Report - merchant.securely.us/authenticate/verify?i=renata@slurpmail.net&k=3c15e3c4213a43848a6fbb7b0143b3e0&c=73558

Report Overview

Submitted URL
merchant.securely.us/authenticate/verify?i=renata@slurpmail.net&k=3c15e3c4213a43848a6fbb7b0143b3e0&c=73558
IP
13.107.238.53
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Submitted
2023-03-31 18:57:17
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
24

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-31T18:12:09Z	333 B	391 B	34.117.237.239
api.securely.us	unknown	2023-01-20T04:24:08Z	2023-03-27T19:41:17Z	1.8 kB	3.7 kB	20.109.225.46
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-31T07:51:33Z	2.7 kB	47 kB	34.120.237.76
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-31T18:14:44Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-31T18:18:04Z	413 B	5.9 kB	34.160.144.191
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-31T21:56:16Z	341 B	646 B	192.229.221.95
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-31T18:13:52Z	606 B	127 B	35.83.98.99
merchant.securely.us	unknown	2022-10-01T20:47:03Z	2023-03-31T19:57:59Z	6.5 kB	606 kB	13.107.237.53
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-31T18:12:04Z	3.0 kB	8.0 kB	95.101.11.115

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-03-31	medium	merchant.securely.us/assets/logos/Securely-VerticalLogo-RGB.svg	Phishing
2023-03-31	medium	merchant.securely.us/Inter-Regular.d9c0f26157d26d70.woff2	Phishing
2023-03-31	medium	api.securely.us/monolith-api/application/features	Phishing
2023-03-31	medium	merchant.securely.us/main.af2f67b177d8bc1b.js	Phishing
2023-03-31	medium	api.securely.us/monolith-api/application/features	Phishing
2023-03-31	medium	api.securely.us/eapi-authentication/auth/validation/verify/login	Phishing
2023-03-31	medium	merchant.securely.us/common.11655c439a8aab52.js	Phishing
2023-03-31	medium	api.securely.us/eapi-authentication/auth/validation/verify/login	Phishing
2023-03-31	medium	merchant.securely.us/8510.a8945f8e8b18bcfb.js	Phishing
2023-03-31	medium	merchant.securely.us/131.619a1eadfc49998d.js	Phishing
2023-03-31	medium	merchant.securely.us/polyfills.780d73d063d08ee8.js	Phishing
2023-03-31	medium	merchant.securely.us/runtime.9a28a6c42956fe47.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (6)

	URL	Size	First Seen	Last Seen
	merchant.securely.us/polyfills.780d73d063d08ee8.js	37 kB	2023-03-13	2023-05-11
Pretty URL merchant.securely.us/polyfills.780d73d063d08ee8.js IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:40:17 Last Seen2023-05-11 23:20:33 Times Seen7 Hash 71afbcf37da664348ec41da562e429ac b4692ae99b1929286f96dc31541bd1671b3d26bc ffa807f50fcf20fa17c65319810b1cde8f36a13da2c16bf803c6a95b0e8a8745 Loading...

	merchant.securely.us/runtime.9a28a6c42956fe47.js	4.9 kB	2023-04-01	2023-04-01
Pretty URL merchant.securely.us/runtime.9a28a6c42956fe47.js IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 11:05:37 Last Seen2023-04-01 11:05:37 Times Seen1 Hash fe8876fd549918d4da083ae47d2a5ee9 bd8ffec7890ba4f345da7ce2ce82e5193bfbe041 b0f2932b8496f08acd1eedc6fb82b26d1a9ac9d5add8c998d687e60eccb1ec06 Loading...

	merchant.securely.us/main.af2f67b177d8bc1b.js	1.3 MB	2023-04-01	2023-04-01
Pretty URL merchant.securely.us/main.af2f67b177d8bc1b.js IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 11:05:37 Last Seen2023-04-01 11:05:37 Times Seen1 Hash d2e84b961c2f191820107b0050c7c32b fd8e912e21ed8fe49959818b8191224fe9dc48c8 b6fd873e3b467b0c5eb32f11a7ed949c56546a8e76021d7112e33401630431ed Loading...

	merchant.securely.us/131.619a1eadfc49998d.js	98 kB	2023-04-01	2023-04-01
Pretty URL merchant.securely.us/131.619a1eadfc49998d.js IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 11:05:37 Last Seen2023-04-01 11:05:37 Times Seen1 Hash b8167f15e9abb4177b5d9247126f77f9 8f271878b12c06c09fd871926b13e56384dbcd82 8b98f3e20b9fa6d4e48d3cd466099288f9931ae08f1fe6a39fea9f518c282adf Loading...

	merchant.securely.us/common.11655c439a8aab52.js	48 kB	2023-04-01	2023-04-01
Pretty URL merchant.securely.us/common.11655c439a8aab52.js IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 11:05:37 Last Seen2023-04-01 11:05:37 Times Seen1 Hash 6bc639c20a63097d07971c0b9235a349 11a6f2731b1089e66adacb26dc5a351dd60d349d f2641481410c7f7b5b3072b33c3761a91c522f05c6577a2bd2289c9e83b41f83 Loading...

	merchant.securely.us/8510.a8945f8e8b18bcfb.js	49 kB	2023-04-01	2023-04-01
Pretty URL merchant.securely.us/8510.a8945f8e8b18bcfb.js IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 11:05:37 Last Seen2023-04-01 11:05:37 Times Seen1 Hash 6f06d0765b2a839d5d4e44863966a444 4d6126ad238794d061fb2af0bcda1fc1d5a19fdf fc94f8904673c8206c7e9f8e4053cc1b1faf6dbfac38fda4496b2e5641bf8597 Loading...

HTTP Transactions (37)

URL IP Response Size

merchant.securely.us/authenticate/verify?i=renata@slurpmail.net&k=3c15e3c4213a43848a6fbb7b0143b3e0&c=73558

13.107.237.53

302 Found

0 B

URL HTTP/1.1
merchant.securely.us/authenticate/verify?i=renata@slurpmail.net&k=3c15e3c4213a43848a6fbb7b0143b3e0&c=73558
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /authenticate/verify?i=renata@slurpmail.net&k=3c15e3c4213a43848a6fbb7b0143b3e0&c=73558 HTTP/1.1
Host: merchant.securely.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Location: https://merchant.securely.us/authenticate/verify?i=renata@slurpmail.net&k=3c15e3c4213a43848a6fbb7b0143b3e0&c=73558
X-Azure-Ref: 0Ai0nZAAAAABOYvqE4kZhSZfJyi6sUuyGQ1BIMzBFREdFMDQxMwBkOGM1MTExYi0xZGFmLTQ4ZWEtYWRhZi02Y2E3NzdmMWRmMzM=
Date: Fri, 31 Mar 2023 18:57:05 GMT
Content-Length: 0

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7af19a5145a4ee99bdf18831bad04bfd
7bdd2a4785b999ef54a2644211d2b2b7190fb8e1
3237bf0111ecdec3615c4d2d49a602f48f800335d0194f52b600bdaefbd63ed0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3237BF0111ECDEC3615C4D2D49A602F48F800335D0194F52B600BDAEFBD63ED0"
Last-Modified: Thu, 30 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12951
Expires: Fri, 31 Mar 2023 22:32:57 GMT
Date: Fri, 31 Mar 2023 18:57:06 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cca063332ba9a89eadd62a8dd7f81a9b
d473b2a7a32c964599ff3bac8f98fa578f03d1d1
02fb74c7c695ad99f7f2fd7c02ae2b88e2da1c5db339f883333d9090291931dc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02FB74C7C695AD99F7F2FD7C02AE2B88E2DA1C5DB339F883333D9090291931DC"
Last-Modified: Wed, 29 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9933
Expires: Fri, 31 Mar 2023 21:42:39 GMT
Date: Fri, 31 Mar 2023 18:57:06 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
76218c893040d958ae1c4231cdd2133c
6a7b336dee91d4aec26ace0a5883ecdfac52e68f
d35492b04d16ed00e9e195e7c84c99aa6a2b8a93abeb656baae0918986f0a7e4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D35492B04D16ED00E9E195E7C84C99AA6A2B8A93ABEB656BAAE0918986F0A7E4"
Last-Modified: Wed, 29 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4492
Expires: Fri, 31 Mar 2023 20:11:58 GMT
Date: Fri, 31 Mar 2023 18:57:06 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
7f03faaba3392caae6dae54467bfdf6d
57ea1f14e8bfbcca8190c706d708c9fda12442c1
02ac551ba61fcbc6b04f244df065948b181a8a258db5c2e197aae66fdfcea8ee

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Alert, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 31 Mar 2023 18:28:25 GMT
content-type: application/json
age: 1721
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: cdH1t/RE6LCbB/BTpeTaeohp82fpvCsGk79C63tNyfUoCCj9L0xWiH+uy5GXptiwA3Z4jVzOeE8=
x-amz-request-id: VVSF6TWY9Q9P99QP
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 31 Mar 2023 18:03:26 GMT
age: 3220
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 18:57:06 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

192.229.221.95

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
89403d2634ef51fc8db83d9f6fafd823
86bd49d15156418baa7b89786578cc766910ba2d
e484b8a447c7d8203b2f06f4a989321a84fd0ad99e7bca15956b2c37864e687d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 18:57:06 GMT
Server: ECAcc (amb/6AC3)
Content-Length: 471

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Pragma, Backoff, Expires, Last-Modified, Content-Type, Alert, Retry-After, Cache-Control, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 31 Mar 2023 18:14:39 GMT
age: 2548
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b3df8c73360b4239af64e11f9d2388be
dc5463ff26615b40e4eab388052790d6c30ea5e6
877b23d16abf2e0e9f649f53747e82af0b75e8595abd71728254e612847cfdb6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "877B23D16ABF2E0E9F649F53747E82AF0B75E8595ABD71728254E612847CFDB6"
Last-Modified: Wed, 29 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17523
Expires: Fri, 31 Mar 2023 23:49:10 GMT
Date: Fri, 31 Mar 2023 18:57:07 GMT
Connection: keep-alive

merchant.securely.us/assets/logos/Securely-VerticalLogo-RGB.svg

13.107.238.53

200 OK

8.2 kB

URL HTTP/2
merchant.securely.us/assets/logos/Securely-VerticalLogo-RGB.svg
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (8176), with no line terminators
Size
8.2 kB (8176 bytes)
Hash
773eadbea5928f36cfd5e00a550daeb2
7a80a490bd714d9477c6b24cd93aa462b4f94bf3
43f96ad5783fba2a4b15e4ac3e5a39f4abf0ea75f0bf6f6645fd043ce0977d72

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/logos/Securely-VerticalLogo-RGB.svg HTTP/1.1
Host: merchant.securely.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://merchant.securely.us/authenticate/verify?i=renata@slurpmail.net&k=3c15e3c4213a43848a6fbb7b0143b3e0&c=73558
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: no-cache
content-length: 8176
content-type: image/svg+xml
last-modified: Thu, 30 Mar 2023 22:10:26 GMT
etag: "68736737"
x-cache: TCP_MISS
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-dns-prefetch-control: off
x-azure-ref-originshield: 0Ay0nZAAAAAB/T5pxj0fQQaArTOKaJN6bRlJBMjMxMDUwNDE3MDA5AGQ4YzUxMTFiLTFkYWYtNDhlYS1hZGFmLTZjYTc3N2YxZGYzMw==
x-azure-ref: 0Ay0nZAAAAADW9CiiKgH1R68EzRQW+tXwQ1BIMzBFREdFMDQwNgBkOGM1MTExYi0xZGFmLTQ4ZWEtYWRhZi02Y2E3NzdmMWRmMzM=
date: Fri, 31 Mar 2023 18:57:06 GMT
X-Firefox-Spdy: h2

merchant.securely.us/Inter-Regular.d9c0f26157d26d70.woff2

13.107.238.53

200 OK

99 kB

URL HTTP/2
merchant.securely.us/Inter-Regular.d9c0f26157d26d70.woff2
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Web Open Font Format (Version 2), TrueType, length 98888, version 1.0\012- data
Size
99 kB (98888 bytes)
Hash
11c5c6e58b259aeae260719950964fe1
e590efe6104bf378522ce0dfeaa9223c19c3e249
3d9f7e18c52f0fa73581e86ca63beba8fcb5eb5cf770661a5fd6e4e00aaed747

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /Inter-Regular.d9c0f26157d26d70.woff2 HTTP/1.1
Host: merchant.securely.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://merchant.securely.us/authenticate/verify?i=renata@slurpmail.net&k=3c15e3c4213a43848a6fbb7b0143b3e0&c=73558
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=3600
content-length: 98888
content-type: font/woff2
last-modified: Thu, 30 Mar 2023 22:10:26 GMT
etag: "68736737"
x-cache: TCP_MISS
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-dns-prefetch-control: off
x-azure-ref-originshield: 0Ay0nZAAAAAC10tAKhB11RKP3cFaacPZKRlJBMjMxMDUwNDE4MDUxAGQ4YzUxMTFiLTFkYWYtNDhlYS1hZGFmLTZjYTc3N2YxZGYzMw==
x-azure-ref: 0Ay0nZAAAAAC+0fq6UMN8ToO26uREvAgPQ1BIMzBFREdFMDQwNgBkOGM1MTExYi0xZGFmLTQ4ZWEtYWRhZi02Y2E3NzdmMWRmMzM=
date: Fri, 31 Mar 2023 18:57:06 GMT
X-Firefox-Spdy: h2

push.services.mozilla.com/

35.83.98.99

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.83.98.99:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: nP3rwiV8ThGRbqN4DyJQXA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: DGX+/R0b7u28xBT5kzYOs7l6avQ=

merchant.securely.us/src/assets/favicons/android-chrome-512x512.png

13.107.238.53

404 Not Found

14 kB

URL HTTP/2
merchant.securely.us/src/assets/favicons/android-chrome-512x512.png
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5843)
Size
14 kB (14158 bytes)
Hash
e3238b021b498580e3636f34aad37357
1579c2de3f40e592f8074050b26a71a393c32a7b
b666b978e2499f9f04ac5b2ec579e055134be152bd71b2808c1133d7bd40603e

HTTP Headers

GET /src/assets/favicons/android-chrome-512x512.png HTTP/1.1
Host: merchant.securely.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://merchant.securely.us/authenticate/verify?i=renata@slurpmail.net&k=3c15e3c4213a43848a6fbb7b0143b3e0&c=73558
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
cache-control: no-cache
content-length: 14158
content-type: text/html
last-modified: Thu, 30 Mar 2023 22:10:26 GMT
etag: "68736737"
x-cache: TCP_MISS
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-dns-prefetch-control: off
x-azure-ref-originshield: 0Ay0nZAAAAAA9az4VCsW1R7MrTjSUB/5LRlJBMjMxMDUwNDE3MDM3AGQ4YzUxMTFiLTFkYWYtNDhlYS1hZGFmLTZjYTc3N2YxZGYzMw==
x-azure-ref: 0Ay0nZAAAAAB0MxCXRYesRrEcYjgx49ewQ1BIMzBFREdFMDQwNgBkOGM1MTExYi0xZGFmLTQ4ZWEtYWRhZi02Y2E3NzdmMWRmMzM=
date: Fri, 31 Mar 2023 18:57:07 GMT
X-Firefox-Spdy: h2

merchant.securely.us/favicon.ico

13.107.238.53

200 OK

15 kB

URL HTTP/2
merchant.securely.us/favicon.ico
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
15 kB (15406 bytes)
Hash
09b525a8ce51d3a244db1ac972cc8247
dabf3272200b30871931f9201908577e91f4288d
e19422bc8f68a431bfdbc9d8e3886f1a694f9ae3037d1ff538314125ad194576

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: merchant.securely.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://merchant.securely.us/authenticate/verify?i=renata@slurpmail.net&k=3c15e3c4213a43848a6fbb7b0143b3e0&c=73558
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=3600
content-length: 15406
content-type: image/vnd.microsoft.icon
last-modified: Thu, 30 Mar 2023 22:10:26 GMT
etag: "68736737"
x-cache: TCP_MISS
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-dns-prefetch-control: off
x-azure-ref-originshield: 0Ay0nZAAAAABsgQ1RIJXjSYm1zqL2BYh4RlJBMjMxMDUwNDE3MDIxAGQ4YzUxMTFiLTFkYWYtNDhlYS1hZGFmLTZjYTc3N2YxZGYzMw==
x-azure-ref: 0Ay0nZAAAAACyEV1dVX+9TY7eiQ+cBfk6Q1BIMzBFREdFMDQwNgBkOGM1MTExYi0xZGFmLTQ4ZWEtYWRhZi02Y2E3NzdmMWRmMzM=
date: Fri, 31 Mar 2023 18:57:07 GMT
X-Firefox-Spdy: h2

api.securely.us/monolith-api/application/features

20.109.225.46

200 OK

1.2 kB

URL HTTP/1.1
api.securely.us/monolith-api/application/features
IP
20.109.225.46:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JSON data\012- , ASCII text, with very long lines (1206), with no line terminators
Size
1.2 kB (1206 bytes)
Hash
93c4d5e596b492279ccc3ea7378714e6
1cd87bea8bf5c8c809a2fb137038d23d3e6cdf64
2bf8ba292e69d33b277dd7542f8f9752f143fa140caaa3dedd49fe6ed2dbbde7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /monolith-api/application/features HTTP/1.1
Host: api.securely.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://merchant.securely.us
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 18:57:08 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 1206
Connection: keep-alive
Access-Control-Allow-Origin: *
Request-Context: appId=cid-v1:e741ea7b-3c7e-4de9-bad7-83316e9acd42

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
14539c5e0ca6ce826e62bdadad738bbd
92ce1bbc7f338d3e48e35d637513ab0aba610a98
58e8d186f5d0531c2597d267b0a92bb46909e8fa162b2b5f7fa6e50b2e0af357

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "58E8D186F5D0531C2597D267B0A92BB46909E8FA162B2B5F7FA6E50B2E0AF357"
Last-Modified: Fri, 31 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8552
Expires: Fri, 31 Mar 2023 21:19:40 GMT
Date: Fri, 31 Mar 2023 18:57:08 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
14539c5e0ca6ce826e62bdadad738bbd
92ce1bbc7f338d3e48e35d637513ab0aba610a98
58e8d186f5d0531c2597d267b0a92bb46909e8fa162b2b5f7fa6e50b2e0af357

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "58E8D186F5D0531C2597D267B0A92BB46909E8FA162B2B5F7FA6E50B2E0AF357"
Last-Modified: Fri, 31 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8552
Expires: Fri, 31 Mar 2023 21:19:40 GMT
Date: Fri, 31 Mar 2023 18:57:08 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
14539c5e0ca6ce826e62bdadad738bbd
92ce1bbc7f338d3e48e35d637513ab0aba610a98
58e8d186f5d0531c2597d267b0a92bb46909e8fa162b2b5f7fa6e50b2e0af357

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "58E8D186F5D0531C2597D267B0A92BB46909E8FA162B2B5F7FA6E50B2E0AF357"
Last-Modified: Fri, 31 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8552
Expires: Fri, 31 Mar 2023 21:19:40 GMT
Date: Fri, 31 Mar 2023 18:57:08 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
14539c5e0ca6ce826e62bdadad738bbd
92ce1bbc7f338d3e48e35d637513ab0aba610a98
58e8d186f5d0531c2597d267b0a92bb46909e8fa162b2b5f7fa6e50b2e0af357

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "58E8D186F5D0531C2597D267B0A92BB46909E8FA162B2B5F7FA6E50B2E0AF357"
Last-Modified: Fri, 31 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8552
Expires: Fri, 31 Mar 2023 21:19:40 GMT
Date: Fri, 31 Mar 2023 18:57:08 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
14539c5e0ca6ce826e62bdadad738bbd
92ce1bbc7f338d3e48e35d637513ab0aba610a98
58e8d186f5d0531c2597d267b0a92bb46909e8fa162b2b5f7fa6e50b2e0af357

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "58E8D186F5D0531C2597D267B0A92BB46909E8FA162B2B5F7FA6E50B2E0AF357"
Last-Modified: Fri, 31 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8552
Expires: Fri, 31 Mar 2023 21:19:40 GMT
Date: Fri, 31 Mar 2023 18:57:08 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4de055bc-1569-4c9a-9ff5-b5ce7d869905.jpeg

34.120.237.76

200 OK

4.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4de055bc-1569-4c9a-9ff5-b5ce7d869905.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.4 kB (4370 bytes)
Hash
41f0baa1423dbd529f6c47bd51fe708f
f09b44f30b63f5e29dd247f592147ffc6b308e72
313b769259453565919ab14410faea927a23ad75636abc57851dfe67d43ea156

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4de055bc-1569-4c9a-9ff5-b5ce7d869905.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4370
x-amzn-requestid: 5791c184-d5eb-4666-bc94-f838cd0183af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUllHrcIAMFSWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260156-15fb3d2f67359d6837df5d0d;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:30 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: SutOql3FzsHZoFN5TXMJZ1NZzBplZK1w0zNIzAN1rUQ2cKeSrCiA6w==
via: 1.1 99db15345b0e5e7ad9c267ae999b8cf4.cloudfront.net (CloudFront), 1.1 44cd593d82a2d200a94217033c614c6a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:47:50 GMT
age: 76158
etag: "f09b44f30b63f5e29dd247f592147ffc6b308e72"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b95f765-7590-4263-b0a3-4db9c87a60df.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10271 bytes)
Hash
424b55535e5fd622b2fc96aac1246324
cf7cf08aa8969a86bf03695af2129686fd62fe86
c4bb26a7b2c431282b53b4df9999b9cc8e61369a79c606688a76499b31a65127

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b95f765-7590-4263-b0a3-4db9c87a60df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10271
x-amzn-requestid: db0d1fe4-060a-4e61-90f3-ec9befee1295
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkBoXGh5oAMFfzw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424afce-2e9251552b4acdcb19e02dfc;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:38:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: 1cXec9_e-KpzyTwiHaNAaf0y5i12tw7BkZTXnduS5ek7yAAZ0LXTWw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:48:08 GMT
age: 76140
etag: "cf7cf08aa8969a86bf03695af2129686fd62fe86"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

merchant.securely.us/main.af2f67b177d8bc1b.js

13.107.238.53

200 OK

341 kB

URL HTTP/2
merchant.securely.us/main.af2f67b177d8bc1b.js
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (65536), with no line terminators
Size
341 kB (341271 bytes)
Hash
033738f734475152f734ff37b7c6614f
fc5adc6d630426cf13248dfdad240a588a41fbc6
201caf049fa042e46f0ea3e14deb7476374ac7521a33ecfb57d18b15cb6fcb1e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /main.af2f67b177d8bc1b.js HTTP/1.1
Host: merchant.securely.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://merchant.securely.us/authenticate/verify?i=renata@slurpmail.net&k=3c15e3c4213a43848a6fbb7b0143b3e0&c=73558
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=3600
content-type: text/javascript
content-encoding: br
last-modified: Thu, 30 Mar 2023 22:10:26 GMT
etag: "68736737"
vary: Accept-Encoding
x-cache: TCP_MISS
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-dns-prefetch-control: off
x-azure-ref-originshield: 0Ay0nZAAAAADIrqC6xeRBQY9+KADAPFkrRlJBMjMxMDUwNDE4MDM1AGQ4YzUxMTFiLTFkYWYtNDhlYS1hZGFmLTZjYTc3N2YxZGYzMw==
x-azure-ref: 0Ay0nZAAAAABYImb8PnpvTK4qKP1/QSvSQ1BIMzBFREdFMDQwNgBkOGM1MTExYi0xZGFmLTQ4ZWEtYWRhZi02Y2E3NzdmMWRmMzM=
date: Fri, 31 Mar 2023 18:57:06 GMT
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6350b4c-fa14-49e1-a21b-44b6f311dbdc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11061 bytes)
Hash
39bdd16276747b1445a79e674a2a3347
d0676f63738484298a78b7abf7e4934c3d256065
67aa526299060c2a39c4baa10fd03f121497dccd5e765676639ed73ac529c34b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6350b4c-fa14-49e1-a21b-44b6f311dbdc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11061
x-amzn-requestid: 428128ec-c441-4ff7-9c84-880a01672b00
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnVFnFf0IAMFTvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260223-185c48300f161931310fa35f;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:41:55 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: gc77o7y-moH1HuMEZFe9-00DVAda9baa-5VEPlMA4SIZDJNzQ8jUlA==
via: 1.1 a87682502db4b394cc6ba84510da9f98.cloudfront.net (CloudFront), 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:47:50 GMT
etag: "d0676f63738484298a78b7abf7e4934c3d256065"
content-type: image/jpeg
age: 76158
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2cbd721e-872e-4eec-8eb5-363663d0ab36.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.8 kB (5806 bytes)
Hash
8600e41520408df4865627256a0a0736
dffeaf1a8f73ae9f6247b9dc7f05301fefc00aef
9163d80d7b6087b804e6682a50d4f66339d339894cf1c5808f2e5c2e0b3de930

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2cbd721e-872e-4eec-8eb5-363663d0ab36.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5806
x-amzn-requestid: cee5b166-592b-405e-b5f1-e36eb249ec59
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUllFFooAMFQ2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260156-01840fa47177285667bca060;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:30 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: WnrfQr57EWYnXt1xJt9tr5XCuM3gPYULlDdEVpv2Q2kz7MDIPxSPKA==
via: 1.1 88a7ff956a5b49ec3a35abfc0027af12.cloudfront.net (CloudFront), 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:47:50 GMT
age: 76158
etag: "dffeaf1a8f73ae9f6247b9dc7f05301fefc00aef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba3e3682-3d0e-4ac1-8330-9ea9ebe92041.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10490 bytes)
Hash
0530376e431b6563796e4abb0db0bc4e
6921f4bd83a806e1ea8247854ad4c045fa7ee298
d6371c81d5494d5e50fd5cc1cfe1ce28213dfa70ea5a94df82c9f4b3e6430a53

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba3e3682-3d0e-4ac1-8330-9ea9ebe92041.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10490
x-amzn-requestid: 0525e5c4-485e-47eb-ab95-1136e4d5c29a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUnTEztoAMFzMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260161-54b47454475ff6ee4d880534;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:41 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: jl5cQc_Zqq5xNDMcs5jRHb3HBIjuucl-JHF126hInXrOfv_CG-UqSg==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 b4085435efbe95a420f374958bd145be.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 22:18:02 GMT
age: 74346
etag: "6921f4bd83a806e1ea8247854ad4c045fa7ee298"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

api.securely.us/monolith-api/application/features

20.109.225.46

200 OK

1.2 kB

URL HTTP/1.1
api.securely.us/monolith-api/application/features
IP
20.109.225.46:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JSON data\012- , ASCII text, with very long lines (1206), with no line terminators
Size
1.2 kB (1206 bytes)
Hash
93c4d5e596b492279ccc3ea7378714e6
1cd87bea8bf5c8c809a2fb137038d23d3e6cdf64
2bf8ba292e69d33b277dd7542f8f9752f143fa140caaa3dedd49fe6ed2dbbde7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /monolith-api/application/features HTTP/1.1
Host: api.securely.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://merchant.securely.us
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 18:57:09 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 1206
Connection: keep-alive
Access-Control-Allow-Origin: *
Request-Context: appId=cid-v1:e741ea7b-3c7e-4de9-bad7-83316e9acd42

api.securely.us/eapi-authentication/auth/validation/verify/login

20.109.225.46

200 OK

0 B

URL HTTP/1.1
api.securely.us/eapi-authentication/auth/validation/verify/login
IP
20.109.225.46:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

OPTIONS /eapi-authentication/auth/validation/verify/login HTTP/1.1
Host: api.securely.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://merchant.securely.us
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 18:57:09 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST
Request-Context: appId=cid-v1:e741ea7b-3c7e-4de9-bad7-83316e9acd42

merchant.securely.us/common.11655c439a8aab52.js

13.107.238.53

200 OK

119 kB

URL HTTP/2
merchant.securely.us/common.11655c439a8aab52.js
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (48387), with no line terminators
Size
119 kB (118886 bytes)
Hash
7bdd1259bc24321045407505f4661746
6cf766a1ae3fd031eeaee61bb44c0621032fe24e
f140b687b9e03da985c3954603adafad1bd1d7f4032e9aea6d50238e75851f86

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /common.11655c439a8aab52.js HTTP/1.1
Host: merchant.securely.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://merchant.securely.us/authenticate/verify?i=renata@slurpmail.net&k=3c15e3c4213a43848a6fbb7b0143b3e0&c=73558
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=3600
content-type: text/javascript
content-encoding: br
last-modified: Thu, 30 Mar 2023 22:10:26 GMT
etag: "68736737"
vary: Accept-Encoding
x-cache: TCP_MISS
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-dns-prefetch-control: off
x-azure-ref-originshield: 0BC0nZAAAAADNCjxKqv2KQqZxEbFVF2aMRlJBMjMxMDUwNDE4MDUzAGQ4YzUxMTFiLTFkYWYtNDhlYS1hZGFmLTZjYTc3N2YxZGYzMw==
x-azure-ref: 0BC0nZAAAAACkgsgwhfmnRLF3GV9sKIYyQ1BIMzBFREdFMDQwNgBkOGM1MTExYi0xZGFmLTQ4ZWEtYWRhZi02Y2E3NzdmMWRmMzM=
date: Fri, 31 Mar 2023 18:57:07 GMT
X-Firefox-Spdy: h2

api.securely.us/eapi-authentication/auth/validation/verify/login

20.109.225.46

400 Bad Request

225 B

URL HTTP/1.1
api.securely.us/eapi-authentication/auth/validation/verify/login
IP
20.109.225.46:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JSON data\012- , ASCII text, with no line terminators
Size
225 B (225 bytes)
Hash
5e153a0e7422e6b4bffc2e7513fd78d5
1d627020fee63d431cbc10a2ea42ed228d3b591f
cd85e78709081c88b70d75d3a3a5c039c500a7f23418ba512582c8a4d34ee7c0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /eapi-authentication/auth/validation/verify/login HTTP/1.1
Host: api.securely.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 93
Origin: https://merchant.securely.us
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/1.1 400 Bad Request
Date: Fri, 31 Mar 2023 18:57:09 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Request-Context: appId=cid-v1:e741ea7b-3c7e-4de9-bad7-83316e9acd42
Access-Control-Allow-Origin: *

merchant.securely.us/8510.a8945f8e8b18bcfb.js

13.107.238.53

200 OK

0 B

URL HTTP/2
merchant.securely.us/8510.a8945f8e8b18bcfb.js
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /8510.a8945f8e8b18bcfb.js HTTP/1.1
Host: merchant.securely.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://merchant.securely.us/authenticate/verify?i=renata@slurpmail.net&k=3c15e3c4213a43848a6fbb7b0143b3e0&c=73558
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=3600
content-type: text/javascript
content-encoding: br
last-modified: Thu, 30 Mar 2023 22:10:26 GMT
etag: "68736737"
vary: Accept-Encoding
x-cache: TCP_MISS
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-dns-prefetch-control: off
x-azure-ref-originshield: 0BC0nZAAAAAD4WnYfsqcER5pYv1Y/cdMBRlJBMjMxMDUwNDE3MDExAGQ4YzUxMTFiLTFkYWYtNDhlYS1hZGFmLTZjYTc3N2YxZGYzMw==
x-azure-ref: 0BC0nZAAAAAAXR9zH1JijRIIr7skMKzO6Q1BIMzBFREdFMDQwNgBkOGM1MTExYi0xZGFmLTQ4ZWEtYWRhZi02Y2E3NzdmMWRmMzM=
date: Fri, 31 Mar 2023 18:57:07 GMT
X-Firefox-Spdy: h2

merchant.securely.us/authenticate/verify?i=renata@slurpmail.net&k=3c15e3c4213a43848a6fbb7b0143b3e0&c=73558

13.107.238.53

200 OK

0 B

URL HTTP/2
merchant.securely.us/authenticate/verify?i=renata@slurpmail.net&k=3c15e3c4213a43848a6fbb7b0143b3e0&c=73558
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /authenticate/verify?i=renata@slurpmail.net&k=3c15e3c4213a43848a6fbb7b0143b3e0&c=73558 HTTP/1.1
Host: merchant.securely.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
cache-control: no-cache
content-type: text/html
content-encoding: br
last-modified: Thu, 30 Mar 2023 22:10:26 GMT
etag: "68736737"
vary: Accept-Encoding
x-cache: TCP_MISS
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-dns-prefetch-control: off
x-azure-ref-originshield: 0Ai0nZAAAAABXjWA7gB/aT5HKiPYJbQL9RlJBMjMxMDUwNDE4MDM3AGQ4YzUxMTFiLTFkYWYtNDhlYS1hZGFmLTZjYTc3N2YxZGYzMw==
x-azure-ref: 0Ai0nZAAAAABHXYGqTy3pSJz8g1bMLc4gQ1BIMzBFREdFMDQwNgBkOGM1MTExYi0xZGFmLTQ4ZWEtYWRhZi02Y2E3NzdmMWRmMzM=
date: Fri, 31 Mar 2023 18:57:06 GMT
X-Firefox-Spdy: h2

merchant.securely.us/131.619a1eadfc49998d.js

13.107.238.53

200 OK

0 B

URL HTTP/2
merchant.securely.us/131.619a1eadfc49998d.js
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /131.619a1eadfc49998d.js HTTP/1.1
Host: merchant.securely.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://merchant.securely.us/authenticate/verify?i=renata@slurpmail.net&k=3c15e3c4213a43848a6fbb7b0143b3e0&c=73558
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=3600
content-type: text/javascript
content-encoding: br
last-modified: Thu, 30 Mar 2023 22:10:26 GMT
etag: "68736737"
vary: Accept-Encoding
x-cache: TCP_MISS
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-dns-prefetch-control: off
x-azure-ref-originshield: 0BC0nZAAAAABi1/mO+cU3Qq7GfdQrduTlRlJBMjMxMDUwNDE4MDE3AGQ4YzUxMTFiLTFkYWYtNDhlYS1hZGFmLTZjYTc3N2YxZGYzMw==
x-azure-ref: 0BC0nZAAAAACyYRK20vKGR6Fy3tjyPnc+Q1BIMzBFREdFMDQwNgBkOGM1MTExYi0xZGFmLTQ4ZWEtYWRhZi02Y2E3NzdmMWRmMzM=
date: Fri, 31 Mar 2023 18:57:07 GMT
X-Firefox-Spdy: h2

merchant.securely.us/polyfills.780d73d063d08ee8.js

13.107.238.53

200 OK

0 B

URL HTTP/2
merchant.securely.us/polyfills.780d73d063d08ee8.js
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /polyfills.780d73d063d08ee8.js HTTP/1.1
Host: merchant.securely.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://merchant.securely.us/authenticate/verify?i=renata@slurpmail.net&k=3c15e3c4213a43848a6fbb7b0143b3e0&c=73558
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=3600
content-type: text/javascript
content-encoding: br
last-modified: Thu, 30 Mar 2023 22:10:26 GMT
etag: "68736737"
vary: Accept-Encoding
x-cache: TCP_MISS
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-dns-prefetch-control: off
x-azure-ref-originshield: 0Ay0nZAAAAACjH7D529zqQKiPaDBN3yDnRlJBMjMxMDUwNDE3MDM1AGQ4YzUxMTFiLTFkYWYtNDhlYS1hZGFmLTZjYTc3N2YxZGYzMw==
x-azure-ref: 0Ay0nZAAAAADQYrbnkwK4SK18VcTLHWp2Q1BIMzBFREdFMDQwNgBkOGM1MTExYi0xZGFmLTQ4ZWEtYWRhZi02Y2E3NzdmMWRmMzM=
date: Fri, 31 Mar 2023 18:57:06 GMT
X-Firefox-Spdy: h2

merchant.securely.us/runtime.9a28a6c42956fe47.js

13.107.238.53

200 OK

0 B

URL HTTP/2
merchant.securely.us/runtime.9a28a6c42956fe47.js
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /runtime.9a28a6c42956fe47.js HTTP/1.1
Host: merchant.securely.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://merchant.securely.us/authenticate/verify?i=renata@slurpmail.net&k=3c15e3c4213a43848a6fbb7b0143b3e0&c=73558
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=3600
content-type: text/javascript
content-encoding: br
last-modified: Thu, 30 Mar 2023 22:10:26 GMT
etag: "68736737"
vary: Accept-Encoding
x-cache: TCP_MISS
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-dns-prefetch-control: off
x-azure-ref-originshield: 0Ay0nZAAAAAAMFkm8CTdbRLdLafHaqrumRlJBMjMxMDUwNDE4MDE5AGQ4YzUxMTFiLTFkYWYtNDhlYS1hZGFmLTZjYTc3N2YxZGYzMw==
x-azure-ref: 0Ay0nZAAAAAAQ3rRavwUHQYEPiDrcKJ1lQ1BIMzBFREdFMDQwNgBkOGM1MTExYi0xZGFmLTQ4ZWEtYWRhZi02Y2E3NzdmMWRmMzM=
date: Fri, 31 Mar 2023 18:57:06 GMT
X-Firefox-Spdy: h2

merchant.securely.us/styles.9db2459e8af142a0.css

13.107.238.53

200 OK

0 B

URL HTTP/2
merchant.securely.us/styles.9db2459e8af142a0.css
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /styles.9db2459e8af142a0.css HTTP/1.1
Host: merchant.securely.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://merchant.securely.us/authenticate/verify?i=renata@slurpmail.net&k=3c15e3c4213a43848a6fbb7b0143b3e0&c=73558
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=3600
content-type: text/css
content-encoding: br
last-modified: Thu, 30 Mar 2023 22:10:26 GMT
etag: "68736737"
vary: Accept-Encoding
x-cache: TCP_MISS
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-dns-prefetch-control: off
x-azure-ref-originshield: 0Ay0nZAAAAADczxvFV1y5QaWRln4JvSPHRlJBMjMxMDUwNDE3MDIzAGQ4YzUxMTFiLTFkYWYtNDhlYS1hZGFmLTZjYTc3N2YxZGYzMw==
x-azure-ref: 0Ay0nZAAAAAC3MfMqLD2MT5w57FkVrFhjQ1BIMzBFREdFMDQwNgBkOGM1MTExYi0xZGFmLTQ4ZWEtYWRhZi02Y2E3NzdmMWRmMzM=
date: Fri, 31 Mar 2023 18:57:06 GMT
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (37)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type