ignaciomall.buzz Open in urlscan Pro
2606:4700:3032::6812:3ad1 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ravennanet.buzz/sba/covid19relief/sba.gov
Effective URL:
https://ignaciomall.buzz/covid/covid19relief/sba.gov/
Submission: On July 25 via manual (July 25th 2020, 12:38:49 am UTC) from SG

Summary HTTP 24 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 24 HTTP transactions. The main IP is 2606:4700:3032::6812:3ad1, located in United States and belongs to CLOUDFLARENET, US. The main domain is ignaciomall.buzz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 23rd 2020. Valid for: a year.

This is the only time ignaciomall.buzz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: US Government (Government)

Domain & IP information

	IP Address	AS Autonomous System
2 3	2606:4700:303... 2606:4700:3034::ac43:b4d6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 5	2606:4700:303... 2606:4700:3032::6812:3ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	13.86.113.170 13.86.113.170	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:819::200a	15169 (GOOGLE) (GOOGLE)
1	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:816::2008	15169 (GOOGLE) (GOOGLE)
2	52.129.92.14 52.129.92.14	395492 (IOVATION3) (IOVATION3)
1	51.140.6.23 51.140.6.23	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
24	8

3 2606:4700:3034::ac43:b4d6 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ravennanet.buzz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3032::6812:3ad1 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ignaciomall.buzz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 13.86.113.170 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

covid19relief1.sba.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.129.92.14 (United States)

ASN395492 (IOVATION3, US)

ci-mpsnare.iovation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.140.6.23 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	sba.gov covid19relief1.sba.gov	149 KB
5	ignaciomall.buzz 2 redirects ignaciomall.buzz	4 KB
3	ravennanet.buzz 2 redirects ravennanet.buzz	932 B
2	iovation.com ci-mpsnare.iovation.com	18 KB
1	visualstudio.com dc.services.visualstudio.com	236 B
1	googletagmanager.com www.googletagmanager.com	26 KB
1	msecnd.net az416426.vo.msecnd.net	37 KB
1	googleapis.com fonts.googleapis.com	1 KB
24	8

	Domain	Requested by
14	covid19relief1.sba.gov	ignaciomall.buzz
5	ignaciomall.buzz	2 redirects ignaciomall.buzz covid19relief1.sba.gov
3	ravennanet.buzz	2 redirects
2	ci-mpsnare.iovation.com	covid19relief1.sba.gov ci-mpsnare.iovation.com
1	dc.services.visualstudio.com	az416426.vo.msecnd.net
1	www.googletagmanager.com	ignaciomall.buzz
1	az416426.vo.msecnd.net	ignaciomall.buzz
1	fonts.googleapis.com	ignaciomall.buzz
24	8

This site contains links to these domains. Also see Links.

Domain
covid19relief1.sba.gov

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-23` - `2021-07-23`	a year	crt.sh
covid19relief1.sba.gov DigiCert SHA2 Secure Server CA	`2020-04-02` - `2021-04-03`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
sni1e6ffgl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2020-04-16` - `2022-04-21`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
ci-mpsnare.iovation.com DigiCert SHA2 High Assurance Server CA	`2020-04-08` - `2021-05-11`	a year	crt.sh
in.applicationinsights.azure.com Microsoft IT TLS CA 4	`2020-04-30` - `2022-04-30`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://ignaciomall.buzz/covid/covid19relief/sba.gov/
Frame ID: 67FF0B2966B0BDE7C738C5D24B597D79
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://ravennanet.buzz/sba/covid19relief/sba.gov HTTP 301
http://ravennanet.buzz/sba/covid19relief/sba.gov/ HTTP 301
https://ravennanet.buzz/sba/covid19relief/sba.gov/ Page URL
https://ignaciomall.buzz/covid/covid19relief/sba.gov HTTP 301
http://ignaciomall.buzz/covid/covid19relief/sba.gov/ HTTP 301
https://ignaciomall.buzz/covid/covid19relief/sba.gov/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

24
Requests

100 %
HTTPS

63 %
IPv6

8
Domains

8
Subdomains

8
IPs

3
Countries

233 kB
Transfer

817 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://covid19relief1.sba.gov/Account/ForgotPassword
Title: Forgot your password?

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ravennanet.buzz/sba/covid19relief/sba.gov HTTP 301
http://ravennanet.buzz/sba/covid19relief/sba.gov/ HTTP 301
https://ravennanet.buzz/sba/covid19relief/sba.gov/ Page URL
https://ignaciomall.buzz/covid/covid19relief/sba.gov HTTP 301
http://ignaciomall.buzz/covid/covid19relief/sba.gov/ HTTP 301
https://ignaciomall.buzz/covid/covid19relief/sba.gov/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://ravennanet.buzz/sba/covid19relief/sba.gov HTTP 301
http://ravennanet.buzz/sba/covid19relief/sba.gov/ HTTP 301
https://ravennanet.buzz/sba/covid19relief/sba.gov/

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/
ravennanet.buzz/sba/covid19relief/sba.gov/
Redirect Chain

https://ravennanet.buzz/sba/covid19relief/sba.gov
http://ravennanet.buzz/sba/covid19relief/sba.gov/
https://ravennanet.buzz/sba/covid19relief/sba.gov/

99 B
179 B

219ms
218ms

Document
text/html

2606:4700:3034::ac43:b4d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ravennanet.buzz/sba/covid19relief/sba.gov/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b4d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: ravennanet.buzz
:scheme: https
:path: /sba/covid19relief/sba.gov/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d2bd3d4a8893837744db8228edafd46771595637511
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sat, 25 Jul 2020 00:38:31 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
cf-request-id: 0425014dae000097542d928200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5b81d18f7cee9754-FRA
content-encoding: br

Redirect headers

Date: Sat, 25 Jul 2020 00:38:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 25 Jul 2020 01:38:31 GMT
Location: https://ravennanet.buzz/sba/covid19relief/sba.gov/
cf-request-id: 0425014d9f00003244bb33f200000001
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 5b81d18f681f3244-FRA

GET
H2

200

Primary Request / Show response
ignaciomall.buzz/covid/covid19relief/sba.gov/
Redirect Chain

https://ignaciomall.buzz/covid/covid19relief/sba.gov
http://ignaciomall.buzz/covid/covid19relief/sba.gov/
https://ignaciomall.buzz/covid/covid19relief/sba.gov/

8 KB
3 KB

214ms
213ms

Document
text/html

2606:4700:3032::6812:3ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ignaciomall.buzz/covid/covid19relief/sba.gov/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6812:3ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 850f728c992fc642bf3d38218a45f896949dfce4930870524bc4c295e86a462f

Request headers

:method: GET
:authority: ignaciomall.buzz
:scheme: https
:path: /covid/covid19relief/sba.gov/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=df1912deb095cf28f17cc1f7c01976b331595637511
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ravennanet.buzz/sba/covid19relief/sba.gov/

Response headers

status: 200
date: Sat, 25 Jul 2020 00:38:32 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
cf-request-id: 0425014fbe0000c2b3333b1200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5b81d192c99bc2b3-FRA
content-encoding: br

Redirect headers

Date: Sat, 25 Jul 2020 00:38:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 25 Jul 2020 01:38:32 GMT
Location: https://ignaciomall.buzz/covid/covid19relief/sba.gov/
cf-request-id: 0425014faf0000dfef1c24e200000001
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 5b81d192bb2adfef-FRA

GET
H/1.1 200
OK bootstrap.css
covid19relief1.sba.gov/Content/PageSpecificStyles/UIKit/css/ 141 KB
20 KB 1010ms
288ms Stylesheet
text/css 13.86.113.170
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://covid19relief1.sba.gov/Content/PageSpecificStyles/UIKit/css/bootstrap.css
Requested by: Host: ignaciomall.buzz
URL: https://ignaciomall.buzz/covid/covid19relief/sba.gov/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.86.113.170 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 29cda9d12af870bb6b40ca5da11907550a1dff15506c744c4318bef8292822db

Request headers

Referer: https://ignaciomall.buzz/covid/covid19relief/sba.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 25 Jul 2020 00:38:32 GMT
Content-Encoding: gzip
ETag: "0a434a47459d61:0"
Last-Modified: Tue, 14 Jul 2020 00:20:56 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=0 ,must-revalidate, proxy-revalidate
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 20189

GET
H/1.1 200
OK bootstrap-theme.css
covid19relief1.sba.gov/Content/PageSpecificStyles/UIKit/css/ 19 KB
3 KB 887ms
159ms Stylesheet
text/css 13.86.113.170
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://covid19relief1.sba.gov/Content/PageSpecificStyles/UIKit/css/bootstrap-theme.css
Requested by: Host: ignaciomall.buzz
URL: https://ignaciomall.buzz/covid/covid19relief/sba.gov/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.86.113.170 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 585a1e926461873df9f5d8c3d88bcc3d3fae182ab1fc8596bc2aa2bb7c28e0b0

Request headers

Referer: https://ignaciomall.buzz/covid/covid19relief/sba.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 25 Jul 2020 00:38:32 GMT
Content-Encoding: gzip
ETag: "0a434a47459d61:0"
Last-Modified: Tue, 14 Jul 2020 00:20:56 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=0 ,must-revalidate, proxy-revalidate
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 2294

GET
H/1.1 200
OK AuthenticationLayout.css
covid19relief1.sba.gov/Content/ 76 KB
13 KB 1017ms
287ms Stylesheet
text/css 13.86.113.170
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://covid19relief1.sba.gov/Content/AuthenticationLayout.css
Requested by: Host: ignaciomall.buzz
URL: https://ignaciomall.buzz/covid/covid19relief/sba.gov/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.86.113.170 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 31d73b41a78d91ec501b6f92a718599ffb42cf33fe7d8e0a813d037cdfe1c8d8

Request headers

Referer: https://ignaciomall.buzz/covid/covid19relief/sba.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 25 Jul 2020 00:38:32 GMT
Content-Encoding: gzip
ETag: "0a434a47459d61:0"
Last-Modified: Tue, 14 Jul 2020 00:20:56 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=0 ,must-revalidate, proxy-revalidate
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 12989

GET
H2 404 jquery-1.10.2.min.js
ignaciomall.buzz/Scripts/ 0
0 243ms
240ms Script
text/html 2606:4700:3032::6812:3ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ignaciomall.buzz/Scripts/jquery-1.10.2.min.js
Requested by: Host: ignaciomall.buzz
URL: https://ignaciomall.buzz/covid/covid19relief/sba.gov/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6812:3ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ignaciomall.buzz/covid/covid19relief/sba.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 25 Jul 2020 00:38:32 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1
status: 404
cache-control: max-age=14400
cf-ray: 5b81d1943b48c2b3-FRA
cf-request-id: 042501509f0000c2b3333bd200000001

GET
H/1.1 200
OK es6-promise.auto.min.js Show response
covid19relief1.sba.gov/Scripts/ 6 KB
3 KB 892ms
159ms Script
application/javascript 13.86.113.170
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://covid19relief1.sba.gov/Scripts/es6-promise.auto.min.js
Requested by: Host: ignaciomall.buzz
URL: https://ignaciomall.buzz/covid/covid19relief/sba.gov/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.86.113.170 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: f2a14fbc03102e3f6139790da043b488e5d0c76b47c80f175a4ca6e4edddc6a3

Request headers

Referer: https://ignaciomall.buzz/covid/covid19relief/sba.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 25 Jul 2020 00:38:32 GMT
Content-Encoding: gzip
ETag: "0a434a47459d61:0"
Last-Modified: Tue, 14 Jul 2020 00:20:56 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0 ,must-revalidate, proxy-revalidate
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 2510

GET
H/1.1 200
OK html2canvas.min.js Show response
covid19relief1.sba.gov/Scripts/ 181 KB
41 KB 1026ms
292ms Script
application/javascript 13.86.113.170
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://covid19relief1.sba.gov/Scripts/html2canvas.min.js
Requested by: Host: ignaciomall.buzz
URL: https://ignaciomall.buzz/covid/covid19relief/sba.gov/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.86.113.170 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 5b078125ec70bf3011f68e111b6281e3ca32e0bfdc881bebdaf8e4bd3f153342

Request headers

Referer: https://ignaciomall.buzz/covid/covid19relief/sba.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 25 Jul 2020 00:38:32 GMT
Content-Encoding: gzip
ETag: "0a434a47459d61:0"
Last-Modified: Tue, 14 Jul 2020 00:20:56 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0 ,must-revalidate, proxy-revalidate
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 41726

GET
H/1.1 200
OK requestHelp.js Show response
covid19relief1.sba.gov/Scripts/CustomScripts/PageSpecificScripts/Shared/ 5 KB
2 KB 1046ms
158ms Script
application/javascript 13.86.113.170
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://covid19relief1.sba.gov/Scripts/CustomScripts/PageSpecificScripts/Shared/requestHelp.js
Requested by: Host: ignaciomall.buzz
URL: https://ignaciomall.buzz/covid/covid19relief/sba.gov/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.86.113.170 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b4e6e4cf08735f709228edf7b29f64159399c80f57bce2b392569f24e69d81c6

Request headers

Referer: https://ignaciomall.buzz/covid/covid19relief/sba.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 25 Jul 2020 00:38:32 GMT
Content-Encoding: gzip
ETag: "0a434a47459d61:0"
Last-Modified: Tue, 14 Jul 2020 00:20:56 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0 ,must-revalidate, proxy-revalidate
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 1718

GET
H/1.1 200
OK CapsLockChecker.js Show response
covid19relief1.sba.gov/Scripts/CustomScripts/PageSpecificScripts/Accont/ 6 KB
2 KB 1050ms
158ms Script
application/javascript 13.86.113.170
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://covid19relief1.sba.gov/Scripts/CustomScripts/PageSpecificScripts/Accont/CapsLockChecker.js
Requested by: Host: ignaciomall.buzz
URL: https://ignaciomall.buzz/covid/covid19relief/sba.gov/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.86.113.170 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 5dc2cc1330cc71a5b2dd5495530cd9e3d53de2c0561899692fe39e2af159734b

Request headers

Referer: https://ignaciomall.buzz/covid/covid19relief/sba.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 25 Jul 2020 00:38:32 GMT
Content-Encoding: gzip
ETag: "0a434a47459d61:0"
Last-Modified: Tue, 14 Jul 2020 00:20:56 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0 ,must-revalidate, proxy-revalidate
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 1608

GET
H2 200 css
fonts.googleapis.com/ 17 KB
1 KB 19ms
16ms Stylesheet
text/css 2a00:1450:4001:819::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,400italic,600italic,700,700italic

Requested by

Host: ignaciomall.buzz
URL: https://ignaciomall.buzz/covid/covid19relief/sba.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

74b506f3326e6ac1cc81c05c0882c7a4c28815013584f659bf8f072544efb97d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ignaciomall.buzz/covid/covid19relief/sba.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 25 Jul 2020 00:38:32 GMT
server: ESF
date: Sat, 25 Jul 2020 00:38:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 25 Jul 2020 00:38:32 GMT

GET
H/1.1 200
OK config.js Show response
covid19relief1.sba.gov/Scripts/Iovation/ 296 B
739 B 1050ms
158ms Script
application/javascript 13.86.113.170
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://covid19relief1.sba.gov/Scripts/Iovation/config.js
Requested by: Host: ignaciomall.buzz
URL: https://ignaciomall.buzz/covid/covid19relief/sba.gov/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.86.113.170 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 670fa87c06d2cdcbd7c28558b185d13f6e33f2aa5b46d5163bd754bf6452f76d

Request headers

Referer: https://ignaciomall.buzz/covid/covid19relief/sba.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 25 Jul 2020 00:38:32 GMT
Content-Encoding: gzip
ETag: "0a434a47459d61:0"
Last-Modified: Tue, 14 Jul 2020 00:20:56 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0 ,must-revalidate, proxy-revalidate
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 339

GET
H/1.1 200
OK iovation.js Show response
covid19relief1.sba.gov/Scripts/Iovation/ 60 KB
16 KB 1178ms
167ms Script
application/javascript 13.86.113.170
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://covid19relief1.sba.gov/Scripts/Iovation/iovation.js
Requested by: Host: ignaciomall.buzz
URL: https://ignaciomall.buzz/covid/covid19relief/sba.gov/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.86.113.170 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b138c2d78991b51eb287aecd188aec6b8ff94f80e176f595616708b93eeaba3a

Request headers

Referer: https://ignaciomall.buzz/covid/covid19relief/sba.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 25 Jul 2020 00:38:32 GMT
Content-Encoding: gzip
ETag: "0a434a47459d61:0"
Last-Modified: Tue, 14 Jul 2020 00:20:56 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0 ,must-revalidate, proxy-revalidate
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 15921

GET
H/1.1 200
OK Login.css
covid19relief1.sba.gov/Content/PageSpecificStyles/Account/ 92 B
584 B 890ms
159ms Stylesheet
text/css 13.86.113.170
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://covid19relief1.sba.gov/Content/PageSpecificStyles/Account/Login.css
Requested by: Host: ignaciomall.buzz
URL: https://ignaciomall.buzz/covid/covid19relief/sba.gov/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.86.113.170 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 7a5506158e773babc7d83fe7bc47651b231b65ec7f727b1ff1f9ef39180ad114

Request headers

Referer: https://ignaciomall.buzz/covid/covid19relief/sba.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 25 Jul 2020 00:38:32 GMT
Content-Encoding: gzip
ETag: "0a434a47459d61:0"
Last-Modified: Tue, 14 Jul 2020 00:20:56 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=0 ,must-revalidate, proxy-revalidate
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 198

GET
H/1.1 200
OK Login.js Show response
covid19relief1.sba.gov/Scripts/CustomScripts/PageSpecificScripts/Accont/ 498 B
767 B 1175ms
158ms Script
application/javascript 13.86.113.170
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://covid19relief1.sba.gov/Scripts/CustomScripts/PageSpecificScripts/Accont/Login.js
Requested by: Host: ignaciomall.buzz
URL: https://ignaciomall.buzz/covid/covid19relief/sba.gov/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.86.113.170 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e5e6fc47e7b7e2b60c2620222cabe57dd14a89370c77f9d1384a9112cd63178a

Request headers

Referer: https://ignaciomall.buzz/covid/covid19relief/sba.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 25 Jul 2020 00:38:32 GMT
Content-Encoding: gzip
ETag: "0a434a47459d61:0"
Last-Modified: Tue, 14 Jul 2020 00:20:56 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0 ,must-revalidate, proxy-revalidate
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 367

GET
H/1.1 200
OK jqueryval Show response
covid19relief1.sba.gov/bundles/ 35 KB
13 KB 1213ms
167ms Script
text/javascript 13.86.113.170
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://covid19relief1.sba.gov/bundles/jqueryval?v=Vg44pJXrY1H9RNCRrAyqlLemmOJd2r82qW7VhCN93iE1
Requested by: Host: ignaciomall.buzz
URL: https://ignaciomall.buzz/covid/covid19relief/sba.gov/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.86.113.170 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9080a0617ea6272f9227b075eebe40fdb654f027abd11bdf20b27d0120ad4b38

Request headers

Referer: https://ignaciomall.buzz/covid/covid19relief/sba.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 25 Jul 2020 00:38:32 GMT
Content-Encoding: gzip
Expires: Sun, 25 Jul 2021 00:38:33 GMT
Last-Modified: Sat, 25 Jul 2020 00:38:33 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: User-Agent,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Access-Control-Expose-Headers: Request-Context
Cache-Control: public
X-Robots-Tag: noindex, nofollow
Content-Length: 12653
Request-Context: appId=cid-v1:d4695e55-8b5e-43f6-92ab-091546d538de

GET
H2 200 ai.2.min.js Show response
az416426.vo.msecnd.net/scripts/b/ 127 KB
37 KB 27ms
6ms Script
text/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Requested by: Host: ignaciomall.buzz
URL: https://ignaciomall.buzz/covid/covid19relief/sba.gov/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F5B) /
Resource Hash: c3398f725ad750f86d169c4555b2b511843c0b2542056ccaab7bbf4c4bb17dff

Request headers

Referer: https://ignaciomall.buzz/covid/covid19relief/sba.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 25 Jul 2020 00:38:33 GMT
content-encoding: gzip
content-md5: 2rmvOGmtnKFQcMi5xjsk7Q==
age: 1353
x-cache: HIT
status: 200
x-ms-meta-aijssdksrc: [scripts]/b/ai.2.5.6.min.js
content-length: 36906
x-ms-lease-status: unlocked
last-modified: Wed, 08 Jul 2020 17:09:59 GMT
server: ECAcc (frc/8F5B)
x-ms-meta-aijssdkver: 2.5.6
etag: 0x8D82361BF244859
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 6dc871da-f01e-006e-5618-624dcd000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable
x-ms-version: 2009-09-19
expires: Sat, 25 Jul 2020 01:08:33 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 65 KB
26 KB 17ms
15ms Script
application/javascript 2a00:1450:4001:816::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NK7HKJ

Requested by

Host: ignaciomall.buzz
URL: https://ignaciomall.buzz/covid/covid19relief/sba.gov/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a0183fda53e2800fcbd2473ab075b53eedcacb1e6ab7360adf2e8f2173c00f8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://ignaciomall.buzz/covid/covid19relief/sba.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 25 Jul 2020 00:38:33 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26087
x-xss-protection: 0
last-modified: Sat, 25 Jul 2020 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 25 Jul 2020 00:38:33 GMT

GET
H/1.1 200
OK sba-logo.svg
covid19relief1.sba.gov/Content/img/ui-kit/ 15 KB
15 KB 167ms
167ms Image
image/svg+xml 13.86.113.170
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://covid19relief1.sba.gov/Content/img/ui-kit/sba-logo.svg
Requested by: Host: ignaciomall.buzz
URL: https://ignaciomall.buzz/covid/covid19relief/sba.gov/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.86.113.170 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: de522646ab70914a89ee8fb0a6f3e97c414b2e5b8640652d5cef83e238cc7445

Request headers

Referer: https://covid19relief1.sba.gov/Content/AuthenticationLayout.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 25 Jul 2020 00:38:32 GMT
Last-Modified: Tue, 14 Jul 2020 00:20:56 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0a434a47459d61:0"
Content-Type: image/svg+xml
Cache-Control: max-age=0 ,must-revalidate, proxy-revalidate
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 15123

GET
H2 404 dyn_wdp.js
ignaciomall.buzz/iojs/5.0.0/ 0
0 258ms
257ms Script
text/html 2606:4700:3032::6812:3ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ignaciomall.buzz/iojs/5.0.0/dyn_wdp.js?loaderVer=5.0.0&compat=false&tp=true&tp_split=false&tp_host=https%3A%2F%2Fci-mpsnare.iovation.com&fp_static=true&fp_dyn=true&flash=true
Requested by: Host: covid19relief1.sba.gov
URL: https://covid19relief1.sba.gov/Scripts/Iovation/iovation.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6812:3ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ignaciomall.buzz/covid/covid19relief/sba.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 25 Jul 2020 00:38:33 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1
status: 404
cache-control: max-age=14400
cf-ray: 5b81d19bbbe4c2b3-FRA
cf-request-id: 042501554f0000c2b3333f5200000001

GET
H/1.1 200
OK wdp.js Show response
ci-mpsnare.iovation.com/5.0.0/ 36 KB
17 KB 847ms
397ms Script
text/javascript 52.129.92.14
IOVATION3

General

Check archive.org

Show headers Download Go to

Full URL

https://ci-mpsnare.iovation.com/5.0.0/wdp.js?loaderVer=5.0.0&compat=false&tp=true&tp_split=false&tp_host=https%3A%2F%2Fci-mpsnare.iovation.com&fp_static=true&fp_dyn=true&flash=true

Requested by

Host: covid19relief1.sba.gov
URL: https://covid19relief1.sba.gov/Scripts/Iovation/iovation.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.129.92.14 , United States, ASN395492 (IOVATION3, US),

Reverse DNS

Software

nginx /

Resource Hash

503c6a56c868d375636d30b2f395efc1b1378c9b6dc67b2e23c8c19c5809b97c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://ignaciomall.buzz/covid/covid19relief/sba.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 25 Jul 2020 00:38:34 GMT
Content-Encoding: gzip
Server: nginx
Strict-Transport-Security: max-age=15552000; includeSubDomains
p3p: CP="NON DSP COR CURa"
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Cache-Control: no-cache, private
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Expires: 0

GET
H/1.1 200
OK ra-checkbox.png
covid19relief1.sba.gov/Content/img/ui-kit/ 18 KB
19 KB 167ms
167ms Image
image/png 13.86.113.170
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://covid19relief1.sba.gov/Content/img/ui-kit/ra-checkbox.png
Requested by: Host: ignaciomall.buzz
URL: https://ignaciomall.buzz/covid/covid19relief/sba.gov/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.86.113.170 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 53cd79a8a23ba0c1f6b19dd5119bb21894224209db179d6b630d3f6c55966515

Request headers

Referer: https://covid19relief1.sba.gov/Content/AuthenticationLayout.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 25 Jul 2020 00:38:32 GMT
Last-Modified: Tue, 14 Jul 2020 00:20:56 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0a434a47459d61:0"
Content-Type: image/png
Cache-Control: max-age=0 ,must-revalidate, proxy-revalidate
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 18889

GET
H/1.1 200
OK logo.js Show response
ci-mpsnare.iovation.com/5.0.0/ 348 B
800 B 213ms
212ms Script
text/javascript 52.129.92.14
IOVATION3

General

Check archive.org

Show headers Download Go to

Full URL

https://ci-mpsnare.iovation.com/5.0.0/logo.js

Requested by

Host: ci-mpsnare.iovation.com
URL: https://ci-mpsnare.iovation.com/5.0.0/wdp.js?loaderVer=5.0.0&compat=false&tp=true&tp_split=false&tp_host=https%3A%2F%2Fci-mpsnare.iovation.com&fp_static=true&fp_dyn=true&flash=true

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.129.92.14 , United States, ASN395492 (IOVATION3, US),

Reverse DNS

Software

nginx /

Resource Hash

a8ba5f829b2e86ee13bc8853d0c657367c809134fa955648c04f2bf5e831a713

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://ignaciomall.buzz/covid/covid19relief/sba.gov/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 25 Jul 2020 00:38:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Strict-Transport-Security: max-age=15552000; includeSubDomains
p3p: CP="NON DSP COR CURa"
Cache-Control: private
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Server: nginx
Expires: Sun, 25 Jul 2021 00:38:34 GMT

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 96 B
236 B 638ms
638ms XHR
application/json 51.140.6.23
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.140.6.23 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5d6d72b10dce8f7b425ef9d917ba25a23bfe0aaef75cbabe19d553a51a78f36b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ignaciomall.buzz/covid/covid19relief/sba.gov/
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 4A34FAC3-7268-43E0-A41E-47D8D4EEB9CA
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
status: 200
date: Sat, 25 Jul 2020 00:38:35 GMT
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
content-length: 96

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: US Government (Government)

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ignaciomall.buzz/	1970-01-19 11:13:59	Name: ai_session Value: ou05I\|1595637513678.825\|1595637513678.825
ignaciomall.buzz/	1970-01-19 19:59:33	Name: ai_user Value: Azf3\|2020-07-25T00:38:33.675Z
.ignaciomall.buzz/	1970-01-19 11:57:09	Name: __cfduid Value: df1912deb095cf28f17cc1f7c01976b331595637511

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az416426.vo.msecnd.net
ci-mpsnare.iovation.com
covid19relief1.sba.gov
dc.services.visualstudio.com
fonts.googleapis.com
ignaciomall.buzz
ravennanet.buzz
www.googletagmanager.com
13.86.113.170
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:3032::6812:3ad1
2606:4700:3034::ac43:b4d6
2a00:1450:4001:816::2008
2a00:1450:4001:819::200a
51.140.6.23
52.129.92.14
29cda9d12af870bb6b40ca5da11907550a1dff15506c744c4318bef8292822db
31d73b41a78d91ec501b6f92a718599ffb42cf33fe7d8e0a813d037cdfe1c8d8
503c6a56c868d375636d30b2f395efc1b1378c9b6dc67b2e23c8c19c5809b97c
53cd79a8a23ba0c1f6b19dd5119bb21894224209db179d6b630d3f6c55966515
585a1e926461873df9f5d8c3d88bcc3d3fae182ab1fc8596bc2aa2bb7c28e0b0
5b078125ec70bf3011f68e111b6281e3ca32e0bfdc881bebdaf8e4bd3f153342
5d6d72b10dce8f7b425ef9d917ba25a23bfe0aaef75cbabe19d553a51a78f36b
5dc2cc1330cc71a5b2dd5495530cd9e3d53de2c0561899692fe39e2af159734b
670fa87c06d2cdcbd7c28558b185d13f6e33f2aa5b46d5163bd754bf6452f76d
74b506f3326e6ac1cc81c05c0882c7a4c28815013584f659bf8f072544efb97d
7a5506158e773babc7d83fe7bc47651b231b65ec7f727b1ff1f9ef39180ad114
850f728c992fc642bf3d38218a45f896949dfce4930870524bc4c295e86a462f
9080a0617ea6272f9227b075eebe40fdb654f027abd11bdf20b27d0120ad4b38
a0183fda53e2800fcbd2473ab075b53eedcacb1e6ab7360adf2e8f2173c00f8d
a8ba5f829b2e86ee13bc8853d0c657367c809134fa955648c04f2bf5e831a713
b138c2d78991b51eb287aecd188aec6b8ff94f80e176f595616708b93eeaba3a
b4e6e4cf08735f709228edf7b29f64159399c80f57bce2b392569f24e69d81c6
c3398f725ad750f86d169c4555b2b511843c0b2542056ccaab7bbf4c4bb17dff
de522646ab70914a89ee8fb0a6f3e97c414b2e5b8640652d5cef83e238cc7445
e5e6fc47e7b7e2b60c2620222cabe57dd14a89370c77f9d1384a9112cd63178a
f2a14fbc03102e3f6139790da043b488e5d0c76b47c80f175a4ca6e4edddc6a3

ignaciomall.buzz Open in urlscan Pro 2606:4700:3032::6812:3ad1 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

100 %HTTPS

63 %IPv6

8 Domains

8 Subdomains

8 IPs

3 Countries

233 kBTransfer

817 kBSize

3 Cookies

1 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

30 JavaScript Global Variables

3 Cookies

Indicators

ignaciomall.buzz Open in urlscan Pro
2606:4700:3032::6812:3ad1 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

100 %
HTTPS

63 %
IPv6

8
Domains

8
Subdomains

8
IPs

3
Countries

233 kB
Transfer

817 kB
Size

3
Cookies

24 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!