| supportofamazongcojp.duckdns.org/signin?verify=cr51_073e1218c436189ebc7ee8634fcbe942 | 161.34.34.140 | 200 OK | 3.3 kB |
URL User Request GET HTTP/1.1supportofamazongcojp.duckdns.org/signin?verify=cr51_073e1218c436189ebc7ee8634fcbe942 IP161.34.34.140:443 ASN#2514 NTT PC Communications, Inc.
CertificateIssuerLet's Encrypt Subjectwebmail.supportofamazongcojp.duckdns.org Fingerprint3F:24:47:1E:08:42:EF:94:2F:42:4D:DA:54:79:C5:72:CB:7C:F1:D4 ValidityMon, 06 May 2024 05:30:32 GMT - Sun, 04 Aug 2024 05:30:31 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (661), with CRLF line terminators Hash201c7fe0147b263eea3750bd9d23cd12 a699186c20401958b53addeb6b5f1651d8b91b7a 620e586b86ba57023958b53730381499a4f00d04401820e0b2b92d0834e2b8f9
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Amazon | urlquery | suspicious | Suspicious - DynDNS domain |
GET /signin?verify=cr51_073e1218c436189ebc7ee8634fcbe942 HTTP/1.1
Host: supportofamazongcojp.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=28927114dc8f2f9918dc6573df392d60
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:24:57 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
|
|
| supportofamazongcojp.duckdns.org/ | 161.34.34.140 | | 481 B |
URL supportofamazongcojp.duckdns.org/ IP161.34.34.140:0 ASN#2514 NTT PC Communications, Inc.
CertificateIssuerLet's Encrypt Subjectwebmail.supportofamazongcojp.duckdns.org Fingerprint3F:24:47:1E:08:42:EF:94:2F:42:4D:DA:54:79:C5:72:CB:7C:F1:D4 ValidityMon, 06 May 2024 05:30:32 GMT - Sun, 04 Aug 2024 05:30:31 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashf79f47db86811a68edaa485f65c9a2ff 44286c3b95e0208c5869607db082e23a61cd3552 5791eb75ab6fbba357448c145dc400dd51f5db8d5cb528c1db15056192b3f8ab
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Amazon | urlquery | suspicious | Suspicious - DynDNS domain |
GET / HTTP/1.1
Host: supportofamazongcojp.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:24:57 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=583057e89c445f689ddde40d29cee33f; path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
|
|
| supportofamazongcojp.duckdns.org/CR51/Assets/_hayo/css/style.sign-desktop.css | 161.34.34.140 | 200 OK | 36 kB |
URL GET HTTP/1.1supportofamazongcojp.duckdns.org/CR51/Assets/_hayo/css/style.sign-desktop.css IP161.34.34.140:443 ASN#2514 NTT PC Communications, Inc.
Requested byhttps://supportofamazongcojp.duckdns.org/signin?verify=cr51_073e1218c436189ebc7ee8634fcbe942 CertificateIssuerLet's Encrypt Subjectwebmail.supportofamazongcojp.duckdns.org Fingerprint3F:24:47:1E:08:42:EF:94:2F:42:4D:DA:54:79:C5:72:CB:7C:F1:D4 ValidityMon, 06 May 2024 05:30:32 GMT - Sun, 04 Aug 2024 05:30:31 GMT
File typeASCII text, with very long lines (20048), with CRLF line terminators Hashce03668bf4cba84e446d39b1e5430fa2 a1e1d2f4e14d20921a9b13ed4ea14ce0c407e64f 0c56d79edb4b4187f79ddcecd68fae587c56402c3ed737ed954b3eda3d250967
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Amazon | urlquery | suspicious | Suspicious - DynDNS domain |
GET /CR51/Assets/_hayo/css/style.sign-desktop.css HTTP/1.1
Host: supportofamazongcojp.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://supportofamazongcojp.duckdns.org/signin?verify=cr51_073e1218c436189ebc7ee8634fcbe942
Cookie: PHPSESSID=28927114dc8f2f9918dc6573df392d60
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:24:58 GMT
Server: Apache
Last-Modified: Sat, 13 Nov 2021 16:02:18 GMT
Accept-Ranges: bytes
Content-Length: 36441
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
|
|
| supportofamazongcojp.duckdns.org/CR51/Assets/_hayo/css/sign-dekstop.css | 161.34.34.140 | 200 OK | 136 kB |
URL GET HTTP/1.1supportofamazongcojp.duckdns.org/CR51/Assets/_hayo/css/sign-dekstop.css IP161.34.34.140:443 ASN#2514 NTT PC Communications, Inc.
Requested byhttps://supportofamazongcojp.duckdns.org/signin?verify=cr51_073e1218c436189ebc7ee8634fcbe942 CertificateIssuerLet's Encrypt Subjectwebmail.supportofamazongcojp.duckdns.org Fingerprint3F:24:47:1E:08:42:EF:94:2F:42:4D:DA:54:79:C5:72:CB:7C:F1:D4 ValidityMon, 06 May 2024 05:30:32 GMT - Sun, 04 Aug 2024 05:30:31 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size136 kB (135724 bytes) Hash145d4167f1247d5618d6a7d3df28aa7a 1188188a940b68ee827c7babeffc279ec06f8f13 a3987cc9ff1e96ae068bdd13278434f2d3d32e781b1e131d8e0ed2a1a8eb481b
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Amazon | urlquery | suspicious | Suspicious - DynDNS domain |
GET /CR51/Assets/_hayo/css/sign-dekstop.css HTTP/1.1
Host: supportofamazongcojp.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://supportofamazongcojp.duckdns.org/signin?verify=cr51_073e1218c436189ebc7ee8634fcbe942
Cookie: PHPSESSID=28927114dc8f2f9918dc6573df392d60
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:24:58 GMT
Server: Apache
Last-Modified: Sat, 13 Nov 2021 16:02:18 GMT
Accept-Ranges: bytes
Content-Length: 135724
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
|
|
| supportofamazongcojp.duckdns.org/CR51/Assets/_hayo/js/jquery.validate.min.js | 161.34.34.140 | 200 OK | 37 kB |
URL GET HTTP/1.1supportofamazongcojp.duckdns.org/CR51/Assets/_hayo/js/jquery.validate.min.js IP161.34.34.140:443 ASN#2514 NTT PC Communications, Inc.
Requested byhttps://supportofamazongcojp.duckdns.org/signin?verify=cr51_073e1218c436189ebc7ee8634fcbe942 CertificateIssuerLet's Encrypt Subjectwebmail.supportofamazongcojp.duckdns.org Fingerprint3F:24:47:1E:08:42:EF:94:2F:42:4D:DA:54:79:C5:72:CB:7C:F1:D4 ValidityMon, 06 May 2024 05:30:32 GMT - Sun, 04 Aug 2024 05:30:31 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (829), with CRLF line terminators Hash1cdeeb8eaca2a1357de0a82bd5e5526f f0474ee246d33979152b20bfbea49045581792f3 1327e703fcf1311de11818f1fedcef1ec0ba4f60734962c6955fdffc408d5287
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Amazon | urlquery | suspicious | Suspicious - DynDNS domain |
GET /CR51/Assets/_hayo/js/jquery.validate.min.js HTTP/1.1
Host: supportofamazongcojp.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://supportofamazongcojp.duckdns.org/signin?verify=cr51_073e1218c436189ebc7ee8634fcbe942
Cookie: PHPSESSID=28927114dc8f2f9918dc6573df392d60
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:24:58 GMT
Server: Apache
Last-Modified: Sat, 13 Nov 2021 16:02:18 GMT
Accept-Ranges: bytes
Content-Length: 36756
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/javascript
|
|
| m.media-amazon.com/images/S/sash/mPGmT0r6IeTyIee.png | 95.101.11.57 | 200 OK | 28 kB |
URL GET HTTP/2m.media-amazon.com/images/S/sash/mPGmT0r6IeTyIee.png IP95.101.11.57:443 ASN#20940 Akamai International B.V.
Requested byhttps://supportofamazongcojp.duckdns.org/signin?verify=cr51_073e1218c436189ebc7ee8634fcbe942 CertificateIssuerDigiCert Inc Subjectm.media-amazon.com Fingerprint7A:BD:EF:1F:61:5F:08:1B:79:13:35:FC:04:B8:3F:8E:D5:69:31:C3 ValidityTue, 29 Aug 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT
File typePNG image data, 400 x 750, 8-bit colormap, non-interlaced Hash1b5a1fb097715b1604b21aba92ef6a3e c4a765aedd886dc04d89e7e93b6a02c59ecb7013 437e95a363a4291060e34ba170e043274e0155821e9be374f35de3c4f13cbaa5
GET /images/S/sash/mPGmT0r6IeTyIee.png HTTP/1.1
Host: m.media-amazon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://supportofamazongcojp.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Server
content-type: image/png
content-length: 27972
x-amz-ir-id: 60c5c3cb-0e05-45df-9336-9135292f45b8
last-modified: Tue, 17 Nov 2020 23:31:33 GMT
surrogate-key: x-cache-108 /images/S/sash/mPGmT0r6IeTyIee
x-nginx-cache-status: HIT
accept-ranges: bytes
peer-cache: Hit
cache-control: public, max-age=630053820
expires: Mon, 25 Apr 2044 00:21:59 GMT
date: Tue, 07 May 2024 17:24:59 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
x-cache: Hit from akamai
strict-transport-security: max-age=86400
akamai-grn: 0.350b655f.1715102699.1610148b
server-timing: provider;desc="ak"
timing-allow-origin: https://supportofamazongcojp.duckdns.org/
akamai-cache-status: Hit from child
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| m.media-amazon.com/images/S/sash/pDxWAF1pBB0dzGB.woff2 | 95.101.11.57 | 200 OK | 17 kB |
URL GET HTTP/2m.media-amazon.com/images/S/sash/pDxWAF1pBB0dzGB.woff2 IP95.101.11.57:443 ASN#20940 Akamai International B.V.
Requested byhttps://supportofamazongcojp.duckdns.org/signin?verify=cr51_073e1218c436189ebc7ee8634fcbe942 CertificateIssuerDigiCert Inc Subjectm.media-amazon.com Fingerprint7A:BD:EF:1F:61:5F:08:1B:79:13:35:FC:04:B8:3F:8E:D5:69:31:C3 ValidityTue, 29 Aug 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 16616, version 1.655 Hash4afcd3b79b78d33386f497877a29c518 cc7ebaa05a2cd3b02c0929ac0475a44ab30b7efa cded49f94fc16dc0a14923975e159fbf4b14844593e612c1342c9e34e2f96821
GET /images/S/sash/pDxWAF1pBB0dzGB.woff2 HTTP/1.1
Host: m.media-amazon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://supportofamazongcojp.duckdns.org
DNT: 1
Connection: keep-alive
Referer: https://supportofamazongcojp.duckdns.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Fri, 30 Oct 2020 21:19:16 GMT
server: Server
content-type: application/font-woff2; charset=utf-8
x-amz-ir-id: 31a430cb-db25-4548-a314-e0e3ca41c719
surrogate-key: x-cache-651 /images/S/sash/pDxWAF1pBB0dzGB
x-nginx-cache-status: HIT
peer-cache: Hit
vary: Accept-Encoding
cache-control: public, max-age=630051123
expires: Sun, 24 Apr 2044 23:37:02 GMT
date: Tue, 07 May 2024 17:24:59 GMT
content-length: 16616
x-cache: Hit from akamai
strict-transport-security: max-age=86400
akamai-grn: 0.350b655f.1715102699.1610148f
server-timing: provider;desc="ak"
timing-allow-origin: https://supportofamazongcojp.duckdns.org/
akamai-cache-status: Hit from child
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| m.media-amazon.com/images/S/sash/KFPk-9IF4FqAqY-.woff2 | 95.101.11.57 | 200 OK | 16 kB |
URL GET HTTP/2m.media-amazon.com/images/S/sash/KFPk-9IF4FqAqY-.woff2 IP95.101.11.57:443 ASN#20940 Akamai International B.V.
Requested byhttps://supportofamazongcojp.duckdns.org/signin?verify=cr51_073e1218c436189ebc7ee8634fcbe942 CertificateIssuerDigiCert Inc Subjectm.media-amazon.com Fingerprint7A:BD:EF:1F:61:5F:08:1B:79:13:35:FC:04:B8:3F:8E:D5:69:31:C3 ValidityTue, 29 Aug 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 16460, version 1.655 Hash15e17f26c664ee0518f82972282e6ff3 46b91bda68161c14e554a779643ef4957431987b 4065b43ba3db8da5390ba0708555889f78e86483fe0226ef79ea22d07c306b89
GET /images/S/sash/KFPk-9IF4FqAqY-.woff2 HTTP/1.1
Host: m.media-amazon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://supportofamazongcojp.duckdns.org
DNT: 1
Connection: keep-alive
Referer: https://supportofamazongcojp.duckdns.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Server
content-type: application/font-woff2; charset=utf-8
x-amz-ir-id: 73a545a1-afbb-475c-a74b-31401dc094ec
last-modified: Fri, 30 Oct 2020 21:19:26 GMT
surrogate-key: x-cache-968 /images/S/sash/KFPk-9IF4FqAqY-
x-nginx-cache-status: HIT
peer-cache: Hit
vary: Accept-Encoding
cache-control: public, max-age=630051123
expires: Sun, 24 Apr 2044 23:37:02 GMT
date: Tue, 07 May 2024 17:24:59 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 16460
x-cache: Hit from akamai
strict-transport-security: max-age=86400
akamai-grn: 0.350b655f.1715102699.1610148d
server-timing: provider;desc="ak"
timing-allow-origin: https://supportofamazongcojp.duckdns.org/
akamai-cache-status: Hit from child
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| supportofamazongcojp.duckdns.org/CR51/Assets/_hayo/js/jquery-3.3.1.min.js | 161.34.34.140 | 200 OK | 108 kB |
URL GET HTTP/1.1supportofamazongcojp.duckdns.org/CR51/Assets/_hayo/js/jquery-3.3.1.min.js IP161.34.34.140:443 ASN#2514 NTT PC Communications, Inc.
Requested byhttps://supportofamazongcojp.duckdns.org/signin?verify=cr51_073e1218c436189ebc7ee8634fcbe942 CertificateIssuerLet's Encrypt Subjectwebmail.supportofamazongcojp.duckdns.org Fingerprint3F:24:47:1E:08:42:EF:94:2F:42:4D:DA:54:79:C5:72:CB:7C:F1:D4 ValidityMon, 06 May 2024 05:30:32 GMT - Sun, 04 Aug 2024 05:30:31 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Size108 kB (107631 bytes) Hashd532c905d593a7f16eff99f24f27621e ea0f0d16f78ec4bbaf7866213a2f012d2793e14c 97ecd42dea3bc998c5efd456bc13e2c45c700fba1c581961ca1481676bf08b42
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Amazon | urlquery | suspicious | Suspicious - DynDNS domain |
GET /CR51/Assets/_hayo/js/jquery-3.3.1.min.js HTTP/1.1
Host: supportofamazongcojp.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://supportofamazongcojp.duckdns.org/signin?verify=cr51_073e1218c436189ebc7ee8634fcbe942
Cookie: PHPSESSID=28927114dc8f2f9918dc6573df392d60
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:24:58 GMT
Server: Apache
Last-Modified: Sat, 13 Nov 2021 16:02:18 GMT
Accept-Ranges: bytes
Content-Length: 107631
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/javascript
|
|
| supportofamazongcojp.duckdns.org/CR51/Assets/_hayo/images/favicon.ico | 161.34.34.140 | 200 OK | 18 kB |
URL GET HTTP/1.1supportofamazongcojp.duckdns.org/CR51/Assets/_hayo/images/favicon.ico IP161.34.34.140:443 ASN#2514 NTT PC Communications, Inc.
Requested byhttps://supportofamazongcojp.duckdns.org/signin?verify=cr51_073e1218c436189ebc7ee8634fcbe942 CertificateIssuerLet's Encrypt Subjectwebmail.supportofamazongcojp.duckdns.org Fingerprint3F:24:47:1E:08:42:EF:94:2F:42:4D:DA:54:79:C5:72:CB:7C:F1:D4 ValidityMon, 06 May 2024 05:30:32 GMT - Sun, 04 Aug 2024 05:30:31 GMT
File typeMS Windows icon resource - 4 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel Hashca6619b86c2f6e6068b69ba3aaddb7e4 c44a1bb9d14385334eb851fbb0afb19d961c1ee7 17d02e2db6dbedb95dd449d06868c147ac2c3b5371497bcb9407e75336a99e09
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Amazon | urlquery | suspicious | Suspicious - DynDNS domain |
GET /CR51/Assets/_hayo/images/favicon.ico HTTP/1.1
Host: supportofamazongcojp.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://supportofamazongcojp.duckdns.org/signin?verify=cr51_073e1218c436189ebc7ee8634fcbe942
Cookie: PHPSESSID=28927114dc8f2f9918dc6573df392d60
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:24:59 GMT
Server: Apache
Last-Modified: Sat, 13 Nov 2021 16:02:18 GMT
Accept-Ranges: bytes
Content-Length: 17542
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/x-icon
|
|
| supportofamazongcojp.duckdns.org/?us-jp | 161.34.34.140 | 307 Temporary Redirect | 16 kB |
URL User Request GET HTTP/1.1supportofamazongcojp.duckdns.org/?us-jp IP161.34.34.140:443 ASN#2514 NTT PC Communications, Inc.
CertificateIssuerLet's Encrypt Subjectwebmail.supportofamazongcojp.duckdns.org Fingerprint3F:24:47:1E:08:42:EF:94:2F:42:4D:DA:54:79:C5:72:CB:7C:F1:D4 ValidityMon, 06 May 2024 05:30:32 GMT - Sun, 04 Aug 2024 05:30:31 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Amazon | urlquery | suspicious | Suspicious - DynDNS domain | OpenPhish | phishing | Amazon.com Inc. |
GET /?us-jp HTTP/1.1
Host: supportofamazongcojp.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=28927114dc8f2f9918dc6573df392d60
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Date: Tue, 07 May 2024 17:24:56 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Location: https://supportofamazongcojp.duckdns.org/signin?verify=cr51_073e1218c436189ebc7ee8634fcbe942
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
|
|
| supportofamazongcojp.duckdns.org/signin?verify=cr51_da2170e4d85cc1296c0759e90a9a8903 | 161.34.34.140 | 307 Temporary Redirect | 16 kB |
URL User Request GET HTTP/1.1supportofamazongcojp.duckdns.org/signin?verify=cr51_da2170e4d85cc1296c0759e90a9a8903 IP161.34.34.140:443 ASN#2514 NTT PC Communications, Inc.
CertificateIssuerLet's Encrypt Subjectwebmail.supportofamazongcojp.duckdns.org Fingerprint3F:24:47:1E:08:42:EF:94:2F:42:4D:DA:54:79:C5:72:CB:7C:F1:D4 ValidityMon, 06 May 2024 05:30:32 GMT - Sun, 04 Aug 2024 05:30:31 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Amazon | urlquery | suspicious | Suspicious - DynDNS domain | OpenPhish | phishing | Amazon.com Inc. |
GET /signin?verify=cr51_da2170e4d85cc1296c0759e90a9a8903 HTTP/1.1
Host: supportofamazongcojp.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Date: Tue, 07 May 2024 17:24:54 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=28927114dc8f2f9918dc6573df392d60; path=/
Location: https://supportofamazongcojp.duckdns.org/?us-jp
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
|
|