Report - inodive.us/wp-content/css/aXNoYmVuX2ltYmVybGllbmVyQGN6ZWNoby5jb20=

Report Overview

Visited public
2024-07-10 12:00:35
Tags
phishing microsoft outlook
URL
inodive.us/wp-content/css/aXNoYmVuX2ltYmVybGllbmVyQGN6ZWNoby5jb20=
Finishing URL
elderly-natural-sing.glitch.me/#ishben_imberliener@czecho.com
IP / ASN
68.171.218.65
#22878 ASACENET1
Title
czecho - Mail
Phishing - Generic phishing
Phishing - Microsoft Outlook

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
elderly-natural-sing.glitch.me	unknown	unknown	No data	No data	1.0 kB	166 kB	44.193.58.75
ka-f.fontawesome.com	3598	2012-10-18	2019-12-17 07:36:13	2024-07-08 22:11:06	2.6 kB	378 kB	104.21.26.223
kit.fontawesome.com	1868	2012-10-18	2019-12-16 20:51:31	2024-07-08 18:19:25	467 B	12 kB	104.18.40.68
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21 01:06:24	2024-07-09 15:13:58	338 B	941 B	143.204.53.97
inodive.us	unknown	2009-02-26	2018-02-07 14:28:20	2022-05-24 09:50:51	520 B	449 B	68.171.218.65
o.pki.goog	unknown	2016-06-13	2024-04-24 13:44:57	2024-07-08 18:24:16	650 B	1.4 kB	142.250.74.131
i.ibb.co	13485	2010-07-20	2018-11-25 11:13:48	2024-07-08 21:35:22	904 B	328 kB	162.19.58.157
logo.clearbit.com	27344	2003-07-04	2015-06-30 18:39:45	2024-07-09 15:25:10	891 B	4.5 kB	54.240.174.74
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2024-07-08 21:59:01	459 B	9.4 kB	142.250.74.106
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-07-08 18:12:20	2.3 kB	6.2 kB	23.36.77.32

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-07-10 12:00:09	medium	Client IP	44.193.58.75	ET HUNTING Suspicious Glitch Hosted TLS SNI Request - Possible Phishing Landing
2024-07-10 12:00:09	low	Client IP	44.193.58.75	ET INFO Observed Online Application Hosting Domain (glitch .me in TLS SNI)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (4)

	URL	Size	First Seen	Last Seen
	elderly-natural-sing.glitch.me/#ishben_imberliener@czecho.com	82 kB	2024-07-09 21:11	2024-08-19 17:28
Pretty URL elderly-natural-sing.glitch.me/#ishben_imberliener@czecho.com IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-07-09 21:11 Last Seen2024-08-19 17:28 Times Seen53 Hash 69a6cd1dd1e0afb5ba01598f1251f724 67df007cd27c632dbaa49daa40de7559c418ac5c 7458cb6733e2e617edc3e798d3cdb1341addaa5ccf0a40ce2838a0a5de8fd89a Loading...

	kit.fontawesome.com/f6136e9b49.js	12 kB	2024-04-10 20:28	2024-08-20 05:05
Pretty URL kit.fontawesome.com/f6136e9b49.js IP 104.18.40.68 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-10 20:28 Last Seen2024-08-20 05:05 Times Seen379 Hash 95ca010d08c5ef1c7fc1dac41ffa1f4c 42b3e8e5d65b482a558b722ead345d49db0b5148 d39cccc4cd6f99a67eb05aa4f43c8ecdd9cb9fb1b7966b0a7b02b22478832124 Loading...

	unknown	4.2 kB	2024-07-09 21:11	2024-08-19 17:28
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-09 21:11 Last Seen2024-08-19 17:28 Times Seen53 Hash b2729272efc86b5b57fa8963eeb62312 ee6abf3347a068d400975fff1b5009fbe17a048d 8f4d38733138b80011fe6a85736a5d869c461331bcdb358f9c391877dabb78e7 Loading...

		Size	First Seen	Last Seen
	#1 Write - 0acdfca501e26a2114cf4294a09b3cd0	11 kB	2024-07-09 21:11	2024-08-19 17:28
Pretty Observations First Seen2024-07-09 21:11 Last Seen2024-08-19 17:28 Times Seen53 Hash 0acdfca501e26a2114cf4294a09b3cd0 9804628e215365e6ef8f384893aeaaa946d1289a 41684d1819aa4fa70b576317a06af862d44cc9bac63f50984ba836572296e576 Loading...

HTTP Transactions (24)

URL IP Response Size

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
b34ca6af54e2b9fea57d418f5d1928f7
510b69f4470789a573217726d6f1a3d6ee765460
41e6a348aac9e9db44bfa14b3aa29d411f4489b375ae1f1be6b0d280af98541d

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "41E6A348AAC9E9DB44BFA14B3AA29D411F4489B375AE1F1BE6B0D280AF98541D"
Last-Modified: Mon, 08 Jul 2024 01:53:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5346
Expires: Wed, 10 Jul 2024 13:29:14 GMT
Date: Wed, 10 Jul 2024 12:00:08 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
e08576e0904dc9903a9c20fa9e3d15b8
74feff76140500fd4a61e89c7e9d8d0a60df1183
ee690bacddf55fd12ae0c9c39e330e0a1a18776b9edc91b4aa6c5bae28824f1e

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "EE690BACDDF55FD12AE0C9C39E330E0A1A18776B9EDC91B4AA6C5BAE28824F1E"
Last-Modified: Tue, 09 Jul 2024 15:28:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21153
Expires: Wed, 10 Jul 2024 17:52:41 GMT
Date: Wed, 10 Jul 2024 12:00:08 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
e7492695b5254a3a63fcffb4f1ee8cec
0361713c6d8129210245347284c7c6babfd28fb7
5d1bc1c01894fd88a0d4680490977488d6458bb58a98ace24ef8aa103538bc1f

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "5D1BC1C01894FD88A0D4680490977488D6458BB58A98ACE24EF8AA103538BC1F"
Last-Modified: Tue, 09 Jul 2024 23:47:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16593
Expires: Wed, 10 Jul 2024 16:36:41 GMT
Date: Wed, 10 Jul 2024 12:00:08 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
fc076d7a99abd74b9da6b35304bb93e9
9d541501d5141dcf7b4d839d6fcffabec81e1a14
c86804eff01a7bb9ff866508bfdb1b071cfa4a26617d11094b9f5226e1a4b970

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "C86804EFF01A7BB9FF866508BFDB1B071CFA4A26617D11094B9F5226E1A4B970"
Last-Modified: Tue, 09 Jul 2024 16:18:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16975
Expires: Wed, 10 Jul 2024 16:43:04 GMT
Date: Wed, 10 Jul 2024 12:00:09 GMT
Connection: keep-alive

inodive.us/wp-content/css/aXNoYmVuX2ltYmVybGllbmVyQGN6ZWNoby5jb20=

68.171.218.65

133 B

URL
inodive.us/wp-content/css/aXNoYmVuX2ltYmVybGllbmVyQGN6ZWNoby5jb20=
IP
68.171.218.65:0
ASN
#22878 ASACENET1

File type
HTML document, ASCII text
Size
133 B (133 bytes)
Hash
fa5d74549b5e66878737e225aaa56a73
6831b02196931a78a99b969e4238dcf1c0a87f0e
4c6e3f0d21f51422a4b65c32bccd8c8858f8cd5ce2c7d9593180276335382399

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /wp-content/css/aXNoYmVuX2ltYmVybGllbmVyQGN6ZWNoby5jb20= HTTP/1.1
Host: inodive.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 10 Jul 2024 12:00:09 GMT
Server: Apache
X-Powered-By: PHP/7.4.33
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
Content-Length: 133
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
61f15d2d834e4e25a8ce7ce11fa7d78b
d15d8ec07814a18a24fa05b16aa8771a7e28a161
6f09894109d9d84e5a050521d9b406480f1545cf92c9670985f706991817bfd8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Wed, 10 Jul 2024 12:00:09 GMT
Last-Modified: Wed, 10 Jul 2024 11:56:49 GMT
Server: ECAcc (ska/F69C)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: wsvcVV2Tba2qvznKFlRejUU8MT_E9-VOarm2JHTV8hZ9e0c-pw5Jdw==
Age: 200

elderly-natural-sing.glitch.me/

44.193.58.75

82 kB

URL
elderly-natural-sing.glitch.me/
IP
44.193.58.75:0
ASN
#14618 AMAZON-AES

File type
JavaScript source, ASCII text, with very long lines (65500)
Size
82 kB (82529 bytes)
Hash
d44ae5223e70c5edad69e18e08891303
e3dfed10f5f3d56f0cd03a4b6c332dab0a318b86
f0f3a38d85f5db4687da40b9c1e8fd1fba14a924a95f284341b7f54f928d34eb

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET / HTTP/1.1
Host: elderly-natural-sing.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://inodive.us/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 10 Jul 2024 12:00:10 GMT
content-type: text/html; charset=utf-8
content-length: 82529
x-amz-id-2: rYQUfkuG31pmCZ2TB89tJiQ18wwy+987ipINJRW9UDQ6povImQZqq8H8oEg1vncdXWOah6Ki3JY=
x-amz-request-id: CHFPFHHKZJVPCHFZ
last-modified: Tue, 09 Jul 2024 15:59:01 GMT
etag: "d44ae5223e70c5edad69e18e08891303"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: 8b3VbRfCWJYlN8mUlpM0T3JXMW3yAnTz
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f43ac803ddaed04e157d8f4cc47f9d30
3b124d1a4787acb012f8dba86c2682286225e6ec
fcc49c4f85feed0addfb35ac975528e62fd12609e78afb3acab0451051523e88

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 10 Jul 2024 12:00:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

i.ibb.co/7yS7TgY/1BJKFkm.png

162.19.58.157

200 OK

36 kB

URL GET HTTP/2
i.ibb.co/7yS7TgY/1BJKFkm.png
IP
162.19.58.157:443
ASN
#16276 OVH SAS

Requested by
https://elderly-natural-sing.glitch.me/#ishben_imberliener@czecho.com
Certificate
IssuerLet's Encrypt
Subjectibb.co
Fingerprint5F:18:DC:78:83:E8:A9:2D:9B:15:95:2F:AC:0C:82:09:04:D5:10:6D
ValidityFri, 21 Jun 2024 07:49:37 GMT - Thu, 19 Sep 2024 07:49:36 GMT

File type
PNG image data, 1000 x 100, 8-bit/color RGBA, non-interlaced
Size
36 kB (36383 bytes)
Hash
f4f008291c3c2a0a650872b3d275333f
15a533adeb26d26fb06517a707dc1d13f2e1f7a7
a59679ee3b01c11c153681481e175b4964bdea8fc3fd8676b5fd2cffbcf38bf7

HTTP Headers

GET /7yS7TgY/1BJKFkm.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://elderly-natural-sing.glitch.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 10 Jul 2024 12:00:10 GMT
content-type: image/png
content-length: 36383
last-modified: Fri, 15 Mar 2024 16:24:11 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

i.ibb.co/nfzhv0y/ZvlG0Sw.jpg

162.19.58.157

200 OK

291 kB

URL GET HTTP/2
i.ibb.co/nfzhv0y/ZvlG0Sw.jpg
IP
162.19.58.157:443
ASN
#16276 OVH SAS

Requested by
https://elderly-natural-sing.glitch.me/#ishben_imberliener@czecho.com
Certificate
IssuerLet's Encrypt
Subjectibb.co
Fingerprint5F:18:DC:78:83:E8:A9:2D:9B:15:95:2F:AC:0C:82:09:04:D5:10:6D
ValidityFri, 21 Jun 2024 07:49:37 GMT - Thu, 19 Sep 2024 07:49:36 GMT

File type
JPEG image data, progressive, precision 8, 2529x1350, components 3
Size
291 kB (290884 bytes)
Hash
efa223fc4fbf982e380696cf1e733520
f2b2d1a4fbe41dc13a4686765322dd6acd4df21a
d0eb1eeb6dcb3e4e264284cec98e59ae7c056b0f31b48db1ca582a4246a27f05

HTTP Headers

GET /nfzhv0y/ZvlG0Sw.jpg HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://elderly-natural-sing.glitch.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 10 Jul 2024 12:00:10 GMT
content-type: image/jpeg
content-length: 290884
last-modified: Fri, 15 Mar 2024 11:41:27 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f43ac803ddaed04e157d8f4cc47f9d30
3b124d1a4787acb012f8dba86c2682286225e6ec
fcc49c4f85feed0addfb35ac975528e62fd12609e78afb3acab0451051523e88

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 10 Jul 2024 12:00:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

logo.clearbit.com/czecho.com

54.240.174.74

404 Not Found

1 B

URL GET HTTP/2
logo.clearbit.com/czecho.com
IP
54.240.174.74:443
ASN
#16509 AMAZON-02

Requested by
https://elderly-natural-sing.glitch.me/#ishben_imberliener@czecho.com
Certificate
IssuerAmazon
Subjectclearbit.com
FingerprintCE:16:94:BB:21:1F:D1:5C:C5:B1:B0:D0:51:6C:C5:26:30:0D:59:72
ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
68b329da9893e34099c7d8ad5cb9c940
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

HTTP Headers

GET /czecho.com HTTP/1.1
Host: logo.clearbit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://elderly-natural-sing.glitch.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/plain; charset=utf-8
content-length: 1
date: Wed, 10 Jul 2024 12:00:10 GMT
x-envoy-response-flags: -
server: Clearbit
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: Error from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UsWchBl5hvpdYr8cgV8Ybq2ul1lizJ_bElCLTMnncwuslAm7vliCag==
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v6.5.2/css/free-v4-font-face.min.css?token=f6136e9b49

104.21.26.223

200 OK

647 B

URL GET HTTP/2
ka-f.fontawesome.com/releases/v6.5.2/css/free-v4-font-face.min.css?token=f6136e9b49
IP
104.21.26.223:443
ASN
#13335 CLOUDFLARENET

Requested by
https://elderly-natural-sing.glitch.me/#ishben_imberliener@czecho.com
Certificate
IssuerGoogle Trust Services
Subjectka-f.fontawesome.com
Fingerprint6D:72:F5:B4:68:5B:A6:B0:2B:E9:FE:83:27:B3:F4:90:E8:F3:E9:0A
ValidityMon, 01 Jul 2024 12:54:00 GMT - Sun, 29 Sep 2024 12:53:59 GMT

File type
gzip compressed data, from Unix
Size
647 B (647 bytes)
Hash
71640d92207d3150565e09a302b03868
d92588e668e3988b5c746d000bd8675473fa32eb
8f33cc6819aac8fd6c99331202542a28ab48597c5baf59dcdcf6ad1918e175ac

HTTP Headers

GET /releases/v6.5.2/css/free-v4-font-face.min.css?token=f6136e9b49 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://elderly-natural-sing.glitch.me/
Origin: https://elderly-natural-sing.glitch.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 10 Jul 2024 12:00:10 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 02 Apr 2024 15:26:25 GMT
etag: W/"9c9f596493867f0e7ef5f9fe99103fce"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _qgb_fDqeBGHYP6PiALe7E_k8CaZxKpTH9j71FgfUM5-usQfIpFp_A==
age: 60524
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ndtEAQ4yhQVFUxMJa8FyuysDLGbLGjJpsjiS%2FEYf%2F68ZvFnL9LEzfR13u3EirZM7R81s7o1Y%2BvIQH6Qh78iUiTwO3NbX03gur0ZC%2BLXMFVrK6w2awd6F5YcXcccfpziCbu06FqJgSg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a1064540a0f5685-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v6.5.2/css/free.min.css?token=f6136e9b49

104.21.26.223

200 OK

179 kB

URL GET HTTP/2
ka-f.fontawesome.com/releases/v6.5.2/css/free.min.css?token=f6136e9b49
IP
104.21.26.223:443
ASN
#13335 CLOUDFLARENET

Requested by
https://elderly-natural-sing.glitch.me/#ishben_imberliener@czecho.com
Certificate
IssuerGoogle Trust Services
Subjectka-f.fontawesome.com
Fingerprint6D:72:F5:B4:68:5B:A6:B0:2B:E9:FE:83:27:B3:F4:90:E8:F3:E9:0A
ValidityMon, 01 Jul 2024 12:54:00 GMT - Sun, 29 Sep 2024 12:53:59 GMT

File type
gzip compressed data, from Unix
Size
179 kB (178862 bytes)
Hash
b8ffc06b206906ff7a922fcd7ab11c97
2a682b1d3fe79e44e161c385941b9dde25d64469
506a88f3efca33985649aa8a2789c0b0ec411cafdd4eb30c9ec6066761979452

HTTP Headers

GET /releases/v6.5.2/css/free.min.css?token=f6136e9b49 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://elderly-natural-sing.glitch.me/
Origin: https://elderly-natural-sing.glitch.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 10 Jul 2024 12:00:10 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 02 Apr 2024 15:26:25 GMT
etag: W/"7f29cd8c97789aa298af8c61623ca28b"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: uEJJ4xDHAKAgJwmnU34oEpMEEED4ZslguxT9WTk6WPzjS4pqZRw59A==
age: 60524
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=62kXuvvobzKqETyw%2FwI2th0szb5BD01tc7CrmhxdTMAfEEUr5n0xFQCLwYJR0l7sEABAxa71vukPzJ7MtLnT9f4tNr636FskseOgrAt722X41Q3qiZAwizpSeAqGhNoLznhaeYy58w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a106453f9f65685-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
d7b2c37e4b6c062d80ad32046f42d3d8
131cd5c2ca2a258c3cf11746f94cfd43a6a4f04c
317f60a1498c7b52833955e8a54a0ba66b5b8dc9e9862c2ac262b874d491fce2

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "317F60A1498C7B52833955E8A54A0BA66B5B8DC9E9862C2AC262B874D491FCE2"
Last-Modified: Mon, 08 Jul 2024 05:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9205
Expires: Wed, 10 Jul 2024 14:33:36 GMT
Date: Wed, 10 Jul 2024 12:00:11 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
d7b2c37e4b6c062d80ad32046f42d3d8
131cd5c2ca2a258c3cf11746f94cfd43a6a4f04c
317f60a1498c7b52833955e8a54a0ba66b5b8dc9e9862c2ac262b874d491fce2

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "317F60A1498C7B52833955E8A54A0BA66B5B8DC9E9862C2AC262B874D491FCE2"
Last-Modified: Mon, 08 Jul 2024 05:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9205
Expires: Wed, 10 Jul 2024 14:33:36 GMT
Date: Wed, 10 Jul 2024 12:00:11 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
d7b2c37e4b6c062d80ad32046f42d3d8
131cd5c2ca2a258c3cf11746f94cfd43a6a4f04c
317f60a1498c7b52833955e8a54a0ba66b5b8dc9e9862c2ac262b874d491fce2

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "317F60A1498C7B52833955E8A54A0BA66B5B8DC9E9862C2AC262B874D491FCE2"
Last-Modified: Mon, 08 Jul 2024 05:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9205
Expires: Wed, 10 Jul 2024 14:33:36 GMT
Date: Wed, 10 Jul 2024 12:00:11 GMT
Connection: keep-alive

ka-f.fontawesome.com/releases/v6.5.2/css/free-v5-font-face.min.css?token=f6136e9b49

104.21.26.223

200 OK

8.5 kB

URL GET HTTP/2
ka-f.fontawesome.com/releases/v6.5.2/css/free-v5-font-face.min.css?token=f6136e9b49
IP
104.21.26.223:443
ASN
#13335 CLOUDFLARENET

Requested by
https://elderly-natural-sing.glitch.me/#ishben_imberliener@czecho.com
Certificate
IssuerGoogle Trust Services
Subjectka-f.fontawesome.com
Fingerprint6D:72:F5:B4:68:5B:A6:B0:2B:E9:FE:83:27:B3:F4:90:E8:F3:E9:0A
ValidityMon, 01 Jul 2024 12:54:00 GMT - Sun, 29 Sep 2024 12:53:59 GMT

File type
ASCII text, with very long lines (608)
Size
8.5 kB (8497 bytes)
Hash
a3d53e21a02e37af6cbc00ac63b3cc1e
e4f2269bae4b37ccba5282a154724a3b91720aca
e1dc27b700a62c005e4521b670cac08fb0b4b3e02a73c1ac44e7f9a9784bd672

HTTP Headers

GET /releases/v6.5.2/css/free-v5-font-face.min.css?token=f6136e9b49 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://elderly-natural-sing.glitch.me/
Origin: https://elderly-natural-sing.glitch.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 10 Jul 2024 12:00:10 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 02 Apr 2024 15:26:25 GMT
etag: W/"a3d53e21a02e37af6cbc00ac63b3cc1e"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: py556Y_Vt8gVeK79RRTQpepcOoAZY6m1NW2nXWn3Tsf7p6YSFifXjQ==
age: 60524
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KsJazDNPTLRm5oLVMcnA6j7FDI2CStD6vV9rbe93P2vM6uzkeGGZwWHayHsCOZ2nMnPTDCafwWIngOuIpsUbH%2BdmdbqfHnNf3e0h0kQygKnifB4sZa0BoZv0GLaKyLvoEPuNviBLXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8a106453fa015685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

kit.fontawesome.com/f6136e9b49.js

104.18.40.68

200 OK

12 kB

URL GET HTTP/2
kit.fontawesome.com/f6136e9b49.js
IP
104.18.40.68:443
ASN
#13335 CLOUDFLARENET

Requested by
https://elderly-natural-sing.glitch.me/#ishben_imberliener@czecho.com
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint93:F9:69:8C:73:B0:08:60:65:F3:39:41:39:66:D3:2B:78:3A:6E:3D
ValidityMon, 04 Dec 2023 00:00:00 GMT - Fri, 03 Jan 2025 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
12 kB (11704 bytes)
Hash
7a0f3262c72ccfbcaf8fc1d3b5ff5003
7548b81827b95ee5b9f409a6b89b902f0f2bb74e
0e52388a76d591e4088f89d6a2a6afb19661e8c1e7ce8fe25ae6d2a0f44a22cd

HTTP Headers

GET /f6136e9b49.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://elderly-natural-sing.glitch.me
DNT: 1
Connection: keep-alive
Referer: https://elderly-natural-sing.glitch.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 10 Jul 2024 12:00:10 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, stale-while-revalidate=30
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: F-DYPCsq7YMaHQ15a9Bi
cf-cache-status: EXPIRED
server: cloudflare
cf-ray: 8a1064518d4eb523-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v6.5.2/webfonts/free-fa-solid-900.woff2

104.21.26.223

200 OK

156 kB

URL GET HTTP/2
ka-f.fontawesome.com/releases/v6.5.2/webfonts/free-fa-solid-900.woff2
IP
104.21.26.223:443
ASN
#13335 CLOUDFLARENET

Requested by
https://elderly-natural-sing.glitch.me/#ishben_imberliener@czecho.com
Certificate
IssuerGoogle Trust Services
Subjectka-f.fontawesome.com
Fingerprint6D:72:F5:B4:68:5B:A6:B0:2B:E9:FE:83:27:B3:F4:90:E8:F3:E9:0A
ValidityMon, 01 Jul 2024 12:54:00 GMT - Sun, 29 Sep 2024 12:53:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 156388, version 773.1280
Size
156 kB (156388 bytes)
Hash
ae015e3286ef56a0daf8e83838a32a88
7c18577fd6c4e7d9036b244215ace3945372eefe
41dca0965bdfd255f85e7fc8e9a3dc1fe3eb810996c553d4ef2b8872737ee825

HTTP Headers

GET /releases/v6.5.2/webfonts/free-fa-solid-900.woff2 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://elderly-natural-sing.glitch.me
DNT: 1
Connection: keep-alive
Referer: https://elderly-natural-sing.glitch.me/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 10 Jul 2024 12:00:11 GMT
content-type: font/woff2
content-length: 156388
last-modified: Tue, 02 Apr 2024 15:51:14 GMT
etag: "ae015e3286ef56a0daf8e83838a32a88"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: fa-kit-token
access-control-max-age: 3000
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rRkhPvO0IxqE4_fyAP-icq9ssCHnAenXvhFfkY5NMRhPXejay6_CUg==
age: 60524
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fUu99o47CG7zQK%2F%2BPJWSHn9gN%2B3aToIpWHMwoGsmhq%2FFBqoeZhz%2B7MNPXhvCunIUMPB4LKdLFRAltXJ%2BNLHZiPPgzA0O%2FCqTS8exAHcLPziA%2FkUu%2FXeVKRfdIa4DdAQc5iOqGVc3vw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8a1064552b965685-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

logo.clearbit.com/inbox.com

54.240.174.74

200 OK

3.5 kB

URL GET HTTP/2
logo.clearbit.com/inbox.com
IP
54.240.174.74:443
ASN
#16509 AMAZON-02

Requested by
https://elderly-natural-sing.glitch.me/#ishben_imberliener@czecho.com
Certificate
IssuerAmazon
Subjectclearbit.com
FingerprintCE:16:94:BB:21:1F:D1:5C:C5:B1:B0:D0:51:6C:C5:26:30:0D:59:72
ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT

File type
PNG image data, 128 x 34, 8-bit/color RGBA, non-interlaced
Size
3.5 kB (3487 bytes)
Hash
a4f2c54a52c942c8431fe192e201c65a
e7f8a33204cc5d41ad9d2ee4dafb96026acb2a44
d6a9a5e080fcfdf1a944b08718ad594b0af0e47b710fc99080cbdafca8e8f39e

HTTP Headers

GET /inbox.com HTTP/1.1
Host: logo.clearbit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://elderly-natural-sing.glitch.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
date: Wed, 26 Jun 2024 04:30:17 GMT
x-envoy-response-flags: -
server: Clearbit
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: iCT9KRAkPGHXrxnReT7g4AC4TU8jftiQnldqHblH9LGyhhVxw1gHag==
age: 1236592
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:100,400,500,700

142.250.74.106

200 OK

8.7 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:100,400,500,700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://elderly-natural-sing.glitch.me/#ishben_imberliener@czecho.com
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintC7:12:52:3A:BD:E0:73:20:AD:A8:5F:DF:12:DB:C6:DE:AF:63:88:6B
ValidityThu, 13 Jun 2024 16:32:33 GMT - Thu, 05 Sep 2024 16:32:32 GMT

File type
ASCII text, with very long lines (8949), with no line terminators
Size
8.7 kB (8725 bytes)
Hash
b589d5a560fb9de54ce7ddda59a5f54a
de11b88f717916c3c16321231768a33744a769b5
c5d8c17b6e7ffac5f7079f9617b5defe8ede2974c828bbc69a07fd81c5efeae0

HTTP Headers

GET /css?family=Roboto:100,400,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://elderly-natural-sing.glitch.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 10 Jul 2024 12:00:10 GMT
date: Wed, 10 Jul 2024 12:00:10 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v6.5.2/css/free-v4-shims.min.css?token=f6136e9b49

104.21.26.223

200 OK

28 kB

URL GET HTTP/2
ka-f.fontawesome.com/releases/v6.5.2/css/free-v4-shims.min.css?token=f6136e9b49
IP
104.21.26.223:443
ASN
#13335 CLOUDFLARENET

Requested by
https://elderly-natural-sing.glitch.me/#ishben_imberliener@czecho.com
Certificate
IssuerGoogle Trust Services
Subjectka-f.fontawesome.com
Fingerprint6D:72:F5:B4:68:5B:A6:B0:2B:E9:FE:83:27:B3:F4:90:E8:F3:E9:0A
ValidityMon, 01 Jul 2024 12:54:00 GMT - Sun, 29 Sep 2024 12:53:59 GMT

File type
ASCII text, with very long lines (27377)
Size
28 kB (27592 bytes)
Hash
940b066040a876fa1dc7b2ee2d222a58
64b2aea0b4d60d879d4ff7540192a906ffc0fd92
f4e953827930889e844103c3a6771bd2e9de17d091b36378c40362271858e075

HTTP Headers

GET /releases/v6.5.2/css/free-v4-shims.min.css?token=f6136e9b49 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://elderly-natural-sing.glitch.me/
Origin: https://elderly-natural-sing.glitch.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 10 Jul 2024 12:00:10 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 02 Apr 2024 15:26:25 GMT
etag: W/"940b066040a876fa1dc7b2ee2d222a58"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wCuCRxre3KOlnJrWxRIxxOXEn5eXeO6nPRUbpnnpsOVOwAMI1BzD7w==
age: 60524
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wxgNZi224%2Fq3H6akrR8X9HD1qZzW0FDGFYq%2FDQ3mffKxaiCDfqUvujPMQXODOQVWT0qf%2FOmymDTv3sFwXuvapw44KrIpg1rRgabwty3uevRbRkhWAQyR6%2Bq6WInNMA5nLZmazdfGuw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a106453fa045685-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

elderly-natural-sing.glitch.me/

44.193.58.75

200 OK

82 kB

URL User Request GET HTTP/2
elderly-natural-sing.glitch.me/
IP
44.193.58.75:443
ASN
#14618 AMAZON-AES

Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint57:4F:13:8A:33:42:32:7C:F7:C9:C5:1F:DF:C1:35:65:F0:E9:70:EE
ValidityMon, 04 Dec 2023 00:00:00 GMT - Wed, 01 Jan 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65500)
Size
82 kB (82529 bytes)
Hash
d44ae5223e70c5edad69e18e08891303
e3dfed10f5f3d56f0cd03a4b6c332dab0a318b86
f0f3a38d85f5db4687da40b9c1e8fd1fba14a924a95f284341b7f54f928d34eb

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET / HTTP/1.1
Host: elderly-natural-sing.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://inodive.us/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 10 Jul 2024 12:00:10 GMT
content-type: text/html; charset=utf-8
content-length: 82529
x-amz-id-2: rYQUfkuG31pmCZ2TB89tJiQ18wwy+987ipINJRW9UDQ6povImQZqq8H8oEg1vncdXWOah6Ki3JY=
x-amz-request-id: CHFPFHHKZJVPCHFZ
last-modified: Tue, 09 Jul 2024 15:59:01 GMT
etag: "d44ae5223e70c5edad69e18e08891303"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: 8b3VbRfCWJYlN8mUlpM0T3JXMW3yAnTz
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

HTTP Transactions (24)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN