hltargetgroup.com - urlscan.io

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 7 HTTP transactions. The main IP is 93.157.63.185, located in Russian Federation and belongs to NFORCE, NL. The main domain is hltargetgroup.com.

This is the only time hltargetgroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	93.157.63.185 93.157.63.185	43350 (NFORCE) (NFORCE)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
7	3

4 93.157.63.185 (Russian Federation)

ASN43350 (NFORCE, NL)
PTR: server.dnsfreevoice.com

hltargetgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.9.35 (United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	hltargetgroup.com hltargetgroup.com	10 KB
2	fontawesome.com use.fontawesome.com	87 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com	21 KB
7	3

	Domain	Requested by
4	hltargetgroup.com	hltargetgroup.com
2	use.fontawesome.com	hltargetgroup.com use.fontawesome.com
1	stackpath.bootstrapcdn.com	hltargetgroup.com
7	3

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://hltargetgroup.com/RpCyyZiE5Axxcum/hHaWT52JCCBgYfH/?email
Frame ID: 6E8ED31745C38156C2C0C76FFF915932
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

RoundCube (Web Mail) Expand

Overall confidence: 100%
Detected patterns

html /<title>RoundCube/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<title>RoundCube/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href="https:\/\/use\.fontawesome\.com\/releases\/v([^>]+)\/css\//i

Page Statistics

7
Requests

43 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

117 kB
Transfer

309 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
hltargetgroup.com/RpCyyZiE5Axxcum/hHaWT52JCCBgYfH/ 24 KB
3 KB 79ms
56ms Document
text/html 93.157.63.185
NFORCE

General

Check archive.org

Show headers Download Go to

Full URL: http://hltargetgroup.com/RpCyyZiE5Axxcum/hHaWT52JCCBgYfH/?email
Protocol: HTTP/1.1
Server: 93.157.63.185 , Russian Federation, ASN43350 (NFORCE, NL),
Reverse DNS: server.dnsfreevoice.com
Software: / PHP/7.4.16
Resource Hash: 2e00ded5052864c8b601f7feb7ebcba1708838c8e7a375fc05cc0dfe4494e49f

Request headers

Host: hltargetgroup.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: Keep-Alive
X-Powered-By: PHP/7.4.16
Content-Type: text/html; charset=UTF-8
Content-Length: 2876
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Sat, 17 Apr 2021 01:44:28 GMT

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ 152 KB
21 KB 15ms
14ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css

Requested by

Host: hltargetgroup.com
URL: http://hltargetgroup.com/RpCyyZiE5Axxcum/hHaWT52JCCBgYfH/?email

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://hltargetgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 01:44:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617, 617, 617, 718
age: 3219414
cdn-cachedat: 2021-03-10 20:26:22
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 097f19452600004dd032291000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: f4f9e3fe6955bd5ea098d661a6546037
cf-ray: 6411f7e83a5f4dd0-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 all.css
use.fontawesome.com/releases/v5.8.1/css/ 54 KB
14 KB 80ms
31ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.8.1/css/all.css
Requested by: Host: hltargetgroup.com
URL: http://hltargetgroup.com/RpCyyZiE5Axxcum/hHaWT52JCCBgYfH/?email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

Request headers

Referer: http://hltargetgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 01:44:28 GMT
content-encoding: gzip
last-modified: Thu, 21 Mar 2019 21:31:35 GMT
server: NetDNA-cache/2.2
etag: W/"e4c542a7f6bf6f74fdd8cdf6e8096396"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H/1.1 200
OK main.css
hltargetgroup.com/RpCyyZiE5Axxcum/hHaWT52JCCBgYfH/assets/ 1 KB
781 B 24ms
24ms Stylesheet
text/css 93.157.63.185
NFORCE

General

Check archive.org

Show headers Download Go to

Full URL: http://hltargetgroup.com/RpCyyZiE5Axxcum/hHaWT52JCCBgYfH/assets/main.css
Requested by: Host: hltargetgroup.com
URL: http://hltargetgroup.com/RpCyyZiE5Axxcum/hHaWT52JCCBgYfH/?email
Protocol: HTTP/1.1
Server: 93.157.63.185 , Russian Federation, ASN43350 (NFORCE, NL),
Reverse DNS: server.dnsfreevoice.com
Software: /
Resource Hash: b1b758e9242de5c8a8372e1c3e408c041e2e32a48038038065c7e7926eebee8f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: hltargetgroup.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://hltargetgroup.com/RpCyyZiE5Axxcum/hHaWT52JCCBgYfH/?email
Connection: keep-alive
Cache-Control: no-cache
Referer: http://hltargetgroup.com/RpCyyZiE5Axxcum/hHaWT52JCCBgYfH/?email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 01:44:28 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 Feb 2020 03:14:28 GMT
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 462
Expires: Sat, 24 Apr 2021 01:44:28 GMT

GET
H/1.1 200
OK webmail.png
hltargetgroup.com/RpCyyZiE5Axxcum/hHaWT52JCCBgYfH/assets/images/ 2 KB
2 KB 48ms
34ms Image
image/png 93.157.63.185
NFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hltargetgroup.com/RpCyyZiE5Axxcum/hHaWT52JCCBgYfH/assets/images/webmail.png
Requested by: Host: hltargetgroup.com
URL: http://hltargetgroup.com/RpCyyZiE5Axxcum/hHaWT52JCCBgYfH/?email
Protocol: HTTP/1.1
Server: 93.157.63.185 , Russian Federation, ASN43350 (NFORCE, NL),
Reverse DNS: server.dnsfreevoice.com
Software: /
Resource Hash: a646af51e9ceb89cb2183a73e34f4d9151600c5309b20a248bf7dcb19f71e094

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: hltargetgroup.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://hltargetgroup.com/RpCyyZiE5Axxcum/hHaWT52JCCBgYfH/?email
Connection: keep-alive
Cache-Control: no-cache
Referer: http://hltargetgroup.com/RpCyyZiE5Axxcum/hHaWT52JCCBgYfH/?email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 01:44:28 GMT
Last-Modified: Tue, 09 Apr 2019 06:27:44 GMT
Content-Type: image/png
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1903
Expires: Sat, 24 Apr 2021 01:44:28 GMT

GET
H/1.1 200
OK roundcube_logo.png
hltargetgroup.com/RpCyyZiE5Axxcum/hHaWT52JCCBgYfH/assets/images/ 4 KB
4 KB 25ms
24ms Image
image/png 93.157.63.185
NFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hltargetgroup.com/RpCyyZiE5Axxcum/hHaWT52JCCBgYfH/assets/images/roundcube_logo.png
Requested by: Host: hltargetgroup.com
URL: http://hltargetgroup.com/RpCyyZiE5Axxcum/hHaWT52JCCBgYfH/?email
Protocol: HTTP/1.1
Server: 93.157.63.185 , Russian Federation, ASN43350 (NFORCE, NL),
Reverse DNS: server.dnsfreevoice.com
Software: /
Resource Hash: 85256d019c76dafce023e67c1942fd2287ced7c7503d207991e54d33ac1b37fd

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: hltargetgroup.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://hltargetgroup.com/RpCyyZiE5Axxcum/hHaWT52JCCBgYfH/?email
Connection: keep-alive
Cache-Control: no-cache
Referer: http://hltargetgroup.com/RpCyyZiE5Axxcum/hHaWT52JCCBgYfH/?email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 17 Apr 2021 01:44:28 GMT
Last-Modified: Tue, 09 Apr 2019 06:27:38 GMT
Content-Type: image/png
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 3792
Expires: Sat, 24 Apr 2021 01:44:28 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.8.1/webfonts/ 73 KB
73 KB 70ms
23ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.8.1/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.8.1/css/all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: f18c486a80175cf02fee0e05c2b4acd86c04cdbaecec61c1ef91f920509b5efe

Request headers

Origin: http://hltargetgroup.com
Referer: https://use.fontawesome.com/releases/v5.8.1/css/all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 01:44:28 GMT
last-modified: Thu, 21 Mar 2019 21:32:28 GMT
server: NetDNA-cache/2.2
etag: "418dad87601f9c8abd0e5798c0dc1feb"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 74256

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

hltargetgroup.com
stackpath.bootstrapcdn.com
use.fontawesome.com
23.111.9.35
2606:4700::6812:acf
93.157.63.185
2e00ded5052864c8b601f7feb7ebcba1708838c8e7a375fc05cc0dfe4494e49f
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
85256d019c76dafce023e67c1942fd2287ced7c7503d207991e54d33ac1b37fd
a646af51e9ceb89cb2183a73e34f4d9151600c5309b20a248bf7dcb19f71e094
b1b758e9242de5c8a8372e1c3e408c041e2e32a48038038065c7e7926eebee8f
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3
f18c486a80175cf02fee0e05c2b4acd86c04cdbaecec61c1ef91f920509b5efe

hltargetgroup.com Open in urlscan Pro 93.157.63.185 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

7 Requests

43 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

117 kBTransfer

309 kBSize

0 Cookies

0 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

0 Cookies

Indicators

hltargetgroup.com Open in urlscan Pro
93.157.63.185 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

43 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

117 kB
Transfer

309 kB
Size

0
Cookies

7 HTTP transactions
0 data transactions