treasury.gov.ofac.ohlecafeparis.com
Open in
urlscan Pro
107.182.163.42
Malicious Activity!
Public Scan
Submission: On May 15 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on April 22nd 2024. Valid for: 3 months.
This is the only time treasury.gov.ofac.ohlecafeparis.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: US Government (Government)Domain & IP information
ASN18450 (WEBNX, US)
PTR: air4.jetthost.net
treasury.gov.ofac.ohlecafeparis.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN20940 (AKAMAI-ASN1, NL)
s.go-mpulse.net | |
684dd328.akstat.io |
ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f8.1e100.net
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-147-18.deploy.static.akamaitechnologies.com
trial-eum-clientnsv4-s.akamaihd.net |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-147-91.deploy.static.akamaitechnologies.com
kd7qo6accgjrezseuiza-p2rlm5-39d5448f3-clientnsv4-s.akamaihd.net |
ASN20940 (AKAMAI-ASN1, NL)
trial-eum-clienttons-s.akamaihd.net | |
fiaqjiathaajgkqce3ydkaaacztejirs-p2rlm5-ff044021d-clienttons-s.akamaihd.net |
Domain | Requested by | |
---|---|---|
27 | treasury.gov.ofac.ohlecafeparis.com |
treasury.gov.ofac.ohlecafeparis.com
|
7 | fonts.gstatic.com |
fonts.googleapis.com
|
4 | www.google-analytics.com |
dap.digitalgov.gov
www.google-analytics.com |
4 | fonts.googleapis.com |
treasury.gov.ofac.ohlecafeparis.com
|
4 | www.googletagmanager.com |
treasury.gov.ofac.ohlecafeparis.com
www.googletagmanager.com dap.digitalgov.gov |
3 | region1.google-analytics.com |
www.googletagmanager.com
dap.digitalgov.gov |
2 | use.fontawesome.com |
treasury.gov.ofac.ohlecafeparis.com
|
1 | fiaqjiathaajgkqce3ydkaaacztejirs-p2rlm5-ff044021d-clienttons-s.akamaihd.net | |
1 | trial-eum-clienttons-s.akamaihd.net | 1 redirects |
1 | kd7qo6accgjrezseuiza-p2rlm5-39d5448f3-clientnsv4-s.akamaihd.net | |
1 | trial-eum-clientnsv4-s.akamaihd.net | 1 redirects |
1 | 684dd328.akstat.io |
s.go-mpulse.net
|
1 | c.go-mpulse.net |
s.go-mpulse.net
|
1 | s.go-mpulse.net |
treasury.gov.ofac.ohlecafeparis.com
|
1 | dap.digitalgov.gov |
treasury.gov.ofac.ohlecafeparis.com
|
1 | web3forms.com |
treasury.gov.ofac.ohlecafeparis.com
|
58 | 16 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
treasury.gov.ofac.ohlecafeparis.com R3 |
2024-04-22 - 2024-07-21 |
3 months | crt.sh |
*.google-analytics.com WR2 |
2024-05-06 - 2024-07-29 |
3 months | crt.sh |
upload.video.google.com WR2 |
2024-05-06 - 2024-07-29 |
3 months | crt.sh |
use.fontawesome.com Cloudflare Inc ECC CA-3 |
2023-10-12 - 2024-10-10 |
a year | crt.sh |
web3forms.com R3 |
2024-04-24 - 2024-07-23 |
3 months | crt.sh |
dap.digitalgov.gov Amazon RSA 2048 M02 |
2023-07-07 - 2024-08-04 |
a year | crt.sh |
akstat.io DigiCert TLS RSA SHA256 2020 CA1 |
2024-03-06 - 2025-03-06 |
a year | crt.sh |
*.gstatic.com WR2 |
2024-05-06 - 2024-07-29 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://treasury.gov.ofac.ohlecafeparis.com/
Frame ID: 7615B6C647A979135924822B2656940C
Requests: 58 HTTP requests in this frame
Screenshot
Page Title
Celine Taylor | U.S. Department of the TreasuryDetected technologies
Font Awesome (Font Scripts) ExpandDetected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
Page Statistics
100 Outgoing links
These are links going to different origins than the main page.
Title: Alcohol and Tobacco Tax and Trade Bureau (TTB)
Search URL Search Domain Scan URL
Title: Bureau of Engraving & Printing (BEP)
Search URL Search Domain Scan URL
Title: Financial Crimes Enforcement Network (FinCEN)
Search URL Search Domain Scan URL
Title: Bureau of the Fiscal Service (BFS)
Search URL Search Domain Scan URL
Title: Internal Revenue Service (IRS)
Search URL Search Domain Scan URL
Title: Office of the Comptroller of the Currency (OCC)
Search URL Search Domain Scan URL
Title: U.S. Mint
Search URL Search Domain Scan URL
Title: Office of Inspector General (OIG)
Search URL Search Domain Scan URL
Title: Treasury Inspector General for Tax Administration (TIGTA)
Search URL Search Domain Scan URL
Title: Special Inspector General for the Troubled Asset Relief Program (SIGTARP)
Search URL Search Domain Scan URL
Title: Special Inspector General for Pandemic Recovery (SIGPR)
Search URL Search Domain Scan URL
Title: Search Jobs
Search URL Search Domain Scan URL
Title: Inflation Reduction Act
Search URL Search Domain Scan URL
Title: COVID19 Economic Relief
Search URL Search Domain Scan URL
Title: American Families and Workers
Search URL Search Domain Scan URL
Title: Small Businesses
Search URL Search Domain Scan URL
Title: State, Local, and Tribal Governments
Search URL Search Domain Scan URL
Title: American Industry
Search URL Search Domain Scan URL
Title: Sanctions
Search URL Search Domain Scan URL
Title: The Community Development Financial Institution (CDFI) Fund
Search URL Search Domain Scan URL
Title: Making Home Affordable
Search URL Search Domain Scan URL
Title: Specially Designated Nationals List (SDN List)
Search URL Search Domain Scan URL
Title: Consolidated Sanctions List
Search URL Search Domain Scan URL
Title: Search OFAC's Sanctions Lists
Search URL Search Domain Scan URL
Title: Additional Sanctions Lists
Search URL Search Domain Scan URL
Title: OFAC Recent Actions
Search URL Search Domain Scan URL
Title: Sanctions Programs and Country Information
Search URL Search Domain Scan URL
Title: Frequently Asked Questions
Search URL Search Domain Scan URL
Title: OFAC Civil Penalties and Enforcement
Search URL Search Domain Scan URL
Title: Contact OFAC
Search URL Search Domain Scan URL
Title: Mymoney.gov
Search URL Search Domain Scan URL
Title: Your Guide to America’s Finances
Search URL Search Domain Scan URL
Title: Monthly Treasury Statement
Search URL Search Domain Scan URL
Title: Daily Treasury Statement
Search URL Search Domain Scan URL
Title: How Your Money Is Spent
Search URL Search Domain Scan URL
Title: USAspending.gov
Search URL Search Domain Scan URL
Title: National Debt
Search URL Search Domain Scan URL
Title: National Debt to the Penny
Search URL Search Domain Scan URL
Title: Historical Debt Outstanding
Search URL Search Domain Scan URL
Title: Monthly Statement of the Public Debt
Search URL Search Domain Scan URL
Title: Buy, Manage, and Redeem
Search URL Search Domain Scan URL
Title: Treasury Hunt - Search for Matured Bonds
Search URL Search Domain Scan URL
Title: Cashing Savings Bonds in Disaster-Declared Areas
Search URL Search Domain Scan URL
Title: Frequently Asked Questions
Search URL Search Domain Scan URL
Title: Community Development Financial Institution (CDFI) Fund
Search URL Search Domain Scan URL
Title: Where is my Refund?
Search URL Search Domain Scan URL
Title: Lost or Expired Check
Search URL Search Domain Scan URL
Title: Direct Express Card
Search URL Search Domain Scan URL
Title: Non-Benefit Federal Payments
Search URL Search Domain Scan URL
Title: Electronic Federal Benefit Payments - GoDirect
Search URL Search Domain Scan URL
Title: Currency and Coins
Search URL Search Domain Scan URL
Title: Shop for Currency Products
Search URL Search Domain Scan URL
Title: Redeem Damaged Currency
Search URL Search Domain Scan URL
Title: Bureau of Engraving and Printing
Search URL Search Domain Scan URL
Title: IRS Auctions
Search URL Search Domain Scan URL
Title: Real Estate
Search URL Search Domain Scan URL
Title: General Property, Vehicles, Vessels & Aircraft
Search URL Search Domain Scan URL
Title: IRS Forms, Instructions & Publications
Search URL Search Domain Scan URL
Title: Foreign Account Tax Compliance Act
Search URL Search Domain Scan URL
Title: Savings Bonds - Treasury Securities
Search URL Search Domain Scan URL
Title: Bank Secrecy Act - Fincen 114 and more
Search URL Search Domain Scan URL
Title: OFAC License Application
Search URL Search Domain Scan URL
Title: OFAC Reporting
Search URL Search Domain Scan URL
Title: Financial Management Quality Service Management Office Marketplace Catalog
Search URL Search Domain Scan URL
Title: TreasuryDirect
Search URL Search Domain Scan URL
Title: Invoice Processing Platform
Search URL Search Domain Scan URL
Title: Bureau of Engraving and Printing
Search URL Search Domain Scan URL
Title: U.S. Mint
Search URL Search Domain Scan URL
Title: Weekly Public Schedule Archive
Search URL Search Domain Scan URL
Title: Media Advisories Archive
Search URL Search Domain Scan URL
Title: Subscribe to Press Releases
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: LinkedIn
Search URL Search Domain Scan URL
Title: Auctions
Search URL Search Domain Scan URL
Title: Report Scam Attempts
Search URL Search Domain Scan URL
Title: Government Contracting Small Business Contacts
Search URL Search Domain Scan URL
Title: Form 941, employer's quarterly federal tax return
Search URL Search Domain Scan URL
Title: Employer Identification Number (EIN)
Search URL Search Domain Scan URL
Title: Specially Designated Nationals list
Search URL Search Domain Scan URL
Title: Interest rate statistics
Search URL Search Domain Scan URL
Title: Quarterly refunding information
Search URL Search Domain Scan URL
Title: Budget, Financial Reporting, Planning and Performance
Search URL Search Domain Scan URL
Title: Shared Services
Search URL Search Domain Scan URL
Title: TreasuryDirect for Government
Search URL Search Domain Scan URL
Title: Alcohol and Tobacco Tax and Trade (TTB)
Search URL Search Domain Scan URL
Title: Bureau of the Fiscal Service (BFS)
Search URL Search Domain Scan URL
Title: Financial Crimes Enforcement Network (FinCEN)
Search URL Search Domain Scan URL
Title: Internal Revenue Service (IRS)
Search URL Search Domain Scan URL
Title: Office of the Comptroller of the Currency (OCC)
Search URL Search Domain Scan URL
Title: U.S. Mint
Search URL Search Domain Scan URL
Title: Office of Inspector General (OIG)
Search URL Search Domain Scan URL
Title: Treasury Inspector General for Tax Administration (TIGTA)
Search URL Search Domain Scan URL
Title: Special Inspector General, Troubled Asset Relief Program (SIGTARP)
Search URL Search Domain Scan URL
Title: Administrative Resource Center (ARC)- Bureau of the Fiscal Service
Search URL Search Domain Scan URL
Title: TreasuryDirect.gov Securities/Bonds
Search URL Search Domain Scan URL
Title: USA.gov
Search URL Search Domain Scan URL
Title: USAJOBS.gov
Search URL Search Domain Scan URL
Title: OPM.gov
Search URL Search Domain Scan URL
Title: MyMoney.gov
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 54- https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=p2rlm5ie8 HTTP 302
- https://kd7qo6accgjrezseuiza-p2rlm5-39d5448f3-clientnsv4-s.akamaihd.net/eum/results.txt
- https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=p2rlm5ie8 HTTP 302
- https://fiaqjiathaajgkqce3ydkaaacztejirs-p2rlm5-ff044021d-clienttons-s.akamaihd.net/eum/results.txt
58 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
treasury.gov.ofac.ohlecafeparis.com/ |
94 KB 94 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
312 KB 103 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css_2kOoUOV4m8th_JuCrqdNSy7zw6JJuskLzYfsycrSFS4.css
treasury.gov.ofac.ohlecafeparis.com/sites/default/files/css/ |
47 KB 47 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css_NSGkbVbe10IimDGlx0uLv9Llf454rktNT6i917XAeAs.css
treasury.gov.ofac.ohlecafeparis.com/sites/default/files/css/ |
649 KB 650 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
5 KB 730 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
9 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
16 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 566 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js_89-lLUs3Rdmr7wSr1bvlvECFvpDKO0Ys0sDAmMnP5dQ.js
treasury.gov.ofac.ohlecafeparis.com/sites/default/files/js/ |
92 KB 92 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.js
use.fontawesome.com/releases/v5.13.1/js/ |
1 MB 420 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v4-shims.js
use.fontawesome.com/releases/v5.13.1/js/ |
15 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js_gW4AkAjSEqh-BtZ-BL8210QDY_bHJMJWT8hdh5MP0rw.js
treasury.gov.ofac.ohlecafeparis.com/sites/default/files/js/ |
106 KB 107 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
usflag.png
treasury.gov.ofac.ohlecafeparis.com/themes/custom/hamilton/images/ |
526 B 587 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.svg
treasury.gov.ofac.ohlecafeparis.com/themes/custom/hamilton/ |
58 KB 58 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 267 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
191 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
web3forms.com/client/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js_29F0KfgrLpSns8jblDj3q2YMy_U-ofN4qNDxhJ5TL1U.js
treasury.gov.ofac.ohlecafeparis.com/sites/default/files/js/ |
216 KB 216 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Universal-Federated-Analytics-Min.js
dap.digitalgov.gov/ |
29 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
M33KD-YMV8Y-625W4-V96WF-R28AJ
s.go-mpulse.net/boomerang/ |
205 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.svg
treasury.gov.ofac.ohlecafeparis.com/themes/custom/hamilton/ |
58 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
superheader.png
treasury.gov.ofac.ohlecafeparis.com/themes/custom/hamilton/sass/components/superheader/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
search-icon.svg
treasury.gov.ofac.ohlecafeparis.com/themes/custom/hamilton/sass/components//mm/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
breadcrumb-arrow.png
treasury.gov.ofac.ohlecafeparis.com/themes/custom/hamilton/sass/components/images/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
h1-underline.png
treasury.gov.ofac.ohlecafeparis.com/themes/custom/hamilton/images/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sourcesanspro-regular-webfont.woff2
treasury.gov.ofac.ohlecafeparis.com/libraries/uswds/dist/fonts/source-sans-pro/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
seal.png
treasury.gov.ofac.ohlecafeparis.com/themes/custom/hamilton/sass/components/footer/ |
22 KB 22 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twitter.png
treasury.gov.ofac.ohlecafeparis.com/themes/custom/hamilton/sass/components/social/icons/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
facebook.png
treasury.gov.ofac.ohlecafeparis.com/themes/custom/hamilton/sass/components/social/icons/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ |
20 KB 20 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ |
19 KB 19 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ |
14 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ |
14 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Latin-Merriweather-Regular.woff2
treasury.gov.ofac.ohlecafeparis.com/libraries/uswds/dist/fonts/merriweather/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Latin-Merriweather-Bold.woff2
treasury.gov.ofac.ohlecafeparis.com/libraries/uswds/dist/fonts/merriweather/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6xK3dSBYKcSV-LCoeQqfX1RYOo3qN67lqDY.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ |
6 KB 6 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DepSec-Adeyemo-Official.jpg
treasury.gov.ofac.ohlecafeparis.com/system/files/136/ |
626 KB 627 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
264 KB 91 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
264 KB 91 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sourcesanspro-regular-webfont.woff
treasury.gov.ofac.ohlecafeparis.com/libraries/uswds/dist/fonts/source-sans-pro/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
1 B 219 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
1 B 66 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
1 B 66 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 54 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Latin-Merriweather-Bold.woff
treasury.gov.ofac.ohlecafeparis.com/libraries/uswds/dist/fonts/merriweather/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Latin-Merriweather-Regular.woff
treasury.gov.ofac.ohlecafeparis.com/libraries/uswds/dist/fonts/merriweather/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config.json
c.go-mpulse.net/api/ |
1 KB 850 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sourcesanspro-regular-webfont.ttf
treasury.gov.ofac.ohlecafeparis.com/libraries/uswds/dist/fonts/source-sans-pro/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Latin-Merriweather-Regular.ttf
treasury.gov.ofac.ohlecafeparis.com/libraries/uswds/dist/fonts/merriweather/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Latin-Merriweather-Bold.ttf
treasury.gov.ofac.ohlecafeparis.com/libraries/uswds/dist/fonts/merriweather/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon_1.png
treasury.gov.ofac.ohlecafeparis.com/sites/default/files/ |
346 B 399 B |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
684dd328.akstat.io/ |
0 239 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
results.txt
kd7qo6accgjrezseuiza-p2rlm5-39d5448f3-clientnsv4-s.akamaihd.net/eum/ Redirect Chain
|
8 B 312 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
results.txt
fiaqjiathaajgkqce3ydkaaacztejirs-p2rlm5-ff044021d-clienttons-s.akamaihd.net/eum/ Redirect Chain
|
8 B 312 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
region1.google-analytics.com/g/ |
0 17 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: US Government (Government)80 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| once undefined| $ function| jQuery object| drupalSettings object| Drupal object| __apiStruct function| DataTable string| BOOMR_API_key object| BOOMR object| DateFormat boolean| uswdsPresent function| api_do_search string| tObjectCheck object| _allowedQuerystrings boolean| isSearch object| oCONFIG object| head object| GA4Object boolean| trackerFlag function| _onEveryPage function| _defineCookieDomain function| _defineAgencyCDsValues function| _cleanBooleanParam function| _isValidUANum function| _isValidGA4Num function| _cleanDimensionValue function| _updateConfig function| _sendCustomDimensions function| _sendCustomMetrics function| _sendEvent function| _mapGA4toUA function| _sendPageview function| gas function| _URIHandler function| _sendViewSearchResult function| _isExcludedReferrer function| createTracker function| _initAutoTracker undefined| tag undefined| firstScriptTag undefined| videoArray undefined| playerArray undefined| _buckets undefined| _milestoneController undefined| ytUtils function| _payloadInterceptor function| _piiRedactor function| _initIdAssigner function| _customTask function| _scrubbedURL function| _setAllowedQS function| _setUpTrackers function| _setUpTrackersIfReady string| GoogleAnalyticsObject function| ga boolean| _isRedacted string| _fullParams string| _keyValuePair string| _key string| _value object| gaplugins object| gaData function| _ga_originalSendHitTask function| BOOMR_check_doc_domain object| ErrorStackParser object| UserTimingCompression object| BOOMR_mq object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome function| a object| fontawesome-free-shims object| $outer number| BOOMR_onload9 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.ohlecafeparis.com/ | Name: _ga_QTKLZK8R7K Value: GS1.1.1715774000.1.0.1715774000.0.0.0 |
|
.treasury.gov.ofac.ohlecafeparis.com/ | Name: _ga Value: GA1.5.1008324585.1715774001 |
|
.treasury.gov.ofac.ohlecafeparis.com/ | Name: _gid Value: GA1.5.1090687329.1715774002 |
|
.treasury.gov.ofac.ohlecafeparis.com/ | Name: _gat_GSA_ENOR0 Value: 1 |
|
.treasury.gov.ofac.ohlecafeparis.com/ | Name: _gat_GSA_ENOR1 Value: 1 |
|
.ohlecafeparis.com/ | Name: _gid Value: GA1.2.1090687329.1715774002 |
|
.ohlecafeparis.com/ | Name: _gat_gtag_UA_19138737_19 Value: 1 |
|
.ohlecafeparis.com/ | Name: _ga_CSLL4ZEK4L Value: GS1.1.1715774001.1.0.1715774001.0.0.0 |
|
.ohlecafeparis.com/ | Name: _ga Value: GA1.1.1008324585.1715774001 |
15 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
684dd328.akstat.io
c.go-mpulse.net
dap.digitalgov.gov
fiaqjiathaajgkqce3ydkaaacztejirs-p2rlm5-ff044021d-clienttons-s.akamaihd.net
fonts.googleapis.com
fonts.gstatic.com
kd7qo6accgjrezseuiza-p2rlm5-39d5448f3-clientnsv4-s.akamaihd.net
region1.google-analytics.com
s.go-mpulse.net
treasury.gov.ofac.ohlecafeparis.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
use.fontawesome.com
web3forms.com
www.google-analytics.com
www.googletagmanager.com
107.182.163.42
142.250.186.72
2.17.147.18
2.17.147.91
2001:4860:4802:34::36
216.239.32.36
2600:9000:225b:8200:5:83ea:ba80:93a1
2606:4700:3037::ac43:8ef5
2a00:1450:4001:800::2003
2a00:1450:4001:803::200e
2a00:1450:4001:81c::200a
2a00:1450:4001:82f::2008
2a02:26f0:3100:782::11a6
2a02:26f0:3500:16::215:1495
2a02:26f0:3500:991::11a6
76.76.21.21
075f86c772c38fb38cdf6249294d60a536f7ff33dc71ed50c51e585766b391ee
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0a5d8afdd7a3655da28d42d265bac845ddde76aed15f454dcf8cec24389cf7b7
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
1e45d7b4545a7e567b8239a98c640110d1a7abc3489e8e120cdabfdc36e4320a
3309a12da2ed18db77a65bfd52b4fb97a0dfd77e4f22889bd708a010ffd2f9c3
3d2bf6005f4f5cfcdc03ce4d92f0d360e2d8f91e3907a5e53b2c4297aea4731d
44331f4bf82ba7af7a4bfe091c90202e9947ac209a4cfb27296c56d92e81191b
5bec9f3988af537d9f7402debadc6b0c42b4f56c4ca37e5fd64d10ba63653eae
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
5e2dc2f434c9a329a0f1be8826021580234939b1e9b2850faa9dcf724aecc317
6195dc420a7c2f60abd30c9bc46985ac75ee25b6119ebc93028ed050926b0f71
628de0a510d18c643f9831d82b3e00f6887a2776b15c31eb951c4d8e0473cef9
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
6859a5a528af86999537ddceafe30b7898a48dd4d0bdd097a907dcfd4ef924eb
69f05212066cab4f68c5094464fe239489f1342f0d88c1ac0533f37eb839838c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c279cc4e37124eea5498dac89af9392a67bfba3251b3b2bde42c7cd24b91ce9
722f4824f17f7438ac2ad9a62107660072391a754c22a4a950c3fbe17dc20150
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
85c0cc4a1eb2ab2ecf97c90eb06833220eb787b38ffe4ec787f26abe693e2e7f
8d5dd3b65f489e7bf42bba2a76e5d4d3c9e4970f2d1371c2b8f7a28000d09b63
a868f1520f08c67b30c6f6939c3d5def2677165938e44f342969499a30296fbe
ac7e4f6547dd52985a1902f0b3a89f308f2479cb8fd80ef7eda125eac8f01d56
b78c01d13e3aedab5792354eb4ef2e9caff2399467aead6ad60848f982a09d9f
c2bacf5912e59e486dc4ba8c3a26885ef338c094d0f7e87c144064b4f49682f2
c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8
c8356c413b566272ba50c98d4ce0546e1fce6177ceb6cf8c2a7efe0a65e085a1
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
de1f787082421ec04ab59b1b0832edb6410434186245d2105a50325f0febbf55
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0b481218154981f1ddd44e160847396610a1ae2f53a6a566df3a49503cda4b9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f5082d8982c1731e3321bd61f8f948ab053971398b55b474adebf656a1d6d4
f47b4ab674094284994ece162dd4044f3296a0a1f4639085a6a02a6b5370b2bf
ff358b13d3d48ada4beb20b7bbca85ee5ad45dac1f696c2851c9b124f44a90b3