uabinvest.com Open in urlscan Pro
191.96.52.5 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://uabinvest.com/
Submission: On December 25 via api (December 25th 2022, 12:49:51 pm UTC) from US — Scanned from US

Summary HTTP 32 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 32 HTTP transactions. The main IP is 191.96.52.5, located in Enschede, Netherlands and belongs to CDNEXT, GB. The main domain is uabinvest.com.

This is the only time uabinvest.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: HSBC (Banking)

Domain & IP information

	IP Address	AS Autonomous System
22	191.96.52.5 191.96.52.5	212238 (CDNEXT) (CDNEXT)
2	185.126.226.146 185.126.226.146	9009 (M247) (M247)
1 2	2607:f8b0:400... 2607:f8b0:4006:808::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:807::200a	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81c::2003	15169 (GOOGLE) (GOOGLE)
1	108.138.128.101 108.138.128.101	16509 (AMAZON-02) (AMAZON-02)
1	44.241.191.125 44.241.191.125	16509 (AMAZON-02) (AMAZON-02)
32	8

22 191.96.52.5 (Enschede, Netherlands)

ASN212238 (CDNEXT, GB)
PTR: nl2-web1.mochahosted.com

uabinvest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.126.226.146 (Amsterdam, Netherlands)

ASN9009 (M247, RO)

db.onlinewebfonts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:808::200e (Nutley, United States) 1 redirects

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:807::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81c::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.128.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-101.jfk50.r.cloudfront.net

cdn.appdynamics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.241.191.125 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-241-191-125.us-west-2.compute.amazonaws.com

col.eum-appdynamics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	uabinvest.com uabinvest.com	1 MB
3	gstatic.com www.gstatic.com	4 KB
2	googleapis.com translate.googleapis.com — Cisco Umbrella Rank: 818	78 KB
2	google.com 1 redirects translate.google.com — Cisco Umbrella Rank: 1213	27 KB
2	onlinewebfonts.com db.onlinewebfonts.com — Cisco Umbrella Rank: 41208	19 KB
1	eum-appdynamics.com col.eum-appdynamics.com — Cisco Umbrella Rank: 2317	1 KB
1	appdynamics.com cdn.appdynamics.com — Cisco Umbrella Rank: 3219	18 KB
32	7

	Domain	Requested by
22	uabinvest.com	uabinvest.com
3	www.gstatic.com	uabinvest.com translate.googleapis.com
2	translate.googleapis.com
2	translate.google.com	1 redirects uabinvest.com
2	db.onlinewebfonts.com	uabinvest.com db.onlinewebfonts.com
1	col.eum-appdynamics.com	uabinvest.com
1	cdn.appdynamics.com	uabinvest.com
32	7

This site contains links to these domains. Also see Links.

Domain
translate.google.com

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://uabinvest.com/
Frame ID: CC47CFA26E388FC18205B5907C0ABE8E
Requests: 32 HTTP requests in this frame

Frame: data://truncated
Frame ID: 977D13BB9C6A9F91F80E1D83966623BF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

UAB Invest Individuals: Online banking and banking services

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc/designs/

AppDynamics (Analytics) Expand

Overall confidence: 100%
Detected patterns

adrum

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

32
Requests

16 %
HTTPS

43 %
IPv6

7
Domains

7
Subdomains

8
IPs

2
Countries

1368 kB
Transfer

2510 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://translate.google.com/
Title: Translate

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2 HTTP 301
https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2

32 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
uabinvest.com/ 68 KB
10 KB 757ms
646ms Document
text/html 191.96.52.5
CDNEXT

General

Check archive.org

Show headers Download Go to

Full URL: http://uabinvest.com/
Protocol: HTTP/1.1
Server: 191.96.52.5 Enschede, Netherlands, ASN212238 (CDNEXT, GB),
Reverse DNS: nl2-web1.mochahosted.com
Software: Apache / PHP/7.4.33
Resource Hash: 37f48aac72e17e9ca49a826983db0a23b4aaf152d2594ff3459acbce9bbe30ac

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: Upgrade, Keep-Alive
Content-Encoding: gzip
Content-Length: 10182
Content-Type: text/html; charset=UTF-8
Date: Sun, 25 Dec 2022 12:49:43 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Upgrade: h2,h2c
Vary: Accept-Encoding,User-Agent
X-Powered-By: PHP/7.4.33

GET
H/1.1 200
OK clientlib-default.min.4c8f1bd3d61e8743b7402fa38be6af87.css
uabinvest.com/etc/ 559 KB
68 KB 111ms
111ms Stylesheet
text/css 191.96.52.5
CDNEXT

General

Check archive.org

Show headers Download Go to

Full URL: http://uabinvest.com/etc/clientlib-default.min.4c8f1bd3d61e8743b7402fa38be6af87.css
Requested by: Host: uabinvest.com
URL: http://uabinvest.com/
Protocol: HTTP/1.1
Server: 191.96.52.5 Enschede, Netherlands, ASN212238 (CDNEXT, GB),
Reverse DNS: nl2-web1.mochahosted.com
Software: Apache /
Resource Hash: a9563ee58b3dd1634d8cd467f114ab7c5be35856f07904fdc80657c1253d26b4

Request headers

accept-language: en-US,en;q=0.9
Referer: http://uabinvest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 25 Dec 2022 12:49:44 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Oct 2022 14:47:05 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Transfer-Encoding: chunked
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK clientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js Show response
uabinvest.com/etc/designs/gba/appd/ 37 KB
12 KB 197ms
116ms Script
application/javascript 191.96.52.5
CDNEXT

General

Check archive.org

Show headers Download Go to

Full URL: http://uabinvest.com/etc/designs/gba/appd/clientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js
Requested by: Host: uabinvest.com
URL: http://uabinvest.com/
Protocol: HTTP/1.1
Server: 191.96.52.5 Enschede, Netherlands, ASN212238 (CDNEXT, GB),
Reverse DNS: nl2-web1.mochahosted.com
Software: Apache /
Resource Hash: bea3ea25da545a45afa53dca5a8fabdda2c61186e16774967a996a35d4d945e2

Request headers

accept-language: en-US,en;q=0.9
Referer: http://uabinvest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 25 Dec 2022 12:49:44 GMT
Content-Encoding: gzip
Last-Modified: Tue, 29 Jun 2021 19:37:54 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Upgrade: h2,h2c
Content-Type: application/javascript
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 11807

GET
H/1.1 200
OK 44f1d96a0579112e89a76a877b4645f4
db.onlinewebfonts.com/c/ 1 KB
856 B 159ms
75ms Stylesheet
text/css 185.126.226.146
M247

General

Check archive.org

Show headers Download Go to

Full URL: http://db.onlinewebfonts.com/c/44f1d96a0579112e89a76a877b4645f4?family=MuseoSans-300
Requested by: Host: uabinvest.com
URL: http://uabinvest.com/
Protocol: HTTP/1.1
Server: 185.126.226.146 Amsterdam, Netherlands, ASN9009 (M247, RO),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 9e7a00f6088eb4cc2f6161547b5bebecb760c10ea57764cfa1dfebc8c6ce898f

Request headers

accept-language: en-US,en;q=0.9
Referer: http://uabinvest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 25 Dec 2022 12:48:26 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/5.4.45
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Cache-Control: public,max-age=86400,must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With

GET
H/1.1 200
OK logo.png
uabinvest.com/ 3 KB
3 KB 282ms
87ms Image
image/png 191.96.52.5
CDNEXT

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://uabinvest.com/logo.png
Requested by: Host: uabinvest.com
URL: http://uabinvest.com/
Protocol: HTTP/1.1
Server: 191.96.52.5 Enschede, Netherlands, ASN212238 (CDNEXT, GB),
Reverse DNS: nl2-web1.mochahosted.com
Software: Apache /
Resource Hash: 02958cbd65208b35eace13a5f449c4f89eed5220a36c262cdc0b7ae4b7f07065

Request headers

accept-language: en-US,en;q=0.9
Referer: http://uabinvest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 25 Dec 2022 12:49:45 GMT
Last-Modified: Mon, 24 Oct 2022 15:34:44 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 3058

GET
H/1.1 200
OK bg1.jpg
uabinvest.com/content/ 36 KB
36 KB 349ms
87ms Image
image/jpeg 191.96.52.5
CDNEXT

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://uabinvest.com/content/bg1.jpg
Requested by: Host: uabinvest.com
URL: http://uabinvest.com/
Protocol: HTTP/1.1
Server: 191.96.52.5 Enschede, Netherlands, ASN212238 (CDNEXT, GB),
Reverse DNS: nl2-web1.mochahosted.com
Software: Apache /
Resource Hash: 0e2bba19077f68f82695ba5ee81041a7e1420279675e6a5608ee602ef92d593e

Request headers

accept-language: en-US,en;q=0.9
Referer: http://uabinvest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 25 Dec 2022 12:49:45 GMT
Last-Modified: Mon, 31 Jan 2022 07:02:58 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 36711

GET
H/1.1 200
OK immg3.jpg
uabinvest.com/content/ 94 KB
94 KB 350ms
88ms Image
image/jpeg 191.96.52.5
CDNEXT

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://uabinvest.com/content/immg3.jpg
Requested by: Host: uabinvest.com
URL: http://uabinvest.com/
Protocol: HTTP/1.1
Server: 191.96.52.5 Enschede, Netherlands, ASN212238 (CDNEXT, GB),
Reverse DNS: nl2-web1.mochahosted.com
Software: Apache /
Resource Hash: 20469fdc313c7b3f65920a4e5c5fad81c43680b470889071b1df5f9baa2c91ad

Request headers

accept-language: en-US,en;q=0.9
Referer: http://uabinvest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 25 Dec 2022 12:49:45 GMT
Last-Modified: Fri, 02 Jul 2021 13:58:40 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 95810

GET
H/1.1 200
OK immg2.jpg
uabinvest.com/content/ 212 KB
213 KB 361ms
96ms Image
image/jpeg 191.96.52.5
CDNEXT

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://uabinvest.com/content/immg2.jpg
Requested by: Host: uabinvest.com
URL: http://uabinvest.com/
Protocol: HTTP/1.1
Server: 191.96.52.5 Enschede, Netherlands, ASN212238 (CDNEXT, GB),
Reverse DNS: nl2-web1.mochahosted.com
Software: Apache /
Resource Hash: 7e34ec580dc4c52c3d3c92335af90e67ed888d402454078a11efaf3dca88bc42

Request headers

accept-language: en-US,en;q=0.9
Referer: http://uabinvest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 25 Dec 2022 12:49:45 GMT
Last-Modified: Fri, 02 Jul 2021 13:57:36 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 217562

GET
H/1.1 200
OK immg1.jpg
uabinvest.com/content/ 145 KB
145 KB 140ms
88ms Image
image/jpeg 191.96.52.5
CDNEXT

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://uabinvest.com/content/immg1.jpg
Requested by: Host: uabinvest.com
URL: http://uabinvest.com/
Protocol: HTTP/1.1
Server: 191.96.52.5 Enschede, Netherlands, ASN212238 (CDNEXT, GB),
Reverse DNS: nl2-web1.mochahosted.com
Software: Apache /
Resource Hash: a20eac7862d1d758f94b9e879ec6e7fabf2e178cffcda5919f1a890dd11a19f7

Request headers

accept-language: en-US,en;q=0.9
Referer: http://uabinvest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 25 Dec 2022 12:49:45 GMT
Last-Modified: Fri, 02 Jul 2021 13:56:22 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 147976

GET
H/1.1 200
OK imgg1.jpg
uabinvest.com/content/ 314 KB
314 KB 101ms
100ms Image
image/jpeg 191.96.52.5
CDNEXT

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://uabinvest.com/content/imgg1.jpg
Requested by: Host: uabinvest.com
URL: http://uabinvest.com/
Protocol: HTTP/1.1
Server: 191.96.52.5 Enschede, Netherlands, ASN212238 (CDNEXT, GB),
Reverse DNS: nl2-web1.mochahosted.com
Software: Apache /
Resource Hash: b21d2a700243653a62a462e83acd119df149be09011131c073ff399ab1e7c254

Request headers

accept-language: en-US,en;q=0.9
Referer: http://uabinvest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 25 Dec 2022 12:49:45 GMT
Last-Modified: Fri, 02 Jul 2021 13:53:12 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 321183

GET
H/1.1 200
OK imgg2.jpg
uabinvest.com/content/ 39 KB
39 KB 88ms
88ms Image
image/jpeg 191.96.52.5
CDNEXT

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://uabinvest.com/content/imgg2.jpg
Requested by: Host: uabinvest.com
URL: http://uabinvest.com/
Protocol: HTTP/1.1
Server: 191.96.52.5 Enschede, Netherlands, ASN212238 (CDNEXT, GB),
Reverse DNS: nl2-web1.mochahosted.com
Software: Apache /
Resource Hash: 5da20ffceb929f2fee0c7a3da4ce75ecdee21c1747adab05a1fbb3a266526202

Request headers

accept-language: en-US,en;q=0.9
Referer: http://uabinvest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 25 Dec 2022 12:49:45 GMT
Last-Modified: Fri, 02 Jul 2021 13:54:54 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 40051

GET
H/1.1 200
OK banque-international-400x227px.png
uabinvest.com/content/ 4 KB
4 KB 100ms
99ms Image
image/png 191.96.52.5
CDNEXT

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://uabinvest.com/content/banque-international-400x227px.png
Requested by: Host: uabinvest.com
URL: http://uabinvest.com/
Protocol: HTTP/1.1
Server: 191.96.52.5 Enschede, Netherlands, ASN212238 (CDNEXT, GB),
Reverse DNS: nl2-web1.mochahosted.com
Software: Apache /
Resource Hash: 077e93842fb9f10f472440bfc289607a263e3da7bb2ce637fd8d3918990251d2

Request headers

accept-language: en-US,en;q=0.9
Referer: http://uabinvest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 25 Dec 2022 12:49:45 GMT
Last-Modified: Wed, 19 Feb 2020 13:27:46 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 3685

GET
H/1.1 200
OK patrimoine-400x227px.png
uabinvest.com/content/ 6 KB
6 KB 88ms
88ms Image
image/png 191.96.52.5
CDNEXT

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://uabinvest.com/content/patrimoine-400x227px.png
Requested by: Host: uabinvest.com
URL: http://uabinvest.com/
Protocol: HTTP/1.1
Server: 191.96.52.5 Enschede, Netherlands, ASN212238 (CDNEXT, GB),
Reverse DNS: nl2-web1.mochahosted.com
Software: Apache /
Resource Hash: 0ffa8f000b06e8e9de9452d7f8597ad22c2f18ebe03a6cc318589c9dd27cc762

Request headers

accept-language: en-US,en;q=0.9
Referer: http://uabinvest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 25 Dec 2022 12:49:45 GMT
Last-Modified: Wed, 19 Feb 2020 13:27:46 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 5788

GET
H/1.1 200
OK proche-client-400x227px.png
uabinvest.com/content/ 7 KB
7 KB 87ms
86ms Image
image/png 191.96.52.5
CDNEXT

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://uabinvest.com/content/proche-client-400x227px.png
Requested by: Host: uabinvest.com
URL: http://uabinvest.com/
Protocol: HTTP/1.1
Server: 191.96.52.5 Enschede, Netherlands, ASN212238 (CDNEXT, GB),
Reverse DNS: nl2-web1.mochahosted.com
Software: Apache /
Resource Hash: 3c4d61ca89ef0bb3a059a814d9572e7d116a90e572ed0bc892ee5d498a231089

Request headers

accept-language: en-US,en;q=0.9
Referer: http://uabinvest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 25 Dec 2022 12:49:45 GMT
Last-Modified: Wed, 19 Feb 2020 13:27:46 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 6791

GET
H/1.1 200
OK logo-light.png
uabinvest.com/ 3 KB
3 KB 84ms
83ms Image
image/png 191.96.52.5
CDNEXT

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://uabinvest.com/logo-light.png
Requested by: Host: uabinvest.com
URL: http://uabinvest.com/
Protocol: HTTP/1.1
Server: 191.96.52.5 Enschede, Netherlands, ASN212238 (CDNEXT, GB),
Reverse DNS: nl2-web1.mochahosted.com
Software: Apache /
Resource Hash: ea8618308e152e260a88a4f231180b65d506c9578b9393d86607061806821712

Request headers

accept-language: en-US,en;q=0.9
Referer: http://uabinvest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 25 Dec 2022 12:49:45 GMT
Last-Modified: Mon, 24 Oct 2022 15:35:28 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2888

GET
H/1.1 200
OK jquery-all-v2.js Show response
uabinvest.com/etc/ 109 KB
37 KB 103ms
103ms Script
application/javascript 191.96.52.5
CDNEXT

General

Check archive.org

Show headers Download Go to

Full URL: http://uabinvest.com/etc/jquery-all-v2.js
Requested by: Host: uabinvest.com
URL: http://uabinvest.com/
Protocol: HTTP/1.1
Server: 191.96.52.5 Enschede, Netherlands, ASN212238 (CDNEXT, GB),
Reverse DNS: nl2-web1.mochahosted.com
Software: Apache /
Resource Hash: 281558a1422646b6e61290c4509f7de8e67f742cc7e9c67a7cee42c3301258f2

Request headers

accept-language: en-US,en;q=0.9
Referer: http://uabinvest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 25 Dec 2022 12:49:44 GMT
Content-Encoding: gzip
Last-Modified: Tue, 29 Jun 2021 19:37:52 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 37248

GET
H/1.1 200
OK clientlib-all.min.075769d33f82a042ed7ccb61ae7f98fd.js Show response
uabinvest.com/etc/ 382 KB
103 KB 102ms
101ms Script
application/javascript 191.96.52.5
CDNEXT

General

Check archive.org

Show headers Download Go to

Full URL: http://uabinvest.com/etc/clientlib-all.min.075769d33f82a042ed7ccb61ae7f98fd.js
Requested by: Host: uabinvest.com
URL: http://uabinvest.com/
Protocol: HTTP/1.1
Server: 191.96.52.5 Enschede, Netherlands, ASN212238 (CDNEXT, GB),
Reverse DNS: nl2-web1.mochahosted.com
Software: Apache /
Resource Hash: 5d6d011c5c34a0bfab00439df1b47aa50857536ef86b907ea6a72fe6ae39c93b

Request headers

accept-language: en-US,en;q=0.9
Referer: http://uabinvest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 25 Dec 2022 12:49:44 GMT
Content-Encoding: gzip
Last-Modified: Tue, 29 Jun 2021 19:37:54 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H2

200

element.js Show response
translate.google.com/translate_a/
Redirect Chain

http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2
https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2

75 KB
26 KB

61ms
36ms

Script
text/javascript

2607:f8b0:4006:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2

Requested by

Host: uabinvest.com
URL: http://uabinvest.com/

Protocol

Server

2607:f8b0:4006:808::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0900299a82342b1f62482aa5b9c9aaf46f4fa4a397b034bc5e0d3ebe12cdbfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://uabinvest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Dec 2022 12:49:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 25 Dec 2022 12:49:44 GMT
X-Content-Type-Options: nosniff
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: application/binary
Location: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Length: 0
X-XSS-Protection: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 44f1d96a0579112e89a76a877b4645f4.woff2
db.onlinewebfonts.com/t/ 18 KB
18 KB 167ms
93ms Font
application/x-font-woff 185.126.226.146
M247

General

Check archive.org

Show headers Download Go to

Full URL: http://db.onlinewebfonts.com/t/44f1d96a0579112e89a76a877b4645f4.woff2
Requested by: Host: db.onlinewebfonts.com
URL: http://db.onlinewebfonts.com/c/44f1d96a0579112e89a76a877b4645f4?family=MuseoSans-300
Protocol: HTTP/1.1
Server: 185.126.226.146 Amsterdam, Netherlands, ASN9009 (M247, RO),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 21bb49a5fa534b1a612ad46311857d26eba85da6f046ba88765c2c0943f4043c

Request headers

Referer: http://db.onlinewebfonts.com/c/44f1d96a0579112e89a76a877b4645f4?family=MuseoSans-300
Origin: http://uabinvest.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 25 Dec 2022 12:48:26 GMT
Server: nginx
X-Powered-By: PHP/5.4.45
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/x-font-woff
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=86400,must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With

GET
H/1.1 200
OK UniversNextforHSBCW02-Bd.woff
uabinvest.com/etc/common/fonts/ 26 KB
26 KB 178ms
113ms Font
font/woff 191.96.52.5
CDNEXT

General

Check archive.org

Show headers Download Go to

Full URL: http://uabinvest.com/etc/common/fonts/UniversNextforHSBCW02-Bd.woff
Requested by: Host: uabinvest.com
URL: http://uabinvest.com/etc/clientlib-default.min.4c8f1bd3d61e8743b7402fa38be6af87.css
Protocol: HTTP/1.1
Server: 191.96.52.5 Enschede, Netherlands, ASN212238 (CDNEXT, GB),
Reverse DNS: nl2-web1.mochahosted.com
Software: Apache /
Resource Hash: 1fe93d773a537c17456fc95e7dbfb69cba2914ac73c5f9b01d4db046667c688e

Request headers

Referer: http://uabinvest.com/etc/clientlib-default.min.4c8f1bd3d61e8743b7402fa38be6af87.css
Origin: http://uabinvest.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 25 Dec 2022 12:49:45 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Feb 2020 13:28:10 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Upgrade: h2,h2c
Content-Type: font/woff
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 26268

GET
H/1.1 200
OK UniversNextforHSBCW02-Rg.woff
uabinvest.com/etc/common/fonts/ 27 KB
27 KB 175ms
107ms Font
font/woff 191.96.52.5
CDNEXT

General

Check archive.org

Show headers Download Go to

Full URL: http://uabinvest.com/etc/common/fonts/UniversNextforHSBCW02-Rg.woff
Requested by: Host: uabinvest.com
URL: http://uabinvest.com/etc/clientlib-default.min.4c8f1bd3d61e8743b7402fa38be6af87.css
Protocol: HTTP/1.1
Server: 191.96.52.5 Enschede, Netherlands, ASN212238 (CDNEXT, GB),
Reverse DNS: nl2-web1.mochahosted.com
Software: Apache /
Resource Hash: e57fa923e1242b94093a29bc1497e22d7b5f78d6f124fe5ffc651383af545e13

Request headers

Referer: http://uabinvest.com/etc/clientlib-default.min.4c8f1bd3d61e8743b7402fa38be6af87.css
Origin: http://uabinvest.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 25 Dec 2022 12:49:45 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Feb 2020 13:28:12 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Upgrade: h2,h2c
Content-Type: font/woff
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 27420

GET
H/1.1 200
OK HSBCIcon-Font.woff
uabinvest.com/etc/common/fonts/ 22 KB
22 KB 179ms
111ms Font
font/woff 191.96.52.5
CDNEXT

General

Check archive.org

Show headers Download Go to

Full URL: http://uabinvest.com/etc/common/fonts/HSBCIcon-Font.woff?ee39a20e77cff3aec879befe2cd1d29d
Requested by: Host: uabinvest.com
URL: http://uabinvest.com/etc/clientlib-default.min.4c8f1bd3d61e8743b7402fa38be6af87.css
Protocol: HTTP/1.1
Server: 191.96.52.5 Enschede, Netherlands, ASN212238 (CDNEXT, GB),
Reverse DNS: nl2-web1.mochahosted.com
Software: Apache /
Resource Hash: 580245633d829cdc4a80192bc505ad254af0ed2955d5add87b56917a1c0f64df

Request headers

Referer: http://uabinvest.com/etc/clientlib-default.min.4c8f1bd3d61e8743b7402fa38be6af87.css
Origin: http://uabinvest.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 25 Dec 2022 12:49:45 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Feb 2020 13:28:08 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Upgrade: h2,h2c
Content-Type: font/woff
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 22470

GET
H/1.1 200
OK UniversNextforHSBCW02-Lt.woff
uabinvest.com/etc/common/fonts/ 26 KB
26 KB 103ms
101ms Font
font/woff 191.96.52.5
CDNEXT

General

Check archive.org

Show headers Download Go to

Full URL: http://uabinvest.com/etc/common/fonts/UniversNextforHSBCW02-Lt.woff
Requested by: Host: uabinvest.com
URL: http://uabinvest.com/etc/clientlib-default.min.4c8f1bd3d61e8743b7402fa38be6af87.css
Protocol: HTTP/1.1
Server: 191.96.52.5 Enschede, Netherlands, ASN212238 (CDNEXT, GB),
Reverse DNS: nl2-web1.mochahosted.com
Software: Apache /
Resource Hash: 1410bf3ef15162a56d0c7ea0f851483738179ce8281a269f4ed88612e9c9a695

Request headers

Referer: http://uabinvest.com/etc/clientlib-default.min.4c8f1bd3d61e8743b7402fa38be6af87.css
Origin: http://uabinvest.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 25 Dec 2022 12:49:45 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Feb 2020 13:28:10 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: font/woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 26267

GET
H/1.1 200
OK UniversNextforHSBCW02-Th.woff
uabinvest.com/etc/common/fonts/ 26 KB
27 KB 110ms
106ms Font
font/woff 191.96.52.5
CDNEXT

General

Check archive.org

Show headers Download Go to

Full URL: http://uabinvest.com/etc/common/fonts/UniversNextforHSBCW02-Th.woff
Requested by: Host: uabinvest.com
URL: http://uabinvest.com/etc/clientlib-default.min.4c8f1bd3d61e8743b7402fa38be6af87.css
Protocol: HTTP/1.1
Server: 191.96.52.5 Enschede, Netherlands, ASN212238 (CDNEXT, GB),
Reverse DNS: nl2-web1.mochahosted.com
Software: Apache /
Resource Hash: 190c1c5d443872f7ee23494c42cfd80c30e97311da2ae748bbf6ab036d80b53c

Request headers

Referer: http://uabinvest.com/etc/clientlib-default.min.4c8f1bd3d61e8743b7402fa38be6af87.css
Origin: http://uabinvest.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 25 Dec 2022 12:49:45 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Feb 2020 13:28:12 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Upgrade: h2,h2c
Content-Type: font/woff
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 26814

GET
H/1.1 404
Not Found authorize.auth.json Show response
uabinvest.com/ 315 B
515 B 112ms
98ms XHR
text/html 191.96.52.5
CDNEXT

General

Check archive.org

Show headers Download Go to

Full URL: http://uabinvest.com/authorize.auth.json?q&_=1671972585022
Requested by: Host: uabinvest.com
URL: http://uabinvest.com/etc/designs/gba/appd/clientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js
Protocol: HTTP/1.1
Server: 191.96.52.5 Enschede, Netherlands, ASN212238 (CDNEXT, GB),
Reverse DNS: nl2-web1.mochahosted.com
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Accept: */*
Referer: http://uabinvest.com/
X-Requested-With: XMLHttpRequest
ADRUM: isAjax:true
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: json

Response headers

Date: Sun, 25 Dec 2022 12:49:45 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 23ms
4ms Stylesheet
text/css 2607:f8b0:4006:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.en_US.tvzdIv5D-Fk.O/d=1/rs=AN8SPfq0reXC1mmnnZ1UyCZOCXrnJUuBeA/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d39ee51a9c2d61184a78111c731cce4b32488c99bcc9b1f8c236705d06145166

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://uabinvest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 12:07:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2518
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3619
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sun, 25 Dec 2022 13:07:47 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_US.tvzdIv5D-Fk.O/d=1/exm=el_conf/ed=1/rs=AN8SPfq0reXC1mmnnZ1UyCZOCXrnJUuBeA/ 207 KB
74 KB 26ms
8ms Script
text/javascript 2607:f8b0:4006:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_US.tvzdIv5D-Fk.O/d=1/exm=el_conf/ed=1/rs=AN8SPfq0reXC1mmnnZ1UyCZOCXrnJUuBeA/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.en_US.tvzdIv5D-Fk.O/d=1/rs=AN8SPfq0reXC1mmnnZ1UyCZOCXrnJUuBeA/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbc13e868fc37e5decb688b506ac4dea2da1690396694b7289530600e15f0816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://uabinvest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 24 Dec 2022 20:41:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58083
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75142
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 22:10:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 24 Dec 2023 20:41:42 GMT

GET
DATA 200
OK truncated Show response
/ Frame 977D 1 KB
1 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10908b6e6cfaeb149b47a6dc31aaa65aca0cf22158c74096c384bbc47285914a

Request headers

Referer: http://uabinvest.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Content-Type: text/html;charset=UTF-8

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 846 B
938 B 31ms
9ms Image
image/png 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Host: uabinvest.com
URL: http://uabinvest.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://uabinvest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 18:32:09 GMT
x-content-type-options: nosniff
age: 152256
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 846
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 23 Dec 2023 18:32:09 GMT

GET
H2 200 googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 910 B
1 KB 28ms
8ms Image
image/png 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

Requested by

Host: uabinvest.com
URL: http://uabinvest.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://uabinvest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 19:04:15 GMT
x-content-type-options: nosniff
age: 409530
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 910
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 20 Dec 2023 19:04:15 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 24ms
6ms Image
image/png 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://translate.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 02:28:32 GMT
x-content-type-options: nosniff
age: 37273
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 25 Dec 2023 02:28:32 GMT

GET
H/1.1 200
OK adrum-ext.0086dbec5e8a6e717bf36d3a06b62042.js Show response
cdn.appdynamics.com/ 45 KB
18 KB 23ms
4ms Script
application/javascript 108.138.128.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.appdynamics.com/adrum-ext.0086dbec5e8a6e717bf36d3a06b62042.js
Requested by: Host: uabinvest.com
URL: http://uabinvest.com/etc/designs/gba/appd/clientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js
Protocol: HTTP/1.1
Server: 108.138.128.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-101.jfk50.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 7da0fcf5011f66d43746091e130db6ef4d55ff13410d57209fb0f44d90cdee60

Request headers

accept-language: en-US,en;q=0.9
Referer: http://uabinvest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 07:26:28 GMT
Content-Encoding: gzip
Via: 1.1 1631ac35bac9cbaaa7c65e1bf3666d7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P4
Age: 1574597
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 15 Sep 2016 22:05:47 GMT
Server: nginx/1.16.1
ETag: W/"57db1b3b-b4f4"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
Content-Type: application/javascript
access-control-allow-origin: *
Cache-Control: public, max-age=2678400, s-max-age=14400
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Amz-Cf-Id: h8l-mzDIFxGPAOeChMHORexavVaByTJCC0sTBzfyKgSakXMGsfKgrw==

POST
H/1.1 200
OK adrum Show response
col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-AAH-YHG/ 0
1 KB 212ms
93ms XHR
text/html 44.241.191.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-AAH-YHG/adrum

Requested by

Host: uabinvest.com
URL: http://uabinvest.com/etc/designs/gba/appd/clientlib.min.b3ec3a2325eaa4cbc74a2e2f0b755b0f.js

Protocol

HTTP/1.1

Server

44.241.191.125 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-241-191-125.us-west-2.compute.amazonaws.com

Software

envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://uabinvest.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
Date: Sun, 25 Dec 2022 12:49:47 GMT
x-content-type-options: nosniff
server: envoy
Transfer-Encoding: chunked
vary: *
Content-Type: text/html
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
x-envoy-upstream-service-time: 0
Connection: keep-alive
access-control-allow-headers: origin, content-type, accept
expires: 0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: HSBC (Banking)

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://uabinvest.com/authorize.auth.json?q&_=1671972585022 Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.appdynamics.com
col.eum-appdynamics.com
db.onlinewebfonts.com
translate.google.com
translate.googleapis.com
uabinvest.com
www.gstatic.com
108.138.128.101
185.126.226.146
191.96.52.5
2607:f8b0:4006:807::200a
2607:f8b0:4006:808::200e
2607:f8b0:4006:81c::2003
44.241.191.125
02958cbd65208b35eace13a5f449c4f89eed5220a36c262cdc0b7ae4b7f07065
077e93842fb9f10f472440bfc289607a263e3da7bb2ce637fd8d3918990251d2
0e2bba19077f68f82695ba5ee81041a7e1420279675e6a5608ee602ef92d593e
0ffa8f000b06e8e9de9452d7f8597ad22c2f18ebe03a6cc318589c9dd27cc762
10908b6e6cfaeb149b47a6dc31aaa65aca0cf22158c74096c384bbc47285914a
1410bf3ef15162a56d0c7ea0f851483738179ce8281a269f4ed88612e9c9a695
190c1c5d443872f7ee23494c42cfd80c30e97311da2ae748bbf6ab036d80b53c
1fe93d773a537c17456fc95e7dbfb69cba2914ac73c5f9b01d4db046667c688e
20469fdc313c7b3f65920a4e5c5fad81c43680b470889071b1df5f9baa2c91ad
21bb49a5fa534b1a612ad46311857d26eba85da6f046ba88765c2c0943f4043c
281558a1422646b6e61290c4509f7de8e67f742cc7e9c67a7cee42c3301258f2
37f48aac72e17e9ca49a826983db0a23b4aaf152d2594ff3459acbce9bbe30ac
3c4d61ca89ef0bb3a059a814d9572e7d116a90e572ed0bc892ee5d498a231089
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
580245633d829cdc4a80192bc505ad254af0ed2955d5add87b56917a1c0f64df
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
5d6d011c5c34a0bfab00439df1b47aa50857536ef86b907ea6a72fe6ae39c93b
5da20ffceb929f2fee0c7a3da4ce75ecdee21c1747adab05a1fbb3a266526202
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
7da0fcf5011f66d43746091e130db6ef4d55ff13410d57209fb0f44d90cdee60
7e34ec580dc4c52c3d3c92335af90e67ed888d402454078a11efaf3dca88bc42
9e7a00f6088eb4cc2f6161547b5bebecb760c10ea57764cfa1dfebc8c6ce898f
a20eac7862d1d758f94b9e879ec6e7fabf2e178cffcda5919f1a890dd11a19f7
a9563ee58b3dd1634d8cd467f114ab7c5be35856f07904fdc80657c1253d26b4
b21d2a700243653a62a462e83acd119df149be09011131c073ff399ab1e7c254
bea3ea25da545a45afa53dca5a8fabdda2c61186e16774967a996a35d4d945e2
d39ee51a9c2d61184a78111c731cce4b32488c99bcc9b1f8c236705d06145166
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
dbc13e868fc37e5decb688b506ac4dea2da1690396694b7289530600e15f0816
e0900299a82342b1f62482aa5b9c9aaf46f4fa4a397b034bc5e0d3ebe12cdbfc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57fa923e1242b94093a29bc1497e22d7b5f78d6f124fe5ffc651383af545e13
ea8618308e152e260a88a4f231180b65d506c9578b9393d86607061806821712

uabinvest.com Open in urlscan Pro 191.96.52.5 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

32 Requests

16 %HTTPS

43 %IPv6

7 Domains

7 Subdomains

8 IPs

2 Countries

1368 kBTransfer

2510 kBSize

0 Cookies

1 Outgoing links

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

uabinvest.com Open in urlscan Pro
191.96.52.5 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

16 %
HTTPS

43 %
IPv6

7
Domains

7
Subdomains

8
IPs

2
Countries

1368 kB
Transfer

2510 kB
Size

0
Cookies

32 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!