| www.cambeywest.com/openclick?M=SSI202111191441&t=c&p=SSI&a=02213730&s=T21XSWEBA&c=link1-text&e=example@slurpmail.net&l=https://gnecc.org/auth | 52.188.77.88 | 301 Moved Permanently | 300 B |
URL User Request GET HTTP/1.1www.cambeywest.com/openclick?M=SSI202111191441&t=c&p=SSI&a=02213730&s=T21XSWEBA&c=link1-text&e=example@slurpmail.net&l=https://gnecc.org/auth IP52.188.77.88:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerGoDaddy.com, Inc. Subjectwww.cambeywest.com FingerprintE6:CB:E1:2F:CF:0A:E1:C0:C7:39:A9:C1:34:42:34:62:CA:B0:72:E2 ValidityThu, 24 Aug 2023 15:59:25 GMT - Tue, 24 Sep 2024 15:59:25 GMT
File typeHTML document, ASCII text Hash1fb5fb4d891988cade8622deea9b9174 bfa7e662bfdb9ed1eeba09b226018a6a93fb7967 5a75d8dfdf32ba3b3d3c020a8c2d295286da7754117d438e9a8fcd4324d9c665
GET /openclick?M=SSI202111191441&t=c&p=SSI&a=02213730&s=T21XSWEBA&c=link1-text&e=example@slurpmail.net&l=https://gnecc.org/auth HTTP/1.1
Host: www.cambeywest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Wed, 24 Apr 2024 02:51:11 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 300
Connection: keep-alive
Location: http://www.cambeywest.com/openclick/?M=SSI202111191441&t=c&p=SSI&a=02213730&s=T21XSWEBA&c=link1-text&e=example@slurpmail.net&l=https://gnecc.org/auth
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src https: 'unsafe-eval' 'unsafe-inline'; img-src * data:; object-src 'none'; font-src https: data:; script-src https: 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors https://www.cambeywest.com
X-Content-Type-Options: NOSNIFF
X-Frame-Options: ALLOW-FROM https://www.cambeywest.com
X-Permitted-Cross-Domain-Policies: master-only
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
|
| www.cambeywest.com/openclick/?M=SSI202111191441&t=c&p=SSI&a=02213730&s=T21XSWEBA&c=link1-text&e=example@slurpmail.net&l=https://gnecc.org/auth | 52.188.77.88 | 302 Found | 139 B |
URL User Request GET HTTP/1.1www.cambeywest.com/openclick/?M=SSI202111191441&t=c&p=SSI&a=02213730&s=T21XSWEBA&c=link1-text&e=example@slurpmail.net&l=https://gnecc.org/auth IP52.188.77.88:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerGoDaddy.com, Inc. Subjectwww.cambeywest.com FingerprintE6:CB:E1:2F:CF:0A:E1:C0:C7:39:A9:C1:34:42:34:62:CA:B0:72:E2 ValidityThu, 24 Aug 2023 15:59:25 GMT - Tue, 24 Sep 2024 15:59:25 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash5a705d097ae9a2cb1c9d647ff4954135 d907ec42c368e5ed4594d46265c877240644c564 8d5d216eefc4f076d6a6722d647b0e5fa25fab4937f330c47eda57699623e1b7
GET /openclick/?M=SSI202111191441&t=c&p=SSI&a=02213730&s=T21XSWEBA&c=link1-text&e=example@slurpmail.net&l=https://gnecc.org/auth HTTP/1.1
Host: www.cambeywest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Wed, 24 Apr 2024 02:51:11 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 139
Connection: keep-alive
Cache-Control: private
Location: https://gnecc.org/auth
X-AspNet-Version: 4.0.30319
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src https: 'unsafe-eval' 'unsafe-inline'; img-src * data:; object-src 'none'; font-src https: data:; script-src https: 'self' 'unsafe-inline' 'unsafe-eval'; frame-ancestors https://www.cambeywest.com
X-Content-Type-Options: NOSNIFF
X-Frame-Options: ALLOW-FROM https://www.cambeywest.com
X-Permitted-Cross-Domain-Policies: master-only
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
|
URL User Request GET HTTP/2IP94.23.253.103:443
CertificateIssuerLet's Encrypt Subject*.gnecc.org Fingerprint92:10:DB:81:DF:E6:84:2F:AD:21:56:75:4A:6E:C4:6E:76:7A:75:9E ValidityMon, 15 Apr 2024 22:10:21 GMT - Sun, 14 Jul 2024 22:10:20 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Generic/Spear Phishing | PhishTank | phishing | Internal Revenue Service |
GET /auth HTTP/1.1
Host: gnecc.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
expires: Fri, 24 May 2024 02:51:11 GMT
content-length: 0
date: Wed, 24 Apr 2024 02:51:11 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
|
IP94.23.253.103:443
CertificateIssuerLet's Encrypt Subject*.gnecc.org Fingerprint92:10:DB:81:DF:E6:84:2F:AD:21:56:75:4A:6E:C4:6E:76:7A:75:9E ValidityMon, 15 Apr 2024 22:10:21 GMT - Sun, 14 Jul 2024 22:10:20 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hash0bde7d4b3da67537eaf9188e6f8049cf 64300fc482d01d38b40ab20e15960b6509665e5a 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
GET /favicon.ico HTTP/1.1
Host: gnecc.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gnecc.org/auth
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Wed, 24 Apr 2024 02:51:12 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
|