ocsp.r2m02.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash c1cb5b7ac7b319bd3e40e92da0c2df8e
d7d0248342ec792b7e69a4cf5947d0ae80291f68
f042d064b8f9d6f4c9432ff1fe74a6cb3af79c9e9d90c007c37c09728955df83
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Fri, 02 Jun 2023 02:16:39 GMT
Last-Modified: Fri, 02 Jun 2023 02:12:15 GMT
Server: ECAcc (dcb/7FD4)
X-Cache: Miss from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Jsuh5zqzSPsTe665j6TuSSUFgucTlP9kM2Q9y40Fq7brQ1NRgYCgTw==
Age: 264
ftp.phishing.guru/XZERsMGQydDFOVGhCTjJWVFpXWlFVR0l5Vm5jNGRIaHVTR0UwSzFOSVMycEZNMkZOUzFkc1FXeGlNMjFoV0VkTFpFZGhVVmd2VTBoclFWZzBSbkp5VWtGM1drVnZUMUkyU0V4cGREbHdaRTA0UjNCM1NHTkRZMFpSUldWMldpOUVNblJtVWxsek1EUkdUbEZQWmpkRGVqbEhSVmRMT1ZJNWVHRmphM0YzVkZKVGJIRjVVRmxRTW1saVZYbEZWSE53VmxSSVNEVkZXa1JDYm1OcVpXUmxja1pPWTAxVFIyWklOVEJCUFMwdGR6TnVhR2xQWlZsNVJXUkphelJRVUZwRGRsSnJRVDA5LS0wNWQ5ZDE0MjA0NmI3NDAzZjYxMTA0YTEyOThjNGI4ZGJiNzBhYTFk?cid=1563679463
44.205.155.219 557 B URL ftp.phishing.guru/XZERsMGQydDFOVGhCTjJWVFpXWlFVR0l5Vm5jNGRIaHVTR0UwSzFOSVMycEZNMkZOUzFkc1FXeGlNMjFoV0VkTFpFZGhVVmd2VTBoclFWZzBSbkp5VWtGM1drVnZUMUkyU0V4cGREbHdaRTA0UjNCM1NHTkRZMFpSUldWMldpOUVNblJtVWxsek1EUkdUbEZQWmpkRGVqbEhSVmRMT1ZJNWVHRmphM0YzVkZKVGJIRjVVRmxRTW1saVZYbEZWSE53VmxSSVNEVkZXa1JDYm1OcVpXUmxja1pPWTAxVFIyWklOVEJCUFMwdGR6TnVhR2xQWlZsNVJXUkphelJRVUZwRGRsSnJRVDA5LS0wNWQ5ZDE0MjA0NmI3NDAzZjYxMTA0YTEyOThjNGI4ZGJiNzBhYTFk?cid=1563679463
IP 44.205.155.219:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (503)
Hash 618b22ce5cfb9ac237752e49422379a3
040592301b37b0973a54605ab97eef8590ae7bcf
896dd00a71a4cf80ee87e8d4acca09677ee17ace8bb14c47e53c380baa4a3a32
GET /XZERsMGQydDFOVGhCTjJWVFpXWlFVR0l5Vm5jNGRIaHVTR0UwSzFOSVMycEZNMkZOUzFkc1FXeGlNMjFoV0VkTFpFZGhVVmd2VTBoclFWZzBSbkp5VWtGM1drVnZUMUkyU0V4cGREbHdaRTA0UjNCM1NHTkRZMFpSUldWMldpOUVNblJtVWxsek1EUkdUbEZQWmpkRGVqbEhSVmRMT1ZJNWVHRmphM0YzVkZKVGJIRjVVRmxRTW1saVZYbEZWSE53VmxSSVNEVkZXa1JDYm1OcVpXUmxja1pPWTAxVFIyWklOVEJCUFMwdGR6TnVhR2xQWlZsNVJXUkphelJRVUZwRGRsSnJRVDA5LS0wNWQ5ZDE0MjA0NmI3NDAzZjYxMTA0YTEyOThjNGI4ZGJiNzBhYTFk?cid=1563679463 HTTP/1.1
Host: ftp.phishing.guru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 02 Jun 2023 02:16:39 GMT
content-type: text/html; charset=utf-8
content-length: 557
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer-when-downgrade
etag: W/"896dd00a71a4cf80ee87e8d4acca0967"
cache-control: max-age=0, private, must-revalidate
content-security-policy:
x-request-id: f995b39f-42d8-4ecc-960b-4178754a3658
x-runtime: 0.035125
strict-transport-security: max-age=63113904; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.r2m01.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash a8979d9dabac2f9e1b6611de54d2e769
6fca099fd49de8aba2a5b77b261ef90e4e7e4324
4b38642134890a717044d4dc4b712e9fa2a160911c45560be412e0d205d1ec21
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Fri, 02 Jun 2023 02:16:40 GMT
Last-Modified: Fri, 02 Jun 2023 00:56:00 GMT
Server: ECAcc (dcb/7EDB)
X-Cache: Miss from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: lX1PPiZH7cz8a6lvQWqDCboqDimIVbzi17AeyA6k54P29ZKCLnwn4A==
Age: 4840
secured-login.net/pages/5b6e2d87961b/XZERsMGQydDFOVGhCTjJWVFpXWlFVR0l5Vm5jNGRIaHVTR0UwSzFOSVMycEZNMkZOUzFkc1FXeGlNMjFoV0VkTFpFZGhVVmd2VTBoclFWZzBSbkp5VWtGM1drVnZUMUkyU0V4cGREbHdaRTA0UjNCM1NHTkRZMFpSUldWMldpOUVNblJtVWxsek1EUkdUbEZQWmpkRGVqbEhSVmRMT1ZJNWVHRmphM0YzVkZKVGJIRjVVRmxRTW1saVZYbEZWSE53VmxSSVNEVkZXa1JDYm1OcVpXUmxja1pPWTAxVFIyWklOVEJCUFMwdGR6TnVhR2xQWlZsNVJXUkphelJRVUZwRGRsSnJRVDA5LS0wNWQ5ZDE0MjA0NmI3NDAzZjYxMTA0YTEyOThjNGI4ZGJiNzBhYTFk
3.224.189.210200 OK 485 B URL User Request GET HTTP/2 secured-login.net/pages/5b6e2d87961b/XZERsMGQydDFOVGhCTjJWVFpXWlFVR0l5Vm5jNGRIaHVTR0UwSzFOSVMycEZNMkZOUzFkc1FXeGlNMjFoV0VkTFpFZGhVVmd2VTBoclFWZzBSbkp5VWtGM1drVnZUMUkyU0V4cGREbHdaRTA0UjNCM1NHTkRZMFpSUldWMldpOUVNblJtVWxsek1EUkdUbEZQWmpkRGVqbEhSVmRMT1ZJNWVHRmphM0YzVkZKVGJIRjVVRmxRTW1saVZYbEZWSE53VmxSSVNEVkZXa1JDYm1OcVpXUmxja1pPWTAxVFIyWklOVEJCUFMwdGR6TnVhR2xQWlZsNVJXUkphelJRVUZwRGRsSnJRVDA5LS0wNWQ5ZDE0MjA0NmI3NDAzZjYxMTA0YTEyOThjNGI4ZGJiNzBhYTFk
IP 3.224.189.210:443
Certificate IssuerAmazon
Subjectsecured-login.net
Fingerprint68:42:12:AA:99:A0:F0:62:4F:06:9F:17:C7:1F:46:D8:CB:37:79:30
ValidityFri, 24 Feb 2023 00:00:00 GMT - Sun, 24 Sep 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2c42775b2a328c445b7122b571378437
1c0efd0b31bc40aa0bcf66ea226a708e1df98b70
01a432b43b929122a2c355002baf21a439b54020a72bf041b481053e3af0138b
GET /pages/5b6e2d87961b/XZERsMGQydDFOVGhCTjJWVFpXWlFVR0l5Vm5jNGRIaHVTR0UwSzFOSVMycEZNMkZOUzFkc1FXeGlNMjFoV0VkTFpFZGhVVmd2VTBoclFWZzBSbkp5VWtGM1drVnZUMUkyU0V4cGREbHdaRTA0UjNCM1NHTkRZMFpSUldWMldpOUVNblJtVWxsek1EUkdUbEZQWmpkRGVqbEhSVmRMT1ZJNWVHRmphM0YzVkZKVGJIRjVVRmxRTW1saVZYbEZWSE53VmxSSVNEVkZXa1JDYm1OcVpXUmxja1pPWTAxVFIyWklOVEJCUFMwdGR6TnVhR2xQWlZsNVJXUkphelJRVUZwRGRsSnJRVDA5LS0wNWQ5ZDE0MjA0NmI3NDAzZjYxMTA0YTEyOThjNGI4ZGJiNzBhYTFk HTTP/1.1
Host: secured-login.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ftp.phishing.guru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 02 Jun 2023 02:16:40 GMT
content-type: text/html; charset=utf-8
content-length: 485
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer-when-downgrade
etag: W/"01a432b43b929122a2c355002baf21a4"
cache-control: max-age=0, private, must-revalidate
content-security-policy:
x-request-id: 97a875b8-c8fd-4a92-813a-6f9967ab39c4
x-runtime: 0.027557
strict-transport-security: max-age=63113904; includeSubDomains; preload
X-Firefox-Spdy: h2
secured-login.net/favicon.ico
3.224.189.210200 OK 0 B URL GET HTTP/2 secured-login.net/favicon.ico
IP 3.224.189.210:443
Requested by https://secured-login.net/pages/5b6e2d87961b/XZERsMGQydDFOVGhCTjJWVFpXWlFVR0l5Vm5jNGRIaHVTR0UwSzFOSVMycEZNMkZOUzFkc1FXeGlNMjFoV0VkTFpFZGhVVmd2VTBoclFWZzBSbkp5VWtGM1drVnZUMUkyU0V4cGREbHdaRTA0UjNCM1NHTkRZMFpSUldWMldpOUVNblJtVWxsek1EUkdUbEZQWmpkRGVqbEhSVmRMT1ZJNWVHRmphM0YzVkZKVGJIRjVVRmxRTW1saVZYbEZWSE53VmxSSVNEVkZXa1JDYm1OcVpXUmxja1pPWTAxVFIyWklOVEJCUFMwdGR6TnVhR2xQWlZsNVJXUkphelJRVUZwRGRsSnJRVDA5LS0wNWQ5ZDE0MjA0NmI3NDAzZjYxMTA0YTEyOThjNGI4ZGJiNzBhYTFk
Certificate IssuerAmazon
Subjectsecured-login.net
Fingerprint68:42:12:AA:99:A0:F0:62:4F:06:9F:17:C7:1F:46:D8:CB:37:79:30
ValidityFri, 24 Feb 2023 00:00:00 GMT - Sun, 24 Sep 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: secured-login.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://secured-login.net/pages/5b6e2d87961b/XZERsMGQydDFOVGhCTjJWVFpXWlFVR0l5Vm5jNGRIaHVTR0UwSzFOSVMycEZNMkZOUzFkc1FXeGlNMjFoV0VkTFpFZGhVVmd2VTBoclFWZzBSbkp5VWtGM1drVnZUMUkyU0V4cGREbHdaRTA0UjNCM1NHTkRZMFpSUldWMldpOUVNblJtVWxsek1EUkdUbEZQWmpkRGVqbEhSVmRMT1ZJNWVHRmphM0YzVkZKVGJIRjVVRmxRTW1saVZYbEZWSE53VmxSSVNEVkZXa1JDYm1OcVpXUmxja1pPWTAxVFIyWklOVEJCUFMwdGR6TnVhR2xQWlZsNVJXUkphelJRVUZwRGRsSnJRVDA5LS0wNWQ5ZDE0MjA0NmI3NDAzZjYxMTA0YTEyOThjNGI4ZGJiNzBhYTFk
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Jun 2023 02:16:40 GMT
content-type: image/vnd.microsoft.icon
content-length: 0
last-modified: Thu, 01 Jun 2023 19:51:12 GMT
strict-transport-security: max-age=63113904; includeSubDomains; preload
X-Firefox-Spdy: h2