urlscan.io logo urlscan.io
SecurityTrails logo

d11qdb04.na1.hubspotlinks.com Open in urlscan Pro
2606:4700::6812:db1  Public Scan

Go To Rescan Add Verdict Report
URL: https://d11qdb04.na1.hubspotlinks.com/Ctc/ZU+113/d11qDB04/VVJLPc8hdbnzW9llhdg7q4q-nW6hm-BV5008vhN7qyl0y2-TlpV1-WJV7CgH27W1s2ZF638WSj4W...
Submission: On June 20 via manual from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 2 HTTP transactions. The main IP is 2606:4700::6812:db1, located in United States and belongs to CLOUDFLARENET, US. The main domain is d11qdb04.na1.hubspotlinks.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 17th 2023. Valid for: a year.
This is the only time d11qdb04.na1.hubspotlinks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

APTs-use-of-cybercrime-sources_JA.pdf 2 MB application/pdf
MIME: PDF document, version 1.7
Size: 2 MB (2615235 bytes, 100% done)
Downloaded from: https://www.kelacyber.com/wp-content/uploads/2023/06/APTs-use-of-cybercrime-sources_JA.pdf?_hsmi=263005911&_hsenc=p2ANqtz-9yMtX2WX19luG_W3Y2gTb5Y4n1cSvOxivxW7tzo2mVshl9svGPHKacyMwGj2-_gZcMO5HF1V3Uak6pGC_MzkVN0bN1bpF1yp6xoO48tgvHExUexEs

Domain & IP information

IP Address AS Autonomous System
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 162.159.134.42 13335 (CLOUDFLAR...)
2 2
Apex Domain
Subdomains		 Transfer
2 hubspotlinks.com
d11qdb04.na1.hubspotlinks.com
3 KB
1 kelacyber.com
www.kelacyber.com
2 2
Domain Requested by
2 d11qdb04.na1.hubspotlinks.com 1 redirects
1 www.kelacyber.com d11qdb04.na1.hubspotlinks.com
2 2

This site contains no links.

Subject Issuer Validity Valid
hubspotlinks.com
Cloudflare Inc ECC CA-3		 2023-04-17 -
2024-04-16		 a year crt.sh
kelacyber.com
GTS CA 1P5		 2023-05-28 -
2023-08-26		 3 months crt.sh

This page contains 1 frames:

Frame: https://www.kelacyber.com/wp-content/uploads/2023/06/APTs-use-of-cybercrime-sources_JA.pdf?_hsmi=263005911&_hsenc=p2ANqtz-9yMtX2WX19luG_W3Y2gTb5Y4n1cSvOxivxW7tzo2mVshl9svGPHKacyMwGj2-_gZcMO5HF1V3Uak6pGC_MzkVN0bN1bpF1yp6xoO48tgvHExUexEs
Frame ID: 14EAEB906663EEAA03E19F1809FD0F4C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Page Statistics

2
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

3 kB
Transfer

8 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://d11qdb04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/ZU+113/d11qDB04/VVJLPc8hdbnzW9llhdg7q4q-nW6hm-BV5008vhN7qyl0y2-TlpV1-WJV7CgH27W1s2ZF638WSj4W7fQymh8L3w10W901r2w8RYf0KW5HBtTy43RlN5W5g-dy24NJ5BRW7kJMgR50CkS-W43hb3W7PGjGcW2qWFBp50RB4MN6S4t3X6D21xW5Jx17n4gZfjdW5gNxb-3nSDhXW5_dNvz5T6gscW8Wm9zZ818QMdW28X13P2HnymSW3JBqpK3kKPG6W6XkMhN4nc6wtW53v49_4MYqp2W5Ln19H1w78YWW8gx3Rl1-bmfYVQHjKr50g6Y7W4j7tG55JHnrPW3CMLVS2ntmfMW4cLQNQ82XsJ4W7XspzW61xBV5W8rjV4Y1PfDp5W2SGkgZ5z1fxW3dNw1?_ud=a23aa75b-2fc9-4e11-9eae-6581c2a14b8d&_jss=1&_fl=8&_pl=3&_hc=4&_lg=en-US,en&_plt=Win32&_scr=1600,1200 HTTP 307
  • https://www.kelacyber.com/wp-content/uploads/2023/06/APTs-use-of-cybercrime-sources_JA.pdf?_hsmi=263005911&_hsenc=p2ANqtz-9yMtX2WX19luG_W3Y2gTb5Y4n1cSvOxivxW7tzo2mVshl9svGPHKacyMwGj2-_gZcMO5HF1V3Uak6pGC_MzkVN0bN1bpF1yp6xoO48tgvHExUexEs

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request VVJLPc8hdbnzW9llhdg7q4q-nW6hm-BV5008vhN7qyl0y2-TlpV1-WJV7CgH27W1s2ZF638WSj4W7fQymh8L3w10W901r2w8RYf0KW5HBtTy43RlN5W5g-dy24NJ5BRW7kJMgR50CkS-W43hb3W7PGjGcW2qWFBp50RB4MN6S4t3X6D21xW5Jx17n4gZfjdW5gNxb...
d11qdb04.na1.hubspotlinks.com/Ctc/ZU+113/d11qDB04/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d11qdb04.na1.hubspotlinks.com/Ctc/ZU+113/d11qDB04/VVJLPc8hdbnzW9llhdg7q4q-nW6hm-BV5008vhN7qyl0y2-TlpV1-WJV7CgH27W1s2ZF638WSj4W7fQymh8L3w10W901r2w8RYf0KW5HBtTy43RlN5W5g-dy24NJ5BRW7kJMgR50CkS-W43hb3W7PGjGcW2qWFBp50RB4MN6S4t3X6D21xW5Jx17n4gZfjdW5gNxb-3nSDhXW5_dNvz5T6gscW8Wm9zZ818QMdW28X13P2HnymSW3JBqpK3kKPG6W6XkMhN4nc6wtW53v49_4MYqp2W5Ln19H1w78YWW8gx3Rl1-bmfYVQHjKr50g6Y7W4j7tG55JHnrPW3CMLVS2ntmfMW4cLQNQ82XsJ4W7XspzW61xBV5W8rjV4Y1PfDp5W2SGkgZ5z1fxW3dNw1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:db1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75e9c32a487d1898c30c083bae67cc94a839fe320e006e57a5a16c7decfbae4d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
false
cf-cache-status
DYNAMIC
cf-ray
7da297fc8879e362-NRT
content-encoding
br
content-type
text/html;charset=utf-8
date
Tue, 20 Jun 2023 08:20:39 GMT
referrer-policy
no-referrer
server
cloudflare
vary
origin
x-envoy-upstream-service-time
5
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/event-tracking-td/envoy-proxy-5c4cb998cf-hbc8x
x-evy-trace-virtual-host
all
x-hubspot-correlation-id
e2ed3fc1-3aa5-4230-994b-65c3061970b9
x-request-id
298428db-6926-46e4-99ca-ccc79e2f07bd
x-robots-tag
none
APTs-use-of-cybercrime-sources_JA.pdf
www.kelacyber.com/wp-content/uploads/2023/06/
Redirect Chain
  • https://d11qdb04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/ZU+113/d11qDB04/VVJLPc8hdbnzW9llhdg7q4q-nW6hm-BV5008vhN7qyl0y2-TlpV1-WJV7CgH27W1s2ZF638WSj4W7fQymh8L3w10W901r2w8RYf0KW5HBtTy4...
  • https://www.kelacyber.com/wp-content/uploads/2023/06/APTs-use-of-cybercrime-sources_JA.pdf?_hsmi=263005911&_hsenc=p2ANqtz-9yMtX2WX19luG_W3Y2gTb5Y4n1cSvOxivxW7tzo2mVshl9svGPHKacyMwGj2-_gZcMO5HF1V3Ua...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.kelacyber.com/wp-content/uploads/2023/06/APTs-use-of-cybercrime-sources_JA.pdf?_hsmi=263005911&_hsenc=p2ANqtz-9yMtX2WX19luG_W3Y2gTb5Y4n1cSvOxivxW7tzo2mVshl9svGPHKacyMwGj2-_gZcMO5HF1V3Uak6pGC_MzkVN0bN1bpF1yp6xoO48tgvHExUexEs
Requested by
Host: d11qdb04.na1.hubspotlinks.com
URL: https://d11qdb04.na1.hubspotlinks.com/Ctc/ZU+113/d11qDB04/VVJLPc8hdbnzW9llhdg7q4q-nW6hm-BV5008vhN7qyl0y2-TlpV1-WJV7CgH27W1s2ZF638WSj4W7fQymh8L3w10W901r2w8RYf0KW5HBtTy43RlN5W5g-dy24NJ5BRW7kJMgR50CkS-W43hb3W7PGjGcW2qWFBp50RB4MN6S4t3X6D21xW5Jx17n4gZfjdW5gNxb-3nSDhXW5_dNvz5T6gscW8Wm9zZ818QMdW28X13P2HnymSW3JBqpK3kKPG6W6XkMhN4nc6wtW53v49_4MYqp2W5Ln19H1w78YWW8gx3Rl1-bmfYVQHjKr50g6Y7W4j7tG55JHnrPW3CMLVS2ntmfMW4cLQNQ82XsJ4W7XspzW61xBV5W8rjV4Y1PfDp5W2SGkgZ5z1fxW3dNw1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.134.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://d11qdb04.na1.hubspotlinks.com/Ctc/ZU+113/d11qDB04/VVJLPc8hdbnzW9llhdg7q4q-nW6hm-BV5008vhN7qyl0y2-TlpV1-WJV7CgH27W1s2ZF638WSj4W7fQymh8L3w10W901r2w8RYf0KW5HBtTy43RlN5W5g-dy24NJ5BRW7kJMgR50CkS-W43hb3W7PGjGcW2qWFBp50RB4MN6S4t3X6D21xW5Jx17n4gZfjdW5gNxb-3nSDhXW5_dNvz5T6gscW8Wm9zZ818QMdW28X13P2HnymSW3JBqpK3kKPG6W6XkMhN4nc6wtW53v49_4MYqp2W5Ln19H1w78YWW8gx3Rl1-bmfYVQHjKr50g6Y7W4j7tG55JHnrPW3CMLVS2ntmfMW4cLQNQ82XsJ4W7XspzW61xBV5W8rjV4Y1PfDp5W2SGkgZ5z1fxW3dNw1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=31536000, s-maxage=2592000
cache-tag
15f687d7-0d26-4789-8685-9dbca736b543,39ddf437a906212f3374a550701b86d00df16f21f66fdc68436dabb0c1b7e728
cf-cache-status
MISS
cf-ray
7da298033fc6afb8-NRT
content-length
2615235
content-type
application/pdf
date
Tue, 20 Jun 2023 08:20:40 GMT
etag
"64900b1f-27e7c3"
ki-cache-tag
15f687d7-0d26-4789-8685-9dbca736b543,39ddf437a906212f3374a550701b86d00df16f21f66fdc68436dabb0c1b7e728
ki-cache-type
CDN
ki-cf-cache-status
SAVING
ki-edge
v=19.0.7;mv=1.1.3
last-modified
Mon, 19 Jun 2023 08:00:31 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wxu00kyGI3dQ5a4ZD6tdFa5mQS3HVKRVKvscPigqwfAuQ3P8HdZZ58hN3vO3B8vbW1MJlhBuXpabghZK2ZZIDIrk%2BxVBieHFqJZXdd73yve04yDYRGi6LpYvAFQFvbCQxLNs"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-edge-location-klb
1

Redirect headers

access-control-allow-credentials
false
cf-cache-status
DYNAMIC
cf-ray
7da298015d8ce362-NRT
date
Tue, 20 Jun 2023 08:20:39 GMT
link
<https://www.kelacyber.com/wp-content/uploads/2023/06/APTs-use-of-cybercrime-sources_JA.pdf?_hsmi=263005911&_hsenc=p2ANqtz-9yMtX2WX19luG_W3Y2gTb5Y4n1cSvOxivxW7tzo2mVshl9svGPHKacyMwGj2-_gZcMO5HF1V3Uak6pGC_MzkVN0bN1bpF1yp6xoO48tgvHExUexEs>; rel="canonical"
location
https://www.kelacyber.com/wp-content/uploads/2023/06/APTs-use-of-cybercrime-sources_JA.pdf?_hsmi=263005911&_hsenc=p2ANqtz-9yMtX2WX19luG_W3Y2gTb5Y4n1cSvOxivxW7tzo2mVshl9svGPHKacyMwGj2-_gZcMO5HF1V3Uak6pGC_MzkVN0bN1bpF1yp6xoO48tgvHExUexEs
referrer-policy
no-referrer
server
cloudflare
vary
origin
x-envoy-upstream-service-time
26
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/event-tracking-td/envoy-proxy-5c4cb998cf-qz9z5
x-evy-trace-virtual-host
all
x-hubspot-correlation-id
3a973feb-7123-41bc-84df-b06d6afe192b
x-request-id
2c1a6639-641a-46d1-b85a-20e3d414e28b
x-robots-tag
none

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend function| bit_set function| isWebDriver function| hasAccelerometerPermission function| isHiDPI function| arePluginsConsistent function| isBigEndian function| getBooleanAttributes function| getPluginsLength function| getHardwareConcurrency function| getLanguages function| getPlatform function| getScreen string| PRE_JS string| ERR_JS string| NO_JS string| SUCCESS_JS function| getTargetURLWithState string| targetURL

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d11qdb04.na1.hubspotlinks.com
www.kelacyber.com
162.159.134.42
2606:4700::6812:db1
75e9c32a487d1898c30c083bae67cc94a839fe320e006e57a5a16c7decfbae4d