f002.backblazeb2.com Open in urlscan Pro
206.190.215.16 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u17030614.ct.sendgrid.net/ls/click?upn=6oKAVPUBqlsfzGlzC3sCEuQuuveXUvxYOpZ0yF8p7p8j7xEs2MQljQD7VUcByWUa-2FPj0xKAr7MP0iph6h...
Effective URL:
https://f002.backblazeb2.com/file/beknotted-cryonics-monorganic/index.html
Submission: On September 21 via api (September 21st 2021, 7:14:26 pm UTC) from US — Scanned from DE

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 11 HTTP transactions. The main IP is 206.190.215.16, located in United States and belongs to UNWIRED, US. The main domain is f002.backblazeb2.com.
TLS certificate: Issued by R3 on July 19th 2021. Valid for: 3 months.

This is the only time f002.backblazeb2.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: OneDrive (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.118.35 167.89.118.35	11377 (SENDGRID) (SENDGRID)
1	206.190.215.16 206.190.215.16	32354 (UNWIRED) (UNWIRED)
10	104.21.9.8 104.21.9.8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2

1 167.89.118.35 (Las Vegas, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789118x35.outbound-mail.sendgrid.net

u17030614.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 206.190.215.16 (United States)

ASN32354 (UNWIRED, US)
PTR: f002.backblazeb2.com

f002.backblazeb2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.21.9.8 (None, )

ASN13335 (CLOUDFLARENET, US)

jasoncafe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	jasoncafe.com jasoncafe.com	192 KB
1	backblazeb2.com f002.backblazeb2.com	76 KB
1	sendgrid.net 1 redirects u17030614.ct.sendgrid.net	277 B
11	3

	Domain	Requested by
10	jasoncafe.com	f002.backblazeb2.com
1	f002.backblazeb2.com
1	u17030614.ct.sendgrid.net	1 redirects
11	3

This site contains no links.

Subject Issuer	Validity	Valid
backblazeb2.com R3	`2021-07-19` - `2021-10-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-13` - `2022-09-12`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://f002.backblazeb2.com/file/beknotted-cryonics-monorganic/index.html
Frame ID: D2E2D8D4D48CEDD7521CE4067906DCC4
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Dropbox

Page URL History Show full URLs

https://u17030614.ct.sendgrid.net/ls/click?upn=6oKAVPUBqlsfzGlzC3sCEuQuuveXUvxYOpZ0yF8p7p8j7xEs2MQljQD7VUcByWU... HTTP 302
https://f002.backblazeb2.com/file/beknotted-cryonics-monorganic/index.html Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Page Statistics

11
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

268 kB
Transfer

396 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u17030614.ct.sendgrid.net/ls/click?upn=6oKAVPUBqlsfzGlzC3sCEuQuuveXUvxYOpZ0yF8p7p8j7xEs2MQljQD7VUcByWUa-2FPj0xKAr7MP0iph6hVadHyY5fImHyDoD1iqGY-2BdakQ4Y-2BpcWAzBEAWNO00ezpXJEyKjv_OLpEA5q9Awjc6kXkkOeIsrvPkJgxZeAOrK12c4pw19uMUTjECZH2Z1VCmGb3CzYR4k9ctvkukY0cWCVzswwtq-2BwgkIjscIOi1yJdapZunW66xB902FUaIsV2wU03uz7giHJHNqECdLfJHN2mpPe1YYLT9O6NytoPu-2FNZeThaG3x0lBUipVHxeOJUWksy4vJ-2B2HyfQXpo7oSESfl4Ss7h7A-3D-3D HTTP 302
https://f002.backblazeb2.com/file/beknotted-cryonics-monorganic/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200	Primary Request index.html Show response f002.backblazeb2.com/file/beknotted-cryonics-monorganic/ Redirect Chain https://u17030614.ct.sendgrid.net/ls/click?upn=6oKAVPUBqlsfzGlzC3sCEuQuuveXUvxYOpZ0yF8p7p8j7xEs2MQljQD7VUcByWUa-2FPj0xKAr7MP0iph6hVadHyY5fImHyDoD1iqGY-2BdakQ4Y-2BpcWAzBEAWNO00ezpXJEyKjv_OLpEA5q9Awj... https://f002.backblazeb2.com/file/beknotted-cryonics-monorganic/index.html	76 KB 76 KB	673ms 169ms	Document text/html	206.190.215.16 UNWIRED
General Check archive.org Show headers Download Go to Full URL https://f002.backblazeb2.com/file/beknotted-cryonics-monorganic/index.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 206.190.215.16 , United States, ASN32354 (UNWIRED, US), Reverse DNS f002.backblazeb2.com Software / Resource Hash `a79b778e9148a5614d90632ed3ed1928a06413d84f95948f0004884e682a7462` Request headers Host f002.backblazeb2.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers x-bz-file-name index.html x-bz-file-id 4_zcec3f15de07d0d8277c9081d_f115db1a8a899d2e0_d20210921_m150953_c002_v0001142_t0053 x-bz-content-sha1 4d913c2e0f87e40760bc0a168c0d290eb38296b7 X-Bz-Upload-Timestamp 1632236993000 Accept-Ranges bytes Content-Type text/html Content-Length 77714 Date Tue, 21 Sep 2021 19:14:21 GMT Keep-Alive timeout=5 Connection keep-alive Redirect headers Server nginx Date Tue, 21 Sep 2021 19:14:21 GMT Content-Type text/html; charset=utf-8 Content-Length 97 Connection keep-alive Location https://f002.backblazeb2.com/file/beknotted-cryonics-monorganic/index.html X-Robots-Tag noindex, nofollow
GET H2	200	bootstrap.min.css jasoncafe.com/email-list/onedrivedbhcsyd32/img-css/	157 KB 25 KB	66ms 27ms	Stylesheet text/css	104.21.9.8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jasoncafe.com/email-list/onedrivedbhcsyd32/img-css/bootstrap.min.css Requested by Host: f002.backblazeb2.com URL: https://f002.backblazeb2.com/file/beknotted-cryonics-monorganic/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.9.8 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c` Request headers Accept-Language de-DE,de;q=0.9 Referer https://f002.backblazeb2.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 21 Sep 2021 19:14:22 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 91286 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Fri, 20 Aug 2021 14:18:46 GMT server cloudflare etag W/"611fb9c6-27293" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u64hA4puYewU08BEdp9uo6LlEwp4fTdVRYL99PoXCx5yiu6%2FUrj1bVGcafFkBpQ2fLBGvAhw4R8uUm%2FDKLbkb62K0eZFY0dDwNtgTZYP6lha6V%2FnTSSNK5b0wctfP8Dj"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=315360000 cf-ray 69259dba78485364-FRA expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	3.png jasoncafe.com/email-list/onedrivedbhcsyd32/img-css/	8 KB 8 KB	62ms 23ms	Image image/png	104.21.9.8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://jasoncafe.com/email-list/onedrivedbhcsyd32/img-css/3.png Requested by Host: f002.backblazeb2.com URL: https://f002.backblazeb2.com/file/beknotted-cryonics-monorganic/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.9.8 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `cbba2402feb0b7a6cacf40ccfeb5b2d5ea9e12c4fd7784585914a5d5febec453` Request headers Accept-Language de-DE,de;q=0.9 Referer https://f002.backblazeb2.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 21 Sep 2021 19:14:22 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 5447 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 8171 last-modified Fri, 20 Aug 2021 14:18:41 GMT server cloudflare etag "611fb9c1-1feb" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=knxVkSUTo58RPcVtvS1fx6wfBhshlTMUEETMhSDZ1NSsF8U%2Be4AuDDzM3or5Qv%2FAi0%2B5Mi6qw0SlaTydB24akDkDl2Zda9o96k43bCi7FPMfqZoiE0vChtcvanDjXToA"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=315360000 accept-ranges bytes cf-ray 69259dba78535364-FRA expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	5.png jasoncafe.com/email-list/onedrivedbhcsyd32/img-css/	12 KB 13 KB	65ms 26ms	Image image/png	104.21.9.8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://jasoncafe.com/email-list/onedrivedbhcsyd32/img-css/5.png Requested by Host: f002.backblazeb2.com URL: https://f002.backblazeb2.com/file/beknotted-cryonics-monorganic/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.9.8 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `fd2568a85b9b6337ce89cc0fe85a80704180ce9be1027fa96d11f3eb90b94401` Request headers Accept-Language de-DE,de;q=0.9 Referer https://f002.backblazeb2.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 21 Sep 2021 19:14:22 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 5447 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 12554 last-modified Fri, 20 Aug 2021 14:18:41 GMT server cloudflare etag "611fb9c1-310a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HqNSQ45FAVhwmixi9SwwZwUnH%2BO3ifUxQ1xsX6H3%2BuIZfcUwKK%2F4ktMYQYRiv4lgyCvjgUizOg1%2FUMu2Vk%2FDx4dgFdlARqfktRZMGbRS7mihZrv6BJ9SQB1At9x854kN"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=315360000 accept-ranges bytes cf-ray 69259dba78545364-FRA expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	6.png jasoncafe.com/email-list/onedrivedbhcsyd32/img-css/	9 KB 10 KB	54ms 16ms	Image image/png	104.21.9.8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://jasoncafe.com/email-list/onedrivedbhcsyd32/img-css/6.png Requested by Host: f002.backblazeb2.com URL: https://f002.backblazeb2.com/file/beknotted-cryonics-monorganic/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.9.8 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `172f4e7bb8722658406f6e13a53f5a7a3a9083e128d12e8047fc55f8d0f8fa37` Request headers Accept-Language de-DE,de;q=0.9 Referer https://f002.backblazeb2.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 21 Sep 2021 19:14:22 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 5447 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 9727 last-modified Fri, 20 Aug 2021 14:18:42 GMT server cloudflare etag "611fb9c2-25ff" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gJUbKEb8Id9ztwIlxPZBvWq5kez%2F%2FMdP78tKhVjkWZjO9feDeUmUJnaFffPijvHEaWKfkX4CgGDPZGHFrmLjfI265upOla%2BZsSTpBFmmrJpfKlP0i8jJMvcWGVPeZiEm"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=315360000 accept-ranges bytes cf-ray 69259dba88595364-FRA expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	7.png jasoncafe.com/email-list/onedrivedbhcsyd32/img-css/	12 KB 12 KB	55ms 17ms	Image image/png	104.21.9.8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://jasoncafe.com/email-list/onedrivedbhcsyd32/img-css/7.png Requested by Host: f002.backblazeb2.com URL: https://f002.backblazeb2.com/file/beknotted-cryonics-monorganic/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.9.8 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9d2c57835ca05ea901cdc07680921aef273c35bb043941db3b468a2adb7f3f82` Request headers Accept-Language de-DE,de;q=0.9 Referer https://f002.backblazeb2.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 21 Sep 2021 19:14:22 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 5447 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 12065 last-modified Fri, 20 Aug 2021 14:18:43 GMT server cloudflare etag "611fb9c3-2f21" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h3cyTXdhaUfq3lspd8UfGJ8oO67ZoijtAxgyrMFU4yUFaPtQXtg%2BrcHoI2RxjjQZrHivzISbC9ciXk61Jx2NPq8H7TJni%2FVDutiQNJmfmIoiNpb8KMql9y1%2Fi5BPTN8K"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=315360000 accept-ranges bytes cf-ray 69259dba885a5364-FRA expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	8.png jasoncafe.com/email-list/onedrivedbhcsyd32/img-css/	9 KB 9 KB	66ms 28ms	Image image/png	104.21.9.8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://jasoncafe.com/email-list/onedrivedbhcsyd32/img-css/8.png Requested by Host: f002.backblazeb2.com URL: https://f002.backblazeb2.com/file/beknotted-cryonics-monorganic/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.9.8 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d8f5475680fc496ea93eacfd03a943b973b26ed321bce038b02f64ee3bf4916f` Request headers Accept-Language de-DE,de;q=0.9 Referer https://f002.backblazeb2.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 21 Sep 2021 19:14:22 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 5447 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 8804 last-modified Fri, 20 Aug 2021 14:18:43 GMT server cloudflare etag "611fb9c3-2264" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9cTqagJs3y27TVUUgJtoyK0MzCAgOsQejASYM%2F%2B7WNYbycjmXaAUMkXlyiIcX0F4fGA9A3ueXzA31JmMRxxz%2FcObyhTK09SASjA1wYCPv3MlQO6%2B3t4UnEQBKmfmwKR1"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=315360000 accept-ranges bytes cf-ray 69259dba78555364-FRA expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	9.png jasoncafe.com/email-list/onedrivedbhcsyd32/img-css/	9 KB 10 KB	57ms 27ms	Image image/png	104.21.9.8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://jasoncafe.com/email-list/onedrivedbhcsyd32/img-css/9.png Requested by Host: f002.backblazeb2.com URL: https://f002.backblazeb2.com/file/beknotted-cryonics-monorganic/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.9.8 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `273f5fe56e9a657897a81292f054876d116e9cc40589908854cb8f538dacffaa` Request headers Accept-Language de-DE,de;q=0.9 Referer https://f002.backblazeb2.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 21 Sep 2021 19:14:22 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 5447 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 9546 last-modified Fri, 20 Aug 2021 14:18:44 GMT server cloudflare etag "611fb9c4-254a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ttZfC71B9eu%2FqpuwdYoxQ48%2F9S2NI0d4FG1QjppGifg6dxbMCRbCKPWeURDH5kq2IvzasUddXBb5t4vMKXtd4YdLLCMw%2BhlxSGIrHeP0SQ9MexKo1KdgbpcqC2ZvcJBJ"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=315360000 accept-ranges bytes cf-ray 69259dba78495364-FRA expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	10.png jasoncafe.com/email-list/onedrivedbhcsyd32/img-css/	9 KB 9 KB	46ms 16ms	Image image/png	104.21.9.8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://jasoncafe.com/email-list/onedrivedbhcsyd32/img-css/10.png Requested by Host: f002.backblazeb2.com URL: https://f002.backblazeb2.com/file/beknotted-cryonics-monorganic/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.9.8 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2477b4b08ccdc262123a0e0029b7d45fc557ea9d553718aa480ace142c58cccf` Request headers Accept-Language de-DE,de;q=0.9 Referer https://f002.backblazeb2.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 21 Sep 2021 19:14:22 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 5447 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 9226 last-modified Fri, 20 Aug 2021 14:18:39 GMT server cloudflare etag "611fb9bf-240a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zrh%2BCkxyPMpTLnnZRSl%2F%2BjUrTBhJcNC1f7v1ZHveUDgt0cPXwpUGG%2Fyh8L6y%2BzDKoy6CbN%2BLCNRjgIKEDmoZJOT%2FNnD5w8dki5GLxEa9Q1yQq7RAhfwo4Ydnu8ohrE4M"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=315360000 accept-ranges bytes cf-ray 69259dba78505364-FRA expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	11.png jasoncafe.com/email-list/onedrivedbhcsyd32/img-css/	12 KB 12 KB	54ms 24ms	Image image/png	104.21.9.8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://jasoncafe.com/email-list/onedrivedbhcsyd32/img-css/11.png Requested by Host: f002.backblazeb2.com URL: https://f002.backblazeb2.com/file/beknotted-cryonics-monorganic/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.9.8 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `cd9a5febfc8486b2ea7f266070cb03523ad5f7cdc5af22ac2db8ae3552a2578d` Request headers Accept-Language de-DE,de;q=0.9 Referer https://f002.backblazeb2.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 21 Sep 2021 19:14:22 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 5447 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 12280 last-modified Fri, 20 Aug 2021 14:18:40 GMT server cloudflare etag "611fb9c0-2ff8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MZb6l9PQ9uHkW6DMxyA3YbPtBFqi%2FlXNtREniVy%2Fakn87fJ%2FVsRuVQJtvWdHlNpYIUA2neDGKi3jiVEIWcpJQSEbTiE7Amred1H5svdx5TBKIJ1MTJFoBzXPbVwK2Wwn"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=315360000 accept-ranges bytes cf-ray 69259dba78525364-FRA expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	12.png jasoncafe.com/email-list/onedrivedbhcsyd32/img-css/	83 KB 84 KB	57ms 27ms	Image image/png	104.21.9.8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://jasoncafe.com/email-list/onedrivedbhcsyd32/img-css/12.png Requested by Host: f002.backblazeb2.com URL: https://f002.backblazeb2.com/file/beknotted-cryonics-monorganic/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.9.8 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f980da766be71a530a32fb7fc66fd4d2e30cd33630d9c24b9720f72c94e9ae9d` Request headers Accept-Language de-DE,de;q=0.9 Referer https://f002.backblazeb2.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 21 Sep 2021 19:14:22 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 91285 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 85435 last-modified Fri, 20 Aug 2021 14:18:40 GMT server cloudflare etag "611fb9c0-14dbb" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rzGv7Trn%2Bc%2BHVMQq4%2BOi5w4NUbMXcb7YijbemvLXERPiPMnoKCJ4%2FpJssTLTSs1%2B1TE1w7LdLzXEr9HWNkY2Jj0ru8fwgUOAblEUghKWtV7ivRS1%2BpLNsG4HJO6cuSO4"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=315360000 accept-ranges bytes cf-ray 69259dba784d5364-FRA expires Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: OneDrive (Online)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

f002.backblazeb2.com
jasoncafe.com
u17030614.ct.sendgrid.net
104.21.9.8
167.89.118.35
206.190.215.16
172f4e7bb8722658406f6e13a53f5a7a3a9083e128d12e8047fc55f8d0f8fa37
2477b4b08ccdc262123a0e0029b7d45fc557ea9d553718aa480ace142c58cccf
273f5fe56e9a657897a81292f054876d116e9cc40589908854cb8f538dacffaa
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
9d2c57835ca05ea901cdc07680921aef273c35bb043941db3b468a2adb7f3f82
a79b778e9148a5614d90632ed3ed1928a06413d84f95948f0004884e682a7462
cbba2402feb0b7a6cacf40ccfeb5b2d5ea9e12c4fd7784585914a5d5febec453
cd9a5febfc8486b2ea7f266070cb03523ad5f7cdc5af22ac2db8ae3552a2578d
d8f5475680fc496ea93eacfd03a943b973b26ed321bce038b02f64ee3bf4916f
f980da766be71a530a32fb7fc66fd4d2e30cd33630d9c24b9720f72c94e9ae9d
fd2568a85b9b6337ce89cc0fe85a80704180ce9be1027fa96d11f3eb90b94401

f002.backblazeb2.com Open in urlscan Pro 206.190.215.16 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

2 IPs

2 Countries

268 kBTransfer

396 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

6 JavaScript Global Variables

0 Cookies

Indicators

f002.backblazeb2.com Open in urlscan Pro
206.190.215.16 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

268 kB
Transfer

396 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!