| encrypt2.ink/kunde/SwissPass1/f/signin.php | 188.114.97.1 | 403 Forbidden | 0 B |
URL User Request GET HTTP/3encrypt2.ink/kunde/SwissPass1/f/signin.php IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectencrypt2.ink Fingerprint92:16:CA:59:50:48:98:FE:95:7A:00:AC:BD:19:57:24:F9:29:BC:EC ValiditySat, 09 Mar 2024 10:46:07 GMT - Fri, 07 Jun 2024 10:46:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | PhishTank | phishing | Other | Quad9 DNS | malicious | Sinkholed |
GET /kunde/SwissPass1/f/signin.php HTTP/1.1
Host: encrypt2.ink
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: 57-Fooj8A29FBL18EFMai6HDj28=qxeyLumGVVD5RqTgPjFKbRqPTXY; RnsjdMmH71G-e7FfNact0IGOu9I=1711720943; NQ6mnCBHIUANRnvOtD_K0VDKmoU=1711807343; sHuI58fubJcKksf6kmf5WslqEGg=DKOHgIvnNtvu1KjfXFegp5VNwv8; Z-XKvKub1BC04_sx8ljqTnDDwkE=oiMfo4vZLlDfYQXd1oT7zdYNyJw
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Fri, 29 Mar 2024 14:02:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 29 Mar 2024 15:02:25 GMT
Location: https://encrypt2.ink/kunde/SwissPass1/f/signin.php
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AdAqlArAl%2FAO5GospamucJYkulLBlK70Qt7WFJ89ARp%2Fac%2B03cN0b2cYO4M19bLR%2FXt5rynZKbfeoC1cSOvli3IWTniuVC9W%2B485GmLUtntN3ztKHllkb%2FlL8dGDidI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 86c065c78ecf5695-OSL
alt-svc: h2=":443"; ma=60
|
| encrypt2.ink/cdn-cgi/challenge-platform/scripts/jsd/main.js | 188.114.96.1 | | 0 B |
URL encrypt2.ink/cdn-cgi/challenge-platform/scripts/jsd/main.js IP188.114.96.1:0
CertificateIssuerGoogle Trust Services LLC Subjectencrypt2.ink Fingerprint92:16:CA:59:50:48:98:FE:95:7A:00:AC:BD:19:57:24:F9:29:BC:EC ValiditySat, 09 Mar 2024 10:46:07 GMT - Fri, 07 Jun 2024 10:46:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: encrypt2.ink
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: 57-Fooj8A29FBL18EFMai6HDj28=qxeyLumGVVD5RqTgPjFKbRqPTXY; RnsjdMmH71G-e7FfNact0IGOu9I=1711720943; NQ6mnCBHIUANRnvOtD_K0VDKmoU=1711807343; sHuI58fubJcKksf6kmf5WslqEGg=DKOHgIvnNtvu1KjfXFegp5VNwv8; Z-XKvKub1BC04_sx8ljqTnDDwkE=oiMfo4vZLlDfYQXd1oT7zdYNyJw; WcoF9fFOQOgMZ-Tqcqt7yNnPPfI=lkLPZiL_UVgRTxwDers97UXe5XU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
date: Fri, 29 Mar 2024 14:02:26 GMT
content-length: 0
cache-control: max-age=300, public
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=veNojMQP9Ds4f5xWfFuYPHk5X3%2BOy14hhFEi4URcCLtMRMdJ6qQUtLhl5oE7Cl0w7kBxiwgeJYVDQqZS%2FlulgkmU9%2BTtxCE05L4r9UUf3vzdBd4wMH6MzTOx%2BrAsGwE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c065ca4bad56cb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
| encrypt2.ink/kunde/SwissPass1/f/signin.php | 188.114.96.1 | 403 Forbidden | 0 B |
URL User Request GET HTTP/3encrypt2.ink/kunde/SwissPass1/f/signin.php IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectencrypt2.ink Fingerprint92:16:CA:59:50:48:98:FE:95:7A:00:AC:BD:19:57:24:F9:29:BC:EC ValiditySat, 09 Mar 2024 10:46:07 GMT - Fri, 07 Jun 2024 10:46:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | PhishTank | phishing | Other | Quad9 DNS | malicious | Sinkholed |
POST /kunde/SwissPass1/f/signin.php HTTP/1.1
Host: encrypt2.ink
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
QnTY1ZL1dSr0jx54O2jU0zYB9DM: 48272352
X-Requested-with: XMLHttpRequest
X-Requested-TimeStamp:
X-Requested-TimeStamp-Expire:
X-Requested-TimeStamp-Combination:
X-Requested-Type: GET
X-Requested-Type-Combination: GET
eXD7gw0TregfzofKOi45Mj802u8: ad7UEJZfklqFROKTe02czoTRi8
Content-type: application/x-www-form-urlencoded
Content-Length: 22
Origin: https://encrypt2.ink
DNT: 1
Connection: keep-alive
Referer: https://encrypt2.ink/kunde/SwissPass1/f/signin.php
Cookie: 57-Fooj8A29FBL18EFMai6HDj28=qxeyLumGVVD5RqTgPjFKbRqPTXY; RnsjdMmH71G-e7FfNact0IGOu9I=1711720943; NQ6mnCBHIUANRnvOtD_K0VDKmoU=1711807343; sHuI58fubJcKksf6kmf5WslqEGg=DKOHgIvnNtvu1KjfXFegp5VNwv8; Z-XKvKub1BC04_sx8ljqTnDDwkE=oiMfo4vZLlDfYQXd1oT7zdYNyJw; WcoF9fFOQOgMZ-Tqcqt7yNnPPfI=lkLPZiL_UVgRTxwDers97UXe5XU
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Fri, 29 Mar 2024 14:02:26 GMT
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block, 1; mode=block
set-cookie: TO7jiCmt50phd8RMEFPfBZX953k=xGvcNAUiktZj2YWAIWEVXrdZ9fc; path=/; expires=Sat, 30-Mar-24 14:02:24 GMT; Max-Age=86400;
n5Qa-0stilPCf8QXlcCNkE22ubE=1711720944; path=/; expires=Sat, 30-Mar-24 14:02:24 GMT; Max-Age=86400;
dNaKwKHB2knHIMt_XxYj3B-VQpU=1711807344; path=/; expires=Sat, 30-Mar-24 14:02:24 GMT; Max-Age=86400;
wxADWqOUlksabHJZpfrKgUHPQ88=zkU1e42hC0LUkorVzzrv-6iXgdg; path=/; expires=Sat, 30-Mar-24 14:02:24 GMT; Max-Age=86400;
NKd7lZi-RpfZregmaR-4Lo1eloY=SuMLN8MEgkfpDWwafFWpWrlA_8E; path=/; expires=Sat, 30-Mar-24 14:02:24 GMT; Max-Age=86400;
x-frame-options: SAMEORIGIN
cache-control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: 0
x-server-powered-by: Engintron
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GM8ScLkdZZ2jetfsC%2BjZxsYALQtrEJl61v1KBHR0KN9vfDCzytaSg3BY5AfOespauXyINunEGZ3Wpyd3wOUyfJ%2BKGxfcei4UvpLhUOgBajyVJobI3Ftn4pznZ%2BKFcXU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c065ca4bab56cb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
IP188.114.96.1:443
Requested byhttps://encrypt2.ink/kunde/SwissPass1/f/signin.php CertificateIssuerGoogle Trust Services LLC Subjectencrypt2.ink Fingerprint92:16:CA:59:50:48:98:FE:95:7A:00:AC:BD:19:57:24:F9:29:BC:EC ValiditySat, 09 Mar 2024 10:46:07 GMT - Fri, 07 Jun 2024 10:46:06 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashbc56979a0b381a791dd59713198a87fb 6c665dcfb0303a67024de3d694f810669ae188e2 1d08335e65da7cf40d1c4a7ba0088e0f39b9c5a4b2e42de95fc9ffa69fb96c7a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: encrypt2.ink
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://encrypt2.ink/kunde/SwissPass1/f/signin.php
Cookie: 57-Fooj8A29FBL18EFMai6HDj28=qxeyLumGVVD5RqTgPjFKbRqPTXY; RnsjdMmH71G-e7FfNact0IGOu9I=1711720943; NQ6mnCBHIUANRnvOtD_K0VDKmoU=1711807343; sHuI58fubJcKksf6kmf5WslqEGg=DKOHgIvnNtvu1KjfXFegp5VNwv8; Z-XKvKub1BC04_sx8ljqTnDDwkE=oiMfo4vZLlDfYQXd1oT7zdYNyJw; WcoF9fFOQOgMZ-Tqcqt7yNnPPfI=lkLPZiL_UVgRTxwDers97UXe5XU; cf_clearance=CcfCs_uLiRufDzEShxpcfWC8kMAvfDvuYkH7xaHWwPc-1711720946-1.0.1.1-qazjmjWssKmtUI.Iq3iL1_9d0PIVbDcWYZ7vercU6oLqIOuNQMNtoLBjtBNoQtQauqOfqeRvYBa_5kTOOyj9zw; TO7jiCmt50phd8RMEFPfBZX953k=xGvcNAUiktZj2YWAIWEVXrdZ9fc; n5Qa-0stilPCf8QXlcCNkE22ubE=1711720944; dNaKwKHB2knHIMt_XxYj3B-VQpU=1711807344; wxADWqOUlksabHJZpfrKgUHPQ88=zkU1e42hC0LUkorVzzrv-6iXgdg; NKd7lZi-RpfZregmaR-4Lo1eloY=SuMLN8MEgkfpDWwafFWpWrlA_8E
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
date: Fri, 29 Mar 2024 14:02:27 GMT
content-type: text/html
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block, 1; mode=block
cache-control: public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutable
pragma: public
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lt6myZRfYceYRaSyuZseiQZx%2B6YudaLdz%2BtyuxAKH2X2qL1chu60K4tv%2BvChIaifvo43cFwxlQPIEqsZQHtcurMVeE8f3FrhzvTu3nOTr2wn8eWympaD9kceZ9eC8%2BM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c065ce8a8756ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|