| flame-quartz-arthropod.glitch.me/public/NF6ZYO3U0ETRC6UIA5BRREAKTD8CH9OE.html | 44.214.198.122 | 200 OK | 2.9 MB |
URL User Request GET HTTP/2flame-quartz-arthropod.glitch.me/public/NF6ZYO3U0ETRC6UIA5BRREAKTD8CH9OE.html IP44.214.198.122:443
CertificateIssuerAmazon Subjectglitch.com Fingerprint57:4F:13:8A:33:42:32:7C:F7:C9:C5:1F:DF:C1:35:65:F0:E9:70:EE ValidityMon, 04 Dec 2023 00:00:00 GMT - Wed, 01 Jan 2025 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (65465) Size2.9 MB (2858136 bytes) Hash2bb84e5533d51ed479a68bb2b0db1085 7f24c6cc194ab6688ec6f51d4ca58c15ef67e180 6e503b97ef77a2d10686d4768af7f7d9ab542c83f381f8643c63d9763600aa76
Analyzer | Verdict | Alert | OpenPhish | phishing | Navy Federal Credit Union | PhishTank | phishing | Navy Federal Credit Union |
GET /public/NF6ZYO3U0ETRC6UIA5BRREAKTD8CH9OE.html HTTP/1.1
Host: flame-quartz-arthropod.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:41:29 GMT
content-type: text/html; charset=utf-8
content-length: 2858136
x-amz-id-2: C3RY+rhRT0XKmcorsHlyRV+fMVWmcxIDCFuzU26L8Y+JQIYv3daABnAGMNSgDGaFcarKh35hdwI=
x-amz-request-id: 6ZD5M0N132BXG82X
last-modified: Mon, 22 Apr 2024 16:51:05 GMT
etag: "2bb84e5533d51ed479a68bb2b0db1085"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2
|
IP195.80.159.133:443 ASN#29152 Decknet S.a.r.l.
Requested byhttps://flame-quartz-arthropod.glitch.me/public/NF6ZYO3U0ETRC6UIA5BRREAKTD8CH9OE.html CertificateIssuerLet's Encrypt Subjectl2.io Fingerprint1D:F0:67:A9:3B:A0:37:E5:4C:88:AD:B8:EA:EE:A3:BB:A1:84:53:A7 ValidityTue, 05 Mar 2024 09:52:38 GMT - Mon, 03 Jun 2024 09:52:37 GMT
File typeASCII text, with no line terminators Hashf9dc91b3feea65bd389a2f5b57306c32 147d1c9ae79ae948a34c5f1254bdcbf7af9caf8e d88923af30873abcf4cde709062c3d2e9ded181f9e2552c7fbcc983b3796ff77
GET /ip.js?var=userip HTTP/1.1
Host: l2.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flame-quartz-arthropod.glitch.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 17:41:31 GMT
Server: Apache/2.4.38 (Debian)
Content-Length: 24
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
|
| i.ibb.co/RpLNy4f/ajax-loader.gif | 162.19.58.156 | 200 OK | 3.2 kB |
URL GET HTTP/2i.ibb.co/RpLNy4f/ajax-loader.gif IP162.19.58.156:443
Requested byhttps://flame-quartz-arthropod.glitch.me/public/NF6ZYO3U0ETRC6UIA5BRREAKTD8CH9OE.html CertificateIssuerLet's Encrypt Subjectibb.co Fingerprint0C:8B:6F:2F:B8:9F:91:1E:3A:DD:B1:1B:45:47:B4:65:FD:56:73:3D ValidityMon, 22 Apr 2024 06:29:44 GMT - Sun, 21 Jul 2024 06:29:43 GMT
File typeGIF image data, version 89a, 32 x 32 Hashbe1cede97289c13920048f238fd37b85 313b867d11fc0dd6bc6ca47c334bbcf18956ca76 fd29b3b084cf11160bfc4e99d98a261f2b36bff29113b07367c5204563c5d355
GET /RpLNy4f/ajax-loader.gif HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flame-quartz-arthropod.glitch.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 17:41:31 GMT
content-type: image/gif
content-length: 3208
last-modified: Tue, 02 Mar 2021 22:27:30 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
| aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml | 35.244.181.201 | | 5.8 kB |
URL aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml IP35.244.181.201:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typegzip compressed data, max speed, from Unix Hashaa33725c2d0a3d1c2f9c878d64914807 6e83d13ec860384a977738b04ff0891a01ab519a fe412eadb3dc9820ec6cab7cb62349be057c509e34f7e2de6d23b28eacc98bfd
GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 17:41:48 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-06-09-11-51-10.chain; p384ecdsa=SCP_Yd-mis9E6NSVXjxjsluI7XznnLqAyofxLkDtzN7XN6ZJZi5P_ohoObrlXH8f0-A4q4_yXPd9fiFxb7hNtiC2ddQr4BZHI7_ayTkmHc_ScAeOkuC6rcMZafWyj1bK
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: MISS
content-encoding: gzip
via: 1.1 google
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
|