| | 143.204.55.62 | 301 Moved Permanently | 0 B |
URL User Request GET HTTP/2IP143.204.55.62:443
CertificateIssuerAmazon Subjectaws3-demo.link Fingerprint99:90:6C:5B:FC:11:17:29:90:A5:7F:7C:07:13:79:15:D4:54:B5:55 ValidityTue, 17 Oct 2023 00:00:00 GMT - Thu, 14 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Amazon.com Inc. |
GET /PLyEhM HTTP/1.1
Host: aws3-demo.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
content-length: 0
location: https://supportofamazongcojp.duckdns.org/?us-jp
date: Tue, 07 May 2024 08:57:18 GMT
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2UX3FaHKJTuJ1NJYKQxSg6n3hUadAwJWfZ-2LfNqdFmCa5fN6tGZpw==
age: 30474
X-Firefox-Spdy: h2
|
|
| supportofamazongcojp.duckdns.org/?us-jp | 161.34.34.140 | 307 Temporary Redirect | 20 B |
URL User Request GET HTTP/1.1supportofamazongcojp.duckdns.org/?us-jp IP161.34.34.140:443 ASN#2514 NTT PC Communications, Inc.
CertificateIssuerLet's Encrypt Subjectwebmail.supportofamazongcojp.duckdns.org Fingerprint3F:24:47:1E:08:42:EF:94:2F:42:4D:DA:54:79:C5:72:CB:7C:F1:D4 ValidityMon, 06 May 2024 05:30:32 GMT - Sun, 04 Aug 2024 05:30:31 GMT
File typegzip compressed data, from Unix Hash7029066c27ac6f5ef18d660d5741979a 46c6643f07aa7f6bfe7118de926b86defc5087c4 59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Amazon | urlquery | suspicious | Suspicious - DynDNS domain | OpenPhish | phishing | Amazon.com Inc. |
GET /?us-jp HTTP/1.1
Host: supportofamazongcojp.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Date: Tue, 07 May 2024 17:25:12 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=e8fe1463ef92982d85d0cdb9317fdf13; path=/
Location: https://supportofamazongcojp.duckdns.org/signin?verify=cr51_7a2fe3251b7eda23a0139f055b370efe
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
|
|
| supportofamazongcojp.duckdns.org/signin?verify=cr51_7a2fe3251b7eda23a0139f055b370efe | 161.34.34.140 | 200 OK | 3.3 kB |
URL User Request GET HTTP/1.1supportofamazongcojp.duckdns.org/signin?verify=cr51_7a2fe3251b7eda23a0139f055b370efe IP161.34.34.140:443 ASN#2514 NTT PC Communications, Inc.
CertificateIssuerLet's Encrypt Subjectwebmail.supportofamazongcojp.duckdns.org Fingerprint3F:24:47:1E:08:42:EF:94:2F:42:4D:DA:54:79:C5:72:CB:7C:F1:D4 ValidityMon, 06 May 2024 05:30:32 GMT - Sun, 04 Aug 2024 05:30:31 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (661), with CRLF line terminators Hash201c7fe0147b263eea3750bd9d23cd12 a699186c20401958b53addeb6b5f1651d8b91b7a 620e586b86ba57023958b53730381499a4f00d04401820e0b2b92d0834e2b8f9
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Amazon | urlquery | suspicious | Suspicious - DynDNS domain |
GET /signin?verify=cr51_7a2fe3251b7eda23a0139f055b370efe HTTP/1.1
Host: supportofamazongcojp.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=e8fe1463ef92982d85d0cdb9317fdf13
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:25:13 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
|
|
| supportofamazongcojp.duckdns.org/CR51/Assets/_hayo/css/style.sign-desktop.css | 161.34.34.140 | 200 OK | 36 kB |
URL GET HTTP/1.1supportofamazongcojp.duckdns.org/CR51/Assets/_hayo/css/style.sign-desktop.css IP161.34.34.140:443 ASN#2514 NTT PC Communications, Inc.
Requested byhttps://supportofamazongcojp.duckdns.org/signin?verify=cr51_7a2fe3251b7eda23a0139f055b370efe CertificateIssuerLet's Encrypt Subjectwebmail.supportofamazongcojp.duckdns.org Fingerprint3F:24:47:1E:08:42:EF:94:2F:42:4D:DA:54:79:C5:72:CB:7C:F1:D4 ValidityMon, 06 May 2024 05:30:32 GMT - Sun, 04 Aug 2024 05:30:31 GMT
File typeASCII text, with very long lines (20048), with CRLF line terminators Hashce03668bf4cba84e446d39b1e5430fa2 a1e1d2f4e14d20921a9b13ed4ea14ce0c407e64f 0c56d79edb4b4187f79ddcecd68fae587c56402c3ed737ed954b3eda3d250967
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Amazon | urlquery | suspicious | Suspicious - DynDNS domain |
GET /CR51/Assets/_hayo/css/style.sign-desktop.css HTTP/1.1
Host: supportofamazongcojp.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://supportofamazongcojp.duckdns.org/signin?verify=cr51_7a2fe3251b7eda23a0139f055b370efe
Cookie: PHPSESSID=e8fe1463ef92982d85d0cdb9317fdf13
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:25:13 GMT
Server: Apache
Last-Modified: Sat, 13 Nov 2021 16:02:18 GMT
Accept-Ranges: bytes
Content-Length: 36441
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
|
|
| supportofamazongcojp.duckdns.org/CR51/Assets/_hayo/css/sign-dekstop.css | 161.34.34.140 | 200 OK | 136 kB |
URL GET HTTP/1.1supportofamazongcojp.duckdns.org/CR51/Assets/_hayo/css/sign-dekstop.css IP161.34.34.140:443 ASN#2514 NTT PC Communications, Inc.
Requested byhttps://supportofamazongcojp.duckdns.org/signin?verify=cr51_7a2fe3251b7eda23a0139f055b370efe CertificateIssuerLet's Encrypt Subjectwebmail.supportofamazongcojp.duckdns.org Fingerprint3F:24:47:1E:08:42:EF:94:2F:42:4D:DA:54:79:C5:72:CB:7C:F1:D4 ValidityMon, 06 May 2024 05:30:32 GMT - Sun, 04 Aug 2024 05:30:31 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size136 kB (135724 bytes) Hash145d4167f1247d5618d6a7d3df28aa7a 1188188a940b68ee827c7babeffc279ec06f8f13 a3987cc9ff1e96ae068bdd13278434f2d3d32e781b1e131d8e0ed2a1a8eb481b
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Amazon | urlquery | suspicious | Suspicious - DynDNS domain |
GET /CR51/Assets/_hayo/css/sign-dekstop.css HTTP/1.1
Host: supportofamazongcojp.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://supportofamazongcojp.duckdns.org/signin?verify=cr51_7a2fe3251b7eda23a0139f055b370efe
Cookie: PHPSESSID=e8fe1463ef92982d85d0cdb9317fdf13
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:25:13 GMT
Server: Apache
Last-Modified: Sat, 13 Nov 2021 16:02:18 GMT
Accept-Ranges: bytes
Content-Length: 135724
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
|
|
| supportofamazongcojp.duckdns.org/CR51/Assets/_hayo/js/jquery.validate.min.js | 161.34.34.140 | 200 OK | 37 kB |
URL GET HTTP/1.1supportofamazongcojp.duckdns.org/CR51/Assets/_hayo/js/jquery.validate.min.js IP161.34.34.140:443 ASN#2514 NTT PC Communications, Inc.
Requested byhttps://supportofamazongcojp.duckdns.org/signin?verify=cr51_7a2fe3251b7eda23a0139f055b370efe CertificateIssuerLet's Encrypt Subjectwebmail.supportofamazongcojp.duckdns.org Fingerprint3F:24:47:1E:08:42:EF:94:2F:42:4D:DA:54:79:C5:72:CB:7C:F1:D4 ValidityMon, 06 May 2024 05:30:32 GMT - Sun, 04 Aug 2024 05:30:31 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (829), with CRLF line terminators Hash1cdeeb8eaca2a1357de0a82bd5e5526f f0474ee246d33979152b20bfbea49045581792f3 1327e703fcf1311de11818f1fedcef1ec0ba4f60734962c6955fdffc408d5287
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Amazon | urlquery | suspicious | Suspicious - DynDNS domain |
GET /CR51/Assets/_hayo/js/jquery.validate.min.js HTTP/1.1
Host: supportofamazongcojp.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://supportofamazongcojp.duckdns.org/signin?verify=cr51_7a2fe3251b7eda23a0139f055b370efe
Cookie: PHPSESSID=e8fe1463ef92982d85d0cdb9317fdf13
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:25:14 GMT
Server: Apache
Last-Modified: Sat, 13 Nov 2021 16:02:18 GMT
Accept-Ranges: bytes
Content-Length: 36756
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/javascript
|
|
| m.media-amazon.com/images/S/sash/mPGmT0r6IeTyIee.png | 95.101.11.16 | 200 OK | 28 kB |
URL GET HTTP/2m.media-amazon.com/images/S/sash/mPGmT0r6IeTyIee.png IP95.101.11.16:443 ASN#20940 Akamai International B.V.
Requested byhttps://supportofamazongcojp.duckdns.org/signin?verify=cr51_7a2fe3251b7eda23a0139f055b370efe CertificateIssuerDigiCert Inc Subjectm.media-amazon.com Fingerprint7A:BD:EF:1F:61:5F:08:1B:79:13:35:FC:04:B8:3F:8E:D5:69:31:C3 ValidityTue, 29 Aug 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT
File typePNG image data, 400 x 750, 8-bit colormap, non-interlaced Hash1b5a1fb097715b1604b21aba92ef6a3e c4a765aedd886dc04d89e7e93b6a02c59ecb7013 437e95a363a4291060e34ba170e043274e0155821e9be374f35de3c4f13cbaa5
GET /images/S/sash/mPGmT0r6IeTyIee.png HTTP/1.1
Host: m.media-amazon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://supportofamazongcojp.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Server
content-type: image/png
content-length: 27972
x-amz-ir-id: 60c5c3cb-0e05-45df-9336-9135292f45b8
last-modified: Tue, 17 Nov 2020 23:31:33 GMT
surrogate-key: x-cache-108 /images/S/sash/mPGmT0r6IeTyIee
x-nginx-cache-status: HIT
accept-ranges: bytes
peer-cache: Hit
cache-control: public, max-age=630260455
expires: Wed, 27 Apr 2044 09:46:10 GMT
date: Tue, 07 May 2024 17:25:15 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
x-cache: Hit from akamai
strict-transport-security: max-age=86400
akamai-grn: 0.0c0b655f.1715102715.a61ec52
server-timing: provider;desc="ak"
timing-allow-origin: https://supportofamazongcojp.duckdns.org/
akamai-cache-status: Hit from child
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| m.media-amazon.com/images/S/sash/pDxWAF1pBB0dzGB.woff2 | 95.101.11.16 | 200 OK | 17 kB |
URL GET HTTP/2m.media-amazon.com/images/S/sash/pDxWAF1pBB0dzGB.woff2 IP95.101.11.16:443 ASN#20940 Akamai International B.V.
Requested byhttps://supportofamazongcojp.duckdns.org/signin?verify=cr51_7a2fe3251b7eda23a0139f055b370efe CertificateIssuerDigiCert Inc Subjectm.media-amazon.com Fingerprint7A:BD:EF:1F:61:5F:08:1B:79:13:35:FC:04:B8:3F:8E:D5:69:31:C3 ValidityTue, 29 Aug 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 16616, version 1.655 Hash4afcd3b79b78d33386f497877a29c518 cc7ebaa05a2cd3b02c0929ac0475a44ab30b7efa cded49f94fc16dc0a14923975e159fbf4b14844593e612c1342c9e34e2f96821
GET /images/S/sash/pDxWAF1pBB0dzGB.woff2 HTTP/1.1
Host: m.media-amazon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://supportofamazongcojp.duckdns.org
DNT: 1
Connection: keep-alive
Referer: https://supportofamazongcojp.duckdns.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Fri, 30 Oct 2020 21:19:16 GMT
server: Server
content-type: application/font-woff2; charset=utf-8
x-amz-ir-id: 31a430cb-db25-4548-a314-e0e3ca41c719
surrogate-key: x-cache-651 /images/S/sash/pDxWAF1pBB0dzGB
x-nginx-cache-status: HIT
peer-cache: Hit
vary: Accept-Encoding
cache-control: public, max-age=630259398
expires: Wed, 27 Apr 2044 09:28:33 GMT
date: Tue, 07 May 2024 17:25:15 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 16616
x-cache: Hit from akamai
strict-transport-security: max-age=86400
akamai-grn: 0.0c0b655f.1715102715.a61ec5d
server-timing: provider;desc="ak"
timing-allow-origin: https://supportofamazongcojp.duckdns.org/
akamai-cache-status: Hit from child
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| m.media-amazon.com/images/S/sash/KFPk-9IF4FqAqY-.woff2 | 95.101.11.16 | 200 OK | 16 kB |
URL GET HTTP/2m.media-amazon.com/images/S/sash/KFPk-9IF4FqAqY-.woff2 IP95.101.11.16:443 ASN#20940 Akamai International B.V.
Requested byhttps://supportofamazongcojp.duckdns.org/signin?verify=cr51_7a2fe3251b7eda23a0139f055b370efe CertificateIssuerDigiCert Inc Subjectm.media-amazon.com Fingerprint7A:BD:EF:1F:61:5F:08:1B:79:13:35:FC:04:B8:3F:8E:D5:69:31:C3 ValidityTue, 29 Aug 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 16460, version 1.655 Hash15e17f26c664ee0518f82972282e6ff3 46b91bda68161c14e554a779643ef4957431987b 4065b43ba3db8da5390ba0708555889f78e86483fe0226ef79ea22d07c306b89
GET /images/S/sash/KFPk-9IF4FqAqY-.woff2 HTTP/1.1
Host: m.media-amazon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://supportofamazongcojp.duckdns.org
DNT: 1
Connection: keep-alive
Referer: https://supportofamazongcojp.duckdns.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Server
content-type: application/font-woff2; charset=utf-8
x-amz-ir-id: 73a545a1-afbb-475c-a74b-31401dc094ec
last-modified: Fri, 30 Oct 2020 21:19:26 GMT
surrogate-key: x-cache-968 /images/S/sash/KFPk-9IF4FqAqY-
x-nginx-cache-status: HIT
peer-cache: Hit
vary: Accept-Encoding
cache-control: public, max-age=630259398
expires: Wed, 27 Apr 2044 09:28:33 GMT
date: Tue, 07 May 2024 17:25:15 GMT
content-length: 16460
x-cache: Hit from akamai
strict-transport-security: max-age=86400
akamai-grn: 0.0c0b655f.1715102715.a61ec66
server-timing: provider;desc="ak"
timing-allow-origin: https://supportofamazongcojp.duckdns.org/
akamai-cache-status: Hit from child
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| supportofamazongcojp.duckdns.org/CR51/Assets/_hayo/js/jquery-3.3.1.min.js | 161.34.34.140 | 200 OK | 108 kB |
URL GET HTTP/1.1supportofamazongcojp.duckdns.org/CR51/Assets/_hayo/js/jquery-3.3.1.min.js IP161.34.34.140:443 ASN#2514 NTT PC Communications, Inc.
Requested byhttps://supportofamazongcojp.duckdns.org/signin?verify=cr51_7a2fe3251b7eda23a0139f055b370efe CertificateIssuerLet's Encrypt Subjectwebmail.supportofamazongcojp.duckdns.org Fingerprint3F:24:47:1E:08:42:EF:94:2F:42:4D:DA:54:79:C5:72:CB:7C:F1:D4 ValidityMon, 06 May 2024 05:30:32 GMT - Sun, 04 Aug 2024 05:30:31 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Size108 kB (107631 bytes) Hashd532c905d593a7f16eff99f24f27621e ea0f0d16f78ec4bbaf7866213a2f012d2793e14c 97ecd42dea3bc998c5efd456bc13e2c45c700fba1c581961ca1481676bf08b42
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Amazon | urlquery | suspicious | Suspicious - DynDNS domain |
GET /CR51/Assets/_hayo/js/jquery-3.3.1.min.js HTTP/1.1
Host: supportofamazongcojp.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://supportofamazongcojp.duckdns.org/signin?verify=cr51_7a2fe3251b7eda23a0139f055b370efe
Cookie: PHPSESSID=e8fe1463ef92982d85d0cdb9317fdf13
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:25:14 GMT
Server: Apache
Last-Modified: Sat, 13 Nov 2021 16:02:18 GMT
Accept-Ranges: bytes
Content-Length: 107631
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/javascript
|
|
| supportofamazongcojp.duckdns.org/CR51/Assets/_hayo/images/favicon.ico | 161.34.34.140 | 200 OK | 18 kB |
URL GET HTTP/1.1supportofamazongcojp.duckdns.org/CR51/Assets/_hayo/images/favicon.ico IP161.34.34.140:443 ASN#2514 NTT PC Communications, Inc.
Requested byhttps://supportofamazongcojp.duckdns.org/signin?verify=cr51_7a2fe3251b7eda23a0139f055b370efe CertificateIssuerLet's Encrypt Subjectwebmail.supportofamazongcojp.duckdns.org Fingerprint3F:24:47:1E:08:42:EF:94:2F:42:4D:DA:54:79:C5:72:CB:7C:F1:D4 ValidityMon, 06 May 2024 05:30:32 GMT - Sun, 04 Aug 2024 05:30:31 GMT
File typeMS Windows icon resource - 4 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel Hashca6619b86c2f6e6068b69ba3aaddb7e4 c44a1bb9d14385334eb851fbb0afb19d961c1ee7 17d02e2db6dbedb95dd449d06868c147ac2c3b5371497bcb9407e75336a99e09
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Amazon | urlquery | suspicious | Suspicious - DynDNS domain |
GET /CR51/Assets/_hayo/images/favicon.ico HTTP/1.1
Host: supportofamazongcojp.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://supportofamazongcojp.duckdns.org/signin?verify=cr51_7a2fe3251b7eda23a0139f055b370efe
Cookie: PHPSESSID=e8fe1463ef92982d85d0cdb9317fdf13
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 17:25:15 GMT
Server: Apache
Last-Modified: Sat, 13 Nov 2021 16:02:18 GMT
Accept-Ranges: bytes
Content-Length: 17542
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/x-icon
|
|