drop.cofense.eu
Open in
urlscan Pro
35.158.254.28
Public Scan
Effective URL: https://drop.cofense.eu/af0e8fa76a90c7ac1cd1555c079e8344/unlock
Submission: On June 05 via api from IT
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on October 3rd 2018. Valid for: 2 years.
This is the only time drop.cofense.eu was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 14 | 35.158.254.28 35.158.254.28 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
13 | 1 |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-158-254-28.eu-central-1.compute.amazonaws.com
drop.cofense.eu |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
cofense.eu
1 redirects
drop.cofense.eu |
134 KB |
13 | 1 |
Domain | Requested by | |
---|---|---|
14 | drop.cofense.eu |
1 redirects
drop.cofense.eu
|
13 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
drop.cofense.eu DigiCert SHA2 Secure Server CA |
2018-10-03 - 2020-10-07 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://drop.cofense.eu/af0e8fa76a90c7ac1cd1555c079e8344/unlock
Frame ID: 3E5037614D10A95AF688A7C9A2A4903B
Requests: 13 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://drop.cofense.eu/af0e8fa76a90c7ac1cd1555c079e8344
HTTP 302
https://drop.cofense.eu/af0e8fa76a90c7ac1cd1555c079e8344/unlock Page URL
Detected technologies
Ruby (Programming Languages) ExpandDetected patterns
- meta csrf-param /authenticity_token/i
Ruby on Rails (Web Frameworks) Expand
Detected patterns
- meta csrf-param /authenticity_token/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Font Awesome (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js/i
- env /^jQuery$/i
- script /jquery-ui(?:-|\.)([\d.]*\d)[^\/]*\.js/i
- script /jquery-ui.*\.js/i
jQuery UI (JavaScript Libraries) Expand
Detected patterns
- script /jquery-ui(?:-|\.)([\d.]*\d)[^\/]*\.js/i
- script /jquery-ui.*\.js/i
Twitter Bootstrap () Expand
Detected patterns
- script /(?:twitter\.github\.com\/bootstrap|bootstrap(?:\.js|\.min\.js))/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://drop.cofense.eu/af0e8fa76a90c7ac1cd1555c079e8344
HTTP 302
https://drop.cofense.eu/af0e8fa76a90c7ac1cd1555c079e8344/unlock Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
unlock
drop.cofense.eu/af0e8fa76a90c7ac1cd1555c079e8344/ Redirect Chain
|
3 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui-1.9.2.custom.css
drop.cofense.eu/stylesheets/custom-theme/ |
91 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome.min.css
drop.cofense.eu/stylesheets/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
application.css
drop.cofense.eu/stylesheets/ |
8 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cofense.css
drop.cofense.eu/stylesheets/ |
121 B 736 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.8.0.min.js
drop.cofense.eu/javascripts/vendor/ |
90 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui-1.8.23.custom.min.js
drop.cofense.eu/javascripts/vendor/ |
200 KB 51 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
drop.cofense.eu/javascripts/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
application.js
drop.cofense.eu/javascripts/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery_ujs.js
drop.cofense.eu/javascripts/ |
15 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cofense_logo.png
drop.cofense.eu/images/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ui-bg_glass_75_ffffff_1x400.png
drop.cofense.eu/stylesheets/custom-theme/images/ |
107 B 675 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ui-icons_222222_256x240.png
drop.cofense.eu/stylesheets/custom-theme/images/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery function| DP_jQuery_1559720025109 object| DROP1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
drop.cofense.eu/ | Name: _deaddrop_session Value: b1B1S3kzL1Z3WHZaZVBzeXk3K24yNlZpdVN0azRraXQ5L3hsZXc5eWxoUzc1QS9oMndXR29NdTlZamRxVUR0VmN6cmJQdVRmY1NXS25XV3h5OE9tTFB6QklOYmJjbXQ4aDY4c01PZnZjMkJRdFNEZ3dRb3JuQVh2QVVrV1JvUWY1akZXeVBQanJscUpWSDV1dXhnR2tVc2tYeWttOEZRTTBZd1BWOEJvbCtmSThsdm5wNzdhdUJFNkE0dDliZzZrRHNFOTQ5Z2E3KzdzcEdyM0JSZW53c1luRXk4cVJlL1lBa3FsVlJoemd6TnVEODJCU0prQTFIc2owVW5aTGxTVE4waHBDOEwvNlUxZW1RUmhpSmY1WUNzZGhTcjlQNUVPRU1GZDhqUEo2b2lkd0VDcGo5SVM0SnpGNDZJU1ZSY3YtLW1tOUMvR0FuTDJRUHRBSFRnVFV2NUE9PQ%3D%3D--c4b8e6efdd60faf0f9676f56e20295fc2ac35ffc |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | script-src 'self' 'unsafe-inline' 'unsafe-eval' drop.cofense.eu |
Strict-Transport-Security | max-age=16070400; includeSubDomains |
X-Content-Type-Options | nosniff nosniff |
X-Frame-Options | SAMEORIGIN DENY |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
drop.cofense.eu
35.158.254.28
1fe5e1734f497a69c804fae5a03265d51701eaf72504199ae374d1628844c395
2f5ecbbd2965ce36b5b47226f59485bd4fbdf038c460b082a2cdb6dcec01ff4d
3c1b84e76a9e4cd8dc0a245f957bea308be5ebbaacc3f67127f3652dc69a6b4e
631a73a351e39b9de41712796842ef6f211c2ea19ea6847dc41c6bbb59710570
6a6bf94e825c21ef7caa3da08d5fa67e047c431a17a918d2d671682ce48c48c9
765b25354c4094334574ae15c28e2193ad7c4f2316e78003dfce580e45704c01
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8aa549cad5b9e54d10dd018ee040955123f0d0d8fdce328d98ac6cf7778f1644
9bf790b68abf9cc2e52be850d701055cf895d5853e94f8a465ac1a20fa9d4548
a2ccfdc001858222885a9df39200840ac7a3f479ba889727d32a10398db7918a
be74206f2e5592433142730a49e104bcb8d38e6ad3f15c68a92952f496a9f348
c36028122e14e2fdecbec5dcbc95a1c69806bd84f452851c51f4167d4054cfe1
d73e2e1bff9c55b85284ff287cb20dc29ad9165ec09091a0597b61199f330805