Report - www.eastbaytimes.com/2023/05/24/ghost-ship-artist-warehouse-where-dozens-died-in-fire-razed-what-will-happen-to-the-site/

Report Overview

URL

www.eastbaytimes.com/2023/05/24/ghost-ship-artist-warehouse-where-dozens-died-in-fire-razed-what-will-happen-to-the-site/
IP

192.0.66.2

ASN

#2635 AUTOMATTIC
Submitted

2023-06-06T05:27:24Z

Access

public
Tags

None
urlquery detections

No alerts detected

Detections

urlquery

0
Network Intrusion Detection

2
Threat Detection Systems

0

Domain Summary

Domain	Rank	First Seen	Last Seen	Sent	Received	IP
stats.wp.com (1)	2711	2017-01-30 06:06:59	2023-06-06 05:11:12	405	15442	192.0.76.3
cdn.confiant-integrations.net (2)	unknown	2022-09-15 11:38:48	2023-06-05 09:50:04	924	116185	104.18.34.10
loader-cdn.azureedge.net (1)	26462	2018-09-17 08:53:08	2023-06-02 21:34:04	483	1067	152.199.21.175
play.google.com (2)	34	2013-05-31 01:24:35	2023-06-06 06:24:40	1065	1599	142.250.74.14
ocsp.pki.goog (12)	175	2018-07-01 08:43:07	2023-06-06 05:09:25	3996	8388	142.250.74.3
ocsp.r2m01.amazontrust.com (3)	unknown	2022-10-12 22:43:53	2023-06-06 05:11:06	1020	2825	54.230.80.227
assets.bloom.li (1)	639360	2016-08-16 11:55:49	2023-01-11 06:38:17	440	6450	68.183.140.118
prod-dfm-proxy-connext.azurewebsites.net (4)	62823	2020-07-30 17:17:58	2023-05-30 06:01:37	3539	340111	13.85.16.224
htlbid.com (2)	19338	2018-09-20 10:39:57	2023-06-05 15:26:43	879	415271	54.230.111.129
pixel.wp.com (1)	2545	2017-01-30 06:31:40	2023-06-06 05:11:14	583	239	192.0.76.3
fonts.gstatic.com (8)	unknown	2014-09-09 02:40:21	2023-06-06 05:16:53	4328	274721	216.58.207.227
ib.adnxs.com (1)	241	2012-05-20 21:01:49	2023-06-06 05:11:27	489	1171	185.89.210.90
www.googletagmanager.com (4)	75	2013-05-22 04:07:37	2023-06-06 05:15:50	1760	529843	142.250.74.168
geo.privacymanager.io (2)	1624	2020-06-25 10:24:46	2023-06-05 10:24:48	1019	1506	54.230.111.114
ams-pageview-public.s3.amazonaws.com (1)	21680	2020-11-02 08:47:46	2023-06-05 14:23:15	468	446	52.216.110.243
launchpad.privacymanager.io (1)	162877	2021-04-06 15:23:01	2023-06-05 10:24:48	432	26796	54.230.111.100
www.eastbaytimes.com (30)	161369	2016-04-05 19:50:53	2023-03-24 08:04:12	18735	1644192	192.0.66.2
polyfill.io (1)	102644	2016-02-12 01:04:58	2023-06-06 05:31:35	2255	1035	151.101.129.26
cdn.viafoura.net (1)	11183	2017-02-06 17:50:47	2023-06-05 11:41:39	422	35620	54.230.111.80
session.eastbaytimes.com (2)	737841	2022-08-29 00:20:43	2023-03-12 22:01:43	1138	634	35.82.188.68
cdn.czx5eyk0exbhwp43ya.biz (10)	71522	2018-10-01 23:36:32	2023-06-02 21:34:05	4524	215036	152.199.21.175
s3.amazonaws.com (1)	unknown	2020-05-13 22:53:44	2023-06-02 01:23:27	454	3303	52.217.1.158
ams-depr-public.s3.amazonaws.com (1)	85093	2020-10-29 14:49:32	2023-05-23 03:44:07	477	421	54.231.201.97
ciscobinary.openh264.org (1)	40822	2014-10-07 07:43:56	2023-06-06 05:11:28	295	512299	62.115.252.113
cmp.osano.com (2)	8763	2019-10-16 16:51:22	2023-06-05 08:54:24	968	85972	54.230.111.79
p192.eastbaytimes.com (20)	485348	2021-06-04 14:58:04	2023-03-12 22:01:43	21194	375904	54.230.111.41
api.viafoura.co (1)	11516	2016-08-30 16:32:43	2023-06-05 13:37:33	530	7732	54.196.113.191
extras.bayareanewsgroup.com (1)	829184	2017-02-21 17:40:05	2023-01-06 08:20:54	533	0	0.0.0.0
ocsp.globalsign.com (2)	2075	2012-07-20 19:46:16	2023-06-06 05:09:12	716	3839	104.18.21.226
prodmg2.blob.core.windows.net (1)	54910	2017-06-26 22:13:16	2023-05-17 03:46:25	447	147034	20.60.62.4
cdn.p-n.io (1)	4482	2018-07-31 19:39:34	2023-06-05 11:30:30	469	307743	54.230.111.6
ocsp.r2m02.amazontrust.com (2)	unknown	2022-10-12 16:01:39	2023-06-06 05:10:15	680	1884	54.230.80.227
uploads.bloom.li (1)	634587	2016-09-30 22:19:06	2023-01-11 06:38:17	465	167307	68.183.140.118
cdn.auth0.com (1)	9952	2017-04-20 21:55:03	2023-06-05 13:54:25	454	108406	54.230.82.48
accounts.google.com (4)	81	2016-03-20 13:44:49	2023-06-06 06:55:20	2232	321850	142.250.74.45
fonts.googleapis.com (3)	8877	2013-06-10 22:14:26	2023-06-06 05:50:59	1649	22324	142.250.74.106
az416426.vo.msecnd.net (2)	1935	2014-02-09 16:03:31	2023-06-05 10:11:43	856	46466	152.199.19.161
embed.bloom.li (1)	560565	2019-08-19 22:49:12	2023-01-11 06:38:16	559	2712	68.183.140.118
launchpad-wrapper.privacymanager.io (1)	182103	2021-04-06 15:23:00	2023-06-05 10:24:48	475	3075	54.230.111.68
g2insights-cdn.azureedge.net (1)	31852	2018-09-06 20:59:12	2023-06-02 08:41:38	430	222551	152.199.21.175
fp-cdn.azureedge.net (1)	31202	2018-09-17 08:53:16	2023-06-02 08:41:38	421	20391	152.199.21.175
cdn.pranmcpkx.com (2)	unknown	2022-10-31 06:45:01	2023-06-02 21:34:06	828	5984	152.199.21.175
cdn.jsdelivr.net (2)	439	2012-09-30 02:15:09	2023-06-06 06:20:20	1050	100838	151.101.193.229
ajax.googleapis.com (1)	12905	2013-08-16 11:51:31	2023-06-06 06:53:08	447	32005	142.250.74.42
api-mg2.db-ip.com (1)	26346	2018-06-23 12:10:10	2023-06-02 21:34:09	499	1300	104.26.4.15
paywall-ad-bucket.s3.amazonaws.com (1)	43255	2019-10-17 17:07:35	2023-06-02 21:34:06	451	1034	52.217.199.153
aus5.mozilla.org (1)	2548	2015-10-27 08:06:24	2023-06-06 05:11:28	513	1205	35.244.181.201

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-06-06T05:27:02Z	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .biz TLD
2023-06-06T05:27:02Z	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .biz TLD

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL

ciscobinary.openh264.org/openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
IP

62.115.252.113
ASN

#1299 Telia Company AB

File type

Zip archive data, at least v2.0 to extract, compression method=deflate\012- data

Size

511815
Hash

152eda253e242e18443ef3282495bc7c

ff0fa85565f21ec4931baad4573b4c0bd08c4019

8e03090fee16f6e0ee2e436af8e51d0c3deed6d9f0db80dec048e668fc009a48

Detections

Analyzer	Verdict	Alert
VirusTotal	0/60	VirusTotal -

Report Overview

URL

IP

ASN

Submitted

Access

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Detections

JavaScript (271)

#1 JS:Script (size: 15946)

#2 JS:Script (size: 1585)

#3 JS:Script (size: 60264)

#4 JS:Script (size: 10)

#5 JS:Script (size: 134)

#6 JS:Script (size: 652)

#7 JS:Script (size: 490141)

#8 JS:Script (size: 2169)

#9 JS:Script (size: 24636)

#10 JS:Script (size: 448398)

#11 JS:Script (size: 564)

#12 JS:Script (size: 14)

#13 JS:Script (size: 603)

#14 JS:Script (size: 14725)

#15 JS:Script (size: 4691)

#16 JS:Script (size: 7496)

#17 JS:Script (size: 871)

#18 JS:Script (size: 101)

#19 JS:Script (size: 230796)

#20 JS:Script (size: 307204)

#21 JS:Script (size: 162)

#22 JS:Script (size: 794)

#23 JS:Script (size: 37)

#24 JS:Script (size: 3189)

#25 JS:Script (size: 229303)

#26 JS:Script (size: 184)

#27 JS:Script (size: 81)

#28 JS:Script (size: 146402)

#29 JS:Script (size: 253028)

#30 JS:Script (size: 195151)

#31 JS:Script (size: 8793)

#32 JS:Script (size: 42521)

#33 JS:Script (size: 33)

#34 JS:Script (size: 50)

#35 JS:Script (size: 147)

#36 JS:Script (size: 34944)

#37 JS:Script (size: 553)

#38 JS:Script (size: 524048)

#39 JS:Script (size: 136)

#40 JS:Script (size: 2309)

#41 JS:Script (size: 0)

#42 JS:Script (size: 79)

#43 JS:Script (size: 148)

#44 JS:Script (size: 65577)

#45 JS:Script (size: 573049)

#46 JS:Script (size: 154901)

#47 JS:Script (size: 361)

#48 JS:Script (size: 3583)