Report - inodive.us/wp-content/css/ZXhlbXBsZUBleGVtcGxlLmNvbQ==

Report Overview

Visited public
2024-07-10 12:02:06
Tags
phishing microsoft outlook
URL
inodive.us/wp-content/css/ZXhlbXBsZUBleGVtcGxlLmNvbQ==
Finishing URL
elderly-natural-sing.glitch.me/#exemple@exemple.com
IP / ASN
68.171.218.65
#22878 ASACENET1
Title
exemple - Mail
Phishing - Generic phishing
Phishing - Microsoft Outlook

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-07-08 18:12:20	2.9 kB	8.0 kB	23.36.76.226
inodive.us	unknown	2009-02-26	2018-02-07 14:28:20	2022-05-24 09:50:51	508 B	439 B	68.171.218.65
o.pki.goog	unknown	2016-06-13	2024-04-24 13:44:57	2024-07-08 18:24:16	325 B	700 B	142.250.74.131
i.ibb.co	13485	2010-07-20	2018-11-25 11:13:48	2024-07-08 21:35:22	904 B	328 kB	162.19.58.157
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2024-07-08 21:59:01	457 B	1.9 kB	142.250.74.106
ka-f.fontawesome.com	3598	2012-10-18	2019-12-17 07:36:13	2024-07-08 22:11:06	2.6 kB	296 kB	172.67.139.119
kit.fontawesome.com	1868	2012-10-18	2019-12-16 20:51:31	2024-07-08 18:19:25	467 B	13 kB	104.18.40.68
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21 01:06:24	2024-07-09 15:13:58	338 B	942 B	143.204.53.97
elderly-natural-sing.glitch.me	unknown	unknown	No data	No data	1.0 kB	166 kB	44.193.58.75
logo.clearbit.com	27344	2003-07-04	2015-06-30 18:39:45	2024-07-09 15:25:10	1.3 kB	8.9 kB	54.240.174.123

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-07-10 12:01:41	medium	Client IP	44.193.58.75	ET HUNTING Suspicious Glitch Hosted TLS SNI Request - Possible Phishing Landing
2024-07-10 12:01:41	low	Client IP	44.193.58.75	ET INFO Observed Online Application Hosting Domain (glitch .me in TLS SNI)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (4)

	URL	Size	First Seen	Last Seen
	unknown	4.2 kB	2024-07-09 21:11	2024-08-19 17:28
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-09 21:11 Last Seen2024-08-19 17:28 Times Seen53 Hash b2729272efc86b5b57fa8963eeb62312 ee6abf3347a068d400975fff1b5009fbe17a048d 8f4d38733138b80011fe6a85736a5d869c461331bcdb358f9c391877dabb78e7 Loading...

	elderly-natural-sing.glitch.me/#exemple@exemple.com	82 kB	2024-07-09 21:11	2024-08-19 17:28
Pretty URL elderly-natural-sing.glitch.me/#exemple@exemple.com IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-07-09 21:11 Last Seen2024-08-19 17:28 Times Seen53 Hash 69a6cd1dd1e0afb5ba01598f1251f724 67df007cd27c632dbaa49daa40de7559c418ac5c 7458cb6733e2e617edc3e798d3cdb1341addaa5ccf0a40ce2838a0a5de8fd89a Loading...

	kit.fontawesome.com/f6136e9b49.js	12 kB	2024-04-10 20:28	2024-08-20 05:05
Pretty URL kit.fontawesome.com/f6136e9b49.js IP 104.18.40.68 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-10 20:28 Last Seen2024-08-20 05:05 Times Seen379 Hash 95ca010d08c5ef1c7fc1dac41ffa1f4c 42b3e8e5d65b482a558b722ead345d49db0b5148 d39cccc4cd6f99a67eb05aa4f43c8ecdd9cb9fb1b7966b0a7b02b22478832124 Loading...

		Size	First Seen	Last Seen
	#1 Write - 0acdfca501e26a2114cf4294a09b3cd0	11 kB	2024-07-09 21:11	2024-08-19 17:28
Pretty Observations First Seen2024-07-09 21:11 Last Seen2024-08-19 17:28 Times Seen53 Hash 0acdfca501e26a2114cf4294a09b3cd0 9804628e215365e6ef8f384893aeaaa946d1289a 41684d1819aa4fa70b576317a06af862d44cc9bac63f50984ba836572296e576 Loading...

HTTP Transactions (26)

URL IP Response Size

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
b34ca6af54e2b9fea57d418f5d1928f7
510b69f4470789a573217726d6f1a3d6ee765460
41e6a348aac9e9db44bfa14b3aa29d411f4489b375ae1f1be6b0d280af98541d

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "41E6A348AAC9E9DB44BFA14B3AA29D411F4489B375AE1F1BE6B0D280AF98541D"
Last-Modified: Mon, 08 Jul 2024 01:53:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5252
Expires: Wed, 10 Jul 2024 13:29:11 GMT
Date: Wed, 10 Jul 2024 12:01:39 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
e08576e0904dc9903a9c20fa9e3d15b8
74feff76140500fd4a61e89c7e9d8d0a60df1183
ee690bacddf55fd12ae0c9c39e330e0a1a18776b9edc91b4aa6c5bae28824f1e

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "EE690BACDDF55FD12AE0C9C39E330E0A1A18776B9EDC91B4AA6C5BAE28824F1E"
Last-Modified: Tue, 09 Jul 2024 15:28:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21033
Expires: Wed, 10 Jul 2024 17:52:13 GMT
Date: Wed, 10 Jul 2024 12:01:40 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
e7492695b5254a3a63fcffb4f1ee8cec
0361713c6d8129210245347284c7c6babfd28fb7
5d1bc1c01894fd88a0d4680490977488d6458bb58a98ace24ef8aa103538bc1f

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "5D1BC1C01894FD88A0D4680490977488D6458BB58A98ACE24EF8AA103538BC1F"
Last-Modified: Tue, 09 Jul 2024 23:47:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16431
Expires: Wed, 10 Jul 2024 16:35:31 GMT
Date: Wed, 10 Jul 2024 12:01:40 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
fc076d7a99abd74b9da6b35304bb93e9
9d541501d5141dcf7b4d839d6fcffabec81e1a14
c86804eff01a7bb9ff866508bfdb1b071cfa4a26617d11094b9f5226e1a4b970

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "C86804EFF01A7BB9FF866508BFDB1B071CFA4A26617D11094B9F5226E1A4B970"
Last-Modified: Tue, 09 Jul 2024 16:18:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16877
Expires: Wed, 10 Jul 2024 16:42:57 GMT
Date: Wed, 10 Jul 2024 12:01:40 GMT
Connection: keep-alive

inodive.us/wp-content/css/ZXhlbXBsZUBleGVtcGxlLmNvbQ==

68.171.218.65

123 B

URL
inodive.us/wp-content/css/ZXhlbXBsZUBleGVtcGxlLmNvbQ==
IP
68.171.218.65:0
ASN
#22878 ASACENET1

File type
HTML document, ASCII text
Size
123 B (123 bytes)
Hash
dd5c1d376183e705231cf544bc77deac
f9485bcef864dae39c9c7a65984bad80b92840e0
e3accc472789f25f756c44ce0de873ca805bacd1cacf5987665e6d02627df3b7

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /wp-content/css/ZXhlbXBsZUBleGVtcGxlLmNvbQ== HTTP/1.1
Host: inodive.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 10 Jul 2024 12:01:40 GMT
Server: Apache
X-Powered-By: PHP/7.4.33
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
Content-Length: 123
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
61f15d2d834e4e25a8ce7ce11fa7d78b
d15d8ec07814a18a24fa05b16aa8771a7e28a161
6f09894109d9d84e5a050521d9b406480f1545cf92c9670985f706991817bfd8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Wed, 10 Jul 2024 12:01:41 GMT
Last-Modified: Wed, 10 Jul 2024 11:19:05 GMT
Server: ECAcc (amb/6B26)
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 22ceTTRsCzCcugAqsd5AjnS_1gwXTjH-YBAdBRg85Vj_dIKtVS2TEg==
Age: 2556

elderly-natural-sing.glitch.me/

44.193.58.75

82 kB

URL
elderly-natural-sing.glitch.me/
IP
44.193.58.75:0
ASN
#14618 AMAZON-AES

File type
JavaScript source, ASCII text, with very long lines (65500)
Size
82 kB (82529 bytes)
Hash
d44ae5223e70c5edad69e18e08891303
e3dfed10f5f3d56f0cd03a4b6c332dab0a318b86
f0f3a38d85f5db4687da40b9c1e8fd1fba14a924a95f284341b7f54f928d34eb

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET / HTTP/1.1
Host: elderly-natural-sing.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://inodive.us/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 10 Jul 2024 12:01:41 GMT
content-type: text/html; charset=utf-8
content-length: 82529
x-amz-id-2: cqg+vMdFi/xYYE9/5rbLgG09H+JxN6bDy6k0pUQhhY6J+dPOVVEUAT1rM0cSwlkHgeaK8hesAJ35z2nKCWptEBIMjX5IpSMM
x-amz-request-id: P60WXK907X9Z9HEP
last-modified: Tue, 09 Jul 2024 15:59:01 GMT
etag: "d44ae5223e70c5edad69e18e08891303"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: 8b3VbRfCWJYlN8mUlpM0T3JXMW3yAnTz
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f43ac803ddaed04e157d8f4cc47f9d30
3b124d1a4787acb012f8dba86c2682286225e6ec
fcc49c4f85feed0addfb35ac975528e62fd12609e78afb3acab0451051523e88

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 10 Jul 2024 12:01:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

i.ibb.co/7yS7TgY/1BJKFkm.png

162.19.58.157

200 OK

36 kB

URL GET HTTP/2
i.ibb.co/7yS7TgY/1BJKFkm.png
IP
162.19.58.157:443
ASN
#16276 OVH SAS

Requested by
https://elderly-natural-sing.glitch.me/#exemple@exemple.com
Certificate
IssuerLet's Encrypt
Subjectibb.co
Fingerprint5F:18:DC:78:83:E8:A9:2D:9B:15:95:2F:AC:0C:82:09:04:D5:10:6D
ValidityFri, 21 Jun 2024 07:49:37 GMT - Thu, 19 Sep 2024 07:49:36 GMT

File type
PNG image data, 1000 x 100, 8-bit/color RGBA, non-interlaced
Size
36 kB (36383 bytes)
Hash
f4f008291c3c2a0a650872b3d275333f
15a533adeb26d26fb06517a707dc1d13f2e1f7a7
a59679ee3b01c11c153681481e175b4964bdea8fc3fd8676b5fd2cffbcf38bf7

HTTP Headers

GET /7yS7TgY/1BJKFkm.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://elderly-natural-sing.glitch.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 10 Jul 2024 12:01:41 GMT
content-type: image/png
content-length: 36383
last-modified: Fri, 15 Mar 2024 16:24:11 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

i.ibb.co/nfzhv0y/ZvlG0Sw.jpg

162.19.58.157

200 OK

291 kB

URL GET HTTP/2
i.ibb.co/nfzhv0y/ZvlG0Sw.jpg
IP
162.19.58.157:443
ASN
#16276 OVH SAS

Requested by
https://elderly-natural-sing.glitch.me/#exemple@exemple.com
Certificate
IssuerLet's Encrypt
Subjectibb.co
Fingerprint5F:18:DC:78:83:E8:A9:2D:9B:15:95:2F:AC:0C:82:09:04:D5:10:6D
ValidityFri, 21 Jun 2024 07:49:37 GMT - Thu, 19 Sep 2024 07:49:36 GMT

File type
JPEG image data, progressive, precision 8, 2529x1350, components 3
Size
291 kB (290884 bytes)
Hash
efa223fc4fbf982e380696cf1e733520
f2b2d1a4fbe41dc13a4686765322dd6acd4df21a
d0eb1eeb6dcb3e4e264284cec98e59ae7c056b0f31b48db1ca582a4246a27f05

HTTP Headers

GET /nfzhv0y/ZvlG0Sw.jpg HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://elderly-natural-sing.glitch.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 10 Jul 2024 12:01:41 GMT
content-type: image/jpeg
content-length: 290884
last-modified: Fri, 15 Mar 2024 11:41:27 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:100,400,500,700

142.250.74.106

200 OK

1.2 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:100,400,500,700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://elderly-natural-sing.glitch.me/#exemple@exemple.com
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintC7:12:52:3A:BD:E0:73:20:AD:A8:5F:DF:12:DB:C6:DE:AF:63:88:6B
ValidityThu, 13 Jun 2024 16:32:33 GMT - Thu, 05 Sep 2024 16:32:32 GMT

File type
gzip compressed data, max compression
Size
1.2 kB (1243 bytes)
Hash
4f04ee2f47ceea5b58afa0db4f97dd81
7f739a52aaf1f37f63d06d9c3c72f890a9d0b1a9
9f1205fac77ff08096716674858d2d928674bf818fecbbbcebc5d1ec52bdf908

HTTP Headers

GET /css?family=Roboto:100,400,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://elderly-natural-sing.glitch.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 10 Jul 2024 12:01:41 GMT
date: Wed, 10 Jul 2024 12:01:41 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

logo.clearbit.com/exemple.com

54.240.174.123

200 OK

1.9 kB

URL GET HTTP/2
logo.clearbit.com/exemple.com
IP
54.240.174.123:443
ASN
#16509 AMAZON-02

Requested by
https://elderly-natural-sing.glitch.me/#exemple@exemple.com
Certificate
IssuerAmazon
Subjectclearbit.com
FingerprintCE:16:94:BB:21:1F:D1:5C:C5:B1:B0:D0:51:6C:C5:26:30:0D:59:72
ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
1.9 kB (1910 bytes)
Hash
b883fbaef2e124143d14bc0f7a890aff
4c3655a327afe2796bc8735de7b19af50193b62b
11b9ab36d284646f128cfec0e9507ae91d6a2ac12352959e3c3c88ea1b4f9bd1

HTTP Headers

GET /exemple.com HTTP/1.1
Host: logo.clearbit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://elderly-natural-sing.glitch.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 1910
access-control-allow-origin: *
cache-control: public, max-age=2592000
date: Tue, 02 Jul 2024 08:08:20 GMT
x-envoy-response-flags: -
server: Clearbit
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0VhZKTBeaNZbHjaPE-Lh2CnKZJPVdKCu3nof_weZwn0JYIGGa9cA8w==
age: 705202
X-Firefox-Spdy: h2

logo.clearbit.com/exemple.com

54.240.174.123

200 OK

1.9 kB

URL GET HTTP/2
logo.clearbit.com/exemple.com
IP
54.240.174.123:443
ASN
#16509 AMAZON-02

Requested by
https://elderly-natural-sing.glitch.me/#exemple@exemple.com
Certificate
IssuerAmazon
Subjectclearbit.com
FingerprintCE:16:94:BB:21:1F:D1:5C:C5:B1:B0:D0:51:6C:C5:26:30:0D:59:72
ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
1.9 kB (1910 bytes)
Hash
b883fbaef2e124143d14bc0f7a890aff
4c3655a327afe2796bc8735de7b19af50193b62b
11b9ab36d284646f128cfec0e9507ae91d6a2ac12352959e3c3c88ea1b4f9bd1

HTTP Headers

GET /exemple.com HTTP/1.1
Host: logo.clearbit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://elderly-natural-sing.glitch.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 1910
access-control-allow-origin: *
cache-control: public, max-age=2592000
date: Tue, 02 Jul 2024 08:08:20 GMT
x-envoy-response-flags: -
server: Clearbit
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3HbGoj41iMG3W1UdFrVPP3CQzYgLZXCgiIZKpUTenEaoG5gdvXfRvw==
age: 705202
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v6.5.2/webfonts/free-fa-solid-900.woff2

172.67.139.119

200 OK

156 kB

URL GET HTTP/2
ka-f.fontawesome.com/releases/v6.5.2/webfonts/free-fa-solid-900.woff2
IP
172.67.139.119:443
ASN
#13335 CLOUDFLARENET

Requested by
https://elderly-natural-sing.glitch.me/#exemple@exemple.com
Certificate
IssuerGoogle Trust Services
Subjectka-f.fontawesome.com
Fingerprint6D:72:F5:B4:68:5B:A6:B0:2B:E9:FE:83:27:B3:F4:90:E8:F3:E9:0A
ValidityMon, 01 Jul 2024 12:54:00 GMT - Sun, 29 Sep 2024 12:53:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 156388, version 773.1280
Size
156 kB (156388 bytes)
Hash
ae015e3286ef56a0daf8e83838a32a88
7c18577fd6c4e7d9036b244215ace3945372eefe
41dca0965bdfd255f85e7fc8e9a3dc1fe3eb810996c553d4ef2b8872737ee825

HTTP Headers

GET /releases/v6.5.2/webfonts/free-fa-solid-900.woff2 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://elderly-natural-sing.glitch.me
DNT: 1
Connection: keep-alive
Referer: https://elderly-natural-sing.glitch.me/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 10 Jul 2024 12:01:42 GMT
content-type: font/woff2
content-length: 156388
last-modified: Tue, 02 Apr 2024 15:51:14 GMT
etag: "ae015e3286ef56a0daf8e83838a32a88"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: fa-kit-token
access-control-max-age: 3000
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rRkhPvO0IxqE4_fyAP-icq9ssCHnAenXvhFfkY5NMRhPXejay6_CUg==
age: 60615
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fsbVu0eJNb5sdGASxpcrqG4816I2%2BUkGHznbIkQRo%2Bwkbi44a0jKgrII0fSjiuAjLD3ZdvadOc5QZ3uXx7bfTiyoJSRv4ryNLLDTtoKlGx8dAwBA9SpQ%2BNGpavvb1kFVFhCAVuheTw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8a10668eda0056a9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
d7b2c37e4b6c062d80ad32046f42d3d8
131cd5c2ca2a258c3cf11746f94cfd43a6a4f04c
317f60a1498c7b52833955e8a54a0ba66b5b8dc9e9862c2ac262b874d491fce2

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "317F60A1498C7B52833955E8A54A0BA66B5B8DC9E9862C2AC262B874D491FCE2"
Last-Modified: Mon, 08 Jul 2024 05:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9114
Expires: Wed, 10 Jul 2024 14:33:36 GMT
Date: Wed, 10 Jul 2024 12:01:42 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
d7b2c37e4b6c062d80ad32046f42d3d8
131cd5c2ca2a258c3cf11746f94cfd43a6a4f04c
317f60a1498c7b52833955e8a54a0ba66b5b8dc9e9862c2ac262b874d491fce2

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "317F60A1498C7B52833955E8A54A0BA66B5B8DC9E9862C2AC262B874D491FCE2"
Last-Modified: Mon, 08 Jul 2024 05:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9114
Expires: Wed, 10 Jul 2024 14:33:36 GMT
Date: Wed, 10 Jul 2024 12:01:42 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
d7b2c37e4b6c062d80ad32046f42d3d8
131cd5c2ca2a258c3cf11746f94cfd43a6a4f04c
317f60a1498c7b52833955e8a54a0ba66b5b8dc9e9862c2ac262b874d491fce2

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "317F60A1498C7B52833955E8A54A0BA66B5B8DC9E9862C2AC262B874D491FCE2"
Last-Modified: Mon, 08 Jul 2024 05:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9114
Expires: Wed, 10 Jul 2024 14:33:36 GMT
Date: Wed, 10 Jul 2024 12:01:42 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
d7b2c37e4b6c062d80ad32046f42d3d8
131cd5c2ca2a258c3cf11746f94cfd43a6a4f04c
317f60a1498c7b52833955e8a54a0ba66b5b8dc9e9862c2ac262b874d491fce2

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "317F60A1498C7B52833955E8A54A0BA66B5B8DC9E9862C2AC262B874D491FCE2"
Last-Modified: Mon, 08 Jul 2024 05:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9114
Expires: Wed, 10 Jul 2024 14:33:36 GMT
Date: Wed, 10 Jul 2024 12:01:42 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
d7b2c37e4b6c062d80ad32046f42d3d8
131cd5c2ca2a258c3cf11746f94cfd43a6a4f04c
317f60a1498c7b52833955e8a54a0ba66b5b8dc9e9862c2ac262b874d491fce2

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "317F60A1498C7B52833955E8A54A0BA66B5B8DC9E9862C2AC262B874D491FCE2"
Last-Modified: Mon, 08 Jul 2024 05:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9105
Expires: Wed, 10 Jul 2024 14:33:27 GMT
Date: Wed, 10 Jul 2024 12:01:42 GMT
Connection: keep-alive

kit.fontawesome.com/f6136e9b49.js

104.18.40.68

200 OK

13 kB

URL GET HTTP/2
kit.fontawesome.com/f6136e9b49.js
IP
104.18.40.68:443
ASN
#13335 CLOUDFLARENET

Requested by
https://elderly-natural-sing.glitch.me/#exemple@exemple.com
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint93:F9:69:8C:73:B0:08:60:65:F3:39:41:39:66:D3:2B:78:3A:6E:3D
ValidityMon, 04 Dec 2023 00:00:00 GMT - Fri, 03 Jan 2025 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
13 kB (12826 bytes)
Hash
61be557ba6ebb603184be9973f38e85a
d1d3ef144ae246c8dfd729b7644fd7be06a44129
c8e00783181baa9ab617288d90bf5fb5db2f5b20a1d053ddd27a00cee78d46d2

HTTP Headers

GET /f6136e9b49.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://elderly-natural-sing.glitch.me
DNT: 1
Connection: keep-alive
Referer: https://elderly-natural-sing.glitch.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 10 Jul 2024 12:01:41 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, stale-while-revalidate=30
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: F-DYPCsq7YMaHQ15a9Bi
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 8a10668bab61b515-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

elderly-natural-sing.glitch.me/

44.193.58.75

200 OK

82 kB

URL User Request GET HTTP/2
elderly-natural-sing.glitch.me/
IP
44.193.58.75:443
ASN
#14618 AMAZON-AES

Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint57:4F:13:8A:33:42:32:7C:F7:C9:C5:1F:DF:C1:35:65:F0:E9:70:EE
ValidityMon, 04 Dec 2023 00:00:00 GMT - Wed, 01 Jan 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65500)
Size
82 kB (82529 bytes)
Hash
d44ae5223e70c5edad69e18e08891303
e3dfed10f5f3d56f0cd03a4b6c332dab0a318b86
f0f3a38d85f5db4687da40b9c1e8fd1fba14a924a95f284341b7f54f928d34eb

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET / HTTP/1.1
Host: elderly-natural-sing.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://inodive.us/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 10 Jul 2024 12:01:41 GMT
content-type: text/html; charset=utf-8
content-length: 82529
x-amz-id-2: cqg+vMdFi/xYYE9/5rbLgG09H+JxN6bDy6k0pUQhhY6J+dPOVVEUAT1rM0cSwlkHgeaK8hesAJ35z2nKCWptEBIMjX5IpSMM
x-amz-request-id: P60WXK907X9Z9HEP
last-modified: Tue, 09 Jul 2024 15:59:01 GMT
etag: "d44ae5223e70c5edad69e18e08891303"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: 8b3VbRfCWJYlN8mUlpM0T3JXMW3yAnTz
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

logo.clearbit.com/inbox.com

54.240.174.123

200 OK

3.5 kB

URL GET HTTP/2
logo.clearbit.com/inbox.com
IP
54.240.174.123:443
ASN
#16509 AMAZON-02

Requested by
https://elderly-natural-sing.glitch.me/#exemple@exemple.com
Certificate
IssuerAmazon
Subjectclearbit.com
FingerprintCE:16:94:BB:21:1F:D1:5C:C5:B1:B0:D0:51:6C:C5:26:30:0D:59:72
ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT

File type
PNG image data, 128 x 34, 8-bit/color RGBA, non-interlaced
Size
3.5 kB (3487 bytes)
Hash
a4f2c54a52c942c8431fe192e201c65a
e7f8a33204cc5d41ad9d2ee4dafb96026acb2a44
d6a9a5e080fcfdf1a944b08718ad594b0af0e47b710fc99080cbdafca8e8f39e

HTTP Headers

GET /inbox.com HTTP/1.1
Host: logo.clearbit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://elderly-natural-sing.glitch.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
date: Wed, 26 Jun 2024 04:30:17 GMT
x-envoy-response-flags: -
server: Clearbit
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vFxhq8AWE01v6708Mkc30ZRxvCx_Z4ZpxLAh4MznpEtTKCpgPrJmZQ==
age: 1236683
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v6.5.2/css/free.min.css?token=f6136e9b49

172.67.139.119

200 OK

104 kB

URL GET HTTP/2
ka-f.fontawesome.com/releases/v6.5.2/css/free.min.css?token=f6136e9b49
IP
172.67.139.119:443
ASN
#13335 CLOUDFLARENET

Requested by
https://elderly-natural-sing.glitch.me/#exemple@exemple.com
Certificate
IssuerGoogle Trust Services
Subjectka-f.fontawesome.com
Fingerprint6D:72:F5:B4:68:5B:A6:B0:2B:E9:FE:83:27:B3:F4:90:E8:F3:E9:0A
ValidityMon, 01 Jul 2024 12:54:00 GMT - Sun, 29 Sep 2024 12:53:59 GMT

File type
ASCII text, with very long lines (65321)
Size
104 kB (103541 bytes)
Hash
7f29cd8c97789aa298af8c61623ca28b
af8109e0e5c8bb2c1c3ab44ba7b5d25900ca454a
3e9c73fa687cd4110688668977a7caa87f5a1dee0d11f03687bd4871deedf1c1

HTTP Headers

GET /releases/v6.5.2/css/free.min.css?token=f6136e9b49 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://elderly-natural-sing.glitch.me/
Origin: https://elderly-natural-sing.glitch.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 10 Jul 2024 12:01:42 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 02 Apr 2024 15:26:25 GMT
etag: W/"7f29cd8c97789aa298af8c61623ca28b"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: uEJJ4xDHAKAgJwmnU34oEpMEEED4ZslguxT9WTk6WPzjS4pqZRw59A==
age: 60616
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QDxzSRUpvDozjysc1Os3FUpgddlkf%2B9BoW21ba92oDD4MGbBvruQHi3mB%2FpqnHMh%2FJC4MJnf84WLG2UA%2F%2F%2BZwSwc6dm28A%2FtPRyTUCxk2mfRLCMt2ycP%2F4ziPH5t3v9%2F6gAnzSUsjg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a10668d881e56a9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v6.5.2/css/free-v4-shims.min.css?token=f6136e9b49

172.67.139.119

200 OK

28 kB

URL GET HTTP/2
ka-f.fontawesome.com/releases/v6.5.2/css/free-v4-shims.min.css?token=f6136e9b49
IP
172.67.139.119:443
ASN
#13335 CLOUDFLARENET

Requested by
https://elderly-natural-sing.glitch.me/#exemple@exemple.com
Certificate
IssuerGoogle Trust Services
Subjectka-f.fontawesome.com
Fingerprint6D:72:F5:B4:68:5B:A6:B0:2B:E9:FE:83:27:B3:F4:90:E8:F3:E9:0A
ValidityMon, 01 Jul 2024 12:54:00 GMT - Sun, 29 Sep 2024 12:53:59 GMT

File type
ASCII text, with very long lines (27377)
Size
28 kB (27592 bytes)
Hash
940b066040a876fa1dc7b2ee2d222a58
64b2aea0b4d60d879d4ff7540192a906ffc0fd92
f4e953827930889e844103c3a6771bd2e9de17d091b36378c40362271858e075

HTTP Headers

GET /releases/v6.5.2/css/free-v4-shims.min.css?token=f6136e9b49 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://elderly-natural-sing.glitch.me/
Origin: https://elderly-natural-sing.glitch.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 10 Jul 2024 12:01:42 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 02 Apr 2024 15:26:25 GMT
etag: W/"940b066040a876fa1dc7b2ee2d222a58"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wCuCRxre3KOlnJrWxRIxxOXEn5eXeO6nPRUbpnnpsOVOwAMI1BzD7w==
age: 60616
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Co%2BhU3HqEGKlsTBtuFUVYgYpBvvjGnIjmERMin6l%2FijBXWonHuRidvuSPf9oJp1Cn11FqVVoa1Ece9siwp50p5rnjGM30PcC41M6mjF6p%2BvKtTA2JxNAtrJL5ZnnWdgX8Exa1%2BcbCA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a10668d983956a9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v6.5.2/css/free-v5-font-face.min.css?token=f6136e9b49

172.67.139.119

200 OK

823 B

URL GET HTTP/2
ka-f.fontawesome.com/releases/v6.5.2/css/free-v5-font-face.min.css?token=f6136e9b49
IP
172.67.139.119:443
ASN
#13335 CLOUDFLARENET

Requested by
https://elderly-natural-sing.glitch.me/#exemple@exemple.com
Certificate
IssuerGoogle Trust Services
Subjectka-f.fontawesome.com
Fingerprint6D:72:F5:B4:68:5B:A6:B0:2B:E9:FE:83:27:B3:F4:90:E8:F3:E9:0A
ValidityMon, 01 Jul 2024 12:54:00 GMT - Sun, 29 Sep 2024 12:53:59 GMT

File type
ASCII text, with very long lines (845), with no line terminators
Size
823 B (823 bytes)
Hash
d8a0274a5097af25642c9310d6d4bb3e
61512d739400e60d9360863446eaf008395859fb
84f5ae05668bcfe4bd7447d5035e909686423e998d8dfc2c96789875ef78cdd3

HTTP Headers

GET /releases/v6.5.2/css/free-v5-font-face.min.css?token=f6136e9b49 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://elderly-natural-sing.glitch.me/
Origin: https://elderly-natural-sing.glitch.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 10 Jul 2024 12:01:42 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 02 Apr 2024 15:26:25 GMT
etag: W/"a3d53e21a02e37af6cbc00ac63b3cc1e"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: py556Y_Vt8gVeK79RRTQpepcOoAZY6m1NW2nXWn3Tsf7p6YSFifXjQ==
age: 60616
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hJBsE%2B3WamMvidIH02oI2Enk1Puxg98BDZunpcd0KteMvyiQUJK2%2FKIcIeMfVarz7fF86WUJC3WCfRbqAgGOqMR9fmhYQ48P4D88H%2FLWommsXT88EKK8jwD%2FL109kgQD5%2Fb0Khsk1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8a10668d983a56a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v6.5.2/css/free-v4-font-face.min.css?token=f6136e9b49

172.67.139.119

200 OK

1.8 kB

URL GET HTTP/2
ka-f.fontawesome.com/releases/v6.5.2/css/free-v4-font-face.min.css?token=f6136e9b49
IP
172.67.139.119:443
ASN
#13335 CLOUDFLARENET

Requested by
https://elderly-natural-sing.glitch.me/#exemple@exemple.com
Certificate
IssuerGoogle Trust Services
Subjectka-f.fontawesome.com
Fingerprint6D:72:F5:B4:68:5B:A6:B0:2B:E9:FE:83:27:B3:F4:90:E8:F3:E9:0A
ValidityMon, 01 Jul 2024 12:54:00 GMT - Sun, 29 Sep 2024 12:53:59 GMT

File type
ASCII text, with very long lines (1803), with no line terminators
Size
1.8 kB (1775 bytes)
Hash
36f549800bc029aaadd0d7ac3d1d0f54
45bfcbb57c0155a2f22a47117deae6dc87706d4a
4048a832df1b9ac88058b1964ab9c45300daf6c10b0a02d697a29d729a81ea30

HTTP Headers

GET /releases/v6.5.2/css/free-v4-font-face.min.css?token=f6136e9b49 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://elderly-natural-sing.glitch.me/
Origin: https://elderly-natural-sing.glitch.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 10 Jul 2024 12:01:42 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 02 Apr 2024 15:26:25 GMT
etag: W/"9c9f596493867f0e7ef5f9fe99103fce"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _qgb_fDqeBGHYP6PiALe7E_k8CaZxKpTH9j71FgfUM5-usQfIpFp_A==
age: 60616
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rbpWE9DIK0%2FMWfD%2FbgsvabX%2B%2F5kuOgO4S9HxK%2BGCeXjZ1VjkvgUZ8UFacHuM3BwOblA17du2zGiY78BwV9hydtf7Dx5ztwvwlDQ9TpyfqS1KDfrHIoLIQtDY3hNxh1stS2rN29jMCw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a10668d983c56a9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

HTTP Transactions (26)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN