Report - www.landingpageredirect1.com/integration/optizmo?_redir=CiQAgbOb1ZoHHBcZZrHgii2u9NVjR9vUKGkYJxOxAHrh_v-cxXIScgAb4i-ZwMso_NK6KPE83GuWuFDvb0ZHGpGmT7QUaq9aljLYfO5nF4IB6zvA6kUsliXfphUbbD00YD9uUGM_z950whTctkLUAz9kTGl8ydYH8GXFPfR1FuL-izQ3Fe8pwGN68agScp

Report Overview

Submitted URL
www.landingpageredirect1.com/integration/optizmo?_redir=CiQAgbOb1ZoHHBcZZrHgii2u9NVjR9vUKGkYJxOxAHrh_v-cxXIScgAb4i-ZwMso_NK6KPE83GuWuFDvb0ZHGpGmT7QUaq9aljLYfO5nF4IB6zvA6kUsliXfphUbbD00YD9uUGM_z950whTctkLUAz9kTGl8ydYH8GXFPfR1FuL-izQ3Fe8pwGN68agScp
IP
34.117.79.165
ASN
#15169 GOOGLE
Submitted
2023-05-29 15:12:55
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ocsp.starfieldtech.com	6616	2003-03-06	2012-06-22	2023-05-29	672 B	4.7 kB	192.124.249.24
www.landingpageredirect1.com	unknown	2021-07-09	2021-07-09	2023-05-28	983 B	1.6 kB	34.117.79.165

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-05-29	medium	www.landingpageredirect1.com/integration/optizmo?_redir=CiQAgbOb1ZoHHBcZZrHgii2u9NVjR9vUKGkYJxOxAHrh_v-cxXIScgAb4i-ZwMso_NK6KPE83GuWuFDvb0ZHGpGmT7QUaq9aljLYfO5nF4IB6zvA6kUsliXfphUbbD00YD9uUGM_z950whTctkLUAz9kTGl8ydYH8GXFPfR1FuL-izQ3Fe8pwGN68agScp
2023-05-29	medium	www.landingpageredirect1.com/

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (4)

URL IP Response Size

ocsp.starfieldtech.com/

192.124.249.24

1.8 kB

URL
ocsp.starfieldtech.com/
IP
192.124.249.24:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1846 bytes)
Hash
9c568ffaa1d906e47e18b7684f590d6f
82b20ca80aff9247bb42de2ab5a170be489810c9
40862c0f20248c3e1f1ea3f437c65c682a945b8600066589ae2e2b18bcfd5c9f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 29 May 2023 15:12:38 GMT
Content-Type: application/ocsp-response
Content-Length: 1846
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 28 May 2023 16:07:46 GMT
Expires: Mon, 29 May 2023 16:07:46 GMT
ETag: "82b20ca80aff9247bb42de2ab5a170be489810c9"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

www.landingpageredirect1.com/integration/optizmo?_redir=CiQAgbOb1ZoHHBcZZrHgii2u9NVjR9vUKGkYJxOxAHrh_v-cxXIScgAb4i-ZwMso_NK6KPE83GuWuFDvb0ZHGpGmT7QUaq9aljLYfO5nF4IB6zvA6kUsliXfphUbbD00YD9uUGM_z950whTctkLUAz9kTGl8ydYH8GXFPfR1FuL-izQ3Fe8pwGN68agScp

34.117.79.165

204 No Content

0 B

URL User Request GET HTTP/2
www.landingpageredirect1.com/integration/optizmo?_redir=CiQAgbOb1ZoHHBcZZrHgii2u9NVjR9vUKGkYJxOxAHrh_v-cxXIScgAb4i-ZwMso_NK6KPE83GuWuFDvb0ZHGpGmT7QUaq9aljLYfO5nF4IB6zvA6kUsliXfphUbbD00YD9uUGM_z950whTctkLUAz9kTGl8ydYH8GXFPfR1FuL-izQ3Fe8pwGN68agScp
IP
34.117.79.165:443
ASN
#15169 GOOGLE

Certificate
IssuerStarfield Technologies, Inc.
Subjecthb6trk.com
Fingerprint38:3E:7B:48:0C:41:ED:AD:CC:B2:70:FE:37:BC:30:19:09:32:2B:CF
ValidityTue, 23 May 2023 16:00:41 GMT - Thu, 23 May 2024 16:00:41 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /integration/optizmo?_redir=CiQAgbOb1ZoHHBcZZrHgii2u9NVjR9vUKGkYJxOxAHrh_v-cxXIScgAb4i-ZwMso_NK6KPE83GuWuFDvb0ZHGpGmT7QUaq9aljLYfO5nF4IB6zvA6kUsliXfphUbbD00YD9uUGM_z950whTctkLUAz9kTGl8ydYH8GXFPfR1FuL-izQ3Fe8pwGN68agScp HTTP/1.1
Host: www.landingpageredirect1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx
date: Mon, 29 May 2023 15:12:38 GMT
accept-ch: Sec-Ch-Ua-Platform-Version
vary: Origin
x-eflow-request-id: 66d655f1-7cb6-4f19-ab0c-1cf4e8846845
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.starfieldtech.com/

192.124.249.24

1.8 kB

URL
ocsp.starfieldtech.com/
IP
192.124.249.24:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1846 bytes)
Hash
9c568ffaa1d906e47e18b7684f590d6f
82b20ca80aff9247bb42de2ab5a170be489810c9
40862c0f20248c3e1f1ea3f437c65c682a945b8600066589ae2e2b18bcfd5c9f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 29 May 2023 15:12:39 GMT
Content-Type: application/ocsp-response
Content-Length: 1846
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 28 May 2023 16:07:46 GMT
Expires: Mon, 29 May 2023 16:07:46 GMT
ETag: "82b20ca80aff9247bb42de2ab5a170be489810c9"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

www.landingpageredirect1.com/

34.117.79.165

1.1 kB

URL
www.landingpageredirect1.com/
IP
34.117.79.165:0
ASN
#15169 GOOGLE

Certificate
IssuerStarfield Technologies, Inc.
Subjecthb6trk.com
Fingerprint38:3E:7B:48:0C:41:ED:AD:CC:B2:70:FE:37:BC:30:19:09:32:2B:CF
ValidityTue, 23 May 2023 16:00:41 GMT - Thu, 23 May 2024 16:00:41 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.1 kB (1093 bytes)
Hash
06c162752eb53f3f96cf521841403e83
aedb7942897df887dd782679853af317743b230d
b5e774a2b98f0517db8c2938b05d51249897d4b853c39f62a5daa5e2f61cddfc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: www.landingpageredirect1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: nginx
date: Mon, 29 May 2023 15:12:41 GMT
content-type: text/html; charset=utf-8
content-length: 1093
accept-ch: Sec-Ch-Ua-Platform-Version
vary: Origin
x-eflow-request-id: 7503a6c2-6251-4e02-a464-54071e805020
Via: 1.1 google

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (4)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers