contagiomobile.deependresearch.org

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 7 HTTP transactions. The main IP is 52.216.41.144, located in Ashburn, United States and belongs to AMAZON-02, US. The main domain is contagiomobile.deependresearch.org.

This is the only time contagiomobile.deependresearch.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	52.216.41.144 52.216.41.144	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	4

2 52.216.41.144 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

contagiomobile.deependresearch.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 250	20 KB
2	bootstrapcdn.com netdna.bootstrapcdn.com — Cisco Umbrella Rank: 3599	39 KB
2	deependresearch.org contagiomobile.deependresearch.org	92 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 405	34 KB
7	4

	Domain	Requested by
2	cdnjs.cloudflare.com	contagiomobile.deependresearch.org
2	netdna.bootstrapcdn.com	contagiomobile.deependresearch.org netdna.bootstrapcdn.com
2	contagiomobile.deependresearch.org	ajax.googleapis.com
1	ajax.googleapis.com	contagiomobile.deependresearch.org
7	4

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://contagiomobile.deependresearch.org/index.html
Frame ID: 87C543BECECC2B3C5D5C0FABE13B09CE
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Index of Contagio Mobile Malware

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Handlebars (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

handlebars(?:\.runtime)?(?:-v([\d.]+?))?(?:\.min)?\.js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

7
Requests

0 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

185 kB
Transfer

383 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

http://cdnjs.cloudflare.com/ajax/libs/handlebars.js/1.1.2/handlebars.min.js HTTP 307
https://cdnjs.cloudflare.com/ajax/libs/handlebars.js/1.1.2/handlebars.min.js

Request Chain 3

http://cdnjs.cloudflare.com/ajax/libs/moment.js/2.4.0/moment.min.js HTTP 307
https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.4.0/moment.min.js

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request index.html Show response
contagiomobile.deependresearch.org/ 6 KB
6 KB 2530ms
132ms Document
text/html 52.216.41.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://contagiomobile.deependresearch.org/index.html
Protocol: HTTP/1.1
Server: 52.216.41.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 83ceb3208072bfee56ada8a00efc0e1ba36cbd85f90091e4b838571e1192b85e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Content-Length: 5894
Content-Type: text/html
Date: Tue, 10 Oct 2023 03:45:44 GMT
ETag: "ba1a717f6b43de764cc6253bc48c4600"
Last-Modified: Mon, 26 Mar 2018 19:20:20 GMT
Server: AmazonS3
x-amz-id-2: 4mm0OPI41MF6VFFW/lI0Jn52hL4wAY+TwL4OL4ki7atZOhSAlfD3MwfU9XXzn5gxY5FzFBjSQkA=
x-amz-request-id: 8WA5ERCGZFQS1KKT

GET
H/1.1 200
OK bootstrap.min.css
netdna.bootstrapcdn.com/bootstrap/2.3.2/css/ 124 KB
26 KB 32ms
17ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://netdna.bootstrapcdn.com/bootstrap/2.3.2/css/bootstrap.min.css

Requested by

Host: contagiomobile.deependresearch.org
URL: http://contagiomobile.deependresearch.org/index.html

Protocol

HTTP/1.1

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d6e935ce392c19ab7d437852f8f7b702bea02fec8d901b3c42fde1764b97300

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://contagiomobile.deependresearch.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Tue, 10 Oct 2023 03:45:43 GMT
Content-Encoding: gzip
x-content-type-options: nosniff
CF-Cache-Status: HIT
CDN-EdgeStorageId: 617
Age: 22264396
Transfer-Encoding: chunked
CDN-CachedAt: 2021-06-08 03:05:34
CDN-PullZone: 252412
cross-origin-resource-policy: cross-origin
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Mon, 25 Jan 2021 22:03:54 GMT
Server: cloudflare
CDN-RequestPullCode: 200
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
CDN-Cache: HIT
access-control-allow-origin: *
CDN-Uid: b1941f61-b576-4f40-80de-5677acb38f74
Cache-Control: public, max-age=31919000
CDN-RequestId: 21008d9a809ddce8145f97d5228cfbed
timing-allow-origin: *
CDN-RequestCountryCode: US
CF-RAY: 813bdf46bbcb929c-FRA
CDN-RequestPullSuccess: True

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 91 KB
34 KB 53ms
14ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

Requested by

Host: contagiomobile.deependresearch.org
URL: http://contagiomobile.deependresearch.org/index.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://contagiomobile.deependresearch.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Thu, 05 Oct 2023 09:47:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 410314
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 33593
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Vary: Accept-Encoding
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Fri, 04 Oct 2024 09:47:09 GMT

GET
H2

200

handlebars.min.js Show response
cdnjs.cloudflare.com/ajax/libs/handlebars.js/1.1.2/
Redirect Chain

http://cdnjs.cloudflare.com/ajax/libs/handlebars.js/1.1.2/handlebars.min.js
https://cdnjs.cloudflare.com/ajax/libs/handlebars.js/1.1.2/handlebars.min.js

41 KB
11 KB

34ms
16ms

Script
application/javascript

2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/handlebars.js/1.1.2/handlebars.min.js

Requested by

Host: contagiomobile.deependresearch.org
URL: http://contagiomobile.deependresearch.org/index.html

Protocol

H2

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a1b07d59f8062c74c1a174da02ea2df48ad0d4bcb2285eb4c0696731e4624a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://contagiomobile.deependresearch.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 03:45:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 21411308
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 11351
last-modified: Mon, 04 May 2020 16:10:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e72-a2b6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r48ZX5ljfys1uQcyg5ruUdafMRdQNyDVX37%2BMY4ZPUAHM9b7wUURX%2FrDodrRIvOLmgdyEdNZ%2BnoV2L2x7lb%2FfIT5wgckO9POBZU%2FY%2BmXQ2OlLSprF1UK6cTsc1jaJjlE7rCNNqwv7CY9yA480BOm75qQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 813bdf46cd95928d-FRA
expires: Sun, 29 Sep 2024 03:45:43 GMT

Redirect headers

Location: https://cdnjs.cloudflare.com/ajax/libs/handlebars.js/1.1.2/handlebars.min.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2

200

moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.4.0/
Redirect Chain

http://cdnjs.cloudflare.com/ajax/libs/moment.js/2.4.0/moment.min.js
https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.4.0/moment.min.js

24 KB
9 KB

31ms
14ms

Script
application/javascript

2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.4.0/moment.min.js

Requested by

Host: contagiomobile.deependresearch.org
URL: http://contagiomobile.deependresearch.org/index.html

Protocol

H2

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f0a140f476e4787e2387b1f7e23e11b38c8a88351fa0bee40a0ce52277ecd07

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://contagiomobile.deependresearch.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 03:45:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 20498403
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8190
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-6120"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2BsdGYDZuyARtkHN9gm7b3cRc0QN7B%2FJpu6fW8C%2FllDFVglYrSmW60U3vtTonFqkdPvTIqCwpGKUcjr8gE7ChqQz1ETiCUoNJsdAM0AUfacaX1vLYltLnzWHVyoOd08DF2NqygoNiFYWx2zoWc29%2BCFU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 813bdf46cd96928d-FRA
expires: Sun, 29 Sep 2024 03:45:43 GMT

Redirect headers

Location: https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.4.0/moment.min.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK / Show response
contagiomobile.deependresearch.org/ 85 KB
85 KB 206ms
206ms XHR
application/xml 52.216.41.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://contagiomobile.deependresearch.org/
Requested by: Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Protocol: HTTP/1.1
Server: 52.216.41.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3def31726e92111f43135a38da8bbd8f46b861106a2dae6dff6910d45ab189dc

Request headers

Accept: */*
Referer: http://contagiomobile.deependresearch.org/index.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Tue, 10 Oct 2023 03:45:44 GMT
x-amz-bucket-region: us-east-1
Server: AmazonS3
x-amz-request-id: 8WAB6FHR6SG7HJA2
x-amz-id-2: U83jMkFQxnqVdikhQq78o5+1RMucQMGvBSwJiB37Eypm726H7ipWK2ioweDk1km4rNGeo5qzFfg=
Transfer-Encoding: chunked
Content-Type: application/xml

GET
H/1.1 200
OK glyphicons-halflings.png
netdna.bootstrapcdn.com/bootstrap/2.3.2/img/ 12 KB
13 KB 31ms
31ms Image
image/png 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://netdna.bootstrapcdn.com/bootstrap/2.3.2/img/glyphicons-halflings.png

Requested by

Host: netdna.bootstrapcdn.com
URL: http://netdna.bootstrapcdn.com/bootstrap/2.3.2/css/bootstrap.min.css

Protocol

HTTP/1.1

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d99e3fa32c641032f08149914b28c2dc6acf2ec62f70987f2259eabbfa7fc0de

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://netdna.bootstrapcdn.com/bootstrap/2.3.2/css/bootstrap.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Tue, 10 Oct 2023 03:45:44 GMT
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
CDN-EdgeStorageId: 601
CDN-CachedAt: 02/15/2022 18:29:11
CDN-PullZone: 252412
cross-origin-resource-policy: cross-origin
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 12799
Last-Modified: Mon, 25 Jan 2021 22:03:54 GMT
CDN-ProxyVer: 1.02
CDN-RequestPullCode: 200
Server: cloudflare
ETag: "2516339970d710819585f90773aebe0a"
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: *
CDN-Cache: HIT
CDN-Uid: b1941f61-b576-4f40-80de-5677acb38f74
Cache-Control: public, max-age=31919000
CDN-RequestId: 2d462ada5c0a9d4c9a071606a602084a
Accept-Ranges: bytes
timing-allow-origin: *
CDN-RequestCountryCode: DE
CDN-Status: 200
CF-RAY: 813bdf4a2d0b929c-FRA
CDN-RequestPullSuccess: True

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| Handlebars function| moment

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
contagiomobile.deependresearch.org
netdna.bootstrapcdn.com
2606:4700::6811:180e
2606:4700::6812:acf
2a00:1450:4001:82b::200a
52.216.41.144
1a1b07d59f8062c74c1a174da02ea2df48ad0d4bcb2285eb4c0696731e4624a1
2d6e935ce392c19ab7d437852f8f7b702bea02fec8d901b3c42fde1764b97300
3def31726e92111f43135a38da8bbd8f46b861106a2dae6dff6910d45ab189dc
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
83ceb3208072bfee56ada8a00efc0e1ba36cbd85f90091e4b838571e1192b85e
8f0a140f476e4787e2387b1f7e23e11b38c8a88351fa0bee40a0ce52277ecd07
d99e3fa32c641032f08149914b28c2dc6acf2ec62f70987f2259eabbfa7fc0de

contagiomobile.deependresearch.org Open in urlscan Pro 52.216.41.144 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

7 Requests

0 %HTTPS

75 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

185 kBTransfer

383 kBSize

0 Cookies

0 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

Indicators

contagiomobile.deependresearch.org Open in urlscan Pro
52.216.41.144 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

0 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

185 kB
Transfer

383 kB
Size

0
Cookies

7 HTTP transactions
0 data transactions