f000.backblazeb2.com Open in urlscan Pro
104.153.233.177 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/3f3FY61
Effective URL:
https://f000.backblazeb2.com/file/organize-christmas-ee669cb0/login.html?qkcoz=1R7An8McIo7IMEKowztdo6J37a&eiewhpo=t1Vfsw8i5ht...
Submission: On March 23 via manual (March 23rd 2021, 5:06:21 pm UTC) from US

Summary HTTP 22 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 22 HTTP transactions. The main IP is 104.153.233.177, located in United States and belongs to UNWIRED, US. The main domain is f000.backblazeb2.com.
TLS certificate: Issued by R3 on February 17th 2021. Valid for: 3 months.

This is the only time f000.backblazeb2.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Charles Schwab (Financial)

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
4	104.153.233.177 104.153.233.177	32354 (UNWIRED) (UNWIRED)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
8	2606:4700:303... 2606:4700:3037::6815:4dbc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
2	23.79.147.199 23.79.147.199	16625 (AKAMAI-AS) (AKAMAI-AS)
22	6

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.153.233.177 (United States)

ASN32354 (UNWIRED, US)

f000.backblazeb2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3037::6815:4dbc (United States)

ASN13335 (CLOUDFLARENET, US)

smtptemp.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.79.147.199 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-147-199.deploy.static.akamaitechnologies.com

content.schwab.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	smtptemp.site smtptemp.site	223 KB
4	backblazeb2.com f000.backblazeb2.com	159 KB
2	schwab.com content.schwab.com client.schwab.com Failed	64 KB
2	googleapis.com ajax.googleapis.com	60 KB
1	bit.ly 1 redirects bit.ly	283 B
22	5

	Domain	Requested by
8	smtptemp.site	f000.backblazeb2.com smtptemp.site
4	f000.backblazeb2.com	f000.backblazeb2.com
2	content.schwab.com	smtptemp.site
2	ajax.googleapis.com	f000.backblazeb2.com
1	bit.ly	1 redirects
0	client.schwab.com Failed	smtptemp.site
22	6

This site contains links to these domains. Also see Links.

Domain
www.schwab.com
client.schwab.com
lms-mgmt.schwab.com
lms.schwab.com
brokercheck.finra.org
www.sipc.org
www.schwab-global.com

Subject Issuer	Validity	Valid
backblazeb2.com R3	`2021-02-17` - `2021-05-18`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-05` - `2022-03-04`	a year	crt.sh
content.schwab.com DigiCert SHA2 Extended Validation Server CA	`2020-07-07` - `2021-07-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://f000.backblazeb2.com/file/organize-christmas-ee669cb0/login.html?qkcoz=1R7An8McIo7IMEKowztdo6J37a&eiewhpo=t1Vfsw8i5ht229DoEM9yuZ9gF1Q&abqlfemz=3g2FjQfAqo6BPcY
Frame ID: BC31E5455EF2FB74127C0FF17250A353
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://bit.ly/3f3FY61 HTTP 301
https://f000.backblazeb2.com/file/organize-christmas-ee669cb0/index.html Page URL
https://f000.backblazeb2.com/file/organize-christmas-ee669cb0/login.html?qkcoz=1R7An8McIo7IMEKowztdo6J37a... Page URL

Page Statistics

22
Requests

73 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

506 kB
Transfer

944 kB
Size

0
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.schwab.com/
Title:

Search URL Search Domain Scan URL

URL: https://client.schwab.com/public/schwab/nn/legal_compliance/schwabsafe
Title: SchwabSafe®

Search URL Search Domain Scan URL

URL: https://client.schwab.com/public/schwab/nn/legal_compliance/schwabsafe/security_guarantee.html
Title: The Schwab Security Guarantee

Search URL Search Domain Scan URL

URL: http://www.schwab.com/
Title: Schwab Homepage

Search URL Search Domain Scan URL

URL: https://lms-mgmt.schwab.com/ar/home?clientID=schwab
Title: Forgot login ID or password?

Search URL Search Domain Scan URL

URL: https://lms.schwab.com/credential/new?clientid=schwab-clwe
Title: New user?

Search URL Search Domain Scan URL

URL: https://client.schwab.com/MobileWeb/#access/login
Title: Log in to mobile

Search URL Search Domain Scan URL

URL: http://www.schwab.com/public/schwab/nn/customer_service/browsers.html
Title: Web Browser Information

Search URL Search Domain Scan URL

URL: https://brokercheck.finra.org/
Title: FINRA's BrokerCheck

Search URL Search Domain Scan URL

URL: http://www.sipc.org/
Title: member SIPC

Search URL Search Domain Scan URL

URL: http://www.schwab-global.com/public/schwab-gcb-en
Title: non-U.S. residents

Search URL Search Domain Scan URL

URL: https://www.schwab.com/public/schwab/nn/public-security-tips-popup.html
Title: Learn more >

Search URL Search Domain Scan URL

URL: https://www.schwab.com/public/schwab/investing/why_choose_schwab/compare_us?lid=login_slot1_static_zero_commissions

Search URL Search Domain Scan URL

URL: http://www.schwab.com/public/schwab/investing/accounts_products/credit_cards?ENTRY_POINT=IIAH
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/3f3FY61 HTTP 301
https://f000.backblazeb2.com/file/organize-christmas-ee669cb0/index.html Page URL
https://f000.backblazeb2.com/file/organize-christmas-ee669cb0/login.html?qkcoz=1R7An8McIo7IMEKowztdo6J37a&eiewhpo=t1Vfsw8i5ht229DoEM9yuZ9gF1Q&abqlfemz=3g2FjQfAqo6BPcY Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://bit.ly/3f3FY61 HTTP 301
https://f000.backblazeb2.com/file/organize-christmas-ee669cb0/index.html

22 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200

index.html Show response
f000.backblazeb2.com/file/organize-christmas-ee669cb0/
Redirect Chain

https://bit.ly/3f3FY61
https://f000.backblazeb2.com/file/organize-christmas-ee669cb0/index.html

75 KB
75 KB

820ms
326ms

Document
text/html

104.153.233.177
UNWIRED

General

Check archive.org

Show headers Download Go to

Full URL: https://f000.backblazeb2.com/file/organize-christmas-ee669cb0/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.153.233.177 , United States, ASN32354 (UNWIRED, US),
Reverse DNS
Software: /
Resource Hash: 13dd6e94b589a02031a7bfc8824ba818f04ef38e883f8cfd046b6455a6793a6b

Request headers

Host: f000.backblazeb2.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control: max-age=0, no-cache, no-store
x-bz-file-name: index.html
x-bz-file-id: 4_z017c98f49cec59927d890011_f119e01487029d2bc_d20210322_m110806_c000_v0001080_t0040
x-bz-content-sha1: 8c17b1840ae7c21966f1461db971a0f8fc93d89b
X-Bz-Upload-Timestamp: 1616411286000
Accept-Ranges: bytes
Content-Type: text/html
Content-Length: 76582
Date: Tue, 23 Mar 2021 17:05:58 GMT
Keep-Alive: timeout=5
Connection: keep-alive

Redirect headers

server: nginx
date: Tue, 23 Mar 2021 17:05:58 GMT
content-type: text/html; charset=utf-8
content-length: 159
cache-control: private, max-age=90
content-security-policy: referrer always;
location: https://f000.backblazeb2.com/file/organize-christmas-ee669cb0/index.html
referrer-policy: unsafe-url
set-cookie: _bit=l2nh5W-95071e9ba27fac8e10-00W; Domain=bit.ly; Expires=Sun, 19 Sep 2021 17:05:58 GMT
via: 1.1 google
alt-svc: clear

GET
H2 200 jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: f000.backblazeb2.com
URL: https://f000.backblazeb2.com/file/organize-christmas-ee669cb0/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f000.backblazeb2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 23 Mar 2021 15:13:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6721
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Mar 2022 15:13:58 GMT

GET
H/1.1 200 Primary Request login.html Show response
f000.backblazeb2.com/file/organize-christmas-ee669cb0/ 83 KB
83 KB 245ms
245ms Document
text/html 104.153.233.177
UNWIRED

General

Check archive.org

Show headers Download Go to

Full URL: https://f000.backblazeb2.com/file/organize-christmas-ee669cb0/login.html?qkcoz=1R7An8McIo7IMEKowztdo6J37a&eiewhpo=t1Vfsw8i5ht229DoEM9yuZ9gF1Q&abqlfemz=3g2FjQfAqo6BPcY
Requested by: Host: f000.backblazeb2.com
URL: https://f000.backblazeb2.com/file/organize-christmas-ee669cb0/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.153.233.177 , United States, ASN32354 (UNWIRED, US),
Reverse DNS
Software: /
Resource Hash: 7c6baaa1811ce6a74a51a95f551903d6334925ccb8b57b5bce56c698dda113fd

Request headers

Host: f000.backblazeb2.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://f000.backblazeb2.com/file/organize-christmas-ee669cb0/index.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://f000.backblazeb2.com/file/organize-christmas-ee669cb0/index.html

Response headers

Cache-Control: max-age=0, no-cache, no-store
x-bz-file-name: login.html
x-bz-file-id: 4_z017c98f49cec59927d890011_f119e01487029d1a5_d20210322_m110800_c000_v0001080_t0040
x-bz-content-sha1: da07807da9530db77979968e60354dd93e858e38
X-Bz-Upload-Timestamp: 1616411280000
Accept-Ranges: bytes
Content-Type: text/html
Content-Length: 85058
Date: Tue, 23 Mar 2021 17:05:59 GMT
Keep-Alive: timeout=5
Connection: keep-alive

GET
H2 200 layoutf86f.css
smtptemp.site/email-list/schwab/css/ 121 KB
20 KB 60ms
23ms Stylesheet
text/css 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://smtptemp.site/email-list/schwab/css/layoutf86f.css?v=19.19
Requested by: Host: f000.backblazeb2.com
URL: https://f000.backblazeb2.com/file/organize-christmas-ee669cb0/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c43819a6148d57b994b8840eeb6ece04e8bfb19898771febb644a31e237b4074

Request headers

Referer: https://f000.backblazeb2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 17:05:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 12151
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0901a5f7ed00004abcea3a2000000001
last-modified: Thu, 18 Mar 2021 15:59:41 GMT
server: cloudflare
etag: W/"605378ed-1e5e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZMnRVvL82%2BwPdOKj131QIWZES4z9G%2BT2orHEY7qRzVq1ERtnKcA7%2F0akXf%2BOrpmMzo6baFjcC8WBFdPrT4nVXt1FivUUbLbG3K1phhDzwTdQg%2FFmnH2OoRvA"}],"max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 63493f6ca9124abc-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 contentf86f.css
smtptemp.site/email-list/schwab/css/ 41 KB
6 KB 59ms
21ms Stylesheet
text/css 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://smtptemp.site/email-list/schwab/css/contentf86f.css?v=19.19
Requested by: Host: f000.backblazeb2.com
URL: https://f000.backblazeb2.com/file/organize-christmas-ee669cb0/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4128f7e0469a7c17a238524efe6ef384aa36f303f662cd38ab6484806e738840

Request headers

Referer: https://f000.backblazeb2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 17:05:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 12151
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0901a5f7ed00004abccf151000000001
last-modified: Thu, 18 Mar 2021 15:59:42 GMT
server: cloudflare
etag: W/"605378ee-a4aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cd%2FVLaG6DsL6k%2B9%2BauuQwiuFFbbhjBzEWrYJlyxGz81UfofCJmRKqIjd4bANVouPGS6vEqXHpt0MnAmxmRTnwIry7%2FWjc0rKrkuWAYcL2wkbFh1dvTPQqEAI"}],"max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 63493f6ca9164abc-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 masterf86f.css
smtptemp.site/email-list/schwab/css/ 120 KB
22 KB 60ms
23ms Stylesheet
text/css 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://smtptemp.site/email-list/schwab/css/masterf86f.css?v=19.19
Requested by: Host: f000.backblazeb2.com
URL: https://f000.backblazeb2.com/file/organize-christmas-ee669cb0/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d11d92322c0adc2bd5ba1acc1c26b4158fe89c90fa6544f8d998a569941d2f14

Request headers

Referer: https://f000.backblazeb2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 17:05:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 12151
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0901a5f7ee00004abce49f2000000001
last-modified: Thu, 18 Mar 2021 15:59:34 GMT
server: cloudflare
etag: W/"605378e6-1e161"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aZE1YarkAB7ajfCHkWrkdqEgVn3MLOlm7NPt956EV197OowmL47t1x6GX2iMPhgF1jDtTgEQbbZ1ZqGgUk4naRAvGGldh33vFIXVglrhc9LwsbGsS59U%2Bfeq"}],"max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 63493f6ca9204abc-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ps.css
smtptemp.site/email-list/schwab/css/ 85 KB
16 KB 61ms
24ms Stylesheet
text/css 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://smtptemp.site/email-list/schwab/css/ps.css
Requested by: Host: f000.backblazeb2.com
URL: https://f000.backblazeb2.com/file/organize-christmas-ee669cb0/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3519e15519d8d5907d23f987d4ee35366f6c50b201200d1db91f5db5902f1a80

Request headers

Referer: https://f000.backblazeb2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 17:05:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 12151
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0901a5f7ef00004abcff222000000001
last-modified: Thu, 18 Mar 2021 15:59:42 GMT
server: cloudflare
etag: W/"605378ee-154d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yJ%2BsQnIDAl1qwfakFYJjjbxV65vPsSwi3%2FtBQpfQPX0SGPMhhZ2w82QLnr3aeryJVrGxS3WZwwu%2BdT5MQBXJ2uTgufTXwSf1P2G%2Ba526YoxPR4n1rThW66i7"}],"max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 63493f6ca91d4abc-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 file68b6.css
smtptemp.site/email-list/schwab/css/ 26 KB
7 KB 59ms
22ms Stylesheet
text/css 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://smtptemp.site/email-list/schwab/css/file68b6.css?cmsid=LOGIN-STYLES&filename=main.css
Requested by: Host: f000.backblazeb2.com
URL: https://f000.backblazeb2.com/file/organize-christmas-ee669cb0/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e87107962df2fa9db2bfb003dcb609f364cc8964242f1a7f8af98239e44ca472

Request headers

Referer: https://f000.backblazeb2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 17:05:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 12151
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0901a5f7ed00004abc2992a000000001
last-modified: Thu, 18 Mar 2021 15:59:43 GMT
server: cloudflare
etag: W/"605378ef-683c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3zCVEHk%2BWGA4g6obrv5LrJF5995hrV9xxblKVu3Quj1zv6zircd0evqslT4q4WOID5DzL94f0yT267VVlFXwxl9lFbWOZlsoA4%2Br5NErnwdk0c42lMoUPd2c"}],"max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 63493f6ca9194abc-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
smtptemp.site/email-list/schwab/css/ 4 KB
808 B 68ms
32ms Stylesheet
text/css 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://smtptemp.site/email-list/schwab/css/style.css
Requested by: Host: f000.backblazeb2.com
URL: https://f000.backblazeb2.com/file/organize-christmas-ee669cb0/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9735741384abae44bb29f9da6df9a3a285e68928c44e055dd431fef269c1cbb1

Request headers

Referer: https://f000.backblazeb2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 17:05:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 12151
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0901a5f7ed00004abcfa15d000000001
last-modified: Thu, 18 Mar 2021 15:59:43 GMT
server: cloudflare
etag: W/"605378ef-f6d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=B%2BMR5D8tP%2Bo0Y2wA6AF3%2BepeNzH%2FTKRue48ZMIYSltlXbmTrw%2FiADexAtfOVPomMXgyuLi9cYXlzM4ND2XgyXJXuUM8PEovn1FzC9wjCxYZ4UR63ucpo4OhG"}],"max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 63493f6ca91a4abc-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 404 login-component-responsive-secondary
f000.backblazeb2.com/bundles/styles/lib/ 0
0 163ms
162ms Stylesheet
application/json 104.153.233.177
UNWIRED

General

Check archive.org

Show headers Download Go to

Full URL: https://f000.backblazeb2.com/bundles/styles/lib/login-component-responsive-secondary?v=_jdeAevgOU6R2aUByCuKsDl9p63BfFtUVM2tGcqdz8Y1
Requested by: Host: f000.backblazeb2.com
URL: https://f000.backblazeb2.com/file/organize-christmas-ee669cb0/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.153.233.177 , United States, ASN32354 (UNWIRED, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://f000.backblazeb2.com/file/organize-christmas-ee669cb0/login.html?qkcoz=1R7An8McIo7IMEKowztdo6J37a&eiewhpo=t1Vfsw8i5ht229DoEM9yuZ9gF1Q&abqlfemz=3g2FjQfAqo6BPcY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 17:05:59 GMT
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 86
Content-Type: application/json;charset=UTF-8

GET
H3-Q050 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 32ms
16ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: f000.backblazeb2.com
URL: https://f000.backblazeb2.com/file/organize-christmas-ee669cb0/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f000.backblazeb2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 23 Mar 2021 15:13:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6721
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Mar 2022 15:13:58 GMT

GET
H2 200 SMART_BANNER_ICON_BACKGROUND_COLOR_Copy.png
smtptemp.site/email-list/schwab/images/ 16 KB
17 KB 24ms
15ms Image
image/png 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smtptemp.site/email-list/schwab/images/SMART_BANNER_ICON_BACKGROUND_COLOR_Copy.png
Requested by: Host: f000.backblazeb2.com
URL: https://f000.backblazeb2.com/file/organize-christmas-ee669cb0/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f380d4dbff23ca3aa1acba5c7683e1541e9e7b7ba7028f45693d5f000e02738

Request headers

Referer: https://f000.backblazeb2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 17:05:59 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 12151
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16350
cf-request-id: 0901a5f7ee00004abc0fb62000000001
last-modified: Thu, 18 Mar 2021 15:59:48 GMT
server: cloudflare
etag: "605378f4-3fde"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PtAS3ks0q7xdf%2Fl5hyNOGe1XckOgXFHYRVGMcnQ5H65xQZ8WbW6Egiwb2hzuV3aR2nEi0chy5FsSpSNHiblTPelDn2PNgVzGyR73Q16pxgSh9Z8Z87TKYslW"}],"max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 63493f6ca9234abc-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 loginlogoutpsd7308.png
smtptemp.site/email-list/schwab/images/ 134 KB
135 KB 24ms
15ms Image
image/png 2606:4700:3037::6815:4dbc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smtptemp.site/email-list/schwab/images/loginlogoutpsd7308.png
Requested by: Host: f000.backblazeb2.com
URL: https://f000.backblazeb2.com/file/organize-christmas-ee669cb0/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4dbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6253665cb203eb7b241ad30a4146d4692b3157649e634eba22c1daaedd57c25

Request headers

Referer: https://f000.backblazeb2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 17:05:59 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 12151
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 137678
cf-request-id: 0901a5f7ee00004abc1c177000000001
last-modified: Thu, 18 Mar 2021 15:59:51 GMT
server: cloudflare
etag: "605378f7-219ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nkUaYyu%2BJyhTN2Y%2BPN9WCAR1zaoLBucafG6%2B4JCrhzsJqGULjsNoZ3%2BRKDYwkxVQVtCAzKoTP%2FmiyHvLqIKCsXO%2Bx%2FGdfdWfZOEOdOGaWLWVHIcmqKjBGFWm"}],"max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 63493f6ca9214abc-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 404 Schwab-Icon-Font.ttf
f000.backblazeb2.com/fonts/ 0
0 313ms
161ms Font
application/json 104.153.233.177
UNWIRED

General

Check archive.org

Show headers Download Go to

Full URL: https://f000.backblazeb2.com/fonts/Schwab-Icon-Font.ttf
Requested by: Host: f000.backblazeb2.com
URL: https://f000.backblazeb2.com/file/organize-christmas-ee669cb0/login.html?qkcoz=1R7An8McIo7IMEKowztdo6J37a&eiewhpo=t1Vfsw8i5ht229DoEM9yuZ9gF1Q&abqlfemz=3g2FjQfAqo6BPcY
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.153.233.177 , United States, ASN32354 (UNWIRED, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Origin: https://f000.backblazeb2.com
Referer: https://f000.backblazeb2.com/file/organize-christmas-ee669cb0/login.html?qkcoz=1R7An8McIo7IMEKowztdo6J37a&eiewhpo=t1Vfsw8i5ht229DoEM9yuZ9gF1Q&abqlfemz=3g2FjQfAqo6BPcY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 17:05:59 GMT
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 86
Content-Type: application/json;charset=UTF-8

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ccc4d3be744a29473fefe2f313fdae488f460b85a47e8427f748358a54ba048

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK schwabsafe_logo.svg
content.schwab.com/web/login/ 2 KB
2 KB 103ms
37ms Image
image/svg+xml 23.79.147.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.schwab.com/web/login/schwabsafe_logo.svg
Requested by: Host: smtptemp.site
URL: https://smtptemp.site/email-list/schwab/css/file68b6.css?cmsid=LOGIN-STYLES&filename=main.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.147.199 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-147-199.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 0c1f7d2d3fa4ed7ec3cf2519cd017ddb5bc8de757e00ed8f84cd8991059a0631

Request headers

Referer: https://smtptemp.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 17:05:59 GMT
Last-Modified: Tue, 20 Jun 2017 20:14:24 GMT
Server: AkamaiNetStorage
ETag: "7449c161258eba54600debcbd1229b1d:1497989664"
Content-Type: image/svg+xml
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2058

GET
H/1.1 200
OK background_image_exblur_dev2b.jpg
content.schwab.com/web/login/ 61 KB
61 KB 96ms
34ms Image
image/jpeg 23.79.147.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.schwab.com/web/login/background_image_exblur_dev2b.jpg
Requested by: Host: smtptemp.site
URL: https://smtptemp.site/email-list/schwab/css/file68b6.css?cmsid=LOGIN-STYLES&filename=main.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.147.199 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-147-199.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 689137464c584b5cc1afb209ecf7e0ef9b0ac8648b0d0945561edaf46f650c40

Request headers

Referer: https://smtptemp.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 17:05:59 GMT
Last-Modified: Mon, 19 Jun 2017 20:55:41 GMT
Server: AkamaiNetStorage
ETag: "b7e11a480b99f556a48bb74e6060071c:1497905741"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 62595

GET CharlesModern-Light.woff
client.schwab.com/fonts/ 0
0

GET CharlesModern-Regular.woff
client.schwab.com/fonts/ 0
0

GET CharlesModern-Light.ttf
client.schwab.com/fonts/ 0
0

GET CharlesModern-Regular.ttf
client.schwab.com/fonts/ 0
0

GET Schwab-Icon-Font.woff
smtptemp.site/email-list/schwab/css/fonts/ 0
0

GET Schwab-Icon-Font.ttf
smtptemp.site/email-list/schwab/css/fonts/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: client.schwab.com
URL: https://client.schwab.com/fonts/CharlesModern-Light.woff?v=1.0.0

Domain: client.schwab.com
URL: https://client.schwab.com/fonts/CharlesModern-Regular.woff?v=1.0.0

Domain: client.schwab.com
URL: https://client.schwab.com/fonts/CharlesModern-Light.ttf?v=1.0.0

Domain: client.schwab.com
URL: https://client.schwab.com/fonts/CharlesModern-Regular.ttf?v=1.0.0

Domain: smtptemp.site
URL: https://smtptemp.site/email-list/schwab/css/fonts/Schwab-Icon-Font.woff?51abjd

Domain: smtptemp.site
URL: https://smtptemp.site/email-list/schwab/css/fonts/Schwab-Icon-Font.ttf?51abjd

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Charles Schwab (Financial)

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bit.ly
client.schwab.com
content.schwab.com
f000.backblazeb2.com
smtptemp.site
client.schwab.com
smtptemp.site
104.153.233.177
23.79.147.199
2606:4700:3037::6815:4dbc
2a00:1450:4001:808::200a
2a00:1450:4001:828::200a
67.199.248.10
0c1f7d2d3fa4ed7ec3cf2519cd017ddb5bc8de757e00ed8f84cd8991059a0631
13dd6e94b589a02031a7bfc8824ba818f04ef38e883f8cfd046b6455a6793a6b
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
2ccc4d3be744a29473fefe2f313fdae488f460b85a47e8427f748358a54ba048
3519e15519d8d5907d23f987d4ee35366f6c50b201200d1db91f5db5902f1a80
4128f7e0469a7c17a238524efe6ef384aa36f303f662cd38ab6484806e738840
4f380d4dbff23ca3aa1acba5c7683e1541e9e7b7ba7028f45693d5f000e02738
689137464c584b5cc1afb209ecf7e0ef9b0ac8648b0d0945561edaf46f650c40
7c6baaa1811ce6a74a51a95f551903d6334925ccb8b57b5bce56c698dda113fd
9735741384abae44bb29f9da6df9a3a285e68928c44e055dd431fef269c1cbb1
c43819a6148d57b994b8840eeb6ece04e8bfb19898771febb644a31e237b4074
d11d92322c0adc2bd5ba1acc1c26b4158fe89c90fa6544f8d998a569941d2f14
e87107962df2fa9db2bfb003dcb609f364cc8964242f1a7f8af98239e44ca472
f6253665cb203eb7b241ad30a4146d4692b3157649e634eba22c1daaedd57c25

f000.backblazeb2.com Open in urlscan Pro 104.153.233.177 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

22 Requests

73 %HTTPS

50 %IPv6

5 Domains

6 Subdomains

6 IPs

2 Countries

506 kBTransfer

944 kBSize

0 Cookies

14 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

23 JavaScript Global Variables

0 Cookies

Indicators

f000.backblazeb2.com Open in urlscan Pro
104.153.233.177 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

73 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

506 kB
Transfer

944 kB
Size

0
Cookies

22 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!