Report - jqtz2.hp.peraichi.com/

Report Overview

Submitted URL
jqtz2.hp.peraichi.com/
IP
143.204.55.120
ASN
#16509 AMAZON-02
Submitted
2024-05-10 23:50:16
Access
public
Website Title
makeareview
Final URL
jqtz2.hp.peraichi.com/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
webfont.fontplus.jp	287675	unknown	No data	No data	447 B	59 kB	150.230.202.113
s6uu569htb.execute-api.ap-northeast-1.amazonaws.com	unknown	unknown	No data	No data	1.1 kB	805 B	35.72.101.72
jqtz2.hp.peraichi.com	unknown	unknown	No data	No data	1.1 kB	37 kB	143.204.55.64
assets.peraichi.com	unknown	unknown	No data	No data	3.1 kB	5.0 MB	54.230.111.64
analytics.peraichi.com	unknown	unknown	No data	No data	454 B	2.0 kB	54.230.111.67
ssocsp.cybertrust.ne.jp	21077	unknown	No data	No data	690 B	3.3 kB	104.215.29.84

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-05-10	medium	jqtz2.hp.peraichi.com/	AT&T Inc.
2024-05-10	medium	jqtz2.hp.peraichi.com/	AT&T Inc.

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	webfont.fontplus.jp/accessor/script/fontplus.js?5qoPx6QyJ8k%3D&aa=1	289 kB	2024-05-11	2024-05-11
Pretty URL webfont.fontplus.jp/accessor/script/fontplus.js?5qoPx6QyJ8k%3D&aa=1 IP 150.230.202.113 ASN #31898 ORACLE-BMC-31898 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-11 01:50:37 Last Seen2024-05-11 01:50:37 Times Seen2 Hash 8798d8decc48c7f0c5447218c1b90ffa 7e296813cb2b9a2c7dd5a4ada87af2c7054905ed 8e662fed7ed4706ff85250ee1db7cb3ef8c04c0dd2aee67d770666ec6b243d8b Loading...

	assets.peraichi.com/js/lazyLoad.js?1715326237	2.8 kB	2023-03-08	2024-05-11
Pretty URL assets.peraichi.com/js/lazyLoad.js?1715326237 IP 54.230.111.64 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 08:18:02 Last Seen2024-05-11 01:50:37 Times Seen14 Hash 3d872e0b71dd631dea09514a26b063bb 8c9a057a4f13b1f72f22cf75b94e8f1d9dac107d 8d6d5d911e6fff51e22e99d0c24f888b7a6be1e44126fb4059797110d7cd5d4c Loading...

	jqtz2.hp.peraichi.com/sandbox%20eval%20code	147 B	2023-04-11	2024-05-23
Pretty URL jqtz2.hp.peraichi.com/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-23 07:13:50 Times Seen353340 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-05-23
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-23 07:13:50 Times Seen352824 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	assets.peraichi.com/js/const_common.js	220 B	2023-03-12	2024-05-11
Pretty URL assets.peraichi.com/js/const_common.js IP 54.230.111.64 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 19:08:20 Last Seen2024-05-11 01:50:37 Times Seen27 Hash d7e01d0c050875a716506b5eeda09b05 9866c538f22442e0cda8c8807546fd17081454cd 7631d99f4d84ad87c3702b442c35133e9b73b06957cd9e905054cb56bb05b5ec Loading...

	assets.peraichi.com/js/const_env.js	623 B	2023-09-10	2024-05-11
Pretty URL assets.peraichi.com/js/const_env.js IP 54.230.111.64 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-10 06:29:25 Last Seen2024-05-11 01:50:37 Times Seen9 Hash 27db2b71c909426280f9c48c927d120f 0749d6f5eaacfd5e589f8be28ce3b46172db2b13 907cb800eefd654467615540ca6f0a4c79ba22e4ba156b5aaef2218f5a9a32b6 Loading...

	assets.peraichi.com/js/libs/lazysizes.min.js?1715326237	6.4 kB	2023-03-07	2024-05-11
Pretty URL assets.peraichi.com/js/libs/lazysizes.min.js?1715326237 IP 54.230.111.64 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:46:00 Last Seen2024-05-11 01:50:37 Times Seen100 Hash 08bc2b82385dfd23a787f85d2b706d93 0121d8585925ebcfae7a33179a9d256c4ca3f004 547e0dca6d4e9aa4776648b2342d1af096e1ba82452014669dc1213203a359cb Loading...

	assets.peraichi.com/cjs/dist/peraichi_setting.js?1715326516	426 kB	2024-05-11	2024-05-11
Pretty URL assets.peraichi.com/cjs/dist/peraichi_setting.js?1715326516 IP 54.230.111.64 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-11 01:50:37 Last Seen2024-05-11 01:50:37 Times Seen1 Hash 734566e444e96e3c920f8e9e5e20bc19 9feb96b472af418e34b48c6f3102c97b34456a08 ab135fa9bda34a440ca4a9e8cf4c6499a80f736bf6f028e936241ef9796d8fb7 Loading...

	analytics.peraichi.com/scripts/beacon.min.js?tracking_codes=yYkg9cqKPmsm58O	1.4 kB	2023-03-13	2024-05-11
Pretty URL analytics.peraichi.com/scripts/beacon.min.js?tracking_codes=yYkg9cqKPmsm58O IP 54.230.111.67 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:15:35 Last Seen2024-05-11 01:50:37 Times Seen26 Hash 8f9c8be83fc03152233c484664a8df09 3fbacac24ad30f72b0de3408f49ac539808c70e8 15ad7e305de19d147b59408f018c4d1741368150e5cb4b7d462684663fef5567 Loading...

HTTP Transactions (15)

URL IP Response Size

assets.peraichi.com/template_root/v2/template_files/css/template-simple-service.css?1715326240

54.230.111.64

200 OK

73 B

URL GET HTTP/2
assets.peraichi.com/template_root/v2/template_files/css/template-simple-service.css?1715326240
IP
54.230.111.64:443
ASN
#16509 AMAZON-02

Requested by
https://jqtz2.hp.peraichi.com/
Certificate
IssuerAmazon
Subject*.peraichi.com
Fingerprint3D:12:E0:3D:B6:F9:2D:C6:5C:C5:1B:88:15:AB:D0:2D:FB:63:53:D4
ValidityWed, 06 Sep 2023 00:00:00 GMT - Sat, 05 Oct 2024 23:59:59 GMT

File type
ASCII text
Size
73 B (73 bytes)
Hash
441ed7cd997f58a05c300bc4d84da670
9d7e925dc13660591db84b7c018f104554d92fd3
d9b85662f09bfdd3e9c79643205f88c6b6006185c7b3d804f5e6563534e40a23

HTTP Headers

GET /template_root/v2/template_files/css/template-simple-service.css?1715326240 HTTP/1.1
Host: assets.peraichi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jqtz2.hp.peraichi.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
content-length: 73
date: Fri, 10 May 2024 23:45:05 GMT
server: nginx
last-modified: Fri, 10 May 2024 07:30:40 GMT
etag: "663dcd20-49"
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6MxLGcRVNwTT7yfzdV_xRbgQ5ZuJ8lK1LPwMVo1S15KmzX6QqY9Pdw==
vary: Origin
X-Firefox-Spdy: h2

assets.peraichi.com/js/const_common.js

54.230.111.64

200 OK

220 B

URL GET HTTP/2
assets.peraichi.com/js/const_common.js
IP
54.230.111.64:443
ASN
#16509 AMAZON-02

Requested by
https://jqtz2.hp.peraichi.com/
Certificate
IssuerAmazon
Subject*.peraichi.com
Fingerprint3D:12:E0:3D:B6:F9:2D:C6:5C:C5:1B:88:15:AB:D0:2D:FB:63:53:D4
ValidityWed, 06 Sep 2023 00:00:00 GMT - Sat, 05 Oct 2024 23:59:59 GMT

File type
ASCII text
Size
220 B (220 bytes)
Hash
d7e01d0c050875a716506b5eeda09b05
9866c538f22442e0cda8c8807546fd17081454cd
7631d99f4d84ad87c3702b442c35133e9b73b06957cd9e905054cb56bb05b5ec

HTTP Headers

GET /js/const_common.js HTTP/1.1
Host: assets.peraichi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jqtz2.hp.peraichi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
content-length: 220
date: Fri, 10 May 2024 23:45:05 GMT
server: nginx
last-modified: Fri, 10 May 2024 07:30:38 GMT
etag: "663dcd1e-dc"
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Z-i7RTidKsYIRO3Lz2bevZE1IuCa7QzDU8h2s_RBEQp2SArRQN29zg==
vary: Origin
X-Firefox-Spdy: h2

analytics.peraichi.com/scripts/beacon.min.js?tracking_codes=yYkg9cqKPmsm58O

54.230.111.67

200 OK

1.4 kB

URL GET HTTP/2
analytics.peraichi.com/scripts/beacon.min.js?tracking_codes=yYkg9cqKPmsm58O
IP
54.230.111.67:443
ASN
#16509 AMAZON-02

Requested by
https://jqtz2.hp.peraichi.com/
Certificate
IssuerAmazon
Subject*.peraichi.com
Fingerprint3D:12:E0:3D:B6:F9:2D:C6:5C:C5:1B:88:15:AB:D0:2D:FB:63:53:D4
ValidityWed, 06 Sep 2023 00:00:00 GMT - Sat, 05 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1415), with no line terminators
Size
1.4 kB (1415 bytes)
Hash
8f9c8be83fc03152233c484664a8df09
3fbacac24ad30f72b0de3408f49ac539808c70e8
15ad7e305de19d147b59408f018c4d1741368150e5cb4b7d462684663fef5567

HTTP Headers

GET /scripts/beacon.min.js?tracking_codes=yYkg9cqKPmsm58O HTTP/1.1
Host: analytics.peraichi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jqtz2.hp.peraichi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
content-length: 1415
date: Fri, 10 May 2024 23:45:06 GMT
last-modified: Wed, 04 Jan 2023 05:12:29 GMT
etag: "8f9c8be83fc03152233c484664a8df09"
x-amz-server-side-encryption: AES256
cache-control: max-age=600
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gWJaPx-1Z8wXoKEH_DAjx37h3NElsTE_LMEwRWeAvzNP3jIZyqDJlA==
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

ssocsp.cybertrust.ne.jp/OcspServer

104.215.29.84

1.5 kB

URL
ssocsp.cybertrust.ne.jp/OcspServer
IP
104.215.29.84:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
1.5 kB (1480 bytes)
Hash
f2cf675baecf9606e210243e0a772dfc
65fc9d19affe926ea4468ed6c350311555246e23
928a264473706427357614d9ca6641f70dc8947900b92493887b50c1a28eaecd

HTTP Headers

POST /OcspServer HTTP/1.1
Host: ssocsp.cybertrust.ne.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 87
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 23:45:06 GMT
Content-Type: application/ocsp-response
Content-Length: 1480
Connection: keep-alive
Keep-Alive: timeout=2

ssocsp.cybertrust.ne.jp/OcspServer

104.215.29.84

1.5 kB

URL
ssocsp.cybertrust.ne.jp/OcspServer
IP
104.215.29.84:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
1.5 kB (1480 bytes)
Hash
f2cf675baecf9606e210243e0a772dfc
65fc9d19affe926ea4468ed6c350311555246e23
928a264473706427357614d9ca6641f70dc8947900b92493887b50c1a28eaecd

HTTP Headers

POST /OcspServer HTTP/1.1
Host: ssocsp.cybertrust.ne.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 87
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 23:45:06 GMT
Content-Type: application/ocsp-response
Content-Length: 1480
Connection: keep-alive
Keep-Alive: timeout=2

webfont.fontplus.jp/accessor/script/fontplus.js?5qoPx6QyJ8k%3D&aa=1

150.230.202.113

200 OK

58 kB

URL GET HTTP/1.1
webfont.fontplus.jp/accessor/script/fontplus.js?5qoPx6QyJ8k%3D&aa=1
IP
150.230.202.113:443
ASN
#31898 ORACLE-BMC-31898

Requested by
https://jqtz2.hp.peraichi.com/
Certificate
IssuerCybertrust Japan Co., Ltd.
Subject*.fontplus.jp
FingerprintAB:16:70:42:2C:B9:2B:31:2A:1A:A9:EF:6D:77:3B:ED:EC:9F:6D:13
ValidityFri, 12 Apr 2024 01:33:57 GMT - Sat, 19 Apr 2025 14:59:00 GMT

File type
JavaScript source, ASCII text, with very long lines (65255)
Size
58 kB (58078 bytes)
Hash
8798d8decc48c7f0c5447218c1b90ffa
7e296813cb2b9a2c7dd5a4ada87af2c7054905ed
8e662fed7ed4706ff85250ee1db7cb3ef8c04c0dd2aee67d770666ec6b243d8b

HTTP Headers

GET /accessor/script/fontplus.js?5qoPx6QyJ8k%3D&aa=1 HTTP/1.1
Host: webfont.fontplus.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jqtz2.hp.peraichi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 23:45:06 GMT
Content-Type: application/x-javascript; charset=utf-8;
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: FP-DLV=8c03c7492ee4c8cad2f0d489f569a3edc57d7ce7; Max-Age=3600; Path=/; HttpOnly
Vary: Accept-Encoding
ETag: W/"ZnBfMDI1N2U1YjE2NTQ5YWY2MzE3NGI3ZDA5OTAwN2QzMmQ="
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Last-Modified: Fri, 10 May 2024 23:45:06 GMT
Cache-Control: post-check=0, pre-check=0
Strict-Transport-Security: max-age=0;
Content-Encoding: gzip
X-Request-ID: f628e369aaa55091d45ba8d2723e7f54

s6uu569htb.execute-api.ap-northeast-1.amazonaws.com/prod/beacon-log

35.72.101.72

200 OK

0 B

URL OPTIONS HTTP/2
s6uu569htb.execute-api.ap-northeast-1.amazonaws.com/prod/beacon-log
IP
35.72.101.72:443
ASN
#16509 AMAZON-02

Requested by
https://jqtz2.hp.peraichi.com/
Certificate
IssuerAmazon
Subject*.execute-api.ap-northeast-1.amazonaws.com
FingerprintE4:67:B6:95:8A:EE:AC:95:2C:58:F4:DB:F8:CD:7E:49:5D:2E:5C:FE
ValidityThu, 02 May 2024 00:00:00 GMT - Sat, 31 May 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /prod/beacon-log HTTP/1.1
Host: s6uu569htb.execute-api.ap-northeast-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://jqtz2.hp.peraichi.com/
Origin: https://jqtz2.hp.peraichi.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 23:45:08 GMT
content-type: application/json
content-length: 0
x-amzn-requestid: f515d29e-450b-491b-8fa7-607ade07c5d3
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: XlCs0G1FNjMEGcA=
access-control-allow-methods: OPTIONS,POST
X-Firefox-Spdy: h2

s6uu569htb.execute-api.ap-northeast-1.amazonaws.com/prod/beacon-log

35.72.101.72

200 OK

110 B

URL OPTIONS HTTP/2
s6uu569htb.execute-api.ap-northeast-1.amazonaws.com/prod/beacon-log
IP
35.72.101.72:443
ASN
#16509 AMAZON-02

Requested by
https://jqtz2.hp.peraichi.com/
Certificate
IssuerAmazon
Subject*.execute-api.ap-northeast-1.amazonaws.com
FingerprintE4:67:B6:95:8A:EE:AC:95:2C:58:F4:DB:F8:CD:7E:49:5D:2E:5C:FE
ValidityThu, 02 May 2024 00:00:00 GMT - Sat, 31 May 2025 23:59:59 GMT

File type
JSON text data
Size
110 B (110 bytes)
Hash
31c664ddf3f212c9021be457facfbb91
c10c441e8030fbcdc9cb96ad932e39a91438d8f4
9f2f495d0d4bd5a1138591011bff5ecede5786b3aecf020be1e2cd1696498a00

HTTP Headers

POST /prod/beacon-log HTTP/1.1
Host: s6uu569htb.execute-api.ap-northeast-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jqtz2.hp.peraichi.com/
Content-Type: application/json
Content-Length: 156
Origin: https://jqtz2.hp.peraichi.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 10 May 2024 23:45:09 GMT
content-type: application/json
content-length: 110
x-amzn-requestid: 1066a5fe-b42f-4572-b271-f34f3ea80e1f
access-control-allow-origin: *
x-amz-apigw-id: XlCs2FsuNjMEYSQ=
x-amzn-trace-id: Root=1-663eb185-602f604c198296e25f7de959
X-Firefox-Spdy: h2

assets.peraichi.com/cjs/dist/peraichi_setting.js?1715326516

54.230.111.64

200 OK

426 kB

URL GET HTTP/2
assets.peraichi.com/cjs/dist/peraichi_setting.js?1715326516
IP
54.230.111.64:443
ASN
#16509 AMAZON-02

Requested by
https://jqtz2.hp.peraichi.com/
Certificate
IssuerAmazon
Subject*.peraichi.com
Fingerprint3D:12:E0:3D:B6:F9:2D:C6:5C:C5:1B:88:15:AB:D0:2D:FB:63:53:D4
ValidityWed, 06 Sep 2023 00:00:00 GMT - Sat, 05 Oct 2024 23:59:59 GMT

File type

Size
426 kB (426526 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cjs/dist/peraichi_setting.js?1715326516 HTTP/1.1
Host: assets.peraichi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jqtz2.hp.peraichi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Fri, 10 May 2024 23:45:05 GMT
server: nginx
last-modified: Thu, 09 May 2024 03:27:46 GMT
etag: W/"663c42b2-6821e"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uGNF_qLXTcVsaNooYCCgNz5BSciL-bIjypwqabMjFN5lz7uTqa5c2A==
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

jqtz2.hp.peraichi.com/favicon.ico

143.204.55.64

404 Not Found

32 kB

URL GET HTTP/2
jqtz2.hp.peraichi.com/favicon.ico
IP
143.204.55.64:443
ASN
#16509 AMAZON-02

Requested by
https://jqtz2.hp.peraichi.com/
Certificate
IssuerAmazon
Subjecthp.peraichi.com
Fingerprint45:F8:A6:30:C8:2C:69:EA:6F:DF:1A:82:A1:EE:EF:FA:33:CE:6E:DB
ValidityTue, 11 Jul 2023 00:00:00 GMT - Thu, 08 Aug 2024 23:59:59 GMT

File type

Size
32 kB (32090 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	AT&T Inc.

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: jqtz2.hp.peraichi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jqtz2.hp.peraichi.com/
Cookie: csrfToken=T%2BbKWQ00pwv3ArnJEGi3MThiOWEyYzRiZDZlZjQ1ZDdlNDI2MDdlOTA0MzA0ZjYyZmE1MmI5NWY%3D; Beacon[client_uuid]=e59535ce-0990-4348-901f-3644dcad8699
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
date: Fri, 10 May 2024 23:45:10 GMT
server: envoy
x-frame-options: SAMEORIGIN
x-envoy-upstream-service-time: 1037
x-cache: Error from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: NZ2BG_2avAerJBb3VtWfm6uTiFNR-4a1S3fa8oQLTOwlBmwepH0yWA==
vary: Origin
X-Firefox-Spdy: h2

assets.peraichi.com/js/libs/lazysizes.min.js?1715326237

54.230.111.64

200 OK

6.4 kB

URL GET HTTP/2
assets.peraichi.com/js/libs/lazysizes.min.js?1715326237
IP
54.230.111.64:443
ASN
#16509 AMAZON-02

Requested by
https://jqtz2.hp.peraichi.com/
Certificate
IssuerAmazon
Subject*.peraichi.com
Fingerprint3D:12:E0:3D:B6:F9:2D:C6:5C:C5:1B:88:15:AB:D0:2D:FB:63:53:D4
ValidityWed, 06 Sep 2023 00:00:00 GMT - Sat, 05 Oct 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (6582), with no line terminators
Size
6.4 kB (6421 bytes)
Hash
06c5c43a9ef2ca5e996afd305eea47f4
200a34a12ed37f34f7d454229c1b9e3742ed5132
eb4f7c4ccc5bcbb95ed680cd7e2e6d646e51ae7bdc7ca88ee1da82c0b53cd270

HTTP Headers

GET /js/libs/lazysizes.min.js?1715326237 HTTP/1.1
Host: assets.peraichi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jqtz2.hp.peraichi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Fri, 10 May 2024 23:45:05 GMT
server: nginx
last-modified: Fri, 10 May 2024 07:30:38 GMT
etag: W/"663dcd1e-1915"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dXg8OMGjNzKnuSwh_bm08IoCJTVmDT7uKbZzZSWhWajsrw85pnH0uA==
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

assets.peraichi.com/js/lazyLoad.js?1715326237

54.230.111.64

200 OK

2.8 kB

URL GET HTTP/2
assets.peraichi.com/js/lazyLoad.js?1715326237
IP
54.230.111.64:443
ASN
#16509 AMAZON-02

Requested by
https://jqtz2.hp.peraichi.com/
Certificate
IssuerAmazon
Subject*.peraichi.com
Fingerprint3D:12:E0:3D:B6:F9:2D:C6:5C:C5:1B:88:15:AB:D0:2D:FB:63:53:D4
ValidityWed, 06 Sep 2023 00:00:00 GMT - Sat, 05 Oct 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (2514), with no line terminators
Size
2.8 kB (2818 bytes)
Hash
45f20eb1d1e3884b0b5b156cd318da62
e6f4538c7a9a2160dd885653ddbd3f040722cd18
05a92878d36bc0f55cb93e05547d1fdd3a6e87b3c1dd1131b0646db263130a81

HTTP Headers

GET /js/lazyLoad.js?1715326237 HTTP/1.1
Host: assets.peraichi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jqtz2.hp.peraichi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Fri, 10 May 2024 23:45:05 GMT
server: nginx
last-modified: Fri, 10 May 2024 07:30:38 GMT
etag: W/"663dcd1e-b02"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XJGguhjmtO2OodP_TmtBlfl4An3Xce35I6U6RCAbb6hQzvbAgZS3Tg==
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

jqtz2.hp.peraichi.com/

143.204.55.64

200 OK

3.7 kB

URL User Request GET HTTP/2
jqtz2.hp.peraichi.com/
IP
143.204.55.64:443
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subjecthp.peraichi.com
Fingerprint45:F8:A6:30:C8:2C:69:EA:6F:DF:1A:82:A1:EE:EF:FA:33:CE:6E:DB
ValidityTue, 11 Jul 2023 00:00:00 GMT - Thu, 08 Aug 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (3892), with no line terminators
Size
3.7 kB (3734 bytes)
Hash
e1c30219f6df1ccd0205cb4ac561143e
d827b424ea96b13a094b921c69ea71ac5294e108
38eaf0c155cb30354552bd820980120f1c1a937902af3920b0eb8981398c66bc

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	AT&T Inc.

HTTP Headers

GET / HTTP/1.1
Host: jqtz2.hp.peraichi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
cache-control: s-maxage=10
date: Fri, 10 May 2024 23:45:04 GMT
server: envoy
set-cookie: csrfToken=T%2BbKWQ00pwv3ArnJEGi3MThiOWEyYzRiZDZlZjQ1ZDdlNDI2MDdlOTA0MzA0ZjYyZmE1MmI5NWY%3D; path=/; HttpOnly
x-frame-options: SAMEORIGIN
x-envoy-upstream-service-time: 1453
x-cache: Miss from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: dQDMN6TQkfvQGsfm0wsfwwcVmf79BlMMlNqN2_EcKlAEkP_EDPX53g==
vary: Origin
X-Firefox-Spdy: h2

assets.peraichi.com/template_root/v2/template_files/css/style.css?1715326239

54.230.111.64

200 OK

4.5 MB

URL GET HTTP/2
assets.peraichi.com/template_root/v2/template_files/css/style.css?1715326239
IP
54.230.111.64:443
ASN
#16509 AMAZON-02

Requested by
https://jqtz2.hp.peraichi.com/
Certificate
IssuerAmazon
Subject*.peraichi.com
Fingerprint3D:12:E0:3D:B6:F9:2D:C6:5C:C5:1B:88:15:AB:D0:2D:FB:63:53:D4
ValidityWed, 06 Sep 2023 00:00:00 GMT - Sat, 05 Oct 2024 23:59:59 GMT

File type

Size
4.5 MB (4529501 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /template_root/v2/template_files/css/style.css?1715326239 HTTP/1.1
Host: assets.peraichi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jqtz2.hp.peraichi.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
date: Fri, 10 May 2024 23:45:05 GMT
server: nginx
last-modified: Fri, 10 May 2024 07:30:40 GMT
etag: W/"663dcd20-451d5d"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jb5xW92JmnfhIKuVMFHoONWJLYvIyjYWg44GKpQoQQGlN7PF6B54qQ==
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

assets.peraichi.com/js/const_env.js

54.230.111.64

200 OK

623 B

URL GET HTTP/2
assets.peraichi.com/js/const_env.js
IP
54.230.111.64:443
ASN
#16509 AMAZON-02

Requested by
https://jqtz2.hp.peraichi.com/
Certificate
IssuerAmazon
Subject*.peraichi.com
Fingerprint3D:12:E0:3D:B6:F9:2D:C6:5C:C5:1B:88:15:AB:D0:2D:FB:63:53:D4
ValidityWed, 06 Sep 2023 00:00:00 GMT - Sat, 05 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (650), with no line terminators
Size
623 B (623 bytes)
Hash
f6413c9fa877f69300bfed73abea5988
39304736adee7ef94e52944e7931c5538b24abd0
0459bb622a45beab6b77cbb294c90dc4a808ae859d3a7ac95f141944097bffd1

HTTP Headers

GET /js/const_env.js HTTP/1.1
Host: assets.peraichi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jqtz2.hp.peraichi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Fri, 10 May 2024 23:45:05 GMT
server: nginx
set-cookie: csrfToken=DnjhpcO1XcAOMo44Sl51cTVhYTdmODgwZjAyNmIyOWVmZjZkYmQ2YmIyYmJlZGRiZDliZGJhMzI%3D; path=/; HttpOnly
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mQMklLi3xnD32Hc6ELZiXaVckqk25mq5wpC8oNAJzsDbH_thYOx23w==
vary: Origin
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML