eservicebits.com/eu/landingpages/e798c67c-fdc2-4522-ab5c-ca056e37008b/4swCWrk8cDLdZfN5TTofTAUHJ3_nt_lbSRzS60yDA-A
200 OK 20 kB URL User Request GET HTTP/2 eservicebits.com/eu/landingpages/e798c67c-fdc2-4522-ab5c-ca056e37008b/4swCWrk8cDLdZfN5TTofTAUHJ3_nt_lbSRzS60yDA-A
IP
Certificate IssuerAmazon
Subjecteservicebits.com
Fingerprint22:19:AA:DD:AA:CA:C7:5D:E4:C1:21:30:90:71:82:65:85:60:C5:9E
ValidityTue, 07 Nov 2023 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (64961)
Hash 22202f3dacc97739e8c276bdc3684c5d
ab4e1d24c20ee404b669a1349b649a6ba1ede47a
a3a8818ef0720688a7e55920d2d49cec060c8278f78f3e2126684d6948087b95
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /eu/landingpages/e798c67c-fdc2-4522-ab5c-ca056e37008b/4swCWrk8cDLdZfN5TTofTAUHJ3_nt_lbSRzS60yDA-A HTTP/1.1
Host: eservicebits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf-8
content-length: 20546
date: Fri, 08 Dec 2023 11:20:33 GMT
x-amzn-requestid: fd3bb33a-1797-4ea5-8f42-fbddd829d471
content-encoding: br
x-amzn-remapped-content-length: 20546
x-amz-apigw-id: PnxQNGCVjoEEkTw=
x-amzn-trace-id: Root=1-6572fc01-6b2e7b5a60d960b86e7d60ce
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HxrCvPrAdcViVJpE6ycIh3Q7idheguSX4TubaB5-4PkLV9su_VB2eQ==
X-Firefox-Spdy: h2
ocsp.entrust.net/
1.6 kB IP
Hash b3d1b6e3e734f48b0171390f2905c01f
2ab237cc8e68c4f86293ef1f1a8f365d9fe13e75
3f45781396c7e021fab440aee3229534e338b7f9289647ef71d3b23b7121d62e
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "3F45781396C7E021FAB440AEE3229534E338B7F9289647EF71D3B23B7121D62E"
Last-Modified: Fri, 08 Dec 2023 10:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3597
Expires: Fri, 08 Dec 2023 12:20:30 GMT
Date: Fri, 08 Dec 2023 11:20:33 GMT
Connection: keep-alive
ocsp.entrust.net/
1.6 kB IP
Hash b3d1b6e3e734f48b0171390f2905c01f
2ab237cc8e68c4f86293ef1f1a8f365d9fe13e75
3f45781396c7e021fab440aee3229534e338b7f9289647ef71d3b23b7121d62e
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "3F45781396C7E021FAB440AEE3229534E338B7F9289647EF71D3B23B7121D62E"
Last-Modified: Fri, 08 Dec 2023 10:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3600
Expires: Fri, 08 Dec 2023 12:20:33 GMT
Date: Fri, 08 Dec 2023 11:20:33 GMT
Connection: keep-alive
ocsp.entrust.net/
1.6 kB IP
Hash b3d1b6e3e734f48b0171390f2905c01f
2ab237cc8e68c4f86293ef1f1a8f365d9fe13e75
3f45781396c7e021fab440aee3229534e338b7f9289647ef71d3b23b7121d62e
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "3F45781396C7E021FAB440AEE3229534E338B7F9289647EF71D3B23B7121D62E"
Last-Modified: Fri, 08 Dec 2023 10:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3546
Expires: Fri, 08 Dec 2023 12:19:39 GMT
Date: Fri, 08 Dec 2023 11:20:33 GMT
Connection: keep-alive
ocsp.entrust.net/
1.6 kB IP
Hash b3d1b6e3e734f48b0171390f2905c01f
2ab237cc8e68c4f86293ef1f1a8f365d9fe13e75
3f45781396c7e021fab440aee3229534e338b7f9289647ef71d3b23b7121d62e
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "3F45781396C7E021FAB440AEE3229534E338B7F9289647EF71D3B23B7121D62E"
Last-Modified: Fri, 08 Dec 2023 10:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3600
Expires: Fri, 08 Dec 2023 12:20:33 GMT
Date: Fri, 08 Dec 2023 11:20:33 GMT
Connection: keep-alive
content.phishinsight.trendmicro.com/content/lps/assets/system/img/ellipsis_white.svg
200 OK 915 B URL GET HTTP/2 content.phishinsight.trendmicro.com/content/lps/assets/system/img/ellipsis_white.svg
IP
Requested by https://eservicebits.com/eu/landingpages/e798c67c-fdc2-4522-ab5c-ca056e37008b/4swCWrk8cDLdZfN5TTofTAUHJ3_nt_lbSRzS60yDA-A
Certificate IssuerEntrust, Inc.
Subject*.phishinsight.trendmicro.com
Fingerprint56:60:6E:9D:00:AA:1E:D3:FD:93:1C:DD:21:78:24:D2:87:DC:75:35
ValidityTue, 18 Jul 2023 09:05:11 GMT - Sat, 17 Aug 2024 09:05:10 GMT
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (915), with no line terminators
Hash 5ac590ee72bfe06a7cecfd75b588ad73
dda2cb89a241bc424746d8cf2a22a35535094611
6075736ea9c281d69c4a3d78ff97bb61b9416a5809919babe5a0c5596f99aaea
GET /content/lps/assets/system/img/ellipsis_white.svg HTTP/1.1
Host: content.phishinsight.trendmicro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eservicebits.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 915
date: Thu, 07 Dec 2023 12:02:51 GMT
last-modified: Wed, 12 Apr 2023 07:35:29 GMT
etag: "5ac590ee72bfe06a7cecfd75b588ad73"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9FhyYfX3h_YNZ4pUq98ytsohY4cZXtDO9aTroh5QP7YShdyCLASWKg==
age: 83863
X-Firefox-Spdy: h2
content.phishinsight.trendmicro.com/content/lps/assets/system/img/owa_small.jpg
200 OK 3.0 kB URL GET HTTP/2 content.phishinsight.trendmicro.com/content/lps/assets/system/img/owa_small.jpg
IP
Requested by https://eservicebits.com/eu/landingpages/e798c67c-fdc2-4522-ab5c-ca056e37008b/4swCWrk8cDLdZfN5TTofTAUHJ3_nt_lbSRzS60yDA-A
Certificate IssuerEntrust, Inc.
Subject*.phishinsight.trendmicro.com
Fingerprint56:60:6E:9D:00:AA:1E:D3:FD:93:1C:DD:21:78:24:D2:87:DC:75:35
ValidityTue, 18 Jul 2023 09:05:11 GMT - Sat, 17 Aug 2024 09:05:10 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x28, components 3\012- data
Hash 138bcee624fa04ef9b75e86211a9fe0d
23bbcdaaebd6c9a6e57e96e44493b2212860fcab
f89e908280791803bbf1f33b596ff4a2179b355a8e15ad02ebaa2b1da11127ea
GET /content/lps/assets/system/img/owa_small.jpg HTTP/1.1
Host: content.phishinsight.trendmicro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eservicebits.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
content-length: 3006
date: Thu, 07 Dec 2023 12:02:51 GMT
last-modified: Wed, 12 Apr 2023 07:35:49 GMT
etag: "138bcee624fa04ef9b75e86211a9fe0d"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: g4DF2vFsmmvmN0-hMnumxRbCRQH_JFVnR4Mcy62zVW3o9VKB4O53TA==
age: 83864
X-Firefox-Spdy: h2
content.phishinsight.trendmicro.com/content/lps/assets/system/img/ellipsis_grey.svg
200 OK 915 B URL GET HTTP/2 content.phishinsight.trendmicro.com/content/lps/assets/system/img/ellipsis_grey.svg
IP
Requested by https://eservicebits.com/eu/landingpages/e798c67c-fdc2-4522-ab5c-ca056e37008b/4swCWrk8cDLdZfN5TTofTAUHJ3_nt_lbSRzS60yDA-A
Certificate IssuerEntrust, Inc.
Subject*.phishinsight.trendmicro.com
Fingerprint56:60:6E:9D:00:AA:1E:D3:FD:93:1C:DD:21:78:24:D2:87:DC:75:35
ValidityTue, 18 Jul 2023 09:05:11 GMT - Sat, 17 Aug 2024 09:05:10 GMT
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (915), with no line terminators
Hash 2b5d393db04a5e6e1f739cb266e65b4c
6a435df5cac3d58ccad655fe022ccf3dd4b9b721
16c3f6531d0fa5b4d16e82abf066233b2a9f284c068c663699313c09f5e8d6e6
GET /content/lps/assets/system/img/ellipsis_grey.svg HTTP/1.1
Host: content.phishinsight.trendmicro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eservicebits.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 915
date: Thu, 07 Dec 2023 12:02:51 GMT
last-modified: Wed, 12 Apr 2023 07:35:28 GMT
etag: "2b5d393db04a5e6e1f739cb266e65b4c"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 67mSZMBLntImHp1PJAhkZB36tgsIGmcnyRtZY6zmhZfMaaA0yXof2w==
age: 83864
X-Firefox-Spdy: h2
content.phishinsight.trendmicro.com/content/lps/assets/system/img/owa.jpg
200 OK 283 kB URL GET HTTP/2 content.phishinsight.trendmicro.com/content/lps/assets/system/img/owa.jpg
IP
Requested by https://eservicebits.com/eu/landingpages/e798c67c-fdc2-4522-ab5c-ca056e37008b/4swCWrk8cDLdZfN5TTofTAUHJ3_nt_lbSRzS60yDA-A
Certificate IssuerEntrust, Inc.
Subject*.phishinsight.trendmicro.com
Fingerprint56:60:6E:9D:00:AA:1E:D3:FD:93:1C:DD:21:78:24:D2:87:DC:75:35
ValidityTue, 18 Jul 2023 09:05:11 GMT - Sat, 17 Aug 2024 09:05:10 GMT
File type JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size 283 kB (283351 bytes)
Hash a5dbd4393ff6a725c7e62b61df7e72f0
55b292f885ffc92abce18750b07aa4acfa4e903e
211a907de2da0ff4a0e90917ac8054e2f35c351180977550c26e51b4909f2beb
GET /content/lps/assets/system/img/owa.jpg HTTP/1.1
Host: content.phishinsight.trendmicro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eservicebits.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
content-length: 283351
date: Thu, 07 Dec 2023 12:02:51 GMT
last-modified: Wed, 12 Apr 2023 07:35:48 GMT
etag: "a5dbd4393ff6a725c7e62b61df7e72f0"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: dX_H_e-LwHXynJpjp1c_DXkU3S5SnlJD0k2jmVtHBrfn5aWBREQQhg==
age: 83863
X-Firefox-Spdy: h2
eservicebits.com/favicon.ico
403 Forbidden 42 B URL GET HTTP/2 eservicebits.com/favicon.ico
IP
Requested by https://eservicebits.com/eu/landingpages/e798c67c-fdc2-4522-ab5c-ca056e37008b/4swCWrk8cDLdZfN5TTofTAUHJ3_nt_lbSRzS60yDA-A
Certificate IssuerAmazon
Subjecteservicebits.com
Fingerprint22:19:AA:DD:AA:CA:C7:5D:E4:C1:21:30:90:71:82:65:85:60:C5:9E
ValidityTue, 07 Nov 2023 00:00:00 GMT - Thu, 05 Dec 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 905b1fbb26e082557ff0b3b3553cda6c
8fe0790d6026998bdb2c9ffa3b915952e613e1b4
f249b63cb2fcb66b47e86f906c98f8fd912e82dd035b4e53d7e72fc1960cfd16
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /favicon.ico HTTP/1.1
Host: eservicebits.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eservicebits.com/eu/landingpages/e798c67c-fdc2-4522-ab5c-ca056e37008b/4swCWrk8cDLdZfN5TTofTAUHJ3_nt_lbSRzS60yDA-A
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 403 Forbidden
content-type: application/json
content-length: 42
date: Fri, 08 Dec 2023 11:20:34 GMT
x-amzn-requestid: 8e2edb92-5398-4d68-8961-2d29119cd961
x-amzn-errortype: MissingAuthenticationTokenException
x-amz-apigw-id: PnxQaHYCjoEEOmQ=
x-amzn-trace-id: Root=1-6572fc02-5161105e1e6d787668ceae07
x-cache: Error from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: O_eELiwAqKy3A89FJP7AEnMUergqhwxJQB6cOl7wCawxWxMzJsBOGQ==
X-Firefox-Spdy: h2
54.230.111.93
23.38.202.187