-17	medium	schwab-abcd.top	Sinkholed
2025-06-17	medium	schwab-abcd.top	Sinkholed
2025-06-17	medium	schwab-abcd.top	Sinkholed
2025-06-17	medium	schwab-abcd.top	Sinkholed
2025-06-17	medium	schwab-abcd.top	Sinkholed
2025-06-17	medium	schwab-abcd.top	Sinkholed
2025-06-17	medium	schwab-abcd.top	Sinkholed
2025-06-17	medium	schwab-abcd.top	Sinkholed
2025-06-17	medium	schwab-abcd.top	Sinkholed
2025-06-17	medium	schwab-abcd.top	Sinkholed
2025-06-17	medium	schwab-abcd.top	Sinkholed
2025-06-17	medium	schwab-abcd.top	Sinkholed
2025-06-17	medium	schwab-abcd.top	Sinkholed
2025-06-17	medium	schwab-abcd.top	Sinkholed
2025-06-17	medium	schwab-abcd.top	Sinkholed

ThreatFox

No alerts detected

JavaScript (1)

	URL	From	Size	First Seen	Last Seen
	schwab-abcd.top/us/	ScriptElement	292 B	2025-05-31	2025-06-17
Pretty URL schwab-abcd.top/us/ IP 23.94.207.213 ASN #36352 AS-COLOCROSSING Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-31 12:28 Last Seen2025-06-17 15:21 Times Seen100 Hash 23b70cf5a38cc46941b5dd934f690cb5 ca06daf4141efb210c1a1136751a3304b2953cde 97e3a168ccbf1a0ee0f3f7c626c8c8cc71b7a5eb0025a9ac713dd468dd44123d Loading...

HTTP Transactions (31)

URL IP Response Size

GET schwab-abcd.top/static/css/style_1739780746812_1s8x5g.css

23.94.207.213

200 OK

3.7 kB

URL GET
schwab-abcd.top/static/css/style_1739780746812_1s8x5g.css
IP
23.94.207.213:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://schwab-abcd.top/us/
Certificate
IssuerLet's Encrypt
Subjectschwab-abcd.top
Fingerprint42:DA:03:DD:37:1D:4D:BB:23:C2:CB:BD:B9:BC:4A:27:88:5A:F2:40
ValidityTue, 17 Jun 2025 10:48:49 GMT - Mon, 15 Sep 2025 10:48:48 GMT

File type
ASCII text, with very long lines (3707), with no line terminators
Size
3.7 kB (3707 bytes)
Hash
201d028a99d7485461f51dd16de8d57b
4fb0cb5f2ecc2be56bf639bb0be451e7d3407f09
7775670eb6690da94732c36eaf2bfb0ccdc55234b55c1d2c97707465336686ab

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/css/style_1739780746812_1s8x5g.css HTTP/1.1
Host: schwab-abcd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://schwab-abcd.top/us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.26.3
date: Tue, 17 Jun 2025 15:21:22 GMT
content-type: text/css
vary: Accept-Encoding
etag: W/"682f71f2-e7b"
strict-transport-security: max-age=31536000
last-modified: Wed, 21 Oct 2020 07:28:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

GET schwab-abcd.top/us/static/picture/be6fd4240a7840bab1a65a75a0aa70bb.gif

23.94.207.213

200 OK

178 kB

URL GET
schwab-abcd.top/us/static/picture/be6fd4240a7840bab1a65a75a0aa70bb.gif
IP
23.94.207.213:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://schwab-abcd.top/us/
Certificate
IssuerLet's Encrypt
Subjectschwab-abcd.top
Fingerprint42:DA:03:DD:37:1D:4D:BB:23:C2:CB:BD:B9:BC:4A:27:88:5A:F2:40
ValidityTue, 17 Jun 2025 10:48:49 GMT - Mon, 15 Sep 2025 10:48:48 GMT

File type
HTML document, Unicode text, UTF-8 text
Size
178 kB (178285 bytes)
Hash
e97275dd054e4cbc2820f895ba33f554
8b5a305e9959f962445c4370c179db7835a34bda
ed46e93efed40678cc3a6f3395143c6bc58338603bf836d690f74a8b6fcd85b3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/static/picture/be6fd4240a7840bab1a65a75a0aa70bb.gif HTTP/1.1
Host: schwab-abcd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.26.3
date: Tue, 17 Jun 2025 15:21:22 GMT
content-type: text/html
vary: Accept-Encoding
etag: W/"6833bc18-2b86d"
strict-transport-security: max-age=31536000
last-modified: Wed, 21 Oct 2020 07:28:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

GET schwab-abcd.top/static/css/style_1739780746813_75wiz6.css

23.94.207.213

200 OK

1.1 kB

URL GET
schwab-abcd.top/static/css/style_1739780746813_75wiz6.css
IP
23.94.207.213:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://schwab-abcd.top/us/
Certificate
IssuerLet's Encrypt
Subjectschwab-abcd.top
Fingerprint42:DA:03:DD:37:1D:4D:BB:23:C2:CB:BD:B9:BC:4A:27:88:5A:F2:40
ValidityTue, 17 Jun 2025 10:48:49 GMT - Mon, 15 Sep 2025 10:48:48 GMT

File type
ASCII text, with very long lines (1112), with no line terminators
Size
1.1 kB (1112 bytes)
Hash
04135f5cb94c58fa7a8dd10d88e634c7
b2680dd10a0bf419239005f2a49d8ea1e62df48e
d05aee55fbed8b9a9dde7f9e617d754bfd9a86863fbdbe76451b7d50fd51aae7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/css/style_1739780746813_75wiz6.css HTTP/1.1
Host: schwab-abcd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://schwab-abcd.top/us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.26.3
date: Tue, 17 Jun 2025 15:21:22 GMT
content-type: text/css
vary: Accept-Encoding
etag: W/"682f71f4-458"
strict-transport-security: max-age=31536000
last-modified: Wed, 21 Oct 2020 07:28:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

GET schwab-abcd.top/static/picture/image_1739780746821_4sjabq.png

23.94.207.213

200 OK

3.2 kB

URL GET
schwab-abcd.top/static/picture/image_1739780746821_4sjabq.png
IP
23.94.207.213:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://schwab-abcd.top/us/
Certificate
IssuerLet's Encrypt
Subjectschwab-abcd.top
Fingerprint42:DA:03:DD:37:1D:4D:BB:23:C2:CB:BD:B9:BC:4A:27:88:5A:F2:40
ValidityTue, 17 Jun 2025 10:48:49 GMT - Mon, 15 Sep 2025 10:48:48 GMT

File type
PNG image data, 73 x 71, 8-bit colormap, non-interlaced
Size
3.2 kB (3241 bytes)
Hash
053907586f92bc524fae59aee809ea7f
1e3e5d1bb4cd4bc9db3fa4b81731fd9956406584
c0900fb073504122a088dee7f835abcb4136a9c51fc7906acb0e3dab99fcf888

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/picture/image_1739780746821_4sjabq.png HTTP/1.1
Host: schwab-abcd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.26.3
date: Tue, 17 Jun 2025 15:21:22 GMT
content-type: image/png
content-length: 3241
etag: "682f71fa-ca9"
strict-transport-security: max-age=31536000
last-modified: Wed, 21 Oct 2020 07:28:00 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET schwab-abcd.top/static/picture/image_1739780746816_304vu5.webp

23.94.207.213

200 OK

86 kB

URL GET
schwab-abcd.top/static/picture/image_1739780746816_304vu5.webp
IP
23.94.207.213:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://schwab-abcd.top/us/
Certificate
IssuerLet's Encrypt
Subjectschwab-abcd.top
Fingerprint42:DA:03:DD:37:1D:4D:BB:23:C2:CB:BD:B9:BC:4A:27:88:5A:F2:40
ValidityTue, 17 Jun 2025 10:48:49 GMT - Mon, 15 Sep 2025 10:48:48 GMT

File type
RIFF (little-endian) data, Web/P image
Size
86 kB (85966 bytes)
Hash
4004d630c1c80f057814ded7def174df
d7503a28616443fb2a47b9eb5c2c5918376c7475
51a775ffbd76928cb2fb443d3e77a82f509b01f522c8e3c3d4fdb5b6cfc4dd9c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/picture/image_1739780746816_304vu5.webp HTTP/1.1
Host: schwab-abcd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.26.3
date: Tue, 17 Jun 2025 15:21:22 GMT
content-type: image/webp
content-length: 85966
etag: "682f71fc-14fce"
strict-transport-security: max-age=31536000
last-modified: Wed, 21 Oct 2020 07:28:00 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET schwab-abcd.top/us/

23.94.207.213

200 OK

178 kB

URL User Request GET
schwab-abcd.top/us/
IP
23.94.207.213:443
ASN
#36352 AS-COLOCROSSING

Certificate
IssuerLet's Encrypt
Subjectschwab-abcd.top
Fingerprint42:DA:03:DD:37:1D:4D:BB:23:C2:CB:BD:B9:BC:4A:27:88:5A:F2:40
ValidityTue, 17 Jun 2025 10:48:49 GMT - Mon, 15 Sep 2025 10:48:48 GMT

File type
HTML document, Unicode text, UTF-8 text
Size
178 kB (178285 bytes)
Hash
e97275dd054e4cbc2820f895ba33f554
8b5a305e9959f962445c4370c179db7835a34bda
ed46e93efed40678cc3a6f3395143c6bc58338603bf836d690f74a8b6fcd85b3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/ HTTP/1.1
Host: schwab-abcd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.26.3
date: Tue, 17 Jun 2025 15:21:21 GMT
content-type: text/html
vary: Accept-Encoding
etag: W/"6833bc18-2b86d"
strict-transport-security: max-age=31536000
last-modified: Wed, 21 Oct 2020 07:28:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

GET schwab-abcd.top/static/css/style_1739780746813_ajqlay.css

23.94.207.213

200 OK

682 B

URL GET
schwab-abcd.top/static/css/style_1739780746813_ajqlay.css
IP
23.94.207.213:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://schwab-abcd.top/us/
Certificate
IssuerLet's Encrypt
Subjectschwab-abcd.top
Fingerprint42:DA:03:DD:37:1D:4D:BB:23:C2:CB:BD:B9:BC:4A:27:88:5A:F2:40
ValidityTue, 17 Jun 2025 10:48:49 GMT - Mon, 15 Sep 2025 10:48:48 GMT

File type
ASCII text, with very long lines (682), with no line terminators
Size
682 B (682 bytes)
Hash
5619547b3f6ea8511177ad397ee243e2
427862ad2f9511435b4cf5eb59c2faa82ab34c44
8eeadc22074ffc83ed08cc24384fe50df60755781040606272b6f065beb54ac4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/css/style_1739780746813_ajqlay.css HTTP/1.1
Host: schwab-abcd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://schwab-abcd.top/us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.26.3
date: Tue, 17 Jun 2025 15:21:22 GMT
content-type: text/css
content-length: 682
etag: "682f71f4-2aa"
strict-transport-security: max-age=31536000
last-modified: Wed, 21 Oct 2020 07:28:00 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET schwab-abcd.top/static/fonts/font_1739780746811_qs43ig.woff2

23.94.207.213

200 OK

43 kB

URL GET
schwab-abcd.top/static/fonts/font_1739780746811_qs43ig.woff2
IP
23.94.207.213:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://schwab-abcd.top/us/
Certificate
IssuerLet's Encrypt
Subjectschwab-abcd.top
Fingerprint42:DA:03:DD:37:1D:4D:BB:23:C2:CB:BD:B9:BC:4A:27:88:5A:F2:40
ValidityTue, 17 Jun 2025 10:48:49 GMT - Mon, 15 Sep 2025 10:48:48 GMT

File type
Web Open Font Format (Version 2), CFF, length 43052, version 0.0
Size
43 kB (43052 bytes)
Hash
9963f195ee54565d001eff1612a71913
b671c5532f6aca8a5c4c7ba7634b0c384b885766
0bff2d7a2d881fbb3f8fe38c29dca33cbbe9019bb8e5193c6d417a621edc422e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/fonts/font_1739780746811_qs43ig.woff2 HTTP/1.1
Host: schwab-abcd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://schwab-abcd.top/static/css/style_1739780746813_kcaldv.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.26.3
date: Tue, 17 Jun 2025 15:21:22 GMT
content-type: font/woff2
content-length: 43052
vary: Accept-Encoding
etag: "682f71f8-a82c"
strict-transport-security: max-age=31536000
last-modified: Wed, 21 Oct 2020 07:28:00 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET schwab-abcd.top/static/picture/image_1739780746819_e1k1it.webp

23.94.207.213

200 OK

192 kB

URL GET
schwab-abcd.top/static/picture/image_1739780746819_e1k1it.webp
IP
23.94.207.213:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://schwab-abcd.top/us/
Certificate
IssuerLet's Encrypt
Subjectschwab-abcd.top
Fingerprint42:DA:03:DD:37:1D:4D:BB:23:C2:CB:BD:B9:BC:4A:27:88:5A:F2:40
ValidityTue, 17 Jun 2025 10:48:49 GMT - Mon, 15 Sep 2025 10:48:48 GMT

File type
RIFF (little-endian) data, Web/P image
Size
192 kB (192056 bytes)
Hash
8ae870ea1db3020187ffef4171b53b8f
4b3d227d519088a431ed63e025d469ea38f5e57d
750a01176f7000d26da9362289a1a625a2164b8e8b995b85a33b287a0717a2e3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/picture/image_1739780746819_e1k1it.webp HTTP/1.1
Host: schwab-abcd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.26.3
date: Tue, 17 Jun 2025 15:21:22 GMT
content-type: image/webp
content-length: 192056
etag: "682f71fe-2ee38"
strict-transport-security: max-age=31536000
last-modified: Wed, 21 Oct 2020 07:28:00 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET schwab-abcd.top/us/static/picture/ed9ca0060b6542eb94e6716b08be44bd.gif

23.94.207.213

200 OK

178 kB

URL GET
schwab-abcd.top/us/static/picture/ed9ca0060b6542eb94e6716b08be44bd.gif
IP
23.94.207.213:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://schwab-abcd.top/us/
Certificate
IssuerLet's Encrypt
Subjectschwab-abcd.top
Fingerprint42:DA:03:DD:37:1D:4D:BB:23:C2:CB:BD:B9:BC:4A:27:88:5A:F2:40
ValidityTue, 17 Jun 2025 10:48:49 GMT - Mon, 15 Sep 2025 10:48:48 GMT

File type
HTML document, Unicode text, UTF-8 text
Size
178 kB (178285 bytes)
Hash
e97275dd054e4cbc2820f895ba33f554
8b5a305e9959f962445c4370c179db7835a34bda
ed46e93efed40678cc3a6f3395143c6bc58338603bf836d690f74a8b6fcd85b3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/static/picture/ed9ca0060b6542eb94e6716b08be44bd.gif HTTP/1.1
Host: schwab-abcd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.26.3
date: Tue, 17 Jun 2025 15:21:22 GMT
content-type: text/html
vary: Accept-Encoding
etag: W/"6833bc18-2b86d"
strict-transport-security: max-age=31536000
last-modified: Wed, 21 Oct 2020 07:28:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

GET schwab-abcd.top/us/static/picture/[[featured_image.url]]

23.94.207.213

200 OK

178 kB

URL GET
schwab-abcd.top/us/static/picture/[[featured_image.url]]
IP
23.94.207.213:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://schwab-abcd.top/us/
Certificate
IssuerLet's Encrypt
Subjectschwab-abcd.top
Fingerprint42:DA:03:DD:37:1D:4D:BB:23:C2:CB:BD:B9:BC:4A:27:88:5A:F2:40
ValidityTue, 17 Jun 2025 10:48:49 GMT - Mon, 15 Sep 2025 10:48:48 GMT

File type
HTML document, Unicode text, UTF-8 text
Size
178 kB (178285 bytes)
Hash
e97275dd054e4cbc2820f895ba33f554
8b5a305e9959f962445c4370c179db7835a34bda
ed46e93efed40678cc3a6f3395143c6bc58338603bf836d690f74a8b6fcd85b3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /us/static/picture/[[featured_image.url]] HTTP/1.1
Host: schwab-abcd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.26.3
date: Tue, 17 Jun 2025 15:21:22 GMT
content-type: text/html
vary: Accept-Encoding
etag: W/"6833bc18-2b86d"
strict-transport-security: max-age=31536000
last-modified: Wed, 21 Oct 2020 07:28:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

GET schwab-abcd.top/static/picture/image_1739780746817_efooco.webp

23.94.207.213

200 OK

118 kB

URL GET
schwab-abcd.top/static/picture/image_1739780746817_efooco.webp
IP
23.94.207.213:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://schwab-abcd.top/us/
Certificate
IssuerLet's Encrypt
Subjectschwab-abcd.top
Fingerprint42:DA:03:DD:37:1D:4D:BB:23:C2:CB:BD:B9:BC:4A:27:88:5A:F2:40
ValidityTue, 17 Jun 2025 10:48:49 GMT - Mon, 15 Sep 2025 10:48:48 GMT

File type
RIFF (little-endian) data, Web/P image
Size
118 kB (117718 bytes)
Hash
f66c65e68c95bafba3670671b80c818d
b509f4bf85145f10f8beca317e6ba81fcb8aa5c9
00a26384291667aebea511647d634e16e40c670ec82d6123b7f44b473fbb3f75

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/picture/image_1739780746817_efooco.webp HTTP/1.1
Host: schwab-abcd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.26.3
date: Tue, 17 Jun 2025 15:21:22 GMT
content-type: image/webp
content-length: 117718
etag: "682f71fe-1cbd6"
strict-transport-security: max-age=31536000
last-modified: Wed, 21 Oct 2020 07:28:00 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET schwab-abcd.top/static/css/style_1739780746812_hp3gsy.css

23.94.207.213

200 OK

6.0 kB

URL GET
schwab-abcd.top/static/css/style_1739780746812_hp3gsy.css
IP
23.94.207.213:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://schwab-abcd.top/us/
Certificate
IssuerLet's Encrypt
Subjectschwab-abcd.top
Fingerprint42:DA:03:DD:37:1D:4D:BB:23:C2:CB:BD:B9:BC:4A:27:88:5A:F2:40
ValidityTue, 17 Jun 2025 10:48:49 GMT - Mon, 15 Sep 2025 10:48:48 GMT

File type
ASCII text, with very long lines (5957), with no line terminators
Size
6.0 kB (5957 bytes)
Hash
6899687122cd77c0cd022db626cd34d9
668593b15df094bc19491cd996033f1fe2f54510
a0e9d3accdc0353e3e670fdab72a577f4424ed17bde52bd00dc584a8962e0a15

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/css/style_1739780746812_hp3gsy.css HTTP/1.1
Host: schwab-abcd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://schwab-abcd.top/us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.26.3
date: Tue, 17 Jun 2025 15:21:22 GMT
content-type: text/css
vary: Accept-Encoding
etag: W/"682f71f4-1745"
strict-transport-security: max-age=31536000
last-modified: Wed, 21 Oct 2020 07:28:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

GET schwab-abcd.top/static/picture/4407623872f9430bb4c0866b6ca77434.gif%22http://www.w3.org/2000/svg%22%20width=%2296%22%20height=%2272%22%3E%3Crect%20fill-opacity=%220%22/%3E%3C/svg%3E

23.94.207.213

404 Not Found

74 B

URL GET
schwab-abcd.top/static/picture/4407623872f9430bb4c0866b6ca77434.gif%22http://www.w3.org/2000/svg%22%20width=%2296%22%20height=%2272%22%3E%3Crect%20fill-opacity=%220%22/%3E%3C/svg%3E
IP
23.94.207.213:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://schwab-abcd.top/us/
Certificate
IssuerLet's Encrypt
Subjectschwab-abcd.top
Fingerprint42:DA:03:DD:37:1D:4D:BB:23:C2:CB:BD:B9:BC:4A:27:88:5A:F2:40
ValidityTue, 17 Jun 2025 10:48:49 GMT - Mon, 15 Sep 2025 10:48:48 GMT

File type
ASCII text, with no line terminators
Size
74 B (74 bytes)
Hash
49b6a4d9fbfdd7f28d6aab0ca47d4f3c
ba7776bd78ba330bf7f9282e7ba9f66eecab4f6e
f72742bd9209fab9279417668bc31ca875c31e0fd2706264f11b7caeae7737ce

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/picture/4407623872f9430bb4c0866b6ca77434.gif%22http://www.w3.org/2000/svg%22%20width=%2296%22%20height=%2272%22%3E%3Crect%20fill-opacity=%220%22/%3E%3C/svg%3E HTTP/1.1
Host: schwab-abcd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx/1.26.3
date: Tue, 17 Jun 2025 15:21:22 GMT
content-type: text/html
content-length: 74
etag: "6836fc70-4a"
X-Firefox-Spdy: h2

GET schwab-abcd.top/static/css/style_1739780746813_do5bks.css

23.94.207.213

200 OK

62 B

URL GET
schwab-abcd.top/static/css/style_1739780746813_do5bks.css
IP
23.94.207.213:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://schwab-abcd.top/us/
Certificate
IssuerLet's Encrypt
Subjectschwab-abcd.top
Fingerprint42:DA:03:DD:37:1D:4D:BB:23:C2:CB:BD:B9:BC:4A:27:88:5A:F2:40
ValidityTue, 17 Jun 2025 10:48:49 GMT - Mon, 15 Sep 2025 10:48:48 GMT

File type
ASCII text, with no line terminators
Size
62 B (62 bytes)
Hash
ca6edaa5d74d53c1c6fa648f3401a766
58c9323b2168108dab3f614872805e6063839a92
1956fe458b4c27c7d2367b05a6c0a35a612e4f7db3b22b24d9da811646c4005d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/css/style_1739780746813_do5bks.css HTTP/1.1
Host: schwab-abcd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.26.3
date: Tue, 17 Jun 2025 15:21:22 GMT
content-type: text/css
content-length: 62
etag: "682f71f6-3e"
strict-transport-security: max-age=31536000
last-modified: Wed, 21 Oct 2020 07:28:00 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET schwab-abcd.top/static/fonts/font_1739780746811_pgqgp0.woff2

23.94.207.213

200 OK

22 kB

URL GET
schwab-abcd.top/static/fonts/font_1739780746811_pgqgp0.woff2
IP
23.94.207.213:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://schwab-abcd.top/us/
Certificate
IssuerLet's Encrypt
Subjectschwab-abcd.top
Fingerprint42:DA:03:DD:37:1D:4D:BB:23:C2:CB:BD:B9:BC:4A:27:88:5A:F2:40
ValidityTue, 17 Jun 2025 10:48:49 GMT - Mon, 15 Sep 2025 10:48:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 22220, version 1.0
Size
22 kB (22220 bytes)
Hash
702435c79c00db65c3aae9391c1b73c3
5cee60ee35101a3381b4b3f1e78f47265447599e
c4adda18cc1ef3cfc1aee2663268e19105739df48a326a12014a623db351bddb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/fonts/font_1739780746811_pgqgp0.woff2 HTTP/1.1
Host: schwab-abcd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://schwab-abcd.top/static/css/style_1739780746813_2cn3l0.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.26.3
date: Tue, 17 Jun 2025 15:21:22 GMT
content-type: font/woff2
content-length: 22220
vary: Accept-Encoding
etag: "682f71fa-56cc"
strict-transport-security: max-age=31536000
last-modified: Wed, 21 Oct 2020 07:28:00 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET schwab-abcd.top/static/fonts/font_1739780746811_93ag48.woff2

23.94.207.213

200 OK

22 kB

URL GET
schwab-abcd.top/static/fonts/font_1739780746811_93ag48.woff2
IP
23.94.207.213:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://schwab-abcd.top/us/
Certificate
IssuerLet's Encrypt
Subjectschwab-abcd.top
Fingerprint42:DA:03:DD:37:1D:4D:BB:23:C2:CB:BD:B9:BC:4A:27:88:5A:F2:40
ValidityTue, 17 Jun 2025 10:48:49 GMT - Mon, 15 Sep 2025 10:48:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 22280, version 1.0
Size
22 kB (22280 bytes)
Hash
be8b6de64d0dbb7a3a711b8b15194255
ecde762de74b82379ad8dbc07d57c28bed08c003
ed347727225d5e478391195da5f93ca39a91b8911e1d575b5f0a3a0c31484bf3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/fonts/font_1739780746811_93ag48.woff2 HTTP/1.1
Host: schwab-abcd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://schwab-abcd.top/static/css/style_1739780746813_2cn3l0.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.26.3
date: Tue, 17 Jun 2025 15:21:22 GMT
content-type: font/woff2
content-length: 22280
vary: Accept-Encoding
etag: "682f71fe-5708"
strict-transport-security: max-age=31536000
last-modified: Wed, 21 Oct 2020 07:28:00 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET schwab-abcd.top/static/css/style_1739780746813_2cn3l0.css

23.94.207.213

200 OK

292 B

URL GET
schwab-abcd.top/static/css/style_1739780746813_2cn3l0.css
IP
23.94.207.213:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://schwab-abcd.top/us/
Certificate
IssuerLet's Encrypt
Subjectschwab-abcd.top
Fingerprint42:DA:03:DD:37:1D:4D:BB:23:C2:CB:BD:B9:BC:4A:27:88:5A:F2:40
ValidityTue, 17 Jun 2025 10:48:49 GMT - Mon, 15 Sep 2025 10:48:48 GMT

File type
ASCII text, with no line terminators
Size
292 B (292 bytes)
Hash
7b01d041cc9908d5da64542d84e1aa28
fc47a5348e59f917e9444958f501399ae0880dbb
7e7bd30fc45f20c4bc9da743863611f606d5ffd39e1d5b6563ecce8824698ec9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/css/style_1739780746813_2cn3l0.css HTTP/1.1
Host: schwab-abcd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://schwab-abcd.top/us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.26.3
date: Tue, 17 Jun 2025 15:21:22 GMT
content-type: text/css
content-length: 292
etag: "682f71f6-124"
strict-transport-security: max-age=31536000
last-modified: Wed, 21 Oct 2020 07:28:00 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET schwab-abcd.top/static/css/style_1739780746813_a1wagk.css

23.94.207.213

200 OK

34 B

URL GET
schwab-abcd.top/static/css/style_1739780746813_a1wagk.css
IP
23.94.207.213:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://schwab-abcd.top/us/
Certificate
IssuerLet's Encrypt
Subjectschwab-abcd.top
Fingerprint42:DA:03:DD:37:1D:4D:BB:23:C2:CB:BD:B9:BC:4A:27:88:5A:F2:40
ValidityTue, 17 Jun 2025 10:48:49 GMT - Mon, 15 Sep 2025 10:48:48 GMT

File type
ASCII text, with no line terminators
Size
34 B (34 bytes)
Hash
c3d22070feda68fa1b2636c8b097f571
69b8d06b61e33ce4d67f4617106061a018fb7e9f
3171eaee8401ae6d7c5e766b1c0ab49239d04390598251dba6dbfe48f3812e88

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/css/style_1739780746813_a1wagk.css HTTP/1.1
Host: schwab-abcd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.26.3
date: Tue, 17 Jun 2025 15:21:22 GMT
content-type: text/css
content-length: 34
etag: "682f71f6-22"
strict-transport-security: max-age=31536000
last-modified: Wed, 21 Oct 2020 07:28:00 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET schwab-abcd.top/static/picture/image_1739780746821_1ssnyl.png

23.94.207.213

200 OK

2.9 kB

URL GET
schwab-abcd.top/static/picture/image_1739780746821_1ssnyl.png
IP
23.94.207.213:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://schwab-abcd.top/us/
Certificate
IssuerLet's Encrypt
Subjectschwab-abcd.top
Fingerprint42:DA:03:DD:37:1D:4D:BB:23:C2:CB:BD:B9:BC:4A:27:88:5A:F2:40
ValidityTue, 17 Jun 2025 10:48:49 GMT - Mon, 15 Sep 2025 10:48:48 GMT

File type
PNG image data, 72 x 67, 8-bit colormap, non-interlaced
Size
2.9 kB (2897 bytes)
Hash
0687297920f8ec49be3e7ef9c48c9c04
6c9617874b73026c9fe97a6a2e8a8ba2f613aaba
eef4ebf69d7805cda5887cbf20a7c7423934238cbb73790caa3bf6e6416a00f8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/picture/image_1739780746821_1ssnyl.png HTTP/1.1
Host: schwab-abcd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.26.3
date: Tue, 17 Jun 2025 15:21:22 GMT
content-type: image/png
content-length: 2897
etag: "682f71fa-b51"
strict-transport-security: max-age=31536000
last-modified: Wed, 21 Oct 2020 07:28:00 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET schwab-abcd.top/static/css/style_1739780746812_dacon8.css

23.94.207.213

200 OK

3.0 kB

URL GET
schwab-abcd.top/static/css/style_1739780746812_dacon8.css
IP
23.94.207.213:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://schwab-abcd.top/us/
Certificate
IssuerLet's Encrypt
Subjectschwab-abcd.top
Fingerprint42:DA:03:DD:37:1D:4D:BB:23:C2:CB:BD:B9:BC:4A:27:88:5A:F2:40
ValidityTue, 17 Jun 2025 10:48:49 GMT - Mon, 15 Sep 2025 10:48:48 GMT

File type
ASCII text, with very long lines (2993), with no line terminators
Size
3.0 kB (2993 bytes)
Hash
8dcec503e003d1033d189c0696b843de
e421fe490ca1789531f8342a2486c7fd1ff85e9b
e7fad16a80db5a07cc1641073377460fb71fb8c627d6b4508ce46058a31a9a48

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/css/style_1739780746812_dacon8.css HTTP/1.1
Host: schwab-abcd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://schwab-abcd.top/us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.26.3
date: Tue, 17 Jun 2025 15:21:22 GMT
content-type: text/css
vary: Accept-Encoding
etag: W/"682f71f4-bb1"
strict-transport-security: max-age=31536000
last-modified: Wed, 21 Oct 2020 07:28:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

GET schwab-abcd.top/static/css/style_1739780746813_kcaldv.css

23.94.207.213

200 OK

29 kB

URL GET
schwab-abcd.top/static/css/style_1739780746813_kcaldv.css
IP
23.94.207.213:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://schwab-abcd.top/us/
Certificate
IssuerLet's Encrypt
Subjectschwab-abcd.top
Fingerprint42:DA:03:DD:37:1D:4D:BB:23:C2:CB:BD:B9:BC:4A:27:88:5A:F2:40
ValidityTue, 17 Jun 2025 10:48:49 GMT - Mon, 15 Sep 2025 10:48:48 GMT

File type
ASCII text, with very long lines (28474)
Size
29 kB (28649 bytes)
Hash
c16c222f7f42955f13b8ae0d794e4f35
81067a32a21719bb04919189f92b522def97814d
85e14ea5dda26eaa78cda475ebad5c85c9ab3e6fddc3561f4327bece48c1c0fb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/css/style_1739780746813_kcaldv.css HTTP/1.1
Host: schwab-abcd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://schwab-abcd.top/us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.26.3
date: Tue, 17 Jun 2025 15:21:22 GMT
content-type: text/css
vary: Accept-Encoding
etag: W/"682f71f4-6fe9"
strict-transport-security: max-age=31536000
last-modified: Wed, 21 Oct 2020 07:28:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

GET schwab-abcd.top/static/css/style_1739780746815_r4who0.css

23.94.207.213

200 OK

725 B

URL GET
schwab-abcd.top/static/css/style_1739780746815_r4who0.css
IP
23.94.207.213:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://schwab-abcd.top/us/
Certificate
IssuerLet's Encrypt
Subjectschwab-abcd.top
Fingerprint42:DA:03:DD:37:1D:4D:BB:23:C2:CB:BD:B9:BC:4A:27:88:5A:F2:40
ValidityTue, 17 Jun 2025 10:48:49 GMT - Mon, 15 Sep 2025 10:48:48 GMT

File type
ASCII text, with very long lines (725), with no line terminators
Size
725 B (725 bytes)
Hash
a11bebf3bf867c2fe13aeeb96a012d92
3cdab084165a2ede87779f76a4fe6abc7d267d57
329328d79d18dcef1f906a1b95776aef9fdd10875d750b4785e86c868a1f1bf9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/css/style_1739780746815_r4who0.css HTTP/1.1
Host: schwab-abcd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.26.3
date: Tue, 17 Jun 2025 15:21:22 GMT
content-type: text/css
content-length: 725
etag: "682f71f8-2d5"
strict-transport-security: max-age=31536000
last-modified: Wed, 21 Oct 2020 07:28:00 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET schwab-abcd.top/static/fonts/font_1739780746809_h5gezo.woff2

23.94.207.213

200 OK

22 kB

URL GET
schwab-abcd.top/static/fonts/font_1739780746809_h5gezo.woff2
IP
23.94.207.213:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://schwab-abcd.top/us/
Certificate
IssuerLet's Encrypt
Subjectschwab-abcd.top
Fingerprint42:DA:03:DD:37:1D:4D:BB:23:C2:CB:BD:B9:BC:4A:27:88:5A:F2:40
ValidityTue, 17 Jun 2025 10:48:49 GMT - Mon, 15 Sep 2025 10:48:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 22220, version 1.0
Size
22 kB (22220 bytes)
Hash
702435c79c00db65c3aae9391c1b73c3
5cee60ee35101a3381b4b3f1e78f47265447599e
c4adda18cc1ef3cfc1aee2663268e19105739df48a326a12014a623db351bddb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/fonts/font_1739780746809_h5gezo.woff2 HTTP/1.1
Host: schwab-abcd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://schwab-abcd.top/static/css/style_1739780746813_kcaldv.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.26.3
date: Tue, 17 Jun 2025 15:21:22 GMT
content-type: font/woff2
content-length: 22220
vary: Accept-Encoding
etag: "682f71fa-56cc"
strict-transport-security: max-age=31536000
last-modified: Wed, 21 Oct 2020 07:28:00 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET schwab-abcd.top/static/picture/image_1739780746817_mqiyz8.webp

23.94.207.213

200 OK

22 kB

URL GET
schwab-abcd.top/static/picture/image_1739780746817_mqiyz8.webp
IP
23.94.207.213:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://schwab-abcd.top/us/
Certificate
IssuerLet's Encrypt
Subjectschwab-abcd.top
Fingerprint42:DA:03:DD:37:1D:4D:BB:23:C2:CB:BD:B9:BC:4A:27:88:5A:F2:40
ValidityTue, 17 Jun 2025 10:48:49 GMT - Mon, 15 Sep 2025 10:48:48 GMT

File type
RIFF (little-endian) data, Web/P image
Size
22 kB (21808 bytes)
Hash
b99c9e729a05f8e3a589c547b5b900a9
2541100f6e9719a9f47e80def37a93e14477bcfa
43f959b7973513907fde357e0d423629f445ccfb63458ae84c5ef02111b7230b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/picture/image_1739780746817_mqiyz8.webp HTTP/1.1
Host: schwab-abcd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.26.3
date: Tue, 17 Jun 2025 15:21:22 GMT
content-type: image/webp
content-length: 21808
etag: "682f71f8-5530"
strict-transport-security: max-age=31536000
last-modified: Wed, 21 Oct 2020 07:28:00 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET schwab-abcd.top/static/picture/image_1739780746819_exb5g9.webp

23.94.207.213

200 OK

39 kB

URL GET
schwab-abcd.top/static/picture/image_1739780746819_exb5g9.webp
IP
23.94.207.213:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://schwab-abcd.top/us/
Certificate
IssuerLet's Encrypt
Subjectschwab-abcd.top
Fingerprint42:DA:03:DD:37:1D:4D:BB:23:C2:CB:BD:B9:BC:4A:27:88:5A:F2:40
ValidityTue, 17 Jun 2025 10:48:49 GMT - Mon, 15 Sep 2025 10:48:48 GMT

File type
RIFF (little-endian) data, Web/P image
Size
39 kB (38578 bytes)
Hash
0c985070e6f1b59353d52611f0450953
23cfea4924cfe75857cc8797d92f0ddc0f72fa2f
e60b79ba823402b8a57e60d525cbc4da30c516fec317a6bd20e03fb445d9c4c2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/picture/image_1739780746819_exb5g9.webp HTTP/1.1
Host: schwab-abcd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.26.3
date: Tue, 17 Jun 2025 15:21:22 GMT
content-type: image/webp
content-length: 38578
etag: "682f71f8-96b2"
strict-transport-security: max-age=31536000
last-modified: Wed, 21 Oct 2020 07:28:00 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET schwab-abcd.top/static/picture/image_1739780746818_gxt6um.webp

23.94.207.213

200 OK

40 kB

URL GET
schwab-abcd.top/static/picture/image_1739780746818_gxt6um.webp
IP
23.94.207.213:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://schwab-abcd.top/us/
Certificate
IssuerLet's Encrypt
Subjectschwab-abcd.top
Fingerprint42:DA:03:DD:37:1D:4D:BB:23:C2:CB:BD:B9:BC:4A:27:88:5A:F2:40
ValidityTue, 17 Jun 2025 10:48:49 GMT - Mon, 15 Sep 2025 10:48:48 GMT

File type
RIFF (little-endian) data, Web/P image
Size
40 kB (40286 bytes)
Hash
a4a3820af75b79642ee3a8a38bafc993
e589f625fc9338fa80b233079ffa6618fb80b02f
dce0daadbf650365c65754d6324147efe3c8143eca09f469d212dc957b52dd72

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/picture/image_1739780746818_gxt6um.webp HTTP/1.1
Host: schwab-abcd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.26.3
date: Tue, 17 Jun 2025 15:21:22 GMT
content-type: image/webp
content-length: 40286
etag: "682f71fc-9d5e"
strict-transport-security: max-age=31536000
last-modified: Wed, 21 Oct 2020 07:28:00 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET schwab-abcd.top/static/index/theme1/image_1739780746815_osw157.avif

23.94.207.213

404 Not Found

74 B

URL GET
schwab-abcd.top/static/index/theme1/image_1739780746815_osw157.avif
IP
23.94.207.213:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://schwab-abcd.top/us/
Certificate
IssuerLet's Encrypt
Subjectschwab-abcd.top
Fingerprint42:DA:03:DD:37:1D:4D:BB:23:C2:CB:BD:B9:BC:4A:27:88:5A:F2:40
ValidityTue, 17 Jun 2025 10:48:49 GMT - Mon, 15 Sep 2025 10:48:48 GMT

File type
ASCII text, with no line terminators
Size
74 B (74 bytes)
Hash
49b6a4d9fbfdd7f28d6aab0ca47d4f3c
ba7776bd78ba330bf7f9282e7ba9f66eecab4f6e
f72742bd9209fab9279417668bc31ca875c31e0fd2706264f11b7caeae7737ce

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/index/theme1/image_1739780746815_osw157.avif HTTP/1.1
Host: schwab-abcd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx/1.26.3
date: Tue, 17 Jun 2025 15:21:22 GMT
content-type: text/html
content-length: 74
etag: "6836fc70-4a"
X-Firefox-Spdy: h2

GET schwab-abcd.top/static/picture/image_1739780746822_bz7efz.png

23.94.207.213

200 OK

2.2 kB

URL GET
schwab-abcd.top/static/picture/image_1739780746822_bz7efz.png
IP
23.94.207.213:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://schwab-abcd.top/us/
Certificate
IssuerLet's Encrypt
Subjectschwab-abcd.top
Fingerprint42:DA:03:DD:37:1D:4D:BB:23:C2:CB:BD:B9:BC:4A:27:88:5A:F2:40
ValidityTue, 17 Jun 2025 10:48:49 GMT - Mon, 15 Sep 2025 10:48:48 GMT

File type
PNG image data, 55 x 75, 8-bit colormap, non-interlaced
Size
2.2 kB (2162 bytes)
Hash
fb404a70898a8dff1a59a940dd585755
4387d487c575cbb497f31173effcb3d9facf0bcd
4830da4663df1df4622da827ffd31cb52325c3e572dcc1a64151862df4401405

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/picture/image_1739780746822_bz7efz.png HTTP/1.1
Host: schwab-abcd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.26.3
date: Tue, 17 Jun 2025 15:21:22 GMT
content-type: image/png
content-length: 2162
etag: "682f71fc-872"
strict-transport-security: max-age=31536000
last-modified: Wed, 21 Oct 2020 07:28:00 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET schwab-abcd.top/static/css/style_1739780746814_wuur8v.css

23.94.207.213

200 OK

4.4 kB

URL GET
schwab-abcd.top/static/css/style_1739780746814_wuur8v.css
IP
23.94.207.213:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://schwab-abcd.top/us/
Certificate
IssuerLet's Encrypt
Subjectschwab-abcd.top
Fingerprint42:DA:03:DD:37:1D:4D:BB:23:C2:CB:BD:B9:BC:4A:27:88:5A:F2:40
ValidityTue, 17 Jun 2025 10:48:49 GMT - Mon, 15 Sep 2025 10:48:48 GMT

File type
ASCII text, with very long lines (4370), with no line terminators
Size
4.4 kB (4370 bytes)
Hash
ca631242f7f6eba202099defeb185428
a3efa0638387539c50f3d3af29a8a3366d6fcde0
298e25889afa687fe9812d2e6839018c9b9f3d7187fc8be11ceb66ad60d79569

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/css/style_1739780746814_wuur8v.css HTTP/1.1
Host: schwab-abcd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.26.3
date: Tue, 17 Jun 2025 15:21:22 GMT
content-type: text/css
vary: Accept-Encoding
etag: W/"682f71f6-1112"
strict-transport-security: max-age=31536000
last-modified: Wed, 21 Oct 2020 07:28:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

GET schwab-abcd.top/static/css/style_1739780746815_py8mea.css

23.94.207.213

200 OK

1.6 kB

URL GET
schwab-abcd.top/static/css/style_1739780746815_py8mea.css
IP
23.94.207.213:443
ASN
#36352 AS-COLOCROSSING

Requested by
https://schwab-abcd.top/us/
Certificate
IssuerLet's Encrypt
Subjectschwab-abcd.top
Fingerprint42:DA:03:DD:37:1D:4D:BB:23:C2:CB:BD:B9:BC:4A:27:88:5A:F2:40
ValidityTue, 17 Jun 2025 10:48:49 GMT - Mon, 15 Sep 2025 10:48:48 GMT

File type
ASCII text, with very long lines (1619), with no line terminators
Size
1.6 kB (1619 bytes)
Hash
643f75c3c7aed871a5bc42b1df005fb3
8c3738eb7d0f5c8365a2b1c3b31c462430bd34d6
d1816fde061564835e17cafddb5f624ebd5ad78a4fa5bdd047a4750f6df6996d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/css/style_1739780746815_py8mea.css HTTP/1.1
Host: schwab-abcd.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.26.3
date: Tue, 17 Jun 2025 15:21:22 GMT
content-type: text/css
vary: Accept-Encoding
etag: W/"682f71f6-653"
strict-transport-security: max-age=31536000
last-modified: Wed, 21 Oct 2020 07:28:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (1)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (31)

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET