| pub-04ce8de3b8264609ae0c4bb873f62716.r2.dev/ekiud.html | 104.18.2.35 | | 14 kB |
URL pub-04ce8de3b8264609ae0c4bb873f62716.r2.dev/ekiud.html IP104.18.2.35:0
File typeHTML document, Unicode text, UTF-8 text, with very long lines (5539), with CRLF line terminators Hashb9b34d3f7768a6be979f57426bfc7118 f13981285fdd8694242d895067e9cfd6219de84b ee4806492b1614b47606aade33b0146a0b2164a28c18df7dfe9e561c0eb58f05
Analyzer | Verdict | Alert | OpenPhish | phishing | Generic/Spear Phishing |
GET /ekiud.html HTTP/1.1
Host: pub-04ce8de3b8264609ae0c4bb873f62716.r2.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 10:15:08 GMT
Content-Type: text/html
Content-Length: 13921
Connection: keep-alive
Accept-Ranges: bytes
ETag: "b9b34d3f7768a6be979f57426bfc7118"
Last-Modified: Tue, 07 May 2024 03:15:48 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880072754f9656b4-OSL
|
|
| code.jquery.com/jquery-3.2.1.min.js | 151.101.66.137 | 200 OK | 30 kB |
URL GET HTTP/2code.jquery.com/jquery-3.2.1.min.js IP151.101.66.137:443
Requested byhttps://pub-04ce8de3b8264609ae0c4bb873f62716.r2.dev/ekiud.html#amazon@amazon.com CertificateIssuerSectigo Limited Subject*.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (32058) Hashc9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
GET /jquery-3.2.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-04ce8de3b8264609ae0c4bb873f62716.r2.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15283"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 07 May 2024 10:15:08 GMT
age: 9625474
x-served-by: cache-lga21971-LGA, cache-hel1410033-HEL
x-cache: HIT, HIT
x-cache-hits: 29, 6280
x-timer: S1715076909.961594,VS0,VE0
vary: Accept-Encoding
content-length: 30125
X-Firefox-Spdy: h2
|
|
| logo.clearbit.com/live.com | 143.204.55.28 | 200 OK | 618 B |
URL GET HTTP/2logo.clearbit.com/live.com IP143.204.55.28:443
Requested byhttps://pub-04ce8de3b8264609ae0c4bb873f62716.r2.dev/ekiud.html#amazon@amazon.com CertificateIssuerAmazon Subjectclearbit.com FingerprintCE:16:94:BB:21:1F:D1:5C:C5:B1:B0:D0:51:6C:C5:26:30:0D:59:72 ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File typePNG image data, 128 x 128, 8-bit/color RGB, non-interlaced Hashe6f4ae3faed9768872a85280b818ff9f 42c9623d1ea60726d8e1e75733d8d7b4ab336dc1 a1fab8fc3cf9fb9554b6d0fcab8236be7a22ceadec82ce0704cf79d3973c1139
GET /live.com HTTP/1.1
Host: logo.clearbit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-04ce8de3b8264609ae0c4bb873f62716.r2.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 618
access-control-allow-origin: *
cache-control: public, max-age=2592000
date: Tue, 09 Apr 2024 21:51:59 GMT
x-envoy-response-flags: -
server: Clearbit
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Gji5ryvZNaT04sdMkw9kFpVYTS-ADARS4cEAS3coL0vCan4RUJR6Lw==
age: 2377389
X-Firefox-Spdy: h2
|
|
| pub-04ce8de3b8264609ae0c4bb873f62716.r2.dev/ekiud.html | 104.18.2.35 | | 14 kB |
URL pub-04ce8de3b8264609ae0c4bb873f62716.r2.dev/ekiud.html IP104.18.2.35:0
File typeHTML document, Unicode text, UTF-8 text, with very long lines (5539), with CRLF line terminators Hashb9b34d3f7768a6be979f57426bfc7118 f13981285fdd8694242d895067e9cfd6219de84b ee4806492b1614b47606aade33b0146a0b2164a28c18df7dfe9e561c0eb58f05
Analyzer | Verdict | Alert | OpenPhish | phishing | Generic/Spear Phishing |
GET /ekiud.html HTTP/1.1
Host: pub-04ce8de3b8264609ae0c4bb873f62716.r2.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-04ce8de3b8264609ae0c4bb873f62716.r2.dev/ekiud.html
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 10:15:09 GMT
Content-Type: text/html
Content-Length: 13921
Connection: keep-alive
Accept-Ranges: bytes
ETag: "b9b34d3f7768a6be979f57426bfc7118"
Last-Modified: Tue, 07 May 2024 03:15:48 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 88007279efa656b4-OSL
|
|
| logo.clearbit.com/amazon.com | 143.204.55.28 | 200 OK | 36 kB |
URL GET HTTP/2logo.clearbit.com/amazon.com IP143.204.55.28:443
Requested byhttps://pub-04ce8de3b8264609ae0c4bb873f62716.r2.dev/ekiud.html#amazon@amazon.com CertificateIssuerAmazon Subjectclearbit.com FingerprintCE:16:94:BB:21:1F:D1:5C:C5:B1:B0:D0:51:6C:C5:26:30:0D:59:72 ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File typePNG image data, 128 x 128, 8-bit/color RGB, non-interlaced Hash940251f2a73e6ea5993e5af72db8cba9 20f9f8ec7611b42169981fb8e5385e41674a729d 8be9928ce511e913cb732c93bcf1eb6fc93c53c92b6ad851c0633630fc9a5c2b
GET /amazon.com HTTP/1.1
Host: logo.clearbit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-04ce8de3b8264609ae0c4bb873f62716.r2.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
date: Mon, 08 Apr 2024 07:19:51 GMT
x-envoy-response-flags: -
server: Clearbit
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: pODyZZCfxccD4xhPYqc0VTlgosFrKqoze-FsodE_a3w99a71RHHiCQ==
age: 2516118
X-Firefox-Spdy: h2
|
|
| www.google.com/s2/favicons?domain=microsoft.com | 142.250.74.132 | 301 Moved Permanently | 333 B |
URL GET HTTP/2www.google.com/s2/favicons?domain=microsoft.com IP142.250.74.132:443
Requested byhttps://pub-04ce8de3b8264609ae0c4bb873f62716.r2.dev/ekiud.html#amazon@amazon.com CertificateIssuerGoogle Trust Services LLC Subjectwww.google.com FingerprintC6:A2:DC:31:5A:53:FA:DD:55:71:A3:F4:DD:43:3D:16:71:B8:B3:99 ValidityTue, 16 Apr 2024 04:20:32 GMT - Tue, 09 Jul 2024 04:20:31 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hashb38eb86f7cf1050a5096551bce3557b4 e8020032272a8368fd1a22325b867aed046bcd74 538a55f6678e796942901c4035b5c5473806a33dcfa7da33662337eba6a65feb
GET /s2/favicons?domain=microsoft.com HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-04ce8de3b8264609ae0c4bb873f62716.r2.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://microsoft.com&size=16
x-content-type-options: nosniff
server: sffe
content-length: 333
x-xss-protection: 0
date: Tue, 07 May 2024 09:55:19 GMT
expires: Tue, 07 May 2024 10:25:19 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1190
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| logo.clearbit.com/live.com | 143.204.55.28 | 200 OK | 618 B |
URL GET HTTP/2logo.clearbit.com/live.com IP143.204.55.28:443
Requested byhttps://pub-04ce8de3b8264609ae0c4bb873f62716.r2.dev/ekiud.html#amazon@amazon.com CertificateIssuerAmazon Subjectclearbit.com FingerprintCE:16:94:BB:21:1F:D1:5C:C5:B1:B0:D0:51:6C:C5:26:30:0D:59:72 ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT
File typePNG image data, 128 x 128, 8-bit/color RGB, non-interlaced Hashe6f4ae3faed9768872a85280b818ff9f 42c9623d1ea60726d8e1e75733d8d7b4ab336dc1 a1fab8fc3cf9fb9554b6d0fcab8236be7a22ceadec82ce0704cf79d3973c1139
GET /live.com HTTP/1.1
Host: logo.clearbit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-04ce8de3b8264609ae0c4bb873f62716.r2.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 618
access-control-allow-origin: *
cache-control: public, max-age=2592000
date: Tue, 09 Apr 2024 21:51:59 GMT
x-envoy-response-flags: -
server: Clearbit
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0oWwPygi8fm-1bRs5cCOGB3_o56kE6wemss-AjP3Vkc44h7QQpLpcQ==
age: 2377390
X-Firefox-Spdy: h2
|
|
| www.google.com/s2/favicons?domain=microsoft.com | 142.250.74.132 | 301 Moved Permanently | 333 B |
URL GET HTTP/2www.google.com/s2/favicons?domain=microsoft.com IP142.250.74.132:443
Requested byhttps://pub-04ce8de3b8264609ae0c4bb873f62716.r2.dev/ekiud.html#amazon@amazon.com CertificateIssuerGoogle Trust Services LLC Subjectwww.google.com FingerprintC6:A2:DC:31:5A:53:FA:DD:55:71:A3:F4:DD:43:3D:16:71:B8:B3:99 ValidityTue, 16 Apr 2024 04:20:32 GMT - Tue, 09 Jul 2024 04:20:31 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hashb38eb86f7cf1050a5096551bce3557b4 e8020032272a8368fd1a22325b867aed046bcd74 538a55f6678e796942901c4035b5c5473806a33dcfa7da33662337eba6a65feb
GET /s2/favicons?domain=microsoft.com HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-04ce8de3b8264609ae0c4bb873f62716.r2.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://microsoft.com&size=16
x-content-type-options: nosniff
server: sffe
content-length: 333
x-xss-protection: 0
date: Tue, 07 May 2024 09:55:19 GMT
expires: Tue, 07 May 2024 10:25:19 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1190
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.google.com/s2/favicons?domain=amazon.com | 142.250.74.132 | 301 Moved Permanently | 330 B |
URL GET HTTP/2www.google.com/s2/favicons?domain=amazon.com IP142.250.74.132:443
Requested byhttps://pub-04ce8de3b8264609ae0c4bb873f62716.r2.dev/ekiud.html#amazon@amazon.com CertificateIssuerGoogle Trust Services LLC Subjectwww.google.com FingerprintC6:A2:DC:31:5A:53:FA:DD:55:71:A3:F4:DD:43:3D:16:71:B8:B3:99 ValidityTue, 16 Apr 2024 04:20:32 GMT - Tue, 09 Jul 2024 04:20:31 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hash41ca45e4ac5e227d8a770f8ec6b93c72 1ea89c133e23ba9a5be3f03a7a762c03b43868c3 b93ffa04aeaefaf35747fc469bd39b350fa3886e94ae5e080511df803140a7c3
GET /s2/favicons?domain=amazon.com HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-04ce8de3b8264609ae0c4bb873f62716.r2.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://amazon.com&size=16
x-content-type-options: nosniff
server: sffe
content-length: 330
x-xss-protection: 0
date: Tue, 07 May 2024 09:46:14 GMT
expires: Tue, 07 May 2024 10:16:14 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1735
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.google.com/s2/favicons?domain=amazon.com | 142.250.74.132 | 301 Moved Permanently | 330 B |
URL GET HTTP/2www.google.com/s2/favicons?domain=amazon.com IP142.250.74.132:443
Requested byhttps://pub-04ce8de3b8264609ae0c4bb873f62716.r2.dev/ekiud.html#amazon@amazon.com CertificateIssuerGoogle Trust Services LLC Subjectwww.google.com FingerprintC6:A2:DC:31:5A:53:FA:DD:55:71:A3:F4:DD:43:3D:16:71:B8:B3:99 ValidityTue, 16 Apr 2024 04:20:32 GMT - Tue, 09 Jul 2024 04:20:31 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hash41ca45e4ac5e227d8a770f8ec6b93c72 1ea89c133e23ba9a5be3f03a7a762c03b43868c3 b93ffa04aeaefaf35747fc469bd39b350fa3886e94ae5e080511df803140a7c3
GET /s2/favicons?domain=amazon.com HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-04ce8de3b8264609ae0c4bb873f62716.r2.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 301 Moved Permanently
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://amazon.com&size=16
x-content-type-options: nosniff
server: sffe
content-length: 330
x-xss-protection: 0
date: Tue, 07 May 2024 09:46:14 GMT
expires: Tue, 07 May 2024 10:16:14 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1735
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://amazon.com&size=16 | 142.250.74.100 | | 516 B |
URL t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://amazon.com&size=16 IP142.250.74.100:0
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hash11b2e63f0ad7440683da67fc5aea1ae8 4ca8f900a09775c36405106ff12c3d31cbdf908a 78d23af2cd79bce1640dd74fd18a8741574a770b74242f024a555fb584dbc33c
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://amazon.com&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pub-04ce8de3b8264609ae0c4bb873f62716.r2.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://www.amazon.com/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 516
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 07:33:22 GMT
expires: Fri, 10 May 2024 07:33:22 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
content-type: image/png
age: 355307
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| amazon.com/ | 52.94.236.248 | 301 Moved Permanently | 163 B |
IP52.94.236.248:443
Requested byhttps://pub-04ce8de3b8264609ae0c4bb873f62716.r2.dev/ekiud.html#amazon@amazon.com CertificateIssuerDigiCert Inc Subject*.peg.a2z.com FingerprintE6:0B:E0:59:BC:69:08:68:66:C7:64:50:86:27:B1:1F:B1:86:BA:62 ValidityFri, 02 Feb 2024 00:00:00 GMT - Tue, 07 Jan 2025 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashc4bede7d6b8e56951ae0c0e194153af0 f11f69eaee4f3cd0c75d0f41f1f1d213a359d5b7 b691e78554674f4bb12223fcd4d40aa99c80a83f96d7c251eb116afb33c5fe8a
GET / HTTP/1.1
Host: amazon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-04ce8de3b8264609ae0c4bb873f62716.r2.dev/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: Server
Date: Tue, 07 May 2024 10:15:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.amazon.com/
|
|
| t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://amazon.com&size=16 | 142.250.74.100 | | 516 B |
URL t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://amazon.com&size=16 IP142.250.74.100:0
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hash11b2e63f0ad7440683da67fc5aea1ae8 4ca8f900a09775c36405106ff12c3d31cbdf908a 78d23af2cd79bce1640dd74fd18a8741574a770b74242f024a555fb584dbc33c
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://amazon.com&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pub-04ce8de3b8264609ae0c4bb873f62716.r2.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://www.amazon.com/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 516
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 07:33:22 GMT
expires: Fri, 10 May 2024 07:33:22 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
content-type: image/png
age: 355307
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.amazon.com/ | 54.230.81.34 | 200 OK | 0 B |
IP54.230.81.34:443
Requested byhttps://pub-04ce8de3b8264609ae0c4bb873f62716.r2.dev/ekiud.html#amazon@amazon.com CertificateIssuerDigiCert Inc Subjectwww.amazon.com Fingerprint62:55:EA:53:8D:A8:3F:87:B5:55:C5:54:EE:F6:18:25:C8:72:23:61 ValidityTue, 28 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: www.amazon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pub-04ce8de3b8264609ae0c4bb873f62716.r2.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html;charset=UTF-8
server: Server
date: Tue, 07 May 2024 10:15:09 GMT
x-amz-rid: KC8AFF3TVCY98FQK45NQ
set-cookie: session-id=133-1240097-6400152; Domain=.amazon.com; Expires=Wed, 07-May-2025 10:15:09 GMT; Path=/; Secure
session-id-time=2082787201l; Domain=.amazon.com; Expires=Wed, 07-May-2025 10:15:09 GMT; Path=/; Secure
i18n-prefs=USD; Domain=.amazon.com; Expires=Wed, 07-May-2025 10:15:09 GMT; Path=/
sp-cdn="L5Z9:NO"; Version=1; Domain=.amazon.com; Max-Age=31536000; Expires=Wed, 07-May-2025 10:15:09 GMT; Path=/; Secure; HttpOnly
skin=noskin; path=/; domain=.amazon.com
content-security-policy-report-only: default-src 'self' blob: https: data: mediastream: 'unsafe-eval' 'unsafe-inline';report-uri https://metrics.media-amazon.com/
cache-control: no-cache
content-language: en-US
x-xss-protection: 1;
content-encoding: gzip
pragma: no-cache
accept-ch-lifetime: 86400
content-security-policy: upgrade-insecure-requests;report-uri https://metrics.media-amazon.com/
x-ua-compatible: IE=edge
x-content-type-options: nosniff
accept-ch: ect,rtt,downlink,device-memory,sec-ch-device-memory,viewport-width,sec-ch-viewport-width,dpr,sec-ch-dpr,sec-ch-ua-platform,sec-ch-ua-platform-version
expires: -1
strict-transport-security: max-age=47474747; includeSubDomains; preload
vary: Content-Type,Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 8nUwQJd7SNa_B74nmPtzmGCRDNeGNaTZw-acE7UIdiHGWMLXZw5XOw==
X-Firefox-Spdy: h2
|
|
| t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://amazon.com&size=16 | 142.250.74.100 | 200 OK | 516 B |
URL GET HTTP/2t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://amazon.com&size=16 IP142.250.74.100:443
Requested byhttps://pub-04ce8de3b8264609ae0c4bb873f62716.r2.dev/ekiud.html#amazon@amazon.com CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hash11b2e63f0ad7440683da67fc5aea1ae8 4ca8f900a09775c36405106ff12c3d31cbdf908a 78d23af2cd79bce1640dd74fd18a8741574a770b74242f024a555fb584dbc33c
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://amazon.com&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pub-04ce8de3b8264609ae0c4bb873f62716.r2.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://www.amazon.com/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 516
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 07:33:22 GMT
expires: Fri, 10 May 2024 07:33:22 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
content-type: image/png
age: 355307
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://amazon.com&size=16 | 142.250.74.100 | 200 OK | 516 B |
URL GET HTTP/2t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://amazon.com&size=16 IP142.250.74.100:443
Requested byhttps://pub-04ce8de3b8264609ae0c4bb873f62716.r2.dev/ekiud.html#amazon@amazon.com CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hash11b2e63f0ad7440683da67fc5aea1ae8 4ca8f900a09775c36405106ff12c3d31cbdf908a 78d23af2cd79bce1640dd74fd18a8741574a770b74242f024a555fb584dbc33c
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://amazon.com&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pub-04ce8de3b8264609ae0c4bb873f62716.r2.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://www.amazon.com/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 516
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 07:33:22 GMT
expires: Fri, 10 May 2024 07:33:22 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
content-type: image/png
age: 355307
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| pub-04ce8de3b8264609ae0c4bb873f62716.r2.dev/ekiud.html | 104.18.2.35 | 200 OK | 14 kB |
URL User Request GET HTTP/1.1pub-04ce8de3b8264609ae0c4bb873f62716.r2.dev/ekiud.html IP104.18.2.35:443
CertificateIssuerLet's Encrypt Subject*.r2.dev Fingerprint48:74:F0:98:E0:A1:57:3E:86:18:BF:B3:DC:C9:7A:5B:53:50:FE:E0 ValidityFri, 05 Apr 2024 15:25:24 GMT - Thu, 04 Jul 2024 15:25:23 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Generic/Spear Phishing |
GET /ekiud.html HTTP/1.1
Host: pub-04ce8de3b8264609ae0c4bb873f62716.r2.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 10:15:08 GMT
Content-Type: text/html
Content-Length: 13921
Connection: keep-alive
Accept-Ranges: bytes
ETag: "b9b34d3f7768a6be979f57426bfc7118"
Last-Modified: Tue, 07 May 2024 03:15:48 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880072754f9656b4-OSL
|
|
| pub-04ce8de3b8264609ae0c4bb873f62716.r2.dev/ekiud.html | 104.18.2.35 | 200 OK | 14 kB |
URL GET HTTP/1.1pub-04ce8de3b8264609ae0c4bb873f62716.r2.dev/ekiud.html IP104.18.2.35:443
Requested byhttps://pub-04ce8de3b8264609ae0c4bb873f62716.r2.dev/ekiud.html#amazon@amazon.com CertificateIssuerLet's Encrypt Subject*.r2.dev Fingerprint48:74:F0:98:E0:A1:57:3E:86:18:BF:B3:DC:C9:7A:5B:53:50:FE:E0 ValidityFri, 05 Apr 2024 15:25:24 GMT - Thu, 04 Jul 2024 15:25:23 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Generic/Spear Phishing |
GET /ekiud.html HTTP/1.1
Host: pub-04ce8de3b8264609ae0c4bb873f62716.r2.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-04ce8de3b8264609ae0c4bb873f62716.r2.dev/ekiud.html
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 10:15:09 GMT
Content-Type: text/html
Content-Length: 13921
Connection: keep-alive
Accept-Ranges: bytes
ETag: "b9b34d3f7768a6be979f57426bfc7118"
Last-Modified: Tue, 07 May 2024 03:15:48 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 88007279efa656b4-OSL
|
|