Report - ref.az/2otz82e

Report Overview

Submitted URL
ref.az/2otz82e
IP
31.171.73.157
ASN
#200446 SELNET LLC
Submitted
2024-04-17 06:21:13
Access
public
Website Title
account-v.ubpages.com/login-hr-supports/
Final URL
account-v.ubpages.com/login-hr-supports/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ref.az	unknown	unknown	2015-05-13	2024-04-11	468 B	434 B	31.171.73.157
account-v.ubpages.com	unknown	2015-12-14	2024-04-16	2024-04-17	1.3 kB	1.6 kB	104.18.41.137

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-16	medium	ref.az/2otz82e	Facebook, Inc.

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (4)

URL IP Response Size

ref.az/2otz82e

31.171.73.157

301 Moved Permanently

152 B

URL User Request GET HTTP/1.1
ref.az/2otz82e
IP
31.171.73.157:443
ASN
#200446 SELNET LLC

Certificate
IssuerLet's Encrypt
Subjectref.az
Fingerprint16:32:62:7B:DA:7F:28:FD:ED:1A:AF:E6:E6:80:08:80:C3:FE:24:27
ValiditySat, 13 Apr 2024 23:07:04 GMT - Fri, 12 Jul 2024 23:07:03 GMT

File type
HTML document, ASCII text, with no line terminators
Size
152 B (152 bytes)
Hash
520fe7d3c77ec12e8aeec7548a91d60d
6de802e59f9c2579e7d69edc7b96386358776dcd
cf80750246e751699b746a9df15c60f57acae75777cb4bb666ca7bd2e775ff2c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Facebook, Inc.

HTTP Headers

GET /2otz82e HTTP/1.1
Host: ref.az
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx/1.14.2
Date: Wed, 17 Apr 2024 06:20:49 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 152
Connection: keep-alive
Access-Control-Allow-Origin: *
Location: https://account-v.ubpages.com/login-hr-supports/
Vary: Accept

account-v.ubpages.com/login-hr-supports/

104.18.41.137

404 Not Found

47 B

URL User Request GET HTTP/1.1
account-v.ubpages.com/login-hr-supports/
IP
104.18.41.137:80
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
47 B (47 bytes)
Hash
f9ae9006943e3a67b95ca4c6c733b6d4
9f9e7a7e2602d29e4df8c38df6277ab37fb1b079
cd8b79123a843eee64985a23257e2fab80ef2c4c08427b688ea979671fc1c457

HTTP Headers

GET /login-hr-supports/ HTTP/1.1
Host: account-v.ubpages.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Wed, 17 Apr 2024 06:20:49 GMT
content-type: text/plain; charset=utf-8
content-length: 47
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=qNdhVKi9iE2WCQ5_b_ya02smX1p9SYneUCXTZGPyDTE-1713334849-1.0.1.1-UvClLw8nW0CjlpjZJOEa2tb_.HXoo7rEFQc2Lj7fjmBcdgHaw2.2a1j5pJJzIviFYYB4S7ndt03XI6ELHm7xtA; path=/; expires=Wed, 17-Apr-24 06:50:49 GMT; domain=.ubpages.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 875a4fb7bb798f60-CPH
X-Firefox-Spdy: h2

account-v.ubpages.com/login-hr-supports/

172.64.146.119

404 Not Found

47 B

URL User Request GET HTTP/1.1
account-v.ubpages.com/login-hr-supports/
IP
172.64.146.119:80
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
47 B (47 bytes)
Hash
f9ae9006943e3a67b95ca4c6c733b6d4
9f9e7a7e2602d29e4df8c38df6277ab37fb1b079
cd8b79123a843eee64985a23257e2fab80ef2c4c08427b688ea979671fc1c457

HTTP Headers

GET /login-hr-supports/ HTTP/1.1
Host: account-v.ubpages.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Wed, 17 Apr 2024 06:20:49 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 47
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=glUm.88YlMBXtKUk2.YtR_1q4RVSASDVVGvnZDWLyWQ-1713334849-1.0.1.1-hVER5Z9rpo1i9Lz211vcLGADAvXoP9FP7ipXmUelIMDGkjGD8Us3BaXeNZx.bU6NW3ZwkYuGI91.GhwM4OO9Eg; path=/; expires=Wed, 17-Apr-24 06:50:49 GMT; domain=.ubpages.com; HttpOnly; SameSite=None
Server: cloudflare
CF-RAY: 875a4fb92d488f64-CPH

account-v.ubpages.com/favicon.ico

172.64.146.119

404 Not Found

47 B

URL GET HTTP/1.1
account-v.ubpages.com/favicon.ico
IP
172.64.146.119:80
ASN
#13335 CLOUDFLARENET

Requested by
http://account-v.ubpages.com/login-hr-supports/

File type
ASCII text, with no line terminators
Size
47 B (47 bytes)
Hash
f9ae9006943e3a67b95ca4c6c733b6d4
9f9e7a7e2602d29e4df8c38df6277ab37fb1b079
cd8b79123a843eee64985a23257e2fab80ef2c4c08427b688ea979671fc1c457

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: account-v.ubpages.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://account-v.ubpages.com/login-hr-supports/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Wed, 17 Apr 2024 06:20:49 GMT
Content-Type: text/html
Content-Length: 47
Connection: keep-alive
Set-Cookie: __cf_bm=P2dgdQLffEKw5gi3M2_w1Tu8C0vYzj50YoJRbluEQOc-1713334849-1.0.1.1-RGN11DWEeC0ojhq9bJAOUyK9SZKZungAVENtVvrkzPgniaIcJOLxaH0hXxHssZEpwSxcA6Bh1jecsg1yGViSFg; path=/; expires=Wed, 17-Apr-24 06:50:49 GMT; domain=.ubpages.com; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 875a4fba6f778f64-CPH

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (4)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

HTTP Headers