Report - confirmed-witty-television.glitch.me/public/NF6ZYO3U0ETRC6UIA5BRREAKTD8CH9OE.html

Report Overview

Submitted URL
confirmed-witty-television.glitch.me/public/NF6ZYO3U0ETRC6UIA5BRREAKTD8CH9OE.html
IP
34.226.28.43
ASN
#14618 AMAZON-AES
Submitted
2024-05-04 17:21:04
Access
public
Website Title
Amazon Sign In
Final URL
phiten.su/bitrix/images/seo/integration/store/shop/16a79/
Tags
amazon phishing
urlquery detections
Phishing - Amazon

Detections

urlquery
15
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
confirmed-witty-television.glitch.me	unknown	unknown	No data	No data	535 B	907 B	52.203.185.31
phiten.su	unknown	2018-04-02	2019-07-16	2023-06-28	6.4 kB	350 kB	178.57.219.215
amazon-scama.blogspot.com	unknown	2000-07-31	2018-11-15	2019-06-21	417 B	494 B	216.58.207.193

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (3)

	URL	Size	First Seen	Last Seen
	phiten.su/bitrix/images/seo/integration/store/shop/16a79/js/jquery.min.js	160 kB	2023-03-07	2024-05-12
Pretty URL phiten.su/bitrix/images/seo/integration/store/shop/16a79/js/jquery.min.js IP 178.57.219.215 ASN #210079 EuroByte LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:56 Last Seen2024-05-12 19:00:01 Times Seen465 Hash 3e0ddb6a634db21d0eb75c99045a9854 5dfcfccfa6816c6327f4e367e8dfa303232b0999 89db88fadaf63fd4e91d869fed81834918debd6eacbe6e47b5ad54e061996aed Loading...

	phiten.su/bitrix/images/seo/integration/store/shop/16a79/js/jquery.validate.min.js	34 kB	2023-03-07	2024-05-14
Pretty URL phiten.su/bitrix/images/seo/integration/store/shop/16a79/js/jquery.validate.min.js IP 178.57.219.215 ASN #210079 EuroByte LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:00:13 Last Seen2024-05-14 18:51:03 Times Seen835 Hash 88ad5856a31bba7759077928c3eda3e6 503e6eeaf610787705d8cb4f47d39501342e4c78 f59dc66c08474ec52a21ab66cd6ba46a4e4ace29b0b82e2306add18741ae9c2a Loading...

	phiten.su/bitrix/images/seo/integration/store/shop/16a79/js/sire.form.js	8.7 kB	2023-03-07	2024-05-04
Pretty URL phiten.su/bitrix/images/seo/integration/store/shop/16a79/js/sire.form.js IP 178.57.219.215 ASN #210079 EuroByte LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:00:13 Last Seen2024-05-04 19:21:10 Times Seen78 Hash e7762530994d3b33ab43648ee5bce6c6 5daf054398c974f6fca9ca5bc0b6b15e8dcf00cf 5770aab99e33b0e18f73c3a6937e7e02a0858ea03e410e5d36905a13fc0a7537 Loading...

HTTP Transactions (13)

URL IP Response Size

confirmed-witty-television.glitch.me/public/NF6ZYO3U0ETRC6UIA5BRREAKTD8CH9OE.html

52.203.185.31

433 B

URL
confirmed-witty-television.glitch.me/public/NF6ZYO3U0ETRC6UIA5BRREAKTD8CH9OE.html
IP
52.203.185.31:0
ASN
#14618 AMAZON-AES

File type
HTML document, ASCII text
Size
433 B (433 bytes)
Hash
9c4cd678b26d14441dd0030c83f231d5
ba962a8517469f1f37c063d1d55f291ef95f7a89
f66433d1e49b1b17a698077a3350dc7ede0651059a69b2de1f97c632f5714e3a

HTTP Headers

GET /public/NF6ZYO3U0ETRC6UIA5BRREAKTD8CH9OE.html HTTP/1.1
Host: confirmed-witty-television.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 17:20:38 GMT
content-type: text/html; charset=utf-8
content-length: 433
x-amz-id-2: SMiccnWk3d348gGgkCZy6B1C04DobSKu7BUJkjE1BHrZc165JDLzwXj/9NVZ8a7air6Gx9j8rv0=
x-amz-request-id: MJ6SABG296YEKZFF
last-modified: Thu, 02 May 2024 10:04:48 GMT
etag: "9c4cd678b26d14441dd0030c83f231d5"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

phiten.su/bitrix/images/seo/integration/store/shop/

178.57.219.215

302 Found

0 B

URL User Request GET HTTP/2
phiten.su/bitrix/images/seo/integration/store/shop/
IP
178.57.219.215:443
ASN
#210079 EuroByte LLC

Certificate
IssuerLet's Encrypt
Subjectphiten.su
Fingerprint16:34:46:FC:1D:F3:A4:23:F3:9D:33:40:68:60:B0:A2:CD:6C:53:B7
ValidityTue, 23 Apr 2024 23:59:31 GMT - Mon, 22 Jul 2024 23:59:30 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Amazon

HTTP Headers

GET /bitrix/images/seo/integration/store/shop/ HTTP/1.1
Host: phiten.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx/1.24.0
date: Sat, 04 May 2024 17:20:39 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/7.4.33
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=271b9d4aa7aa9bc334522f51ff112b8e; path=/
location: 16a79
X-Firefox-Spdy: h2

phiten.su/bitrix/images/seo/integration/store/shop/16a79/style/style2.css

178.57.219.215

200 OK

11 kB

URL GET HTTP/2
phiten.su/bitrix/images/seo/integration/store/shop/16a79/style/style2.css
IP
178.57.219.215:443
ASN
#210079 EuroByte LLC

Requested by
https://phiten.su/bitrix/images/seo/integration/store/shop/16a79/
Certificate
IssuerLet's Encrypt
Subjectphiten.su
Fingerprint16:34:46:FC:1D:F3:A4:23:F3:9D:33:40:68:60:B0:A2:CD:6C:53:B7
ValidityTue, 23 Apr 2024 23:59:31 GMT - Mon, 22 Jul 2024 23:59:30 GMT

File type
gzip compressed data, from Unix
Size
11 kB (10849 bytes)
Hash
1cc39a80b31a703c0ed7db5f6a19adf0
dcccb91e16a4964cb0226e36ad8e6cdd7e9ab4c3
0d91a9849513c234144e58f479fbf1f1dd2dfb6b00d42be45b195fc2d78f02db

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Amazon

HTTP Headers

GET /bitrix/images/seo/integration/store/shop/16a79/style/style2.css HTTP/1.1
Host: phiten.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://phiten.su/bitrix/images/seo/integration/store/shop/16a79/
Cookie: PHPSESSID=271b9d4aa7aa9bc334522f51ff112b8e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.24.0
date: Sat, 04 May 2024 17:20:39 GMT
content-type: text/css
last-modified: Sat, 04 May 2024 17:20:39 GMT
etag: W/"66366e67-9c2d"
expires: Sat, 04 May 2024 19:20:39 GMT
cache-control: max-age=7200
content-encoding: gzip
X-Firefox-Spdy: h2

phiten.su/bitrix/images/seo/integration/store/shop/16a79/js/sire.form.js

178.57.219.215

200 OK

4.5 kB

URL GET HTTP/2
phiten.su/bitrix/images/seo/integration/store/shop/16a79/js/sire.form.js
IP
178.57.219.215:443
ASN
#210079 EuroByte LLC

Requested by
https://phiten.su/bitrix/images/seo/integration/store/shop/16a79/
Certificate
IssuerLet's Encrypt
Subjectphiten.su
Fingerprint16:34:46:FC:1D:F3:A4:23:F3:9D:33:40:68:60:B0:A2:CD:6C:53:B7
ValidityTue, 23 Apr 2024 23:59:31 GMT - Mon, 22 Jul 2024 23:59:30 GMT

File type
gzip compressed data, from Unix
Size
4.5 kB (4535 bytes)
Hash
5759a1cc8a9c05e66f6b3193b77b5f51
9fef6b25eb275e666c4d31903fb8483f75755f4e
1a91876e2a85a34954af676a619e17d0069eaae3064d966fef4f766c3268b5fe

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Amazon

HTTP Headers

GET /bitrix/images/seo/integration/store/shop/16a79/js/sire.form.js HTTP/1.1
Host: phiten.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://phiten.su/bitrix/images/seo/integration/store/shop/16a79/
Cookie: PHPSESSID=271b9d4aa7aa9bc334522f51ff112b8e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.24.0
date: Sat, 04 May 2024 17:20:39 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Sat, 04 May 2024 17:20:39 GMT
etag: W/"66366e67-21e3"
expires: Sat, 04 May 2024 19:20:39 GMT
cache-control: max-age=7200
content-encoding: gzip
X-Firefox-Spdy: h2

phiten.su/bitrix/images/seo/integration/store/shop/16a79/style/style3.css

178.57.219.215

200 OK

31 kB

URL GET HTTP/2
phiten.su/bitrix/images/seo/integration/store/shop/16a79/style/style3.css
IP
178.57.219.215:443
ASN
#210079 EuroByte LLC

Requested by
https://phiten.su/bitrix/images/seo/integration/store/shop/16a79/
Certificate
IssuerLet's Encrypt
Subjectphiten.su
Fingerprint16:34:46:FC:1D:F3:A4:23:F3:9D:33:40:68:60:B0:A2:CD:6C:53:B7
ValidityTue, 23 Apr 2024 23:59:31 GMT - Mon, 22 Jul 2024 23:59:30 GMT

File type
gzip compressed data, from Unix
Size
31 kB (30688 bytes)
Hash
054105729fafa55fd7dd048fcf29b826
08e050a86874997b219130e57482ad51b1c804b8
b852b3816872e3c17d77ea1206171e1fc67eb4469e9d42fd67ed1f9d561656fe

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Amazon

HTTP Headers

GET /bitrix/images/seo/integration/store/shop/16a79/style/style3.css HTTP/1.1
Host: phiten.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://phiten.su/bitrix/images/seo/integration/store/shop/16a79/
Cookie: PHPSESSID=271b9d4aa7aa9bc334522f51ff112b8e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.24.0
date: Sat, 04 May 2024 17:20:39 GMT
content-type: text/css
last-modified: Sat, 04 May 2024 17:20:39 GMT
etag: W/"66366e67-29e38"
expires: Sat, 04 May 2024 19:20:39 GMT
cache-control: max-age=7200
content-encoding: gzip
X-Firefox-Spdy: h2

phiten.su/bitrix/images/seo/integration/store/shop/16a79/js/jquery.validate.min.js

178.57.219.215

200 OK

18 kB

URL GET HTTP/2
phiten.su/bitrix/images/seo/integration/store/shop/16a79/js/jquery.validate.min.js
IP
178.57.219.215:443
ASN
#210079 EuroByte LLC

Requested by
https://phiten.su/bitrix/images/seo/integration/store/shop/16a79/
Certificate
IssuerLet's Encrypt
Subjectphiten.su
Fingerprint16:34:46:FC:1D:F3:A4:23:F3:9D:33:40:68:60:B0:A2:CD:6C:53:B7
ValidityTue, 23 Apr 2024 23:59:31 GMT - Mon, 22 Jul 2024 23:59:30 GMT

File type
gzip compressed data, from Unix
Size
18 kB (18005 bytes)
Hash
625796db0c35358157cd337ecc2dd86e
5f52cf177478cd28c9f1c7bf113b15cfe22a56a9
3ff61746e8abb4e4af7c916295ae3c119a2604a278196d75adc4364184e74594

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Amazon

HTTP Headers

GET /bitrix/images/seo/integration/store/shop/16a79/js/jquery.validate.min.js HTTP/1.1
Host: phiten.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://phiten.su/bitrix/images/seo/integration/store/shop/16a79/
Cookie: PHPSESSID=271b9d4aa7aa9bc334522f51ff112b8e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.24.0
date: Sat, 04 May 2024 17:20:39 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Sat, 04 May 2024 17:20:39 GMT
etag: W/"66366e67-867d"
expires: Sat, 04 May 2024 19:20:39 GMT
cache-control: max-age=7200
content-encoding: gzip
X-Firefox-Spdy: h2

phiten.su/bitrix/images/seo/integration/store/shop/16a79/styel/style1.css

178.57.219.215

404 Not Found

49 kB

URL GET HTTP/2
phiten.su/bitrix/images/seo/integration/store/shop/16a79/styel/style1.css
IP
178.57.219.215:443
ASN
#210079 EuroByte LLC

Requested by
https://phiten.su/bitrix/images/seo/integration/store/shop/16a79/
Certificate
IssuerLet's Encrypt
Subjectphiten.su
Fingerprint16:34:46:FC:1D:F3:A4:23:F3:9D:33:40:68:60:B0:A2:CD:6C:53:B7
ValidityTue, 23 Apr 2024 23:59:31 GMT - Mon, 22 Jul 2024 23:59:30 GMT

File type
gzip compressed data, from Unix
Size
49 kB (49099 bytes)
Hash
bbd3fd68172e4e7d35c7104047496738
7acd00c95fc948b49d3e00a3a58b943931b5a9a2
b16df795923e0badace83c1b93d1ba63e9f59567d4c96f649079d5faa276057e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Amazon

HTTP Headers

GET /bitrix/images/seo/integration/store/shop/16a79/styel/style1.css HTTP/1.1
Host: phiten.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://phiten.su/bitrix/images/seo/integration/store/shop/16a79/
Cookie: PHPSESSID=271b9d4aa7aa9bc334522f51ff112b8e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: nginx/1.24.0
date: Sat, 04 May 2024 17:20:40 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
p3p: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
x-powered-cms: Bitrix Site Manager (a4f84a2dd5034ed9fbae357a0c17b3f0)
x-devsrv-cms: Bitrix
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=BxKon8UMLZ1VGYxDpsXRpdvRRwWBQQZ3; path=/; domain=phiten.su; HttpOnly
BITRIX_PHITEN_SALE_UID=80a40c8b71b6df7359133bfd8b0179de; expires=Tue, 29-Apr-2025 17:20:40 GMT; Max-Age=31104000; path=/; domain=phiten.su; secure
content-encoding: gzip
X-Firefox-Spdy: h2

phiten.su/bitrix/images/seo/integration/store/shop/16a79/style/img/icon.png

178.57.219.215

200 OK

31 kB

URL GET HTTP/2
phiten.su/bitrix/images/seo/integration/store/shop/16a79/style/img/icon.png
IP
178.57.219.215:443
ASN
#210079 EuroByte LLC

Requested by
https://phiten.su/bitrix/images/seo/integration/store/shop/16a79/
Certificate
IssuerLet's Encrypt
Subjectphiten.su
Fingerprint16:34:46:FC:1D:F3:A4:23:F3:9D:33:40:68:60:B0:A2:CD:6C:53:B7
ValidityTue, 23 Apr 2024 23:59:31 GMT - Mon, 22 Jul 2024 23:59:30 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
31 kB (30745 bytes)
Hash
54cbe77d0c337b97e0d9a4cd0ea802e8
300c09b9311dc33316a2c07dbab7041db341a64f
89e4947816296bfeb36d37f654d6c83e26906d0cc6f73088065ba7cf6bd98406

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Amazon

HTTP Headers

GET /bitrix/images/seo/integration/store/shop/16a79/style/img/icon.png HTTP/1.1
Host: phiten.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://phiten.su/bitrix/images/seo/integration/store/shop/16a79/
Cookie: PHPSESSID=271b9d4aa7aa9bc334522f51ff112b8e; PHPSESSID=BxKon8UMLZ1VGYxDpsXRpdvRRwWBQQZ3; BITRIX_PHITEN_SALE_UID=80a40c8b71b6df7359133bfd8b0179de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.24.0
date: Sat, 04 May 2024 17:20:40 GMT
content-type: image/png
content-length: 30745
last-modified: Sat, 04 May 2024 17:20:39 GMT
etag: "66366e67-7819"
expires: Sat, 04 May 2024 19:20:40 GMT
cache-control: max-age=7200
accept-ranges: bytes
X-Firefox-Spdy: h2

phiten.su/bitrix/images/seo/integration/store/shop/16a79

178.57.219.215

301 Moved Permanently

8.3 kB

URL User Request GET HTTP/2
phiten.su/bitrix/images/seo/integration/store/shop/16a79
IP
178.57.219.215:443
ASN
#210079 EuroByte LLC

Certificate
IssuerLet's Encrypt
Subjectphiten.su
Fingerprint16:34:46:FC:1D:F3:A4:23:F3:9D:33:40:68:60:B0:A2:CD:6C:53:B7
ValidityTue, 23 Apr 2024 23:59:31 GMT - Mon, 22 Jul 2024 23:59:30 GMT

File type

Size
8.3 kB (8256 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Amazon

HTTP Headers

GET /bitrix/images/seo/integration/store/shop/16a79 HTTP/1.1
Host: phiten.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=271b9d4aa7aa9bc334522f51ff112b8e
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
server: nginx/1.24.0
date: Sat, 04 May 2024 17:20:39 GMT
content-type: text/html; charset=iso-8859-1
location: http://phiten.su/bitrix/images/seo/integration/store/shop/16a79/
X-Firefox-Spdy: h2

amazon-scama.blogspot.com/

216.58.207.193

200 OK

0 B

URL GET HTTP/2
amazon-scama.blogspot.com/
IP
216.58.207.193:443
ASN
#15169 GOOGLE

Requested by
https://phiten.su/bitrix/images/seo/integration/store/shop/16a79/
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
FingerprintC4:7D:61:88:AB:F1:15:A1:36:2A:68:39:51:62:46:00:23:6D:39:00
ValidityTue, 16 Apr 2024 03:45:20 GMT - Tue, 09 Jul 2024 03:45:19 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: amazon-scama.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://phiten.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sat, 04 May 2024 17:20:41 GMT
date: Sat, 04 May 2024 17:20:41 GMT
cache-control: private, max-age=0
last-modified: Thu, 14 Mar 2024 02:59:39 GMT
etag: W/"ee829cecb9e7ab2ccc2e717a8191295ced248d6c81b424048dc63c65467fcd4a"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 14904
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

phiten.su/bitrix/images/seo/integration/store/shop/16a79/style/img/AmazonUIBaseCSS-sprite_1x-28bd59af93d9b1c745bb0aca4de58763b54df7cf._V2_.png

178.57.219.215

200 OK

26 kB

URL GET HTTP/2
phiten.su/bitrix/images/seo/integration/store/shop/16a79/style/img/AmazonUIBaseCSS-sprite_1x-28bd59af93d9b1c745bb0aca4de58763b54df7cf._V2_.png
IP
178.57.219.215:443
ASN
#210079 EuroByte LLC

Requested by
https://phiten.su/bitrix/images/seo/integration/store/shop/16a79/
Certificate
IssuerLet's Encrypt
Subjectphiten.su
Fingerprint16:34:46:FC:1D:F3:A4:23:F3:9D:33:40:68:60:B0:A2:CD:6C:53:B7
ValidityTue, 23 Apr 2024 23:59:31 GMT - Mon, 22 Jul 2024 23:59:30 GMT

File type
PNG image data, 400 x 670, 8-bit colormap, non-interlaced
Size
26 kB (26119 bytes)
Hash
6a23b505718afa5a58332cb232d17818
28bd59af93d9b1c745bb0aca4de58763b54df7cf
e1283c0339d0393ebf45c02a0b34618f572b82eb5dbda366385498ae01413d3d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Amazon

HTTP Headers

GET /bitrix/images/seo/integration/store/shop/16a79/style/img/AmazonUIBaseCSS-sprite_1x-28bd59af93d9b1c745bb0aca4de58763b54df7cf._V2_.png HTTP/1.1
Host: phiten.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://phiten.su/bitrix/images/seo/integration/store/shop/16a79/style/style3.css
Cookie: PHPSESSID=271b9d4aa7aa9bc334522f51ff112b8e; PHPSESSID=BxKon8UMLZ1VGYxDpsXRpdvRRwWBQQZ3; BITRIX_PHITEN_SALE_UID=80a40c8b71b6df7359133bfd8b0179de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.24.0
date: Sat, 04 May 2024 17:20:40 GMT
content-type: image/png
content-length: 26119
last-modified: Sat, 04 May 2024 17:20:39 GMT
etag: "66366e67-6607"
expires: Sat, 04 May 2024 19:20:40 GMT
cache-control: max-age=7200
accept-ranges: bytes
X-Firefox-Spdy: h2

phiten.su/bitrix/images/seo/integration/store/shop/16a79/

178.57.219.215

200 OK

8.3 kB

URL User Request GET HTTP/2
phiten.su/bitrix/images/seo/integration/store/shop/16a79/
IP
178.57.219.215:443
ASN
#210079 EuroByte LLC

Certificate
IssuerLet's Encrypt
Subjectphiten.su
Fingerprint16:34:46:FC:1D:F3:A4:23:F3:9D:33:40:68:60:B0:A2:CD:6C:53:B7
ValidityTue, 23 Apr 2024 23:59:31 GMT - Mon, 22 Jul 2024 23:59:30 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (8907), with no line terminators
Size
8.3 kB (8256 bytes)
Hash
a7cca8f5238dcfaf68d96561ebbe04d9
9f6581400af5833441f0e3701f7e9e748b1d2bba
220dbdd4d45b8b035258ee60edd5c8d188e9fdac5c299c38c19ebd8350b7fa0f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Amazon

HTTP Headers

GET /bitrix/images/seo/integration/store/shop/16a79/ HTTP/1.1
Host: phiten.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: PHPSESSID=271b9d4aa7aa9bc334522f51ff112b8e
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.24.0
date: Sat, 04 May 2024 17:20:39 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

phiten.su/bitrix/images/seo/integration/store/shop/16a79/js/jquery.min.js

178.57.219.215

200 OK

160 kB

URL GET HTTP/2
phiten.su/bitrix/images/seo/integration/store/shop/16a79/js/jquery.min.js
IP
178.57.219.215:443
ASN
#210079 EuroByte LLC

Requested by
https://phiten.su/bitrix/images/seo/integration/store/shop/16a79/
Certificate
IssuerLet's Encrypt
Subjectphiten.su
Fingerprint16:34:46:FC:1D:F3:A4:23:F3:9D:33:40:68:60:B0:A2:CD:6C:53:B7
ValidityTue, 23 Apr 2024 23:59:31 GMT - Mon, 22 Jul 2024 23:59:30 GMT

File type
JavaScript source, ASCII text, with very long lines (568)
Size
160 kB (159536 bytes)
Hash
3e0ddb6a634db21d0eb75c99045a9854
5dfcfccfa6816c6327f4e367e8dfa303232b0999
89db88fadaf63fd4e91d869fed81834918debd6eacbe6e47b5ad54e061996aed

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Amazon

HTTP Headers

GET /bitrix/images/seo/integration/store/shop/16a79/js/jquery.min.js HTTP/1.1
Host: phiten.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://phiten.su/bitrix/images/seo/integration/store/shop/16a79/
Cookie: PHPSESSID=271b9d4aa7aa9bc334522f51ff112b8e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.24.0
date: Sat, 04 May 2024 17:20:39 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Sat, 04 May 2024 17:20:39 GMT
etag: W/"66366e67-26f30"
expires: Sat, 04 May 2024 19:20:39 GMT
cache-control: max-age=7200
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (13)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type