defense-eu.conferdeploy.net Open in urlscan Pro
52.59.17.14 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://defense-eu.conferdeploy.net/cb/investigate/events?query=alert_id:047CAA79%20AND%20device_id:1712627\u0026searchWindow=ALL\u0...
Submission: On June 13 via api (June 13th 2021, 12:03:05 pm UTC) from IL

Summary HTTP 11 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 11 HTTP transactions. The main IP is 52.59.17.14, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is defense-eu.conferdeploy.net.
TLS certificate: Issued by Amazon on August 24th 2020. Valid for: a year.

This is the only time defense-eu.conferdeploy.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
9	52.59.17.14 52.59.17.14		16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::200e		15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200a		15169 (GOOGLE) (GOOGLE)
11	3

9 52.59.17.14 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-17-14.eu-central-1.compute.amazonaws.com

defense-eu.conferdeploy.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	conferdeploy.net defense-eu.conferdeploy.net	2 MB
1	googleapis.com fonts.googleapis.com	849 B
1	google-analytics.com www.google-analytics.com	20 KB
11	3

	Domain	Requested by
9	defense-eu.conferdeploy.net	defense-eu.conferdeploy.net
1	fonts.googleapis.com	defense-eu.conferdeploy.net
1	www.google-analytics.com	defense-eu.conferdeploy.net
11	3

This site contains no links.

Subject Issuer	Validity	Valid
*.conferdeploy.net Amazon	`2020-08-24` - `2021-09-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-17` - `2021-08-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://defense-eu.conferdeploy.net/cb/investigate/events?query=alert_id:047CAA79%20AND%20device_id:1712627\u0026searchWindow=ALL\u0026orgId=1355\ttargetPriorityCode=0\tinternalIpAddress=172.16.100.31\tdst=172.16.100.31\tgroupName=ws_windows_v2\tdeviceType=WINDOWS\ttargetPriorityType=LOW\tdevTimeFormat=MMM-dd-yyyy
Frame ID: 298028C2BA8AE5FEA1531A2DFE9578DE
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Python (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /gunicorn(?:\/([\d.]+))?/i

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /react.*\.js/i

gunicorn (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /gunicorn(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i

Page Statistics

11
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

2375 kB
Transfer

8168 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 401 Primary Request events Show response
defense-eu.conferdeploy.net/cb/investigate/ 2 KB
2 KB 112ms
46ms Document
text/html 52.59.17.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://defense-eu.conferdeploy.net/cb/investigate/events?query=alert_id:047CAA79%20AND%20device_id:1712627\u0026searchWindow=ALL\u0026orgId=1355\ttargetPriorityCode=0\tinternalIpAddress=172.16.100.31\tdst=172.16.100.31\tgroupName=ws_windows_v2\tdeviceType=WINDOWS\ttargetPriorityType=LOW\tdevTimeFormat=MMM-dd-yyyy
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.17.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-17-14.eu-central-1.compute.amazonaws.com
Software: gunicorn /
Resource Hash: 59a2d29d8adfa3e699d5eb6e08e01c540dbfce40053d9068a5451d3234916846

Request headers

:method: GET
:authority: defense-eu.conferdeploy.net
:scheme: https
:path: /cb/investigate/events?query=alert_id:047CAA79%20AND%20device_id:1712627\u0026searchWindow=ALL\u0026orgId=1355\ttargetPriorityCode=0\tinternalIpAddress=172.16.100.31\tdst=172.16.100.31\tgroupName=ws_windows_v2\tdeviceType=WINDOWS\ttargetPriorityType=LOW\tdevTimeFormat=MMM-dd-yyyy
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 12:02:49 GMT
content-type: text/html; charset=utf-8
content-length: 2044
server: gunicorn
set-cookie: SESSION=; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Path=/ SESSION=; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Path=/appservices/ SESSION=; Expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Path=/adminServices/
x-processed-by: psc.auth

GET
H2 200 styles.css
defense-eu.conferdeploy.net/assets/fonts/ 8 KB
2 KB 42ms
41ms Stylesheet
text/css 52.59.17.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://defense-eu.conferdeploy.net/assets/fonts/styles.css?v=7
Requested by: Host: defense-eu.conferdeploy.net
URL: https://defense-eu.conferdeploy.net/cb/investigate/events?query=alert_id:047CAA79%20AND%20device_id:1712627\u0026searchWindow=ALL\u0026orgId=1355\ttargetPriorityCode=0\tinternalIpAddress=172.16.100.31\tdst=172.16.100.31\tgroupName=ws_windows_v2\tdeviceType=WINDOWS\ttargetPriorityType=LOW\tdevTimeFormat=MMM-dd-yyyy
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.17.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-17-14.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 2fe22b7429d97620ebc45f771eb710fccb3554837c7522bb1607122d77ad90f9

Request headers

:path: /assets/fonts/styles.css?v=7
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: defense-eu.conferdeploy.net
referer: https://defense-eu.conferdeploy.net/cb/investigate/events?query=alert_id:047CAA79%20AND%20device_id:1712627\u0026searchWindow=ALL\u0026orgId=1355\ttargetPriorityCode=0\tinternalIpAddress=172.16.100.31\tdst=172.16.100.31\tgroupName=ws_windows_v2\tdeviceType=WINDOWS\ttargetPriorityType=LOW\tdevTimeFormat=MMM-dd-yyyy
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://defense-eu.conferdeploy.net/cb/investigate/events?query=alert_id:047CAA79%20AND%20device_id:1712627\u0026searchWindow=ALL\u0026orgId=1355\ttargetPriorityCode=0\tinternalIpAddress=172.16.100.31\tdst=172.16.100.31\tgroupName=ws_windows_v2\tdeviceType=WINDOWS\ttargetPriorityType=LOW\tdevTimeFormat=MMM-dd-yyyy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 12:02:50 GMT
content-encoding: gzip
last-modified: Tue, 08 Jun 2021 13:05:18 GMT
server: nginx
etag: W/"60bf6b0e-218d"
content-type: text/css
cache-control: public, max-age=0 no-cache="set-cookie"
set-cookie: AWSELB=99C1D1E318C47C14EC329EDB687334FD68849A068A6074AF7BB438E974C5ACE3DA06BFF2F32E25ABBACE246E488BB7C2BC27E49157FE53B43B4C0E5940FC2E198587910E2C;PATH=/;MAX-AGE=300 AWSELBCORS=99C1D1E318C47C14EC329EDB687334FD68849A068A6074AF7BB438E974C5ACE3DA06BFF2F32E25ABBACE246E488BB7C2BC27E49157FE53B43B4C0E5940FC2E198587910E2C;PATH=/;MAX-AGE=300;SECURE;SAMESITE=None
content-length: 1881

GET
H2 200 react-console.css
defense-eu.conferdeploy.net/assets/ 3 KB
1 KB 44ms
43ms Stylesheet
text/css 52.59.17.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://defense-eu.conferdeploy.net/assets/react-console.css
Requested by: Host: defense-eu.conferdeploy.net
URL: https://defense-eu.conferdeploy.net/cb/investigate/events?query=alert_id:047CAA79%20AND%20device_id:1712627\u0026searchWindow=ALL\u0026orgId=1355\ttargetPriorityCode=0\tinternalIpAddress=172.16.100.31\tdst=172.16.100.31\tgroupName=ws_windows_v2\tdeviceType=WINDOWS\ttargetPriorityType=LOW\tdevTimeFormat=MMM-dd-yyyy
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.17.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-17-14.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1f25e62be9e9c4c87441c2ab2a95fcc7344a979d38552a2fb97453071fb0f725

Request headers

:path: /assets/react-console.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: defense-eu.conferdeploy.net
referer: https://defense-eu.conferdeploy.net/cb/investigate/events?query=alert_id:047CAA79%20AND%20device_id:1712627\u0026searchWindow=ALL\u0026orgId=1355\ttargetPriorityCode=0\tinternalIpAddress=172.16.100.31\tdst=172.16.100.31\tgroupName=ws_windows_v2\tdeviceType=WINDOWS\ttargetPriorityType=LOW\tdevTimeFormat=MMM-dd-yyyy
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://defense-eu.conferdeploy.net/cb/investigate/events?query=alert_id:047CAA79%20AND%20device_id:1712627\u0026searchWindow=ALL\u0026orgId=1355\ttargetPriorityCode=0\tinternalIpAddress=172.16.100.31\tdst=172.16.100.31\tgroupName=ws_windows_v2\tdeviceType=WINDOWS\ttargetPriorityType=LOW\tdevTimeFormat=MMM-dd-yyyy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 12:02:50 GMT
content-encoding: gzip
last-modified: Tue, 08 Jun 2021 13:05:18 GMT
server: nginx
etag: W/"60bf6b0e-ac2"
content-type: text/css
cache-control: max-age=604800 no-cache="set-cookie"
set-cookie: AWSELB=99C1D1E318C47C14EC329EDB687334FD68849A068AA07A3E73DCBAA59E2A0BC3634C50F6A46C0DE3B1F92B97E01ABCA504A804631701425D470CAF15813535A0315DF9090A;PATH=/;MAX-AGE=300 AWSELBCORS=99C1D1E318C47C14EC329EDB687334FD68849A068AA07A3E73DCBAA59E2A0BC3634C50F6A46C0DE3B1F92B97E01ABCA504A804631701425D470CAF15813535A0315DF9090A;PATH=/;MAX-AGE=300;SECURE;SAMESITE=None
content-length: 823
expires: Sun, 20 Jun 2021 12:02:50 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: defense-eu.conferdeploy.net
URL: https://defense-eu.conferdeploy.net/cb/investigate/events?query=alert_id:047CAA79%20AND%20device_id:1712627\u0026searchWindow=ALL\u0026orgId=1355\ttargetPriorityCode=0\tinternalIpAddress=172.16.100.31\tdst=172.16.100.31\tgroupName=ws_windows_v2\tdeviceType=WINDOWS\ttargetPriorityType=LOW\tdevTimeFormat=MMM-dd-yyyy

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://defense-eu.conferdeploy.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 3853
date: Sun, 13 Jun 2021 10:58:37 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Sun, 13 Jun 2021 12:58:37 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
849 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,700

Requested by

Host: defense-eu.conferdeploy.net
URL: https://defense-eu.conferdeploy.net/cb/investigate/events?query=alert_id:047CAA79%20AND%20device_id:1712627\u0026searchWindow=ALL\u0026orgId=1355\ttargetPriorityCode=0\tinternalIpAddress=172.16.100.31\tdst=172.16.100.31\tgroupName=ws_windows_v2\tdeviceType=WINDOWS\ttargetPriorityType=LOW\tdevTimeFormat=MMM-dd-yyyy

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8e4c6e21c4dc4230954cf7338212d2d72d95f47c5321d165706dbf4a14bca843

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 13 Jun 2021 10:40:07 GMT
server: ESF
date: Sun, 13 Jun 2021 12:02:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Jun 2021 12:02:50 GMT

GET
H2 200 store_bundle.b255105f227f5095452c.js Show response
defense-eu.conferdeploy.net/ 629 KB
161 KB 50ms
49ms Script
application/javascript 52.59.17.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://defense-eu.conferdeploy.net/store_bundle.b255105f227f5095452c.js
Requested by: Host: defense-eu.conferdeploy.net
URL: https://defense-eu.conferdeploy.net/cb/investigate/events?query=alert_id:047CAA79%20AND%20device_id:1712627\u0026searchWindow=ALL\u0026orgId=1355\ttargetPriorityCode=0\tinternalIpAddress=172.16.100.31\tdst=172.16.100.31\tgroupName=ws_windows_v2\tdeviceType=WINDOWS\ttargetPriorityType=LOW\tdevTimeFormat=MMM-dd-yyyy
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.17.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-17-14.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 76e3510f795df7541414cb3bebbb1bc15a6f51ddbd8d8de58696c733f5c01219

Request headers

:path: /store_bundle.b255105f227f5095452c.js
pragma: no-cache
cookie: AWSELB=99C1D1E318C47C14EC329EDB687334FD68849A068AA07A3E73DCBAA59E2A0BC3634C50F6A46C0DE3B1F92B97E01ABCA504A804631701425D470CAF15813535A0315DF9090A; AWSELBCORS=99C1D1E318C47C14EC329EDB687334FD68849A068AA07A3E73DCBAA59E2A0BC3634C50F6A46C0DE3B1F92B97E01ABCA504A804631701425D470CAF15813535A0315DF9090A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: defense-eu.conferdeploy.net
referer: https://defense-eu.conferdeploy.net/cb/investigate/events?query=alert_id:047CAA79%20AND%20device_id:1712627\u0026searchWindow=ALL\u0026orgId=1355\ttargetPriorityCode=0\tinternalIpAddress=172.16.100.31\tdst=172.16.100.31\tgroupName=ws_windows_v2\tdeviceType=WINDOWS\ttargetPriorityType=LOW\tdevTimeFormat=MMM-dd-yyyy
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://defense-eu.conferdeploy.net/cb/investigate/events?query=alert_id:047CAA79%20AND%20device_id:1712627\u0026searchWindow=ALL\u0026orgId=1355\ttargetPriorityCode=0\tinternalIpAddress=172.16.100.31\tdst=172.16.100.31\tgroupName=ws_windows_v2\tdeviceType=WINDOWS\ttargetPriorityType=LOW\tdevTimeFormat=MMM-dd-yyyy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 12:02:50 GMT
content-encoding: gzip
last-modified: Tue, 08 Jun 2021 13:05:18 GMT
server: nginx
etag: W/"60bf6b0e-9d39f"
content-type: application/javascript
cache-control: max-age=604800
expires: Sun, 20 Jun 2021 12:02:50 GMT

GET
H2 200 elements_bundle.066ba491cd95a33cbda0.js Show response
defense-eu.conferdeploy.net/ 345 KB
113 KB 67ms
66ms Script
application/javascript 52.59.17.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://defense-eu.conferdeploy.net/elements_bundle.066ba491cd95a33cbda0.js
Requested by: Host: defense-eu.conferdeploy.net
URL: https://defense-eu.conferdeploy.net/cb/investigate/events?query=alert_id:047CAA79%20AND%20device_id:1712627\u0026searchWindow=ALL\u0026orgId=1355\ttargetPriorityCode=0\tinternalIpAddress=172.16.100.31\tdst=172.16.100.31\tgroupName=ws_windows_v2\tdeviceType=WINDOWS\ttargetPriorityType=LOW\tdevTimeFormat=MMM-dd-yyyy
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.17.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-17-14.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e5ce9d620063b47f3dda56c254e3041171bd3a3cff5cbcf88d2e2b27e9251063

Request headers

:path: /elements_bundle.066ba491cd95a33cbda0.js
pragma: no-cache
cookie: AWSELB=99C1D1E318C47C14EC329EDB687334FD68849A068AA07A3E73DCBAA59E2A0BC3634C50F6A46C0DE3B1F92B97E01ABCA504A804631701425D470CAF15813535A0315DF9090A; AWSELBCORS=99C1D1E318C47C14EC329EDB687334FD68849A068AA07A3E73DCBAA59E2A0BC3634C50F6A46C0DE3B1F92B97E01ABCA504A804631701425D470CAF15813535A0315DF9090A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: defense-eu.conferdeploy.net
referer: https://defense-eu.conferdeploy.net/cb/investigate/events?query=alert_id:047CAA79%20AND%20device_id:1712627\u0026searchWindow=ALL\u0026orgId=1355\ttargetPriorityCode=0\tinternalIpAddress=172.16.100.31\tdst=172.16.100.31\tgroupName=ws_windows_v2\tdeviceType=WINDOWS\ttargetPriorityType=LOW\tdevTimeFormat=MMM-dd-yyyy
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://defense-eu.conferdeploy.net/cb/investigate/events?query=alert_id:047CAA79%20AND%20device_id:1712627\u0026searchWindow=ALL\u0026orgId=1355\ttargetPriorityCode=0\tinternalIpAddress=172.16.100.31\tdst=172.16.100.31\tgroupName=ws_windows_v2\tdeviceType=WINDOWS\ttargetPriorityType=LOW\tdevTimeFormat=MMM-dd-yyyy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 12:02:50 GMT
content-encoding: gzip
last-modified: Tue, 08 Jun 2021 13:05:18 GMT
server: nginx
etag: W/"60bf6b0e-563d6"
content-type: application/javascript
cache-control: max-age=604800
expires: Sun, 20 Jun 2021 12:02:50 GMT

GET
H2 200 moment_bundle.1a233bc58ba550dacafe.js Show response
defense-eu.conferdeploy.net/ 481 KB
116 KB 91ms
90ms Script
application/javascript 52.59.17.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://defense-eu.conferdeploy.net/moment_bundle.1a233bc58ba550dacafe.js
Requested by: Host: defense-eu.conferdeploy.net
URL: https://defense-eu.conferdeploy.net/cb/investigate/events?query=alert_id:047CAA79%20AND%20device_id:1712627\u0026searchWindow=ALL\u0026orgId=1355\ttargetPriorityCode=0\tinternalIpAddress=172.16.100.31\tdst=172.16.100.31\tgroupName=ws_windows_v2\tdeviceType=WINDOWS\ttargetPriorityType=LOW\tdevTimeFormat=MMM-dd-yyyy
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.17.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-17-14.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 23c3eb5fa37fb97bd368403b0efb89ded61df760466287344531bdf8fc5eec02

Request headers

:path: /moment_bundle.1a233bc58ba550dacafe.js
pragma: no-cache
cookie: AWSELB=99C1D1E318C47C14EC329EDB687334FD68849A068AA07A3E73DCBAA59E2A0BC3634C50F6A46C0DE3B1F92B97E01ABCA504A804631701425D470CAF15813535A0315DF9090A; AWSELBCORS=99C1D1E318C47C14EC329EDB687334FD68849A068AA07A3E73DCBAA59E2A0BC3634C50F6A46C0DE3B1F92B97E01ABCA504A804631701425D470CAF15813535A0315DF9090A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: defense-eu.conferdeploy.net
referer: https://defense-eu.conferdeploy.net/cb/investigate/events?query=alert_id:047CAA79%20AND%20device_id:1712627\u0026searchWindow=ALL\u0026orgId=1355\ttargetPriorityCode=0\tinternalIpAddress=172.16.100.31\tdst=172.16.100.31\tgroupName=ws_windows_v2\tdeviceType=WINDOWS\ttargetPriorityType=LOW\tdevTimeFormat=MMM-dd-yyyy
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://defense-eu.conferdeploy.net/cb/investigate/events?query=alert_id:047CAA79%20AND%20device_id:1712627\u0026searchWindow=ALL\u0026orgId=1355\ttargetPriorityCode=0\tinternalIpAddress=172.16.100.31\tdst=172.16.100.31\tgroupName=ws_windows_v2\tdeviceType=WINDOWS\ttargetPriorityType=LOW\tdevTimeFormat=MMM-dd-yyyy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 12:02:50 GMT
content-encoding: gzip
last-modified: Tue, 08 Jun 2021 13:05:18 GMT
server: nginx
etag: W/"60bf6b0e-783b2"
content-type: application/javascript
cache-control: max-age=604800
expires: Sun, 20 Jun 2021 12:02:50 GMT

GET
H2 200 reactdom_bundle.8ec1587da9af8c25e713.js Show response
defense-eu.conferdeploy.net/ 114 KB
41 KB 249ms
249ms Script
application/javascript 52.59.17.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://defense-eu.conferdeploy.net/reactdom_bundle.8ec1587da9af8c25e713.js
Requested by: Host: defense-eu.conferdeploy.net
URL: https://defense-eu.conferdeploy.net/cb/investigate/events?query=alert_id:047CAA79%20AND%20device_id:1712627\u0026searchWindow=ALL\u0026orgId=1355\ttargetPriorityCode=0\tinternalIpAddress=172.16.100.31\tdst=172.16.100.31\tgroupName=ws_windows_v2\tdeviceType=WINDOWS\ttargetPriorityType=LOW\tdevTimeFormat=MMM-dd-yyyy
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.17.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-17-14.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: fc152fd2537f9ad9f0b3b31a77123e16401000cea58cb3b253ca975beb2bbde3

Request headers

:path: /reactdom_bundle.8ec1587da9af8c25e713.js
pragma: no-cache
cookie: AWSELB=99C1D1E318C47C14EC329EDB687334FD68849A068AA07A3E73DCBAA59E2A0BC3634C50F6A46C0DE3B1F92B97E01ABCA504A804631701425D470CAF15813535A0315DF9090A; AWSELBCORS=99C1D1E318C47C14EC329EDB687334FD68849A068AA07A3E73DCBAA59E2A0BC3634C50F6A46C0DE3B1F92B97E01ABCA504A804631701425D470CAF15813535A0315DF9090A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: defense-eu.conferdeploy.net
referer: https://defense-eu.conferdeploy.net/cb/investigate/events?query=alert_id:047CAA79%20AND%20device_id:1712627\u0026searchWindow=ALL\u0026orgId=1355\ttargetPriorityCode=0\tinternalIpAddress=172.16.100.31\tdst=172.16.100.31\tgroupName=ws_windows_v2\tdeviceType=WINDOWS\ttargetPriorityType=LOW\tdevTimeFormat=MMM-dd-yyyy
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://defense-eu.conferdeploy.net/cb/investigate/events?query=alert_id:047CAA79%20AND%20device_id:1712627\u0026searchWindow=ALL\u0026orgId=1355\ttargetPriorityCode=0\tinternalIpAddress=172.16.100.31\tdst=172.16.100.31\tgroupName=ws_windows_v2\tdeviceType=WINDOWS\ttargetPriorityType=LOW\tdevTimeFormat=MMM-dd-yyyy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 12:02:50 GMT
content-encoding: gzip
last-modified: Tue, 08 Jun 2021 13:05:18 GMT
server: nginx
etag: W/"60bf6b0e-1c9f6"
content-type: application/javascript
cache-control: max-age=604800
expires: Sun, 20 Jun 2021 12:02:50 GMT

GET
H2 200 vendor_bundle.a2395b2ea6de4ee0469b.js Show response
defense-eu.conferdeploy.net/ 3 MB
912 KB 90ms
90ms Script
application/javascript 52.59.17.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://defense-eu.conferdeploy.net/vendor_bundle.a2395b2ea6de4ee0469b.js
Requested by: Host: defense-eu.conferdeploy.net
URL: https://defense-eu.conferdeploy.net/cb/investigate/events?query=alert_id:047CAA79%20AND%20device_id:1712627\u0026searchWindow=ALL\u0026orgId=1355\ttargetPriorityCode=0\tinternalIpAddress=172.16.100.31\tdst=172.16.100.31\tgroupName=ws_windows_v2\tdeviceType=WINDOWS\ttargetPriorityType=LOW\tdevTimeFormat=MMM-dd-yyyy
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.17.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-17-14.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b5bc12a4f6e6609cc2ed4f253908f172c246c3a0ea3649700ade74e9d556c823

Request headers

:path: /vendor_bundle.a2395b2ea6de4ee0469b.js
pragma: no-cache
cookie: AWSELB=99C1D1E318C47C14EC329EDB687334FD68849A068AA07A3E73DCBAA59E2A0BC3634C50F6A46C0DE3B1F92B97E01ABCA504A804631701425D470CAF15813535A0315DF9090A; AWSELBCORS=99C1D1E318C47C14EC329EDB687334FD68849A068AA07A3E73DCBAA59E2A0BC3634C50F6A46C0DE3B1F92B97E01ABCA504A804631701425D470CAF15813535A0315DF9090A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: defense-eu.conferdeploy.net
referer: https://defense-eu.conferdeploy.net/cb/investigate/events?query=alert_id:047CAA79%20AND%20device_id:1712627\u0026searchWindow=ALL\u0026orgId=1355\ttargetPriorityCode=0\tinternalIpAddress=172.16.100.31\tdst=172.16.100.31\tgroupName=ws_windows_v2\tdeviceType=WINDOWS\ttargetPriorityType=LOW\tdevTimeFormat=MMM-dd-yyyy
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://defense-eu.conferdeploy.net/cb/investigate/events?query=alert_id:047CAA79%20AND%20device_id:1712627\u0026searchWindow=ALL\u0026orgId=1355\ttargetPriorityCode=0\tinternalIpAddress=172.16.100.31\tdst=172.16.100.31\tgroupName=ws_windows_v2\tdeviceType=WINDOWS\ttargetPriorityType=LOW\tdevTimeFormat=MMM-dd-yyyy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 12:02:50 GMT
content-encoding: gzip
last-modified: Tue, 08 Jun 2021 13:05:18 GMT
server: nginx
etag: W/"60bf6b0e-2a421c"
content-type: application/javascript
cache-control: max-age=604800
expires: Sun, 20 Jun 2021 12:02:50 GMT

GET
H2 200 main_bundle.c38116ffb28b0b1279c2.js Show response
defense-eu.conferdeploy.net/ 4 MB
1006 KB 91ms
90ms Script
application/javascript 52.59.17.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://defense-eu.conferdeploy.net/main_bundle.c38116ffb28b0b1279c2.js
Requested by: Host: defense-eu.conferdeploy.net
URL: https://defense-eu.conferdeploy.net/cb/investigate/events?query=alert_id:047CAA79%20AND%20device_id:1712627\u0026searchWindow=ALL\u0026orgId=1355\ttargetPriorityCode=0\tinternalIpAddress=172.16.100.31\tdst=172.16.100.31\tgroupName=ws_windows_v2\tdeviceType=WINDOWS\ttargetPriorityType=LOW\tdevTimeFormat=MMM-dd-yyyy
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.17.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-17-14.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 910a9aff0d5e6bb2795eb8a0c55855b504a482defd6b965fe57c3cfef4f66b51

Request headers

:path: /main_bundle.c38116ffb28b0b1279c2.js
pragma: no-cache
cookie: AWSELB=99C1D1E318C47C14EC329EDB687334FD68849A068AA07A3E73DCBAA59E2A0BC3634C50F6A46C0DE3B1F92B97E01ABCA504A804631701425D470CAF15813535A0315DF9090A; AWSELBCORS=99C1D1E318C47C14EC329EDB687334FD68849A068AA07A3E73DCBAA59E2A0BC3634C50F6A46C0DE3B1F92B97E01ABCA504A804631701425D470CAF15813535A0315DF9090A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: defense-eu.conferdeploy.net
referer: https://defense-eu.conferdeploy.net/cb/investigate/events?query=alert_id:047CAA79%20AND%20device_id:1712627\u0026searchWindow=ALL\u0026orgId=1355\ttargetPriorityCode=0\tinternalIpAddress=172.16.100.31\tdst=172.16.100.31\tgroupName=ws_windows_v2\tdeviceType=WINDOWS\ttargetPriorityType=LOW\tdevTimeFormat=MMM-dd-yyyy
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://defense-eu.conferdeploy.net/cb/investigate/events?query=alert_id:047CAA79%20AND%20device_id:1712627\u0026searchWindow=ALL\u0026orgId=1355\ttargetPriorityCode=0\tinternalIpAddress=172.16.100.31\tdst=172.16.100.31\tgroupName=ws_windows_v2\tdeviceType=WINDOWS\ttargetPriorityType=LOW\tdevTimeFormat=MMM-dd-yyyy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 12:02:50 GMT
content-encoding: gzip
last-modified: Tue, 08 Jun 2021 13:05:18 GMT
server: nginx
etag: W/"60bf6b0e-3bc504"
content-type: application/javascript
cache-control: max-age=604800
expires: Sun, 20 Jun 2021 12:02:50 GMT

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| webpackJsonp function| setImmediate function| clearImmediate object| regeneratorRuntime function| _

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.conferdeploy.net/	1970-01-19 19:01:12	Name: _gid Value: GA1.2.460886581.1623585770
			.conferdeploy.net/	1970-01-20 12:30:57	Name: _ga Value: GA1.2.1919003336.1623585770
			defense-eu.conferdeploy.net/	1970-01-19 18:59:46	Name: AWSELBCORS Value: 99C1D1E318C47C14EC329EDB687334FD68849A068AA07A3E73DCBAA59E2A0BC3634C50F6A46C0DE3B1F92B97E01ABCA504A804631701425D470CAF15813535A0315DF9090A
			defense-eu.conferdeploy.net/	1970-01-19 18:59:46	Name: AWSELB Value: 99C1D1E318C47C14EC329EDB687334FD68849A068AA07A3E73DCBAA59E2A0BC3634C50F6A46C0DE3B1F92B97E01ABCA504A804631701425D470CAF15813535A0315DF9090A

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

defense-eu.conferdeploy.net
fonts.googleapis.com
www.google-analytics.com
2a00:1450:4001:829::200a
2a00:1450:4001:829::200e
52.59.17.14
1f25e62be9e9c4c87441c2ab2a95fcc7344a979d38552a2fb97453071fb0f725
23c3eb5fa37fb97bd368403b0efb89ded61df760466287344531bdf8fc5eec02
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2fe22b7429d97620ebc45f771eb710fccb3554837c7522bb1607122d77ad90f9
59a2d29d8adfa3e699d5eb6e08e01c540dbfce40053d9068a5451d3234916846
76e3510f795df7541414cb3bebbb1bc15a6f51ddbd8d8de58696c733f5c01219
8e4c6e21c4dc4230954cf7338212d2d72d95f47c5321d165706dbf4a14bca843
910a9aff0d5e6bb2795eb8a0c55855b504a482defd6b965fe57c3cfef4f66b51
b5bc12a4f6e6609cc2ed4f253908f172c246c3a0ea3649700ade74e9d556c823
e5ce9d620063b47f3dda56c254e3041171bd3a3cff5cbcf88d2e2b27e9251063
fc152fd2537f9ad9f0b3b31a77123e16401000cea58cb3b253ca975beb2bbde3