Report - virtuous-barb-6862.dataplicity.io/dk/a1b2c3/f58f552eed0c2300502a2b55f664996d/login

Report Overview

Submitted URL
virtuous-barb-6862.dataplicity.io/dk/a1b2c3/f58f552eed0c2300502a2b55f664996d/login
IP
143.204.55.53
ASN
#16509 AMAZON-02
Submitted
2023-02-03 10:15:44
Access
Website Title
Final URL
Tags
dkb financial phishing
urlquery detections
Phishing - Deutsche Kreditbank

Detections

urlquery
28
Network Intrusion Detection
0
Threat Detection Systems
40

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	52.40.48.115
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.8 kB	71 kB	34.120.237.76
virtuous-barb-6862.dataplicity.io	unknown	2023-02-02T03:00:43Z	2023-03-08T09:36:19Z	17 kB	208 kB	143.204.55.68
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.0 kB	5.3 kB	23.36.76.226
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.9 kB	34.160.144.191

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-03	medium	virtuous-barb-6862.dataplicity.io/dk/a1b2c3/f58f552eed0c2300502a2b55f664996d/login	Phishing
2023-02-03	medium	virtuous-barb-6862.dataplicity.io/dk/a1b2c3/f58f552eed0c2300502a2b55f664996d/login	Phishing
2023-02-03	medium	virtuous-barb-6862.dataplicity.io/dk/bower_components/ua-parser-js/dist/ua-parser.min.js	Phishing
2023-02-03	medium	virtuous-barb-6862.dataplicity.io/dk/core/token/core_token.js	Phishing
2023-02-03	medium	virtuous-barb-6862.dataplicity.io/dk/core/form/core_form.js	Phishing
2023-02-03	medium	virtuous-barb-6862.dataplicity.io/dk/login/form/form.js?v=63dcdec6cb27c	Phishing
2023-02-03	medium	virtuous-barb-6862.dataplicity.io/dk/login/token/token.js?v=63dcdec6cb283	Phishing
2023-02-03	medium	virtuous-barb-6862.dataplicity.io/dk/bower_components/jquery/dist/jquery.min.js	Phishing
2023-02-03	medium	virtuous-barb-6862.dataplicity.io/dk/login/4d6cfa3b23c923a6ff461ca35648f21238265651.svg	Phishing
2023-02-03	medium	virtuous-barb-6862.dataplicity.io/dk/login/ab5d9e89d08baa6fab3aa74c2066ded0fe6ab4c9.svg	Phishing
2023-02-03	medium	virtuous-barb-6862.dataplicity.io/dk/login/1ee670489f75dd6ea807765ada75310558e5d196.svg	Phishing
2023-02-03	medium	virtuous-barb-6862.dataplicity.io/dk/login/f1c3726d133ea40cc4df65bc2ef3507461d6ae2f.svg	Phishing
2023-02-03	medium	virtuous-barb-6862.dataplicity.io/dk/login/9c8bf4e8205bf61d35b8fb9d34449556f682914e.svg	Phishing
2023-02-03	medium	virtuous-barb-6862.dataplicity.io/dk/login/b9b216637340489b71e138ef8af8a77d8ff4d638.svg	Phishing
2023-02-03	medium	virtuous-barb-6862.dataplicity.io/dk/login/9ffff3dcba74a06f908dcc216aff9945f2c794a7.svg	Phishing
2023-02-03	medium	virtuous-barb-6862.dataplicity.io/dk/login/a7a9ae59ec5545b759d8ce83efdec96fd262f0fd.svg	Phishing
2023-02-03	medium	virtuous-barb-6862.dataplicity.io/dk/login/69587e341aa8004c80fa8a6212b6f1ef4ea59ddf.svg	Phishing
2023-02-03	medium	virtuous-barb-6862.dataplicity.io/dk/login/928dbe0ec53aba8bdad3070a3c2fbd716c5a3f47.svg	Phishing
2023-02-03	medium	virtuous-barb-6862.dataplicity.io/dk/login/73321b88c86cde1be9540eebac3e131c15a2c5f6.svg	Phishing
2023-02-03	medium	virtuous-barb-6862.dataplicity.io/dk/login/a0a628fa1d136767dfc96799bfff4f969e9b8638.svg	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	virtuous-barb-6862.dataplicity.io/dk/login/form/form.js?v=63dcdec6cb27c	3.4 kB	2023-03-08	2023-07-14
Pretty URL virtuous-barb-6862.dataplicity.io/dk/login/form/form.js?v=63dcdec6cb27c IP 143.204.55.53 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:49:23 Last Seen2023-07-14 11:36:03 Times Seen7 Hash d337327ed5c486523863744d232c371a 73ae8fe7044d0d8dabe469c18992c50f706351ca 7f90e7c6204395caaa07357591ff76b8824630ba6667c473312081d57a92d09c Loading...

	virtuous-barb-6862.dataplicity.io/dk/login/token/token.js?v=63dcdec6cb283	1.8 kB	2023-03-08	2023-07-14
Pretty URL virtuous-barb-6862.dataplicity.io/dk/login/token/token.js?v=63dcdec6cb283 IP 143.204.55.53 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:49:23 Last Seen2023-07-14 11:36:03 Times Seen7 Hash 8695494a2a8094561d3645f4ac2fe99b 5283b673ebf1075429906ecb3991371ceafe2d09 090204339302ad73fcc5420638f48d74561725f399b90a15b497bb93bea73e7e Loading...

	virtuous-barb-6862.dataplicity.io/dk/bower_components/ua-parser-js/dist/ua-parser.min.js	17 kB	2023-03-07	2024-04-25
Pretty URL virtuous-barb-6862.dataplicity.io/dk/bower_components/ua-parser-js/dist/ua-parser.min.js IP 143.204.55.53 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:40 Last Seen2024-04-25 08:42:18 Times Seen667 Hash e0ae48c8ebbe57edeacb5b02f16d0df9 0c5a29a88add39486162e0c16f23e2e06fc7842e 0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896 Loading...

	virtuous-barb-6862.dataplicity.io/dk/core/form/core_form.js	23 kB	2023-03-08	2023-07-14
Pretty URL virtuous-barb-6862.dataplicity.io/dk/core/form/core_form.js IP 143.204.55.53 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:49:23 Last Seen2023-07-14 11:36:03 Times Seen7 Hash c8b8e0e94b53f7b5388263b296f0c738 0bed2106a5b440dd6100e7c4a98703e6c64bc526 a25bb33aab8364f7d0f9c37825979558570cd4c248df68b50e7159161ac7396a Loading...

	virtuous-barb-6862.dataplicity.io/dk/bower_components/jquery/dist/jquery.min.js	87 kB	2023-03-07	2024-04-26
Pretty URL virtuous-barb-6862.dataplicity.io/dk/bower_components/jquery/dist/jquery.min.js IP 143.204.55.53 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-26 23:44:48 Times Seen62848 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	virtuous-barb-6862.dataplicity.io/dk/a1b2c3/f58f552eed0c2300502a2b55f664996d/login/	457 B	2023-03-13	2023-03-13
Pretty URL virtuous-barb-6862.dataplicity.io/dk/a1b2c3/f58f552eed0c2300502a2b55f664996d/login/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:42:54 Last Seen2023-03-13 15:43:49 Times Seen1 Hash 5608f359549440ec802ed4ec06a8edee c5d28dd227a5dab99aa40910f6d3c916121a6742 9999072dc14205302f8de9e8784ce1fbe59b5af32e0c8839113bfd5a4ab24776 Loading...

	virtuous-barb-6862.dataplicity.io/dk/a1b2c3/f58f552eed0c2300502a2b55f664996d/login/#56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d	58 B	2023-03-13	2023-03-13
Pretty URL virtuous-barb-6862.dataplicity.io/dk/a1b2c3/f58f552eed0c2300502a2b55f664996d/login/#56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:43:49 Last Seen2023-03-13 15:43:49 Times Seen1 Hash e92ad8ed09cbd8c8a4b5b8835435847d 381a8f2f908ea87a7c5a98d174cf860e29b869a2 20a0492f2a1826eb0c77aa7c52ad37146ab20fa45d82d19d9f9182cbffe9c942 Loading...

	virtuous-barb-6862.dataplicity.io/dk/a1b2c3/f58f552eed0c2300502a2b55f664996d/login/#56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d	58 B	2023-03-13	2023-03-13
Pretty URL virtuous-barb-6862.dataplicity.io/dk/a1b2c3/f58f552eed0c2300502a2b55f664996d/login/#56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d56e71887e17c4f792fcf642bfd07743d IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:43:49 Last Seen2023-03-13 15:43:49 Times Seen1 Hash 474140282b83eb3054bf3dfa5fe0dfb0 23741721d086b98d58d25c8763eadab0117cba1a 394ad4058e2192f50f662d6ef3582f87e47f74af3b2a2afb6ae7c86b2a3ca23b Loading...

	virtuous-barb-6862.dataplicity.io/dk/core/token/core_token.js	12 kB	2023-03-08	2023-07-14
Pretty URL virtuous-barb-6862.dataplicity.io/dk/core/token/core_token.js IP 143.204.55.53 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:49:23 Last Seen2023-07-14 11:36:03 Times Seen7 Hash 5debd8d9b296c73fb1626de8f15d64b4 e46037efae33bd907467745fef41a1768dde95e2 4061858d799099fa385d08df6c9f966456d29775a2d87a4f93a16fdd5308242f Loading...

HTTP Transactions (50)

URL IP Response Size

virtuous-barb-6862.dataplicity.io/dk/a1b2c3/f58f552eed0c2300502a2b55f664996d/login

143.204.55.68

301 Moved Permanently

167 B

URL HTTP/1.1
virtuous-barb-6862.dataplicity.io/dk/a1b2c3/f58f552eed0c2300502a2b55f664996d/login
IP
143.204.55.68:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deutsche Kreditbank
fortinet	Phishing

HTTP Headers

GET /dk/a1b2c3/f58f552eed0c2300502a2b55f664996d/login HTTP/1.1
Host: virtuous-barb-6862.dataplicity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Fri, 03 Feb 2023 10:15:33 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://virtuous-barb-6862.dataplicity.io/dk/a1b2c3/f58f552eed0c2300502a2b55f664996d/login
X-Cache: Redirect from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _ngk12FKkIg7qgbu1s-8EfpHGE9znvdXvOe8u7xNffyGOU3BMQWgnw==

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6244
Expires: Fri, 03 Feb 2023 11:59:37 GMT
Date: Fri, 03 Feb 2023 10:15:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5594
Expires: Fri, 03 Feb 2023 11:48:47 GMT
Date: Fri, 03 Feb 2023 10:15:33 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 03 Feb 2023 09:36:10 GMT
content-type: application/json
age: 2363
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7880
Expires: Fri, 03 Feb 2023 12:26:53 GMT
Date: Fri, 03 Feb 2023 10:15:33 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: U8XdHVdIdG2PQzr7/dOKZQUn8CxB3WSU4u5jnINpgEWtcQsdEybFgFQzBCmLqDAYUCEy6w52B8ia98CFHeaSiQ==
x-amz-request-id: SYXMD9GG18TA0K9C
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 03 Feb 2023 09:52:22 GMT
age: 1391
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 10:15:33 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 03 Feb 2023 10:07:19 GMT
age: 494
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10169
Expires: Fri, 03 Feb 2023 13:05:02 GMT
Date: Fri, 03 Feb 2023 10:15:33 GMT
Connection: keep-alive

push.services.mozilla.com/

52.40.48.115

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.40.48.115:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7YYddWck6RBffyoOxFV4iQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: W4UID2DyFGWpHCyA+FFA7thdKXg=

virtuous-barb-6862.dataplicity.io/dk/a1b2c3/f58f552eed0c2300502a2b55f664996d/login

143.204.55.53

301 Moved Permanently

5.1 kB

URL HTTP/2
virtuous-barb-6862.dataplicity.io/dk/a1b2c3/f58f552eed0c2300502a2b55f664996d/login
IP
143.204.55.53:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (636), with CRLF, LF line terminators
Size
5.1 kB (5071 bytes)
Hash
a68d295454d70c9a7285704c26bd0311
6d0fd18a461dbe94b9b868e9265f8be6bf2e38ab
92abc7aee4c3b0a6bc6653c499787ee56749cc1bab66bc8d0cbbd3697c785f39

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /dk/a1b2c3/f58f552eed0c2300502a2b55f664996d/login HTTP/1.1
Host: virtuous-barb-6862.dataplicity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
content-type: text/html
location: https://virtuous-barb-6862.dataplicity.io/dk/a1b2c3/f58f552eed0c2300502a2b55f664996d/login/
date: Fri, 03 Feb 2023 10:15:34 GMT
server: nginx
content-encoding: gzip
vary: Accept-Encoding
x-content-type-options: nosniff
x-cache: Miss from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: dfKymCE9i20IX64aSwBh4tdN0eQZwszM_EiiDYccjhOyX-vuvvJidw==
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5921
Expires: Fri, 03 Feb 2023 11:54:16 GMT
Date: Fri, 03 Feb 2023 10:15:35 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5921
Expires: Fri, 03 Feb 2023 11:54:16 GMT
Date: Fri, 03 Feb 2023 10:15:35 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fff49ad64-ed0c-4270-8972-02b93a55c3b8.jpeg

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fff49ad64-ed0c-4270-8972-02b93a55c3b8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12514 bytes)
Hash
b67f1de5050f7e32226bb0b279e5f450
058dc594601de546ae391ffa47269b404fee0f02
268b5f2557e4f171f33641cc7923d6cd786cba6e056f6656c82113b49b70a3df

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fff49ad64-ed0c-4270-8972-02b93a55c3b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12514
x-amzn-requestid: e5e536fd-15ec-4a9f-a678-c24e6202d0f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fY_y3HRSoAMFxUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d379ab-5137ec566a8ccb4a3628e17a;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 07:13:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KvaWZ_Re1oRbOGg3MDxp5BKPCMAzYqCfVo4n3rf67ppjVO9Pmey4wg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:05:20 GMT
age: 43815
etag: "058dc594601de546ae391ffa47269b404fee0f02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15f2ebc9-82b4-4f1b-b0b8-978571cb123b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9130 bytes)
Hash
02123eef9faa8560ff66b058d4e13a28
decf26282993d7f0b14cf4112d14fa39c97fa89f
28889ff20f1b2fe0b73f8f97e6569f1d68d77fe436eeb47cc06ee4f0822ff239

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15f2ebc9-82b4-4f1b-b0b8-978571cb123b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9130
x-amzn-requestid: 09ad3fbb-1e71-4455-82df-6e59f65239a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuxiYEkqIAMFVZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2fa8-1dca116e4317f9bd14f6d45a;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:48:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _Bc2svrG-wX63DK9RPUyjh-n6AHVHaQe3QRmEL27L-amwCH2I_f_9g==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:05:17 GMT
age: 43818
etag: "decf26282993d7f0b14cf4112d14fa39c97fa89f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11565 bytes)
Hash
e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w0Zm5V0TQxsQ7917U3fdhS_n7qKE143PuhI2JmNCDM_Pf0yPLyW6yA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 04:53:21 GMT
age: 19334
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.6 kB (5641 bytes)
Hash
d4041f3b5316bc84c9e6d88ddbc85b89
4978a4a20836b6f5d863d331bcedad782b7b4ac6
549b62d2c4ec965b8bec62010c0ce338dfea7992ee83eb7af61ff1a30d21f8b5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5641
x-amzn-requestid: b53b54b1-3b00-47cf-a25c-e93910c2ebfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuvzpHsXoAMFsuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2ce3-0c4fc8154763febb44460ac2;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: x4-BZdG4JGRKCSdKynnuweZfo9l0XZtDB-MiANy7C2Yz1URYMHP4sQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:28:50 GMT
age: 42405
etag: "4978a4a20836b6f5d863d331bcedad782b7b4ac6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10796 bytes)
Hash
3490571dd2de0a747987b9a0e18cccc8
18e9f8f160d3515f1cb31fc7538ac762a6cab344
1c071d7f3b288b29254500f94f19c0db0633c6aa90812f2e92c4f64992f5221a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10796
x-amzn-requestid: 5c9b1a83-c99a-44b9-9a90-5edd7ef1e225
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi0XKG93oAMFtsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76760-01bf754d6c725c3275c02a1b;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 06:44:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vUJO-Pt9Hi1ndrCQQT1nNCGT7oDOYBpA8-EawHanESoZAsZv32dQdg==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 00:25:04 GMT
age: 35431
etag: "18e9f8f160d3515f1cb31fc7538ac762a6cab344"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feed96488-989b-49ab-8eef-5c9dea89a5ca.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5898 bytes)
Hash
5314f1087266189144982b464f4aa7a6
438b5a17b9060f6825331348aa3797ab1c15895d
fb7d5ec834d28c99f6430703c002c24a9caf50b7701a369cbd69e51576f1e73c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feed96488-989b-49ab-8eef-5c9dea89a5ca.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5898
x-amzn-requestid: 50d6181d-6804-48ab-bc38-9fcaf4da1bc5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fZALWF5IIAMFv5g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d37a48-2e2e53124ce2f9eb31290ec4;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 07:16:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 9Jus6UYlOGiDdqLBxJ387FMtEAST6THfW-oz6gjgFzKzchCdwUCcvQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 03:13:49 GMT
age: 25306
etag: "438b5a17b9060f6825331348aa3797ab1c15895d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

virtuous-barb-6862.dataplicity.io/dk/bower_components/ua-parser-js/dist/ua-parser.min.js

143.204.55.53

200 OK

6.0 kB

URL HTTP/2
virtuous-barb-6862.dataplicity.io/dk/bower_components/ua-parser-js/dist/ua-parser.min.js
IP
143.204.55.53:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (16817)
Size
6.0 kB (5961 bytes)
Hash
9f782b11abdef176b9e0d5899a634b07
43dd6a3e3550e92c7da197d141baa78a697a1032
d33e2ca4d194c4c55ed7beba31eb7a3e23223874870653ee3ba78f9449fbb243

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deutsche Kreditbank
fortinet	Phishing

HTTP Headers

GET /dk/bower_components/ua-parser-js/dist/ua-parser.min.js HTTP/1.1
Host: virtuous-barb-6862.dataplicity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://virtuous-barb-6862.dataplicity.io/dk/a1b2c3/f58f552eed0c2300502a2b55f664996d/login/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/x-javascript
content-length: 5961
date: Fri, 03 Feb 2023 10:15:35 GMT
server: nginx
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 10:15:35 GMT
etag: "4298-59df16c8-e2123;br"
last-modified: Thu, 12 Oct 2017 07:16:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
x-content-type-options: nosniff
x-cache: Miss from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wZBdZbnij9R9DnIaeD9yLdoFoYxl79jTajxO7bRdYFLFAmoGPv6Qtw==
X-Firefox-Spdy: h2

virtuous-barb-6862.dataplicity.io/dk/bower_components/font-awesome/css/font-awesome.min.css

143.204.55.53

200 OK

6.6 kB

URL HTTP/2
virtuous-barb-6862.dataplicity.io/dk/bower_components/font-awesome/css/font-awesome.min.css
IP
143.204.55.53:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (30837)
Size
6.6 kB (6646 bytes)
Hash
11222b06ed955893a95f4d4f94d754a6
140330b30b9490c9a98b2d7e71b5d1f107c243c9
7f596aacbe4591f01a463daec67efb7adf3b191d6a1031a50d21b023b297059d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deutsche Kreditbank

HTTP Headers

GET /dk/bower_components/font-awesome/css/font-awesome.min.css HTTP/1.1
Host: virtuous-barb-6862.dataplicity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://virtuous-barb-6862.dataplicity.io/dk/a1b2c3/f58f552eed0c2300502a2b55f664996d/login/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-length: 6646
date: Fri, 03 Feb 2023 10:15:35 GMT
server: nginx
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 10:15:35 GMT
etag: "7918-58e9aa94-e212a;br"
last-modified: Sun, 09 Apr 2017 03:29:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
x-content-type-options: nosniff
x-cache: Miss from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: qMxjDfJ6OR8FFRSg2B3THOadfrfqEsS1404WU4IeNsuUiSQZLOzwhQ==
X-Firefox-Spdy: h2

virtuous-barb-6862.dataplicity.io/dk/core/token/core_token.js

143.204.55.53

200 OK

2.6 kB

URL HTTP/2
virtuous-barb-6862.dataplicity.io/dk/core/token/core_token.js
IP
143.204.55.53:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (11754), with no line terminators
Size
2.6 kB (2573 bytes)
Hash
86e81aec7074f0a216426ee36abc03b7
202fcd9ed19d8b660bc884dfef1e58b6d770aae0
26b479e9dbed11c546a4a5ad93d42e973ff7ada0313c8fa506d6743b6c6fbc9a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deutsche Kreditbank
fortinet	Phishing

HTTP Headers

GET /dk/core/token/core_token.js HTTP/1.1
Host: virtuous-barb-6862.dataplicity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://virtuous-barb-6862.dataplicity.io/dk/a1b2c3/f58f552eed0c2300502a2b55f664996d/login/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/x-javascript
content-length: 2573
date: Fri, 03 Feb 2023 10:15:35 GMT
server: nginx
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 10:15:35 GMT
etag: "2dea-5fa6a006-e20b0;br"
last-modified: Sat, 07 Nov 2020 13:24:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
x-content-type-options: nosniff
x-cache: Miss from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Amlo-66YE9vMVr3Lmo-XgFwLEAd5kTSCoYiPmIUmFPwvVU7ixDtvJQ==
X-Firefox-Spdy: h2

virtuous-barb-6862.dataplicity.io/dk/core/form/core_form.js

143.204.55.53

200 OK

6.2 kB

URL HTTP/2
virtuous-barb-6862.dataplicity.io/dk/core/form/core_form.js
IP
143.204.55.53:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (22945), with no line terminators
Size
6.2 kB (6165 bytes)
Hash
b00ae3061f6dfb16359b50f687f25268
5c6cc7ff6fa1463f1d425f15f111a106bb282c1c
de8b504dd441b32bf5e01b5c87993af8a1c2a879ab400ecc2f9c78ae50a566a6

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deutsche Kreditbank
fortinet	Phishing

HTTP Headers

GET /dk/core/form/core_form.js HTTP/1.1
Host: virtuous-barb-6862.dataplicity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://virtuous-barb-6862.dataplicity.io/dk/a1b2c3/f58f552eed0c2300502a2b55f664996d/login/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/x-javascript
content-length: 6165
date: Fri, 03 Feb 2023 10:15:35 GMT
server: nginx
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 10:15:35 GMT
etag: "59a4-5fa69fd6-e20b3;br"
last-modified: Sat, 07 Nov 2020 13:23:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
x-content-type-options: nosniff
x-cache: Miss from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: j5CLznU-02m__1kAwdDk5NBuL4JTmeg-M6R0_DC6J_bPe5dqTUpm7w==
X-Firefox-Spdy: h2

virtuous-barb-6862.dataplicity.io/dk/core/form/core_form.css

143.204.55.53

200 OK

856 B

URL HTTP/2
virtuous-barb-6862.dataplicity.io/dk/core/form/core_form.css
IP
143.204.55.53:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
856 B (856 bytes)
Hash
c125ce7c2f3d84c1d38638de45631ed1
6379d7f1c595effb8977d278487707ddbb9aec74
dec7240d91c6d57e62d07ec4bc47903c1609595ab555da68a281cab1a750e3fe

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deutsche Kreditbank

HTTP Headers

GET /dk/core/form/core_form.css HTTP/1.1
Host: virtuous-barb-6862.dataplicity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://virtuous-barb-6862.dataplicity.io/dk/a1b2c3/f58f552eed0c2300502a2b55f664996d/login/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-length: 856
date: Fri, 03 Feb 2023 10:15:35 GMT
server: nginx
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 10:15:35 GMT
etag: "11f9-5ec80e2a-e20b2;br"
last-modified: Fri, 22 May 2020 17:38:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
x-content-type-options: nosniff
x-cache: Miss from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: GEKioEtsz-mPmBFjVsNU_ostbKW6aunBP5hkHWQB7cxS160kn-DVDw==
X-Firefox-Spdy: h2

virtuous-barb-6862.dataplicity.io/dk/login/form/css.css

143.204.55.53

200 OK

0 B

URL HTTP/2
virtuous-barb-6862.dataplicity.io/dk/login/form/css.css
IP
143.204.55.53:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deutsche Kreditbank

HTTP Headers

GET /dk/login/form/css.css HTTP/1.1
Host: virtuous-barb-6862.dataplicity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://virtuous-barb-6862.dataplicity.io/dk/a1b2c3/f58f552eed0c2300502a2b55f664996d/login/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-length: 0
date: Fri, 03 Feb 2023 10:15:35 GMT
server: nginx
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 10:15:35 GMT
etag: "0-5d872d1e-e224d;;;"
last-modified: Sun, 22 Sep 2019 08:13:18 GMT
accept-ranges: bytes
x-content-type-options: nosniff
x-cache: Miss from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: mElNPX7TzhyzH7mFKy0kN63xkmzum6A4NCvT53KarvfShUo01G9kpQ==
X-Firefox-Spdy: h2

virtuous-barb-6862.dataplicity.io/dk/login/index.css

143.204.55.53

200 OK

1.0 kB

URL HTTP/2
virtuous-barb-6862.dataplicity.io/dk/login/index.css
IP
143.204.55.53:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
1.0 kB (1047 bytes)
Hash
d44af931eb3e45f2b05b383b9133f97f
7548131b58781e593b1925b80741f9c38e86cb43
efc297b9306bc64d5f9fcc6ce81587510ba61584e500f6dc04cc47960ef3ee3a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deutsche Kreditbank

HTTP Headers

GET /dk/login/index.css HTTP/1.1
Host: virtuous-barb-6862.dataplicity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://virtuous-barb-6862.dataplicity.io/dk/a1b2c3/f58f552eed0c2300502a2b55f664996d/login/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-length: 1047
date: Fri, 03 Feb 2023 10:15:35 GMT
server: nginx
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 10:15:35 GMT
etag: "3940-5f0cae80-e226a;br"
last-modified: Mon, 13 Jul 2020 18:57:04 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
x-content-type-options: nosniff
x-cache: Miss from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: EQFediXWvZuqKX4WKukhEUnotHSHvqSdzAVmq8M8ZZm5mdREeHzh9w==
X-Firefox-Spdy: h2

virtuous-barb-6862.dataplicity.io/dk/login/form/form.js?v=63dcdec6cb27c

143.204.55.53

200 OK

1.0 kB

URL HTTP/2
virtuous-barb-6862.dataplicity.io/dk/login/form/form.js?v=63dcdec6cb27c
IP
143.204.55.53:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (3434), with no line terminators
Size
1.0 kB (1032 bytes)
Hash
07afccfc39c70175abfd983fa7b2203e
7bad97f84f19e587017b1e1f03987f05c7bb11b2
5bf70c51471e58d0a705d1bd4ea6c9d889a377415eed915394afdeaa949a2d56

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deutsche Kreditbank
fortinet	Phishing

HTTP Headers

GET /dk/login/form/form.js?v=63dcdec6cb27c HTTP/1.1
Host: virtuous-barb-6862.dataplicity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://virtuous-barb-6862.dataplicity.io/dk/a1b2c3/f58f552eed0c2300502a2b55f664996d/login/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/x-javascript
content-length: 1032
date: Fri, 03 Feb 2023 10:15:35 GMT
server: nginx
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 10:15:35 GMT
etag: "d6a-5dea980e-e224e;br"
last-modified: Fri, 06 Dec 2019 18:03:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
x-content-type-options: nosniff
x-cache: Miss from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TEeBnpVk1NjxPxtBmykxb6wiBLpsnPoWe-RzDCi11CWoBH3PWix0LA==
X-Firefox-Spdy: h2

virtuous-barb-6862.dataplicity.io/dk/login/token/token.js?v=63dcdec6cb283

143.204.55.53

200 OK

698 B

URL HTTP/2
virtuous-barb-6862.dataplicity.io/dk/login/token/token.js?v=63dcdec6cb283
IP
143.204.55.53:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (1800), with no line terminators
Size
698 B (698 bytes)
Hash
da6198d2b32d8994fe70c0c329934cd7
11eeb5bd7f1197ee7147f2ddd13e4a3df56a3502
e439a76dddd72eecbe1f338d1e52c82bcfc9204ba42db3870bceb46c5ab3c593

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deutsche Kreditbank
fortinet	Phishing

HTTP Headers

GET /dk/login/token/token.js?v=63dcdec6cb283 HTTP/1.1
Host: virtuous-barb-6862.dataplicity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://virtuous-barb-6862.dataplicity.io/dk/a1b2c3/f58f552eed0c2300502a2b55f664996d/login/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/x-javascript
content-length: 698
date: Fri, 03 Feb 2023 10:15:35 GMT
server: nginx
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 10:15:35 GMT
etag: "708-5f0ef876-e2241;br"
last-modified: Wed, 15 Jul 2020 12:37:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
x-content-type-options: nosniff
x-cache: Miss from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kMwzlHMKTck_ywB4x8UIXYSHetufLwc9R_vjE0KXJ7z-82_A98L1Vg==
X-Firefox-Spdy: h2

virtuous-barb-6862.dataplicity.io/dk/bower_components/jquery/dist/jquery.min.js

143.204.55.53

200 OK

29 kB

URL HTTP/2
virtuous-barb-6862.dataplicity.io/dk/bower_components/jquery/dist/jquery.min.js
IP
143.204.55.53:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (32058)
Size
29 kB (29376 bytes)
Hash
b3a379b7e761820bd153b1455cb7f869
b43e13ee5876142d063322243881dc950993c867
ee266bb7706bcc2b01393912870297448b135a0c5f4536b92eb5944a42917259

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deutsche Kreditbank
fortinet	Phishing

HTTP Headers

GET /dk/bower_components/jquery/dist/jquery.min.js HTTP/1.1
Host: virtuous-barb-6862.dataplicity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://virtuous-barb-6862.dataplicity.io/dk/a1b2c3/f58f552eed0c2300502a2b55f664996d/login/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/x-javascript
content-length: 29376
date: Fri, 03 Feb 2023 10:15:35 GMT
server: nginx
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 10:15:35 GMT
etag: "15283-5934c80a-e211c;br"
last-modified: Mon, 05 Jun 2017 02:55:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
x-content-type-options: nosniff
x-cache: Miss from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: NG1TA7xCpN8zXaEwhyZVDaTx9OTSdZM-ResP8FHO0uzoHeB6bIMkMQ==
X-Firefox-Spdy: h2

virtuous-barb-6862.dataplicity.io/dk/login/c0d75975d30300cc39ba6c22834ef480.jpg

143.204.55.53

200 OK

23 kB

URL HTTP/2
virtuous-barb-6862.dataplicity.io/dk/login/c0d75975d30300cc39ba6c22834ef480.jpg
IP
143.204.55.53:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2016:10:25 17:57:59], baseline, precision 8, 120x90, components 3\012- data
Size
23 kB (22633 bytes)
Hash
c0d75975d30300cc39ba6c22834ef480
bf459b9a013326a662bdce634e0add247629f5fa
04de149751276069b2c581032afc9c43bf176fe06868a1f2147f3935b8ad116b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deutsche Kreditbank

HTTP Headers

GET /dk/login/c0d75975d30300cc39ba6c22834ef480.jpg HTTP/1.1
Host: virtuous-barb-6862.dataplicity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://virtuous-barb-6862.dataplicity.io/dk/a1b2c3/f58f552eed0c2300502a2b55f664996d/login/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 22633
date: Fri, 03 Feb 2023 10:15:36 GMT
server: nginx
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 10:15:35 GMT
etag: "5869-5f0cab2c-e2279;;;"
last-modified: Mon, 13 Jul 2020 18:42:52 GMT
accept-ranges: bytes
x-content-type-options: nosniff
x-cache: Miss from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -9BDjtHMejA5S591OgYyiOx3TAsC7_Pa8EC0YkYX1gZRCW1gzMOjPw==
X-Firefox-Spdy: h2

virtuous-barb-6862.dataplicity.io/dk/login/dkb_responsive.min.css

143.204.55.53

200 OK

36 kB

URL HTTP/2
virtuous-barb-6862.dataplicity.io/dk/login/dkb_responsive.min.css
IP
143.204.55.53:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65536), with no line terminators
Size
36 kB (35982 bytes)
Hash
793d2f980b3cac9b58baee29da769772
7c428487f06ac3ab93a232eef4551c339a7a35f2
932d7ac3a2b526f0f9b3672dd820079a07cb12b264325a90a1f2f856cc86e3bb

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deutsche Kreditbank

HTTP Headers

GET /dk/login/dkb_responsive.min.css HTTP/1.1
Host: virtuous-barb-6862.dataplicity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://virtuous-barb-6862.dataplicity.io/dk/a1b2c3/f58f552eed0c2300502a2b55f664996d/login/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-length: 35982
date: Fri, 03 Feb 2023 10:15:36 GMT
server: nginx
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 10:15:35 GMT
etag: "4bb56-5f0cab2c-e2251;br"
last-modified: Mon, 13 Jul 2020 18:42:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
x-content-type-options: nosniff
x-cache: Miss from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -0yQHeU6N8y7j2zWtgDzMAfuflpQarQsZcDo4WDphhaJdUEiNiV0AA==
X-Firefox-Spdy: h2

virtuous-barb-6862.dataplicity.io/dk/login/dkb-global.css

143.204.55.53

200 OK

35 kB

URL HTTP/2
virtuous-barb-6862.dataplicity.io/dk/login/dkb-global.css
IP
143.204.55.53:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (26620)
Size
35 kB (35267 bytes)
Hash
91cec36f30571729a86c53f8da72a828
41811d499482f4e3045a211aa6f02b8cd9b98924
a256ea62b254ed2e18b1db1f688ef1e9794713599907f823ba59a5a9101be5c3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deutsche Kreditbank

HTTP Headers

GET /dk/login/dkb-global.css HTTP/1.1
Host: virtuous-barb-6862.dataplicity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://virtuous-barb-6862.dataplicity.io/dk/a1b2c3/f58f552eed0c2300502a2b55f664996d/login/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-length: 35267
date: Fri, 03 Feb 2023 10:15:36 GMT
server: nginx
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 10:15:35 GMT
etag: "38891-5f0cab2c-e227c;br"
last-modified: Mon, 13 Jul 2020 18:42:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
x-content-type-options: nosniff
x-cache: Miss from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 13FaX9L893slYQhhBukJ4ioiwFaYhUAXz8xNYacfKxyQSCfeWoSP7g==
X-Firefox-Spdy: h2

virtuous-barb-6862.dataplicity.io/dk/login/4d6cfa3b23c923a6ff461ca35648f21238265651.svg

143.204.55.53

200 OK

239 B

URL HTTP/2
virtuous-barb-6862.dataplicity.io/dk/login/4d6cfa3b23c923a6ff461ca35648f21238265651.svg
IP
143.204.55.53:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (475), with no line terminators
Size
239 B (239 bytes)
Hash
bd8f00ccaad44a579f812f5d2685ecce
f5bab0a7eab44d6e91965dc41134313fd1b2bdb2
f68fc0553fb0e59c4b70b69fc1382fc9e0efb901ef498b5ed8432688e9906185

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deutsche Kreditbank
fortinet	Phishing

HTTP Headers

GET /dk/login/4d6cfa3b23c923a6ff461ca35648f21238265651.svg HTTP/1.1
Host: virtuous-barb-6862.dataplicity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://virtuous-barb-6862.dataplicity.io/dk/login/dkb_responsive.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 239
date: Fri, 03 Feb 2023 10:15:37 GMT
server: nginx
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 10:15:37 GMT
etag: "1db-5f0cab2c-e2263;br"
last-modified: Mon, 13 Jul 2020 18:42:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
x-content-type-options: nosniff
x-cache: Miss from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hGOom2qs8aHlxnfCN0pOomAAuX9ZYwSQU2s2bm36Tx1OacjkNSy7Pw==
X-Firefox-Spdy: h2

virtuous-barb-6862.dataplicity.io/dk/login/ab5d9e89d08baa6fab3aa74c2066ded0fe6ab4c9.svg

143.204.55.53

200 OK

499 B

URL HTTP/2
virtuous-barb-6862.dataplicity.io/dk/login/ab5d9e89d08baa6fab3aa74c2066ded0fe6ab4c9.svg
IP
143.204.55.53:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (944), with no line terminators
Size
499 B (499 bytes)
Hash
c903b1579a4b86518a6eb8b189a05e9f
542835a2a890e5ca2f71da9fa57d952a86c28629
768b93c9f2147fee9457544216ba0a73e69972e76df81f0d9f23bd36cca7485a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deutsche Kreditbank
fortinet	Phishing

HTTP Headers

GET /dk/login/ab5d9e89d08baa6fab3aa74c2066ded0fe6ab4c9.svg HTTP/1.1
Host: virtuous-barb-6862.dataplicity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://virtuous-barb-6862.dataplicity.io/dk/login/dkb_responsive.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 499
date: Fri, 03 Feb 2023 10:15:37 GMT
server: nginx
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 10:15:37 GMT
etag: "3b0-5f0cab2c-e2242;br"
last-modified: Mon, 13 Jul 2020 18:42:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
x-content-type-options: nosniff
x-cache: Miss from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: EAJMfz8UDnkg9mb0vsxUkFlJqpJDu2ss96yakzcP6XJ3KXH2hCeMkQ==
X-Firefox-Spdy: h2

virtuous-barb-6862.dataplicity.io/dk/login/1ee670489f75dd6ea807765ada75310558e5d196.svg

143.204.55.53

200 OK

1.0 kB

URL HTTP/2
virtuous-barb-6862.dataplicity.io/dk/login/1ee670489f75dd6ea807765ada75310558e5d196.svg
IP
143.204.55.53:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (3042), with no line terminators
Size
1.0 kB (1020 bytes)
Hash
894bbaf24692fd257365ee95559b9117
4bffb1677b81d6f3ae47159ffb512e34c6d2b250
a848a05cfc1538f23312315c41fe3a8119feca5d80bafa1adeada339917351d0

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deutsche Kreditbank
fortinet	Phishing

HTTP Headers

GET /dk/login/1ee670489f75dd6ea807765ada75310558e5d196.svg HTTP/1.1
Host: virtuous-barb-6862.dataplicity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://virtuous-barb-6862.dataplicity.io/dk/login/dkb_responsive.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1020
date: Fri, 03 Feb 2023 10:15:37 GMT
server: nginx
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 10:15:37 GMT
etag: "be2-5f0cab2c-e225d;br"
last-modified: Mon, 13 Jul 2020 18:42:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
x-content-type-options: nosniff
x-cache: Miss from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: tWkLOgdGZpP_PER0HtE6cp0WqrNzTnWHDfrdJfez2ujjWrLWbVbA-Q==
X-Firefox-Spdy: h2

virtuous-barb-6862.dataplicity.io/dk/login/f1c3726d133ea40cc4df65bc2ef3507461d6ae2f.svg

143.204.55.53

200 OK

1.5 kB

URL HTTP/2
virtuous-barb-6862.dataplicity.io/dk/login/f1c3726d133ea40cc4df65bc2ef3507461d6ae2f.svg
IP
143.204.55.53:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (4870), with no line terminators
Size
1.5 kB (1495 bytes)
Hash
e1683de9b31d4d2888c61c9747edbe90
8623bd912bd567e2d51c5afde4876a476915de75
267e8c9a1ed7f6f635f040cbee4bc24f1760580fc76ecb4d0a0257fa83c55ed6

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deutsche Kreditbank
fortinet	Phishing

HTTP Headers

GET /dk/login/f1c3726d133ea40cc4df65bc2ef3507461d6ae2f.svg HTTP/1.1
Host: virtuous-barb-6862.dataplicity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://virtuous-barb-6862.dataplicity.io/dk/login/dkb_responsive.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1495
date: Fri, 03 Feb 2023 10:15:37 GMT
server: nginx
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 10:15:37 GMT
etag: "1306-5f0cab2c-e2278;br"
last-modified: Mon, 13 Jul 2020 18:42:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
x-content-type-options: nosniff
x-cache: Miss from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3N8rXseLqUIFAjLSd76C6UDITuFYnY_-cSUVwDrDhmQY4of_ukSg1Q==
X-Firefox-Spdy: h2

virtuous-barb-6862.dataplicity.io/dk/login/9c8bf4e8205bf61d35b8fb9d34449556f682914e.svg

143.204.55.53

200 OK

402 B

URL HTTP/2
virtuous-barb-6862.dataplicity.io/dk/login/9c8bf4e8205bf61d35b8fb9d34449556f682914e.svg
IP
143.204.55.53:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (686), with no line terminators
Size
402 B (402 bytes)
Hash
6b44e18098c3abdb7544b2d37c523101
2ace983ab6959a310727f7572d397a9a437f77fe
2f6841fa4eefb748052623f99db78f80a5ca99fbb3319b5a3f90fa5689ae45cc

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deutsche Kreditbank
fortinet	Phishing

HTTP Headers

GET /dk/login/9c8bf4e8205bf61d35b8fb9d34449556f682914e.svg HTTP/1.1
Host: virtuous-barb-6862.dataplicity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://virtuous-barb-6862.dataplicity.io/dk/login/dkb_responsive.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 402
date: Fri, 03 Feb 2023 10:15:37 GMT
server: nginx
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 10:15:37 GMT
etag: "2ae-5f0cab2c-e226c;br"
last-modified: Mon, 13 Jul 2020 18:42:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
x-content-type-options: nosniff
x-cache: Miss from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Kav37oW--WGGVnz7_7PQwRkG_zxkW4bbSmg4qYXz144PKqmmWSrTtg==
X-Firefox-Spdy: h2

virtuous-barb-6862.dataplicity.io/dk/login/b9b216637340489b71e138ef8af8a77d8ff4d638.svg

143.204.55.53

200 OK

479 B

URL HTTP/2
virtuous-barb-6862.dataplicity.io/dk/login/b9b216637340489b71e138ef8af8a77d8ff4d638.svg
IP
143.204.55.53:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (856), with no line terminators
Size
479 B (479 bytes)
Hash
d005f9244c43d14d91a43673dee3007e
57880a9dbcbe4ece8f24c066e3dc3a9337883737
bcc169ff944073ae1c8741a1772d9d80a8260656c34d461ddd169a9459194c71

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deutsche Kreditbank
fortinet	Phishing

HTTP Headers

GET /dk/login/b9b216637340489b71e138ef8af8a77d8ff4d638.svg HTTP/1.1
Host: virtuous-barb-6862.dataplicity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://virtuous-barb-6862.dataplicity.io/dk/login/dkb_responsive.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 479
date: Fri, 03 Feb 2023 10:15:37 GMT
server: nginx
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 10:15:37 GMT
etag: "358-5f0cab2c-e225c;br"
last-modified: Mon, 13 Jul 2020 18:42:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
x-content-type-options: nosniff
x-cache: Miss from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: QxIn8rbBAqNbWl0g-7vRUMQap592uH0a0QE_cP8eoM9fEBscQNdCVA==
X-Firefox-Spdy: h2

virtuous-barb-6862.dataplicity.io/dk/login/9ffff3dcba74a06f908dcc216aff9945f2c794a7.svg

143.204.55.53

200 OK

469 B

URL HTTP/2
virtuous-barb-6862.dataplicity.io/dk/login/9ffff3dcba74a06f908dcc216aff9945f2c794a7.svg
IP
143.204.55.53:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (871), with no line terminators
Size
469 B (469 bytes)
Hash
0091db7103221d7d7460594cafd8f14b
698633c54d56d279c0fecebf9443388adb4181ee
5693776d6bcd6f66429e67f597dedc82abb107070588309cfffb4a8eb894316e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deutsche Kreditbank
fortinet	Phishing

HTTP Headers

GET /dk/login/9ffff3dcba74a06f908dcc216aff9945f2c794a7.svg HTTP/1.1
Host: virtuous-barb-6862.dataplicity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://virtuous-barb-6862.dataplicity.io/dk/login/dkb_responsive.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 469
date: Fri, 03 Feb 2023 10:15:37 GMT
server: nginx
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 10:15:37 GMT
etag: "367-5f0cab2c-e2262;br"
last-modified: Mon, 13 Jul 2020 18:42:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
x-content-type-options: nosniff
x-cache: Miss from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: oB6UW8zXQzVOATWh4HRI7udImlvvzCgPx_Ropxvv08R9rHiydEZIVw==
X-Firefox-Spdy: h2

virtuous-barb-6862.dataplicity.io/dk/login/a7a9ae59ec5545b759d8ce83efdec96fd262f0fd.svg

143.204.55.53

200 OK

377 B

URL HTTP/2
virtuous-barb-6862.dataplicity.io/dk/login/a7a9ae59ec5545b759d8ce83efdec96fd262f0fd.svg
IP
143.204.55.53:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (669), with no line terminators
Size
377 B (377 bytes)
Hash
16f640b33924c16e143723c079769169
aa4415eda49c368b26045d85c8070d1c47dc515d
d83cf473d5ad194155dd3448310d7f6007326fb4defcfa6b0c98f3c11cb70678

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deutsche Kreditbank
fortinet	Phishing

HTTP Headers

GET /dk/login/a7a9ae59ec5545b759d8ce83efdec96fd262f0fd.svg HTTP/1.1
Host: virtuous-barb-6862.dataplicity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://virtuous-barb-6862.dataplicity.io/dk/login/dkb_responsive.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 377
date: Fri, 03 Feb 2023 10:15:37 GMT
server: nginx
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 10:15:37 GMT
etag: "29d-5f0cab2c-e2261;br"
last-modified: Mon, 13 Jul 2020 18:42:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
x-content-type-options: nosniff
x-cache: Miss from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _TvCMLvOQ_w8vi_4IVQTeYoI0zbV1KKieWYviD7KlJ3pZltwmKlO8A==
X-Firefox-Spdy: h2

virtuous-barb-6862.dataplicity.io/dk/login/69587e341aa8004c80fa8a6212b6f1ef4ea59ddf.svg

143.204.55.53

200 OK

483 B

URL HTTP/2
virtuous-barb-6862.dataplicity.io/dk/login/69587e341aa8004c80fa8a6212b6f1ef4ea59ddf.svg
IP
143.204.55.53:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (864), with no line terminators
Size
483 B (483 bytes)
Hash
8593009ba50d4ff92c84eb169c3ac80b
6de33ec60d4d1bde232a83e00c0b0d78d0e0020a
5d06ed895ac5af7d44c95dda138e2ea655f6bb3f0ce686deb1157a232d3567b7

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deutsche Kreditbank
fortinet	Phishing

HTTP Headers

GET /dk/login/69587e341aa8004c80fa8a6212b6f1ef4ea59ddf.svg HTTP/1.1
Host: virtuous-barb-6862.dataplicity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://virtuous-barb-6862.dataplicity.io/dk/login/dkb_responsive.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 483
date: Fri, 03 Feb 2023 10:15:37 GMT
server: nginx
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 10:15:37 GMT
etag: "360-5f0cab2c-e2267;br"
last-modified: Mon, 13 Jul 2020 18:42:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
x-content-type-options: nosniff
x-cache: Miss from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: n-C1-jZKnsM2Q5znX8rtQNU_ZmegLiv_0W1YL9zqQK5vo7ByXpKUOg==
X-Firefox-Spdy: h2

virtuous-barb-6862.dataplicity.io/dk/login/928dbe0ec53aba8bdad3070a3c2fbd716c5a3f47.svg

143.204.55.53

200 OK

1.3 kB

URL HTTP/2
virtuous-barb-6862.dataplicity.io/dk/login/928dbe0ec53aba8bdad3070a3c2fbd716c5a3f47.svg
IP
143.204.55.53:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (2808), with no line terminators
Size
1.3 kB (1349 bytes)
Hash
4e91d5028c6e4992c6bfc9cf90f2694a
5edafba2f099d5d25020ce1b42cf0061f447d3f4
1ee342c29b8e990da2e6d52d4f4e406aaf2086e6ef7593835d809d1a35e5efc4

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deutsche Kreditbank
fortinet	Phishing

HTTP Headers

GET /dk/login/928dbe0ec53aba8bdad3070a3c2fbd716c5a3f47.svg HTTP/1.1
Host: virtuous-barb-6862.dataplicity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://virtuous-barb-6862.dataplicity.io/dk/login/dkb_responsive.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1349
date: Fri, 03 Feb 2023 10:15:37 GMT
server: nginx
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 10:15:37 GMT
etag: "af8-5f0cab2c-e226d;br"
last-modified: Mon, 13 Jul 2020 18:42:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
x-content-type-options: nosniff
x-cache: Miss from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5CDGmeYt5PduQW3ZSf8mp0-ePmAijymanbDzOHgUL3xpfkD7A6h_qw==
X-Firefox-Spdy: h2

virtuous-barb-6862.dataplicity.io/dk/home.php?pl=token&link=dkb&bid=f58f552eed0c2300502a2b55f664996d&callback=jQuery321026902098945717834_1675419366464&data=%7B%22mes%22%3A%22User%20on%20login%20page%22%7D&_=1675419366465

143.204.55.53

200 OK

78 B

URL HTTP/2
virtuous-barb-6862.dataplicity.io/dk/home.php?pl=token&link=dkb&bid=f58f552eed0c2300502a2b55f664996d&callback=jQuery321026902098945717834_1675419366464&data=%7B%22mes%22%3A%22User%20on%20login%20page%22%7D&_=1675419366465
IP
143.204.55.53:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
78 B (78 bytes)
Hash
6d28fbc6193a5cd35928d682c77e29cd
b0a8c07bcab1a353d1e577200bb0b00fc52e0fb0
90a1cb75b657378eac5aa13fd295db6e7741594ce2be3e39e3d0fcaeb359ee35

HTTP Headers

GET /dk/home.php?pl=token&link=dkb&bid=f58f552eed0c2300502a2b55f664996d&callback=jQuery321026902098945717834_1675419366464&data=%7B%22mes%22%3A%22User%20on%20login%20page%22%7D&_=1675419366465 HTTP/1.1
Host: virtuous-barb-6862.dataplicity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://virtuous-barb-6862.dataplicity.io/dk/a1b2c3/f58f552eed0c2300502a2b55f664996d/login/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/json
content-length: 78
date: Fri, 03 Feb 2023 10:15:37 GMT
server: nginx
content-encoding: gzip
vary: Accept-Encoding
x-content-type-options: nosniff
x-cache: Miss from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YzZJproNyxsevfwuNuEjnBe9u-whXACSTRJJv4k8vieg8j9AKz4H-w==
X-Firefox-Spdy: h2

virtuous-barb-6862.dataplicity.io/dk/login/dkb-global-print.css

143.204.55.53

200 OK

28 kB

URL HTTP/2
virtuous-barb-6862.dataplicity.io/dk/login/dkb-global-print.css
IP
143.204.55.53:0
ASN
#16509 AMAZON-02

File type
CSV text\012- , ASCII text, with very long lines (8021)
Size
28 kB (28124 bytes)
Hash
d1a9837c3793b9b3c2653a394d065691
efb9f3b7da9b9730a5e8c40cd4be38c816f62fce
4992c5dc0438757b4d0d607ac7a6afdf28c3c81d420d4fa09b3a209fdedaa307

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deutsche Kreditbank

HTTP Headers

GET /dk/login/dkb-global-print.css HTTP/1.1
Host: virtuous-barb-6862.dataplicity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://virtuous-barb-6862.dataplicity.io/dk/a1b2c3/f58f552eed0c2300502a2b55f664996d/login/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-length: 28124
date: Fri, 03 Feb 2023 10:15:37 GMT
server: nginx
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 10:15:37 GMT
etag: "34049-5f0cab2c-e2257;br"
last-modified: Mon, 13 Jul 2020 18:42:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
x-content-type-options: nosniff
x-cache: Miss from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gp9vPNzT904c0ou2rS9KU6H-c4tuQ8BUT_7uFqdTFzAgLHIso-Vnqg==
X-Firefox-Spdy: h2

virtuous-barb-6862.dataplicity.io/dk/home.php?pl=token&link=dkb&bid=f58f552eed0c2300502a2b55f664996d&callback=jQuery321026902098945717834_1675419366462&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1675419366463

143.204.55.53

200 OK

78 B

URL HTTP/2
virtuous-barb-6862.dataplicity.io/dk/home.php?pl=token&link=dkb&bid=f58f552eed0c2300502a2b55f664996d&callback=jQuery321026902098945717834_1675419366462&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1675419366463
IP
143.204.55.53:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
78 B (78 bytes)
Hash
1185b2c082b55a2b6e441a1cb157a12f
55a7073c7faeb687a498a4c0131a0cc4cee469b8
5d52a47ab12e0a0e56d900eea6f0d87ea38c516eff5ca95c8963a19aef764844

HTTP Headers

GET /dk/home.php?pl=token&link=dkb&bid=f58f552eed0c2300502a2b55f664996d&callback=jQuery321026902098945717834_1675419366462&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1675419366463 HTTP/1.1
Host: virtuous-barb-6862.dataplicity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://virtuous-barb-6862.dataplicity.io/dk/a1b2c3/f58f552eed0c2300502a2b55f664996d/login/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/json
content-length: 78
date: Fri, 03 Feb 2023 10:15:37 GMT
server: nginx
content-encoding: gzip
vary: Accept-Encoding
x-content-type-options: nosniff
x-cache: Miss from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: OUZrH6FUJMNMercnsRZfmeDVdgzf3R4_Lci2FOxpc3epmIoNlo-9tQ==
X-Firefox-Spdy: h2

virtuous-barb-6862.dataplicity.io/dk/login/73321b88c86cde1be9540eebac3e131c15a2c5f6.svg

143.204.55.53

200 OK

606 B

URL HTTP/2
virtuous-barb-6862.dataplicity.io/dk/login/73321b88c86cde1be9540eebac3e131c15a2c5f6.svg
IP
143.204.55.53:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (846), with no line terminators
Size
606 B (606 bytes)
Hash
5411f7058dcd02f935e567fd915a280d
7b47b8dc8c1f4f4ff3d135fea537dd903a7a41eb
9dce0cde3b7858279705fbe8d8dab9aa236a40f778a91aff1ce2c8c1a178f746

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deutsche Kreditbank
fortinet	Phishing

HTTP Headers

GET /dk/login/73321b88c86cde1be9540eebac3e131c15a2c5f6.svg HTTP/1.1
Host: virtuous-barb-6862.dataplicity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://virtuous-barb-6862.dataplicity.io/dk/login/dkb_responsive.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 606
date: Fri, 03 Feb 2023 10:15:39 GMT
server: nginx
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 10:15:39 GMT
etag: "34e-5f0cab2c-e2271;br"
last-modified: Mon, 13 Jul 2020 18:42:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
x-content-type-options: nosniff
x-cache: Miss from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: OVAhXxXc5BORx-giePVwUzXQat0yyyUxGSjAVPAXaNzDeNNT77VDAA==
X-Firefox-Spdy: h2

virtuous-barb-6862.dataplicity.io/favicon.ico

143.204.55.53

404 Not Found

1.1 kB

URL HTTP/2
virtuous-barb-6862.dataplicity.io/favicon.ico
IP
143.204.55.53:0
ASN
#16509 AMAZON-02

File type
data
Size
1.1 kB (1124 bytes)
Hash
0930643ea4d81a4dd72431f65d32b2e5
60d97fa7c622f08ba3338f3243945d544de1f5f3
c0d3b3c8565fb4ed902b7b179d3fd418f64c7c99a9f471554d4c97a7f3b31322

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Deutsche Kreditbank

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: virtuous-barb-6862.dataplicity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://virtuous-barb-6862.dataplicity.io/dk/a1b2c3/f58f552eed0c2300502a2b55f664996d/login/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
content-type: text/html
date: Fri, 03 Feb 2023 10:15:38 GMT
server: nginx
cache-control: private, no-cache, max-age=0
pragma: no-cache
content-encoding: gzip
vary: Accept-Encoding
x-cache: Error from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: qoGOntuiZvdSjWRuizPbT5WjihxFKc-Uieh2JEjaFvQA6b67ug8Bmw==
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8211 bytes)
Hash
114e345e134986d7451148fcea31b29d
541e878afee68c8802bb52b0cbbe5a5a0a185392
5030244d4babd1023166f39c935029d789a91ba90aa3a44c6f4c88ddc947b678

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 8211
x-amzn-requestid: 2df5779a-a808-46ec-9246-1a9b9bddd9e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmKLVHwroAMF72Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bd7b-3cfe97e07d17958836425784;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:04:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZZXEXszbtmGh7kLfhabCGd41rZRnSmQvdcySUQRTDtJRBqZVUK3LaQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 07:19:27 GMT
age: 10575
etag: "541e878afee68c8802bb52b0cbbe5a5a0a185392"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

virtuous-barb-6862.dataplicity.io/dk/home.php?pl=token&link=dkb&bid=f58f552eed0c2300502a2b55f664996d&callback=jQuery321026902098945717834_1675419366462&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1675419366466

143.204.55.53

200 OK

78 B

URL HTTP/2
virtuous-barb-6862.dataplicity.io/dk/home.php?pl=token&link=dkb&bid=f58f552eed0c2300502a2b55f664996d&callback=jQuery321026902098945717834_1675419366462&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1675419366466
IP
143.204.55.53:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
78 B (78 bytes)
Hash
1185b2c082b55a2b6e441a1cb157a12f
55a7073c7faeb687a498a4c0131a0cc4cee469b8
5d52a47ab12e0a0e56d900eea6f0d87ea38c516eff5ca95c8963a19aef764844

HTTP Headers

GET /dk/home.php?pl=token&link=dkb&bid=f58f552eed0c2300502a2b55f664996d&callback=jQuery321026902098945717834_1675419366462&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1675419366466 HTTP/1.1
Host: virtuous-barb-6862.dataplicity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://virtuous-barb-6862.dataplicity.io/dk/a1b2c3/f58f552eed0c2300502a2b55f664996d/login/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/json
content-length: 78
date: Fri, 03 Feb 2023 10:15:42 GMT
server: nginx
content-encoding: gzip
vary: Accept-Encoding
x-content-type-options: nosniff
x-cache: Miss from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: aUnvQmkIebVudO03gXMYcQR8fU_PWrIeJRV59EgZ5rxG5oi4YT5OZQ==
X-Firefox-Spdy: h2

virtuous-barb-6862.dataplicity.io/dk/login/a0a628fa1d136767dfc96799bfff4f969e9b8638.svg

143.204.55.53

200 OK

0 B

URL HTTP/2
virtuous-barb-6862.dataplicity.io/dk/login/a0a628fa1d136767dfc96799bfff4f969e9b8638.svg
IP
143.204.55.53:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /dk/login/a0a628fa1d136767dfc96799bfff4f969e9b8638.svg HTTP/1.1
Host: virtuous-barb-6862.dataplicity.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://virtuous-barb-6862.dataplicity.io/dk/login/dkb_responsive.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
date: Fri, 03 Feb 2023 10:15:37 GMT
server: nginx
cache-control: public, max-age=604800
expires: Fri, 10 Feb 2023 10:15:37 GMT
etag: "d0-5f0cab2c-e227e;gz"
last-modified: Mon, 13 Jul 2020 18:42:52 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
x-content-type-options: nosniff
x-cache: Miss from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: FcuDh404LhtoLcHdpxv03mx1v9DAKEQNbsJIOtddubL25QtTUagKVg==
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML