urlscan.io logo urlscan.io
SecurityTrails logo

dangerous-attachment.zip Open in urlscan Pro
188.114.96.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://dangerous-attachment.zip/
Effective URL: https://dangerous-attachment.zip/
Submission: On April 21 via api from LU — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 8 domains to perform 15 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is dangerous-attachment.zip.
TLS certificate: Issued by GTS CA 1P5 on March 4th 2024. Valid for: 3 months.
This is the only time dangerous-attachment.zip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 188.114.96.3 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 104.17.25.14 13335 (CLOUDFLAR...)
1 192.229.133.221 15133 (EDGECAST)
3 104.16.89.20 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 172.67.158.24 13335 (CLOUDFLAR...)
1 104.26.12.205 13335 (CLOUDFLAR...)
1 2606:50c0:800... 54113 (FASTLY)
15 9
3    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
dangerous-attachment.zip
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    192.229.133.221 (United States)

ASN15133 (EDGECAST, US)
www.w3schools.com
3    104.16.89.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    172.67.158.24 (United States)

ASN13335 (CLOUDFLARENET, US)
analytics.threathorizon.org
1    104.26.12.205 (None, )

ASN13335 (CLOUDFLARENET, US)
api.ipify.org
1    2606:50c0:8002::154 (United States)

ASN54113 (FASTLY, US)
avatars.githubusercontent.com
Apex Domain
Subdomains		 Transfer
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 320
11 KB
3 dangerous-attachment.zip
dangerous-attachment.zip
4 KB
2 threathorizon.org
analytics.threathorizon.org
23 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
82 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
ajax.googleapis.com — Cisco Umbrella Rank: 363
31 KB
1 githubusercontent.com
avatars.githubusercontent.com — Cisco Umbrella Rank: 9053
13 KB
1 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2959
156 B
1 w3schools.com
www.w3schools.com — Cisco Umbrella Rank: 18448
5 KB
15 8
Domain Requested by
3 cdn.jsdelivr.net dangerous-attachment.zip
cdn.jsdelivr.net
3 dangerous-attachment.zip dangerous-attachment.zip
2 analytics.threathorizon.org dangerous-attachment.zip
analytics.threathorizon.org
2 cdnjs.cloudflare.com dangerous-attachment.zip
cdnjs.cloudflare.com
1 avatars.githubusercontent.com
1 api.ipify.org ajax.googleapis.com
1 ajax.googleapis.com dangerous-attachment.zip
1 www.w3schools.com dangerous-attachment.zip
1 fonts.googleapis.com dangerous-attachment.zip
15 9
Subject Issuer Validity Valid
dangerous-attachment.zip
GTS CA 1P5		 2024-03-04 -
2024-06-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.w3schools.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-04-03 -
2025-05-04		 a year crt.sh
threathorizon.org
E1		 2024-03-23 -
2024-06-21		 3 months crt.sh
ipify.org
GTS CA 1P5		 2024-03-21 -
2024-06-19		 3 months crt.sh
*.github.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-03-15 -
2025-03-14		 a year crt.sh

This page contains 1 frames:

Primary Page: https://dangerous-attachment.zip/
Frame ID: FDB13D2CE15B42FEACA9434690413723
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

$./Dangerous-Attachment.zip

Page URL History Show full URLs

  1. http://dangerous-attachment.zip/ HTTP 307
    https://dangerous-attachment.zip/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

15
Requests

100 %
HTTPS

33 %
IPv6

8
Domains

9
Subdomains

9
IPs

4
Countries

169 kB
Transfer

319 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://dangerous-attachment.zip/ HTTP 307
    https://dangerous-attachment.zip/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
dangerous-attachment.zip/
Redirect Chain
  • http://dangerous-attachment.zip/
  • https://dangerous-attachment.zip/
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dangerous-attachment.zip/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
673ca723530d56e189145214464396ba584e7985d86578388e84808232cd2dd0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
877dbf025f1c0bea-AMS
content-encoding
br
content-type
text/html
date
Sun, 21 Apr 2024 13:33:29 GMT
last-modified
Thu, 11 Apr 2024 03:18:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MPciCPFxsWbuUuJuVbFOAm5q7njhmZghdGo4x7PQYzt8GruHkbuiE1ttTEPg%2FiiJrI86yelVyCtP0zuw0foJociSckET1XPJGoqhJggwTGjefM3fS5wD%2BfbLepxwrAtDVZtjODVqbdsIKK8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://dangerous-attachment.zip/
Non-Authoritative-Reason
HSTS
main.css
dangerous-attachment.zip/assets/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dangerous-attachment.zip/assets/css/main.css
Requested by
Host: dangerous-attachment.zip
URL: https://dangerous-attachment.zip/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20dbbc9c1af31b716fa53753780bfd5c41454d2c707b594e12e4f6c539e90e28

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://dangerous-attachment.zip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date
Sun, 21 Apr 2024 13:33:30 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 10 Dec 2023 01:34:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"a47-60c1dd184af74-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ucPtiGE0PjxJu0jEfWyywZ1820%2FxJjOWBWffH47mdnvblB6DDVbs%2BHm5Ns1bExfO2NQx70JmgYmHPbBrtFy9XXHOmSGdS%2B0kBuSEqdmoqoDUS%2FaQwP1BboxVhoqrjJdIKrBgCtN%2BkavvPsw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
877dbf04e97e0bea-AMS
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/ 		717 B
779 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato
Requested by
Host: dangerous-attachment.zip
URL: https://dangerous-attachment.zip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
77d9907ca853ab885fd7a35a29faaf4206b8fe47347cd9c12391d64451ad6f37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://dangerous-attachment.zip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 21 Apr 2024 13:33:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 21 Apr 2024 13:17:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 21 Apr 2024 13:33:29 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: dangerous-attachment.zip
URL: https://dangerous-attachment.zip/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://dangerous-attachment.zip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date
Sun, 21 Apr 2024 13:33:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
385707
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F4ROOipxQrGlR8%2BppF1VOmbfgbhhDC94Z8XcDXZ4yEvPbHm938wmX%2Bvia9ZUobc0EeszszworbKqy0Nl4hbKbGtmXfTW%2FvW68GqoQrcY6n3LYxYler%2BAvRhsbHIunghyIF8z2tFB"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
877dbf051a9f0b7f-AMS
expires
Fri, 11 Apr 2025 13:33:29 GMT
w3.css
www.w3schools.com/w3css/4/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.w3schools.com/w3css/4/w3.css
Requested by
Host: dangerous-attachment.zip
URL: https://dangerous-attachment.zip/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.133.221 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BAC) / ASP.NET
Resource Hash
c4f2aba13970ecf8303fb9329f97c8824861569273b0aa27acce48abc61d04f5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://mycourses.w3schools.com;
X-Content-Security-Policy frame-ancestors 'self' https://mycourses.w3schools.com;

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://dangerous-attachment.zip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://mycourses.w3schools.com;
content-encoding
gzip
date
Sun, 21 Apr 2024 13:33:29 GMT
last-modified
Fri, 19 Apr 2024 13:22:08 GMT
server
ECS (amb/6BAC)
age
11752
etag
"08016945c92da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
public,max-age=14400,public
accept-ranges
bytes
content-length
5250
x-content-security-policy
frame-ancestors 'self' https://mycourses.w3schools.com;
run_prettify.js
cdn.jsdelivr.net/gh/google/code-prettify@master/loader/ 		18 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/google/code-prettify@master/loader/run_prettify.js?autoload=true&skin=sunburst&lang=css
Requested by
Host: dangerous-attachment.zip
URL: https://dangerous-attachment.zip/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7285646ea1d6480a26b5c3d66f75edac636a664b9ef84bbd5fb63122065bb668
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://dangerous-attachment.zip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date
Sun, 21 Apr 2024 13:33:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
23878
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230077-FRA, cache-lga21969-LGA
x-jsd-version-type
branch
server
cloudflare
etag
W/"480b-TyrgZ46CV/5URLUGkuqmgyGFFkY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=042YDl%2BEwiWHmeD5fphYR4JIHZsDM6o0Pxa75t1aEt7H%2BbFtqXRNzRJZRFd1iYq5pf5XYa1YnVDb%2FRQnCDXB%2BS90jx4iKpK19Wy1K9bSqXEGYJq2kYppUSfe%2FxoGC1DDlgw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
877dbf07a96f0df4-AMS
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: dangerous-attachment.zip
URL: https://dangerous-attachment.zip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://dangerous-attachment.zip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date
Sun, 21 Apr 2024 10:15:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11898
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 21 Apr 2025 10:15:11 GMT
ip.js
dangerous-attachment.zip/assets/js/ 		124 B
582 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dangerous-attachment.zip/assets/js/ip.js
Requested by
Host: dangerous-attachment.zip
URL: https://dangerous-attachment.zip/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a11186a34e2a498af1289eccc16036c110a771dcd74e8ab2b6dbde0a1ff9542

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://dangerous-attachment.zip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date
Sun, 21 Apr 2024 13:33:30 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Sun, 10 Dec 2023 01:34:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"7c-60c1dd184af74-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ozgdQfSgqkiFkobKWtVyhIBOKvYgviD8vfVa4E08K4sc1%2FVmJGPxWwQvw14k5nfpPOVIT92h3hXIE9cRGoOZPE7LhB8nWFJmqIVpVYn1O7EnrG0oHXiD%2FVUYUJ8TtTvvBruvLaTqRWRhfuc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
877dbf04e9800bea-AMS
alt-svc
h3=":443"; ma=86400
matomo.js
analytics.threathorizon.org/ 		65 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.threathorizon.org/matomo.js
Requested by
Host: dangerous-attachment.zip
URL: https://dangerous-attachment.zip/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.158.24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b39abd9035f703b76dfed940898d572b9864f676eb1912a9142f0639dca6b2ce
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://dangerous-attachment.zip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date
Sun, 21 Apr 2024 13:33:30 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 07 Mar 2024 23:35:49 GMT
server
cloudflare
etag
W/"1042f-6131a8902bf40-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lH3a1t2vW2jLax1Gx1E5pqtjAyhi0UVVpn0oQO0eHCeq36RzwTmWSg3Fz7hJCHDn8LaGrGWYA8vFE3%2BiQg5FTzv%2FTF8g%2B545tqiWEjQ7MVEcpErRX5yEoqPIxu3LtN0bKVxuC07Wqwv2DeQdjBY%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
877dbf08dbfd9724-AMS
priority
u=3,i=?0
/
api.ipify.org/ 		23 B
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2b62d75d7fd844fb723ffda0339f53e47a1737595ae7ac92b5d82ed19a188d9

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://dangerous-attachment.zip/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date
Sun, 21 Apr 2024 13:33:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json
access-control-allow-origin
*
cf-ray
877dbf083dc00b5b-AMS
content-length
23
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://dangerous-attachment.zip
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date
Sun, 21 Apr 2024 13:33:30 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2456066
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
77160
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-12d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=chogXrx%2FPCNZydADl3FOmpnH%2BwAnu9KMhegYFP%2FDFEVOT8Iq5LFFow9K8zZz0qEV4ptzKHQxD8LM%2BKiIbf94hY9qDa43F6sdsNIblfrGGo5cEwocm%2BS7tRnsJ0CMVAca8Fpnlxqn"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
877dbf080a811c96-AMS
expires
Fri, 11 Apr 2025 13:33:30 GMT
lang-css.js
cdn.jsdelivr.net/gh/google/code-prettify@master/loader/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/google/code-prettify@master/loader/lang-css.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/google/code-prettify@master/loader/run_prettify.js?autoload=true&skin=sunburst&lang=css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44d2b7d5c53e3992df748eae60952e3159731f2f602304e281ed48be3b6f1e63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://dangerous-attachment.zip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date
Sun, 21 Apr 2024 13:33:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
22589
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220132-FRA, cache-lga21929-LGA
x-jsd-version-type
branch
server
cloudflare
etag
W/"5e3-IhYP+80hnAGMPb73RdopzDNMbow"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lUiVQ%2FcW7IdVYq7PCJsNpIdqRZS8gTbeb5x0IMHQCmOARM4GIfGCRnMSILJZH1LWG4E%2FfZVh75htuIgGxb20AYqemryosdnwvNa9yq6G44p5OEmdI%2FpV2WATdoZ8gXEms5c%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
877dbf07f9c90df4-AMS
sunburst.css
cdn.jsdelivr.net/gh/google/code-prettify@master/loader/skins/ 		1016 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/google/code-prettify@master/loader/skins/sunburst.css
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/google/code-prettify@master/loader/run_prettify.js?autoload=true&skin=sunburst&lang=css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4aee8d7f8469f01edd9db774170b944ac0921ef88013938e030a11317c15a866
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://dangerous-attachment.zip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

date
Sun, 21 Apr 2024 13:33:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
16873
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220024-FRA, cache-lga21980-LGA
x-jsd-version-type
branch
server
cloudflare
etag
W/"3f8-+tJv5wH6rnXfnJU/vqoox+7cEvA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0VceaAN2T4FhY5tS%2B1QP2mZ%2FBrxLaKVJ%2Fl7NH2w2faE5Y8DX2iiv%2BCJTF%2BTpGITkSq7hgYlb%2FjKcHvjdxgRgJZI8qmWGJDXFR7Mdf1S2yPis%2Bh%2FuIH9b%2F7i1udDUmJKI9g4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
877dbf07f9cb0df4-AMS
matomo.php
analytics.threathorizon.org/ 		0
445 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.threathorizon.org/matomo.php?action_name=%24.%2FDangerous-Attachment.zip&idsite=3&rec=1&r=329666&h=15&m=33&s=30&url=https%3A%2F%2Fdangerous-attachment.zip%2F&_id=4e38a80d687b892d&_idn=1&send_image=0&_refts=0&pv_id=bjZqB6&pf_net=66&pf_srv=399&pf_tfr=1&pf_dm1=477&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200
Requested by
Host: analytics.threathorizon.org
URL: https://analytics.threathorizon.org/matomo.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.158.24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dangerous-attachment.zip/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Sun, 21 Apr 2024 13:33:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=docDCQZCZYFo1s3priFqq6xw1%2Bhp3lqHY48tLe7QaMBsrVDn%2BxvlwC94oPDF0sun%2BzWIuP79wPi20C3XPkQQrVp%2BPEZ4KqYnuFFjsBS%2FH80S9FEqxw6t0cAJ9FZf2woclYuzprtvdcmnSfUl5jM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://dangerous-attachment.zip
access-control-allow-credentials
true
cf-ray
877dbf0c68589724-AMS
alt-svc
h3=":443"; ma=86400
priority
u=4,i
x-xss-protection
1; mode=block
69230350
avatars.githubusercontent.com/u/ 		12 KB
13 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://avatars.githubusercontent.com/u/69230350?v=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8002::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
afe55302c644eef9f74c30c80bf0aa062c60e022b6d37e10ba7288c03d204464
Security Headers
Name Value
Content-Security-Policy default-src 'none'
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://dangerous-attachment.zip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.82 Safari/537.36

Response headers

x-fastly-request-id
9dbe77892ea266e03d84c86eac60037d95c55592
content-security-policy
default-src 'none'
strict-transport-security
max-age=31557600
x-content-type-options
nosniff
date
Sun, 21 Apr 2024 13:33:31 GMT
via
1.1 varnish
x-cache-hits
1
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
12362
x-xss-protection
1; mode=block
x-served-by
cache-mad2200084-MAD
last-modified
Tue, 01 Jun 2021 06:49:22 GMT
x-github-tenant
x-github-request-id
4A5A:30B612:4EEEFCB:5279955:6614F341
x-timer
S1713706411.105230,VS0,VE10
etag
"59a3113f704a8525491ea86ffe2ecab20cbfbbcf1da6e68819113b516c9a0172"
source-age
1057384
x-frame-options
deny
vary
Authorization,Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
timing-allow-origin
https://github.com
expires
Sun, 21 Apr 2024 13:38:31 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _paq function| topFunction function| $ function| jQuery boolean| PR_SHOULD_USE_CONTINUATION object| PR object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log

2 Cookies

Domain/Path Name / Value
dangerous-attachment.zip/ Name: _pk_id.3.8944
Value: 4e38a80d687b892d.1713706411.
dangerous-attachment.zip/ Name: _pk_ses.3.8944
Value: 1