| dasd-504b3.firebaseapp.com/ | 199.36.158.100 | | 133 B |
URL dasd-504b3.firebaseapp.com/ IP199.36.158.100:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash8b585fb5d7a21073e80241c068cf0f7d 094561e382193f6d45da8ca0c5119cbafc7ebd8c ea626dc5f9eb02145298344da36eace4037c5c7b864f2e16de43faf8b3d99d63
Analyzer | Verdict | Alert | phishtank | Other | | quad9 | Sinkholed | |
GET / HTTP/1.1
Host: dasd-504b3.firebaseapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
etag: "c0b4243a7891a6b2c37e6e615381c22b7bf6570ff24ec99a7ae49533304beeab-br"
last-modified: Wed, 02 Nov 2022 01:44:32 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 02 Jun 2023 07:35:37 GMT
x-served-by: cache-bma1669-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1685691337.014704,VS0,VE118
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 133
X-Firefox-Spdy: h2
|
| ocsp.pki.goog/s/gts1d4int/js5AeODGNU4 | 142.250.74.131 | | 472 B |
URL ocsp.pki.goog/s/gts1d4int/js5AeODGNU4 IP142.250.74.131:0
Hash7d9476d6ec08ce1777640bb89c21f502 9443aa98efe20801fc08b3385d40ec192c4c2159 535faa0f7988b8c33ad70b6a8cd05e69a4dc78e2efb05ec45ecd026e4ed96333
POST /s/gts1d4int/js5AeODGNU4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Jun 2023 07:35:37 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
| assurancemaladie-fr.ddns.net/ameli.fr/ | 0.0.0.0 | | 0 B |
URL User Request GET assurancemaladie-fr.ddns.net/ameli.fr/ IP0.0.0.0:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - DynDNS domain |
GET /ameli.fr/ HTTP/1.1
Host: assurancemaladie-fr.ddns.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|