Report - 54.87.45.218/

Report Overview

Submitted URL
54.87.45.218/
IP
54.87.45.218
ASN
#14618 AMAZON-AES
Submitted
2024-05-10 08:31:27
Access
public
Website Title
Inky Phish Fence
Final URL
54.87.45.218/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
54.87.45.218	unknown	unknown	2021-12-30	2023-12-03	3.7 kB	50 kB	54.87.45.218

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-10	medium	54.87.45.218	Sinkholed
2024-05-10	medium	54.87.45.218	Sinkholed
2024-05-10	medium	54.87.45.218	Sinkholed
2024-05-10	medium	54.87.45.218	Sinkholed
2024-05-10	medium	54.87.45.218	Sinkholed
2024-05-10	medium	54.87.45.218	Sinkholed

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (6)

URL IP Response Size

54.87.45.218/

54.87.45.218

200 OK

134 B

URL User Request GET HTTP/2
54.87.45.218/
IP
54.87.45.218:443
ASN
#14618 AMAZON-AES

Certificate
IssuerAmazon
Subjectprotection.inkyphishfence.com
Fingerprint5F:6F:06:73:A2:B6:29:77:46:27:9D:4A:F0:32:42:F9:8D:47:97:A6
ValidityTue, 19 Mar 2024 00:00:00 GMT - Thu, 17 Apr 2025 23:59:59 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
134 B (134 bytes)
Hash
4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 54.87.45.218
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Fri, 10 May 2024 08:31:02 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://54.87.45.218:443/

54.87.45.218/

54.87.45.218

200 OK

272 B

URL User Request GET HTTP/2
54.87.45.218/
IP
54.87.45.218:443
ASN
#14618 AMAZON-AES

Certificate
IssuerAmazon
Subjectprotection.inkyphishfence.com
Fingerprint5F:6F:06:73:A2:B6:29:77:46:27:9D:4A:F0:32:42:F9:8D:47:97:A6
ValidityTue, 19 Mar 2024 00:00:00 GMT - Thu, 17 Apr 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
272 B (272 bytes)
Hash
a793e80ef6ab38ce4a39a2e398e21056
8bdd61d15e35034997e52da3e8c89c940a65142a
92e0d6d65255be73ad13e14805d5d5df4b3a5c140e45d531d4374b2cda6a9210

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 54.87.45.218
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 08:31:04 GMT
content-type: text/html
content-length: 272
set-cookie: AWSALB=YzsExuVZlX8aoYoTcNCxlhFZtmlNC9j6Xlhi6MtKxIioMlclr++NrJvFAIXv6bKBLba14Z33DI+FjyZkDFSU1LmisoC7+V5wiEHx+4yzzSJmD7mpNvAA5hOC5w14; Expires=Fri, 17 May 2024 08:31:04 GMT; Path=/
AWSALBCORS=YzsExuVZlX8aoYoTcNCxlhFZtmlNC9j6Xlhi6MtKxIioMlclr++NrJvFAIXv6bKBLba14Z33DI+FjyZkDFSU1LmisoC7+V5wiEHx+4yzzSJmD7mpNvAA5hOC5w14; Expires=Fri, 17 May 2024 08:31:04 GMT; Path=/; SameSite=None; Secure
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains;
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
cache-control: max-age=0, must-revalidate
etag: "1714756857.0"
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

54.87.45.218/style.css

54.87.45.218

200 OK

1.6 kB

URL GET HTTP/2
54.87.45.218/style.css
IP
54.87.45.218:443
ASN
#14618 AMAZON-AES

Requested by
https://54.87.45.218/
Certificate
IssuerAmazon
Subjectprotection.inkyphishfence.com
Fingerprint5F:6F:06:73:A2:B6:29:77:46:27:9D:4A:F0:32:42:F9:8D:47:97:A6
ValidityTue, 19 Mar 2024 00:00:00 GMT - Thu, 17 Apr 2025 23:59:59 GMT

File type
ASCII text
Size
1.6 kB (1633 bytes)
Hash
8a676322a490a857ba8b1265fd504547
3f9b82a677c99911edc7685fc2a0afa99f96d207
c2871118ea2670891f3325f40d9fb7d14740235cc61b3f29e827b44eef067dc4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style.css HTTP/1.1
Host: 54.87.45.218
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://54.87.45.218/
Cookie: AWSALB=YzsExuVZlX8aoYoTcNCxlhFZtmlNC9j6Xlhi6MtKxIioMlclr++NrJvFAIXv6bKBLba14Z33DI+FjyZkDFSU1LmisoC7+V5wiEHx+4yzzSJmD7mpNvAA5hOC5w14; AWSALBCORS=YzsExuVZlX8aoYoTcNCxlhFZtmlNC9j6Xlhi6MtKxIioMlclr++NrJvFAIXv6bKBLba14Z33DI+FjyZkDFSU1LmisoC7+V5wiEHx+4yzzSJmD7mpNvAA5hOC5w14
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 10 May 2024 08:31:04 GMT
content-type: text/css
content-length: 1633
set-cookie: AWSALB=aOqMKzNVTk75R4M3aZTdL4YFCC5J+dBqpj7yNNxwNu+5dHa2mDBIPQ8mI9hHiZtb0zrxT9QB05ioArlgVQ49hJiElgxsisOCL6tlzvT+g+JuJBcpsqQw7YuFnKh/; Expires=Fri, 17 May 2024 08:31:04 GMT; Path=/
AWSALBCORS=aOqMKzNVTk75R4M3aZTdL4YFCC5J+dBqpj7yNNxwNu+5dHa2mDBIPQ8mI9hHiZtb0zrxT9QB05ioArlgVQ49hJiElgxsisOCL6tlzvT+g+JuJBcpsqQw7YuFnKh/; Expires=Fri, 17 May 2024 08:31:04 GMT; Path=/; SameSite=None; Secure
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains;
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
cache-control: max-age=0, must-revalidate
etag: "1714756857.0"
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

54.87.45.218/img/new_logo.png

54.87.45.218

200 OK

33 kB

URL GET HTTP/2
54.87.45.218/img/new_logo.png
IP
54.87.45.218:443
ASN
#14618 AMAZON-AES

Requested by
https://54.87.45.218/
Certificate
IssuerAmazon
Subjectprotection.inkyphishfence.com
Fingerprint5F:6F:06:73:A2:B6:29:77:46:27:9D:4A:F0:32:42:F9:8D:47:97:A6
ValidityTue, 19 Mar 2024 00:00:00 GMT - Thu, 17 Apr 2025 23:59:59 GMT

File type
PNG image data, 500 x 164, 8-bit/color RGBA, non-interlaced
Size
33 kB (32951 bytes)
Hash
9edd372d6b580f5f7ba79dac917a5a87
45b48e8a4fdd2e7f265aafc7ca5f15b2a82862ca
9aaa46b1a4435af2bd1f7a493439fee55369f50da8cf53b08aefd236e2a77a3b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/new_logo.png HTTP/1.1
Host: 54.87.45.218
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://54.87.45.218/
Cookie: AWSALB=YzsExuVZlX8aoYoTcNCxlhFZtmlNC9j6Xlhi6MtKxIioMlclr++NrJvFAIXv6bKBLba14Z33DI+FjyZkDFSU1LmisoC7+V5wiEHx+4yzzSJmD7mpNvAA5hOC5w14; AWSALBCORS=YzsExuVZlX8aoYoTcNCxlhFZtmlNC9j6Xlhi6MtKxIioMlclr++NrJvFAIXv6bKBLba14Z33DI+FjyZkDFSU1LmisoC7+V5wiEHx+4yzzSJmD7mpNvAA5hOC5w14
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 10 May 2024 08:31:04 GMT
content-type: image/png
content-length: 32951
set-cookie: AWSALB=I7T0X3M2X52JxIaavExC3Rter68qKljasRQUp6wwM8RwIctGpDbGZX00QVW7zQuETtDNwUiW2tkLs16cyoHTzxvpShP8IX2kZ0h9sjMi49V50KKi19oeCdegq4G2; Expires=Fri, 17 May 2024 08:31:04 GMT; Path=/
AWSALBCORS=I7T0X3M2X52JxIaavExC3Rter68qKljasRQUp6wwM8RwIctGpDbGZX00QVW7zQuETtDNwUiW2tkLs16cyoHTzxvpShP8IX2kZ0h9sjMi49V50KKi19oeCdegq4G2; Expires=Fri, 17 May 2024 08:31:04 GMT; Path=/; SameSite=None; Secure
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains;
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
cache-control: max-age=0, must-revalidate
etag: "1714756857.0"
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

54.87.45.218/style.css

54.87.45.218

200 OK

1.6 kB

URL GET HTTP/2
54.87.45.218/style.css
IP
54.87.45.218:443
ASN
#14618 AMAZON-AES

Requested by
https://54.87.45.218/
Certificate
IssuerAmazon
Subjectprotection.inkyphishfence.com
Fingerprint5F:6F:06:73:A2:B6:29:77:46:27:9D:4A:F0:32:42:F9:8D:47:97:A6
ValidityTue, 19 Mar 2024 00:00:00 GMT - Thu, 17 Apr 2025 23:59:59 GMT

File type
ASCII text
Size
1.6 kB (1633 bytes)
Hash
8a676322a490a857ba8b1265fd504547
3f9b82a677c99911edc7685fc2a0afa99f96d207
c2871118ea2670891f3325f40d9fb7d14740235cc61b3f29e827b44eef067dc4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style.css HTTP/1.1
Host: 54.87.45.218
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://54.87.45.218/
Cookie: AWSALB=YzsExuVZlX8aoYoTcNCxlhFZtmlNC9j6Xlhi6MtKxIioMlclr++NrJvFAIXv6bKBLba14Z33DI+FjyZkDFSU1LmisoC7+V5wiEHx+4yzzSJmD7mpNvAA5hOC5w14; AWSALBCORS=YzsExuVZlX8aoYoTcNCxlhFZtmlNC9j6Xlhi6MtKxIioMlclr++NrJvFAIXv6bKBLba14Z33DI+FjyZkDFSU1LmisoC7+V5wiEHx+4yzzSJmD7mpNvAA5hOC5w14
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 10 May 2024 08:31:04 GMT
content-type: text/css
content-length: 1633
set-cookie: AWSALB=k7oInu7WqBsF7RrJohIebGUBFBr1Quf2v9vvHxbuVFn7591MzMoSr9Eh9MaGrwYAtQbIedsJs8Ea/aJcWTshfx3XtAgwcpBL/dFLELxeHwNaeq//JBIifoM8PkwP; Expires=Fri, 17 May 2024 08:31:04 GMT; Path=/
AWSALBCORS=k7oInu7WqBsF7RrJohIebGUBFBr1Quf2v9vvHxbuVFn7591MzMoSr9Eh9MaGrwYAtQbIedsJs8Ea/aJcWTshfx3XtAgwcpBL/dFLELxeHwNaeq//JBIifoM8PkwP; Expires=Fri, 17 May 2024 08:31:04 GMT; Path=/; SameSite=None; Secure
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains;
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
cache-control: max-age=0, must-revalidate
etag: "1714756857.0"
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

54.87.45.218/favicon.ico

54.87.45.218

200 OK

9.4 kB

URL GET HTTP/2
54.87.45.218/favicon.ico
IP
54.87.45.218:443
ASN
#14618 AMAZON-AES

Requested by
https://54.87.45.218/
Certificate
IssuerAmazon
Subjectprotection.inkyphishfence.com
Fingerprint5F:6F:06:73:A2:B6:29:77:46:27:9D:4A:F0:32:42:F9:8D:47:97:A6
ValidityTue, 19 Mar 2024 00:00:00 GMT - Thu, 17 Apr 2025 23:59:59 GMT

File type
MS Windows icon resource - 4 icons, 64x64, 32 bits/pixel, 48x48, 32 bits/pixel
Size
9.4 kB (9404 bytes)
Hash
6beebeeb5db783a6d9c133a6e6e157aa
8225e701872ba824f78052f2ed1fc60ca1048e65
04bc30a1be0ba57b660f5e41c8a70bb652f4a8f70c6f5507598b4960afebb88a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 54.87.45.218
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://54.87.45.218/
Cookie: AWSALB=k7oInu7WqBsF7RrJohIebGUBFBr1Quf2v9vvHxbuVFn7591MzMoSr9Eh9MaGrwYAtQbIedsJs8Ea/aJcWTshfx3XtAgwcpBL/dFLELxeHwNaeq//JBIifoM8PkwP; AWSALBCORS=k7oInu7WqBsF7RrJohIebGUBFBr1Quf2v9vvHxbuVFn7591MzMoSr9Eh9MaGrwYAtQbIedsJs8Ea/aJcWTshfx3XtAgwcpBL/dFLELxeHwNaeq//JBIifoM8PkwP
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 10 May 2024 08:31:04 GMT
content-type: image/x-icon
content-length: 9404
set-cookie: AWSALB=GDMVlR7ToNPbbVoTMLjW8Kfovb0WrP3Aa1Gd85qNqFlLNnfByVcNr6mqc3bl9PxwlSie39WdYZ7pIGxFMXAjg4go031M5Kbt/lylFC8HV9Os8bQk7CVOyzX0gXsr; Expires=Fri, 17 May 2024 08:31:04 GMT; Path=/
AWSALBCORS=GDMVlR7ToNPbbVoTMLjW8Kfovb0WrP3Aa1Gd85qNqFlLNnfByVcNr6mqc3bl9PxwlSie39WdYZ7pIGxFMXAjg4go031M5Kbt/lylFC8HV9Os8bQk7CVOyzX0gXsr; Expires=Fri, 17 May 2024 08:31:04 GMT; Path=/; SameSite=None; Secure
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains;
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
cache-control: max-age=0, must-revalidate
etag: "1714756857.0"
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (6)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate