Report - uslogii-upheld.github.io/

Report Overview

Submitted URL
uslogii-upheld.github.io/
IP
185.199.109.153
ASN
#54113 FASTLY
Submitted
2023-06-01 22:54:42
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
res.cloudinary.com	2520	2011-05-24	2012-10-03	2023-05-31	511 B	28 kB	104.19.167.65
uslogii-upheld.github.io	unknown	unknown	2023-01-19	2023-04-16	481 B	2.7 kB	185.199.111.153
ocsp.r2m02.amazontrust.com	unknown	2007-05-11	2022-10-12	2023-05-31	340 B	942 B	54.230.80.227
cdn.imweb.me	385672	2016-05-12	2017-09-27	2023-05-31	455 B	1.2 MB	54.230.111.119

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-06-01	medium	uslogii-upheld.github.io/

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (4)

URL IP Response Size

uslogii-upheld.github.io/

185.199.111.153

200 OK

1.9 kB

URL User Request GET HTTP/2
uslogii-upheld.github.io/
IP
185.199.111.153:443
ASN
#54113 FASTLY

Certificate
IssuerDigiCert Inc
Subject*.github.io
FingerprintA1:46:14:C7:2A:1D:52:79:F6:AA:2B:B2:C5:0A:3B:D3:F5:02:06:75
ValidityTue, 21 Feb 2023 00:00:00 GMT - Wed, 20 Mar 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (530)
Size
1.9 kB (1924 bytes)
Hash
b9cd8dcff86da413dbe0b424be019709
bf1cfacdf2ddaad52d34a92300bbff3c0f11ad2c
c9d6e59515370d121a7277af47a400773b53d18321e5a91b49da7d2040f91a90

Detections

Analyzer	Verdict	Alert
openphish	Uphold

HTTP Headers

GET / HTTP/1.1
Host: uslogii-upheld.github.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: GitHub.com
content-type: text/html; charset=utf-8
permissions-policy: interest-cohort=()
last-modified: Thu, 19 Jan 2023 12:01:30 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: W/"63c9311a-1362"
expires: Thu, 01 Jun 2023 23:04:24 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: B2C0:4F2A:2A84718:2BD86EB:6479219F
accept-ranges: bytes
date: Thu, 01 Jun 2023 22:54:24 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1654-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1685660065.859537,VS0,VE122
vary: Accept-Encoding
x-fastly-request-id: c0af251c601716c2414b4039034116c3fe634dce
content-length: 1924
X-Firefox-Spdy: h2

ocsp.r2m02.amazontrust.com/

54.230.80.227

471 B

URL
ocsp.r2m02.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
596813151a01736a28a3a1188fdd7a52
5424c3821a1ce47a7fd31e26ca184ab6c04a334c
0434a4c5ebc1e110e9e16d152512f6581c37488e030653fcb3995dd099163ee5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Thu, 01 Jun 2023 22:54:25 GMT
Last-Modified: Thu, 01 Jun 2023 21:50:42 GMT
Server: ECAcc (dcb/7339)
X-Cache: Miss from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: JDGiJHgjbK3QscjdDORhKQwCDlcwqfDkHAPHaRSrHFw5HSL0dN0VGA==
Age: 3823

cdn.imweb.me/thumbnail/20221210/fcb879c800143.png

54.230.111.119

200 OK

1.2 MB

URL GET HTTP/2
cdn.imweb.me/thumbnail/20221210/fcb879c800143.png
IP
54.230.111.119:443
ASN
#16509 AMAZON-02

Requested by
https://uslogii-upheld.github.io/
Certificate
IssuerAmazon
Subject*.imweb.me
FingerprintA7:64:61:AC:52:1B:BA:63:EB:74:EA:88:D3:BE:47:98:F3:28:70:8F
ValidityMon, 27 Feb 2023 00:00:00 GMT - Fri, 15 Dec 2023 23:59:59 GMT

File type
PNG image data, 1440 x 907, 8-bit/color RGBA, non-interlaced\012- data
Size
1.2 MB (1242224 bytes)
Hash
5051d86dc134944a7869fad6e76c9133
1ff35c38a5a39631b3b6349bce531a6f547f534b
fa57269778ece988e12d4a331acce85ba077e6b72306ca73534e8aeea1ade781

HTTP Headers

GET /thumbnail/20221210/fcb879c800143.png HTTP/1.1
Host: cdn.imweb.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uslogii-upheld.github.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png; charset=utf-8
content-length: 1242224
date: Thu, 01 Jun 2023 11:39:07 GMT
last-modified: Fri, 09 Dec 2022 18:11:13 GMT
etag: "5051d86dc134944a7869fad6e76c9133"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5k9Vjo7kknZir6zeZTibQ9kasp2B6ixIJvTKyb6jmsrcStyWaQ6Ejg==
age: 40518
X-Firefox-Spdy: h2

res.cloudinary.com/crunchbase-production/image/upload/c_lpad,f_auto,q_auto:eco,dpr_1/ccd09ta6znybbrtzygvh

104.19.167.65

200 OK

28 kB

URL GET HTTP/2
res.cloudinary.com/crunchbase-production/image/upload/c_lpad,f_auto,q_auto:eco,dpr_1/ccd09ta6znybbrtzygvh
IP
104.19.167.65:443
ASN
#13335 CLOUDFLARENET

Requested by
https://uslogii-upheld.github.io/
Certificate
IssuerGoDaddy.com, Inc.
Subject*.cloudinary.com
FingerprintF5:B1:15:1F:A9:D1:5B:24:6C:83:24:66:0B:8D:FE:78:DE:96:D7:2B
ValidityMon, 30 May 2022 06:40:39 GMT - Sat, 01 Jul 2023 06:40:39 GMT

File type
ISO Media, AVIF Image\012- data
Size
28 kB (27663 bytes)
Hash
78cc8413037835dc163e2d9f7b7e1c2b
ea859935b2e477c6d851bc6f760fa45844478d77
5f551e2d3a9092463d99a728e7392680081f1f9a81341f3ddcf106ca7b74412f

HTTP Headers

GET /crunchbase-production/image/upload/c_lpad,f_auto,q_auto:eco,dpr_1/ccd09ta6znybbrtzygvh HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uslogii-upheld.github.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 01 Jun 2023 22:54:25 GMT
content-type: image/avif
content-length: 27663
cf-ray: 7d0b09d28995b503-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: private, no-transform, immutable, max-age=31536000
etag: "78cc8413037835dc163e2d9f7b7e1c2b"
last-modified: Thu, 01 Dec 2022 21:02:30 GMT
strict-transport-security: max-age=604800
vary: Accept,User-Agent, Accept-Encoding
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
server-timing: cld-cloudflare;dur=276;start=2023-06-01T22:54:25.691Z;desc=miss,rtt;dur=1;cloudinary;dur=54;start=2023-06-01T22:54:25.761Z
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (4)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers