firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 05 Sep 2022 18:44:55 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: dKP5ctMJf4UPj968DlyTPolYJxbr5nOd0iCZ1pi57lvyzBPnijL5-Q==
Age: 1613
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d931e0142ef5ffe9cdb4c4c6bfcb9bc9
d9c4caf525e8926b042a14f38d374cc4033ed768
f610984fb0a75b3a31424faa860cbc8172c7f21804df1dc14fbb685b7c456f29
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29"
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3997
Expires: Mon, 05 Sep 2022 20:18:25 GMT
Date: Mon, 05 Sep 2022 19:11:48 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 05 Sep 2022 01:15:19 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: EUjm73Fg-3YP16EGmuT9qxO2csmXru5zIrnmk2wdRxL8ecnlJU5ROQ==
age: 64591
X-Firefox-Spdy: h2
www.amazon395.com/
148.66.24.234301 Moved Permanently 169 B IP 148.66.24.234:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash e2b2d66924b5bad7a8faa2c59f643055
a77ad5a69799f61612679c19cb2f3bf8e876c397
956e4fc6180dc45eb50c4e4071e0a2c90c871317dd63477e6b0ea6810b71dd14
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET / HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:48 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://www.amazon395.com/
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 19:11:48 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Mon, 05 Sep 2022 18:38:16 GMT
Expires: Mon, 05 Sep 2022 19:28:03 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: MOvB_w2zrzWoqXJQliKORIzbCLKBh3uTYb85H_OtKnptRrU91x6oPw==
Age: 2013
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 90bd731609d182cbbe341c4b1ddac371
28517a5204dddb47e2729621080f8b46f026e4f4
887e347f8ed0ede56f7bfb4f1c68084fc60800bac9e00b894dd8ee8b44fcdcee
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 19:11:49 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Mon, 05 Sep 2022 14:40:39 GMT
Expires: Mon, 12 Sep 2022 14:40:38 GMT
Etag: "28517a5204dddb47e2729621080f8b46f026e4f4"
Cache-Control: max-age=587928,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 746145dc7ba8fac8-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b57a9dd04797bf34612c80361f1dffb3
56573166d8b9cd9b8dae19fd905e4f3293af306b
b03552109f1e7d1e482aa14614ffb1e38fb53ae4951152aab307b927674dad98
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5156
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 19:11:49 GMT
Last-Modified: Mon, 05 Sep 2022 17:45:53 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
www.amazon395.com/
148.66.24.234200 OK 11 kB IP 148.66.24.234:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6214)
Hash 55d19953677e3665fda1e303bd0e788a
28b91c80b56789212668b6e0c238002a813c0550
3703d2d6e9fdb925fcbcc41465f409741739f2decd653c4bb4ea650c9f557b4f
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET / HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:49 GMT
Content-Type: text/html
Content-Length: 11122
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-2b72"
Accept-Ranges: bytes
push.services.mozilla.com/
54.148.77.40101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.77.40:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: AQt4CNWUllijgc1F26wuyg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zvmKxi6A76MQyWkJ26mvQF4Q8ow=
cdnjs.cloudflare.com/ajax/libs/vue-router/3.0.7/vue-router.min.js
104.17.24.14200 OK 7.9 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/vue-router/3.0.7/vue-router.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (24752)
Hash 0d54f6f5c8510f922d3043f72ca3c7e7
53900b6909e717a1c9478f012c076dbaaca2afd0
76625231445d1efabe991d68b6ffd3da71d472026f72d3f6932ab62c764a9b83
GET /ajax/libs/vue-router/3.0.7/vue-router.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 19:11:49 GMT
content-type: application/javascript; charset=utf-8
content-length: 7869
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb0402b-60f6"
last-modified: Mon, 04 May 2020 16:17:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 1240475
expires: Sat, 26 Aug 2023 19:11:49 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4vIX%2BtQMHbBCs2zEYa3lvDnFDXozqKHIg%2FdkPPSqAXSQJmPs2vGYgjEz6g%2BOmf8zpo1QWnZ8IOXoWAO810OGuOfd%2FwsCOwAeqzlwBlwb1O%2F3qssA%2FBZ149sMdgybNPxUZznR1JOl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 746145dfaa70b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.1/js.cookie.js
104.17.24.14200 OK 1.3 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.1/js.cookie.js
IP 104.17.24.14:0
Hash 8898c4bad42648b08ff9c10591b2e3c0
9788391f6ab53da868de1495ae190d3bb15acd85
eb5d2aae6a3f76d551d954504c83d498d547b0e55a2f02b75f61103882cef0fd
GET /ajax/libs/js-cookie/2.2.1/js.cookie.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 19:11:49 GMT
content-type: application/javascript; charset=utf-8
content-length: 1299
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec5-f2b"
last-modified: Mon, 04 May 2020 16:11:49 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 8289773
expires: Sat, 26 Aug 2023 19:11:49 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zs1e%2FYI7Uu%2BEu7PEVeYQa8LrqtKYNat6u1e7wiJvxNMtgcoPJ0a5oVsUOUHRSVAYilpgfFGcYr6vEpsaEeUk5vpCFniOP%2FHZK%2BGbBswhCzJXO662x9Sb%2BXx5QW58ArPTxa6YCwk2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 746145dfaa75b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/sockjs-client/1.3.0/sockjs.min.js
104.17.24.14200 OK 17 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/sockjs-client/1.3.0/sockjs.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (62696)
Hash 77b516c3ebfc95bd630b4ddb794e022c
3ef8f3ee2c4b0b3fb50435e527912e9dfba04833
67361b4ec624b2b09c483a9790505b5694a693f32a091c0344c07964264fd8f2
GET /ajax/libs/sockjs-client/1.3.0/sockjs.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 19:11:49 GMT
content-type: application/javascript; charset=utf-8
content-length: 16651
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fd5-f54d"
last-modified: Mon, 04 May 2020 16:16:21 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 1240475
expires: Sat, 26 Aug 2023 19:11:49 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EpkOUt3D6Wv9abl1S1psRZQ%2B5Xq52vzMtDUniU3wmPxtPx4C9W20%2BLKRITP8Ok9dmya9KDgg0NVtsY4TGz2YJGU9PkmLdLGM0vfFNaBGex9LuqxYJHJ0KmBUiO%2B1AEnigfSPgqqE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 746145dfaa72b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/element-ui/2.12.0/index.js
104.17.24.14200 OK 117 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/element-ui/2.12.0/index.js
IP 104.17.24.14:0
File type Unicode text, UTF-8 text, with very long lines (65121), with no line terminators
Size 117 kB (117135 bytes)
Hash 23349aaef67d3736c08321a3e284ed1d
7dfd22330714dc7ab91147e9617664c1e0ed6c13
f0138e60759f16b1570b1bdd9ecc0cf2f403fb25e948ff56b711bc809578896e
GET /ajax/libs/element-ui/2.12.0/index.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 19:11:49 GMT
content-type: application/javascript; charset=utf-8
content-length: 117135
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e43-89a4e"
last-modified: Mon, 04 May 2020 16:09:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 8665354
expires: Sat, 26 Aug 2023 19:11:49 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n992Z925OBbSBE%2BMsqfAE1GQoJTRQ05Yyzk1f%2F6AKpyTNWMHn1kYvcEGnoZ4frqDDRY3ycWzF%2FqTNhIMfHUtH5QuBiwFpAVUKHGJuWTRdhhvPrnUKj7vInQNrup%2FacpejIS3nSWv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 746145dfaa73b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs//Swiper/4.5.1/js/swiper.min.js
104.17.24.14200 OK 29 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs//Swiper/4.5.1/js/swiper.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (65269)
Hash 1ab59503ddf1f02b868c1527eb26b922
2b86da265ccf60ec3a5cf8eec63aa64509745b41
6792121bf50d7a32c7b932c59af304e4d101367117032a7db6c75492a5a6241a
GET /ajax/libs//Swiper/4.5.1/js/swiper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 19:11:49 GMT
content-type: application/javascript; charset=utf-8
content-length: 28993
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03cf2-1f6e9"
last-modified: Mon, 04 May 2020 16:04:02 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 5448487
expires: Sat, 26 Aug 2023 19:11:49 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=beZ2GN7%2B6qf32Sp3%2BdWcJ0dhotbD4XNPopqKDjQs7KkqgNyGJP0ogpRVI7%2FGEMVMzVjxM50EKvNzsm0He4h9kY90TuTQ7f3i%2Bbj7TvYCkzQWA9XgHYBvjKrkEgID4VLIYOuLUb%2FI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 746145dfaa74b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/core-js/2.6.9/core.min.js
104.17.24.14200 OK 27 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/core-js/2.6.9/core.min.js
IP 104.17.24.14:0
File type Unicode text, UTF-8 text, with very long lines (32000), with LF, NEL line terminators
Hash 4aca6ecb1b18b778c945cb8465bcd3f8
db848e7f124d0107f26f9877def028342ede4028
f8be427d8d4384ba4c401110a2f0c3f544523714e2d7f0721f7e1e15f6942a04
GET /ajax/libs/core-js/2.6.9/core.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Sep 2022 19:11:49 GMT
content-type: application/javascript; charset=utf-8
content-length: 27060
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e2d-16793"
last-modified: Mon, 04 May 2020 16:09:17 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 16670784
expires: Sat, 26 Aug 2023 19:11:49 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a6fxv0cR9%2FjwCIhs40sPmp3vmoipQjqUHsZlD3ymqu8VTTogSiGZkudEhlxwfw%2BHhZTgVwPbgXNUhV42M%2Fq%2Fp52VpV96RzVVJ9fq9rgIfsmT7nt68Fdi%2BM8EARgdwIIPaUG4NkHR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 746145dfaa7ab515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/element-ui/2.12.0/theme-chalk/index.css
104.17.24.14200 OK 28 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/element-ui/2.12.0/theme-chalk/index.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash c26cddea87633fa3d270eed357247f60
5239357126ef1bc47a4f441ceb32814b6e55a069
a67043e365b2e5cfa6e81df4f68865087a24ef6080ce91f355b0e5f79429bdc3
GET /ajax/libs/element-ui/2.12.0/theme-chalk/index.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Sep 2022 19:11:49 GMT
content-type: text/css; charset=utf-8
content-length: 27462
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e43-38cf6"
last-modified: Mon, 04 May 2020 16:09:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 1240475
expires: Sat, 26 Aug 2023 19:11:49 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VXnv4TA1KNIGnXRWae4jxC4f3uCrlBMTVrJmO%2FWE7WR8ymrokazVsl4TC61H193Ycd6Cd55r1Ln599V2uGr8JYPEoE%2BePiNG37rmOXQ71XqcbtFGommAXMOXs%2F2i7zMenLsGSe11"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 746145dfaa6db515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/vant/2.12.44/index.min.css
104.17.24.14200 OK 38 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/vant/2.12.44/index.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash d0a3b6e8862527d0429d604055022a02
7b46f2a1b2c3901075f28c70566f31a26f57b872
1d41684571fffba351d6f095fd87274b328bf6fc37ef0063f2e14fa403834b0f
GET /ajax/libs/vant/2.12.44/index.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 19:11:49 GMT
content-type: text/css; charset=utf-8
content-length: 38108
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "620aa8ff-94dc"
last-modified: Mon, 14 Feb 2022 19:09:51 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 1240475
expires: Sat, 26 Aug 2023 19:11:49 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ay2C041g5Ck9m%2BAMUuMqFNeuph17kh5x1sPv%2Bvq2i1HB%2FkASXt%2FkAb0DDZEzaDOVlHXTpSaDOjU7F2TMPmIgcuQm71eXMTwjdekB8lcCzJUnd5XEXuZUa1icyJSNFGJ1oaY2flEV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 746145dfaa76b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/vue-i18n/8.12.0/vue-i18n.min.js
104.17.24.14200 OK 6.2 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/vue-i18n/8.12.0/vue-i18n.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (22712)
Hash db1e8a1741b08d1d80355d6588d3234d
85d92221d4fa3f1feb32bd96a7c585b7ba1f7bea
9e19783a58b6612c82e9973a91b725bb8a151fc7aef624fb9369bc50b07dafdf
GET /ajax/libs/vue-i18n/8.12.0/vue-i18n.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Sep 2022 19:11:49 GMT
content-type: application/javascript; charset=utf-8
content-length: 6201
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb0402b-5915"
last-modified: Mon, 04 May 2020 16:17:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 336437
expires: Sat, 26 Aug 2023 19:11:49 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zTHgbkFXu8%2BSnzesseP%2F79yNkg%2Fx%2Frw270NkYBEW6Jn8aDeNNw%2BxbPHern5BTksOpUq%2FYOdmYM1Smau6pcE5rHwSTXvOooFxVXNKptPbaAHcPH6Yv5v0HHHQ67r1tIbHefNv3iZ9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 746145dfba8ab515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/vue/2.6.10/vue.min.js
104.17.24.14200 OK 31 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/vue/2.6.10/vue.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (65449)
Hash 20eb0d013d0158a84ab33c104d1ffc05
be486bc183d1445430c2b2db8f19af09030d7c85
71abc6482d32546a080bd4de97f60ebb671e189f819a1a5a17cbe7e56fc1b008
GET /ajax/libs/vue/2.6.10/vue.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Sep 2022 19:11:49 GMT
content-type: application/javascript; charset=utf-8
content-length: 30769
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb0402c-16deb"
last-modified: Mon, 04 May 2020 16:17:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 133428
expires: Sat, 26 Aug 2023 19:11:49 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K45zn%2BlFK%2F3E6JdFuuSExjHR9Y4u4FzcBrgw5RIt9BzEmcCfz15sGQgJa1Qm2kSQIDWMrUfq%2FVwZOIp0HRRj8hEKMYnetvV1cRAETzUACh7U9Scm8A8MxTw9Z4ucnbG06BieGp8t"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 746145dfead4b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/axios/0.19.0-beta.1/axios.min.js
104.17.24.14200 OK 4.2 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/axios/0.19.0-beta.1/axios.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (10313)
Hash 50a9943ff252597aef0b94a546324ca1
87cadb6052ce7bf8da23c1fe80c534d2621ce833
18ef6068e5974b3cb68c62b34cce2688a7091e8d3fbb781a33657f42993b5f47
GET /ajax/libs/axios/0.19.0-beta.1/axios.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Sep 2022 19:11:49 GMT
content-type: application/javascript; charset=utf-8
content-length: 4213
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d6a-3546"
last-modified: Mon, 04 May 2020 16:06:02 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 1240475
expires: Sat, 26 Aug 2023 19:11:49 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rmCCs%2FDdyX4YKoMB2icsf91Fou4miyjJfBfroh5wi3p9VjLE97h3G%2BeWXmlNLhVMxorcwJ4nvs93%2FVG9Lyktrl52PGR7234U8zR4uKrFd6QJat27YGkrAAK8qgAViNDOA%2Bp9E6D%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 746145e04b4db515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash b6787e2e11faff133f1ae1b6e64be5b5
ce2d5949fc5a9cddf7591ef24a860ead9adfe1d3
338551f1a4263f230d312873b28bcaebfb81522ee0e213f2a7d6beb5d067f592
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 19:11:49 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "2D5F5903CB4CC9F18EF62860546DAAA8F1E66B5A"
Expires: Tue, 06 Sep 2022 05:00:00 GMT
Last-Modified: Mon, 05 Sep 2022 17:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3495
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 746145e0a986b4fa-OSL
www.amazon395.com/lib/flexible.css
148.66.24.234200 OK 1.0 kB URL HTTP/1.1 www.amazon395.com/lib/flexible.css
IP 148.66.24.234:0
Hash 7524a2ba32138a0363ad48a78f4c7b9a
aab46e82603b9de5b1880c0aaddc0d0f29dbf7a6
d68ca73f7b227d0da6b310867a0a588530657bc433fce241b3b2aea1502c10c6
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /lib/flexible.css HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:50 GMT
Content-Type: text/css
Content-Length: 1032
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-408"
Accept-Ranges: bytes
www.amazon395.com/lib/flexible.js?2222
148.66.24.234200 OK 4.1 kB URL HTTP/1.1 www.amazon395.com/lib/flexible.js?2222
IP 148.66.24.234:0
Hash 1572c9446821f8b1dc1136b64b44e739
6a786ef63db48581f50e85601ef4a3effe8bf095
264ef2e4767a942ee634794619d94edbd7da642cb79277c16b974cac9795c246
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /lib/flexible.js?2222 HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:50 GMT
Content-Type: application/javascript
Content-Length: 4065
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-fe1"
Accept-Ranges: bytes
www.amazon395.com/css/app.7d6afe1f.css
148.66.24.234200 OK 33 kB URL HTTP/1.1 www.amazon395.com/css/app.7d6afe1f.css
IP 148.66.24.234:0
File type ASCII text, with very long lines (32842), with no line terminators
Hash 392e72f4764edfd7a55642addf7cbef2
0a70e49e5e91eb1998c1dbf103d0af94efe67f6a
46f14e066393c2e73d7e403eb67a4565fdd7ae40dc8d7858e18f99275e8ac380
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /css/app.7d6afe1f.css HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:50 GMT
Content-Type: text/css
Content-Length: 32842
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-804a"
Accept-Ranges: bytes
www.amazon395.com/lib/mobiscroll/mobiscroll.custom-3.0.0-beta6.min.css
148.66.24.234200 OK 243 kB URL HTTP/1.1 www.amazon395.com/lib/mobiscroll/mobiscroll.custom-3.0.0-beta6.min.css
IP 148.66.24.234:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 243 kB (242926 bytes)
Hash 0005accf931955eec5ed86f897e0d360
7ae89839cacb8637600a3b0067fe8611edae2f65
277dccf22d817aecf00496f547b3704907d454570f579e5f9d147435de498557
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /lib/mobiscroll/mobiscroll.custom-3.0.0-beta6.min.css HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:49 GMT
Content-Type: text/css
Content-Length: 242926
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-3b4ee"
Accept-Ranges: bytes
www.amazon395.com/js/chunk-vendors.242369e9.js
148.66.24.234200 OK 76 kB URL HTTP/1.1 www.amazon395.com/js/chunk-vendors.242369e9.js
IP 148.66.24.234:0
File type Unicode text, UTF-8 text, with very long lines (24553)
Hash ff9c75c5d86940afbacb4eeecbfea693
a38c5583cc672c5220a9946913d7b7e41f3167c9
7b32c1eedfd23ad89c5d679b16ddc01ee521a7a702ace762f91743707b8af42b
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /js/chunk-vendors.242369e9.js HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:50 GMT
Content-Type: application/javascript
Content-Length: 76289
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-12a01"
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16025
Expires: Mon, 05 Sep 2022 23:38:55 GMT
Date: Mon, 05 Sep 2022 19:11:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16025
Expires: Mon, 05 Sep 2022 23:38:55 GMT
Date: Mon, 05 Sep 2022 19:11:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16025
Expires: Mon, 05 Sep 2022 23:38:55 GMT
Date: Mon, 05 Sep 2022 19:11:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16025
Expires: Mon, 05 Sep 2022 23:38:55 GMT
Date: Mon, 05 Sep 2022 19:11:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16025
Expires: Mon, 05 Sep 2022 23:38:55 GMT
Date: Mon, 05 Sep 2022 19:11:50 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F326e03cd-e1aa-45a4-8a6b-bdd21f21012c.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F326e03cd-e1aa-45a4-8a6b-bdd21f21012c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c4b2d6a516e93799b54fe2bbd6630f86
b5a7380f294876dd308c7fde294f36a425c1be01
7463878d8967ff31d7ce20d5a4408c23ad59123032a990c21a47df0881edcb86
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F326e03cd-e1aa-45a4-8a6b-bdd21f21012c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5377
x-amzn-requestid: 2adc68e8-1889-4233-8ac4-e2a8d44ccbdd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X_4XzF1FoAMF3AA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63163a98-5918897d7de556f75bbfab34;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 18:06:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: DpNb6dBygeDbRbFWIkeXYVddcgxlSVuq4y73JvG315Xp-wkwiDhZyQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 18:09:25 GMT
age: 3745
etag: "b5a7380f294876dd308c7fde294f36a425c1be01"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F514b7fbd-ae99-4219-bd03-50e907f92b7b.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F514b7fbd-ae99-4219-bd03-50e907f92b7b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ca50f9c56ff869b0b63ca71b1a9f8170
13b16ca74113dfd52ccf23e6bb39307fc713f984
76b85dd7e018ab4b3d4b2610f90dbca61d0f05d38a3b905fee789af131ae7538
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F514b7fbd-ae99-4219-bd03-50e907f92b7b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14855
x-amzn-requestid: 65cf850b-227a-4318-a00e-d7cd4ef81489
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5wjuGtpoAMFvvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c7b1-54bc36741984491b0509d173;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:31:29 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: tR9oeUGtH0NFZdnZj93V6HysPnKOTJhhiEOTNwYdq-4xIzeBZblrhA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 21:58:46 GMT
age: 76384
etag: "13b16ca74113dfd52ccf23e6bb39307fc713f984"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7142280-0dbd-4c8e-a960-d357c9143af6.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7142280-0dbd-4c8e-a960-d357c9143af6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 10318189f33f071dda64249ab9c8c5bb
e5b5b649a243e5c004d9923d19d4421d1ea96d23
3e775a1990e4d185024faf2fdff7a5eb9063f7ee19784f32fb4f7f10643c8102
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7142280-0dbd-4c8e-a960-d357c9143af6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5652
x-amzn-requestid: 05fffcb2-43c0-4acf-81b2-1b914459e1e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5wwHErUIAMFmNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c800-47fe166763992ab271a87aa4;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:32:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: uz2NbcE4AmOvFQkhJALSpXCGizilya0TuFcczfEwtV09cGXtgVNlpQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 22:08:58 GMT
age: 75772
etag: "e5b5b649a243e5c004d9923d19d4421d1ea96d23"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13d7f0db-89d6-4166-b182-85e35e518df9.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13d7f0db-89d6-4166-b182-85e35e518df9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 30bf854fd3e27e2313a3d26fc43b9990
032acf1bfb0c8e2cbce8f2ff4d2964424b044951
7641be64dd25487edf4f845d1fbb0b07daa80fa8fb58863dd09081d9d169bd13
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13d7f0db-89d6-4166-b182-85e35e518df9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8469
x-amzn-requestid: de0e8998-4a52-4651-bcd6-3068c50193b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X9Ey2Eq4oAMFZlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63151b45-15da44d87bf486cb1738fe18;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: GuATNx2xnWnEl0cr_2ZWZo_jOWbHlSBYksIeHFDoHAK9o5Tf0PPliQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 22:03:29 GMT
etag: "032acf1bfb0c8e2cbce8f2ff4d2964424b044951"
content-type: image/jpeg
age: 76101
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F022243d2-ac74-4a81-b31f-104b203bf550.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F022243d2-ac74-4a81-b31f-104b203bf550.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7fe061740ad833cfe7ff0fe078d6810d
15d0fc3fdced758b5797361bae0fd53341e0581d
5409b6775bca5afd03901975c61c27f267efe2c8a8e739f05ebc52a938c5a368
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F022243d2-ac74-4a81-b31f-104b203bf550.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5459
x-amzn-requestid: a75bf8a5-dc96-4a88-9de5-b79d1d62ff21
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XxB_bFMFoAMFkEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631049fc-2685c90962d8af5f4a7b5908;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 05:58:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rZh0s85w1Nt6qZdZybNBcQHEXMWQIJvtAyCbF4oWsYUOlIKuNS5Fpg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 22:38:48 GMT
age: 73982
etag: "15d0fc3fdced758b5797361bae0fd53341e0581d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69b1e092-41e6-4f1e-b330-193f7dd11afc.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69b1e092-41e6-4f1e-b330-193f7dd11afc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 290f6551c5ac539ea60810b135750f17
3633391a8dd87ef10fcb0d04d7b309738affc4a7
d94d133faaf232cf15b5c3f38f5b45d87d70bce0668d607b5c66a8d3f836540f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69b1e092-41e6-4f1e-b330-193f7dd11afc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7830
x-amzn-requestid: c56af3b5-2c48-4243-b220-d56a9be47990
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X9Ey3H4JoAMFiMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63151b45-23ec24d867e3e5906fffa1a6;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: VgP7BDBmd5A5bAmRgO88geep419uZ0TQop4jEmRkx-q9rX4PUJZOCQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 22:16:55 GMT
age: 75295
etag: "3633391a8dd87ef10fcb0d04d7b309738affc4a7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.amazon395.com/lib/jquery-1.11.2.min.js
148.66.24.234200 OK 96 kB URL HTTP/1.1 www.amazon395.com/lib/jquery-1.11.2.min.js
IP 148.66.24.234:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 6355f3cc28006e33bad2e765cde30e0d
909cd6318d5047f3c8e83528253b256981394414
39eed2d24faf4985b922b64d078f106edba6b3b84d5385e483a5c7bd69201da7
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /lib/jquery-1.11.2.min.js HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:50 GMT
Content-Type: application/javascript
Content-Length: 96382
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-1787e"
Accept-Ranges: bytes
www.amazon395.com/js/app.d0fd4cb7.js
148.66.24.234200 OK 491 kB URL HTTP/1.1 www.amazon395.com/js/app.d0fd4cb7.js
IP 148.66.24.234:0
File type Unicode text, UTF-8 text, with very long lines (43814)
Size 491 kB (490918 bytes)
Hash 8aef706d25c1a59dca740fca74f7ca88
afc6f799bf460c4b4c427454fddae76e610fc50c
2a7d90beab8da226d3a10b10180db68ca53b424616221eb64874571f19c17d70
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /js/app.d0fd4cb7.js HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:50 GMT
Content-Type: application/javascript
Content-Length: 490918
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-77da6"
Accept-Ranges: bytes
www.amazon395.com/js/chunk-06ae24a4.686330fb.js
148.66.24.234200 OK 129 B URL HTTP/1.1 www.amazon395.com/js/chunk-06ae24a4.686330fb.js
IP 148.66.24.234:0
File type ASCII text, with no line terminators
Hash 676e3a2df47d8e40c29c2d1a67127eec
e54e8144ef939162c151a843933a98ff020a2641
6499fae751b066d09b0d93a067502c15d6fecd5b460c7f5a981dc1fb3b286fb4
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /js/chunk-06ae24a4.686330fb.js HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:51 GMT
Content-Type: application/javascript
Content-Length: 129
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-81"
Accept-Ranges: bytes
www.amazon395.com/css/chunk-06ae24a4.dda523e3.css
148.66.24.234200 OK 48 kB URL HTTP/1.1 www.amazon395.com/css/chunk-06ae24a4.dda523e3.css
IP 148.66.24.234:0
File type ASCII text, with very long lines (46623), with CRLF, LF line terminators
Hash 905a23355a7176b5dc5fc68d75e3dd3f
46046e0c23600339b4287ca26ba70c876039219c
035c11acb6a7757ea152a6043e6acbc196fde7b147cf80db5074292963f3c92e
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /css/chunk-06ae24a4.dda523e3.css HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:51 GMT
Content-Type: text/css
Content-Length: 47766
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-ba96"
Accept-Ranges: bytes
www.amazon395.com/api/common/dictEnumMapAll
148.66.24.234200 OK 5.1 kB URL HTTP/1.1 www.amazon395.com/api/common/dictEnumMapAll
IP 148.66.24.234:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (3854), with no line terminators
Hash fc8abf099b5d9165841888ec8ec1f896
e4337f3445bb1a0f2792a8135d78e1561c2c5571
4be8151b4b7c8140f1e46b7c68cde472c6f10c307895fa50e78f25e6b2e2c470
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
POST /api/common/dictEnumMapAll HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: null
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
X-USER-TOKEN: undefined
Origin: https://www.amazon395.com
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:51 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
www.amazon395.com/api/common/dict/allMap
148.66.24.234200 OK 16 kB URL HTTP/1.1 www.amazon395.com/api/common/dict/allMap
IP 148.66.24.234:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (15548), with no line terminators
Hash 9729b4d2e67f535500362f61229a4b45
66ff402bbe482ce08bb08240281560187c043d9b
2b709151d3df0632dbe0ba39eba5af4fa8983b306aa589e2e43ddbfe56773996
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
POST /api/common/dict/allMap HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: null
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
X-USER-TOKEN: undefined
Origin: https://www.amazon395.com
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:51 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
www.amazon395.com/css/chunk-0c38294e.189b8db8.css
148.66.24.234200 OK 305 B URL HTTP/1.1 www.amazon395.com/css/chunk-0c38294e.189b8db8.css
IP 148.66.24.234:0
File type ASCII text, with very long lines (305), with no line terminators
Hash 1f88309905f5ff24357d3b8e4178c75f
387b594d8dac4cba42790099f2f1a8ea4554fa9b
6d8ffd495f28920c45f044497d808d44a2696fde0a808c8c0123b19e3f590b62
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /css/chunk-0c38294e.189b8db8.css HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:51 GMT
Content-Type: text/css
Content-Length: 305
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-131"
Accept-Ranges: bytes
www.amazon395.com/css/chunk-0cb2b90c.af5eefdd.css
148.66.24.234200 OK 154 B URL HTTP/1.1 www.amazon395.com/css/chunk-0cb2b90c.af5eefdd.css
IP 148.66.24.234:0
File type ASCII text, with no line terminators
Hash 85a30bc2c96bf5805ebc2130b1e25c33
8350f00c8a0cde3989f0c3a1f795f3bd41986665
dbad21e00b1e05b86df4268a72fbdebc000891ec1b226cc56ff384fc2eeefada
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /css/chunk-0cb2b90c.af5eefdd.css HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:51 GMT
Content-Type: text/css
Content-Length: 154
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-9a"
Accept-Ranges: bytes
www.amazon395.com/css/chunk-1d2fb29c.1bf7d33a.css
148.66.24.234200 OK 424 B URL HTTP/1.1 www.amazon395.com/css/chunk-1d2fb29c.1bf7d33a.css
IP 148.66.24.234:0
File type ASCII text, with very long lines (424), with no line terminators
Hash dcb14c423c71a70b73bd41de6b15cd57
04115117757e82a69800aff7b39a276f2f1c9d78
dee2ec149e0e8de9fc04a71a6d5eaec562785989c653564ce8ba783eaeac3847
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /css/chunk-1d2fb29c.1bf7d33a.css HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:51 GMT
Content-Type: text/css
Content-Length: 424
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-1a8"
Accept-Ranges: bytes
www.amazon395.com/css/chunk-11d62038.45ef5494.css
148.66.24.234200 OK 2.8 kB URL HTTP/1.1 www.amazon395.com/css/chunk-11d62038.45ef5494.css
IP 148.66.24.234:0
File type ASCII text, with very long lines (2802), with no line terminators
Hash 6ffe5081cd5b0dbf1607efc8611bd835
36aee7f32a413f68459fe958c470eb8fc2b5e189
b3e97880c6c80d6ce69351564ebebd0c71bb6cc13e13456614cde3d6da5ad3f3
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /css/chunk-11d62038.45ef5494.css HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:51 GMT
Content-Type: text/css
Content-Length: 2802
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-af2"
Accept-Ranges: bytes
www.amazon395.com/css/chunk-23b8f8b8.e201d405.css
148.66.24.234200 OK 66 B URL HTTP/1.1 www.amazon395.com/css/chunk-23b8f8b8.e201d405.css
IP 148.66.24.234:0
File type ASCII text, with no line terminators
Hash fb7910b03bc41a4f7bdd4d92bf5a8ea9
bf610405db3ddb6777c232d534b3910429060cc3
16a40a6342d3e6a429859afdf791520f668f440ef43cf64eb79d48c52d0847f6
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /css/chunk-23b8f8b8.e201d405.css HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:51 GMT
Content-Type: text/css
Content-Length: 66
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-42"
Accept-Ranges: bytes
www.amazon395.com/css/chunk-2930a3e9.a3176523.css
148.66.24.234200 OK 675 B URL HTTP/1.1 www.amazon395.com/css/chunk-2930a3e9.a3176523.css
IP 148.66.24.234:0
File type ASCII text, with very long lines (675), with no line terminators
Hash da2f8aa1534104432a4bef708b9def34
4e0e47af2a9e3a5354a8d8e99319228396a8c03f
b746d5db555cee912906525ec8e6ca4c20cffbe52dae28b7d5cb370a460843b4
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /css/chunk-2930a3e9.a3176523.css HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:51 GMT
Content-Type: text/css
Content-Length: 675
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-2a3"
Accept-Ranges: bytes
www.amazon395.com/css/chunk-7721dd77.2d43317c.css
148.66.24.234200 OK 14 kB URL HTTP/1.1 www.amazon395.com/css/chunk-7721dd77.2d43317c.css
IP 148.66.24.234:0
File type ASCII text, with very long lines (13638), with no line terminators
Hash 46c492bb442cef899a3f3fa5563fafd2
9158e28c9caff225d4bb28e8bf94bd90aff75bca
d32262a9db6bf05435bae832accd742c7df051942fac7f0abf0e6938beb72162
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /css/chunk-7721dd77.2d43317c.css HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:51 GMT
Content-Type: text/css
Content-Length: 13638
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-3546"
Accept-Ranges: bytes
www.amazon395.com/js/chunk-7721dd77.0e3d8694.js
148.66.24.234200 OK 104 B URL HTTP/1.1 www.amazon395.com/js/chunk-7721dd77.0e3d8694.js
IP 148.66.24.234:0
File type ASCII text, with no line terminators
Hash 50a232a7a5154e825f186f95acf29aee
802fa9205750afec336d36539e1a913906088396
ea9c81db3bf4e708fccee76f211080e15889d6a7efb7134d71e6d728fc0ec5b1
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /js/chunk-7721dd77.0e3d8694.js HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:51 GMT
Content-Type: application/javascript
Content-Length: 104
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-68"
Accept-Ranges: bytes
www.amazon395.com/css/chunk-5df240d0.de264330.css
148.66.24.234200 OK 5.4 kB URL HTTP/1.1 www.amazon395.com/css/chunk-5df240d0.de264330.css
IP 148.66.24.234:0
File type ASCII text, with very long lines (5374), with no line terminators
Hash d2ea9e0d6c4c49e4a1eeaf9efc5d34ce
8706c1d5d53a0a1bb4037134f6ea914d24532ff9
913b31f4d11508c1130ba5e4e7d4eab0d7ce86c8665546297b895a29f3f33228
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /css/chunk-5df240d0.de264330.css HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:51 GMT
Content-Type: text/css
Content-Length: 5374
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-14fe"
Accept-Ranges: bytes
www.amazon395.com/js/chunk-5df240d0.4103601f.js
148.66.24.234200 OK 29 kB URL HTTP/1.1 www.amazon395.com/js/chunk-5df240d0.4103601f.js
IP 148.66.24.234:0
File type Unicode text, UTF-8 text, with very long lines (28895), with no line terminators
Hash 0b22a5ebd4d2ca742be27a69ae3e9f54
2d45f276645613151d53426a66fb54d9bdaac1dd
699a82982d24c36004d2c2aa4beda895fe031fbf33dddf9b5c6fcca5ce5cc219
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /js/chunk-5df240d0.4103601f.js HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:51 GMT
Content-Type: application/javascript
Content-Length: 29290
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-726a"
Accept-Ranges: bytes
www.amazon395.com/css/chunk-43dd596e.f2477af6.css
148.66.24.234200 OK 1.3 kB URL HTTP/1.1 www.amazon395.com/css/chunk-43dd596e.f2477af6.css
IP 148.66.24.234:0
File type ASCII text, with very long lines (1273), with no line terminators
Hash b80799280d6a193443a5cfa9de4daf90
f561b6363df7303e80d7f23c233e9a8b0a69e57c
8d10ba5634cfee09d52896e30b6f982d2ebd8c605b6b3bd18eea879a8727ed03
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /css/chunk-43dd596e.f2477af6.css HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:52 GMT
Content-Type: text/css
Content-Length: 1273
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-4f9"
Accept-Ranges: bytes
www.amazon395.com/css/chunk-5915ee8d.4006cc4e.css
148.66.24.234200 OK 4.8 kB URL HTTP/1.1 www.amazon395.com/css/chunk-5915ee8d.4006cc4e.css
IP 148.66.24.234:0
File type ASCII text, with very long lines (4754), with no line terminators
Hash f2cf758791111fd2d848603463e99178
6efa309eee6c7aebb25f7eb378ebb367680cea9f
be18a5cd6c8dd5547446a18363472d5ee56a0d2008b3d187fda6f866ed32facc
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /css/chunk-5915ee8d.4006cc4e.css HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:52 GMT
Content-Type: text/css
Content-Length: 4754
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-1292"
Accept-Ranges: bytes
www.amazon395.com/css/chunk-48d2056e.d3e728c0.css
148.66.24.234200 OK 385 B URL HTTP/1.1 www.amazon395.com/css/chunk-48d2056e.d3e728c0.css
IP 148.66.24.234:0
File type ASCII text, with very long lines (385), with no line terminators
Hash e5f9439cd04350f896e937c91506e85e
b588ba14da02ee615ecaf9c4ef8f90c2781302a5
86fd7deb9db4c29e234c56c02926f08c90cba23fa47308a69ac557d0d20c975e
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /css/chunk-48d2056e.d3e728c0.css HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:52 GMT
Content-Type: text/css
Content-Length: 385
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-181"
Accept-Ranges: bytes
www.amazon395.com/css/chunk-4e503e5d.08df92f2.css
148.66.24.234200 OK 55 B URL HTTP/1.1 www.amazon395.com/css/chunk-4e503e5d.08df92f2.css
IP 148.66.24.234:0
File type ASCII text, with no line terminators
Hash d72127298a84dee5fbcb86bab58dccdd
e0c448be4603c4ed2594d8ff1edd0a78d99a77a3
e5302ad1e9ef76d005d59c6d8f2b499d8c528b940be3d2a40873398c91488b0f
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /css/chunk-4e503e5d.08df92f2.css HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:52 GMT
Content-Type: text/css
Content-Length: 55
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-37"
Accept-Ranges: bytes
www.amazon395.com/css/chunk-3daaf73b.c835f3ce.css
148.66.24.234200 OK 148 B URL HTTP/1.1 www.amazon395.com/css/chunk-3daaf73b.c835f3ce.css
IP 148.66.24.234:0
File type ASCII text, with no line terminators
Hash d9ca4900e3a84044a6dd0cb9114ea380
ed5f837f4ea557d64fe5bd89a06bbe2eb0c04e36
8e59f79358ed757af34c14a5c5f4944f30ee7cd20976023d6c9c1f31ea320f85
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /css/chunk-3daaf73b.c835f3ce.css HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:52 GMT
Content-Type: text/css
Content-Length: 148
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-94"
Accept-Ranges: bytes
www.amazon395.com/css/chunk-5678bdc8.24abfb4e.css
148.66.24.234200 OK 110 B URL HTTP/1.1 www.amazon395.com/css/chunk-5678bdc8.24abfb4e.css
IP 148.66.24.234:0
File type ASCII text, with no line terminators
Hash 4826c0d21823b611cfbb61020387358b
3439b00caffea796ac2f18144a9e15bce6c95804
baf60ad62d49e024d14c38ad5b4d9eba2d062249387c6c418300ab09329bcfb4
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /css/chunk-5678bdc8.24abfb4e.css HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:52 GMT
Content-Type: text/css
Content-Length: 110
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-6e"
Accept-Ranges: bytes
www.amazon395.com/api/poster/notice
148.66.24.234200 OK 10 B URL HTTP/1.1 www.amazon395.com/api/poster/notice
IP 148.66.24.234:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b9e754add75d51d888ce7585dc9dfe41
0fd53114199a1a46e887032b7efa05f1fd74c807
7a97b9b4d758a3929b8a2be53fbe189c9ba9378d6fbb8190d37f7cc14f5cf5d3
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /api/poster/notice HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
X-USER-TOKEN: undefined
Connection: keep-alive
Referer: https://www.amazon395.com/m/index
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:52 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
www.amazon395.com/api/banner/list
148.66.24.234200 OK 630 B URL HTTP/1.1 www.amazon395.com/api/banner/list
IP 148.66.24.234:0
File type JSON data\012- , ASCII text, with very long lines (630), with no line terminators
Hash 3223a9e337387c89c9e7af793a90aebc
23196f5d96e769f945d981abaff76b852ce427ae
968bfc88ed16ef090e147b074c09dd30fa4bd5a272f113344555417e5c2e8007
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /api/banner/list HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
X-USER-TOKEN: undefined
Connection: keep-alive
Referer: https://www.amazon395.com/m/index
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:52 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
www.amazon395.com/api/userLevel/list
148.66.24.234200 OK 10 B URL HTTP/1.1 www.amazon395.com/api/userLevel/list
IP 148.66.24.234:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b9e754add75d51d888ce7585dc9dfe41
0fd53114199a1a46e887032b7efa05f1fd74c807
7a97b9b4d758a3929b8a2be53fbe189c9ba9378d6fbb8190d37f7cc14f5cf5d3
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /api/userLevel/list HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
X-USER-TOKEN: undefined
Connection: keep-alive
Referer: https://www.amazon395.com/m/index
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:52 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
www.amazon395.com/api/poster/homeList
148.66.24.234200 OK 948 B URL HTTP/1.1 www.amazon395.com/api/poster/homeList
IP 148.66.24.234:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (914), with no line terminators
Hash c60e770ebecbc5a17d8e2212b7db040e
cbdd5bee004d98152e13ab0a1285bb497109722b
8e6cc1a24397bec688ae6f79d6ab6b78fc1a32b6d5647c02315ef28376ff6968
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
POST /api/poster/homeList HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
X-USER-TOKEN: undefined
Origin: https://www.amazon395.com
Connection: keep-alive
Referer: https://www.amazon395.com/m/index
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:52 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
www.amazon395.com/static/country/en.png
148.66.24.234200 OK 2.4 kB URL HTTP/1.1 www.amazon395.com/static/country/en.png
IP 148.66.24.234:0
File type PNG image data, 151 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash e6cbb60ed6688551f887619d1dac8409
eb9aab9aae2965ca1b6b03b3525a6b37cfa108ba
1381be5e8673bb2f021b77fcd5a664beed6a0d89cf057fee421fa4f634f4c1e9
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /static/country/en.png HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amazon395.com/m/index
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:52 GMT
Content-Type: image/png
Content-Length: 2390
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-956"
Accept-Ranges: bytes
www.amazon395.com/static/customer/kf.png
148.66.24.234200 OK 11 kB URL HTTP/1.1 www.amazon395.com/static/customer/kf.png
IP 148.66.24.234:0
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash f7d80a98f6b59aaf05ab54c405bffe89
db5cfc26f716a362d10f81633934d9f01c523ae7
ab41101111ba6bf6ecb5ef0aa35ae339cb7b2f09517eff9914dd69c65271ee03
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /static/customer/kf.png HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amazon395.com/m/index
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:52 GMT
Content-Type: image/png
Content-Length: 10556
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-293c"
Accept-Ranges: bytes
www.amazon395.com/api/commission/list
148.66.24.234200 OK 27 kB URL HTTP/1.1 www.amazon395.com/api/commission/list
IP 148.66.24.234:0
File type JSON data\012- , ASCII text, with very long lines (26950), with no line terminators
Hash 579c2463131e6053973525fb38539941
0286983d9870bd113a93442b7a1cc1129b211a5b
242aabcd52fa4cd215e21e5ac451828a1fcff0110c6138e9f9b4cca7fc745daa
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /api/commission/list HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
X-USER-TOKEN: undefined
Connection: keep-alive
Referer: https://www.amazon395.com/m/index
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:52 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
www.amazon395.com/static/mobile/link/1.png
148.66.24.234200 OK 19 kB URL HTTP/1.1 www.amazon395.com/static/mobile/link/1.png
IP 148.66.24.234:0
File type PNG image data, 220 x 136, 8-bit/color RGBA, non-interlaced\012- data
Hash 3959345f02bfd3d6d23caea239421486
6b3a7d485bf821b44756370daafe7887eac3faef
9c31875158648f5fd608decaa75ef24630d45a12a9950f301fce4ac2814c827f
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /static/mobile/link/1.png HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amazon395.com/m/index
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:52 GMT
Content-Type: image/png
Content-Length: 18722
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-4922"
Accept-Ranges: bytes
www.amazon395.com/static/mobile/link/2.png
148.66.24.234200 OK 36 kB URL HTTP/1.1 www.amazon395.com/static/mobile/link/2.png
IP 148.66.24.234:0
File type PNG image data, 220 x 136, 8-bit/color RGBA, non-interlaced\012- data
Hash ff2583db35c4acd87cbf195af9e9b202
accfcd83b3d9f5de5aefe233ab1add6f800486c4
8ce9d693209b66c96c19a29f83c57bf0389d81fc8e5ce4dcea63a4cc2c821928
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /static/mobile/link/2.png HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amazon395.com/m/index
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:52 GMT
Content-Type: image/png
Content-Length: 36342
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-8df6"
Accept-Ranges: bytes
www.amazon395.com/static/mobile/link/3.png
148.66.24.234200 OK 8.9 kB URL HTTP/1.1 www.amazon395.com/static/mobile/link/3.png
IP 148.66.24.234:0
File type PNG image data, 220 x 136, 8-bit/color RGBA, non-interlaced\012- data
Hash e4a31cebcd48ee42064cf018c7f7ca39
cfdfe2bc0addceae1a278b3200f26e892442a012
4817a82e06c2b1293ba0c004e25171fad0907185d9f908071da98073c97af82e
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /static/mobile/link/3.png HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amazon395.com/m/index
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:52 GMT
Content-Type: image/png
Content-Length: 8867
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-22a3"
Accept-Ranges: bytes
www.amazon395.com/static/mobile/link/4.png
148.66.24.234200 OK 6.5 kB URL HTTP/1.1 www.amazon395.com/static/mobile/link/4.png
IP 148.66.24.234:0
File type PNG image data, 220 x 136, 8-bit/color RGBA, non-interlaced\012- data
Hash f8f831ea05790e70229847bdded8073e
10cb798a5a3b8a15f053cf23617f908982dc8651
60f0bef1d94953c9a8d6e3ddb33b2ded547e7d5e69a90abddb580bf00ae3d697
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /static/mobile/link/4.png HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amazon395.com/m/index
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:52 GMT
Content-Type: image/png
Content-Length: 6495
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-195f"
Accept-Ranges: bytes
www.amazon395.com/static/mobile/link/6.png
148.66.24.234200 OK 14 kB URL HTTP/1.1 www.amazon395.com/static/mobile/link/6.png
IP 148.66.24.234:0
File type PNG image data, 220 x 136, 8-bit/color RGBA, non-interlaced\012- data
Hash 567f222c91a0adf2736760e9bd1ebf4e
8f8df5a135c97c0b14c0fb5573ca00e822a19e9b
cee5b962a078c675d90e9a0f9cefda41478d9a93e80ee69a0131e8931a531aef
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /static/mobile/link/6.png HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amazon395.com/m/index
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:52 GMT
Content-Type: image/png
Content-Length: 14547
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-38d3"
Accept-Ranges: bytes
www.amazon395.com/static/mobile/home/ic_recharge.png
148.66.24.234200 OK 5.3 kB URL HTTP/1.1 www.amazon395.com/static/mobile/home/ic_recharge.png
IP 148.66.24.234:0
File type PNG image data, 88 x 88, 8-bit/color RGBA, non-interlaced\012- data
Hash 4b2c9005ff99756304faef3c4ff5ea48
08a7267332c03d7be5085eeed922fc2b24877551
3c2b701213291eea397239d25d29bf856dbbfc98aec1ff8d4c53b640b906330d
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /static/mobile/home/ic_recharge.png HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amazon395.com/m/index
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:52 GMT
Content-Type: image/png
Content-Length: 5306
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-14ba"
Accept-Ranges: bytes
www.amazon395.com/logo.png
148.66.24.234200 OK 98 kB URL HTTP/1.1 www.amazon395.com/logo.png
IP 148.66.24.234:0
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash 3a035d2e14ab01bde61f430094628e25
a27791e6d9b982ab6aa9ef38fc1a901be69bff8a
95b95954cb8a3da005ffe4fa1765ee52a4716670467bf8685f227be5e360a51b
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /logo.png HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amazon395.com/m/index
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:52 GMT
Content-Type: image/png
Content-Length: 97844
Last-Modified: Mon, 05 Sep 2022 11:54:53 GMT
Connection: keep-alive
ETag: "6315e38d-17e34"
Accept-Ranges: bytes
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 6cfd4eeffe36559eaa8d86c4b99192c8
9b249cc601c34443ace052edcc17906ed97bf382
f1314cc2accde71da377f021ecfb10a82ba37c650bd111a7b01e544c494b857e
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 19:11:52 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Sun, 04 Sep 2022 07:57:18 GMT
Expires: Sun, 11 Sep 2022 07:57:17 GMT
Etag: "9b249cc601c34443ace052edcc17906ed97bf382"
Cache-Control: max-age=477324,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 746145f31a18fac8-OSL
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 6cfd4eeffe36559eaa8d86c4b99192c8
9b249cc601c34443ace052edcc17906ed97bf382
f1314cc2accde71da377f021ecfb10a82ba37c650bd111a7b01e544c494b857e
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 19:11:52 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Sun, 04 Sep 2022 07:57:18 GMT
Expires: Sun, 11 Sep 2022 07:57:17 GMT
Etag: "9b249cc601c34443ace052edcc17906ed97bf382"
Cache-Control: max-age=477324,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 746145f3482c1c0e-OSL
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 6cfd4eeffe36559eaa8d86c4b99192c8
9b249cc601c34443ace052edcc17906ed97bf382
f1314cc2accde71da377f021ecfb10a82ba37c650bd111a7b01e544c494b857e
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 19:11:52 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Sun, 04 Sep 2022 07:57:18 GMT
Expires: Sun, 11 Sep 2022 07:57:17 GMT
Etag: "9b249cc601c34443ace052edcc17906ed97bf382"
Cache-Control: max-age=477324,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 746145f34f87b509-OSL
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 6cfd4eeffe36559eaa8d86c4b99192c8
9b249cc601c34443ace052edcc17906ed97bf382
f1314cc2accde71da377f021ecfb10a82ba37c650bd111a7b01e544c494b857e
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 19:11:52 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Sun, 04 Sep 2022 07:57:18 GMT
Expires: Sun, 11 Sep 2022 07:57:17 GMT
Etag: "9b249cc601c34443ace052edcc17906ed97bf382"
Cache-Control: max-age=477324,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 746145f34f8db509-OSL
zerossl.ocsp.sectigo.com/
104.18.32.68200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 104.18.32.68:0
Hash 6cfd4eeffe36559eaa8d86c4b99192c8
9b249cc601c34443ace052edcc17906ed97bf382
f1314cc2accde71da377f021ecfb10a82ba37c650bd111a7b01e544c494b857e
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 19:11:52 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Sun, 04 Sep 2022 07:57:18 GMT
Expires: Sun, 11 Sep 2022 07:57:17 GMT
Etag: "9b249cc601c34443ace052edcc17906ed97bf382"
Cache-Control: max-age=477324,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 746145f348a9b4f4-OSL
www.amazon395.com/static/mobile/home/ic_withdraw.png
148.66.24.234200 OK 5.2 kB URL HTTP/1.1 www.amazon395.com/static/mobile/home/ic_withdraw.png
IP 148.66.24.234:0
File type PNG image data, 88 x 88, 8-bit/color RGBA, non-interlaced\012- data
Hash 9a75fc569b8f4ecea7026516d4b5dd52
516f53b7cc6839eedd60da4a1a11473ab4260c4e
69a67733a115e7d5eb1207a708519d220e39badd1b105968e7f4c47312294a43
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /static/mobile/home/ic_withdraw.png HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amazon395.com/m/index
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:52 GMT
Content-Type: image/png
Content-Length: 5218
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-1462"
Accept-Ranges: bytes
www.amazon395.com/static/mobile/home/ic_invite.png
148.66.24.234200 OK 3.2 kB URL HTTP/1.1 www.amazon395.com/static/mobile/home/ic_invite.png
IP 148.66.24.234:0
File type PNG image data, 89 x 89, 8-bit/color RGBA, non-interlaced\012- data
Hash d73ff53d803db37cbab27a5ebc1d26d3
b00816d9b06adffbdaa0273e2925190df5eb964d
18b8a075156603bc63109ed5488517007e71285a75e7c27b800f8a4fb08e3856
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /static/mobile/home/ic_invite.png HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amazon395.com/m/index
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:52 GMT
Content-Type: image/png
Content-Length: 3173
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-c65"
Accept-Ranges: bytes
www.amazon395.com/css/chunk-593609a0.45638c85.css
148.66.24.234200 OK 814 B URL HTTP/1.1 www.amazon395.com/css/chunk-593609a0.45638c85.css
IP 148.66.24.234:0
File type ASCII text, with very long lines (814), with no line terminators
Hash c562724e59a541aebfe04c525ff954d1
4dc91de6d3f446d7eed5de66bf306c55df5debb9
5c479342ccff72dfa1a1301bb83f41bc9701b5e4ae75e5cd82e76d712089504a
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /css/chunk-593609a0.45638c85.css HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:52 GMT
Content-Type: text/css
Content-Length: 814
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-32e"
Accept-Ranges: bytes
www.amazon395.com/css/chunk-5a8e73c2.d6cbf527.css
148.66.24.234200 OK 110 B URL HTTP/1.1 www.amazon395.com/css/chunk-5a8e73c2.d6cbf527.css
IP 148.66.24.234:0
File type ASCII text, with no line terminators
Hash 2153da4264f32242de121444abf9d328
e68cac82149b124633cefae400b874126b6859cf
ee2dfdebbdf65785d7f3fefb8847ea83a9c8e7b194326dfbddd7f5a79d7e4b2d
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /css/chunk-5a8e73c2.d6cbf527.css HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:52 GMT
Content-Type: text/css
Content-Length: 110
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-6e"
Accept-Ranges: bytes
www.amazon395.com/css/chunk-5b298104.4c6a5c84.css
148.66.24.234200 OK 468 B URL HTTP/1.1 www.amazon395.com/css/chunk-5b298104.4c6a5c84.css
IP 148.66.24.234:0
File type ASCII text, with very long lines (468), with no line terminators
Hash 4a21387562697cf1a28531fc14057c63
c9ef8e726b87aabc08c4d7c0f7ff51462bf9ed3e
5492ee04d519ad0e0aa6e08eead558203a9bd5ca23a5d59d0c7537295c48c444
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /css/chunk-5b298104.4c6a5c84.css HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:52 GMT
Content-Type: text/css
Content-Length: 468
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-1d4"
Accept-Ranges: bytes
www.amazon395.com/css/chunk-5bccf0cc.392feade.css
148.66.24.234200 OK 148 B URL HTTP/1.1 www.amazon395.com/css/chunk-5bccf0cc.392feade.css
IP 148.66.24.234:0
File type ASCII text, with no line terminators
Hash 40dc9d26dad52b1b66ca4857e06ef8b6
7b06aa0c56fbf952c6837cefaebbdec35052ecaa
dc1c0bdad47e2cd279c3c2287cd99c0521e2db8bcda3b4622dddffd154ef9e2b
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /css/chunk-5bccf0cc.392feade.css HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:53 GMT
Content-Type: text/css
Content-Length: 148
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-94"
Accept-Ranges: bytes
www.amazon395.com/css/chunk-65c9aad8.934d31d9.css
148.66.24.234200 OK 535 B URL HTTP/1.1 www.amazon395.com/css/chunk-65c9aad8.934d31d9.css
IP 148.66.24.234:0
File type ASCII text, with very long lines (535), with no line terminators
Hash 406ace4154ab30ec99644507211e4798
4e139c0237a2fb62014c0be6816989204051b582
9934eef2f0c2521b808cec8ff32a6712faec6b45e3f72dbf3d1f0b6ff981d711
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /css/chunk-65c9aad8.934d31d9.css HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:53 GMT
Content-Type: text/css
Content-Length: 535
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-217"
Accept-Ranges: bytes
www.amazon395.com/static/mobile/link/5.png
148.66.24.234200 OK 171 kB URL HTTP/1.1 www.amazon395.com/static/mobile/link/5.png
IP 148.66.24.234:0
File type PNG image data, 1280 x 787, 8-bit/color RGB, non-interlaced\012- data
Size 171 kB (170760 bytes)
Hash 3538a9a9a89770cad812edb2d87de2b2
957d283b14f54810cc577faa7c77c524f90594f8
01de4eb97bf2c6732714fb99c69556136603d778ebc612597388f9f22674f8d3
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /static/mobile/link/5.png HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amazon395.com/m/index
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:52 GMT
Content-Type: image/png
Content-Length: 170760
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-29b08"
Accept-Ranges: bytes
www.amazon395.com/css/chunk-6bd3a640.0acff59b.css
148.66.24.234200 OK 243 B URL HTTP/1.1 www.amazon395.com/css/chunk-6bd3a640.0acff59b.css
IP 148.66.24.234:0
File type ASCII text, with no line terminators
Hash b60b945f548c175eb495b8ff48a7f2b2
81f18155536bd059a6c521cea2b954fb8f7b328a
dcfb68dd127c7212b5fc9e151afc855c1a9ff00000a4db1e4c19415d0f55a3d5
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /css/chunk-6bd3a640.0acff59b.css HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:53 GMT
Content-Type: text/css
Content-Length: 243
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-f3"
Accept-Ranges: bytes
amazon395.com/api//file/cfg/202209/04/321255823562486fbd36f260306321e5_file
148.66.24.234200 OK 3.6 kB URL HTTP/1.1 amazon395.com/api//file/cfg/202209/04/321255823562486fbd36f260306321e5_file
IP 148.66.24.234:0
File type PNG image data, 90 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash 1d887f6301dad442c92809a30aa8a13f
9e52ac9c02e6d8caeb490469cb977d9335486ef1
7964f1ef06e267a42833e31402676b5b52227c2a5f5473d017c45f2047b9e656
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /api//file/cfg/202209/04/321255823562486fbd36f260306321e5_file HTTP/1.1
Host: amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:53 GMT
Content-Type: application/octet-stream
Content-Length: 3557
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Sun, 04 Sep 2022 10:49:28 GMT
Accept-Ranges: bytes
amazon395.com/api//file/cfg/202209/04/8510429437514ae09e5c4d35326fff08_file
148.66.24.234200 OK 2.2 kB URL HTTP/1.1 amazon395.com/api//file/cfg/202209/04/8510429437514ae09e5c4d35326fff08_file
IP 148.66.24.234:0
File type PNG image data, 90 x 89, 8-bit/color RGBA, non-interlaced\012- data
Hash b9aa2bafb22abd29550b9f1902ea932f
1a5a9292082a1559e918026ec8cc25352df74528
877ba514034aa229ac529fd19dd9fe9e3f1c25c5475a66e03a3faab5c0af0a05
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /api//file/cfg/202209/04/8510429437514ae09e5c4d35326fff08_file HTTP/1.1
Host: amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:53 GMT
Content-Type: application/octet-stream
Content-Length: 2230
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Sun, 04 Sep 2022 10:50:20 GMT
Accept-Ranges: bytes
amazon395.com/api//file/cfg/202209/04/097eae600fce4883aa90d61ce8bf2948_file
148.66.24.234200 OK 3.9 kB URL HTTP/1.1 amazon395.com/api//file/cfg/202209/04/097eae600fce4883aa90d61ce8bf2948_file
IP 148.66.24.234:0
File type PNG image data, 89 x 89, 8-bit/color RGBA, non-interlaced\012- data
Hash d24c58bc85b0a5411d51747cd5daccea
ee0c09639b41fc73190dfa3d4b22bcebad71a260
32ab3f7c74869f1b10b52b187a99ed56eb862c1cadc4435c11e770a6fb99d594
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /api//file/cfg/202209/04/097eae600fce4883aa90d61ce8bf2948_file HTTP/1.1
Host: amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:53 GMT
Content-Type: application/octet-stream
Content-Length: 3921
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Sun, 04 Sep 2022 10:50:54 GMT
Accept-Ranges: bytes
amazon395.com/api//file/cfg/202209/04/ad0bb140eb924af0a1f2796e6c27480c_file
148.66.24.234200 OK 83 kB URL HTTP/1.1 amazon395.com/api//file/cfg/202209/04/ad0bb140eb924af0a1f2796e6c27480c_file
IP 148.66.24.234:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1056x816, components 3\012- data
Hash b66c0ee1b329db2bdf4c1e2cb708a7c7
28f94555b14ab0812adb3dc745590d41de8d7b05
c6fe13d9ce9176cba7df958cd9338833863f2377956ce2d69f4c9cea1cd27302
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /api//file/cfg/202209/04/ad0bb140eb924af0a1f2796e6c27480c_file HTTP/1.1
Host: amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:53 GMT
Content-Type: application/octet-stream
Content-Length: 82997
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Sun, 04 Sep 2022 10:52:21 GMT
Accept-Ranges: bytes
www.amazon395.com/favicon.ico
148.66.24.234200 OK 17 kB URL HTTP/1.1 www.amazon395.com/favicon.ico
IP 148.66.24.234:0
File type MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel\012- data
Hash 1ec4121e87f720075b9501f34862f520
8f9e0048a178ba8ce93e4f8f2c095722afe34318
392791a96d270f8c67a5e6bd88f3f96049b279d6f7b9aa3e76f153fbec1dbe0c
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:53 GMT
Content-Type: image/x-icon
Content-Length: 16958
Last-Modified: Mon, 05 Sep 2022 11:54:53 GMT
Connection: keep-alive
ETag: "6315e38d-423e"
Accept-Ranges: bytes
amazon395.com/api//file/cfg/202209/04/fbec47c171ac4458834d04c04ae70160_file
148.66.24.234200 OK 209 kB URL HTTP/1.1 amazon395.com/api//file/cfg/202209/04/fbec47c171ac4458834d04c04ae70160_file
IP 148.66.24.234:0
File type PNG image data, 996 x 595, 8-bit/color RGB, non-interlaced\012- data
Size 209 kB (208742 bytes)
Hash 5d20e24f78732c0a2f3e7f207044ef0a
a8ccf7fce75fcfc5e1154a6759bef8dc674d0553
ddf8a8925b8218edf3aa9a652f5b7993d16106210b125a7b4132833486ddeceb
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /api//file/cfg/202209/04/fbec47c171ac4458834d04c04ae70160_file HTTP/1.1
Host: amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:53 GMT
Content-Type: application/octet-stream
Content-Length: 208742
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Sun, 04 Sep 2022 09:43:52 GMT
Accept-Ranges: bytes
www.amazon395.com/css/chunk-72e30129.2cdbb9b2.css
148.66.24.234200 OK 150 B URL HTTP/1.1 www.amazon395.com/css/chunk-72e30129.2cdbb9b2.css
IP 148.66.24.234:0
File type ASCII text, with no line terminators
Hash 2037a272dcf29c3ad9947d030003533f
3e0ae32d86c4187b90c8e0f835ce9e37c1f29304
14f9f16b6c4c8851e314a8b58dd16a44bc8df72786c982d0ba272a35ba8062ca
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /css/chunk-72e30129.2cdbb9b2.css HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:54 GMT
Content-Type: text/css
Content-Length: 150
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-96"
Accept-Ranges: bytes
www.amazon395.com/css/chunk-74b46939.e184cd4f.css
148.66.24.234200 OK 7.4 kB URL HTTP/1.1 www.amazon395.com/css/chunk-74b46939.e184cd4f.css
IP 148.66.24.234:0
File type ASCII text, with very long lines (7412), with no line terminators
Hash d845105b1d55341039727c3ce0c585b2
8891d7a20368961f928c807ba93980338e49637c
3e19ff53faf67b8c8dca923924334ea7d80088042d3b10a5eb00240d8a01e653
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /css/chunk-74b46939.e184cd4f.css HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:54 GMT
Content-Type: text/css
Content-Length: 7412
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-1cf4"
Accept-Ranges: bytes
www.amazon395.com/css/chunk-74d1c393.2928084f.css
148.66.24.234200 OK 1.3 kB URL HTTP/1.1 www.amazon395.com/css/chunk-74d1c393.2928084f.css
IP 148.66.24.234:0
File type ASCII text, with very long lines (1298), with no line terminators
Hash 1fe245f2830b10534ae77924560ec401
1feacb8014a296352318b1697944b097d55ba92b
a7bf0d2d8a328645eb9822334530a707baf64fac7625855b717fedbfb321525c
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /css/chunk-74d1c393.2928084f.css HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:54 GMT
Content-Type: text/css
Content-Length: 1298
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-512"
Accept-Ranges: bytes
www.amazon395.com/css/chunk-7c914548.4b8c770c.css
148.66.24.234200 OK 242 B URL HTTP/1.1 www.amazon395.com/css/chunk-7c914548.4b8c770c.css
IP 148.66.24.234:0
File type ASCII text, with no line terminators
Hash 0861166a0991a0870c40f1103fe4b507
1fe34a047af3bad221c26f98f01fc28c54bfeb93
37d8d38819875bfd0c1f929fc313743770fd1dca7422f54fcc6640690dba9c94
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /css/chunk-7c914548.4b8c770c.css HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:54 GMT
Content-Type: text/css
Content-Length: 242
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-f2"
Accept-Ranges: bytes
www.amazon395.com/css/chunk-78b33406.275ac1cb.css
148.66.24.234200 OK 1.9 kB URL HTTP/1.1 www.amazon395.com/css/chunk-78b33406.275ac1cb.css
IP 148.66.24.234:0
File type ASCII text, with very long lines (1880), with no line terminators
Hash d61caea955bb7f62f0f13c97b0dd30ad
c58f86d51ae987f5bdb40e55d2cc83fb75f009c9
07275ea7bf3c94420b66c88f538f81fc0b21065409736764e32ab9d7c2d26bc3
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /css/chunk-78b33406.275ac1cb.css HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:54 GMT
Content-Type: text/css
Content-Length: 1880
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-758"
Accept-Ranges: bytes
amazon395.com/api//file/cfg/202209/04/284235a67d3c43e8978ab54a1650b9f9_file
148.66.24.234200 OK 287 kB URL HTTP/1.1 amazon395.com/api//file/cfg/202209/04/284235a67d3c43e8978ab54a1650b9f9_file
IP 148.66.24.234:0
File type PNG image data, 996 x 595, 8-bit/color RGB, non-interlaced\012- data
Size 287 kB (286712 bytes)
Hash 450f5a5514206c6ccf10e6ae4025eccd
e5fb97baf977000609d28e826ad21baa425aa309
caeee37bff9159df4a8dcb6127498681f831513b4c5150b674cc9df0d8d251f0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /api//file/cfg/202209/04/284235a67d3c43e8978ab54a1650b9f9_file HTTP/1.1
Host: amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:53 GMT
Content-Type: application/octet-stream
Content-Length: 286712
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Sun, 04 Sep 2022 09:44:16 GMT
Accept-Ranges: bytes
www.amazon395.com/css/chunk-7e56bba3.706c33d3.css
148.66.24.234200 OK 110 B URL HTTP/1.1 www.amazon395.com/css/chunk-7e56bba3.706c33d3.css
IP 148.66.24.234:0
File type ASCII text, with no line terminators
Hash 580d74fff6e1cb4132d09262d18ed748
4157be4fccd9feb95de2e8997d5d3a27ed891b76
3f423d01ab63da646416801cb8d52fd22cd0d0b395cff6f10df2c5fe20fd69fc
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /css/chunk-7e56bba3.706c33d3.css HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:54 GMT
Content-Type: text/css
Content-Length: 110
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-6e"
Accept-Ranges: bytes
amazon395.com/api//file/cfg/202209/04/2f83a0b483d94604a15ea6a9466d5f77_file
148.66.24.234200 OK 301 kB URL HTTP/1.1 amazon395.com/api//file/cfg/202209/04/2f83a0b483d94604a15ea6a9466d5f77_file
IP 148.66.24.234:0
File type PNG image data, 996 x 595, 8-bit/color RGB, non-interlaced\012- data
Size 301 kB (300756 bytes)
Hash 2e8419a5f9d279f9f144a5e9ed1ab0b8
70edcff25a2d55b8774ebd2b5f69d3e80d472081
f5763978b591a93fe4732cc4ca7d5342ef40339236ee41196e32722f9ae787c8
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /api//file/cfg/202209/04/2f83a0b483d94604a15ea6a9466d5f77_file HTTP/1.1
Host: amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:53 GMT
Content-Type: application/octet-stream
Content-Length: 300756
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Last-Modified: Sun, 04 Sep 2022 09:44:33 GMT
Accept-Ranges: bytes
www.amazon395.com/css/chunk-864c9f86.b1b622f7.css
148.66.24.234200 OK 530 B URL HTTP/1.1 www.amazon395.com/css/chunk-864c9f86.b1b622f7.css
IP 148.66.24.234:0
File type ASCII text, with very long lines (530), with no line terminators
Hash b836fe1041becc2c774c71bd4a02bf84
d411df9055ccf582686c2c2de42f2e0332a805db
331d67a9d2d43b6190c61184f12e36518ab039f16bb4da2ae2c16b66113593f9
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /css/chunk-864c9f86.b1b622f7.css HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:54 GMT
Content-Type: text/css
Content-Length: 530
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-212"
Accept-Ranges: bytes
www.amazon395.com/css/chunk-a2246c7e.f35b2f63.css
148.66.24.234200 OK 229 B URL HTTP/1.1 www.amazon395.com/css/chunk-a2246c7e.f35b2f63.css
IP 148.66.24.234:0
File type ASCII text, with no line terminators
Hash 5570cddd29fef5d9aecb4092720d66bb
f4bb1a100befa60e52a220502c404eb27f629258
24b6de1e026e9e138700c87d2115eca6ac3408c53b4dadd85c0b8606524065d1
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /css/chunk-a2246c7e.f35b2f63.css HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:54 GMT
Content-Type: text/css
Content-Length: 229
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-e5"
Accept-Ranges: bytes
www.amazon395.com/css/chunk-b3282430.3388577b.css
148.66.24.234200 OK 1.8 kB URL HTTP/1.1 www.amazon395.com/css/chunk-b3282430.3388577b.css
IP 148.66.24.234:0
File type ASCII text, with very long lines (1830), with no line terminators
Hash 6c4a1fac1309b3358a9b8f9aedb43e2d
1ed4f013a8afa7e7f770ebe9c2b2e3f66aa3acbd
7e0d5597a3d64179f0ced7e3656bf5c473c46afa85760cdd5dcaaf13a2c12017
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /css/chunk-b3282430.3388577b.css HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:54 GMT
Content-Type: text/css
Content-Length: 1830
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-726"
Accept-Ranges: bytes
www.amazon395.com/css/chunk-bb257b66.125652ed.css
148.66.24.234200 OK 50 B URL HTTP/1.1 www.amazon395.com/css/chunk-bb257b66.125652ed.css
IP 148.66.24.234:0
File type ASCII text, with no line terminators
Hash eeee9f5d8ba489605b07316b16ef0ae6
fe087ebe961d0850ffe581b439343c74f69effcc
05430f7c4e7ee0dd6d0192ca770ec09651381ebe2ef1ce493905c4c2c16b1d7c
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /css/chunk-bb257b66.125652ed.css HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:54 GMT
Content-Type: text/css
Content-Length: 50
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-32"
Accept-Ranges: bytes
www.amazon395.com/css/chunk-bf633286.7e70caa5.css
148.66.24.234200 OK 245 B URL HTTP/1.1 www.amazon395.com/css/chunk-bf633286.7e70caa5.css
IP 148.66.24.234:0
File type ASCII text, with no line terminators
Hash 0127446eb5e3b150f70f7b5b1181d5df
c4c7af6ff7e8fa65a032da608bfcebb3076b4dc1
22156a316f11fec7d0ca366c4dddeab20c31714d7dcacf2fb8784f9fed154d8a
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /css/chunk-bf633286.7e70caa5.css HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:54 GMT
Content-Type: text/css
Content-Length: 245
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-f5"
Accept-Ranges: bytes
www.amazon395.com/css/chunk-9b40b756.2138719a.css
148.66.24.234200 OK 34 kB URL HTTP/1.1 www.amazon395.com/css/chunk-9b40b756.2138719a.css
IP 148.66.24.234:0
File type ASCII text, with very long lines (34317), with no line terminators
Hash e66d999eda1b11258621159d3f0854b9
ca1d59dd530e6b7bb83aeec105f15414f851e493
ae365af0fa9a030c5155d9634d3d9e3167a2ce80bfaf337c4c4ff47153f068fd
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /css/chunk-9b40b756.2138719a.css HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:54 GMT
Content-Type: text/css
Content-Length: 34317
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-860d"
Accept-Ranges: bytes
www.amazon395.com/css/chunk-e0cdb2a6.cf88e111.css
148.66.24.234200 OK 117 B URL HTTP/1.1 www.amazon395.com/css/chunk-e0cdb2a6.cf88e111.css
IP 148.66.24.234:0
File type ASCII text, with no line terminators
Hash 36e17529f840ea6b2e73a236fb0f6591
079ae0e6c74eddda345f0ada8e15b538227513b3
6b3015329d816a85ac802e6458ed2aee1a2b8bbb21d185d9c7deba1df2a15681
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /css/chunk-e0cdb2a6.cf88e111.css HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:54 GMT
Content-Type: text/css
Content-Length: 117
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-75"
Accept-Ranges: bytes
www.amazon395.com/css/chunk-e4aa7b9a.53bd11cc.css
148.66.24.234200 OK 117 B URL HTTP/1.1 www.amazon395.com/css/chunk-e4aa7b9a.53bd11cc.css
IP 148.66.24.234:0
File type ASCII text, with no line terminators
Hash 445e941dfb50df50cc3453570258047c
3c6f5abd1d6c75610f5b6149d4305342620addba
6a7aa1bd9cf15cac1c77ffc020039d7db5fee3db7e8cbc5e85bf21f2c75a8b8e
Analyzer Verdict Alert openphish Amazon.com Inc.
quad9 Sinkholed
GET /css/chunk-e4aa7b9a.53bd11cc.css HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:54 GMT
Content-Type: text/css
Content-Length: 117
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-75"
Accept-Ranges: bytes
www.amazon395.com/js/chunk-079fc55c.a4f2429b.js
148.66.24.234200 OK 5.4 kB URL HTTP/1.1 www.amazon395.com/js/chunk-079fc55c.a4f2429b.js
IP 148.66.24.234:0
File type Unicode text, UTF-8 text, with very long lines (5305), with no line terminators
Hash 6ba8d8183b3b80be71d753785313e913
eff3bf378f82ff3a13e239ed310c14b246bf1082
9dafaa314dd893c4f55cafe7f30d83a76d00e3de0661ae1aa1cb5f53dfc2768b
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /js/chunk-079fc55c.a4f2429b.js HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:54 GMT
Content-Type: application/javascript
Content-Length: 5417
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-1529"
Accept-Ranges: bytes
www.amazon395.com/js/chunk-0c38294e.e70b19e3.js
148.66.24.234200 OK 8.1 kB URL HTTP/1.1 www.amazon395.com/js/chunk-0c38294e.e70b19e3.js
IP 148.66.24.234:0
File type Unicode text, UTF-8 text, with very long lines (7999), with no line terminators
Hash c9742696c896aa04721775eb4a9b8642
051dbf93276be5ca349bc739e7b52f91264b0196
652172cf2aadadfda3af23d1a70fccdff6b8995bfa0e713a1096df53813a0183
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /js/chunk-0c38294e.e70b19e3.js HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:54 GMT
Content-Type: application/javascript
Content-Length: 8099
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-1fa3"
Accept-Ranges: bytes
www.amazon395.com/js/chunk-0cb2b90c.078b451b.js
148.66.24.234200 OK 2.9 kB URL HTTP/1.1 www.amazon395.com/js/chunk-0cb2b90c.078b451b.js
IP 148.66.24.234:0
File type ASCII text, with very long lines (2926), with no line terminators
Hash f8ae8f4a65af28c701bf14d8c27f98f1
3b02b181c0fa583762aba5b173cf24ed7dedc112
7b6e219f763ab1efcf6b455f98471af16f1e3d6e06426c141139d75265c2c823
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /js/chunk-0cb2b90c.078b451b.js HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:54 GMT
Content-Type: application/javascript
Content-Length: 2926
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-b6e"
Accept-Ranges: bytes
www.amazon395.com/js/chunk-11d62038.65860f65.js
148.66.24.234200 OK 2.9 kB URL HTTP/1.1 www.amazon395.com/js/chunk-11d62038.65860f65.js
IP 148.66.24.234:0
File type ASCII text, with very long lines (2879), with no line terminators
Hash 922af09907a7da912955dbb1ab974767
bbcf060c7eac5cae251a44cab5abba3124b23b3b
553599d2a1d322d331ee58ec177de1ed3e7870bf01267876e18b5de2d031c6a4
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /js/chunk-11d62038.65860f65.js HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:54 GMT
Content-Type: application/javascript
Content-Length: 2879
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-b3f"
Accept-Ranges: bytes
www.amazon395.com/js/chunk-1d2fb29c.3915c17c.js
148.66.24.234200 OK 6.0 kB URL HTTP/1.1 www.amazon395.com/js/chunk-1d2fb29c.3915c17c.js
IP 148.66.24.234:0
File type Unicode text, UTF-8 text, with very long lines (5832), with no line terminators
Hash 1d1fe4a04bd2e8d04c803d66709b0806
0e427617a0ced428a2a4ee157b676e24b71888f8
0040a90074b4cad11c5bf1b0eb78f36c7187d723b110c45dcfc4ea881d02cffc
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /js/chunk-1d2fb29c.3915c17c.js HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:54 GMT
Content-Type: application/javascript
Content-Length: 5986
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-1762"
Accept-Ranges: bytes
www.amazon395.com/js/chunk-23b8f8b8.96f369d0.js
148.66.24.234200 OK 9.1 kB URL HTTP/1.1 www.amazon395.com/js/chunk-23b8f8b8.96f369d0.js
IP 148.66.24.234:0
File type Unicode text, UTF-8 text, with very long lines (9013), with no line terminators
Hash 55f20a6142aa4bb3b17708b84cfadd3a
934c11103dd26d08dc02e589dc6e30bf9567ee26
d53478da39c23159ae1112d46d676e8577fa32a6526647131beaa32990ea409e
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /js/chunk-23b8f8b8.96f369d0.js HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:54 GMT
Content-Type: application/javascript
Content-Length: 9065
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-2369"
Accept-Ranges: bytes
www.amazon395.com/js/chunk-2923bc8b.9eb3e835.js
148.66.24.234200 OK 12 kB URL HTTP/1.1 www.amazon395.com/js/chunk-2923bc8b.9eb3e835.js
IP 148.66.24.234:0
File type Unicode text, UTF-8 text, with very long lines (11847), with no line terminators
Hash 233237186f86946f02bc56d001c7bfb7
afe13d024dac7a2fe080c9c393653f7f535c80ef
f2a0687f3e07bcea1bad0ac478a9692841e546e3f588dadd468c6d692e7e4d69
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /js/chunk-2923bc8b.9eb3e835.js HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:54 GMT
Content-Type: application/javascript
Content-Length: 11981
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-2ecd"
Accept-Ranges: bytes
www.amazon395.com/js/chunk-2d0b5a45.184bd483.js
148.66.24.234200 OK 3.0 kB URL HTTP/1.1 www.amazon395.com/js/chunk-2d0b5a45.184bd483.js
IP 148.66.24.234:0
File type Unicode text, UTF-8 text, with very long lines (3019), with no line terminators
Hash 0158b5004d1a0da0bc03f39a524f23a2
83a2d9a3acc9ce1eceb0ff47d576e48ae8089ed5
4d3e9823bcc84d87ec1ad9b2d1f8ae5ffb1120b41add90526aabebf1b1ae7716
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /js/chunk-2d0b5a45.184bd483.js HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:54 GMT
Content-Type: application/javascript
Content-Length: 3035
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-bdb"
Accept-Ranges: bytes
www.amazon395.com/js/chunk-2930a3e9.a7265ec3.js
148.66.24.234200 OK 16 kB URL HTTP/1.1 www.amazon395.com/js/chunk-2930a3e9.a7265ec3.js
IP 148.66.24.234:0
File type Unicode text, UTF-8 text, with very long lines (16222), with no line terminators
Hash a25d45d298a8a0fb5a958c2847ff3295
d969ac827caa95974a284faebb5f08d500cb3bf3
0be46a661ced30185fd59f448df04225a83a40237d19f01cba95ca9adb913de4
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /js/chunk-2930a3e9.a7265ec3.js HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:54 GMT
Content-Type: application/javascript
Content-Length: 16416
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-4020"
Accept-Ranges: bytes
www.amazon395.com/js/chunk-2d0c0c19.b63b8738.js
148.66.24.234200 OK 5.1 kB URL HTTP/1.1 www.amazon395.com/js/chunk-2d0c0c19.b63b8738.js
IP 148.66.24.234:0
File type ASCII text, with very long lines (5079), with no line terminators
Hash 2e74b34e477f8d76a1ff084d6b2757b9
403f165e39e2efe968691279e9155f2ea4e1c5a4
435a5e33fe6013e79194bc79ae65a4c81f439f4ce17b76f118285f45935f5568
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /js/chunk-2d0c0c19.b63b8738.js HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:54 GMT
Content-Type: application/javascript
Content-Length: 5079
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-13d7"
Accept-Ranges: bytes
www.amazon395.com/js/chunk-2d0d2ed4.697eeba4.js
148.66.24.234200 OK 9.5 kB URL HTTP/1.1 www.amazon395.com/js/chunk-2d0d2ed4.697eeba4.js
IP 148.66.24.234:0
File type Unicode text, UTF-8 text, with very long lines (9456), with no line terminators
Hash c64d36f2ecc763c8153c3166ab33146c
160fd4a2522d69ad17b87f07a8c8d5183e570f5f
a15ba287316e693021d7015c91579b1833a87e78faaf058878b6162fc10d68ca
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /js/chunk-2d0d2ed4.697eeba4.js HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:54 GMT
Content-Type: application/javascript
Content-Length: 9474
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-2502"
Accept-Ranges: bytes
www.amazon395.com/js/chunk-2d0d5c22.79b1baaf.js
148.66.24.234200 OK 5.2 kB URL HTTP/1.1 www.amazon395.com/js/chunk-2d0d5c22.79b1baaf.js
IP 148.66.24.234:0
File type ASCII text, with very long lines (5180), with no line terminators
Hash d081dec0ec01128ae382fb02d8e6343b
fa0ebcc0d197bb74f89c2cb9bbb3a1f41f79f9eb
aeeaf752e5a96482d5ac4d312521da15546923f9dee727b4790b5c41836c6f67
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /js/chunk-2d0d5c22.79b1baaf.js HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:54 GMT
Content-Type: application/javascript
Content-Length: 5180
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-143c"
Accept-Ranges: bytes
www.amazon395.com/js/chunk-2d0e923e.6aa3dbc7.js
148.66.24.234200 OK 5.4 kB URL HTTP/1.1 www.amazon395.com/js/chunk-2d0e923e.6aa3dbc7.js
IP 148.66.24.234:0
File type ASCII text, with very long lines (5385), with no line terminators
Hash d5cd87ab17366c2679af4d69f6751c1d
6d5bf48d76809969f98950d80b630d7c636b2e37
65128ef0045ccc6a1481c15c7dc890c7ebb0db1f23e3e4df1b3a578877e74510
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /js/chunk-2d0e923e.6aa3dbc7.js HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:54 GMT
Content-Type: application/javascript
Content-Length: 5385
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-1509"
Accept-Ranges: bytes
www.amazon395.com/js/chunk-2d207f61.7860da10.js
148.66.24.234200 OK 2.8 kB URL HTTP/1.1 www.amazon395.com/js/chunk-2d207f61.7860da10.js
IP 148.66.24.234:0
File type Unicode text, UTF-8 text, with very long lines (2810), with no line terminators
Hash 5d5853f8ec0cde539ce763401ca0c51e
5f292c101d735223fe1882e566fd681667edcf3e
a267e50a53041ba1db5e6a8d0f7ab13c9485b2ce7657f9a0543d844d08f74991
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /js/chunk-2d207f61.7860da10.js HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:54 GMT
Content-Type: application/javascript
Content-Length: 2820
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-b04"
Accept-Ranges: bytes
www.amazon395.com/js/chunk-2d21d0c2.090e3250.js
148.66.24.234200 OK 20 kB URL HTTP/1.1 www.amazon395.com/js/chunk-2d21d0c2.090e3250.js
IP 148.66.24.234:0
File type ASCII text, with very long lines (20140), with no line terminators
Hash 98fc4f7d659f3ff5fe223a0005d30e5f
8464c1b8138ce0a4b902c403fbbd61887b215a6f
3b4fea3e5f45315e8243cf56781d0df5722e6133942671dc592ff479ba8213e5
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /js/chunk-2d21d0c2.090e3250.js HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:54 GMT
Content-Type: application/javascript
Content-Length: 20140
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-4eac"
Accept-Ranges: bytes
www.amazon395.com/js/chunk-2d2293a9.3f796e04.js
148.66.24.234200 OK 5.4 kB URL HTTP/1.1 www.amazon395.com/js/chunk-2d2293a9.3f796e04.js
IP 148.66.24.234:0
File type Unicode text, UTF-8 text, with very long lines (5349), with no line terminators
Hash e6fcbcef581b2b9b129f89fb97fe1776
546e72ebd7b8690c133360aa93b1437a2606f44a
0c347a0508eb8ec7b846cfd05bed5c99f6e48c31c080890c9bd0227a9c8020c7
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /js/chunk-2d2293a9.3f796e04.js HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:55 GMT
Content-Type: application/javascript
Content-Length: 5411
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-1523"
Accept-Ranges: bytes
www.amazon395.com/js/chunk-3daaf73b.d10e096c.js
148.66.24.234200 OK 2.3 kB URL HTTP/1.1 www.amazon395.com/js/chunk-3daaf73b.d10e096c.js
IP 148.66.24.234:0
File type ASCII text, with very long lines (2266), with no line terminators
Hash a67619d68b0b83c05b5e2f2964f214f1
0cc635197a4c79cd7320ed8e31cf3dee18e6482a
72c7aebe7f1b5748fd8d458eb4e61fc4e3bf2a83b90d6b8ba3e8e5f10398b2c6
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /js/chunk-3daaf73b.d10e096c.js HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:55 GMT
Content-Type: application/javascript
Content-Length: 2266
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-8da"
Accept-Ranges: bytes
www.amazon395.com/js/chunk-2d237720.50eba9a0.js
148.66.24.234200 OK 2.8 kB URL HTTP/1.1 www.amazon395.com/js/chunk-2d237720.50eba9a0.js
IP 148.66.24.234:0
File type Unicode text, UTF-8 text, with very long lines (2810), with no line terminators
Hash 124a366361d204287ca5254b7fa46e1b
413f75e0c852fa068ce2cbe7b6b4d158e4ecbb9d
78c1625289ac16f7dc9adf3da555b7c42dbd4a5aabfe9f922a5791e2a236db42
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /js/chunk-2d237720.50eba9a0.js HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:55 GMT
Content-Type: application/javascript
Content-Length: 2820
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-b04"
Accept-Ranges: bytes
www.amazon395.com/js/chunk-43dd596e.e7b0c887.js
148.66.24.234200 OK 17 kB URL HTTP/1.1 www.amazon395.com/js/chunk-43dd596e.e7b0c887.js
IP 148.66.24.234:0
File type Unicode text, UTF-8 text, with very long lines (16991), with no line terminators
Hash 31e4dcb11ad324cca810b08b43747b7b
6c5534eafd2535062e1afa804ac74394d2642774
f0d2a6e139367d99e1a62ce9dc58ab79b3bcaa199242d1cc7f6ac9880e7df37c
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /js/chunk-43dd596e.e7b0c887.js HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:55 GMT
Content-Type: application/javascript
Content-Length: 17213
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-433d"
Accept-Ranges: bytes
www.amazon395.com/js/chunk-48d2056e.a3171c5f.js
148.66.24.234200 OK 6.1 kB URL HTTP/1.1 www.amazon395.com/js/chunk-48d2056e.a3171c5f.js
IP 148.66.24.234:0
File type Unicode text, UTF-8 text, with very long lines (6010), with no line terminators
Hash a34bca326e82a9805754be5dd905afa1
06ee9c3f32de9e1891a5772edb29f0dbe90cf9c3
3babd88852023b887316866435be03d7961ec0bf8f5e9fe2f0a4ad899369bfc8
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /js/chunk-48d2056e.a3171c5f.js HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:55 GMT
Content-Type: application/javascript
Content-Length: 6114
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-17e2"
Accept-Ranges: bytes
www.amazon395.com/js/chunk-4e503e5d.9e23fbcb.js
148.66.24.234200 OK 15 kB URL HTTP/1.1 www.amazon395.com/js/chunk-4e503e5d.9e23fbcb.js
IP 148.66.24.234:0
File type Unicode text, UTF-8 text, with very long lines (15136), with no line terminators
Hash d33c94cb73451bb0127ac415f94815dc
2048023a18c83a6a112640e0f42a972d10ddafbf
7064a9d16e6ddfb2c2411af18ff13c8d5c064c81ca16e679be67f4d94f82531a
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /js/chunk-4e503e5d.9e23fbcb.js HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:55 GMT
Content-Type: application/javascript
Content-Length: 15326
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-3bde"
Accept-Ranges: bytes
www.amazon395.com/js/chunk-5678bdc8.cede3fab.js
148.66.24.234200 OK 1.7 kB URL HTTP/1.1 www.amazon395.com/js/chunk-5678bdc8.cede3fab.js
IP 148.66.24.234:0
File type Unicode text, UTF-8 text, with very long lines (1661), with no line terminators
Hash 317877d5ea1e3724e3586031cfa75fbf
8eef73e7ae228640634406183c0864a819701bfd
bf9b0409cbd3f66d1360999522c929ffcc736a0976d879f1f39c1398eb8ce704
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /js/chunk-5678bdc8.cede3fab.js HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:55 GMT
Content-Type: application/javascript
Content-Length: 1683
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-693"
Accept-Ranges: bytes
www.amazon395.com/js/chunk-5915ee8d.de2a5d7d.js
148.66.24.234200 OK 1.2 kB URL HTTP/1.1 www.amazon395.com/js/chunk-5915ee8d.de2a5d7d.js
IP 148.66.24.234:0
File type Unicode text, UTF-8 text, with very long lines (1092), with no line terminators
Hash 8b5e78b24520aacf7bec8f2419e1be5c
62903d24b0f133599f40b273d371b21fb174ec25
2fa561a50af8cb8d65d1565fcaf942bc2639da23d62626aa5cb772cd6228e024
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /js/chunk-5915ee8d.de2a5d7d.js HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:55 GMT
Content-Type: application/javascript
Content-Length: 1204
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-4b4"
Accept-Ranges: bytes
www.amazon395.com/js/chunk-593609a0.29c0d400.js
148.66.24.234200 OK 3.6 kB URL HTTP/1.1 www.amazon395.com/js/chunk-593609a0.29c0d400.js
IP 148.66.24.234:0
File type ASCII text, with very long lines (3623), with no line terminators
Hash ce6d6751bc6a200f6713e2e8105cf596
0ac2350f741260da117aa5a3e6040acfc7b680a9
4f4b5d2bda109a31e5537fb45dfd677010c9645095d73fed7ba34a42db75e663
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /js/chunk-593609a0.29c0d400.js HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:55 GMT
Content-Type: application/javascript
Content-Length: 3623
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-e27"
Accept-Ranges: bytes
www.amazon395.com/js/chunk-5a8e73c2.f4e42e43.js
148.66.24.234200 OK 3.4 kB URL HTTP/1.1 www.amazon395.com/js/chunk-5a8e73c2.f4e42e43.js
IP 148.66.24.234:0
File type Unicode text, UTF-8 text, with very long lines (3403), with no line terminators
Hash eedfabd05fad457cb6b7add8f8a4f3cc
88a1d33d8a7ae909fea849436bd8beedc312bdce
e5237c10bc16a0afedb234ff6cd2332baf6d4b25de6e8490762982316f7230db
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /js/chunk-5a8e73c2.f4e42e43.js HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:55 GMT
Content-Type: application/javascript
Content-Length: 3421
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-d5d"
Accept-Ranges: bytes
www.amazon395.com/js/chunk-5b298104.fc421e11.js
148.66.24.234200 OK 13 kB URL HTTP/1.1 www.amazon395.com/js/chunk-5b298104.fc421e11.js
IP 148.66.24.234:0
File type Unicode text, UTF-8 text, with very long lines (12535), with no line terminators
Hash bc649c138ecaaa1f4d9b86ca54306615
470a432c1f2490a014988c59c21f806cab7104f9
855e705d7154650c54ca13563f2043d97203b62d87f327358a02fa87ebe91235
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /js/chunk-5b298104.fc421e11.js HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:55 GMT
Content-Type: application/javascript
Content-Length: 12759
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-31d7"
Accept-Ranges: bytes
www.amazon395.com/js/chunk-5bccf0cc.f92a6a45.js
148.66.24.234200 OK 2.2 kB URL HTTP/1.1 www.amazon395.com/js/chunk-5bccf0cc.f92a6a45.js
IP 148.66.24.234:0
File type ASCII text, with very long lines (2212), with no line terminators
Hash dbab7523c857fa1f4fe54a9b3e0c7260
83b44b1fa76d894908d7c182029451db9ede5702
52f7d3476c8281473318f93addbf8ac61a5adc54b54d126debfdc240598682e2
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /js/chunk-5bccf0cc.f92a6a45.js HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:55 GMT
Content-Type: application/javascript
Content-Length: 2212
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-8a4"
Accept-Ranges: bytes
www.amazon395.com/js/chunk-6bd3a640.d6c77698.js
148.66.24.234200 OK 4.5 kB URL HTTP/1.1 www.amazon395.com/js/chunk-6bd3a640.d6c77698.js
IP 148.66.24.234:0
File type Unicode text, UTF-8 text, with very long lines (4418), with no line terminators
Hash 6d8f4194e74eca4d6122a388a232274a
aad94fb47b7395a6db8c7d3637a32f0080dcc405
1cc3e6ff7b841c0d9c411f7ade6c44633b5b91cc12d837950d3616fedb0a7b62
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /js/chunk-6bd3a640.d6c77698.js HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:55 GMT
Content-Type: application/javascript
Content-Length: 4504
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-1198"
Accept-Ranges: bytes
www.amazon395.com/js/chunk-72e30129.ab35907b.js
148.66.24.234200 OK 15 kB URL HTTP/1.1 www.amazon395.com/js/chunk-72e30129.ab35907b.js
IP 148.66.24.234:0
File type Unicode text, UTF-8 text, with very long lines (14782), with no line terminators
Hash 517c22170aa21ca157ceb756905d20c1
a57167f543781fedef0f2e2547dee00de71fa5ba
d46c16a30192496e4b335c3078611d3bb96f7db1045f7daf4ff29295bd30230a
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /js/chunk-72e30129.ab35907b.js HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:55 GMT
Content-Type: application/javascript
Content-Length: 14972
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-3a7c"
Accept-Ranges: bytes
www.amazon395.com/js/chunk-65c9aad8.30c221b9.js
148.66.24.234200 OK 237 kB URL HTTP/1.1 www.amazon395.com/js/chunk-65c9aad8.30c221b9.js
IP 148.66.24.234:0
File type Unicode text, UTF-8 text, with very long lines (30468)
Size 237 kB (236787 bytes)
Hash b044a545c195e793aed1b55fa1a97455
8d6721d987c1b1d5c009aec716d365863d3a4fba
32d94d663b4eacc88c1538abbb8fbf41fdbf08955bd02a21553f7287e8bf9102
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /js/chunk-65c9aad8.30c221b9.js HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:55 GMT
Content-Type: application/javascript
Content-Length: 236787
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-39cf3"
Accept-Ranges: bytes
www.amazon395.com/js/chunk-74b46939.96bf1087.js
148.66.24.234200 OK 106 B URL HTTP/1.1 www.amazon395.com/js/chunk-74b46939.96bf1087.js
IP 148.66.24.234:0
File type ASCII text, with no line terminators
Hash 7f65731ee63842a954f4d42441fcc676
886b8c7e134ec35fc49ab12b46be83371ba79a1f
4757a1915dad7dfdbecd7e6a065af75b1245e8198bd974169f974833f8d9d236
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /js/chunk-74b46939.96bf1087.js HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:55 GMT
Content-Type: application/javascript
Content-Length: 106
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-6a"
Accept-Ranges: bytes
www.amazon395.com/js/chunk-74d1c393.217d77e2.js
148.66.24.234200 OK 106 B URL HTTP/1.1 www.amazon395.com/js/chunk-74d1c393.217d77e2.js
IP 148.66.24.234:0
File type ASCII text, with no line terminators
Hash bff42bacd79f07fce7ce3f63cd11e1df
709f2f4f8984cd122f4b23db3422913ab869b1db
947aa535d6bac3e5cc1a59fb1aeeef43edb1735ff58581096ff111744e2c5811
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /js/chunk-74d1c393.217d77e2.js HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:55 GMT
Content-Type: application/javascript
Content-Length: 106
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-6a"
Accept-Ranges: bytes
www.amazon395.com/js/chunk-78b33406.e61d43b7.js
148.66.24.234200 OK 6.6 kB URL HTTP/1.1 www.amazon395.com/js/chunk-78b33406.e61d43b7.js
IP 148.66.24.234:0
File type Unicode text, UTF-8 text, with very long lines (6506), with no line terminators
Hash d94aafb4eacf9fb91b3884f969e021f5
2426eddd3ad1534ea6aa804945bf761f6db15e31
88ea3e20505f25f066516c3a9eec415ed5227d5e0b42b3a35d81ea0a52ef38f6
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /js/chunk-78b33406.e61d43b7.js HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:55 GMT
Content-Type: application/javascript
Content-Length: 6648
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-19f8"
Accept-Ranges: bytes
www.amazon395.com/js/chunk-7c914548.9979b29f.js
148.66.24.234200 OK 10 kB URL HTTP/1.1 www.amazon395.com/js/chunk-7c914548.9979b29f.js
IP 148.66.24.234:0
File type Unicode text, UTF-8 text, with very long lines (10119), with no line terminators
Hash 3c8bffb248f756ce1404201c2f419b53
8d2b5cf1ad87c14118609ea85fbf73b9baf43df1
85b0b6fa835511f1fa617e7dc74831cb07bc3cb9da0b8da4d9962f8b536f11dd
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /js/chunk-7c914548.9979b29f.js HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:55 GMT
Content-Type: application/javascript
Content-Length: 10176
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-27c0"
Accept-Ranges: bytes
www.amazon395.com/js/chunk-7e56bba3.205747ae.js
148.66.24.234200 OK 3.5 kB URL HTTP/1.1 www.amazon395.com/js/chunk-7e56bba3.205747ae.js
IP 148.66.24.234:0
File type Unicode text, UTF-8 text, with very long lines (3472), with no line terminators
Hash cf86b8f6e8f94cdd904ed7336273c5a8
801c08381b6c7098c405092dc4f3b3d78038c4d6
402db14a8c0b7dc7b7b1cd08db634059998463ed47f775b07085067893ab0ded
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /js/chunk-7e56bba3.205747ae.js HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:55 GMT
Content-Type: application/javascript
Content-Length: 3510
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-db6"
Accept-Ranges: bytes
www.amazon395.com/js/chunk-864c9f86.05a47006.js
148.66.24.234200 OK 9.9 kB URL HTTP/1.1 www.amazon395.com/js/chunk-864c9f86.05a47006.js
IP 148.66.24.234:0
File type Unicode text, UTF-8 text, with very long lines (9829), with no line terminators
Hash aafabcdb50e9264d801487daa3f61f5d
06fc5f1ba8ceaa71bf3220858f9e20613af6f638
938ad6c4f26c1fcb503c995305dbba8899f3c99424db0f99523771b72c56ed04
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /js/chunk-864c9f86.05a47006.js HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:55 GMT
Content-Type: application/javascript
Content-Length: 9918
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-26be"
Accept-Ranges: bytes
www.amazon395.com/js/chunk-9b40b756.4df2512a.js
148.66.24.234200 OK 918 B URL HTTP/1.1 www.amazon395.com/js/chunk-9b40b756.4df2512a.js
IP 148.66.24.234:0
File type ASCII text, with very long lines (918), with no line terminators
Hash 14c2db5c5cf100fad85b3d672e8290d2
5022a401fc1cdb3e3617f9ea4de46c111be30f30
27dcecabca955f733bd7f7dd5280d29ecb7c29cad6692e734b2826c16e12fdfd
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /js/chunk-9b40b756.4df2512a.js HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:55 GMT
Content-Type: application/javascript
Content-Length: 918
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-396"
Accept-Ranges: bytes
www.amazon395.com/js/chunk-a2246c7e.e227f457.js
148.66.24.234200 OK 7.5 kB URL HTTP/1.1 www.amazon395.com/js/chunk-a2246c7e.e227f457.js
IP 148.66.24.234:0
File type ASCII text, with very long lines (7480), with no line terminators
Hash b529fcecdb65fd2638bf9d7ffb0c1221
f55d104071f8f7ecaa5c677adafe2fa30266b395
885eb149c3cb3afb9fda597a78fb0956a5b839c36df8ad7ef4f1d1b1704ea085
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /js/chunk-a2246c7e.e227f457.js HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:55 GMT
Content-Type: application/javascript
Content-Length: 7480
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-1d38"
Accept-Ranges: bytes
www.amazon395.com/js/chunk-b3282430.e6c9c91b.js
148.66.24.234200 OK 23 kB URL HTTP/1.1 www.amazon395.com/js/chunk-b3282430.e6c9c91b.js
IP 148.66.24.234:0
File type Unicode text, UTF-8 text, with very long lines (22317), with no line terminators
Hash 1a092838581890f93cad200fdd766ee8
e51415711219de74392f9fd8ed053053238ff365
3551375826c1aa29503b06be6fb36bc0ed77b901ce6b4a555637202e872715f2
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /js/chunk-b3282430.e6c9c91b.js HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:55 GMT
Content-Type: application/javascript
Content-Length: 22705
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-58b1"
Accept-Ranges: bytes
www.amazon395.com/js/chunk-bb257b66.53054e73.js
148.66.24.234200 OK 4.1 kB URL HTTP/1.1 www.amazon395.com/js/chunk-bb257b66.53054e73.js
IP 148.66.24.234:0
File type ASCII text, with very long lines (4110), with no line terminators
Hash a79f01aa66f91bb51835a58272acf3c3
81208d6cfd8749efb1acb307b17aed95f1285825
7a6a98db6864c91b6209571729bbbb950531864effdb9eff7c8b95f14672f3c0
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /js/chunk-bb257b66.53054e73.js HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:55 GMT
Content-Type: application/javascript
Content-Length: 4110
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-100e"
Accept-Ranges: bytes
www.amazon395.com/js/chunk-bf633286.eba07ac9.js
148.66.24.234200 OK 20 kB URL HTTP/1.1 www.amazon395.com/js/chunk-bf633286.eba07ac9.js
IP 148.66.24.234:0
File type Unicode text, UTF-8 text, with very long lines (19480), with no line terminators
Hash 840bba0d5a15340a784fc974e6fe4dd2
0901893cfb55676e8969308638c3ffc3ac3c576a
8f298929298c35b80a28cfe38bf9116757a3e240f7783ce442f6f915c2711ef5
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /js/chunk-bf633286.eba07ac9.js HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:55 GMT
Content-Type: application/javascript
Content-Length: 19670
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-4cd6"
Accept-Ranges: bytes
www.amazon395.com/js/chunk-e0cdb2a6.f627df4a.js
148.66.24.234200 OK 5.2 kB URL HTTP/1.1 www.amazon395.com/js/chunk-e0cdb2a6.f627df4a.js
IP 148.66.24.234:0
File type ASCII text, with very long lines (5216), with no line terminators
Hash 5c848f1459c62abb6fc58a19482f6317
05a5b9da121f2692cf591be69594bc48d1fb3282
62dfe73c5b64f138d9ace6c054df20d59afdbc68d7e257076069df3696cd1ba3
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /js/chunk-e0cdb2a6.f627df4a.js HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:55 GMT
Content-Type: application/javascript
Content-Length: 5216
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-1460"
Accept-Ranges: bytes
www.amazon395.com/js/chunk-e4aa7b9a.7f685026.js
148.66.24.234200 OK 9.7 kB URL HTTP/1.1 www.amazon395.com/js/chunk-e4aa7b9a.7f685026.js
IP 148.66.24.234:0
File type ASCII text, with very long lines (9734), with no line terminators
Hash ca7e1dc367f7046781987d8de410ee33
adc70e42613ba11b3917cf62d4f0f32b4a7a608f
4f3d67db1b1ccb78eba1ea3dc4770856949e0facdc6ce699c172d13313e1c049
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
quad9 Sinkholed
GET /js/chunk-e4aa7b9a.7f685026.js HTTP/1.1
Host: www.amazon395.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.3
Date: Mon, 05 Sep 2022 19:11:55 GMT
Content-Type: application/javascript
Content-Length: 9734
Last-Modified: Mon, 05 Sep 2022 11:49:43 GMT
Connection: keep-alive
ETag: "6315e257-2606"
Accept-Ranges: bytes
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8eb6cd09-3bf5-48ad-bcab-4b0b05db8dcf.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8eb6cd09-3bf5-48ad-bcab-4b0b05db8dcf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5231760bb81282416f2bd27a4261099e
e3e743b349fd5cb399d4cef4a0877dcc8e2f44f9
e0762821086503aef75013b60a4e340d6fbf9b1006fc7f8b4e079440afce8c67
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8eb6cd09-3bf5-48ad-bcab-4b0b05db8dcf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10770
x-amzn-requestid: c6d80cff-8d44-4589-bcf1-1f5a0ab199b8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X9Ey3GH4IAMF6KQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63151b45-2628cc83263aeeb14ce444ef;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: eEuQFQAkBAHlIYBRrvaJ1qjT09ezTNaL67wa77h1wS8fHc5oWi91aQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 21:45:28 GMT
age: 77189
etag: "e3e743b349fd5cb399d4cef4a0877dcc8e2f44f9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/vant/2.12.44/vant.min.js
104.17.24.14200 OK 0 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/vant/2.12.44/vant.min.js
IP 104.17.24.14:0
GET /ajax/libs/vant/2.12.44/vant.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.amazon395.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 19:11:49 GMT
content-type: application/javascript; charset=utf-8
content-length: 67557
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "620aa8ff-107e5"
last-modified: Mon, 14 Feb 2022 19:09:51 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 336437
expires: Sat, 26 Aug 2023 19:11:49 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EaLpu7KPYQEYhckspnYT5ZJszlimA7q8x0J8i7OMNIFbna93hLIZuYodDQHpGjYa%2BQ%2FGXT7NkOHfqr7Pvr0%2Bs8YBKANesIc17ntFQNvSki%2FbhadxOzTdOeNW4dVxn5uTbJAtipyz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 746145dfaa78b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2