{% from "macros.html" import shorten_string %}
{% if urlscan %}

urlscan.io

{% if urlscan.get('permaurl') %}

A scan was triggered for this capture, click to view it on urlscan.io.

{% if urlscan['malicious']%}

It is considered malicious.

{% endif%} {% if urlscan['tags'] %}

It is tagged as {{ ','.join(urlscan['tags']) }}.

{% endif%} {% elif urlscan.get('error_message') %}

Unable to trigger the scan, urlscan.io returned the following message:

{{ urlscan.get('error_message') }}

{% endif%}
{% endif%} {% if phishtank and phishtank.get('urls') or phishtank.get('ips_hits') %}

Phishtank

{% if phishtank.get('urls') %}

Phishtank flagged the URLs below as phishing:

    {% for url, permaurl in phishtank['urls'].items() %}
  • {{ shorten_string(url, 150) }}: click to view it on phishtank.

  • {% endfor %}
{% endif%} {% if phishtank.get('ips_hits') %}

The IPs below are in the tree and are flagged as phishing on Phishtank, might on on other URLs:

    {% for ip, entries in phishtank['ips_hits'].items() %}
  • {{ ip }}:
      {% for related_url, permaurl in entries %}
    • {{ shorten_string(related_url, 150) }}: click to view it on phishtank.

    • {% endfor %}
  • {% endfor %} {% endif%}
{% endif%} {% if vt %}

Virus Total

{% for url, entries in vt.items() %}

URL {{ shorten_string(url, 50, with_title=True) }}

{% if entries['malicious'] %}

Detected as malicious by the following vendors

{% for e in entries['malicious'] %}
{{ e[0] }}
{{ e[1] }}
{% endfor %}
{% else %}

No vendors consider this URL as malicious.

{% endif%}
Full report on VirusTotal
{% endfor %} {% endif%} {% if pi%}

Phishing Initiative

{% for url, tag in pi.items() %}

URL {{ shorten_string(url, 50, with_title=True) }}

This URL is tagged as {{ tag }} on Phishing Initiative
{% endfor %} {% endif%}