Report - pub-994f7c8769694f4087dc469e71a10374.r2.dev/sa.html#microsoft@google.com

Report Overview

Submitted URL
pub-994f7c8769694f4087dc469e71a10374.r2.dev/sa.html#microsoft@google.com
IP
104.18.2.35
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-16 05:16:39
Access
public
Website Title
pub-994f7c8769694f4087dc469e71a10374.r2.dev/sa.html#microsoft@google.com
Final URL
pub-994f7c8769694f4087dc469e71a10374.r2.dev/sa.html#microsoft@google.com
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
logo.clearbit.com	27344	2003-07-04	2015-06-30	2024-04-14	453 B	6.2 kB	54.230.111.107
pub-994f7c8769694f4087dc469e71a10374.r2.dev	unknown	unknown	No data	No data	1.5 kB	37 kB	104.18.2.35
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-04-15	459 B	28 kB	104.17.25.14
google.com	1	1997-09-15	2013-10-02	2024-04-15	526 B	1.0 kB	216.58.207.206
www.google.com	7	1997-09-15	2015-05-10	2024-03-23	530 B	7.1 kB	216.58.211.4

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (2)

	URL	Size	First Seen	Last Seen
	pub-994f7c8769694f4087dc469e71a10374.r2.dev/sa.html#microsoft@google.com	0 B	2023-03-07	2024-04-29
Pretty URL pub-994f7c8769694f4087dc469e71a10374.r2.dev/sa.html#microsoft@google.com IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-29 19:10:53 Times Seen37186958 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js	87 kB	2023-03-07	2024-04-29
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-29 19:10:47 Times Seen106911 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

HTTP Transactions (7)

	URL	IP	Response	Size
	pub-994f7c8769694f4087dc469e71a10374.r2.dev/sa.html	104.18.2.35		4.3 kB
URL pub-994f7c8769694f4087dc469e71a10374.r2.dev/sa.html IP 104.18.2.35:0 ASN #13335 CLOUDFLARENET File type JavaScript source, ASCII text, with CRLF line terminators Size 4.3 kB (4273 bytes) Hash 2a959ae65d903520477414b8f319648b f8cf589f7d575a6003512e973e39358290407d6f f8ecdd2647c57dc8284e97cc29c1107233d8aa41154849c1253d46f229504ac0 HTTP Headers `GET /sa.html HTTP/1.1 Host: pub-994f7c8769694f4087dc469e71a10374.r2.dev User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Tue, 16 Apr 2024 05:16:14 GMT Content-Type: text/html Content-Length: 4273 Connection: keep-alive Accept-Ranges: bytes ETag: "2a959ae65d903520477414b8f319648b" Last-Modified: Thu, 11 Apr 2024 17:07:34 GMT Vary: Accept-Encoding Server: cloudflare CF-RAY: 8751b3bc1f2c56be-OSL`

	cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js	104.17.25.14	200 OK	27 kB
URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js IP 104.17.25.14:443 ASN #13335 CLOUDFLARENET Requested by https://pub-994f7c8769694f4087dc469e71a10374.r2.dev/sa.html#microsoft@google.com Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (65451) Size 27 kB (27433 bytes) Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef HTTP Headers `GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pub-994f7c8769694f4087dc469e71a10374.r2.dev/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Tue, 16 Apr 2024 05:16:14 GMT content-type: application/javascript; charset=utf-8 content-length: 27433 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "5eb03ec4-1538f" last-modified: Mon, 04 May 2020 16:11:48 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 2892129 expires: Sun, 06 Apr 2025 05:16:14 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JW%2FDTSU8M5cAYD3f424u37f%2FZxzAmtnCnqCbwLIGTFbDypPucXhetSj1npwcNm2sRigoTTenkQab3akbLljRii3YVzjV0fapubzgfqr0HKBl4WLOIifjDcPqWj0D%2BKzm%2FQujHQ5v"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 8751b3c0482db51b-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	google.com/	216.58.207.206	301 Moved Permanently	220 B
URL GET HTTP/2 google.com/ IP 216.58.207.206:443 ASN #15169 GOOGLE Requested by https://pub-994f7c8769694f4087dc469e71a10374.r2.dev/sa.html#microsoft@google.com Certificate IssuerGoogle Trust Services LLC Subject.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT File type HTML document, ASCII text, with CRLF, LF line terminators Size 220 B (220 bytes) Hash 276bbb20c29087e88db63899fd8f9129 b52854d1f79de5ebeebf0160447a09c7a8c2cde4 5b61b0c2032b4aa9519d65cc98c6416c12415e02c7fbbaa1be5121dc75162edb HTTP Headers GET / HTTP/1.1 Host: google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pub-994f7c8769694f4087dc469e71a10374.r2.dev/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 301 Moved Permanently location: https://www.google.com/ content-type: text/html; charset=UTF-8 content-security-policy-report-only: object-src 'none';base-uri 'self';script-src 'nonce-wLwvbXehOP-PR1-qIfoSyw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp cross-origin-opener-policy: same-origin-allow-popups; report-to="gws" report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} date: Tue, 16 Apr 2024 05:16:14 GMT expires: Thu, 16 May 2024 05:16:14 GMT cache-control: public, max-age=2592000 server: gws content-length: 220 x-xss-protection: 0 x-frame-options: SAMEORIGIN alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	pub-994f7c8769694f4087dc469e71a10374.r2.dev/favicon.ico	104.18.2.35	404 Not Found	27 kB
URL GET HTTP/1.1 pub-994f7c8769694f4087dc469e71a10374.r2.dev/favicon.ico IP 104.18.2.35:443 ASN #13335 CLOUDFLARENET Requested by https://pub-994f7c8769694f4087dc469e71a10374.r2.dev/sa.html#microsoft@google.com Certificate IssuerLet's Encrypt Subject.r2.dev Fingerprint48:74:F0:98:E0:A1:57:3E:86:18:BF:B3:DC:C9:7A:5B:53:50:FE:E0 ValidityFri, 05 Apr 2024 15:25:24 GMT - Thu, 04 Jul 2024 15:25:23 GMT File type HTML document, ASCII text, with very long lines (611) Size 27 kB (27242 bytes) Hash df3d48946e8d3f5a83608308edbb4b86 47b9c40c97abf2658df96b1c06109324e15e1a00 570a6631252b8a52df4de0e953ae77dbdf524dfc3637cda2840494a0d2b49499 HTTP Headers `GET /favicon.ico HTTP/1.1 Host: pub-994f7c8769694f4087dc469e71a10374.r2.dev User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pub-994f7c8769694f4087dc469e71a10374.r2.dev/sa.html Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 404 Not Found Date: Tue, 16 Apr 2024 05:16:15 GMT Content-Type: text/html Content-Length: 27242 Connection: keep-alive Vary: Accept-Encoding Server: cloudflare CF-RAY: 8751b3c17b0d56be-OSL`

	www.google.com/	216.58.211.4	200 OK	5.8 kB
URL GET HTTP/2 www.google.com/ IP 216.58.211.4:443 ASN #15169 GOOGLE Requested by https://pub-994f7c8769694f4087dc469e71a10374.r2.dev/sa.html#microsoft@google.com Certificate IssuerGoogle Trust Services LLC Subjectwww.google.com FingerprintCC:CC:99:46:65:6C:77:0B:C8:AA:AD:5E:58:B6:2D:19:B2:C7:0B:06 ValidityMon, 04 Mar 2024 07:19:07 GMT - Mon, 27 May 2024 07:19:06 GMT File type data Size 5.8 kB (5761 bytes) Hash 98786b92061fb73e90b3e7deb14701a2 e86c22bd8235bccc7f2bb16169654631ca0c9b59 c99550a8423d9ad8e0e6b5f3db0d916751168d4713cee9c1da749d37b0bfd756 HTTP Headers GET / HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://pub-994f7c8769694f4087dc469e71a10374.r2.dev/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Tue, 16 Apr 2024 05:16:15 GMT expires: -1 cache-control: private, max-age=0 content-type: text/html; charset=UTF-8 strict-transport-security: max-age=31536000 content-security-policy-report-only: object-src 'none';base-uri 'self';script-src 'nonce-p4dmJHUZqN6oSTUKQuIqWQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp cross-origin-opener-policy: same-origin-allow-popups; report-to="gws" report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]} p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." content-encoding: br server: gws content-length: 71699 x-xss-protection: 0 x-frame-options: SAMEORIGIN set-cookie: AEC=AQTF6HwYJQj210Ks5OKZm_UtT-KPu46zBd3EE7_trWT5vHYl-yyF46rDTyU; expires=Sun, 13-Oct-2024 05:16:15 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax __Secure-ENID=18.SE=OVN7wOyM3Q8uv-GYlFQhwanImDFIqBnrtywapeUol3bg3U3zaaOtgUpYnYnqf_T9I2i4KHXI7iBqoliWp9SpWEqAfTYnQ2kT1K5Eh20ihjdm_5qX7G3rEgr_9n6VeR_WlI1wXMqnpAhHi-Vcq_Y8NOwl2ZkIzG9eYn4hx5z0RsPD7Pr9PyXt2LkF8w; expires=Fri, 16-May-2025 21:34:33 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	logo.clearbit.com/google.com	54.230.111.107	200 OK	5.6 kB
URL GET HTTP/2 logo.clearbit.com/google.com IP 54.230.111.107:443 ASN #16509 AMAZON-02 Requested by https://pub-994f7c8769694f4087dc469e71a10374.r2.dev/sa.html#microsoft@google.com Certificate IssuerAmazon Subjectclearbit.com FingerprintCE:16:94:BB:21:1F:D1:5C:C5:B1:B0:D0:51:6C:C5:26:30:0D:59:72 ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT File type PNG image data, 125 x 128, 8-bit/color RGBA, non-interlaced Size 5.6 kB (5633 bytes) Hash db758b257c360266b742d0a8f09ffba4 b224cd1758e1339781188997c858df755caf47c7 e517b004537e2485bcd2dffac8846db446ace766224d7cecec24602437a8950a HTTP Headers `GET /google.com HTTP/1.1 Host: logo.clearbit.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://pub-994f7c8769694f4087dc469e71a10374.r2.dev/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: image/png access-control-allow-origin: * cache-control: public, max-age=2592000 date: Mon, 08 Apr 2024 06:03:12 GMT x-envoy-response-flags: - server: Clearbit strict-transport-security: max-age=63072000; includeSubDomains; preload x-content-type-options: nosniff x-cache: Hit from cloudfront via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: fBgvokQH5PMLxcsyZp0qLIbzpAee-uqSM6E4TVH_SMnJb2BuIahvoA== age: 688382 X-Firefox-Spdy: h2

	pub-994f7c8769694f4087dc469e71a10374.r2.dev/sa.html	104.18.2.35	200 OK	4.3 kB
URL User Request GET HTTP/1.1 pub-994f7c8769694f4087dc469e71a10374.r2.dev/sa.html IP 104.18.2.35:443 ASN #13335 CLOUDFLARENET Certificate IssuerLet's Encrypt Subject.r2.dev Fingerprint48:74:F0:98:E0:A1:57:3E:86:18:BF:B3:DC:C9:7A:5B:53:50:FE:E0 ValidityFri, 05 Apr 2024 15:25:24 GMT - Thu, 04 Jul 2024 15:25:23 GMT File type JavaScript source, ASCII text, with very long lines (4993), with no line terminators Size 4.3 kB (4273 bytes) Hash a9ccbe1884eeba4a5978fd1866d6c746 c9cc718604bc09d5324102b28d9f46532000c5f6 928ecb35e94829c579c52aad00eba731829ec40c83bdac7067a36b2106310a5e HTTP Headers `GET /sa.html HTTP/1.1 Host: pub-994f7c8769694f4087dc469e71a10374.r2.dev User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Tue, 16 Apr 2024 05:16:14 GMT Content-Type: text/html Content-Length: 4273 Connection: keep-alive Accept-Ranges: bytes ETag: "2a959ae65d903520477414b8f319648b" Last-Modified: Thu, 11 Apr 2024 17:07:34 GMT Vary: Accept-Encoding Server: cloudflare CF-RAY: 8751b3bc1f2c56be-OSL`

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (7)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate