lundev.d2ndq25o551dwj.amplifyapp.com/2-factor_verification.html
143.204.55.28301 Moved Permanently 167 B URL HTTP/1.1 lundev.d2ndq25o551dwj.amplifyapp.com/2-factor_verification.html
IP 143.204.55.28:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
Analyzer Verdict Alert openphish Luno
fortinet Phishing
GET /2-factor_verification.html HTTP/1.1
Host: lundev.d2ndq25o551dwj.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Sun, 25 Sep 2022 10:56:08 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://lundev.d2ndq25o551dwj.amplifyapp.com/2-factor_verification.html
X-Cache: Redirect from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7Y6BB-YyLQBuua_a5rWu3eyGSiswKtBU8LUaSlkDKP524Da-fsbtAQ==
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 25 Sep 2022 10:14:55 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -CHhPdWSbhymF1MoHnQyZ27MVQj1UFaAgcurMavlFZ4NZkqBpCXT4A==
Age: 2473
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3045
Expires: Sun, 25 Sep 2022 11:46:53 GMT
Date: Sun, 25 Sep 2022 10:56:08 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: npxKceIYv9QcA76XxNB-U93Rd7QXAf9uP4pbv_m-1n-1sR3hcU7N4Q==
age: 22854
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash b03c2ff679b9f8b1db6722e8ffdffec3
fa549432981b3471da55d369cc12d0e3d614ad7d
56d2e987f600788056057f9ffed90838426b001dc19a7714f87eb7438c1e64dd
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 10:56:09 GMT
Server: ECS (dcb/7EA5)
X-Cache: Miss from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: q4j_v8h7GaNtTaTjVgM0zEKe_assSI8PS0Q2ek1oJtECcdo3u_KVkg==
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 10:56:09 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 25 Sep 2022 10:04:17 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sun, 25 Sep 2022 10:12:25 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7P7f3xHqpVj3iFhW3TpSIxKFfl2KCU5uJwbJeWqGUtdmQtZNkGCNPw==
Age: 3112
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd3b36dc2b620b48de491a8d9ba00fc0
be67ba7db5215dcb7c9225876e35a5e0a5005c9e
28205ee62c77b1caad6cc24c1ce98ddb92d26f67d41270f7d5278208a907c62f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 477
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 10:56:09 GMT
Last-Modified: Sun, 25 Sep 2022 10:48:12 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
lundev.d2ndq25o551dwj.amplifyapp.com/index_files/MXXDHVXQWVACJD4VWOM6NP
143.204.55.80301 Moved Permanently 0 B URL HTTP/2 lundev.d2ndq25o551dwj.amplifyapp.com/index_files/MXXDHVXQWVACJD4VWOM6NP
IP 143.204.55.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Luno
fortinet Phishing
GET /index_files/MXXDHVXQWVACJD4VWOM6NP HTTP/1.1
Host: lundev.d2ndq25o551dwj.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lundev.d2ndq25o551dwj.amplifyapp.com/2-factor_verification.html
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 301 Moved Permanently
content-type: application/xml
content-length: 0
date: Sun, 25 Sep 2022 10:56:09 GMT
server: AmazonS3
location: /index_files/MXXDHVXQWVACJD4VWOM6NP/
x-cache: Error from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: PPeczQcWOWEVQgbiNZnxIZD5xW4jb6luT0urNjX_9cUBsWiGUEMLkQ==
X-Firefox-Spdy: h2
lundev.d2ndq25o551dwj.amplifyapp.com/index_files/index_002.js
143.204.55.80200 OK 28 B URL HTTP/2 lundev.d2ndq25o551dwj.amplifyapp.com/index_files/index_002.js
IP 143.204.55.80:0
File type ASCII text, with no line terminators
Hash 5816cced8568d223aa09d889f300692b
95cab5e474d7391762c3da5c7dc50fcf05df529f
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
Analyzer Verdict Alert openphish Luno
fortinet Phishing
GET /index_files/index_002.js HTTP/1.1
Host: lundev.d2ndq25o551dwj.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lundev.d2ndq25o551dwj.amplifyapp.com/2-factor_verification.html
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 28
date: Sun, 25 Sep 2022 10:56:10 GMT
last-modified: Fri, 23 Sep 2022 07:24:43 GMT
x-amz-server-side-encryption: AES256
cache-control: public, must-revalidate, max-age=0, s-maxage=2
accept-ranges: bytes
server: AmazonS3
etag: "5816cced8568d223aa09d889f300692b"
x-cache: Miss from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: MF_lKl38vcBGPZ7J80ZDuhx80PBPXRRWR5B-xrpqpSUWMvgIExFElg==
X-Firefox-Spdy: h2
lundev.d2ndq25o551dwj.amplifyapp.com/index_files/out_010.gif
143.204.55.80200 OK 42 B URL HTTP/2 lundev.d2ndq25o551dwj.amplifyapp.com/index_files/out_010.gif
IP 143.204.55.80:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Analyzer Verdict Alert openphish Luno
GET /index_files/out_010.gif HTTP/1.1
Host: lundev.d2ndq25o551dwj.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lundev.d2ndq25o551dwj.amplifyapp.com/2-factor_verification.html
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 42
date: Sun, 25 Sep 2022 10:56:10 GMT
last-modified: Fri, 23 Sep 2022 07:24:44 GMT
x-amz-server-side-encryption: AES256
cache-control: public, must-revalidate, max-age=0, s-maxage=2
accept-ranges: bytes
server: AmazonS3
etag: "d89746888da2d9510b64a9f031eaecd5"
x-cache: RefreshHit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jM6Ldmgw8BahxlYA-vrTzweCw9yOXi6Mq5uP5BbjxZW43rWVa_vkfw==
X-Firefox-Spdy: h2
lundev.d2ndq25o551dwj.amplifyapp.com/index_files/track.gif
143.204.55.80200 OK 23 B URL HTTP/2 lundev.d2ndq25o551dwj.amplifyapp.com/index_files/track.gif
IP 143.204.55.80:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash da5b449fff36752a93779fa4067cd2eb
71a96eea77f21ab5f1819b96c4cedd5cd34476ca
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
Analyzer Verdict Alert openphish Luno
GET /index_files/track.gif HTTP/1.1
Host: lundev.d2ndq25o551dwj.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lundev.d2ndq25o551dwj.amplifyapp.com/2-factor_verification.html
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 23
date: Sun, 25 Sep 2022 10:56:10 GMT
last-modified: Fri, 23 Sep 2022 07:24:46 GMT
x-amz-server-side-encryption: AES256
cache-control: public, must-revalidate, max-age=0, s-maxage=2
accept-ranges: bytes
server: AmazonS3
etag: "da5b449fff36752a93779fa4067cd2eb"
x-cache: RefreshHit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: XRNCxYkLPzfEvSvdNaR0INsSVa_HDu-bo36bQwgPoHRio8vsDW4ykA==
X-Firefox-Spdy: h2
lundev.d2ndq25o551dwj.amplifyapp.com/index_files/out_002.gif
143.204.55.80200 OK 42 B URL HTTP/2 lundev.d2ndq25o551dwj.amplifyapp.com/index_files/out_002.gif
IP 143.204.55.80:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Analyzer Verdict Alert openphish Luno
GET /index_files/out_002.gif HTTP/1.1
Host: lundev.d2ndq25o551dwj.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lundev.d2ndq25o551dwj.amplifyapp.com/2-factor_verification.html
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 42
date: Sun, 25 Sep 2022 10:56:10 GMT
last-modified: Fri, 23 Sep 2022 07:24:44 GMT
x-amz-server-side-encryption: AES256
cache-control: public, must-revalidate, max-age=0, s-maxage=2
accept-ranges: bytes
server: AmazonS3
etag: "d89746888da2d9510b64a9f031eaecd5"
x-cache: RefreshHit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: NLJbWIJMG-YxQONgVKJHss_bY32C9IgrRpeN8QhkGfwc2hHs-zUuvg==
X-Firefox-Spdy: h2
lundev.d2ndq25o551dwj.amplifyapp.com/index_files/out_004.gif
143.204.55.80200 OK 42 B URL HTTP/2 lundev.d2ndq25o551dwj.amplifyapp.com/index_files/out_004.gif
IP 143.204.55.80:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Analyzer Verdict Alert openphish Luno
GET /index_files/out_004.gif HTTP/1.1
Host: lundev.d2ndq25o551dwj.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lundev.d2ndq25o551dwj.amplifyapp.com/2-factor_verification.html
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 42
date: Sun, 25 Sep 2022 10:56:10 GMT
last-modified: Fri, 23 Sep 2022 07:24:44 GMT
x-amz-server-side-encryption: AES256
cache-control: public, must-revalidate, max-age=0, s-maxage=2
accept-ranges: bytes
server: AmazonS3
etag: "d89746888da2d9510b64a9f031eaecd5"
x-cache: RefreshHit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: aD7iBRrW9lItq1vSxqtCSXrQnM361mtCB0Bl2mkfa7wi-3308C-v4g==
X-Firefox-Spdy: h2
lundev.d2ndq25o551dwj.amplifyapp.com/index_files/out_009.gif
143.204.55.80200 OK 42 B URL HTTP/2 lundev.d2ndq25o551dwj.amplifyapp.com/index_files/out_009.gif
IP 143.204.55.80:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Analyzer Verdict Alert openphish Luno
GET /index_files/out_009.gif HTTP/1.1
Host: lundev.d2ndq25o551dwj.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lundev.d2ndq25o551dwj.amplifyapp.com/2-factor_verification.html
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 42
date: Sun, 25 Sep 2022 10:56:10 GMT
last-modified: Fri, 23 Sep 2022 07:24:44 GMT
x-amz-server-side-encryption: AES256
cache-control: public, must-revalidate, max-age=0, s-maxage=2
accept-ranges: bytes
server: AmazonS3
etag: "d89746888da2d9510b64a9f031eaecd5"
x-cache: RefreshHit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 1tklutFdpXif_iy41zb3KKuVMETHb6JLpWto80XuOfAq4Bu6AF08rw==
X-Firefox-Spdy: h2
lundev.d2ndq25o551dwj.amplifyapp.com/index_files/out_011.gif
143.204.55.80200 OK 42 B URL HTTP/2 lundev.d2ndq25o551dwj.amplifyapp.com/index_files/out_011.gif
IP 143.204.55.80:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Analyzer Verdict Alert openphish Luno
GET /index_files/out_011.gif HTTP/1.1
Host: lundev.d2ndq25o551dwj.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lundev.d2ndq25o551dwj.amplifyapp.com/2-factor_verification.html
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 42
date: Sun, 25 Sep 2022 10:56:10 GMT
last-modified: Fri, 23 Sep 2022 07:24:44 GMT
x-amz-server-side-encryption: AES256
cache-control: public, must-revalidate, max-age=0, s-maxage=2
accept-ranges: bytes
server: AmazonS3
etag: "d89746888da2d9510b64a9f031eaecd5"
x-cache: RefreshHit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: RBTlc-v51Z1bLclywnPZqc3DvfxvNVNHMpPTR99XptLN-IO4uuFJMQ==
X-Firefox-Spdy: h2
lundev.d2ndq25o551dwj.amplifyapp.com/index_files/out_003.gif
143.204.55.80200 OK 42 B URL HTTP/2 lundev.d2ndq25o551dwj.amplifyapp.com/index_files/out_003.gif
IP 143.204.55.80:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Analyzer Verdict Alert openphish Luno
GET /index_files/out_003.gif HTTP/1.1
Host: lundev.d2ndq25o551dwj.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lundev.d2ndq25o551dwj.amplifyapp.com/2-factor_verification.html
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 42
date: Sun, 25 Sep 2022 10:56:10 GMT
last-modified: Fri, 23 Sep 2022 07:24:44 GMT
x-amz-server-side-encryption: AES256
cache-control: public, must-revalidate, max-age=0, s-maxage=2
accept-ranges: bytes
server: AmazonS3
etag: "d89746888da2d9510b64a9f031eaecd5"
x-cache: RefreshHit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YQEm9XD27LjSEitzExQy9p6ncU_jML-bHXGf-EPmVE7EbX2znoALag==
X-Firefox-Spdy: h2
lundev.d2ndq25o551dwj.amplifyapp.com/index_files/out_008.gif
143.204.55.80200 OK 42 B URL HTTP/2 lundev.d2ndq25o551dwj.amplifyapp.com/index_files/out_008.gif
IP 143.204.55.80:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Analyzer Verdict Alert openphish Luno
GET /index_files/out_008.gif HTTP/1.1
Host: lundev.d2ndq25o551dwj.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lundev.d2ndq25o551dwj.amplifyapp.com/2-factor_verification.html
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 42
date: Sun, 25 Sep 2022 10:56:10 GMT
last-modified: Fri, 23 Sep 2022 07:24:44 GMT
x-amz-server-side-encryption: AES256
cache-control: public, must-revalidate, max-age=0, s-maxage=2
accept-ranges: bytes
server: AmazonS3
etag: "d89746888da2d9510b64a9f031eaecd5"
x-cache: Miss from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xCTN6IUqHtCLKHpch2QlcQTMhcQHMmnaBn2etbYUfWjYjyPOGN0Ncw==
X-Firefox-Spdy: h2
lundev.d2ndq25o551dwj.amplifyapp.com/index_files/out_005.gif
143.204.55.80200 OK 42 B URL HTTP/2 lundev.d2ndq25o551dwj.amplifyapp.com/index_files/out_005.gif
IP 143.204.55.80:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Analyzer Verdict Alert openphish Luno
GET /index_files/out_005.gif HTTP/1.1
Host: lundev.d2ndq25o551dwj.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lundev.d2ndq25o551dwj.amplifyapp.com/2-factor_verification.html
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 42
date: Sun, 25 Sep 2022 10:56:10 GMT
last-modified: Fri, 23 Sep 2022 07:24:44 GMT
x-amz-server-side-encryption: AES256
cache-control: public, must-revalidate, max-age=0, s-maxage=2
accept-ranges: bytes
server: AmazonS3
etag: "d89746888da2d9510b64a9f031eaecd5"
x-cache: RefreshHit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0VxnhHnip1WsdNrPo-G9f-vtDFSXs1EI6epc6KKk9YavRrHfw6gxGA==
X-Firefox-Spdy: h2
lundev.d2ndq25o551dwj.amplifyapp.com/index_files/out.gif
143.204.55.80200 OK 42 B URL HTTP/2 lundev.d2ndq25o551dwj.amplifyapp.com/index_files/out.gif
IP 143.204.55.80:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Analyzer Verdict Alert openphish Luno
GET /index_files/out.gif HTTP/1.1
Host: lundev.d2ndq25o551dwj.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lundev.d2ndq25o551dwj.amplifyapp.com/2-factor_verification.html
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 42
date: Sun, 25 Sep 2022 10:56:10 GMT
last-modified: Fri, 23 Sep 2022 07:24:44 GMT
x-amz-server-side-encryption: AES256
cache-control: public, must-revalidate, max-age=0, s-maxage=2
accept-ranges: bytes
server: AmazonS3
etag: "d89746888da2d9510b64a9f031eaecd5"
x-cache: RefreshHit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ax7j0ll-LMSm4XVqUbYiwJ1dY929xCE1V1ExIekaRYl6Yci3fOUJHg==
X-Firefox-Spdy: h2
lundev.d2ndq25o551dwj.amplifyapp.com/index_files/DN7MGSCFYVCP5O5VG6AWM4
143.204.55.80301 Moved Permanently 0 B URL HTTP/2 lundev.d2ndq25o551dwj.amplifyapp.com/index_files/DN7MGSCFYVCP5O5VG6AWM4
IP 143.204.55.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Luno
fortinet Phishing
GET /index_files/DN7MGSCFYVCP5O5VG6AWM4 HTTP/1.1
Host: lundev.d2ndq25o551dwj.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lundev.d2ndq25o551dwj.amplifyapp.com/2-factor_verification.html
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 301 Moved Permanently
content-type: application/xml
content-length: 0
date: Sun, 25 Sep 2022 10:56:09 GMT
server: AmazonS3
location: /index_files/DN7MGSCFYVCP5O5VG6AWM4/
x-cache: Error from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HFPMSodLbtMIWUzIeVxQ9j3hViuDv0GkJJ6CUVi5WXxgbDc0lp1MyQ==
X-Firefox-Spdy: h2
lundev.d2ndq25o551dwj.amplifyapp.com/index_files/out_013.gif
143.204.55.80200 OK 42 B URL HTTP/2 lundev.d2ndq25o551dwj.amplifyapp.com/index_files/out_013.gif
IP 143.204.55.80:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Analyzer Verdict Alert openphish Luno
GET /index_files/out_013.gif HTTP/1.1
Host: lundev.d2ndq25o551dwj.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lundev.d2ndq25o551dwj.amplifyapp.com/2-factor_verification.html
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 42
date: Sun, 25 Sep 2022 10:56:10 GMT
last-modified: Fri, 23 Sep 2022 07:24:44 GMT
x-amz-server-side-encryption: AES256
cache-control: public, must-revalidate, max-age=0, s-maxage=2
accept-ranges: bytes
server: AmazonS3
etag: "d89746888da2d9510b64a9f031eaecd5"
x-cache: Miss from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5VGnXeSY6b4ORjYEwDAv-g4_bZzuUPvsIHE-dEtccVZ2zc6kiy8QUA==
X-Firefox-Spdy: h2
lundev.d2ndq25o551dwj.amplifyapp.com/index_files/out_007.gif
143.204.55.80200 OK 42 B URL HTTP/2 lundev.d2ndq25o551dwj.amplifyapp.com/index_files/out_007.gif
IP 143.204.55.80:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Analyzer Verdict Alert openphish Luno
GET /index_files/out_007.gif HTTP/1.1
Host: lundev.d2ndq25o551dwj.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lundev.d2ndq25o551dwj.amplifyapp.com/2-factor_verification.html
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 42
date: Sun, 25 Sep 2022 10:56:10 GMT
last-modified: Fri, 23 Sep 2022 07:24:44 GMT
x-amz-server-side-encryption: AES256
cache-control: public, must-revalidate, max-age=0, s-maxage=2
accept-ranges: bytes
server: AmazonS3
etag: "d89746888da2d9510b64a9f031eaecd5"
x-cache: RefreshHit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vjf7wutS19t-dAcbFUiaJm4Sc-qq6CrdySUGXRt2-ikYG0KoIndN-g==
X-Firefox-Spdy: h2
lundev.d2ndq25o551dwj.amplifyapp.com/index_files/out_006.gif
143.204.55.80200 OK 42 B URL HTTP/2 lundev.d2ndq25o551dwj.amplifyapp.com/index_files/out_006.gif
IP 143.204.55.80:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Analyzer Verdict Alert openphish Luno
GET /index_files/out_006.gif HTTP/1.1
Host: lundev.d2ndq25o551dwj.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lundev.d2ndq25o551dwj.amplifyapp.com/2-factor_verification.html
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 42
date: Sun, 25 Sep 2022 10:56:10 GMT
last-modified: Fri, 23 Sep 2022 07:24:44 GMT
x-amz-server-side-encryption: AES256
cache-control: public, must-revalidate, max-age=0, s-maxage=2
accept-ranges: bytes
server: AmazonS3
etag: "d89746888da2d9510b64a9f031eaecd5"
x-cache: RefreshHit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zaPHJcuKw3HHPppIXRBLc3yeNJfTfjIT2qO1DQcq4BKmSKZE8gevUw==
X-Firefox-Spdy: h2
push.services.mozilla.com/
44.237.239.70101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.237.239.70:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Ur9hvOmQYxXdiIW0WGuu4A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9+zDx2RCH4YWXcbtb1b5ufla+4Q=
lundev.d2ndq25o551dwj.amplifyapp.com/index_files/out_012.gif
143.204.55.80200 OK 42 B URL HTTP/2 lundev.d2ndq25o551dwj.amplifyapp.com/index_files/out_012.gif
IP 143.204.55.80:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Analyzer Verdict Alert openphish Luno
GET /index_files/out_012.gif HTTP/1.1
Host: lundev.d2ndq25o551dwj.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lundev.d2ndq25o551dwj.amplifyapp.com/2-factor_verification.html
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 42
date: Sun, 25 Sep 2022 10:56:10 GMT
last-modified: Fri, 23 Sep 2022 07:24:44 GMT
x-amz-server-side-encryption: AES256
cache-control: public, must-revalidate, max-age=0, s-maxage=2
accept-ranges: bytes
server: AmazonS3
etag: "d89746888da2d9510b64a9f031eaecd5"
x-cache: RefreshHit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KCYuJy-v8bxdfvkZFUsvvpVKE0VQj1LEiqs7CcF2cKwE0JiqmWIo9Q==
X-Firefox-Spdy: h2
lundev.d2ndq25o551dwj.amplifyapp.com/index_files/DN7MGSCFYVCP5O5VG6AWM4/
143.204.55.80403 Forbidden 74 kB URL HTTP/2 lundev.d2ndq25o551dwj.amplifyapp.com/index_files/DN7MGSCFYVCP5O5VG6AWM4/
IP 143.204.55.80:0
Hash cd100b3d2b4dfaafa43e1d81b164faa3
a82e11d8cb3ae129ee1b7dd29eb02fbe2475dcb3
46292ea463de2ac79f531d032623c0e375f686bcb86cfe26ffe7f6d4ef072268
Analyzer Verdict Alert openphish Luno
fortinet Phishing
GET /index_files/DN7MGSCFYVCP5O5VG6AWM4/ HTTP/1.1
Host: lundev.d2ndq25o551dwj.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lundev.d2ndq25o551dwj.amplifyapp.com/2-factor_verification.html
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
content-type: application/xml
date: Sun, 25 Sep 2022 10:56:10 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: p1Q-wJzqLQSjLF4PMEKt4-yFTN7j3GcyUNgvZAD3at3lYZOTl6GOiw==
X-Firefox-Spdy: h2
d32exi8v9av3ux.cloudfront.net/static/fonts/Fracktif-SemiBold.woff
143.204.42.165200 OK 75 kB URL HTTP/2 d32exi8v9av3ux.cloudfront.net/static/fonts/Fracktif-SemiBold.woff
IP 143.204.42.165:0
File type Web Open Font Format, CFF, length 75012, version 0.0\012- data
Hash db0088214c43f64eca60c333838a1d1b
c266aceaf4e6095bbda572c3cefd873dc64d6b06
412b2537f5f90857519fd60ec6ad2d749f36dbde3c70172d286367f626beff83
GET /static/fonts/Fracktif-SemiBold.woff HTTP/1.1
Host: d32exi8v9av3ux.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lundev.d2ndq25o551dwj.amplifyapp.com
Connection: keep-alive
Referer: https://lundev.d2ndq25o551dwj.amplifyapp.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: font/woff
content-length: 75012
date: Sat, 24 Sep 2022 07:08:18 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Thu, 10 Feb 2022 13:05:36 GMT
etag: "db0088214c43f64eca60c333838a1d1b"
cache-control: public, max-age=604800
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -kaG63F95FcX1c-4nc5rvxNgu4T2SGzV9JdxRx9DxkXMbYXvSlgLsA==
age: 100073
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash da681c2f112645651e5b32be2cfcd052
2e57e4163b8ed8ceebe8c6dde5ff1aa5efc7b946
302a7e1f8156051b7c793c61fbe3e81096374431e22bd9821b4aa38e1a5772f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 10:56:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lundev.d2ndq25o551dwj.amplifyapp.com/index_files/fpconsent.js
143.204.55.80403 Forbidden 120 kB URL HTTP/2 lundev.d2ndq25o551dwj.amplifyapp.com/index_files/fpconsent.js
IP 143.204.55.80:0
Size 120 kB (119575 bytes)
Hash 88b058022b1e52f17af07e350a81caa3
7a0fc85513bb50639bf49a9776306163350435bd
5beb8760e6f79afa63a2bd075d54c0c37b0bb01450c3b0ac6a99f262916c0179
Analyzer Verdict Alert openphish Luno
fortinet Phishing
GET /index_files/fpconsent.js HTTP/1.1
Host: lundev.d2ndq25o551dwj.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lundev.d2ndq25o551dwj.amplifyapp.com/2-factor_verification.html
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
content-type: application/xml
date: Sun, 25 Sep 2022 10:56:10 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gmott3opntqw43ys4_6BxHCKijXW79rMoPP9-s0RYWx2ldZ1x2nl3w==
X-Firefox-Spdy: h2
d32exi8v9av3ux.cloudfront.net/auth-app/2022/01/17/26465d/auth-app/assets/img/favicon-16x16.png
143.204.42.165200 OK 303 B URL HTTP/2 d32exi8v9av3ux.cloudfront.net/auth-app/2022/01/17/26465d/auth-app/assets/img/favicon-16x16.png
IP 143.204.42.165:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash dd23e160b468ea5f4b5b88a719ddee63
c1c0d5bba3cbd9bb5bab9ad42aaf5150a3ff1df0
cf0b20b47983a98fb61c7c2e03bd0445b34408c561e0e591ad72b37a9be750ff
GET /auth-app/2022/01/17/26465d/auth-app/assets/img/favicon-16x16.png HTTP/1.1
Host: d32exi8v9av3ux.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lundev.d2ndq25o551dwj.amplifyapp.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 303
date: Fri, 09 Sep 2022 03:53:49 GMT
last-modified: Mon, 17 Jan 2022 11:57:28 GMT
etag: "dd23e160b468ea5f4b5b88a719ddee63"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Pd1xKiHzE_-mzpQct_BIUEF3KiJJWZG07HIKjDAH2aeBm-4G60KcSQ==
age: 1407743
X-Firefox-Spdy: h2
d32exi8v9av3ux.cloudfront.net/auth-app/2022/01/17/26465d/auth-app/assets/img/favicon-152x152.png
143.204.42.165200 OK 2.3 kB URL HTTP/2 d32exi8v9av3ux.cloudfront.net/auth-app/2022/01/17/26465d/auth-app/assets/img/favicon-152x152.png
IP 143.204.42.165:0
File type PNG image data, 152 x 152, 8-bit colormap, non-interlaced\012- data
Hash bfdc0fedce221294659346a7783b6a7a
96474ad641d1addab4abc17fa659d73c3940f1a3
e87f5a2d3aeccca887e6c759a0f6ac07cd9f54c5ee85fa2aa9d97c1e678bf013
GET /auth-app/2022/01/17/26465d/auth-app/assets/img/favicon-152x152.png HTTP/1.1
Host: d32exi8v9av3ux.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lundev.d2ndq25o551dwj.amplifyapp.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 2286
date: Sat, 13 Aug 2022 07:08:08 GMT
last-modified: Mon, 17 Jan 2022 11:57:28 GMT
etag: "bfdc0fedce221294659346a7783b6a7a"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: VG5ERsUTZacfNJKFFukbR8RUwGFTp7_nwxUE5QgQUfEXSO4PZz1EJQ==
age: 3728884
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6906
Expires: Sun, 25 Sep 2022 12:51:17 GMT
Date: Sun, 25 Sep 2022 10:56:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6906
Expires: Sun, 25 Sep 2022 12:51:17 GMT
Date: Sun, 25 Sep 2022 10:56:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6906
Expires: Sun, 25 Sep 2022 12:51:17 GMT
Date: Sun, 25 Sep 2022 10:56:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6906
Expires: Sun, 25 Sep 2022 12:51:17 GMT
Date: Sun, 25 Sep 2022 10:56:11 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Hash b3a72e81317074689a71dac7059e4b6a
b6d56333d7f1ea7ddc8838d84de498ff913c5464
e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: W6ZD1652Yn1xqZG7ehDcirlYoG8Hcsrdj11Fzfgj7zb-OiU8xHj1gw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:32 GMT
age: 47919
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F254286e1-1c63-4609-9dfb-0eb4b9096238.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F254286e1-1c63-4609-9dfb-0eb4b9096238.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 714af732a9aa1db2b13ffb62810fd532
358e74de395352a9529ff1c17856daf8900888c5
1d2035cfcd283560ebe8494f9438e52f8d96cd092dd41cb0eb899a3f905c1e05
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F254286e1-1c63-4609-9dfb-0eb4b9096238.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6199
x-amzn-requestid: d26f22d9-4e9b-4764-8c96-2e1c7ce36340
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y--OKHowoAMFbQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7727-7adb7c4925e6e50e13889544;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:31:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3_xkH-s3Fzz3CRHux4j3hergFHWBmOFF9vMBCoN1rJrjrCkeSEp0qQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 22:01:16 GMT
age: 46495
etag: "358e74de395352a9529ff1c17856daf8900888c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
lundev.d2ndq25o551dwj.amplifyapp.com/index_files/MXXDHVXQWVACJD4VWOM6NP/
143.204.55.80403 Forbidden 7.9 kB URL HTTP/2 lundev.d2ndq25o551dwj.amplifyapp.com/index_files/MXXDHVXQWVACJD4VWOM6NP/
IP 143.204.55.80:0
Hash b70d434ece2e37941cce150d73c94901
3d87ef5d3ffd1ea3467c493264c6a611c3e7eb50
73d4969db353d791ac76ebf7e63943a7e30603623ec39cffa839c5f6baada28b
Analyzer Verdict Alert openphish Luno
fortinet Phishing
GET /index_files/MXXDHVXQWVACJD4VWOM6NP/ HTTP/1.1
Host: lundev.d2ndq25o551dwj.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lundev.d2ndq25o551dwj.amplifyapp.com/2-factor_verification.html
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
content-type: application/xml
date: Sun, 25 Sep 2022 10:56:10 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: XCvzZNFCpLuH2gHm6btyKKvIpjV5TRES7E72m3UELOM03Vb_ja0cxg==
X-Firefox-Spdy: h2
lundev.d2ndq25o551dwj.amplifyapp.com/index_files/fpconsent.js
143.204.55.80403 Forbidden 11 kB URL HTTP/2 lundev.d2ndq25o551dwj.amplifyapp.com/index_files/fpconsent.js
IP 143.204.55.80:0
Hash 27c715333545425e049d6074107197e0
27cd56678443b75453535b9b4a6e327ae3bf0cb5
5351d34d9bb42a23480b068c64bb358ccc9a9d0c0049427ecf1e4d0dbc2dc3a5
Analyzer Verdict Alert openphish Luno
fortinet Phishing
GET /index_files/fpconsent.js HTTP/1.1
Host: lundev.d2ndq25o551dwj.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lundev.d2ndq25o551dwj.amplifyapp.com/2-factor_verification.html
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
content-type: application/xml
date: Sun, 25 Sep 2022 10:56:09 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: qSADjyzKEtyBU9SoFa9U6Fk3mub2I9RFQz1LUlE-5n36SJXRkKhnjQ==
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30df3bb6-8eae-49ae-ba75-f6dd462463ac.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30df3bb6-8eae-49ae-ba75-f6dd462463ac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8abddb2cad9c262667f358ecb9b084ae
2d97861b35e3d0ffe6a614037e4ff7946018b4ef
9b4878cf451b7bc5c7467d1e35e2fa12f54e516c878dd54d0293a4ef4947ba5b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30df3bb6-8eae-49ae-ba75-f6dd462463ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4237
x-amzn-requestid: ae2729cb-a956-4214-b3be-b510a3f62698
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y9FNDGu7oAMF7oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632eb586-097d52637dc131002d4ac57d;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 07:45:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TUT-wNEcMOArWarvrWvtkVVf4ZfrTv6CtG7a_aBZN9mZ6L-GawZkZA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 01:14:25 GMT
age: 34906
etag: "2d97861b35e3d0ffe6a614037e4ff7946018b4ef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb009e5a9-dad2-4c57-9637-c9930d6b3f05.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb009e5a9-dad2-4c57-9637-c9930d6b3f05.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 328516d7184ca4b4f6e50bf895b9bce0
752c2278004a98fcfacf4c3f16470d610ffd2daa
8096b89e6b868d9e40b5c31b80309472695b9cd085cca2f872159f4e35056c08
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb009e5a9-dad2-4c57-9637-c9930d6b3f05.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6671
x-amzn-requestid: c99d94f4-5a09-44d2-a2ce-0daac62d2087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y-_EAHQ2oAMFaqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f787f-7fbe302d3e7587263e61cb0d;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:37:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FuhBG1wzZ7q3UXGwFA32yLn9Rn4DzcpPODW1HivGDtB-2-9F4Q3gBA==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:05 GMT
age: 47946
etag: "752c2278004a98fcfacf4c3f16470d610ffd2daa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
lundev.d2ndq25o551dwj.amplifyapp.com/2-factor_verification.html
143.204.55.80200 OK 0 B URL HTTP/2 lundev.d2ndq25o551dwj.amplifyapp.com/2-factor_verification.html
IP 143.204.55.80:0
Analyzer Verdict Alert openphish Luno
fortinet Phishing
GET /2-factor_verification.html HTTP/1.1
Host: lundev.d2ndq25o551dwj.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html
date: Sun, 25 Sep 2022 10:56:10 GMT
last-modified: Fri, 23 Sep 2022 07:24:41 GMT
etag: W/"055803055f8a1c9d49d94a9b7be96dc0"
x-amz-server-side-encryption: AES256
cache-control: public, must-revalidate, max-age=0, s-maxage=2
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: JNfbR-VgJwI5HZONdc1vD6fsyUBJXkyDzyvrrkiGz4L0ufd0_yq1zg==
X-Firefox-Spdy: h2
lundev.d2ndq25o551dwj.amplifyapp.com/index_files/singular-sdk.js
143.204.55.80200 OK 0 B URL HTTP/2 lundev.d2ndq25o551dwj.amplifyapp.com/index_files/singular-sdk.js
IP 143.204.55.80:0
Analyzer Verdict Alert openphish Luno
fortinet Phishing
GET /index_files/singular-sdk.js HTTP/1.1
Host: lundev.d2ndq25o551dwj.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lundev.d2ndq25o551dwj.amplifyapp.com/2-factor_verification.html
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Sun, 25 Sep 2022 10:56:10 GMT
last-modified: Fri, 23 Sep 2022 07:24:45 GMT
x-amz-server-side-encryption: AES256
cache-control: public, must-revalidate, max-age=0, s-maxage=2
server: AmazonS3
content-encoding: gzip
etag: W/"3b7624f0f44b75dd69fed75edf1ce836"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zwF5cfw0goE0c6hnvJGIS5GI5ixz-zHnU_rBG2a3f_53O3xVioMTpg==
X-Firefox-Spdy: h2
lundev.d2ndq25o551dwj.amplifyapp.com/index_files/styles.css
143.204.55.80200 OK 0 B URL HTTP/2 lundev.d2ndq25o551dwj.amplifyapp.com/index_files/styles.css
IP 143.204.55.80:0
Analyzer Verdict Alert openphish Luno
GET /index_files/styles.css HTTP/1.1
Host: lundev.d2ndq25o551dwj.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lundev.d2ndq25o551dwj.amplifyapp.com/2-factor_verification.html
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
date: Sun, 25 Sep 2022 10:56:10 GMT
last-modified: Fri, 23 Sep 2022 07:24:46 GMT
x-amz-server-side-encryption: AES256
cache-control: public, must-revalidate, max-age=0, s-maxage=2
server: AmazonS3
content-encoding: gzip
etag: W/"8b6b38195f918628cc0947836e87a474"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: O2ku8dBSJR1N_SdIFm16yUsSRxBZ3vKDxsyUUy3WOELMsgSh8E4Tzg==
X-Firefox-Spdy: h2
lundev.d2ndq25o551dwj.amplifyapp.com/index_files/MXXDHVXQWVACJD4VWOM6NP/
143.204.55.80403 Forbidden 0 B URL HTTP/2 lundev.d2ndq25o551dwj.amplifyapp.com/index_files/MXXDHVXQWVACJD4VWOM6NP/
IP 143.204.55.80:0
Analyzer Verdict Alert openphish Luno
fortinet Phishing
GET /index_files/MXXDHVXQWVACJD4VWOM6NP/ HTTP/1.1
Host: lundev.d2ndq25o551dwj.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lundev.d2ndq25o551dwj.amplifyapp.com/2-factor_verification.html
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
content-type: application/xml
date: Sun, 25 Sep 2022 10:56:09 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jy5ddhM27_lfHprPuh9NJQNBe76sNf5exOeCbh0fKhXbYY53EQgRTw==
X-Firefox-Spdy: h2
lundev.d2ndq25o551dwj.amplifyapp.com/index_files/index.js
143.204.55.80403 Forbidden 0 B URL HTTP/2 lundev.d2ndq25o551dwj.amplifyapp.com/index_files/index.js
IP 143.204.55.80:0
Analyzer Verdict Alert openphish Luno
fortinet Phishing
GET /index_files/index.js HTTP/1.1
Host: lundev.d2ndq25o551dwj.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lundev.d2ndq25o551dwj.amplifyapp.com/2-factor_verification.html
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
content-type: application/xml
date: Sun, 25 Sep 2022 10:56:10 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HBe_E49yGgq04s1FnNOZxoI_ULx9mvNu_d0FEbj5KrlmUejkvTLZHA==
X-Firefox-Spdy: h2
lundev.d2ndq25o551dwj.amplifyapp.com/index_files/sendrolling.js
143.204.55.80200 OK 0 B URL HTTP/2 lundev.d2ndq25o551dwj.amplifyapp.com/index_files/sendrolling.js
IP 143.204.55.80:0
Analyzer Verdict Alert openphish Luno
fortinet Phishing
GET /index_files/sendrolling.js HTTP/1.1
Host: lundev.d2ndq25o551dwj.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lundev.d2ndq25o551dwj.amplifyapp.com/2-factor_verification.html
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Sun, 25 Sep 2022 10:56:10 GMT
last-modified: Fri, 23 Sep 2022 07:24:45 GMT
x-amz-server-side-encryption: AES256
cache-control: public, must-revalidate, max-age=0, s-maxage=2
server: AmazonS3
content-encoding: gzip
etag: W/"c317a5be7d65fa0c4d68d9735af020e4"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jW8eJAOgpXuDD5Ntx7nKZ_jFiHZS6XnD-MYIVphr0g2p2LDP_PZi2Q==
X-Firefox-Spdy: h2
lundev.d2ndq25o551dwj.amplifyapp.com/index_files/index.js
143.204.55.80403 Forbidden 0 B URL HTTP/2 lundev.d2ndq25o551dwj.amplifyapp.com/index_files/index.js
IP 143.204.55.80:0
Analyzer Verdict Alert openphish Luno
fortinet Phishing
GET /index_files/index.js HTTP/1.1
Host: lundev.d2ndq25o551dwj.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lundev.d2ndq25o551dwj.amplifyapp.com/2-factor_verification.html
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
content-type: application/xml
date: Sun, 25 Sep 2022 10:56:08 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: y1jRygMqjsz6qrKvcH15ZfPd2I_QEgCDxu9D99J26rVrwZtVeWam3g==
X-Firefox-Spdy: h2
lundev.d2ndq25o551dwj.amplifyapp.com/index_files/key.svg
143.204.55.80200 OK 0 B URL HTTP/2 lundev.d2ndq25o551dwj.amplifyapp.com/index_files/key.svg
IP 143.204.55.80:0
Analyzer Verdict Alert openphish Luno
fortinet Phishing
GET /index_files/key.svg HTTP/1.1
Host: lundev.d2ndq25o551dwj.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lundev.d2ndq25o551dwj.amplifyapp.com/2-factor_verification.html
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Sun, 25 Sep 2022 10:56:10 GMT
last-modified: Fri, 23 Sep 2022 07:24:44 GMT
x-amz-server-side-encryption: AES256
cache-control: public, must-revalidate, max-age=0, s-maxage=2
server: AmazonS3
content-encoding: gzip
etag: W/"726e0d1e34361d817a95429140497641"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Uq5F32FYit1BEmrhgpWEKuyClZl5cXSA5vbw-V4LbAx9qeKNMIz1jA==
X-Firefox-Spdy: h2
lundev.d2ndq25o551dwj.amplifyapp.com/index_files/DN7MGSCFYVCP5O5VG6AWM4/
143.204.55.80403 Forbidden 0 B URL HTTP/2 lundev.d2ndq25o551dwj.amplifyapp.com/index_files/DN7MGSCFYVCP5O5VG6AWM4/
IP 143.204.55.80:0
Analyzer Verdict Alert openphish Luno
fortinet Phishing
GET /index_files/DN7MGSCFYVCP5O5VG6AWM4/ HTTP/1.1
Host: lundev.d2ndq25o551dwj.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lundev.d2ndq25o551dwj.amplifyapp.com/2-factor_verification.html
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
content-type: application/xml
date: Sun, 25 Sep 2022 10:56:09 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3LTxvdLGM9YgAVJVPdbdCp50zCtJOq7SDL_V0gHbapo82KZ_OFhkjQ==
X-Firefox-Spdy: h2