apiservices.krxd.net/click_tracker/track?kxconfid=whjxbtb0h&kxcampaignid=P.C.C-Class.W206.L.MI&kxplacementid=module2findmycar&kxbrand=MB&clk=https://rb.gy/7b7tmf
302 Found 0 B URL User Request GET HTTP/2 apiservices.krxd.net/click_tracker/track?kxconfid=whjxbtb0h&kxcampaignid=P.C.C-Class.W206.L.MI&kxplacementid=module2findmycar&kxbrand=MB&clk=https://rb.gy/7b7tmf
IP
Certificate IssuerDigiCert Inc
Subjectapiservices.krxd.net
Fingerprint53:93:0A:7C:24:88:FC:B5:00:CA:05:1F:DF:E2:2A:AC:14:DF:45:B4
ValidityFri, 10 Feb 2023 00:00:00 GMT - Fri, 09 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click_tracker/track?kxconfid=whjxbtb0h&kxcampaignid=P.C.C-Class.W206.L.MI&kxplacementid=module2findmycar&kxbrand=MB&clk=https://rb.gy/7b7tmf HTTP/1.1
Host: apiservices.krxd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
location: https://rb.gy/7b7tmf
age: 0
via: 1.1 varnish (Varnish/5.2), 1.1 varnish
accept-ranges: bytes
date: Tue, 05 Dec 2023 07:25:45 GMT
x-served-by: click-tracker-a014-ash-prod.krxd.net, cache-bma1637-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1701761145.765683,VS0,VE400
content-length: 0
X-Firefox-Spdy: h2
301 Moved Permanently 0 B URL User Request GET HTTP/2 IP
Certificate IssuerAmazon
Subjectrb.gy
FingerprintDB:A6:0C:96:5D:05:26:D6:95:BF:CD:A8:79:39:3C:DA:CC:7E:93:A5
ValiditySat, 19 Aug 2023 00:00:00 GMT - Mon, 16 Sep 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /7b7tmf HTTP/1.1
Host: rb.gy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Tue, 05 Dec 2023 07:25:45 GMT
content-length: 0
location: http://mighty-utopian-treatment.glitch.me/
cache-control: no-cache, no-store
expires: -1
engine: Rebrandly.redirect, version 2.1
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
mighty-utopian-treatment.glitch.me/
403 Forbidden 2.0 kB URL User Request GET HTTP/1.1 mighty-utopian-treatment.glitch.me/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9c6ed583be732964d899183013223b90
fbe60367f8d9bbd8c3c323ecb33df3035dda9b47
624bfbac162df7e0e2ff4af0f8344cf20465734cf62ca9b345cf10d5d775e3b1
NIDS Severity Alert suricata medium ET HUNTING Suspicious Glitch Hosted GET Request - Possible Phishing Landing
GET / HTTP/1.1
Host: mighty-utopian-treatment.glitch.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Tue, 05 Dec 2023 07:25:45 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1965
Connection: keep-alive
Cache-Control: max-age=0
ETag: W/"7ad-++YDZ/jZu9jDwyPssz3zA13am0c"
cdn.glitch.com/d7f4f279-e13b-4330-8422-00b2d9211424%2FGlitch-Error-Rainbow-Mug-hires.png?v=1595481653593
301 Moved Permanently 0 B URL GET HTTP/1.1 cdn.glitch.com/d7f4f279-e13b-4330-8422-00b2d9211424%2FGlitch-Error-Rainbow-Mug-hires.png?v=1595481653593
IP
Requested by http://mighty-utopian-treatment.glitch.me/
Certificate IssuerAmazon
Subjectglitch.com
Fingerprint57:4F:13:8A:33:42:32:7C:F7:C9:C5:1F:DF:C1:35:65:F0:E9:70:EE
ValidityMon, 04 Dec 2023 00:00:00 GMT - Wed, 01 Jan 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /d7f4f279-e13b-4330-8422-00b2d9211424%2FGlitch-Error-Rainbow-Mug-hires.png?v=1595481653593 HTTP/1.1
Host: cdn.glitch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mighty-utopian-treatment.glitch.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Content-Length: 0
Connection: keep-alive
Date: Tue, 05 Dec 2023 01:00:02 GMT
Location: https://cdn.glitch.me/d7f4f279-e13b-4330-8422-00b2d9211424%2FGlitch-Error-Rainbow-Mug-hires.png
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: h7thiu5_ivtH0S172UFa3PvuqFDx7VCHXJ8db-MNQRyAfEjveM_Ujg==
Age: 23145
Vary: Origin
cloud.typenetwork.com/css/3a8e55c6-b1f3-4659-99eb-125ae72bd084.css
301 Moved Permanently 0 B URL GET HTTP/2 cloud.typenetwork.com/css/3a8e55c6-b1f3-4659-99eb-125ae72bd084.css
IP
Requested by http://mighty-utopian-treatment.glitch.me/
Certificate IssuerLet's Encrypt
Subjectcloud.typenetwork.com
FingerprintEF:1B:EF:6F:22:8F:04:2C:D6:C0:0D:11:C1:6C:58:14:9B:3F:DD:AC
ValidityWed, 18 Oct 2023 14:32:16 GMT - Tue, 16 Jan 2024 14:32:15 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /css/3a8e55c6-b1f3-4659-99eb-125ae72bd084.css HTTP/1.1
Host: cloud.typenetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://mighty-utopian-treatment.glitch.me/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
content-type: text/html; charset=utf-8
location: ../projects/5027/fontface.css/
x-content-type-options: nosniff
referrer-policy: same-origin
cross-origin-opener-policy: same-origin
x-frame-options: DENY
cache-control: max-age=28800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AZBBntxxMmUI3ITgZ6wezfQY1y8RxjZhdcCZnGYX92qeFZ24aBGZvejyunrkSinx2IqriNvn9Sy6I5oRtzVSw7yhuLvSdMLHDHS1mbwwuOFzBXS4RyB7abDZ4E3fa895yy1z50s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82c827cbdec443af-EWR
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 05 Dec 2023 07:25:46 GMT
age: 696271
x-served-by: cache-ewr18138-EWR, cache-bma1683-BMA
x-cache: HIT, HIT
x-cache-hits: 1108, 2
x-timer: S1701761146.246274,VS0,VE0
vary: Origin
access-control-allow-origin: *
content-length: 0
X-Firefox-Spdy: h2
cdn.glitch.me/d7f4f279-e13b-4330-8422-00b2d9211424%2FGlitch-Error-Rainbow-Mug-hires.png
200 OK 170 kB URL GET HTTP/1.1 cdn.glitch.me/d7f4f279-e13b-4330-8422-00b2d9211424%2FGlitch-Error-Rainbow-Mug-hires.png
IP
Requested by http://mighty-utopian-treatment.glitch.me/
Certificate IssuerAmazon
Subjectglitch.com
Fingerprint57:4F:13:8A:33:42:32:7C:F7:C9:C5:1F:DF:C1:35:65:F0:E9:70:EE
ValidityMon, 04 Dec 2023 00:00:00 GMT - Wed, 01 Jan 2025 23:59:59 GMT
File type PNG image data, 2064 x 1247, 8-bit/color RGB, non-interlaced\012- data
Size 170 kB (170377 bytes)
Hash a002b1fa4cf220520bebb230b1b68a80
54498b85a95b9c3e118234471c390e7ba8d92f8e
22906a0f005949f275550013b9308673372a120f6c5e49145ac520658114f158
GET /d7f4f279-e13b-4330-8422-00b2d9211424%2FGlitch-Error-Rainbow-Mug-hires.png HTTP/1.1
Host: cdn.glitch.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://mighty-utopian-treatment.glitch.me/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 170377
Connection: keep-alive
Date: Sun, 08 Oct 2023 18:36:40 GMT
Cache-Control: max-age=31536000
Last-Modified: Thu, 23 Jul 2020 05:20:52 GMT
ETag: "a002b1fa4cf220520bebb230b1b68a80"
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: F9PKd4HswPUqxW7XRckgiuwgawb6muAGUrxbuTWSsGpL4a_oqwP9kA==
Age: 4970947
Content-Security-Policy: script-src 'none'
Vary: Origin
cloud.typenetwork.com/projects/5027/fontface.css/
200 OK 889 B URL GET HTTP/2 cloud.typenetwork.com/projects/5027/fontface.css/
IP
Requested by http://mighty-utopian-treatment.glitch.me/
Certificate IssuerLet's Encrypt
Subjectcloud.typenetwork.com
FingerprintEF:1B:EF:6F:22:8F:04:2C:D6:C0:0D:11:C1:6C:58:14:9B:3F:DD:AC
ValidityWed, 18 Oct 2023 14:32:16 GMT - Tue, 16 Jan 2024 14:32:15 GMT
Hash c1f564683671e119787de2d62eaa0be6
49f8c0714f2c9241805f5bd7c3ee62d8c93eea30
f6fbbd2d1d1f778b41193cd8aaae3c6dca6a6071d429d1f87a005370e958511e
GET /projects/5027/fontface.css/ HTTP/1.1
Host: cloud.typenetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 06 Apr 2023 18:24:07 GMT
x-rgw-object-type: Normal
etag: "c1f564683671e119787de2d62eaa0be6"
x-amz-meta-surrogate-control: max-age=604800
x-amz-meta-surrogate-keys: license-248733 license-248734 license-248735 projectlicense-26551 projectlicense-26552 projectlicense-26553 project-5027
x-amz-meta-tn-allowed-domains: hyperweb.space localhost hw-dev cdnjs.cloudflare.com hyperdev.com hyperdev.space hyper.dev hyperdev.localhost hyper.development hyperdev.development gomix.com gomix.me gomix.development glitch.com glitch.me glitch.development manuscript.com
x-amz-request-id: tx000009c84a2e31db3ec5a-006551a8fd-7a12c4b1-nyc3c
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: e0b8e117-600f-44bb-8bea-69893ced3820
cache-control: max-age=600
x-envoy-upstream-healthchecked-cluster:
cf-cache-status: REVALIDATED
set-cookie: __cf_bm=B86ZK0CjOVOX2d80RUlygG.c38PjRIgp9.zR1B2uXcs-1699966143-0-ARVJeCkZfalKgw0erO2YSrVANZ9otLiHgG5b+41jfTb002hfgBzCmTRkjt/JBcFzm/JnT23Gua4uIec0YbhA68I=; path=/; expires=Tue, 14-Nov-23 13:19:03 GMT; domain=.digitaloceanspaces.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 825f5f4ccef62df7-ARN
accept-ranges: bytes
date: Tue, 05 Dec 2023 07:25:46 GMT
via: 1.1 varnish
age: 585309
x-served-by: cache-bma1683-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1701761146.348735,VS0,VE0
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-origin: *
content-length: 889
X-Firefox-Spdy: h2
mighty-utopian-treatment.glitch.me/favicon.ico
403 Forbidden 2.0 kB URL GET HTTP/1.1 mighty-utopian-treatment.glitch.me/favicon.ico
IP
Requested by http://mighty-utopian-treatment.glitch.me/
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9c6ed583be732964d899183013223b90
fbe60367f8d9bbd8c3c323ecb33df3035dda9b47
624bfbac162df7e0e2ff4af0f8344cf20465734cf62ca9b345cf10d5d775e3b1
GET /favicon.ico HTTP/1.1
Host: mighty-utopian-treatment.glitch.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mighty-utopian-treatment.glitch.me/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Tue, 05 Dec 2023 07:25:46 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1965
Connection: keep-alive
Cache-Control: max-age=0
ETag: W/"7ad-++YDZ/jZu9jDwyPssz3zA13am0c"
cloud.webtype.com/css/3a8e55c6-b1f3-4659-99eb-125ae72bd084.css
301 Moved Permanently 889 B URL GET HTTP/2 cloud.webtype.com/css/3a8e55c6-b1f3-4659-99eb-125ae72bd084.css
IP
Requested by http://mighty-utopian-treatment.glitch.me/
Certificate IssuerLet's Encrypt
Subjectwebtype.com
Fingerprint69:CF:9D:3E:D6:4B:DB:F1:48:0B:CC:5C:C3:B1:5C:CB:56:4A:24:70
ValiditySun, 29 Oct 2023 11:01:33 GMT - Sat, 27 Jan 2024 11:01:32 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /css/3a8e55c6-b1f3-4659-99eb-125ae72bd084.css HTTP/1.1
Host: cloud.webtype.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mighty-utopian-treatment.glitch.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Tue, 05 Dec 2023 07:25:46 GMT
location: https://cloud.typenetwork.com/css/3a8e55c6-b1f3-4659-99eb-125ae72bd084.css
cache-control: max-age=3600
expires: Tue, 05 Dec 2023 08:25:46 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nCp16%2BFdsJ6WnshkXQf8cLT5zh%2BAoU4Lpy7vnr5mYq5kTMuF6ytohIzCZelU8T08Czbwb9Wf8m9tgq%2FpbGMfn73IWkO51E03J7wf6GkvEkRxENdgQTOF89Zqg8ZJUoMIwgz3ig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830a8e9b8f34b523-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
151.101.130.133
188.114.97.1