Report - main.d3sb5yas0c5mpb.amplifyapp.com/

Report Overview

Submitted URL
main.d3sb5yas0c5mpb.amplifyapp.com/
IP
54.230.111.25
ASN
#16509 AMAZON-02
Submitted
2023-05-29 11:10:29
Access
public
Website Title
Final URL
Tags
luno crypto phishing
urlquery detections
Phishing - Luno

Detections

urlquery
26
Network Intrusion Detection
0
Threat Detection Systems
92

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2023-05-28	577 B	120 kB	142.250.74.163
ocsp.r2m02.amazontrust.com	unknown	2007-05-11	2022-10-12	2023-05-28	340 B	865 B	54.230.80.227
main.d3sb5yas0c5mpb.amplifyapp.com	unknown	2018-04-17	2023-05-29	2023-05-29	15 kB	881 kB	54.230.111.71
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-05-28	333 B	700 B	142.250.74.131
d32exi8v9av3ux.cloudfront.net	unknown	2008-04-25	2016-11-28	2023-05-16	2.8 kB	229 kB	54.230.245.216

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator
2023-05-28	medium	main.d3sb5yas0c5mpb.amplifyapp.com/
2023-05-28	medium	main.d3sb5yas0c5mpb.amplifyapp.com/
2023-05-28	medium	main.d3sb5yas0c5mpb.amplifyapp.com/
2023-05-28	medium	main.d3sb5yas0c5mpb.amplifyapp.com/
2023-05-28	medium	main.d3sb5yas0c5mpb.amplifyapp.com/
2023-05-28	medium	main.d3sb5yas0c5mpb.amplifyapp.com/
2023-05-28	medium	main.d3sb5yas0c5mpb.amplifyapp.com/
2023-05-28	medium	main.d3sb5yas0c5mpb.amplifyapp.com/
2023-05-28	medium	main.d3sb5yas0c5mpb.amplifyapp.com/
2023-05-28	medium	main.d3sb5yas0c5mpb.amplifyapp.com/
2023-05-28	medium	main.d3sb5yas0c5mpb.amplifyapp.com/
2023-05-28	medium	main.d3sb5yas0c5mpb.amplifyapp.com/
2023-05-28	medium	main.d3sb5yas0c5mpb.amplifyapp.com/
2023-05-28	medium	main.d3sb5yas0c5mpb.amplifyapp.com/
2023-05-28	medium	main.d3sb5yas0c5mpb.amplifyapp.com/
2023-05-28	medium	main.d3sb5yas0c5mpb.amplifyapp.com/
2023-05-28	medium	main.d3sb5yas0c5mpb.amplifyapp.com/
2023-05-28	medium	main.d3sb5yas0c5mpb.amplifyapp.com/
2023-05-28	medium	main.d3sb5yas0c5mpb.amplifyapp.com/
2023-05-28	medium	main.d3sb5yas0c5mpb.amplifyapp.com/
2023-05-28	medium	main.d3sb5yas0c5mpb.amplifyapp.com/
2023-05-28	medium	main.d3sb5yas0c5mpb.amplifyapp.com/
2023-05-28	medium	main.d3sb5yas0c5mpb.amplifyapp.com/
2023-05-28	medium	main.d3sb5yas0c5mpb.amplifyapp.com/
2023-05-28	medium	main.d3sb5yas0c5mpb.amplifyapp.com/
2023-05-28	medium	main.d3sb5yas0c5mpb.amplifyapp.com/
2023-05-28	medium	main.d3sb5yas0c5mpb.amplifyapp.com/
2023-05-28	medium	main.d3sb5yas0c5mpb.amplifyapp.com/
2023-05-28	medium	main.d3sb5yas0c5mpb.amplifyapp.com/
2023-05-28	medium	main.d3sb5yas0c5mpb.amplifyapp.com/
2023-05-28	medium	main.d3sb5yas0c5mpb.amplifyapp.com/

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator
2023-05-29	medium	main.d3sb5yas0c5mpb.amplifyapp.com/index_files/index_002.js
2023-05-29	medium	main.d3sb5yas0c5mpb.amplifyapp.com/index_files/MXXDHVXQWVACJD4VWOM6NP
2023-05-29	medium	main.d3sb5yas0c5mpb.amplifyapp.com/index_files/DN7MGSCFYVCP5O5VG6AWM4
2023-05-29	medium	main.d3sb5yas0c5mpb.amplifyapp.com/index_files/DN7MGSCFYVCP5O5VG6AWM4/
2023-05-29	medium	main.d3sb5yas0c5mpb.amplifyapp.com/index_files/fpconsent.js
2023-05-29	medium	main.d3sb5yas0c5mpb.amplifyapp.com/index_files/MXXDHVXQWVACJD4VWOM6NP/
2023-05-29	medium	main.d3sb5yas0c5mpb.amplifyapp.com/index_files/fpconsent.js
2023-05-29	medium	main.d3sb5yas0c5mpb.amplifyapp.com/index_files/social-apple-white.svg
2023-05-29	medium	main.d3sb5yas0c5mpb.amplifyapp.com/index_files/social-google.svg
2023-05-29	medium	main.d3sb5yas0c5mpb.amplifyapp.com/index_files/social-facebook-white.svg
2023-05-29	medium	main.d3sb5yas0c5mpb.amplifyapp.com/index_files/sendrolling.js
2023-05-29	medium	main.d3sb5yas0c5mpb.amplifyapp.com/index_files/singular-sdk.js
2023-05-29	medium	main.d3sb5yas0c5mpb.amplifyapp.com/index_files/index.js
2023-05-29	medium	main.d3sb5yas0c5mpb.amplifyapp.com/
2023-05-29	medium	main.d3sb5yas0c5mpb.amplifyapp.com/index_files/index.js

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (5)

	URL	Size	First Seen	Last Seen
	unknown	16 B	2023-04-10	2024-05-10
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-10 15:57:29 Last Seen2024-05-10 18:41:08 Times Seen34823 Hash 7c3c3ddeb80438dcbb3d081d2d00e152 5a4016732ee72ec77b4f6ab17047bcea6d2ea34d 321b4f657afbf8ba49518e6ab4cbad07ea967d0b4c68f71c7deed05ed09c1187 Loading...

	main.d3sb5yas0c5mpb.amplifyapp.com/index_files/singular-sdk.js	138 kB	2023-03-07	2024-03-14
Pretty URL main.d3sb5yas0c5mpb.amplifyapp.com/index_files/singular-sdk.js IP 54.230.111.71 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:52:05 Last Seen2024-03-14 05:34:18 Times Seen14 Hash 3b7624f0f44b75dd69fed75edf1ce836 89a1e6fa071a576fe8f7f759fb434642fcf1ceed 8b0930c8a9ce89678281293e87176a0d8f491a9d957bb2d5006a2c9d8b3e69cb Loading...

	main.d3sb5yas0c5mpb.amplifyapp.com/index_files/index_002.js	28 B	2023-03-07	2024-03-14
Pretty URL main.d3sb5yas0c5mpb.amplifyapp.com/index_files/index_002.js IP 54.230.111.71 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:31 Last Seen2024-03-14 05:34:18 Times Seen254 Hash 5816cced8568d223aa09d889f300692b 95cab5e474d7391762c3da5c7dc50fcf05df529f f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52 Loading...

	main.d3sb5yas0c5mpb.amplifyapp.com/index_files/sendrolling.js	11 kB	2023-03-07	2024-03-14
Pretty URL main.d3sb5yas0c5mpb.amplifyapp.com/index_files/sendrolling.js IP 54.230.111.71 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:21 Last Seen2024-03-14 05:34:18 Times Seen21 Hash c317a5be7d65fa0c4d68d9735af020e4 ddca83a85d6a48fae9aca5993007daa525b038fd 134568be83d33ab28a55e78e8e8ac638ac6a57ff1bfc62bb5bc4e93fee39e20f Loading...

	main.d3sb5yas0c5mpb.amplifyapp.com/	1.7 kB	2023-03-07	2023-05-29
Pretty URL main.d3sb5yas0c5mpb.amplifyapp.com/ IP 54.230.111.71 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:09:21 Last Seen2023-05-29 13:10:31 Times Seen4 Hash 313047ab1cfcce7c66fb09840f81329f 0ced4de0ceb8e8b5a35f393c38c68261a916af8a b24577328d547a3048da59af817e18b4daeb120be3b625837d1636a2fc740f95 Loading...

HTTP Transactions (39)

URL IP Response Size

ocsp.r2m02.amazontrust.com/

54.230.80.227

471 B

URL
ocsp.r2m02.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
90717db7df4fa694463a682e69a1ec6c
b736aeffbb80839f2f8b26ebb55eefeaaf15a6dd
114ffa13f6502878d8af7d265386a4ef418655b73af4ba806fe8fc78696efc23

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=7200'
Date: Mon, 29 May 2023 11:10:11 GMT
Server: ECAcc (dcb/7352)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: q_YclVXssqNWxgBse-684_XvqL963cWjjgIm_cUJD5SpN2I5A-p9gQ==

main.d3sb5yas0c5mpb.amplifyapp.com/index_files/track.gif

54.230.111.71

200 OK

23 B

URL GET HTTP/2
main.d3sb5yas0c5mpb.amplifyapp.com/index_files/track.gif
IP
54.230.111.71:443
ASN
#16509 AMAZON-02

Requested by
https://main.d3sb5yas0c5mpb.amplifyapp.com/
Certificate
IssuerAmazon
Subject*.d3sb5yas0c5mpb.amplifyapp.com
Fingerprint22:E9:65:D4:A7:EA:D6:29:3A:11:19:D0:83:C7:BE:C1:CB:53:84:A9
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
23 B (23 bytes)
Hash
da5b449fff36752a93779fa4067cd2eb
71a96eea77f21ab5f1819b96c4cedd5cd34476ca
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Luno
openphish	Luno

HTTP Headers

GET /index_files/track.gif HTTP/1.1
Host: main.d3sb5yas0c5mpb.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://main.d3sb5yas0c5mpb.amplifyapp.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/gif
content-length: 23
date: Mon, 29 May 2023 11:10:13 GMT
last-modified: Fri, 26 May 2023 18:21:33 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cache-control: public, max-age=0, s-maxage=2
etag: "da5b449fff36752a93779fa4067cd2eb"
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6wg3xqkr5FuUTLw1if9Vu1HXkNVRYrBRRq4z1XdkqbQLyzBIELTjUw==
X-Firefox-Spdy: h2

main.d3sb5yas0c5mpb.amplifyapp.com/index_files/out_005.gif

54.230.111.71

200 OK

42 B

URL GET HTTP/2
main.d3sb5yas0c5mpb.amplifyapp.com/index_files/out_005.gif
IP
54.230.111.71:443
ASN
#16509 AMAZON-02

Requested by
https://main.d3sb5yas0c5mpb.amplifyapp.com/
Certificate
IssuerAmazon
Subject*.d3sb5yas0c5mpb.amplifyapp.com
Fingerprint22:E9:65:D4:A7:EA:D6:29:3A:11:19:D0:83:C7:BE:C1:CB:53:84:A9
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Luno
openphish	Luno

HTTP Headers

GET /index_files/out_005.gif HTTP/1.1
Host: main.d3sb5yas0c5mpb.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://main.d3sb5yas0c5mpb.amplifyapp.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/gif
content-length: 42
date: Mon, 29 May 2023 11:10:14 GMT
last-modified: Fri, 26 May 2023 18:21:33 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cache-control: public, max-age=0, s-maxage=2
etag: "d89746888da2d9510b64a9f031eaecd5"
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5q_C4pOJogHf7WfZxTuu98tJD8tR-svD15KO-JVNvuq73XMZgeP6jw==
X-Firefox-Spdy: h2

main.d3sb5yas0c5mpb.amplifyapp.com/index_files/out_011.gif

54.230.111.71

200 OK

42 B

URL GET HTTP/2
main.d3sb5yas0c5mpb.amplifyapp.com/index_files/out_011.gif
IP
54.230.111.71:443
ASN
#16509 AMAZON-02

Requested by
https://main.d3sb5yas0c5mpb.amplifyapp.com/
Certificate
IssuerAmazon
Subject*.d3sb5yas0c5mpb.amplifyapp.com
Fingerprint22:E9:65:D4:A7:EA:D6:29:3A:11:19:D0:83:C7:BE:C1:CB:53:84:A9
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Luno
openphish	Luno

HTTP Headers

GET /index_files/out_011.gif HTTP/1.1
Host: main.d3sb5yas0c5mpb.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://main.d3sb5yas0c5mpb.amplifyapp.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/gif
content-length: 42
date: Mon, 29 May 2023 11:10:14 GMT
last-modified: Fri, 26 May 2023 18:21:33 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cache-control: public, max-age=0, s-maxage=2
etag: "d89746888da2d9510b64a9f031eaecd5"
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2Z67XoMzPu1tJK7DyKBLMjLyhYv2OMMdoRNNC7bxv9qdXE7XS4WQBQ==
X-Firefox-Spdy: h2

main.d3sb5yas0c5mpb.amplifyapp.com/index_files/index_002.js

54.230.111.71

200 OK

28 B

URL GET HTTP/2
main.d3sb5yas0c5mpb.amplifyapp.com/index_files/index_002.js
IP
54.230.111.71:443
ASN
#16509 AMAZON-02

Requested by
https://main.d3sb5yas0c5mpb.amplifyapp.com/
Certificate
IssuerAmazon
Subject*.d3sb5yas0c5mpb.amplifyapp.com
Fingerprint22:E9:65:D4:A7:EA:D6:29:3A:11:19:D0:83:C7:BE:C1:CB:53:84:A9
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
28 B (28 bytes)
Hash
5816cced8568d223aa09d889f300692b
95cab5e474d7391762c3da5c7dc50fcf05df529f
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Luno
openphish	Luno
fortinet	Phishing

HTTP Headers

GET /index_files/index_002.js HTTP/1.1
Host: main.d3sb5yas0c5mpb.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://main.d3sb5yas0c5mpb.amplifyapp.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 28
date: Mon, 29 May 2023 11:10:14 GMT
last-modified: Fri, 26 May 2023 18:21:33 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cache-control: public, max-age=0, s-maxage=2
etag: "5816cced8568d223aa09d889f300692b"
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jfIPtAp4VjFhL77KFegVr3AFQR7KO-d6BzzBwq43H-YA2_OLY4LeMA==
X-Firefox-Spdy: h2

main.d3sb5yas0c5mpb.amplifyapp.com/index_files/ill_email.png

54.230.111.71

200 OK

11 kB

URL GET HTTP/2
main.d3sb5yas0c5mpb.amplifyapp.com/index_files/ill_email.png
IP
54.230.111.71:443
ASN
#16509 AMAZON-02

Requested by
https://main.d3sb5yas0c5mpb.amplifyapp.com/
Certificate
IssuerAmazon
Subject*.d3sb5yas0c5mpb.amplifyapp.com
Fingerprint22:E9:65:D4:A7:EA:D6:29:3A:11:19:D0:83:C7:BE:C1:CB:53:84:A9
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type
PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced\012- data
Size
11 kB (10703 bytes)
Hash
8d158001c8fcabc4b7f872be746e579e
07ebcbb875c5030aec2bae43ae9fcf1682bb8f6d
3a8017292ca6c6057167dc30cf19da550fb068b22ab7ce57f7c5832e424fcf68

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Luno
openphish	Luno

HTTP Headers

GET /index_files/ill_email.png HTTP/1.1
Host: main.d3sb5yas0c5mpb.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://main.d3sb5yas0c5mpb.amplifyapp.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 10703
date: Mon, 29 May 2023 11:10:14 GMT
last-modified: Fri, 26 May 2023 18:21:33 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cache-control: public, max-age=0, s-maxage=2
etag: "8d158001c8fcabc4b7f872be746e579e"
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nG-AnyObAba206O3qC4W_A3-rTs4hB9St3z_oi7LRcZaAtnMVXNmpw==
X-Firefox-Spdy: h2

main.d3sb5yas0c5mpb.amplifyapp.com/index_files/out_012.gif

54.230.111.71

200 OK

42 B

URL GET HTTP/2
main.d3sb5yas0c5mpb.amplifyapp.com/index_files/out_012.gif
IP
54.230.111.71:443
ASN
#16509 AMAZON-02

Requested by
https://main.d3sb5yas0c5mpb.amplifyapp.com/
Certificate
IssuerAmazon
Subject*.d3sb5yas0c5mpb.amplifyapp.com
Fingerprint22:E9:65:D4:A7:EA:D6:29:3A:11:19:D0:83:C7:BE:C1:CB:53:84:A9
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Luno
openphish	Luno

HTTP Headers

GET /index_files/out_012.gif HTTP/1.1
Host: main.d3sb5yas0c5mpb.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://main.d3sb5yas0c5mpb.amplifyapp.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/gif
content-length: 42
date: Mon, 29 May 2023 11:10:14 GMT
last-modified: Fri, 26 May 2023 18:21:33 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cache-control: public, max-age=0, s-maxage=2
etag: "d89746888da2d9510b64a9f031eaecd5"
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9YtcHThsGUcmK7ojcT5rvJyqEB3JWwIA4PozlaG6SEZxwsJTQzmYFQ==
X-Firefox-Spdy: h2

main.d3sb5yas0c5mpb.amplifyapp.com/index_files/out_003.gif

54.230.111.71

200 OK

42 B

URL GET HTTP/2
main.d3sb5yas0c5mpb.amplifyapp.com/index_files/out_003.gif
IP
54.230.111.71:443
ASN
#16509 AMAZON-02

Requested by
https://main.d3sb5yas0c5mpb.amplifyapp.com/
Certificate
IssuerAmazon
Subject*.d3sb5yas0c5mpb.amplifyapp.com
Fingerprint22:E9:65:D4:A7:EA:D6:29:3A:11:19:D0:83:C7:BE:C1:CB:53:84:A9
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Luno
openphish	Luno

HTTP Headers

GET /index_files/out_003.gif HTTP/1.1
Host: main.d3sb5yas0c5mpb.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://main.d3sb5yas0c5mpb.amplifyapp.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/gif
content-length: 42
date: Mon, 29 May 2023 11:10:13 GMT
last-modified: Fri, 26 May 2023 18:21:33 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cache-control: public, max-age=0, s-maxage=2
etag: "d89746888da2d9510b64a9f031eaecd5"
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QQtuGG9AHmWxJmT6hja3dNASklxo2jJAaDnBJbzrLDRRU0GlKsqeXw==
X-Firefox-Spdy: h2

main.d3sb5yas0c5mpb.amplifyapp.com/index_files/MXXDHVXQWVACJD4VWOM6NP

54.230.111.71

301 Moved Permanently

0 B

URL GET HTTP/2
main.d3sb5yas0c5mpb.amplifyapp.com/index_files/MXXDHVXQWVACJD4VWOM6NP
IP
54.230.111.71:443
ASN
#16509 AMAZON-02

Requested by
https://main.d3sb5yas0c5mpb.amplifyapp.com/
Certificate
IssuerAmazon
Subject*.d3sb5yas0c5mpb.amplifyapp.com
Fingerprint22:E9:65:D4:A7:EA:D6:29:3A:11:19:D0:83:C7:BE:C1:CB:53:84:A9
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Luno
fortinet	Phishing

HTTP Headers

GET /index_files/MXXDHVXQWVACJD4VWOM6NP HTTP/1.1
Host: main.d3sb5yas0c5mpb.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://main.d3sb5yas0c5mpb.amplifyapp.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 301 Moved Permanently
content-type: application/xml
content-length: 0
date: Mon, 29 May 2023 11:10:12 GMT
server: AmazonS3
location: /index_files/MXXDHVXQWVACJD4VWOM6NP/
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1bxm1yJ6wgAj4GnttktM2MDgOKsemE6Jrk9iD2qAXkINX8qGSkZgdg==
X-Firefox-Spdy: h2

main.d3sb5yas0c5mpb.amplifyapp.com/index_files/out_010.gif

54.230.111.71

200 OK

42 B

URL GET HTTP/2
main.d3sb5yas0c5mpb.amplifyapp.com/index_files/out_010.gif
IP
54.230.111.71:443
ASN
#16509 AMAZON-02

Requested by
https://main.d3sb5yas0c5mpb.amplifyapp.com/
Certificate
IssuerAmazon
Subject*.d3sb5yas0c5mpb.amplifyapp.com
Fingerprint22:E9:65:D4:A7:EA:D6:29:3A:11:19:D0:83:C7:BE:C1:CB:53:84:A9
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Luno
openphish	Luno

HTTP Headers

GET /index_files/out_010.gif HTTP/1.1
Host: main.d3sb5yas0c5mpb.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://main.d3sb5yas0c5mpb.amplifyapp.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/gif
content-length: 42
date: Mon, 29 May 2023 11:10:13 GMT
last-modified: Fri, 26 May 2023 18:21:33 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cache-control: public, max-age=0, s-maxage=2
etag: "d89746888da2d9510b64a9f031eaecd5"
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: znMVuh9bMFpnIn4TirMqn3GB7v-fuc05JnuPEdkWcONRgstVJM3PxA==
X-Firefox-Spdy: h2

main.d3sb5yas0c5mpb.amplifyapp.com/index_files/out_009.gif

54.230.111.71

200 OK

42 B

URL GET HTTP/2
main.d3sb5yas0c5mpb.amplifyapp.com/index_files/out_009.gif
IP
54.230.111.71:443
ASN
#16509 AMAZON-02

Requested by
https://main.d3sb5yas0c5mpb.amplifyapp.com/
Certificate
IssuerAmazon
Subject*.d3sb5yas0c5mpb.amplifyapp.com
Fingerprint22:E9:65:D4:A7:EA:D6:29:3A:11:19:D0:83:C7:BE:C1:CB:53:84:A9
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Luno
openphish	Luno

HTTP Headers

GET /index_files/out_009.gif HTTP/1.1
Host: main.d3sb5yas0c5mpb.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://main.d3sb5yas0c5mpb.amplifyapp.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/gif
content-length: 42
date: Mon, 29 May 2023 11:10:14 GMT
last-modified: Fri, 26 May 2023 18:21:33 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cache-control: public, max-age=0, s-maxage=2
etag: "d89746888da2d9510b64a9f031eaecd5"
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: x_uRyE-VKF-dKGPlrAQ4hLz7BPvPnJhc8PPtPO-wf_N-Rjmi59PATw==
X-Firefox-Spdy: h2

main.d3sb5yas0c5mpb.amplifyapp.com/index_files/out.gif

54.230.111.71

200 OK

42 B

URL GET HTTP/2
main.d3sb5yas0c5mpb.amplifyapp.com/index_files/out.gif
IP
54.230.111.71:443
ASN
#16509 AMAZON-02

Requested by
https://main.d3sb5yas0c5mpb.amplifyapp.com/
Certificate
IssuerAmazon
Subject*.d3sb5yas0c5mpb.amplifyapp.com
Fingerprint22:E9:65:D4:A7:EA:D6:29:3A:11:19:D0:83:C7:BE:C1:CB:53:84:A9
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Luno
openphish	Luno

HTTP Headers

GET /index_files/out.gif HTTP/1.1
Host: main.d3sb5yas0c5mpb.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://main.d3sb5yas0c5mpb.amplifyapp.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/gif
content-length: 42
date: Mon, 29 May 2023 11:10:13 GMT
last-modified: Fri, 26 May 2023 18:21:33 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cache-control: public, max-age=0, s-maxage=2
etag: "d89746888da2d9510b64a9f031eaecd5"
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PCqc9B9HcrwkygmjurwZwNjCq1LCsaig9dcd6fTi-oqofp9Yxg8fbg==
X-Firefox-Spdy: h2

main.d3sb5yas0c5mpb.amplifyapp.com/index_files/DN7MGSCFYVCP5O5VG6AWM4

54.230.111.71

301 Moved Permanently

0 B

URL GET HTTP/2
main.d3sb5yas0c5mpb.amplifyapp.com/index_files/DN7MGSCFYVCP5O5VG6AWM4
IP
54.230.111.71:443
ASN
#16509 AMAZON-02

Requested by
https://main.d3sb5yas0c5mpb.amplifyapp.com/
Certificate
IssuerAmazon
Subject*.d3sb5yas0c5mpb.amplifyapp.com
Fingerprint22:E9:65:D4:A7:EA:D6:29:3A:11:19:D0:83:C7:BE:C1:CB:53:84:A9
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Luno
fortinet	Phishing

HTTP Headers

GET /index_files/DN7MGSCFYVCP5O5VG6AWM4 HTTP/1.1
Host: main.d3sb5yas0c5mpb.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://main.d3sb5yas0c5mpb.amplifyapp.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 301 Moved Permanently
content-type: application/xml
content-length: 0
date: Mon, 29 May 2023 11:10:12 GMT
server: AmazonS3
location: /index_files/DN7MGSCFYVCP5O5VG6AWM4/
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: aBzxAVc5gQOMok7Mq_qG3PSVBlJvE9FnSCUAdhoPuRpClsg7usHXjQ==
X-Firefox-Spdy: h2

main.d3sb5yas0c5mpb.amplifyapp.com/index_files/out_004.gif

54.230.111.71

200 OK

42 B

URL GET HTTP/2
main.d3sb5yas0c5mpb.amplifyapp.com/index_files/out_004.gif
IP
54.230.111.71:443
ASN
#16509 AMAZON-02

Requested by
https://main.d3sb5yas0c5mpb.amplifyapp.com/
Certificate
IssuerAmazon
Subject*.d3sb5yas0c5mpb.amplifyapp.com
Fingerprint22:E9:65:D4:A7:EA:D6:29:3A:11:19:D0:83:C7:BE:C1:CB:53:84:A9
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Luno
openphish	Luno

HTTP Headers

GET /index_files/out_004.gif HTTP/1.1
Host: main.d3sb5yas0c5mpb.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://main.d3sb5yas0c5mpb.amplifyapp.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/gif
content-length: 42
date: Mon, 29 May 2023 11:10:13 GMT
last-modified: Fri, 26 May 2023 18:21:33 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cache-control: public, max-age=0, s-maxage=2
etag: "d89746888da2d9510b64a9f031eaecd5"
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DPFQhYmw1q5qLAEh6e2f6OFNO7aJOU8VOKebUhv9zA2hvIsvYN89ug==
X-Firefox-Spdy: h2

main.d3sb5yas0c5mpb.amplifyapp.com/index_files/out_006.gif

54.230.111.71

200 OK

42 B

URL GET HTTP/2
main.d3sb5yas0c5mpb.amplifyapp.com/index_files/out_006.gif
IP
54.230.111.71:443
ASN
#16509 AMAZON-02

Requested by
https://main.d3sb5yas0c5mpb.amplifyapp.com/
Certificate
IssuerAmazon
Subject*.d3sb5yas0c5mpb.amplifyapp.com
Fingerprint22:E9:65:D4:A7:EA:D6:29:3A:11:19:D0:83:C7:BE:C1:CB:53:84:A9
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Luno
openphish	Luno

HTTP Headers

GET /index_files/out_006.gif HTTP/1.1
Host: main.d3sb5yas0c5mpb.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://main.d3sb5yas0c5mpb.amplifyapp.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/gif
content-length: 42
date: Mon, 29 May 2023 11:10:14 GMT
last-modified: Fri, 26 May 2023 18:21:33 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cache-control: public, max-age=0, s-maxage=2
etag: "d89746888da2d9510b64a9f031eaecd5"
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: aNIMS7ESV0ndpxo2EV6dahCzpMzHRTwn9RuWrLdGeEQxMc4gn0sY6g==
X-Firefox-Spdy: h2

main.d3sb5yas0c5mpb.amplifyapp.com/index_files/out_002.gif

54.230.111.71

200 OK

42 B

URL GET HTTP/2
main.d3sb5yas0c5mpb.amplifyapp.com/index_files/out_002.gif
IP
54.230.111.71:443
ASN
#16509 AMAZON-02

Requested by
https://main.d3sb5yas0c5mpb.amplifyapp.com/
Certificate
IssuerAmazon
Subject*.d3sb5yas0c5mpb.amplifyapp.com
Fingerprint22:E9:65:D4:A7:EA:D6:29:3A:11:19:D0:83:C7:BE:C1:CB:53:84:A9
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Luno
openphish	Luno

HTTP Headers

GET /index_files/out_002.gif HTTP/1.1
Host: main.d3sb5yas0c5mpb.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://main.d3sb5yas0c5mpb.amplifyapp.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/gif
content-length: 42
date: Mon, 29 May 2023 11:10:14 GMT
last-modified: Fri, 26 May 2023 18:21:33 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cache-control: public, max-age=0, s-maxage=2
etag: "d89746888da2d9510b64a9f031eaecd5"
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ji3sr6_D8QpNz2s_3SQKZiW-bC3lJsdronTFOPXIjWQv58NHdQEY5w==
X-Firefox-Spdy: h2

main.d3sb5yas0c5mpb.amplifyapp.com/index_files/out_007.gif

54.230.111.71

200 OK

42 B

URL GET HTTP/2
main.d3sb5yas0c5mpb.amplifyapp.com/index_files/out_007.gif
IP
54.230.111.71:443
ASN
#16509 AMAZON-02

Requested by
https://main.d3sb5yas0c5mpb.amplifyapp.com/
Certificate
IssuerAmazon
Subject*.d3sb5yas0c5mpb.amplifyapp.com
Fingerprint22:E9:65:D4:A7:EA:D6:29:3A:11:19:D0:83:C7:BE:C1:CB:53:84:A9
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Luno
openphish	Luno

HTTP Headers

GET /index_files/out_007.gif HTTP/1.1
Host: main.d3sb5yas0c5mpb.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://main.d3sb5yas0c5mpb.amplifyapp.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/gif
content-length: 42
date: Mon, 29 May 2023 11:10:13 GMT
last-modified: Fri, 26 May 2023 18:21:33 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cache-control: public, max-age=0, s-maxage=2
etag: "d89746888da2d9510b64a9f031eaecd5"
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: aRyPp3HJEwFRBWSYs0CN9b_cYH4Ov0fLs0PDOE-Si2JdPdQiwJe-Tw==
X-Firefox-Spdy: h2

main.d3sb5yas0c5mpb.amplifyapp.com/index_files/out_008.gif

54.230.111.71

200 OK

42 B

URL GET HTTP/2
main.d3sb5yas0c5mpb.amplifyapp.com/index_files/out_008.gif
IP
54.230.111.71:443
ASN
#16509 AMAZON-02

Requested by
https://main.d3sb5yas0c5mpb.amplifyapp.com/
Certificate
IssuerAmazon
Subject*.d3sb5yas0c5mpb.amplifyapp.com
Fingerprint22:E9:65:D4:A7:EA:D6:29:3A:11:19:D0:83:C7:BE:C1:CB:53:84:A9
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Luno
openphish	Luno

HTTP Headers

GET /index_files/out_008.gif HTTP/1.1
Host: main.d3sb5yas0c5mpb.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://main.d3sb5yas0c5mpb.amplifyapp.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/gif
content-length: 42
date: Mon, 29 May 2023 11:10:13 GMT
last-modified: Fri, 26 May 2023 18:21:33 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cache-control: public, max-age=0, s-maxage=2
etag: "d89746888da2d9510b64a9f031eaecd5"
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6oczry_ybdjW8T7cO6EboJhirFaddRtUxVYnVKQTG0UiFJPUUX8TSQ==
X-Firefox-Spdy: h2

main.d3sb5yas0c5mpb.amplifyapp.com/index_files/out_013.gif

54.230.111.71

200 OK

42 B

URL GET HTTP/2
main.d3sb5yas0c5mpb.amplifyapp.com/index_files/out_013.gif
IP
54.230.111.71:443
ASN
#16509 AMAZON-02

Requested by
https://main.d3sb5yas0c5mpb.amplifyapp.com/
Certificate
IssuerAmazon
Subject*.d3sb5yas0c5mpb.amplifyapp.com
Fingerprint22:E9:65:D4:A7:EA:D6:29:3A:11:19:D0:83:C7:BE:C1:CB:53:84:A9
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Luno
openphish	Luno

HTTP Headers

GET /index_files/out_013.gif HTTP/1.1
Host: main.d3sb5yas0c5mpb.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://main.d3sb5yas0c5mpb.amplifyapp.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/gif
content-length: 42
date: Mon, 29 May 2023 11:10:14 GMT
last-modified: Fri, 26 May 2023 18:21:33 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cache-control: public, max-age=0, s-maxage=2
etag: "d89746888da2d9510b64a9f031eaecd5"
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 23vaubew4Or6OT-4KAURMET2nMUYPJFMQxFH8PXWyZn6FXJi0gx0qw==
X-Firefox-Spdy: h2

main.d3sb5yas0c5mpb.amplifyapp.com/index_files/DN7MGSCFYVCP5O5VG6AWM4/

54.230.111.71

404 Not Found

88 kB

URL GET HTTP/2
main.d3sb5yas0c5mpb.amplifyapp.com/index_files/DN7MGSCFYVCP5O5VG6AWM4/
IP
54.230.111.71:443
ASN
#16509 AMAZON-02

Requested by
https://main.d3sb5yas0c5mpb.amplifyapp.com/
Certificate
IssuerAmazon
Subject*.d3sb5yas0c5mpb.amplifyapp.com
Fingerprint22:E9:65:D4:A7:EA:D6:29:3A:11:19:D0:83:C7:BE:C1:CB:53:84:A9
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type
gzip compressed data, from Unix\012- data
Size
88 kB (88359 bytes)
Hash
3e3c08f6456a8d13e18440b5e30bc950
b3cfdc2d6b979828a5f2cadb36e8c444ea680e00
12d9c4b9181755d8f7b0f41f315fc42dcad9971d5134de3434587a2e664aad7e

Detections

Analyzer	Verdict	Alert
openphish	Luno
fortinet	Phishing

HTTP Headers

GET /index_files/DN7MGSCFYVCP5O5VG6AWM4/ HTTP/1.1
Host: main.d3sb5yas0c5mpb.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://main.d3sb5yas0c5mpb.amplifyapp.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html
date: Mon, 29 May 2023 11:10:12 GMT
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Error from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3CmNtuuWvvTzuT3uiPzopnDKOCKJVn9o8x3remn0l3-53U0eeOUBFA==
X-Firefox-Spdy: h2

main.d3sb5yas0c5mpb.amplifyapp.com/index_files/fpconsent.js

54.230.111.71

404 Not Found

103 kB

URL GET HTTP/2
main.d3sb5yas0c5mpb.amplifyapp.com/index_files/fpconsent.js
IP
54.230.111.71:443
ASN
#16509 AMAZON-02

Requested by
https://main.d3sb5yas0c5mpb.amplifyapp.com/
Certificate
IssuerAmazon
Subject*.d3sb5yas0c5mpb.amplifyapp.com
Fingerprint22:E9:65:D4:A7:EA:D6:29:3A:11:19:D0:83:C7:BE:C1:CB:53:84:A9
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type
gzip compressed data, from Unix\012- data
Size
103 kB (103362 bytes)
Hash
b7a9b31e9112ff655435f30ed660b5b8
ac70f151fdaf669988ff3908201941a96e211bc2
0d201d20c622dee82e5b02f2e1a2f3ca4ae518b5371044038a36472f45dee87d

Detections

Analyzer	Verdict	Alert
openphish	Luno
fortinet	Phishing

HTTP Headers

GET /index_files/fpconsent.js HTTP/1.1
Host: main.d3sb5yas0c5mpb.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://main.d3sb5yas0c5mpb.amplifyapp.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html
date: Mon, 29 May 2023 11:10:11 GMT
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Error from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wTjgeQ2zUlahbKVNhoKXjwg4WKBVl6wjEXFhWNkAFbh5yVWcmg1PTA==
age: 1
X-Firefox-Spdy: h2

main.d3sb5yas0c5mpb.amplifyapp.com/index_files/MXXDHVXQWVACJD4VWOM6NP/

54.230.111.71

404 Not Found

88 kB

URL GET HTTP/2
main.d3sb5yas0c5mpb.amplifyapp.com/index_files/MXXDHVXQWVACJD4VWOM6NP/
IP
54.230.111.71:443
ASN
#16509 AMAZON-02

Requested by
https://main.d3sb5yas0c5mpb.amplifyapp.com/
Certificate
IssuerAmazon
Subject*.d3sb5yas0c5mpb.amplifyapp.com
Fingerprint22:E9:65:D4:A7:EA:D6:29:3A:11:19:D0:83:C7:BE:C1:CB:53:84:A9
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type
gzip compressed data, from Unix\012- data
Size
88 kB (88359 bytes)
Hash
3e3c08f6456a8d13e18440b5e30bc950
b3cfdc2d6b979828a5f2cadb36e8c444ea680e00
12d9c4b9181755d8f7b0f41f315fc42dcad9971d5134de3434587a2e664aad7e

Detections

Analyzer	Verdict	Alert
openphish	Luno
fortinet	Phishing

HTTP Headers

GET /index_files/MXXDHVXQWVACJD4VWOM6NP/ HTTP/1.1
Host: main.d3sb5yas0c5mpb.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://main.d3sb5yas0c5mpb.amplifyapp.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html
date: Mon, 29 May 2023 11:10:12 GMT
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Error from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5S6c-ro7U3w9J9i-z_6xbYAEDI5koX8bNfhP-SzJX5cDi3gdlioSkQ==
X-Firefox-Spdy: h2

main.d3sb5yas0c5mpb.amplifyapp.com/index_files/fpconsent.js

54.230.111.71

404 Not Found

15 kB

URL GET HTTP/2
main.d3sb5yas0c5mpb.amplifyapp.com/index_files/fpconsent.js
IP
54.230.111.71:443
ASN
#16509 AMAZON-02

Requested by
https://main.d3sb5yas0c5mpb.amplifyapp.com/
Certificate
IssuerAmazon
Subject*.d3sb5yas0c5mpb.amplifyapp.com
Fingerprint22:E9:65:D4:A7:EA:D6:29:3A:11:19:D0:83:C7:BE:C1:CB:53:84:A9
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type
gzip compressed data, from Unix\012- data
Size
15 kB (14647 bytes)
Hash
e7d8d173ca8559c8aed202e51c1449af
71d06a28588392440df9ef73a6e67b497c864b3c
43f3728da99a953b8ab33879a484f13318a36999e10a5665f4b4f4cfa4302ed4

Detections

Analyzer	Verdict	Alert
openphish	Luno
fortinet	Phishing

HTTP Headers

GET /index_files/fpconsent.js HTTP/1.1
Host: main.d3sb5yas0c5mpb.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://main.d3sb5yas0c5mpb.amplifyapp.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/html
date: Mon, 29 May 2023 11:10:11 GMT
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Error from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bmcLvBqB14M15VWs7L36Onr9GAYQyKk3SqypKajLH5_He0jlnKxyYw==
X-Firefox-Spdy: h2

main.d3sb5yas0c5mpb.amplifyapp.com/index_files/styles.css

54.230.111.71

200 OK

142 kB

URL GET HTTP/2
main.d3sb5yas0c5mpb.amplifyapp.com/index_files/styles.css
IP
54.230.111.71:443
ASN
#16509 AMAZON-02

Requested by
https://main.d3sb5yas0c5mpb.amplifyapp.com/
Certificate
IssuerAmazon
Subject*.d3sb5yas0c5mpb.amplifyapp.com
Fingerprint22:E9:65:D4:A7:EA:D6:29:3A:11:19:D0:83:C7:BE:C1:CB:53:84:A9
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type
gzip compressed data, from Unix\012- data
Size
142 kB (142538 bytes)
Hash
5d70f211f08fcae0007bde039395afe4
b617ed68f360a3a1bd93436900829600c0a2f7e9
12e045dfa1a9740ad3e95923409c73932fb9be7c236949c9af4e13b9b4660546

Detections

Analyzer	Verdict	Alert
openphish	Luno

HTTP Headers

GET /index_files/styles.css HTTP/1.1
Host: main.d3sb5yas0c5mpb.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://main.d3sb5yas0c5mpb.amplifyapp.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css
date: Mon, 29 May 2023 11:10:14 GMT
last-modified: Fri, 26 May 2023 18:21:33 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
cache-control: public, max-age=0, s-maxage=2
content-encoding: gzip
etag: W/"8b6b38195f918628cc0947836e87a474"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: m_GmBmgB1D9TDXPQ1Rhy4Gfu4oIj8sO98dUdf30oX107iNpQU_VH-Q==
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e75b43e8a7beaf5ded692008749eb5b0
5f96a142b29fc6ca88b33a9cb5c2c5b4b95b8635
a100d74db29961c793a7254e52dd854c8f85761876369b45073d911be95bab3a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 29 May 2023 11:10:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

main.d3sb5yas0c5mpb.amplifyapp.com/index_files/social-apple-white.svg

54.230.111.71

200 OK

691 B

URL GET HTTP/2
main.d3sb5yas0c5mpb.amplifyapp.com/index_files/social-apple-white.svg
IP
54.230.111.71:443
ASN
#16509 AMAZON-02

Requested by
https://main.d3sb5yas0c5mpb.amplifyapp.com/
Certificate
IssuerAmazon
Subject*.d3sb5yas0c5mpb.amplifyapp.com
Fingerprint22:E9:65:D4:A7:EA:D6:29:3A:11:19:D0:83:C7:BE:C1:CB:53:84:A9
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (691), with no line terminators
Size
691 B (691 bytes)
Hash
0a07edcd0b0db8f464b1363755dc08fe
fdeee2c589212018f982a2deb7216a053e4dabca
2da59bb74d8445fbcb91a383ffe55c4bf84b85d2268ae743a8587702f5b37b7b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Luno
openphish	Luno
fortinet	Phishing

HTTP Headers

GET /index_files/social-apple-white.svg HTTP/1.1
Host: main.d3sb5yas0c5mpb.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://main.d3sb5yas0c5mpb.amplifyapp.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 691
date: Mon, 29 May 2023 11:10:14 GMT
last-modified: Fri, 26 May 2023 18:21:33 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cache-control: public, max-age=0, s-maxage=2
etag: "0a07edcd0b0db8f464b1363755dc08fe"
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dyPvmqtACly6KBDum7ECJBHWIuC5rdfDoYTkWA5HiZU7iEfs1EdnYQ==
X-Firefox-Spdy: h2

main.d3sb5yas0c5mpb.amplifyapp.com/index_files/social-google.svg

54.230.111.71

200 OK

802 B

URL GET HTTP/2
main.d3sb5yas0c5mpb.amplifyapp.com/index_files/social-google.svg
IP
54.230.111.71:443
ASN
#16509 AMAZON-02

Requested by
https://main.d3sb5yas0c5mpb.amplifyapp.com/
Certificate
IssuerAmazon
Subject*.d3sb5yas0c5mpb.amplifyapp.com
Fingerprint22:E9:65:D4:A7:EA:D6:29:3A:11:19:D0:83:C7:BE:C1:CB:53:84:A9
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (802), with no line terminators
Size
802 B (802 bytes)
Hash
7bd78e63c4e4cf2e256861e4296eafaf
6c8da7208e45c6755c22484da5b121c73cd18b2d
4fd6a73539f01d13a8a5dcec4dd85db54b4f25fdeb20d6668710fd29c5460e20

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Luno
openphish	Luno
fortinet	Phishing

HTTP Headers

GET /index_files/social-google.svg HTTP/1.1
Host: main.d3sb5yas0c5mpb.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://main.d3sb5yas0c5mpb.amplifyapp.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 802
date: Mon, 29 May 2023 11:10:14 GMT
last-modified: Fri, 26 May 2023 18:21:33 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cache-control: public, max-age=0, s-maxage=2
etag: "7bd78e63c4e4cf2e256861e4296eafaf"
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9gzzvnpbTxzY2me5UfOZ3xUVRZz4C4z5U6ge7imMW_h7Lbc0LZE4ag==
X-Firefox-Spdy: h2

main.d3sb5yas0c5mpb.amplifyapp.com/index_files/social-facebook-white.svg

54.230.111.71

200 OK

350 B

URL GET HTTP/2
main.d3sb5yas0c5mpb.amplifyapp.com/index_files/social-facebook-white.svg
IP
54.230.111.71:443
ASN
#16509 AMAZON-02

Requested by
https://main.d3sb5yas0c5mpb.amplifyapp.com/
Certificate
IssuerAmazon
Subject*.d3sb5yas0c5mpb.amplifyapp.com
Fingerprint22:E9:65:D4:A7:EA:D6:29:3A:11:19:D0:83:C7:BE:C1:CB:53:84:A9
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (350), with no line terminators
Size
350 B (350 bytes)
Hash
fcf41ff6566a0052b84f69d4bb0c91a8
853353c797f28ccea62496f602cdbebd228f00d3
44c3cdb0ef17065437a2d1124f14e78a892408dc0fd89b680fd01a1a3030fe7c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Luno
openphish	Luno
fortinet	Phishing

HTTP Headers

GET /index_files/social-facebook-white.svg HTTP/1.1
Host: main.d3sb5yas0c5mpb.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://main.d3sb5yas0c5mpb.amplifyapp.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 350
date: Mon, 29 May 2023 11:10:14 GMT
last-modified: Fri, 26 May 2023 18:21:33 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cache-control: public, max-age=0, s-maxage=2
etag: "fcf41ff6566a0052b84f69d4bb0c91a8"
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: m1lAzbm_MmH9jbgH3ukFuPC1S122DbRxvsMuvxaQrVbrqGFglGrBMQ==
X-Firefox-Spdy: h2

d32exi8v9av3ux.cloudfront.net/auth-app/2022/01/17/26465d/auth-app/assets/img/favicon-152x152.png

54.230.245.216

200 OK

2.3 kB

URL GET HTTP/2
d32exi8v9av3ux.cloudfront.net/auth-app/2022/01/17/26465d/auth-app/assets/img/favicon-152x152.png
IP
54.230.245.216:443
ASN
#16509 AMAZON-02

Requested by
https://main.d3sb5yas0c5mpb.amplifyapp.com/
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT

File type
PNG image data, 152 x 152, 8-bit colormap, non-interlaced\012- data
Size
2.3 kB (2286 bytes)
Hash
bfdc0fedce221294659346a7783b6a7a
96474ad641d1addab4abc17fa659d73c3940f1a3
e87f5a2d3aeccca887e6c759a0f6ac07cd9f54c5ee85fa2aa9d97c1e678bf013

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Luno

HTTP Headers

GET /auth-app/2022/01/17/26465d/auth-app/assets/img/favicon-152x152.png HTTP/1.1
Host: d32exi8v9av3ux.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://main.d3sb5yas0c5mpb.amplifyapp.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 2286
date: Sat, 27 May 2023 22:22:01 GMT
last-modified: Mon, 17 Jan 2022 11:57:28 GMT
etag: "bfdc0fedce221294659346a7783b6a7a"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: p_24deJ2lCqIyT6yY90htYOmyC9kHfvqtkQ5qWXfzHwdZ24OdjPksw==
age: 132493
X-Firefox-Spdy: h2

d32exi8v9av3ux.cloudfront.net/auth-app/2022/01/17/26465d/auth-app/assets/img/favicon-16x16.png

54.230.245.216

200 OK

303 B

URL GET HTTP/2
d32exi8v9av3ux.cloudfront.net/auth-app/2022/01/17/26465d/auth-app/assets/img/favicon-16x16.png
IP
54.230.245.216:443
ASN
#16509 AMAZON-02

Requested by
https://main.d3sb5yas0c5mpb.amplifyapp.com/
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size
303 B (303 bytes)
Hash
dd23e160b468ea5f4b5b88a719ddee63
c1c0d5bba3cbd9bb5bab9ad42aaf5150a3ff1df0
cf0b20b47983a98fb61c7c2e03bd0445b34408c561e0e591ad72b37a9be750ff

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Luno

HTTP Headers

GET /auth-app/2022/01/17/26465d/auth-app/assets/img/favicon-16x16.png HTTP/1.1
Host: d32exi8v9av3ux.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://main.d3sb5yas0c5mpb.amplifyapp.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 303
date: Sat, 27 May 2023 02:35:09 GMT
last-modified: Mon, 17 Jan 2022 11:57:28 GMT
etag: "dd23e160b468ea5f4b5b88a719ddee63"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: yWpCkxfi9jXfiJj6uMpB5-jRsQXl3_4sh25AkbUHX4KtGtiMjBaWqg==
age: 203705
X-Firefox-Spdy: h2

d32exi8v9av3ux.cloudfront.net/static/fonts/Fracktif-Regular.woff

54.230.245.216

200 OK

74 kB

URL GET HTTP/2
d32exi8v9av3ux.cloudfront.net/static/fonts/Fracktif-Regular.woff
IP
54.230.245.216:443
ASN
#16509 AMAZON-02

Requested by
https://main.d3sb5yas0c5mpb.amplifyapp.com/
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT

File type
Web Open Font Format, CFF, length 74184, version 0.0\012- data
Size
74 kB (74184 bytes)
Hash
685a5f0c828aa500569e378873d43d2a
2db3d39a26f1e31163ef6eb00011743a513a298c
fbff55fa35995b30857a3e31aaaf37d60e60809655b38702211dc74d94790efa

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Luno

HTTP Headers

GET /static/fonts/Fracktif-Regular.woff HTTP/1.1
Host: d32exi8v9av3ux.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://main.d3sb5yas0c5mpb.amplifyapp.com
DNT: 1
Connection: keep-alive
Referer: https://main.d3sb5yas0c5mpb.amplifyapp.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: font/woff
content-length: 74184
date: Sun, 28 May 2023 07:59:29 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Sat, 27 May 2023 02:21:41 GMT
etag: "685a5f0c828aa500569e378873d43d2a"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=604800
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AygGGx3P47p2-rfWOwFVZFVx32ZhlXhMk3wBZP4L1hLcMhTdqC6AVg==
age: 97845
X-Firefox-Spdy: h2

main.d3sb5yas0c5mpb.amplifyapp.com/index_files/sendrolling.js

54.230.111.71

200 OK

11 kB

URL GET HTTP/2
main.d3sb5yas0c5mpb.amplifyapp.com/index_files/sendrolling.js
IP
54.230.111.71:443
ASN
#16509 AMAZON-02

Requested by
https://main.d3sb5yas0c5mpb.amplifyapp.com/
Certificate
IssuerAmazon
Subject*.d3sb5yas0c5mpb.amplifyapp.com
Fingerprint22:E9:65:D4:A7:EA:D6:29:3A:11:19:D0:83:C7:BE:C1:CB:53:84:A9
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (11442), with no line terminators
Size
11 kB (11442 bytes)
Hash
c317a5be7d65fa0c4d68d9735af020e4
ddca83a85d6a48fae9aca5993007daa525b038fd
134568be83d33ab28a55e78e8e8ac638ac6a57ff1bfc62bb5bc4e93fee39e20f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Luno
openphish	Luno
fortinet	Phishing

HTTP Headers

GET /index_files/sendrolling.js HTTP/1.1
Host: main.d3sb5yas0c5mpb.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://main.d3sb5yas0c5mpb.amplifyapp.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 29 May 2023 11:10:13 GMT
last-modified: Fri, 26 May 2023 18:21:33 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
cache-control: public, max-age=0, s-maxage=2
content-encoding: gzip
etag: W/"c317a5be7d65fa0c4d68d9735af020e4"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bGg0kH-VMLXRjJepp40W1Yl-D7_tA5xJb76herUKyTFldJyKgnm6Ag==
X-Firefox-Spdy: h2

main.d3sb5yas0c5mpb.amplifyapp.com/index_files/singular-sdk.js

54.230.111.71

200 OK

138 kB

URL GET HTTP/2
main.d3sb5yas0c5mpb.amplifyapp.com/index_files/singular-sdk.js
IP
54.230.111.71:443
ASN
#16509 AMAZON-02

Requested by
https://main.d3sb5yas0c5mpb.amplifyapp.com/
Certificate
IssuerAmazon
Subject*.d3sb5yas0c5mpb.amplifyapp.com
Fingerprint22:E9:65:D4:A7:EA:D6:29:3A:11:19:D0:83:C7:BE:C1:CB:53:84:A9
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type

Size
138 kB (138103 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Luno
fortinet	Phishing

HTTP Headers

GET /index_files/singular-sdk.js HTTP/1.1
Host: main.d3sb5yas0c5mpb.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://main.d3sb5yas0c5mpb.amplifyapp.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 29 May 2023 11:10:14 GMT
last-modified: Fri, 26 May 2023 18:21:33 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
cache-control: public, max-age=0, s-maxage=2
content-encoding: gzip
etag: W/"3b7624f0f44b75dd69fed75edf1ce836"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PJeyPrc_jyzvejFEeHb605jXuGCcENPheo0M-mvOhVyRYLfiWxukcg==
X-Firefox-Spdy: h2

main.d3sb5yas0c5mpb.amplifyapp.com/index_files/index.js

54.230.111.71

404 Not Found

89 kB

URL GET HTTP/2
main.d3sb5yas0c5mpb.amplifyapp.com/index_files/index.js
IP
54.230.111.71:443
ASN
#16509 AMAZON-02

Requested by
https://main.d3sb5yas0c5mpb.amplifyapp.com/
Certificate
IssuerAmazon
Subject*.d3sb5yas0c5mpb.amplifyapp.com
Fingerprint22:E9:65:D4:A7:EA:D6:29:3A:11:19:D0:83:C7:BE:C1:CB:53:84:A9
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type

Size
89 kB (88592 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Luno
fortinet	Phishing

HTTP Headers

GET /index_files/index.js HTTP/1.1
Host: main.d3sb5yas0c5mpb.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://main.d3sb5yas0c5mpb.amplifyapp.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
content-type: text/html
date: Mon, 29 May 2023 11:10:12 GMT
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Error from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5oijpg2U4o9q9Z0d-qYgDBhP7zH67DaN_IYDX9ldKI4ileaPd5ejrQ==
age: 1
X-Firefox-Spdy: h2

d32exi8v9av3ux.cloudfront.net/static/fonts/Fracktif-Regular.woff

54.230.245.216

200 OK

74 kB

URL GET HTTP/2
d32exi8v9av3ux.cloudfront.net/static/fonts/Fracktif-Regular.woff
IP
54.230.245.216:443
ASN
#16509 AMAZON-02

Requested by
https://main.d3sb5yas0c5mpb.amplifyapp.com/
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT

File type
Web Open Font Format, CFF, length 74184, version 0.0\012- data
Size
74 kB (74184 bytes)
Hash
685a5f0c828aa500569e378873d43d2a
2db3d39a26f1e31163ef6eb00011743a513a298c
fbff55fa35995b30857a3e31aaaf37d60e60809655b38702211dc74d94790efa

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Luno

HTTP Headers

GET /static/fonts/Fracktif-Regular.woff HTTP/1.1
Host: d32exi8v9av3ux.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://main.d3sb5yas0c5mpb.amplifyapp.com
DNT: 1
Connection: keep-alive
Referer: https://main.d3sb5yas0c5mpb.amplifyapp.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: font/woff
content-length: 74184
date: Sun, 28 May 2023 07:59:29 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Sat, 27 May 2023 02:21:41 GMT
etag: "685a5f0c828aa500569e378873d43d2a"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=604800
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dPDDOQAwOJJsymCDhrLJodOsh_ipKihUDiKewBafBVzTK0QbGER2jQ==
age: 97845
X-Firefox-Spdy: h2

fonts.gstatic.com/s/materialicons/v118/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2

142.250.74.163

200 OK

119 kB

URL GET HTTP/2
fonts.gstatic.com/s/materialicons/v118/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://main.d3sb5yas0c5mpb.amplifyapp.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT

File type
Web Open Font Format (Version 2), TrueType, length 119332, version 1.0\012- data
Size
119 kB (119332 bytes)
Hash
26d9b8829e64a086e8b97a18461ad4ca
f072b953852924633f18c79a9550424b708bdb17
0c67479abb64a499bf624ccac92a3c813fb2630e8d8a81325ddda62231e0da82

HTTP Headers

GET /s/materialicons/v118/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://main.d3sb5yas0c5mpb.amplifyapp.com/
Origin: https://main.d3sb5yas0c5mpb.amplifyapp.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 119332
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 May 2023 23:59:20 GMT
expires: Thu, 23 May 2024 23:59:20 GMT
cache-control: public, max-age=31536000
age: 385853
last-modified: Tue, 30 Nov 2021 20:45:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

d32exi8v9av3ux.cloudfront.net/static/fonts/Fracktif-SemiBold.woff

54.230.245.216

200 OK

75 kB

URL GET HTTP/2
d32exi8v9av3ux.cloudfront.net/static/fonts/Fracktif-SemiBold.woff
IP
54.230.245.216:443
ASN
#16509 AMAZON-02

Requested by
https://main.d3sb5yas0c5mpb.amplifyapp.com/
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT

File type
Web Open Font Format, CFF, length 75012, version 0.0\012- data
Size
75 kB (75012 bytes)
Hash
db0088214c43f64eca60c333838a1d1b
c266aceaf4e6095bbda572c3cefd873dc64d6b06
412b2537f5f90857519fd60ec6ad2d749f36dbde3c70172d286367f626beff83

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Luno

HTTP Headers

GET /static/fonts/Fracktif-SemiBold.woff HTTP/1.1
Host: d32exi8v9av3ux.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://main.d3sb5yas0c5mpb.amplifyapp.com
DNT: 1
Connection: keep-alive
Referer: https://main.d3sb5yas0c5mpb.amplifyapp.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: font/woff
content-length: 75012
date: Sun, 28 May 2023 07:59:29 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Sat, 27 May 2023 02:21:41 GMT
etag: "db0088214c43f64eca60c333838a1d1b"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=604800
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wkwgWg61NxCPCHPl757pSieqn00_55WtY4mIbWohB89HW2z2P4gKfQ==
age: 97845
X-Firefox-Spdy: h2

main.d3sb5yas0c5mpb.amplifyapp.com/

54.230.111.71

200 OK

89 kB

URL User Request GET HTTP/2
main.d3sb5yas0c5mpb.amplifyapp.com/
IP
54.230.111.71:443
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subject*.d3sb5yas0c5mpb.amplifyapp.com
Fingerprint22:E9:65:D4:A7:EA:D6:29:3A:11:19:D0:83:C7:BE:C1:CB:53:84:A9
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type

Size
89 kB (88592 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Luno
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: main.d3sb5yas0c5mpb.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
date: Mon, 29 May 2023 11:10:13 GMT
last-modified: Fri, 26 May 2023 18:21:33 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
cache-control: public, max-age=0, s-maxage=2
content-encoding: gzip
etag: W/"054ec3869ce4450e90c3ca1093c6cf41"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: px_ilMmaLuDtxIQLf3FVMVOsgRz5v43TRDuPI6hOtfP6jDPR9IfoIQ==
X-Firefox-Spdy: h2

main.d3sb5yas0c5mpb.amplifyapp.com/index_files/index.js

54.230.111.71

404 Not Found

89 kB

URL GET HTTP/2
main.d3sb5yas0c5mpb.amplifyapp.com/index_files/index.js
IP
54.230.111.71:443
ASN
#16509 AMAZON-02

Requested by
https://main.d3sb5yas0c5mpb.amplifyapp.com/
Certificate
IssuerAmazon
Subject*.d3sb5yas0c5mpb.amplifyapp.com
Fingerprint22:E9:65:D4:A7:EA:D6:29:3A:11:19:D0:83:C7:BE:C1:CB:53:84:A9
ValidityFri, 26 May 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT

File type

Size
89 kB (88592 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Luno
fortinet	Phishing

HTTP Headers

GET /index_files/index.js HTTP/1.1
Host: main.d3sb5yas0c5mpb.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://main.d3sb5yas0c5mpb.amplifyapp.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
content-type: text/html
date: Mon, 29 May 2023 11:10:12 GMT
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Error from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kWJZEu1gLg403v2F0U15_b8LRlzPntYQkp3Z4viOSkH7Qhk6YDDY9g==
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (39)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by