| hv3id.aweys.net/ | 172.67.197.173 | | 3.4 kB |
IP172.67.197.173:0
File typeHTML document, ASCII text Hashf1fb042c62910c34be16ad91cbbd71fa 5bc7aceba9a8704ef4b1d427d7d08b140afcd866 9278d16ed2fdcd5dc651615b0b8adc6b55fb667a9d106a9891b861d4561d9a24
Analyzer | Verdict | Alert | OpenPhish | phishing | Generic/Spear Phishing |
GET / HTTP/1.1
Host: hv3id.aweys.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 10:36:43 GMT
content-type: text/html
last-modified: Mon, 04 Dec 2023 03:24:53 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OVjzpEoOLimxvTBE5rmpXkWG6sWI28Hbk1k25o304u6ICY0l9IJVTYKrH2eqqLhaSu15AMQg2gnT0VIeAJbTKM6%2Fw40o0P8KgIFRYSOFCzryi3s0MkTbLhvbtUspfUbFgik%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876403f42eacb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| hv3id.aweys.net/img-sys/IP_changed.png | 172.67.197.173 | 200 OK | 2.9 kB |
URL GET HTTP/3hv3id.aweys.net/img-sys/IP_changed.png IP172.67.197.173:443
Requested byhttps://hv3id.aweys.net/cgi-sys/defaultwebpage.cgi CertificateIssuerLet's Encrypt Subjectaweys.net FingerprintA4:9D:6A:F2:9B:15:28:78:10:98:E9:FC:30:CA:84:D5:ED:7D:E1:DA ValidityFri, 29 Mar 2024 18:33:19 GMT - Thu, 27 Jun 2024 18:33:18 GMT
File typePNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced Hashec081653bd4c836483e6d612588d18ec 91c7e4cfa061808881575a875741773a949a9e0a b19da51b5e9c9b29cd8523d85d92e99e4812c891c394929c9bf67557f560672c
Analyzer | Verdict | Alert | OpenPhish | phishing | Generic/Spear Phishing |
GET /img-sys/IP_changed.png HTTP/1.1
Host: hv3id.aweys.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hv3id.aweys.net/cgi-sys/defaultwebpage.cgi
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:36:44 GMT
content-type: image/png
content-length: 2939
cache-control: public, max-age=604800
expires: Thu, 25 Apr 2024 10:36:44 GMT
last-modified: Mon, 21 Mar 2022 16:03:23 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K86i7xmLzR73F56RybeyqUWxIOhvgL1ij7buYQBa6hwC8vZTz%2FJHfAAmsyxYbwkxWLeFim7ym3txzdYquf0uWOBRRrPNhSbqSUKld%2FLIOMqgxQhQkmURvmdH7YLrs42ASug%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876403f9df6b5690-OSL
alt-svc: h3=":443"; ma=86400
|
|
| hv3id.aweys.net/img-sys/error-bg-left.png | 172.67.197.173 | 200 OK | 8.1 kB |
URL GET HTTP/3hv3id.aweys.net/img-sys/error-bg-left.png IP172.67.197.173:443
Requested byhttps://hv3id.aweys.net/cgi-sys/defaultwebpage.cgi CertificateIssuerLet's Encrypt Subjectaweys.net FingerprintA4:9D:6A:F2:9B:15:28:78:10:98:E9:FC:30:CA:84:D5:ED:7D:E1:DA ValidityFri, 29 Mar 2024 18:33:19 GMT - Thu, 27 Jun 2024 18:33:18 GMT
File typePNG image data, 410 x 400, 8-bit/color RGBA, non-interlaced Hashcdbe46a0178886162bdedff35336154e f5acc131f7d3fdfbebfc4a55be73cf51c7638937 862885b79bef22ad5716b2dbfa714d52f628a439f2921bb9520a4630bbea5d4e
Analyzer | Verdict | Alert | OpenPhish | phishing | Generic/Spear Phishing |
GET /img-sys/error-bg-left.png HTTP/1.1
Host: hv3id.aweys.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hv3id.aweys.net/cgi-sys/defaultwebpage.cgi
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:36:44 GMT
content-type: image/png
content-length: 8072
cache-control: public, max-age=604800
expires: Thu, 25 Apr 2024 10:36:44 GMT
last-modified: Mon, 21 Mar 2022 16:03:23 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CKx8W%2FyuFsK3lD4kirsvfEAxSHCYtDZ4HkyGzq9x%2FFPmRTatG8gVTGV380kb7XHTKWasNO5QwPyBVI%2FYEgH2%2Bipoy6UBdwbCKOeUP3VIJbcHeFoL37%2BkjzgiAsrnG%2Fx8Tas%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876403f9efab5690-OSL
alt-svc: h3=":443"; ma=86400
|
|
| hv3id.aweys.net/img-sys/server_misconfigured.png | 172.67.197.173 | 200 OK | 3.2 kB |
URL GET HTTP/3hv3id.aweys.net/img-sys/server_misconfigured.png IP172.67.197.173:443
Requested byhttps://hv3id.aweys.net/cgi-sys/defaultwebpage.cgi CertificateIssuerLet's Encrypt Subjectaweys.net FingerprintA4:9D:6A:F2:9B:15:28:78:10:98:E9:FC:30:CA:84:D5:ED:7D:E1:DA ValidityFri, 29 Mar 2024 18:33:19 GMT - Thu, 27 Jun 2024 18:33:18 GMT
File typePNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced Hashf79adaf00f83dc9757086cdbe8645ff0 82f37b8be7668eab8e1a06de828cb336799c8134 944120fb6962c7484d769d645e6d830850eead9394f6a84090aed489cfc0c41f
Analyzer | Verdict | Alert | OpenPhish | phishing | Generic/Spear Phishing |
GET /img-sys/server_misconfigured.png HTTP/1.1
Host: hv3id.aweys.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hv3id.aweys.net/cgi-sys/defaultwebpage.cgi
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:36:44 GMT
content-type: image/png
content-length: 3164
cache-control: public, max-age=604800
expires: Thu, 25 Apr 2024 10:36:44 GMT
last-modified: Mon, 21 Mar 2022 16:03:23 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RSbBx%2BVn1jYlRpbxVPyRDZeQsKLjEJu%2BKJVX9NAvoaXQZLjJhOV3Z50ojzPP%2Fy%2FCuxRxgM%2B3VE8oy229Jnp6lRfWYNFhj0KEW%2FKLwrsMpiFXdJ9478FWzT7lEd%2F9jOdkS4s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876403f9df6c5690-OSL
alt-svc: h3=":443"; ma=86400
|
|
| hv3id.aweys.net/favicon.ico | 172.67.197.173 | 404 Not Found | 8.7 kB |
URL GET HTTP/3hv3id.aweys.net/favicon.ico IP172.67.197.173:443
Requested byhttps://hv3id.aweys.net/cgi-sys/defaultwebpage.cgi CertificateIssuerLet's Encrypt Subjectaweys.net FingerprintA4:9D:6A:F2:9B:15:28:78:10:98:E9:FC:30:CA:84:D5:ED:7D:E1:DA ValidityFri, 29 Mar 2024 18:33:19 GMT - Thu, 27 Jun 2024 18:33:18 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (4070) Hash58e2cf3ac45bf56c6eba335f377d560c 419570383bc49899efb7a6fd7c0303eda4cb141e 148e8c71f1c18ba7eedd615d43d2d12348bd0c0212cbefd725ce14c40788d38a
Analyzer | Verdict | Alert | OpenPhish | phishing | Generic/Spear Phishing |
GET /favicon.ico HTTP/1.1
Host: hv3id.aweys.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hv3id.aweys.net/cgi-sys/defaultwebpage.cgi
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Thu, 18 Apr 2024 10:36:45 GMT
content-type: text/html
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QASO0UoiLqiOp8jmQWvAMdUfeJ4g4ItUWpQnhScCafDGitWsHywD0tXXhkKDz%2B1q%2FHS1PQGrbFtu3BEjzW1ceMBuW2rcleFnHLO56KB954Yu%2BDMkPWQCoh4SNMynZLkhqo4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876403fc98435690-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hv3id.aweys.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js | 172.67.197.173 | 200 OK | 1.2 kB |
URL GET HTTP/3hv3id.aweys.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP172.67.197.173:443
Requested byhttps://hv3id.aweys.net/cgi-sys/defaultwebpage.cgi CertificateIssuerLet's Encrypt Subjectaweys.net FingerprintA4:9D:6A:F2:9B:15:28:78:10:98:E9:FC:30:CA:84:D5:ED:7D:E1:DA ValidityFri, 29 Mar 2024 18:33:19 GMT - Thu, 27 Jun 2024 18:33:18 GMT
File typeHTML document, ASCII text, with very long lines (1271), with no line terminators Hash40d981045a7516cdadd00e8dccc9c58d 8b8d9a48c6b9d2fba596034ef5db3dd0f2f781c3 71c7d5fc630ff38080f71945be1e8b0c43140d8c25338056b752495e18739c0c
Analyzer | Verdict | Alert | OpenPhish | phishing | Generic/Spear Phishing |
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: hv3id.aweys.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hv3id.aweys.net/cgi-sys/defaultwebpage.cgi
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:36:44 GMT
content-type: application/javascript
last-modified: Mon, 15 Apr 2024 08:31:34 GMT
etag: W/"661ce5e6-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M6jMxoUgMvhcj3O%2FvO55knJgElkwiETxKRfO0eI0WIBZtzF6H4C%2Bco2KKD%2Bsjiog1TwD5RrGres4mO3TVcjIr3hi11UytRlnWfFbxu7lowiiiDjIMNeZ%2BRaHbO%2BsC0p2rpw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876403f9ef855690-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sat, 20 Apr 2024 10:36:44 GMT
cache-control: max-age=172800, public
content-encoding: gzip
|
|
| hv3id.aweys.net/img-sys/powered_by_cpanel.svg | 172.67.197.173 | 200 OK | 5.6 kB |
URL GET HTTP/3hv3id.aweys.net/img-sys/powered_by_cpanel.svg IP172.67.197.173:443
Requested byhttps://hv3id.aweys.net/cgi-sys/defaultwebpage.cgi CertificateIssuerLet's Encrypt Subjectaweys.net FingerprintA4:9D:6A:F2:9B:15:28:78:10:98:E9:FC:30:CA:84:D5:ED:7D:E1:DA ValidityFri, 29 Mar 2024 18:33:19 GMT - Thu, 27 Jun 2024 18:33:18 GMT
File typeSVG Scalable Vector Graphics image Hashcfcf3d7719b124ecd2625b83cfdf014d 8d9090b5c06b0507aca2d4348779b1e5d22b7941 65055fa73adca7e37605eb5c65d74ca7bf0295d78e9b0a2461fb034974d94584
Analyzer | Verdict | Alert | OpenPhish | phishing | Generic/Spear Phishing |
GET /img-sys/powered_by_cpanel.svg HTTP/1.1
Host: hv3id.aweys.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hv3id.aweys.net/cgi-sys/defaultwebpage.cgi
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:36:44 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Thu, 25 Apr 2024 10:36:44 GMT
last-modified: Mon, 21 Mar 2022 16:03:23 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dhXFtzQ1at4p5EMQydt5zJS6wxX%2Fm3DJANTnk8HEuvbGMZcl5wlTWPLCg67b%2FurQ7fnBrB8pHdxtBIWNhhMbUEUOHs8tSaApJrPgYaINTgmENAyG3av8Ml3yecbwNzTFNqk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876403f9ef7f5690-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hv3id.aweys.net/cgi-sys/defaultwebpage.cgi | 172.67.197.173 | 200 OK | 7.2 kB |
URL User Request GET HTTP/3hv3id.aweys.net/cgi-sys/defaultwebpage.cgi IP172.67.197.173:443
CertificateIssuerLet's Encrypt Subjectaweys.net FingerprintA4:9D:6A:F2:9B:15:28:78:10:98:E9:FC:30:CA:84:D5:ED:7D:E1:DA ValidityFri, 29 Mar 2024 18:33:19 GMT - Thu, 27 Jun 2024 18:33:18 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (7499), with no line terminators Hashb49fa4ff83efc607ff83abc5cc4385e8 5630c42632aabe9bd1b94854eddd502ddc3e6e67 136236252cc1f2d610c914294872913d20ae386a04e830fbfa5085c1ec7f6f5f
Analyzer | Verdict | Alert | OpenPhish | phishing | Generic/Spear Phishing |
GET /cgi-sys/defaultwebpage.cgi HTTP/1.1
Host: hv3id.aweys.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:36:44 GMT
content-type: text/html
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3t%2BTMKjXh86vg%2BmUboyn%2F7%2FbbFkwSLWpstj6EszkK4K%2FA5Nzrx7HLpV34jxEcfaiAnB1dpk96iGR4gfAKPQzmfrUFcPKo%2BgCHYfhSOkUG6lZATDj2wfsjFQBe%2BkWz6ncj3Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876403f81bf25690-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hv3id.aweys.net/img-sys/server_moved.png | 172.67.197.173 | 200 OK | 3.3 kB |
URL GET HTTP/3hv3id.aweys.net/img-sys/server_moved.png IP172.67.197.173:443
Requested byhttps://hv3id.aweys.net/cgi-sys/defaultwebpage.cgi CertificateIssuerLet's Encrypt Subjectaweys.net FingerprintA4:9D:6A:F2:9B:15:28:78:10:98:E9:FC:30:CA:84:D5:ED:7D:E1:DA ValidityFri, 29 Mar 2024 18:33:19 GMT - Thu, 27 Jun 2024 18:33:18 GMT
File typePNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced Hashf6590a396da81a8e4cce7ca046874ffd 7e68db322c32ca079b2c836812d3a25204ab93cc 3a22057583d3e17bc94990d92a3425d5510dc5bdb60fe40fafeb405a38f8ed28
Analyzer | Verdict | Alert | OpenPhish | phishing | Generic/Spear Phishing |
GET /img-sys/server_moved.png HTTP/1.1
Host: hv3id.aweys.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hv3id.aweys.net/cgi-sys/defaultwebpage.cgi
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:36:44 GMT
content-type: image/png
content-length: 3327
cache-control: public, max-age=604800
expires: Thu, 25 Apr 2024 10:36:44 GMT
last-modified: Mon, 21 Mar 2022 16:03:23 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uTMlhnDqBOHZwl70JRSNo0oFY4NOgsjDxuJwThBiflrexJ3YonbxaCL241zIvpr0woGjxuJzN8o%2BqVEcvD28bClSH6L1pFj5pDkjNUp6v59GdslxLOoINu%2B16r9PR6Rm%2BwI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876403f9df735690-OSL
alt-svc: h3=":443"; ma=86400
|
|