dangerous-attachment.zip
Open in
urlscan Pro
188.114.96.3
Public Scan
Effective URL: https://dangerous-attachment.zip/
Submission: On April 21 via api from LU — Scanned from NL
Summary
TLS certificate: Issued by GTS CA 1P5 on March 4th 2024. Valid for: 3 months.
This is the only time dangerous-attachment.zip was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 188.114.96.3 188.114.96.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:80b::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 104.17.25.14 104.17.25.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 192.229.133.221 192.229.133.221 | 15133 (EDGECAST) (EDGECAST) | |
3 | 104.16.89.20 104.16.89.20 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:82b::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 172.67.158.24 172.67.158.24 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 104.26.12.205 104.26.12.205 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:50c0:800... 2606:50c0:8002::154 | 54113 (FASTLY) (FASTLY) | |
15 | 9 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 320 |
11 KB |
3 |
dangerous-attachment.zip
dangerous-attachment.zip |
4 KB |
2 |
threathorizon.org
analytics.threathorizon.org |
23 KB |
2 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231 |
82 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33 ajax.googleapis.com — Cisco Umbrella Rank: 363 |
31 KB |
1 |
githubusercontent.com
avatars.githubusercontent.com — Cisco Umbrella Rank: 9053 |
13 KB |
1 |
ipify.org
api.ipify.org — Cisco Umbrella Rank: 2959 |
156 B |
1 |
w3schools.com
www.w3schools.com — Cisco Umbrella Rank: 18448 |
5 KB |
15 | 8 |
Domain | Requested by | |
---|---|---|
3 | cdn.jsdelivr.net |
dangerous-attachment.zip
cdn.jsdelivr.net |
3 | dangerous-attachment.zip |
dangerous-attachment.zip
|
2 | analytics.threathorizon.org |
dangerous-attachment.zip
analytics.threathorizon.org |
2 | cdnjs.cloudflare.com |
dangerous-attachment.zip
cdnjs.cloudflare.com |
1 | avatars.githubusercontent.com | |
1 | api.ipify.org |
ajax.googleapis.com
|
1 | ajax.googleapis.com |
dangerous-attachment.zip
|
1 | www.w3schools.com |
dangerous-attachment.zip
|
1 | fonts.googleapis.com |
dangerous-attachment.zip
|
15 | 9 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
dangerous-attachment.zip GTS CA 1P5 |
2024-03-04 - 2024-06-02 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-03-18 - 2024-06-10 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-03 - 2024-07-02 |
a year | crt.sh |
*.w3schools.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-04-03 - 2025-05-04 |
a year | crt.sh |
threathorizon.org E1 |
2024-03-23 - 2024-06-21 |
3 months | crt.sh |
ipify.org GTS CA 1P5 |
2024-03-21 - 2024-06-19 |
3 months | crt.sh |
*.github.io DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-03-15 - 2025-03-14 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://dangerous-attachment.zip/
Frame ID: FDB13D2CE15B42FEACA9434690413723
Requests: 15 HTTP requests in this frame
Screenshot
Page Title
$./Dangerous-Attachment.zipPage URL History Show full URLs
-
http://dangerous-attachment.zip/
HTTP 307
https://dangerous-attachment.zip/ Page URL
Detected technologies
Font Awesome (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
- googleapis\.com/.+webfont
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
16 Outgoing links
These are links going to different origins than the main page.
Title: "Malware Bazaar"
Search URL Search Domain Scan URL
Title: "Malshare"
Search URL Search Domain Scan URL
Title: "VX-Underground"
Search URL Search Domain Scan URL
Title: "Virustotal"
Search URL Search Domain Scan URL
Title: "Hybrid-Analysis"
Search URL Search Domain Scan URL
Title: "Joe Sandbox"
Search URL Search Domain Scan URL
Title: "Sans Internet Stormcenter"
Search URL Search Domain Scan URL
Title: "Bleeping Computer Security"
Search URL Search Domain Scan URL
Title: "Dark Reading"
Search URL Search Domain Scan URL
Title: "Shodan"
Search URL Search Domain Scan URL
Title: "MXToolbox"
Search URL Search Domain Scan URL
Title: "OSINT Framework"
Search URL Search Domain Scan URL
Title: "Security Trails"
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://dangerous-attachment.zip/
HTTP 307
https://dangerous-attachment.zip/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
/
dangerous-attachment.zip/ Redirect Chain
|
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.css
dangerous-attachment.zip/assets/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
717 B 779 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ |
30 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
w3.css
www.w3schools.com/w3css/4/ |
23 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
run_prettify.js
cdn.jsdelivr.net/gh/google/code-prettify@master/loader/ |
18 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ |
85 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ip.js
dangerous-attachment.zip/assets/js/ |
124 B 582 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
matomo.js
analytics.threathorizon.org/ |
65 KB 22 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
api.ipify.org/ |
23 B 156 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ |
75 KB 76 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
lang-css.js
cdn.jsdelivr.net/gh/google/code-prettify@master/loader/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sunburst.css
cdn.jsdelivr.net/gh/google/code-prettify@master/loader/skins/ |
1016 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
matomo.php
analytics.threathorizon.org/ |
0 445 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
69230350
avatars.githubusercontent.com/u/ |
12 KB 13 KB |
Other
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| _paq function| topFunction function| $ function| jQuery boolean| PR_SHOULD_USE_CONTINUATION object| PR object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
dangerous-attachment.zip/ | Name: _pk_id.3.8944 Value: 4e38a80d687b892d.1713706411. |
|
dangerous-attachment.zip/ | Name: _pk_ses.3.8944 Value: 1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
analytics.threathorizon.org
api.ipify.org
avatars.githubusercontent.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
dangerous-attachment.zip
fonts.googleapis.com
www.w3schools.com
104.16.89.20
104.17.25.14
104.26.12.205
172.67.158.24
188.114.96.3
192.229.133.221
2606:50c0:8002::154
2a00:1450:4001:80b::200a
2a00:1450:4001:82b::200a
20dbbc9c1af31b716fa53753780bfd5c41454d2c707b594e12e4f6c539e90e28
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
44d2b7d5c53e3992df748eae60952e3159731f2f602304e281ed48be3b6f1e63
4aee8d7f8469f01edd9db774170b944ac0921ef88013938e030a11317c15a866
673ca723530d56e189145214464396ba584e7985d86578388e84808232cd2dd0
7285646ea1d6480a26b5c3d66f75edac636a664b9ef84bbd5fb63122065bb668
77d9907ca853ab885fd7a35a29faaf4206b8fe47347cd9c12391d64451ad6f37
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8a11186a34e2a498af1289eccc16036c110a771dcd74e8ab2b6dbde0a1ff9542
afe55302c644eef9f74c30c80bf0aa062c60e022b6d37e10ba7288c03d204464
b2b62d75d7fd844fb723ffda0339f53e47a1737595ae7ac92b5d82ed19a188d9
b39abd9035f703b76dfed940898d572b9864f676eb1912a9142f0639dca6b2ce
c4f2aba13970ecf8303fb9329f97c8824861569273b0aa27acce48abc61d04f5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855