2023-obsproject.com Open in urlscan Pro
2a06:98c1:3120::c Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://2023-obsproject.com/
Submission: On March 09 via manual (March 9th 2023, 4:10:00 pm UTC) from US — Scanned from NL

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 15 HTTP transactions. The main IP is 2a06:98c1:3120::c, located in United States and belongs to CLOUDFLARENET, US. The main domain is 2023-obsproject.com.
TLS certificate: Issued by GTS CA 1P5 on March 9th 2023. Valid for: 3 months.

This is the only time 2023-obsproject.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Dropbox (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
13	2a06:98c1:312... 2a06:98c1:3120::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
15	3

13 2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)

2023-obsproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	2023-obsproject.com 2023-obsproject.com	412 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 299	86 KB
0	Failed function sub() { [native code] }. Failed
15	3

	Domain	Requested by
13	2023-obsproject.com	2023-obsproject.com
1	ajax.googleapis.com	2023-obsproject.com
0	Failed	2023-obsproject.com
15	3

This site contains no links.

Subject Issuer	Validity	Valid
*.2023-obsproject.com GTS CA 1P5	`2023-03-09` - `2023-06-07`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://2023-obsproject.com/
Frame ID: 38CFB9CFDCDF6D7A354941C108A7A6EA
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Dropbox

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

93 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

497 kB
Transfer

503 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
2023-obsproject.com/ 14 KB
4 KB 370ms
282ms Document
text/html 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2023-obsproject.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89acca910f1fba57e98d7c45141ea173a12bb5d6d953aeb8683452c7f68b3fad

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7a5495c11f961c7c-AMS
content-encoding: br
content-type: text/html
date: Thu, 09 Mar 2023 16:09:54 GMT
last-modified: Mon, 16 Jan 2023 16:24:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T3EskTzsSApyP%2Bhattj0RkvoxzyydxEVyTH054OkVN4h%2BIm6iAg6aXEyvJgmvf9G4XO%2FA3jHXyAk6%2FXDEVwmq6cLAEP3EKjI1uYVllIiVIh01WFJG%2FN0K7xegXhca0%2Foi3WMcWuTcHvsqONlQTa3QmEk"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 2.png
2023-obsproject.com/dropbx36/assets/ 11 KB
11 KB 279ms
278ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2023-obsproject.com/dropbx36/assets/2.png
Requested by: Host: 2023-obsproject.com
URL: https://2023-obsproject.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76350ca957f6bc2054872fbb8a5c7a74b2882b304208dcc4e406cbc30d2ac91f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2023-obsproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:09:54 GMT
cf-cache-status: MISS
last-modified: Mon, 16 Jan 2023 16:17:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2bc9-5f263ec23b340"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xCx7KiaWopY0NY2hJIAVyt4sDq2r84Mw%2B1zD1cMKyfKkq4PGBXUCFr%2B4yxtHDH45tX0pvXkBNr0bn1K%2BnXKhGuUF6sA%2B4%2BboObQiKOKmyBmpTwbeqKgKVRAfFcK%2Fhm2LffutafnkLAwhjSL37CGM3%2BF%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7a5495c2eb001c7c-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11209

GET
H2 200 logo.png
2023-obsproject.com/dropbx36/assets/ 16 KB
17 KB 43ms
43ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2023-obsproject.com/dropbx36/assets/logo.png
Requested by: Host: 2023-obsproject.com
URL: https://2023-obsproject.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f5b9ed702e568c7f2a3ccccb625ded32ca49864ce92096b8212e901b0903dc5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2023-obsproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:09:54 GMT
cf-cache-status: HIT
last-modified: Mon, 16 Jan 2023 16:17:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4762
etag: "41e7-5f263e9d09b80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D9cCEXkBAf5NX9os%2FRdEe7O%2BstfqfcnqSH6voo1N%2BUuNvcJrCjb0cimCeUA2WtG%2FPitxgQlX84l9qUF0jKJ6a96NpMFX%2Bir1wED0X5yqtGUnUtcuw5%2ByDunwze8izqBZGybgvuLRR28fR5K%2BP7kxjkHH"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7a5495c2eb021c7c-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16871

GET
H2 200 shape-1.png
2023-obsproject.com/dropbx36/assets/ 6 KB
7 KB 278ms
276ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2023-obsproject.com/dropbx36/assets/shape-1.png
Requested by: Host: 2023-obsproject.com
URL: https://2023-obsproject.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47a7d8f0be98446362788b8189fbc7c0f38cfc0c6da137c105d1947f13f7b55f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2023-obsproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:09:54 GMT
cf-cache-status: MISS
last-modified: Mon, 16 Jan 2023 16:16:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "19ad-5f263e965cbc0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JTdqYhmWGdsyXkJn9YmZKpPePEZJbDKaJ2iad9lrI0HXjGqtP0WK553X3Xe9afUMEd%2FNCqDDZODF4y9A5%2BEkKmMxqW8yO%2BhOn%2BFJ3wgInbV84msQIcnAmZq2xe%2F2ce1GTccupn1PCdbkoivZObHLEQbK"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7a5495c30b371c7c-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6573

GET
H2 200 outlook.svg
2023-obsproject.com/dropbx36/assets/ 1 KB
1 KB 34ms
33ms Image
image/svg+xml 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2023-obsproject.com/dropbx36/assets/outlook.svg
Requested by: Host: 2023-obsproject.com
URL: https://2023-obsproject.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96b781dc1002a753ddff78a23bc776f4db3c7f4f433a9df39ba516f40b3f72c7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2023-obsproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:09:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 16 Jan 2023 16:16:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4762
etag: W/"583-5f263e9845040"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8cZtSlq1bn4WY%2BJh%2FLTeGZWMvKcGsYTWcUVd3k5sB1GNuE5qaEei8Je1%2BQvFTXF5X0Sx3MBuOuJXRVinbGyf5k1Y97WLEER7zCW1%2BKLszluBVgiJd1EEGntzzhJ2cyNJoeCM%2FwVa2FKGPG2hK3mvelM1"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7a5495c30b3a1c7c-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 office.svg
2023-obsproject.com/dropbx36/assets/ 1 KB
954 B 253ms
252ms Image
image/svg+xml 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2023-obsproject.com/dropbx36/assets/office.svg
Requested by: Host: 2023-obsproject.com
URL: https://2023-obsproject.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83bc60f68ff2202282149424847f87a2437d6ddcd5fa4fd5d35d85550f9cd328

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2023-obsproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:09:54 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 16 Jan 2023 16:17:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"479-5f263e9b21700"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qO2yQf2VH4t4kN564D%2FQyESgkoLASIcyzkypy2hVK3Trp%2B%2Bso3d4oHMOC1dn9EEV8m0DoELOloOEIYAs7FmpXviBobQlOeTGninWL8xnZeUoEH75OqdtxRL7SqdaojLh%2FutOKqufaQ9a0WwOvfog6Hrz"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7a5495c30b3c1c7c-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 aol.png
2023-obsproject.com/dropbx36/assets/ 608 B
940 B 33ms
32ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2023-obsproject.com/dropbx36/assets/aol.png
Requested by: Host: 2023-obsproject.com
URL: https://2023-obsproject.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38e64fbeb524b7748d30fcf0c0e1a52f2994cbe0c036b3f2c2d1cdcf55219689

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2023-obsproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:09:54 GMT
cf-cache-status: HIT
last-modified: Mon, 16 Jan 2023 16:17:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4762
etag: "260-5f263ea2c2900"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pntFndulSy%2FpK4vvm6HKuYwMiDaeWeQ7L%2BB45WYiWTDed6ZDVnyR%2FSMY8ibbylrhOJcbQh2kLr1gah2H3%2Bi0h74mq4CkHP1Gzo%2BeV0a4C00FdDzFS%2FpN3nWANSh%2BIVSoy2eWI8Ghe7qo4KAGdK%2BjgXYv"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7a5495c30b3f1c7c-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 608

GET
H2 200 yahoo.png
2023-obsproject.com/dropbx36/assets/ 1 KB
1 KB 283ms
282ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2023-obsproject.com/dropbx36/assets/yahoo.png
Requested by: Host: 2023-obsproject.com
URL: https://2023-obsproject.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4b303a7ed2422acd6a453103a4de290078485b90a0e214d5216a7411934e2e7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2023-obsproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:09:54 GMT
cf-cache-status: MISS
last-modified: Mon, 16 Jan 2023 16:16:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "401-5f263e79c0840"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jrItgc78dza5hyNYb68ob6I13Ti0Ahi%2Fyebzs5SdnhpWEEOdOdYGyG6W5%2BkeXVCpy0rz%2FZkGwtMjq7iUZEnHtO8vxUxDCPCY8%2BArdeOPcY3J2MLX1SeEH8cp7gNEGCjZJxJu5H7LwsESZrOW2ke7hotY"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7a5495c30b411c7c-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1025

GET
H2 200 other.png
2023-obsproject.com/dropbx36/assets/ 2 KB
2 KB 284ms
284ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2023-obsproject.com/dropbx36/assets/other.png
Requested by: Host: 2023-obsproject.com
URL: https://2023-obsproject.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79f1125dcdb1f9194d515a1da5fcd62db3cd89e4d50c5aa29fb7e10a293ac127

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2023-obsproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:09:54 GMT
cf-cache-status: MISS
last-modified: Mon, 16 Jan 2023 16:16:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6ef-5f263e9939280"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yq%2FhHeRBn7uf%2BQ5C2%2FV5ScPhFFSY1fcHepU00dQ9aTSEhxk%2B%2BowYMru7sqZyCDHZLM4Ge55VAq6g8nvv%2FR%2BM6iXKopi6zcB%2BVqkCDtS7zoZvZZ6ZDWM68VTpFpBsAy906RVKdt0icGHDwFb35qKCl5dp"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7a5495c30b451c7c-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1775

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
86 KB 108ms
34ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: 2023-obsproject.com
URL: https://2023-obsproject.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2023-obsproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 07:39:03 GMT
x-content-type-options: nosniff
age: 203451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86927
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Mar 2024 07:39:03 GMT

GET
H2 200 source-sans-pro-v14-latin-regular.woff2
2023-obsproject.com/dropbx36/assets/ 16 KB
16 KB 359ms
358ms Font
font/woff2 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2023-obsproject.com/dropbx36/assets/source-sans-pro-v14-latin-regular.woff2
Requested by: Host: 2023-obsproject.com
URL: https://2023-obsproject.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Request headers

Referer: https://2023-obsproject.com/
Origin: https://2023-obsproject.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:09:54 GMT
cf-cache-status: MISS
last-modified: Mon, 16 Jan 2023 16:16:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3ef0-5f263e79c0840"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VeMAtO865eeSG3NYbusZQFUmU%2BiamrvDi6qHtC%2Fd6V8QbB4ILky1dkxCYbUi%2BcRPmQwfOoJTRgTCfKng9JvZoHmHMUn9v76uCt16OcE18cNaVY6q2JOwoh8CGKZF2Ug%2BQ21iUezddqE9pp2JzQ67oZ3A"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7a5495c30b511c7c-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16112

GET
H2 200 source-sans-pro-v14-latin-700.woff2
2023-obsproject.com/dropbx36/assets/ 15 KB
16 KB 346ms
345ms Font
font/woff2 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2023-obsproject.com/dropbx36/assets/source-sans-pro-v14-latin-700.woff2
Requested by: Host: 2023-obsproject.com
URL: https://2023-obsproject.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03

Request headers

Referer: https://2023-obsproject.com/
Origin: https://2023-obsproject.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:09:54 GMT
cf-cache-status: MISS
last-modified: Mon, 16 Jan 2023 16:16:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3d94-5f263e843e100"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dD9wX3CN6mYd9%2Bt0hCg5K2%2Fj7DSwiEhg2n7DxABfZPd1lXJaGt5Sd2fmiPxVh77O4ot7yJTpEwAOPHGaSyYaOIHHTS7IUH5r%2Bgh%2B55szUy%2FMC4JV8io3pS9KgRpwUczHzv34PWPe89NM%2Fyr2L2%2FeXlYh"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7a5495c30b521c7c-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15764

GET source-sans-pro-v14-latin-600.woff2
{script_domain}/email-list/dropbx36/assets/ 0
0

GET
H2 200 source-sans-pro-v14-latin-600.woff
2023-obsproject.com/dropbx36/assets/ 20 KB
20 KB 357ms
357ms Font
font/woff 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2023-obsproject.com/dropbx36/assets/source-sans-pro-v14-latin-600.woff
Requested by: Host: 2023-obsproject.com
URL: https://2023-obsproject.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c08efa91781865d1a2e9fcb030f8ac55c2d8eadbf8822c2ea251556333f99d9c

Request headers

Referer: https://2023-obsproject.com/
Origin: https://2023-obsproject.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:09:54 GMT
cf-cache-status: MISS
last-modified: Mon, 16 Jan 2023 16:16:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "4e80-5f263e8dc7780"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D3T95kauc%2FV8p5z1PfAEWgxpDMEaTFd0u4j3kLsnYHpqCa1ormVI93XNmZA5M7GDwHK0n7imSc9a17CRSpEowIU1Oyz6PWslC47%2BXCIHNtMR%2BDKsgoI14WSF%2FBxl%2B9WLm2NVQ5bchk2py3GBa6V1sG%2BI"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7a5495c32baa1c7c-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20096

GET
H3 200 bg-shape.png
2023-obsproject.com/dropbx36/assets/ 314 KB
315 KB 36ms
36ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2023-obsproject.com/dropbx36/assets/bg-shape.png
Requested by: Host: 2023-obsproject.com
URL: https://2023-obsproject.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 618bbe49df0cf4c145ce2513ddf669c8e11f7b866252c442a4cdd171e2d5d0f9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2023-obsproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:09:54 GMT
cf-cache-status: HIT
last-modified: Mon, 16 Jan 2023 16:17:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4762
etag: "4e85c-5f263ea2c2900"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AtapOOrmtwNaEQHMdz2dvLTQdj2d6EANIctKkkg9FGkh7DKKnVehFWz56dmGU3D9JqHZCwmcSxqAT3gjzji4AO%2BKqHnVL1CgYW%2Fp8KDfq3BXVJipWVLGhkyyRB5xHL9iTBtv3cjxm9JO8DSUNPZIYqO5"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7a5495c38f7f0a4c-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 321628

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
URL: https://%7Bscript_domain%7D/email-list/dropbx36/assets/source-sans-pro-v14-latin-600.woff2

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Dropbox (Consumer)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://%7Bscript_domain%7D/email-list/dropbx36/assets/source-sans-pro-v14-latin-600.woff2 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.


2023-obsproject.com
ajax.googleapis.com

2a00:1450:4001:829::200a
2a06:98c1:3120::c
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1f5b9ed702e568c7f2a3ccccb625ded32ca49864ce92096b8212e901b0903dc5
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
38e64fbeb524b7748d30fcf0c0e1a52f2994cbe0c036b3f2c2d1cdcf55219689
47a7d8f0be98446362788b8189fbc7c0f38cfc0c6da137c105d1947f13f7b55f
618bbe49df0cf4c145ce2513ddf669c8e11f7b866252c442a4cdd171e2d5d0f9
76350ca957f6bc2054872fbb8a5c7a74b2882b304208dcc4e406cbc30d2ac91f
79f1125dcdb1f9194d515a1da5fcd62db3cd89e4d50c5aa29fb7e10a293ac127
83bc60f68ff2202282149424847f87a2437d6ddcd5fa4fd5d35d85550f9cd328
89acca910f1fba57e98d7c45141ea173a12bb5d6d953aeb8683452c7f68b3fad
96b781dc1002a753ddff78a23bc776f4db3c7f4f433a9df39ba516f40b3f72c7
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
c08efa91781865d1a2e9fcb030f8ac55c2d8eadbf8822c2ea251556333f99d9c
f4b303a7ed2422acd6a453103a4de290078485b90a0e214d5216a7411934e2e7

2023-obsproject.com Open in urlscan Pro 2a06:98c1:3120::c Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

15 Requests

93 %HTTPS

100 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

497 kBTransfer

503 kBSize

0 Cookies

0 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

6 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

2023-obsproject.com Open in urlscan Pro
2a06:98c1:3120::c Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

93 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

497 kB
Transfer

503 kB
Size

0
Cookies

15 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!