ocsp.sectigo.com/
104.18.14.101 471 B IP 104.18.14.101:0
Hash f5ee7855646dd9d2ef6ea50602edce5a
20233193ddc8c181ce7c984e4052085a01daf9f8
222dcfea243a884f7b73a7401e3926f19f1c964a15070217a2195723e31df0e8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 29 May 2023 16:06:15 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 28 May 2023 10:22:55 GMT
Expires: Sun, 04 Jun 2023 10:22:54 GMT
Etag: "20233193ddc8c181ce7c984e4052085a01daf9f8"
Cache-Control: max-age=498633,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ceffbca88e8fac4-OSL
178.254.10.134200 OK 726 B URL User Request GET HTTP/1.1 IP 178.254.10.134:80
ASN #42730 EVANZO e-commerce GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash aaaa156c19b589b6a487c679dd4aa609
c3f36cb7a42e6d81dafd46ded3e4674747ab5331
387fe494788445f950545d4a32494e387663fab3e47c1c4446dd9bff5c166fe9
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: amz-amazon.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 29 May 2023 16:06:15 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 29 Apr 2011 13:57:08 GMT
ETag: "604-4a20f0cb15500-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 726
Keep-Alive: timeout=10, max=500
Content-Type: text/html
www.1blu.de/img/reserved.jpg
178.254.4.208200 OK 0 B URL GET HTTP/1.1 www.1blu.de/img/reserved.jpg
IP 178.254.4.208:443
ASN #42730 EVANZO e-commerce GmbH
Certificate IssuerSectigo Limited
Subjectwww.1blu.de
Fingerprint71:82:B0:E2:3D:8E:2B:86:6B:1B:91:67:B6:3D:EF:97:03:C2:C1:CA
ValidityThu, 25 Aug 2022 00:00:00 GMT - Mon, 25 Sep 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /img/reserved.jpg HTTP/1.1
Host: www.1blu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://amz-amazon.de/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Content-length: 0
Location: https://www.1blu.de/img/reserved.jpg
www.1blu.de/img/favicon.ico
178.254.4.208404 Not Found 0 B URL GET HTTP/1.1 www.1blu.de/img/favicon.ico
IP 178.254.4.208:443
ASN #42730 EVANZO e-commerce GmbH
Certificate IssuerSectigo Limited
Subjectwww.1blu.de
Fingerprint71:82:B0:E2:3D:8E:2B:86:6B:1B:91:67:B6:3D:EF:97:03:C2:C1:CA
ValidityThu, 25 Aug 2022 00:00:00 GMT - Mon, 25 Sep 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /img/favicon.ico HTTP/1.1
Host: www.1blu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://amz-amazon.de/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Content-length: 0
Location: https://www.1blu.de/img/favicon.ico
ocsp.sectigo.com/
104.18.14.101 471 B IP 104.18.14.101:0
Hash e4486e192b8b1d4e7ecf7ef68f37bc6e
f508f1834b4960d5433500c0be3aaad13fade3d5
e743b05a7e760722567fa296232eff4f558b923adee4f050950833887499e5c8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 29 May 2023 16:06:15 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 27 May 2023 13:35:01 GMT
Expires: Sat, 03 Jun 2023 13:35:00 GMT
Etag: "f508f1834b4960d5433500c0be3aaad13fade3d5"
Cache-Control: max-age=423272,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ceffbcd7b9ffac4-OSL
www.1blu.de/img/reserved.jpg
178.254.4.208200 OK 41 kB URL GET HTTP/1.1 www.1blu.de/img/reserved.jpg
IP 178.254.4.208:443
ASN #42730 EVANZO e-commerce GmbH
Certificate IssuerSectigo Limited
Subjectwww.1blu.de
Fingerprint71:82:B0:E2:3D:8E:2B:86:6B:1B:91:67:B6:3D:EF:97:03:C2:C1:CA
ValidityThu, 25 Aug 2022 00:00:00 GMT - Mon, 25 Sep 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 592x355, components 3\012- data
Hash 8f38897b4ff6b4df949aa081afd13dfc
08f1040f89a34540a4b9c52cd21d8e4bc509afd5
3a4a1a2f59b9bdd2f012d8cf24719efdc408963bbb45788c42ae3ee9361e8035
GET /img/reserved.jpg HTTP/1.1
Host: www.1blu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://amz-amazon.de/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 29 May 2023 16:06:15 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Wed, 09 Nov 2016 13:27:30 GMT
ETag: "9e6c-540de38001480"
Accept-Ranges: bytes
Content-Length: 40556
Content-Type: image/jpeg
Strict-Transport-Security: max-age=31536000; includeSubDomains
www.1blu.de/img/favicon.ico
178.254.4.208404 Not Found 15 kB URL GET HTTP/1.1 www.1blu.de/img/favicon.ico
IP 178.254.4.208:443
ASN #42730 EVANZO e-commerce GmbH
Certificate IssuerSectigo Limited
Subjectwww.1blu.de
Fingerprint71:82:B0:E2:3D:8E:2B:86:6B:1B:91:67:B6:3D:EF:97:03:C2:C1:CA
ValidityThu, 25 Aug 2022 00:00:00 GMT - Mon, 25 Sep 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1142)
Hash d801d2d496dbc5685f7401ebe0dbdb39
9f57213f45be258d4a76f544e82d0e44ae96dd74
4ad99808d7fbaecd04b8174b624a567813313d70f4f118fe18ca23ca2424c681
GET /img/favicon.ico HTTP/1.1
Host: www.1blu.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://amz-amazon.de/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Mon, 29 May 2023 16:06:16 GMT
Server: Apache/2.4.29 (Ubuntu)
Cache-Control: no-cache, private
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Strict-Transport-Security: max-age=31536000; includeSubDomains