Report - candyslandsacpe.com/c99ab4ed7e1def86d8d

Report Overview

Submitted URL
candyslandsacpe.com/c99ab4ed7e1def86d8d
IP
52.21.33.16
ASN
#14618 AMAZON-AES
Submitted
2024-04-26 15:18:32
Access
public
Website Title
Fraud detected
Final URL
candyslandsacpe.com/c99ab4ed7e1def86d8d
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
candyslandsacpe.com	unknown	unknown	No data	No data	902 B	12 kB	52.2.56.64
d2te5kruq0pvbl.cloudfront.net	unknown	2008-04-25	2016-06-26	2024-04-18	927 B	72 kB	143.204.55.65
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-25	455 B	1.7 kB	142.250.74.106
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-26	1.0 kB	35 kB	216.58.207.227

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (7)

	URL	IP	Response	Size
	candyslandsacpe.com/c99ab4ed7e1def86d8d	52.2.56.64	403 Forbidden	0 B
URL User Request GET HTTP/2 candyslandsacpe.com/c99ab4ed7e1def86d8d IP 52.2.56.64:443 ASN #14618 AMAZON-AES Certificate IssuerLet's Encrypt Subjectcandyslandsacpe.com FingerprintEC:DD:55:BB:DB:87:16:A7:B7:A8:8E:E4:6D:C8:D0:7C:D8:D1:36:00 ValidityThu, 25 Apr 2024 11:24:18 GMT - Wed, 24 Jul 2024 11:24:17 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /c99ab4ed7e1def86d8d HTTP/1.1 Host: candyslandsacpe.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 301 Moved Permanently Location: https://candyslandsacpe.com/c99ab4ed7e1def86d8d X-Powered-By: Short.io/Edge Date: Fri, 26 Apr 2024 15:18:07 GMT Content-Length: 0`

	d2te5kruq0pvbl.cloudfront.net/redirector/exclamation-mark.svg	143.204.55.65	200 OK	602 B
URL GET HTTP/2 d2te5kruq0pvbl.cloudfront.net/redirector/exclamation-mark.svg IP 143.204.55.65:443 ASN #16509 AMAZON-02 Requested by https://candyslandsacpe.com/c99ab4ed7e1def86d8d Certificate IssuerAmazon Subject.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT File type SVG Scalable Vector Graphics image Size 602 B (602 bytes) Hash e6f9538f279748c9ae17973c54ae426d 086770bd2f43df13e800a15db66eef46d1b8e543 d850a3daa8d0ca6201762061b79fc38eb69ce51ab8907e60430d7851446d958b HTTP Headers `GET /redirector/exclamation-mark.svg HTTP/1.1 Host: d2te5kruq0pvbl.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://candyslandsacpe.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: image/svg+xml content-length: 602 last-modified: Mon, 21 Aug 2023 10:33:06 GMT x-amz-server-side-encryption: AES256 accept-ranges: bytes server: AmazonS3 date: Fri, 26 Apr 2024 07:20:03 GMT etag: "e6f9538f279748c9ae17973c54ae426d" x-cache: Hit from cloudfront via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 alt-svc: h3=":443"; ma=86400 x-amz-cf-id: YpA8p3o5XtEtIkQA1DVVMsOsvAp_UHGSMFgSfyUc1-E9Un1XuHcIbw== age: 28686 vary: Accept-Encoding, Origin X-Firefox-Spdy: h2

	fonts.googleapis.com/css2?family=Hind:wght@400;500&display=swap	142.250.74.106	200 OK	1.1 kB
URL GET HTTP/2 fonts.googleapis.com/css2?family=Hind:wght@400;500&display=swap IP 142.250.74.106:443 ASN #15169 GOOGLE Requested by https://candyslandsacpe.com/c99ab4ed7e1def86d8d Certificate IssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50 ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT File type gzip compressed data, max compression Size 1.1 kB (1070 bytes) Hash 31929a6f0c6c94cf15f536c10f1680ab aa2f708d3bbcd03aa9745edd033a4cef885d72c3 fa595834af75c6407a9fe11ee0ee71d6c36fdab136ad917c4271b6af0e36bab3 HTTP Headers `GET /css2?family=Hind:wght@400;500&display=swap HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://candyslandsacpe.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Fri, 26 Apr 2024 15:18:08 GMT date: Fri, 26 Apr 2024 15:18:08 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	d2te5kruq0pvbl.cloudfront.net/redirector/link-to-a-fraud-website.png	143.204.55.65	200 OK	70 kB
URL GET HTTP/2 d2te5kruq0pvbl.cloudfront.net/redirector/link-to-a-fraud-website.png IP 143.204.55.65:443 ASN #16509 AMAZON-02 Requested by https://candyslandsacpe.com/c99ab4ed7e1def86d8d Certificate IssuerAmazon Subject.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT File type PNG image data, 420 x 315, 8-bit/color RGBA, non-interlaced Size 70 kB (69925 bytes) Hash f85911132a40e397e4cb01dc917772bf a2a226186be54b94e1e751d17506ee493ef3b397 5029e05024a0acd57ea0256c771329dbb11acc09f7efd7bbd29e03ee542c5796 HTTP Headers `GET /redirector/link-to-a-fraud-website.png HTTP/1.1 Host: d2te5kruq0pvbl.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://candyslandsacpe.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: image/png content-length: 69925 last-modified: Mon, 21 Aug 2023 10:33:07 GMT x-amz-server-side-encryption: AES256 accept-ranges: bytes server: AmazonS3 date: Fri, 26 Apr 2024 07:20:03 GMT etag: "f85911132a40e397e4cb01dc917772bf" x-cache: Hit from cloudfront via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 alt-svc: h3=":443"; ma=86400 x-amz-cf-id: ZHJR7RVN8Y7vGrjj7QOvaDfRLPOL5M7olwiM6q5c6OrKZuS-lTwOng== age: 28686 vary: Accept-Encoding, Origin X-Firefox-Spdy: h2

	fonts.gstatic.com/s/hind/v16/5aU69_a8oxmIdGl4BA.woff2	216.58.207.227	200 OK	16 kB
URL GET HTTP/2 fonts.gstatic.com/s/hind/v16/5aU69_a8oxmIdGl4BA.woff2 IP 216.58.207.227:443 ASN #15169 GOOGLE Requested by https://candyslandsacpe.com/c99ab4ed7e1def86d8d Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT File type Web Open Font Format (Version 2), TrueType, length 16216, version 1.0 Size 16 kB (16216 bytes) Hash 4c5bc71b3cf6f2584725c0bb3e25d391 f051f482061dc48d09c328c45459dd04db5b5547 aca5dec430a7470ff1d8a16f9e7bb3ca30f2ff58f3bd60432cf1dddfa30c9d71 HTTP Headers GET /s/hind/v16/5aU69_a8oxmIdGl4BA.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://candyslandsacpe.com DNT: 1 Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 16216 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 26 Apr 2024 05:53:27 GMT expires: Sat, 26 Apr 2025 05:53:27 GMT cache-control: public, max-age=31536000 last-modified: Tue, 26 Apr 2022 15:45:50 GMT content-type: font/woff2 age: 33881 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/hind/v16/5aU19_a8oxmIfJpbERySjQ.woff2	216.58.207.227	200 OK	17 kB
URL GET HTTP/2 fonts.gstatic.com/s/hind/v16/5aU19_a8oxmIfJpbERySjQ.woff2 IP 216.58.207.227:443 ASN #15169 GOOGLE Requested by https://candyslandsacpe.com/c99ab4ed7e1def86d8d Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT File type Web Open Font Format (Version 2), TrueType, length 16788, version 1.0 Size 17 kB (16788 bytes) Hash fd24af413cb9cfdc66d2ff712bdfd614 978c3d524cc6a8114d11f78b6292b58c69cb8632 16ab274f0ede84be01a0361263faeb3ff18d2d95d155d6b9d654ef37f87db1f5 HTTP Headers GET /s/hind/v16/5aU19_a8oxmIfJpbERySjQ.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://candyslandsacpe.com DNT: 1 Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 16788 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 25 Apr 2024 17:30:23 GMT expires: Fri, 25 Apr 2025 17:30:23 GMT cache-control: public, max-age=31536000 age: 78465 last-modified: Tue, 26 Apr 2022 16:08:13 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	candyslandsacpe.com/c99ab4ed7e1def86d8d	52.2.56.64	403 Forbidden	12 kB
URL User Request GET HTTP/2 candyslandsacpe.com/c99ab4ed7e1def86d8d IP 52.2.56.64:443 ASN #14618 AMAZON-AES Certificate IssuerLet's Encrypt Subjectcandyslandsacpe.com FingerprintEC:DD:55:BB:DB:87:16:A7:B7:A8:8E:E4:6D:C8:D0:7C:D8:D1:36:00 ValidityThu, 25 Apr 2024 11:24:18 GMT - Wed, 24 Jul 2024 11:24:17 GMT File type data Size 12 kB (12122 bytes) Hash 5a84ab25062d648c048c9b7c711609bf 75fb1f1d956952ba359c304e1fa8d4c21a51a7ac 76242801c0ef8540473f9728324bd236f0e92d031bffcd2dcef2788da81283e2 HTTP Headers `GET /c99ab4ed7e1def86d8d HTTP/1.1 Host: candyslandsacpe.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 403 Forbidden x-content-type-options: nosniff content-type: text/html; charset=utf-8 date: Fri, 26 Apr 2024 15:18:07 GMT X-Firefox-Spdy: h2`

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (7)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers