urlscan.io logo urlscan.io
SecurityTrails logo

alzhh-eaaaa-aaaao-aaxhq-cai.raw.ic0.app Open in urlscan Pro
2604:1380:4641:6103:5000:fdff:feb3:2faf  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://alzhh-eaaaa-aaaao-aaxhq-cai.raw.ic0.app/
Submission: On November 21 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 14 HTTP transactions. The main IP is 2604:1380:4641:6103:5000:fdff:feb3:2faf, located in Dallas, United States and belongs to PACKET, US. The main domain is alzhh-eaaaa-aaaao-aaxhq-cai.raw.ic0.app.
TLS certificate: Issued by R3 on November 8th 2022. Valid for: 3 months.
This is the only time alzhh-eaaaa-aaaao-aaxhq-cai.raw.ic0.app was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic (Online)

Domain & IP information

IP Address AS Autonomous System
1 2604:1380:464... 54825 (PACKET)
1 2607:f8b0:400... 15169 (GOOGLE)
8 2606:4700:303... 13335 (CLOUDFLAR...)
14 4
Apex Domain
Subdomains		 Transfer
8 kabalservice.com
kabalservice.com
176 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 304
30 KB
1 ic0.app
alzhh-eaaaa-aaaao-aaxhq-cai.raw.ic0.app
32 KB
14 3
Domain Requested by
8 kabalservice.com alzhh-eaaaa-aaaao-aaxhq-cai.raw.ic0.app
1 ajax.googleapis.com alzhh-eaaaa-aaaao-aaxhq-cai.raw.ic0.app
1 alzhh-eaaaa-aaaao-aaxhq-cai.raw.ic0.app
14 3

This site contains no links.

Subject Issuer Validity Valid
boundary.dfinity.network
R3		 2022-11-08 -
2023-02-06		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.kabalservice.com
E1		 2022-11-08 -
2023-02-06		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://alzhh-eaaaa-aaaao-aaxhq-cai.raw.ic0.app/
Frame ID: CF53C24F4DB4852EC69C272E5CE423F9
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ondrive

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

71 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

4
IPs

1
Countries

238 kB
Transfer

333 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
alzhh-eaaaa-aaaao-aaxhq-cai.raw.ic0.app/ 		75 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://alzhh-eaaaa-aaaao-aaxhq-cai.raw.ic0.app/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2604:1380:4641:6103:5000:fdff:feb3:2faf Dallas, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
5c2b3e9611183ce86f21b235be1b6d4548031db1ba9cc470a79d5538779ef04b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-None-Match,If-Modified-Since,Cache-Control,Content-Type,Range,Cookie
access-control-allow-methods
HEAD, GET, POST, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Accept-Ranges,Content-Length,Content-Range
access-control-max-age
600
content-encoding
gzip
content-type
text/html
date
Mon, 21 Nov 2022 15:20:57 GMT
etag
W/"5c2b3e9611183ce86f21b235be1b6d4548031db1ba9cc470a79d5538779ef04b"
ic-certificate
certificate=:2dn3o2R0cmVlgwGDAYMBgwJIY2FuaXN0ZXKDAYIEWCBvfBKWUb8kNtcL+dgQNt7I0xM2Z3Le0q3B1ABEvqbKwIMBggRYIITuHZLdYsoxqvnGLLu2cukwdC8CWY5g6dTBOpIci5afgwGCBFggOXURmgWlz4qfPTiLXyfWFTOhKgPe1r92J0Ebsf3YtGKDAYMBggRYIDzQMdVm1XUdqHIsKN4iawWYhKqTKhOiNwyPBLTKaHCkgwGCBFggCpjdOpmKcsocMpHVuS6FnExaiktdt6PryvJRhT5DonuDAYIEWCA0VRwl4fdmfvBH+wSpKjN+zF+naBN9vPEkPBYpCsx3aoMBggRYINPMexvVCqlSmBESPcLJ2zuU+g/u5rdMxMYVzPboIgqNgwGCBFggAfWzVd6EF31+XdjbUlCtfiqq4AazGBKPz5TOgUSNKXGDAkoAAAAAAcAFzwEBgwGDAYMBgwJOY2VydGlmaWVkX2RhdGGCA1gg9O23xoVrx7Ylg1qOh0qhwz1k8myPgKlm1GBNJ3ltNBCCBFggg8Vr8U3ePSjeZsaStfydl+ndmFtq1ysP5vhOio3z3LKCBFggp1UohHhxfaA4JOE+ZcFbDigMxIk7W46ee7TOrHiXXVqCBFggudNSCP1JIetLuKZa0oAYCsdXq7u+E0fGCsQ1WFVCAHSCBFggca0qDLtfYDudBE2kLBeMp6DIBUnC7sLq9V4aQVJPYT+CBFggAxChsX0zEV50HtsfmCnEaNxl6PlEMZULs68gjyMxEbKCBFggbeN14d215sY3RQnMWLGJV46tMXYrSGdYG3Oj2NmVcweDAYIEWCALLxLPg6ijOWkcDTm+OEMs7hpk2o44mLtpr9tpcII8XoMCRHRpbWWCA0mjpcz6mNfolBdpc2lnbmF0dXJlWDCq7umfEX7Cc6LIgjVchmygSUlyEyFwfUr8RGVBZHqc+0slJzcDMfMz6fe3noSqO7xqZGVsZWdhdGlvbqJpc3VibmV0X2lkWB0PAzxRJdtPazLkJiaN9mOlzpj+O1Mdli4aeof6AmtjZXJ0aWZpY2F0ZVkCV9nZ96JkdHJlZYMBggRYIG0SgyrObksunmyAUuR3/F0Wj2Ow/NEaB3ByvxEVNLrggwGDAkZzdWJuZXSDAYMBgwGDAYMBgwGCBFggjxpR9y/BG9p9v/2jjt4ciflyL8nBSo86yRI8OIYHaQyDAlgdDwM8USXbT2sy5CYmjfZjpc6Y/jtTHZYuGnqH+gKDAYMCT2NhbmlzdGVyX3Jhbmdlc4IDWBvZ2feBgkoAAAAAAcAAAAEBSgAAAAABz///AQGDAkpwdWJsaWNfa2V5ggNYhTCBgjAdBg0rBgEEAYLcfAUDAQIBBgwrBgEEAYLcfAUDAgEDYQCRP2qE8Fc2wt0LLcPsg46VQZrg70JtVW9QFSpEW5wjJJW8BRzau9Rqe9iHmwlyDLsTs7zSZf91Vn3L8E6a4cOiFBIppnV2BWJbCTxco0M2OT5aiLeN97Cjp+W5hBcW0KSCBFggWacPGxGyq2GNVM1ZAPeYjnR94xp6WwMol5sc3ZKVPvuCBFgg0qcJSo6VnkdEm1Vvie8c2T4z1Y1BiDi0BV/6zkV+33CCBFggDBi86JwyBnKT3oBTMeVKvfJ2nIoLqG1Y/btKMWxSZ8eCBFggSh12wI5kLj22mC5mU76Mc28nWiSsIhCDQwstW0Qc51SCBFggLYVruntsgBcc6OXRIbt+RFCzVlpkTZE16f5YhCgcH7mDAkR0aW1lggNJtb3qrLzmhJQXaXNpZ25hdHVyZVgwrLwAK//VA3eQ0QS/aD4kpb05yYCSbpwc+c+hD1xrWajBaLBcMZ0Jb1wrFsQQgXkI:, tree=:2dn3gwJLaHR0cF9hc3NldHODAYMBgwGDAkYvNC5QTkeCBFggk3nO3gXTCx/RqCKmD+rseeTgX9HDPuH/sUmEbL5iewqCBFggrrnvvuFLaxR7yBcESOXPT70T2KT1Hxn5tb8j8tzMv42CBFggy0Shsz366nOdzpVRHjElmWO3fAR9lpI4H11XCyc7Mk+DAYIEWCChMYCIfzgH7FCXdknZ+X23BtBl54OM1uYRRCf6Do5yaIMBggRYIA2xn7oeY7oikCaEsz7OK9VXJu1xqdiaF+squPm/tPpIgwGCBFggEOiPpSSpCbnxCQma1VbNfkZlu3e7rixdNQdGGiscjo2DAksvaW5kZXguaHRtbIIDWCBcKz6WERg86G8hsjW+G21FSAMdsbqcxHCnnVU4d57wSw==:
server
nginx/1.21.3
x-ic-canister-id
0000000001c005cf0101
x-ic-node-id
o2ejh-i3l5b-tawnx-6vane-ek7hi-apzj2-d2vid-j5dro-xityu-sszcb-gqe
x-ic-subnet-id
o3ow2-2ipam-6fcjo-3j5vt-fzbge-2g7my-5fz2m-p4o2t-dwlc4-gt2q7-5ae
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: alzhh-eaaaa-aaaao-aaxhq-cai.raw.ic0.app
URL: https://alzhh-eaaaa-aaaao-aaxhq-cai.raw.ic0.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://alzhh-eaaaa-aaaao-aaxhq-cai.raw.ic0.app/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 21 Nov 2022 14:16:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3849
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 21 Nov 2023 14:16:49 GMT
right-img.png
kabalservice.com/email-list/fourone/assets/ 		95 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kabalservice.com/email-list/fourone/assets/right-img.png
Requested by
Host: alzhh-eaaaa-aaaao-aaxhq-cai.raw.ic0.app
URL: https://alzhh-eaaaa-aaaao-aaxhq-cai.raw.ic0.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:c51a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db82654ea50bd72f5c45d770196423e2b82ba782cadb658c3529ac21e8e742ec

Request headers

accept-language
en-US,en;q=0.9
Referer
https://alzhh-eaaaa-aaaao-aaxhq-cai.raw.ic0.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 15:20:58 GMT
cf-cache-status
MISS
last-modified
Wed, 27 Jul 2022 08:04:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"62e0f1ab-17dde"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ISCU805ibmIK33x4Ctiq1UXvsBXKgCbiJaCN75l98Vfrs%2FjVLrXZgKu%2F8b2qvHldExq1M%2BGbL9ClUzmydE9ruhbfcGy%2F8loMaVsMfgMX3TKrHkHsxolany7oBaitgRww%2BB0et%2BfvgNKXvplYU7Qd"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
76da69936c9802f1-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
97758
expires
Thu, 31 Dec 2037 23:55:55 GMT
onedrive.png
kabalservice.com/email-list/fourone/assets/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kabalservice.com/email-list/fourone/assets/onedrive.png
Requested by
Host: alzhh-eaaaa-aaaao-aaxhq-cai.raw.ic0.app
URL: https://alzhh-eaaaa-aaaao-aaxhq-cai.raw.ic0.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:c51a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4b3570e2c41b22c174f3e7a24bb21cb8785c5fccdc8ecd4fcff5034e0b0ac2e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://alzhh-eaaaa-aaaao-aaxhq-cai.raw.ic0.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 15:20:58 GMT
cf-cache-status
MISS
last-modified
Wed, 27 Jul 2022 08:04:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"62e0f1a9-3171"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oC0b6w5P8q5rzJ2Mvher5eEd%2B3qBi0jwnYTODTHJUBNVqV6naZOs3d6ygsuU8eiQUoojoPxcJ5U07c%2B4nF%2FNNaZTTbu6IAPxQxzoSL8lNs0izBvhOCzEOMHX1l6dXCy3Jo%2B38LqxEvDOus1ZpyX%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
76da69936c8b02f1-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12657
expires
Thu, 31 Dec 2037 23:55:55 GMT
microsoft.png
kabalservice.com/email-list/fourone/assets/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kabalservice.com/email-list/fourone/assets/microsoft.png
Requested by
Host: alzhh-eaaaa-aaaao-aaxhq-cai.raw.ic0.app
URL: https://alzhh-eaaaa-aaaao-aaxhq-cai.raw.ic0.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:c51a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6eea526a1adcb22ff7306ffbc6063037bd60c829111704289d7f396fe58ef257

Request headers

accept-language
en-US,en;q=0.9
Referer
https://alzhh-eaaaa-aaaao-aaxhq-cai.raw.ic0.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 15:20:58 GMT
cf-cache-status
MISS
last-modified
Wed, 27 Jul 2022 08:04:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"62e0f1a7-3230"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nJ5Jyv6IUjyWKfew3lIwe%2BT7dLrPS6koUGJiwIFn6ArNXHYpI5uyMARl7Mvnq4guYy4mJzZ%2FwT5LsPlKFSJNvqAuxxcl%2Fawr%2FDZtggyMsPlU%2FwkSgqHLQ6OK5jsb2Gljj6pHVaF2cRMXjEgStKCe"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
76da69936c8c02f1-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12848
expires
Thu, 31 Dec 2037 23:55:55 GMT
outlook.png
kabalservice.com/email-list/fourone/assets/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kabalservice.com/email-list/fourone/assets/outlook.png
Requested by
Host: alzhh-eaaaa-aaaao-aaxhq-cai.raw.ic0.app
URL: https://alzhh-eaaaa-aaaao-aaxhq-cai.raw.ic0.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:c51a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd4529ea24c494e15ceac28a0383175c2f657e73f09f30ae7059a800c6803cd2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://alzhh-eaaaa-aaaao-aaxhq-cai.raw.ic0.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 15:20:58 GMT
cf-cache-status
MISS
last-modified
Wed, 27 Jul 2022 08:04:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"62e0f1ab-26fc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kcHlxZReubnvioLfdKVpmohpEzmFBtoYd6afyVHednUGJ1HM8RJZN%2FpX3QRTI%2F8JNRLyIJ70MWqLtOc2IPlMXOZCjEteDtmBmjJsvcqGz4YHndVA2x%2FjnGD69Ybo%2FU6mmxSQgAGhC4KhBMzEyMhk"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
76da69936c9002f1-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9980
expires
Thu, 31 Dec 2037 23:55:55 GMT
aol.png
kabalservice.com/email-list/fourone/assets/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kabalservice.com/email-list/fourone/assets/aol.png
Requested by
Host: alzhh-eaaaa-aaaao-aaxhq-cai.raw.ic0.app
URL: https://alzhh-eaaaa-aaaao-aaxhq-cai.raw.ic0.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:c51a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df5b43f7cbf30eb3263a475c6db9c5eb6df900810314d5f6e0565a880b410f17

Request headers

accept-language
en-US,en;q=0.9
Referer
https://alzhh-eaaaa-aaaao-aaxhq-cai.raw.ic0.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 15:20:58 GMT
cf-cache-status
MISS
last-modified
Wed, 27 Jul 2022 08:04:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"62e0f1a8-2969"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ul8mi1nFmRfsprmwTUUdIsebPS12FpVtF7V4aT5RU87ceAmNA%2FpnJv03xhsLs2ojigDkyK4EZiL46GqW6xI%2F5%2FyNklSsEb6EbsbRnMaUErapKktFf79IDT2sPeerpr0sl3OaE5LZB52ij6xrI3Ua"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
76da69936c9202f1-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10601
expires
Thu, 31 Dec 2037 23:55:55 GMT
office.png
kabalservice.com/email-list/fourone/assets/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kabalservice.com/email-list/fourone/assets/office.png
Requested by
Host: alzhh-eaaaa-aaaao-aaxhq-cai.raw.ic0.app
URL: https://alzhh-eaaaa-aaaao-aaxhq-cai.raw.ic0.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:c51a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db75dbb1ae9776fa41a13536656b099acf2a97b8d4ebf2ae136dfbc061e2f7d1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://alzhh-eaaaa-aaaao-aaxhq-cai.raw.ic0.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 15:20:58 GMT
cf-cache-status
MISS
last-modified
Wed, 27 Jul 2022 08:04:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"62e0f1ab-28a0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0aEUNGaZ8ufmIGmN6UxM3t0BdXSH9s5F86uI6ehpXAnZM%2B71l1B45XfNbN58PstNsNxMtlVVqiA1kLmJBD7cj89ozGtv1mjhTtgZyAFp7y2bedTBmLh3LvOBIqrGB6aSb29M48hUfE2Q9wYucdQG"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
76da69936c9502f1-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10400
expires
Thu, 31 Dec 2037 23:55:55 GMT
yahoo.png
kabalservice.com/email-list/fourone/assets/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kabalservice.com/email-list/fourone/assets/yahoo.png
Requested by
Host: alzhh-eaaaa-aaaao-aaxhq-cai.raw.ic0.app
URL: https://alzhh-eaaaa-aaaao-aaxhq-cai.raw.ic0.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:c51a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d5fd81ba0848bb14740ca1a7cc517a0b644d462764f496edb53f27c60e3e97a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://alzhh-eaaaa-aaaao-aaxhq-cai.raw.ic0.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 15:20:58 GMT
cf-cache-status
MISS
last-modified
Wed, 27 Jul 2022 08:04:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"62e0f1a8-299f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GR%2FIY46JiCx34WT4MV1oaPLJAZ3pRmVMYMSmP%2F8iQholYozhv0FGU9epSEBff%2BrIMc27ia4eDgQWs6EIuOpycRzmQzvSFxpSvYP%2FQKBriMbYX7hkYV6UhiRN1JtnHfI6ThnL7TyfKlVGzBPSjATO"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
76da69936c8702f1-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10655
expires
Thu, 31 Dec 2037 23:55:55 GMT
other-mails.png
kabalservice.com/email-list/fourone/assets/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kabalservice.com/email-list/fourone/assets/other-mails.png
Requested by
Host: alzhh-eaaaa-aaaao-aaxhq-cai.raw.ic0.app
URL: https://alzhh-eaaaa-aaaao-aaxhq-cai.raw.ic0.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:c51a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47a7c60bc13b36dff23c8b2f8da20cc63ca7ed74dd2e9436319d88409d6c405f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://alzhh-eaaaa-aaaao-aaxhq-cai.raw.ic0.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 15:20:58 GMT
cf-cache-status
MISS
last-modified
Wed, 27 Jul 2022 08:05:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"62e0f1ac-2f7e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mcJdOyVmcnertNOngwUaPwnkyJERpXOnkNu4cQlVvBnn98O2s0avCK99j7sEz4g0jFHyu%2BO3TGxaxdhZNejw555o2CAAJHCuE70GOgXOIFV7aXich%2FPj1keUvECNRKskY1d97ASvbwdoPYhrcsuV"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
76da69936c8402f1-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12158
expires
Thu, 31 Dec 2037 23:55:55 GMT
SegoeUiBold.woff
kabalservice.com/email-list/fourone/assets/ 		0
0
SegoeUI-SemiBold.woff2
kabalservice.com/email-list/fourone/assets/ 		0
0
SegoeUI-SemiBold.woff
kabalservice.com/email-list/fourone/assets/ 		0
0
SegoeUI-SemiBold.ttf
kabalservice.com/email-list/fourone/assets/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
kabalservice.com
URL
https://kabalservice.com/email-list/fourone/assets/SegoeUiBold.woff
Domain
kabalservice.com
URL
https://kabalservice.com/email-list/fourone/assets/SegoeUI-SemiBold.woff2
Domain
kabalservice.com
URL
https://kabalservice.com/email-list/fourone/assets/SegoeUI-SemiBold.woff
Domain
kabalservice.com
URL
https://kabalservice.com/email-list/fourone/assets/SegoeUI-SemiBold.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic (Online)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| _0x40bc function| _0x4c55 object| Zlib function| templatePage function| $ function| jQuery function| window_opener_xc function| get_extra_data

0 Cookies

10 Console Messages

Source Level URL
Text
javascript warning
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript error URL: https://alzhh-eaaaa-aaaao-aaxhq-cai.raw.ic0.app/
Message:
Access to font at 'https://kabalservice.com/email-list/fourone/assets/SegoeUiBold.woff' from origin 'https://alzhh-eaaaa-aaaao-aaxhq-cai.raw.ic0.app' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://kabalservice.com/email-list/fourone/assets/SegoeUiBold.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://alzhh-eaaaa-aaaao-aaxhq-cai.raw.ic0.app/
Message:
Access to font at 'https://kabalservice.com/email-list/fourone/assets/SegoeUI-SemiBold.woff2' from origin 'https://alzhh-eaaaa-aaaao-aaxhq-cai.raw.ic0.app' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://kabalservice.com/email-list/fourone/assets/SegoeUI-SemiBold.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://alzhh-eaaaa-aaaao-aaxhq-cai.raw.ic0.app/
Message:
Access to font at 'https://kabalservice.com/email-list/fourone/assets/SegoeUI-SemiBold.woff' from origin 'https://alzhh-eaaaa-aaaao-aaxhq-cai.raw.ic0.app' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://kabalservice.com/email-list/fourone/assets/SegoeUI-SemiBold.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://alzhh-eaaaa-aaaao-aaxhq-cai.raw.ic0.app/
Message:
Access to font at 'https://kabalservice.com/email-list/fourone/assets/SegoeUI-SemiBold.ttf' from origin 'https://alzhh-eaaaa-aaaao-aaxhq-cai.raw.ic0.app' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://kabalservice.com/email-list/fourone/assets/SegoeUI-SemiBold.ttf
Message:
Failed to load resource: net::ERR_FAILED