Report - tju8ychbb.cc.rs6.net/tn.jsp?f=00189yiSM7R4DJc_uMSLQxk4CVG9wGWdA9Z5uNWH_CeJla7OajTi8K3JoUzpUh6wfsBd-2qgB-h6GCHeZUz110OtYWA3uGdX1-ZQoen5bWXOB0wbB2I-5wBckqK3Op2PBMLjpQCPZWUUy9NGdwrd3FKEjk-ZyT4uG-u&c=&ch==&_

Report Overview

Submitted URL
tju8ychbb.cc.rs6.net/tn.jsp?f=00189yiSM7R4DJc_uMSLQxk4CVG9wGWdA9Z5uNWH_CeJla7OajTi8K3JoUzpUh6wfsBd-2qgB-h6GCHeZUz110OtYWA3uGdX1-ZQoen5bWXOB0wbB2I-5wBckqK3Op2PBMLjpQCPZWUUy9NGdwrd3FKEjk-ZyT4uG-u&c=&ch==&__=/asdf/ZXJuaWUua2x1Z0Boc24ubmV0
IP
208.75.122.11
ASN
#40444 ASN-CC
Submitted
2024-05-02 12:46:46
Access
public
Website Title
Intelladata DigitalGuard
Final URL
gw.theshipmodels.com/?B0Wr0O=m3fzby74&ernie.klug@hsn.net
Tags
phishing microsoft outlook
urlquery detections
Phishing - Microsoft Outlook

Detections

urlquery
3
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdn.2h8t.buzz	unknown	unknown	No data	No data	7.0 kB	184 kB	104.21.49.5
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-05-02	435 B	34 kB	142.250.74.170
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-02	456 B	2.7 kB	142.250.74.138
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-02	1.1 kB	52 kB	216.58.207.227
gw.theshipmodels.com	unknown	unknown	No data	No data	512 B	11 kB	91.92.243.128
tju8ychbb.cc.rs6.net	unknown	unknown	No data	No data	689 B	376 B	208.75.122.11
coinsoffaith.com	unknown	2007-02-20	2021-01-29	2021-01-29	423 B	275 B	162.241.87.113

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (5)

	URL	Size	First Seen	Last Seen
	gw.theshipmodels.com/?B0Wr0O=m3fzby74&ernie.klug@hsn.net	192 B	2024-05-02	2024-05-02
Pretty URL gw.theshipmodels.com/?B0Wr0O=m3fzby74&ernie.klug@hsn.net IP 91.92.243.128 ASN #394711 LIMENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-02 14:37:48 Last Seen2024-05-02 21:46:58 Times Seen15 Hash 6b2b5a635d0f4b96ec36ad3cfe61e8f9 e0b357b77107c9816a43daf83e074ba2b540b0d2 8cf1972315f0c5686f45957511271039c8b292038b77543428f03aa1072f4795 Loading...

	gw.theshipmodels.com/?B0Wr0O=m3fzby74&ernie.klug@hsn.net	354 B	2024-05-02	2024-05-02
Pretty URL gw.theshipmodels.com/?B0Wr0O=m3fzby74&ernie.klug@hsn.net IP 91.92.243.128 ASN #394711 LIMENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-02 14:37:48 Last Seen2024-05-02 21:46:58 Times Seen15 Hash 9d5861039380299114403b2d2a31cfb6 8bc124baafe14a825bfb8109f21f2f7c796b5512 b4e4cd14828e9969f273749a72bab477ebc4df534d3cb92b87c194b2fc113235 Loading...

	cdn.2h8t.buzz/lightbox-ps4rqx/dist/js/scrollreveal.min.js	16 kB	2023-03-07	2024-05-15
Pretty URL cdn.2h8t.buzz/lightbox-ps4rqx/dist/js/scrollreveal.min.js IP 104.21.49.5 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:31 Last Seen2024-05-15 08:12:36 Times Seen193 Hash b1570d1f0c349f4073ea0402dd76934d a2514649532446258b897f2d776391f5aac064c4 9272231d83750052eb424ba589b26945e892c4a8541a1215521c74198b083e33 Loading...

	cdn.2h8t.buzz/lightbox-ps4rqx/dist/js/main.min.js	714 B	2023-03-14	2024-05-02
Pretty URL cdn.2h8t.buzz/lightbox-ps4rqx/dist/js/main.min.js IP 104.21.49.5 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 12:43:40 Last Seen2024-05-02 21:46:58 Times Seen25 Hash f8def9647c2e0b485171619a6ffac14f be54c7c5bde0165d8e96ca91cfcaac8dff72207f e188dfbf239d37cc700c1c4555b2bae74a61b0c49d066f56bd8e2d1f1a67c267 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js	93 kB	2023-03-07	2024-05-17
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-05-17 00:50:32 Times Seen24248 Hash 397754ba49e9e0cf4e7c190da78dda05 ae49e56999d82802727455f0ba83b63acd90a22b c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4 Loading...

HTTP Transactions (22)

URL IP Response Size

tju8ychbb.cc.rs6.net/tn.jsp?f=00189yiSM7R4DJc_uMSLQxk4CVG9wGWdA9Z5uNWH_CeJla7OajTi8K3JoUzpUh6wfsBd-2qgB-h6GCHeZUz110OtYWA3uGdX1-ZQoen5bWXOB0wbB2I-5wBckqK3Op2PBMLjpQCPZWUUy9NGdwrd3FKEjk-ZyT4uG-u&c=&ch==&__=/asdf/ZXJuaWUua2x1Z0Boc24ubmV0

208.75.122.11

0 B

URL
tju8ychbb.cc.rs6.net/tn.jsp?f=00189yiSM7R4DJc_uMSLQxk4CVG9wGWdA9Z5uNWH_CeJla7OajTi8K3JoUzpUh6wfsBd-2qgB-h6GCHeZUz110OtYWA3uGdX1-ZQoen5bWXOB0wbB2I-5wBckqK3Op2PBMLjpQCPZWUUy9NGdwrd3FKEjk-ZyT4uG-u&c=&ch==&__=/asdf/ZXJuaWUua2x1Z0Boc24ubmV0
IP
208.75.122.11:0
ASN
#40444 ASN-CC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tn.jsp?f=00189yiSM7R4DJc_uMSLQxk4CVG9wGWdA9Z5uNWH_CeJla7OajTi8K3JoUzpUh6wfsBd-2qgB-h6GCHeZUz110OtYWA3uGdX1-ZQoen5bWXOB0wbB2I-5wBckqK3Op2PBMLjpQCPZWUUy9NGdwrd3FKEjk-ZyT4uG-u&c=&ch==&__=/asdf/ZXJuaWUua2x1Z0Boc24ubmV0 HTTP/1.1
Host: tju8ychbb.cc.rs6.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Thu, 02 May 2024 12:46:21 GMT
Server: Apache
P3P: CP="CAO DSP TAIa OUR NOR UNI"
Location: http://coinsoffaith.com/Lugard/asdf/ZXJuaWUua2x1Z0Boc24ubmV0
Content-Length: 0
Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate, no-cache="Set-Cookie"
Pragma: no-cache
Connection: close
Content-Type: text/html;charset=ISO-8859-1

coinsoffaith.com/Lugard/asdf/ZXJuaWUua2x1Z0Boc24ubmV0

162.241.87.113

0 B

URL
coinsoffaith.com/Lugard/asdf/ZXJuaWUua2x1Z0Boc24ubmV0
IP
162.241.87.113:0
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /Lugard/asdf/ZXJuaWUua2x1Z0Boc24ubmV0 HTTP/1.1
Host: coinsoffaith.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 02 May 2024 12:46:21 GMT
Server: Apache
refresh: 0;url=https://gw.theshipmodels.com/?B0Wr0O=m3fzby74&ernie.klug@hsn.net
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

cdn.2h8t.buzz/lightbox-ps4rqx/dist/images/features-box-light.svg

104.21.49.5

200 OK

705 B

URL GET HTTP/2
cdn.2h8t.buzz/lightbox-ps4rqx/dist/images/features-box-light.svg
IP
104.21.49.5:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gw.theshipmodels.com/?B0Wr0O=m3fzby74&ernie.klug@hsn.net
Certificate
IssuerLet's Encrypt
Subject2h8t.buzz
FingerprintB2:AC:14:36:F0:7C:A0:C5:A4:B2:8F:F5:8B:85:F3:53:96:6F:B8:33
ValidityThu, 18 Apr 2024 08:28:40 GMT - Wed, 17 Jul 2024 08:28:39 GMT

File type
SVG Scalable Vector Graphics image
Size
705 B (705 bytes)
Hash
832011bf37b8261deda35602a3371b0f
73fc9a2b14ccd353bc856572561b967d8ef3559c
2be093ce3629234668c6f8453ddd80db0fd1648eadc757634b78866c83e78290

HTTP Headers

GET /lightbox-ps4rqx/dist/images/features-box-light.svg HTTP/1.1
Host: cdn.2h8t.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gw.theshipmodels.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 02 May 2024 12:46:22 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Thu, 09 May 2024 12:20:42 GMT
last-modified: Fri, 24 Feb 2023 13:07:06 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1540
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HASqbIC9hmTitdTuO%2FiBg2BwQB%2B3uCkNTkUkpOEggAP7idvyT3CBHYeI2l2LyJsi7qgM%2FpPf41OktA7AMixR%2F4merZsEIELhJSoQIDo9IdHuZ8JtTp2dzp1T2sn%2FUbXH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d81d1fdaa056c3-OSL
content-encoding: br
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

142.250.74.170

200 OK

33 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://gw.theshipmodels.com/?B0Wr0O=m3fzby74&ernie.klug@hsn.net
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50
ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT

File type
JavaScript source, ASCII text, with very long lines (32089)
Size
33 kB (33018 bytes)
Hash
397754ba49e9e0cf4e7c190da78dda05
ae49e56999d82802727455f0ba83b63acd90a22b
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

HTTP Headers

GET /ajax/libs/jquery/1.9.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gw.theshipmodels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33018
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:52:39 GMT
expires: Fri, 02 May 2025 01:52:39 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 39224
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.2h8t.buzz/lightbox-ps4rqx/dist/images/feature-03-light.svg

104.21.49.5

200 OK

5.3 kB

URL GET HTTP/2
cdn.2h8t.buzz/lightbox-ps4rqx/dist/images/feature-03-light.svg
IP
104.21.49.5:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gw.theshipmodels.com/?B0Wr0O=m3fzby74&ernie.klug@hsn.net
Certificate
IssuerLet's Encrypt
Subject2h8t.buzz
FingerprintB2:AC:14:36:F0:7C:A0:C5:A4:B2:8F:F5:8B:85:F3:53:96:6F:B8:33
ValidityThu, 18 Apr 2024 08:28:40 GMT - Wed, 17 Jul 2024 08:28:39 GMT

File type
SVG Scalable Vector Graphics image
Size
5.3 kB (5316 bytes)
Hash
cddc9305c58c207274786cbceeeea466
a8607d74ff64b67acc28d57120f0b98662607fab
1ea08aec7a77af86c45c0f517e0e7a067b85bfb06b6be580bbbe0177e19cf8dc

HTTP Headers

GET /lightbox-ps4rqx/dist/images/feature-03-light.svg HTTP/1.1
Host: cdn.2h8t.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gw.theshipmodels.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 02 May 2024 12:46:22 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Thu, 09 May 2024 12:20:42 GMT
last-modified: Fri, 24 Feb 2023 13:07:06 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1540
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ftFlTOu9QE4rOfW4T4QUdJ9Z6A9waXt34jN0Sinr2Y9DD%2BrS1bradE%2BTQT5Bxqg%2FVAzYSEXaPireyB8Pli6yr5ksojK64euwWgd8E9M8u%2BT5TbHX9x%2FJH5OrTWgDi7xZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d81d1fda9256c3-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Heebo:400,700|IBM+Plex+Sans:600

142.250.74.138

200 OK

2.0 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Heebo:400,700|IBM+Plex+Sans:600
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://gw.theshipmodels.com/?B0Wr0O=m3fzby74&ernie.klug@hsn.net
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50
ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT

File type
gzip compressed data, max compression
Size
2.0 kB (2042 bytes)
Hash
2d73c23e79f720f163a102b3d2c58bd8
5e89402a3b96a600574f97d21360e9459937f5bf
327a324602ad6c6ddbbda7780dc04f496fdcd1c972583fffedc9b9ffac746689

HTTP Headers

GET /css?family=Heebo:400,700|IBM+Plex+Sans:600 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gw.theshipmodels.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 02 May 2024 12:46:22 GMT
date: Thu, 02 May 2024 12:46:22 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFsdA.woff2

216.58.207.227

200 OK

20 kB

URL GET HTTP/2
fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFsdA.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://gw.theshipmodels.com/?B0Wr0O=m3fzby74&ernie.klug@hsn.net
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 20356, version 1.0
Size
20 kB (20356 bytes)
Hash
e78568807d101b47dfd21e34244e072f
4cfc3c246e975c42ef684033a58afdacf8d5f54b
31535a91ce3f6b8ed3ddedadab1e49957e2220263a640df1a3f14f6fdfe15eb6

HTTP Headers

GET /s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFsdA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gw.theshipmodels.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20356
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:50:57 GMT
expires: Fri, 02 May 2025 01:50:57 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 16:19:23 GMT
content-type: font/woff2
age: 39326
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/heebo/v26/NGS6v5_NC0k9P9H2TbE.woff2

216.58.207.227

200 OK

30 kB

URL GET HTTP/2
fonts.gstatic.com/s/heebo/v26/NGS6v5_NC0k9P9H2TbE.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://gw.theshipmodels.com/?B0Wr0O=m3fzby74&ernie.klug@hsn.net
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 30240, version 1.0
Size
30 kB (30240 bytes)
Hash
2a51724cb1aefe32e3183a8e138189cc
c8f36c7eee7c868b5cba392e353d47180643f5f1
964dfe7c512a6166c71c6c9791d84a9ce38c192f66e596dbc507114024a5c431

HTTP Headers

GET /s/heebo/v26/NGS6v5_NC0k9P9H2TbE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gw.theshipmodels.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30240
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:56:50 GMT
expires: Fri, 02 May 2025 01:56:50 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 31 Jan 2024 23:13:02 GMT
content-type: font/woff2
age: 38973
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.2h8t.buzz/lightbox-ps4rqx/dist/images/features-illustration-light.svg

104.21.49.5

200 OK

9.9 kB

URL GET HTTP/2
cdn.2h8t.buzz/lightbox-ps4rqx/dist/images/features-illustration-light.svg
IP
104.21.49.5:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gw.theshipmodels.com/?B0Wr0O=m3fzby74&ernie.klug@hsn.net
Certificate
IssuerLet's Encrypt
Subject2h8t.buzz
FingerprintB2:AC:14:36:F0:7C:A0:C5:A4:B2:8F:F5:8B:85:F3:53:96:6F:B8:33
ValidityThu, 18 Apr 2024 08:28:40 GMT - Wed, 17 Jul 2024 08:28:39 GMT

File type
SVG Scalable Vector Graphics image
Size
9.9 kB (9880 bytes)
Hash
9db7ce17e85da4abf13edaf2c98a6bde
686e856754819c1b5cbb46505419a09db13fcfd1
0bb9259701a97f4371b2ad42f8e01c5a7b0e4d05f58f92c297a19d8c8694044e

HTTP Headers

GET /lightbox-ps4rqx/dist/images/features-illustration-light.svg HTTP/1.1
Host: cdn.2h8t.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gw.theshipmodels.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 02 May 2024 12:46:22 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Thu, 09 May 2024 12:20:42 GMT
last-modified: Fri, 24 Feb 2023 13:07:06 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1540
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hGQ%2FEE9qJLddXysMCMoefh%2Fegi%2BBW0FQEWiXNnKxmDKckh5q4wnFr%2BfSnaivXuAcnVTZT9owrhaScLPiRFv2vtKdbqeljAhLNhTw%2BZArl2TTmdfzaWi4oKv43kkXWRHp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d81d1fda9f56c3-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.2h8t.buzz/lightbox-ps4rqx/dist/images/hero-media-illustration-light.svg

104.21.49.5

200 OK

20 kB

URL GET HTTP/2
cdn.2h8t.buzz/lightbox-ps4rqx/dist/images/hero-media-illustration-light.svg
IP
104.21.49.5:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gw.theshipmodels.com/?B0Wr0O=m3fzby74&ernie.klug@hsn.net
Certificate
IssuerLet's Encrypt
Subject2h8t.buzz
FingerprintB2:AC:14:36:F0:7C:A0:C5:A4:B2:8F:F5:8B:85:F3:53:96:6F:B8:33
ValidityThu, 18 Apr 2024 08:28:40 GMT - Wed, 17 Jul 2024 08:28:39 GMT

File type
SVG Scalable Vector Graphics image
Size
20 kB (20524 bytes)
Hash
8529c7214e1e9ad54ba2127faa1f12a4
107cb0ed63cc6821b2bfb920760984befc85dc3c
b05046d65e637d83c743a037a909807e0be341df3b8b45e1477de0a87c62e805

HTTP Headers

GET /lightbox-ps4rqx/dist/images/hero-media-illustration-light.svg HTTP/1.1
Host: cdn.2h8t.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gw.theshipmodels.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 02 May 2024 12:46:22 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Thu, 09 May 2024 12:20:42 GMT
last-modified: Fri, 24 Feb 2023 13:07:06 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1540
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5vofhx9cOPBUNtMieSsv1tUMsrjmmIzxPw2NJNzL%2BfFMnUAzGW8fHPqxL7m8OvuhIVyh%2BfJ9doXpDa4Lppn20S%2BhBoSMswG6kejmSZCgK43B2ZVvXE%2FhSPKxul%2BrNjsZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d81d1fda9a56c3-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.2h8t.buzz/lightbox-ps4rqx/dist/images/feature-01-light.svg

104.21.49.5

200 OK

11 kB

URL GET HTTP/2
cdn.2h8t.buzz/lightbox-ps4rqx/dist/images/feature-01-light.svg
IP
104.21.49.5:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gw.theshipmodels.com/?B0Wr0O=m3fzby74&ernie.klug@hsn.net
Certificate
IssuerLet's Encrypt
Subject2h8t.buzz
FingerprintB2:AC:14:36:F0:7C:A0:C5:A4:B2:8F:F5:8B:85:F3:53:96:6F:B8:33
ValidityThu, 18 Apr 2024 08:28:40 GMT - Wed, 17 Jul 2024 08:28:39 GMT

File type
SVG Scalable Vector Graphics image
Size
11 kB (10642 bytes)
Hash
d13002ee38ac421d45adeddfa12fe591
dffaf08e0e7e8cacb7da3fe9dfa594f2437eb280
4afc86e29e7b07ef6ae086dc9e7ec38d5d368dd0d20be6ee16d3e101d5c12ad9

HTTP Headers

GET /lightbox-ps4rqx/dist/images/feature-01-light.svg HTTP/1.1
Host: cdn.2h8t.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gw.theshipmodels.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 02 May 2024 12:46:22 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Thu, 09 May 2024 12:20:42 GMT
last-modified: Fri, 24 Feb 2023 13:07:06 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1540
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KR%2BdPtOBjagr4nLePGOwXj%2BFpL5VYmX4yrxE%2BWQCBFLbglUpNYN%2FOkGDtrQdtCJ%2BdJqO3%2BtIESXQ6MI%2BfaSGYqHfnhggGKsuBwaZBBTwzzKUC8yIZhiPGL9fUgSSFM%2FK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d81d1fda8e56c3-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.2h8t.buzz/lightbox-ps4rqx/dist/images/header-illustration-light.svg

104.21.49.5

200 OK

10 kB

URL GET HTTP/2
cdn.2h8t.buzz/lightbox-ps4rqx/dist/images/header-illustration-light.svg
IP
104.21.49.5:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gw.theshipmodels.com/?B0Wr0O=m3fzby74&ernie.klug@hsn.net
Certificate
IssuerLet's Encrypt
Subject2h8t.buzz
FingerprintB2:AC:14:36:F0:7C:A0:C5:A4:B2:8F:F5:8B:85:F3:53:96:6F:B8:33
ValidityThu, 18 Apr 2024 08:28:40 GMT - Wed, 17 Jul 2024 08:28:39 GMT

File type
SVG Scalable Vector Graphics image
Size
10 kB (10407 bytes)
Hash
93063a36a2cf871168f687474575aa47
1c63adf074bb5be850492683249fe93e82c07601
0d90e1a4015cc5e4bcfa40c5c59e3af6454f723f96b78b92c65babc4ef3fa3ca

HTTP Headers

GET /lightbox-ps4rqx/dist/images/header-illustration-light.svg HTTP/1.1
Host: cdn.2h8t.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gw.theshipmodels.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 02 May 2024 12:46:22 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Thu, 09 May 2024 12:20:42 GMT
last-modified: Fri, 24 Feb 2023 13:07:06 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1540
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dbR40obRhGOj7B1bZybEykilOLqypePdY8vuKKKpl8OpR2d%2FqZtX6d15%2FPJBPdaNYSI2LUhdOLS7SJC2dAOvC%2BMAPQO9vpuXGV5GGsBZm%2B7gZCrL9d8r60Fd%2FsjqAsoy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d81d1fda9556c3-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.2h8t.buzz/lightbox-ps4rqx/dist/images/feature-02-light.svg

104.21.49.5

200 OK

393 B

URL GET HTTP/2
cdn.2h8t.buzz/lightbox-ps4rqx/dist/images/feature-02-light.svg
IP
104.21.49.5:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gw.theshipmodels.com/?B0Wr0O=m3fzby74&ernie.klug@hsn.net
Certificate
IssuerLet's Encrypt
Subject2h8t.buzz
FingerprintB2:AC:14:36:F0:7C:A0:C5:A4:B2:8F:F5:8B:85:F3:53:96:6F:B8:33
ValidityThu, 18 Apr 2024 08:28:40 GMT - Wed, 17 Jul 2024 08:28:39 GMT

File type
SVG Scalable Vector Graphics image
Size
393 B (393 bytes)
Hash
f40a936405e80ce5cca95bb8acccd586
98fb4f12336e466e62c42ef26049720f2b935461
7b74b24533fce61efbc0749fa42ff1ff58a47a1b6d1897a7da9be453d76b654c

HTTP Headers

GET /lightbox-ps4rqx/dist/images/feature-02-light.svg HTTP/1.1
Host: cdn.2h8t.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gw.theshipmodels.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 02 May 2024 12:46:22 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Thu, 09 May 2024 12:20:42 GMT
last-modified: Fri, 24 Feb 2023 13:07:06 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1540
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ebpF7xnJ7cldnXHVO1vcXXrQLIP9%2FoFiSoB4Q5LozzOyOwuwwzSfQogVkSgmk74dcFaCKWHYwrUgRirWCtm%2FY9MddCxCHXNa25Ke8TAs9yw22g62pX21YIkrUSd8J%2Frv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d81d1fda9056c3-OSL
content-encoding: br
X-Firefox-Spdy: h2

gw.theshipmodels.com/?B0Wr0O=m3fzby74&ernie.klug@hsn.net

91.92.243.128

200 OK

11 kB

URL User Request GET HTTP/2
gw.theshipmodels.com/?B0Wr0O=m3fzby74&ernie.klug@hsn.net
IP
91.92.243.128:443
ASN
#394711 LIMENET

Certificate
IssuerLet's Encrypt
Subjecttheshipmodels.com
Fingerprint5B:4E:E2:ED:D2:92:97:1D:93:A6:83:5A:95:6F:27:EA:21:BA:7F:1F
ValidityWed, 17 Apr 2024 10:00:36 GMT - Tue, 16 Jul 2024 10:00:35 GMT

File type

Size
11 kB (10987 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /?B0Wr0O=m3fzby74&ernie.klug@hsn.net HTTP/1.1
Host: gw.theshipmodels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 02 May 2024 12:46:22 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.2h8t.buzz/lightbox-ps4rqx/dist/js/scrollreveal.min.js

104.21.49.5

200 OK

16 kB

URL GET HTTP/2
cdn.2h8t.buzz/lightbox-ps4rqx/dist/js/scrollreveal.min.js
IP
104.21.49.5:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gw.theshipmodels.com/?B0Wr0O=m3fzby74&ernie.klug@hsn.net
Certificate
IssuerLet's Encrypt
Subject2h8t.buzz
FingerprintB2:AC:14:36:F0:7C:A0:C5:A4:B2:8F:F5:8B:85:F3:53:96:6F:B8:33
ValidityThu, 18 Apr 2024 08:28:40 GMT - Wed, 17 Jul 2024 08:28:39 GMT

File type

Size
16 kB (16393 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /lightbox-ps4rqx/dist/js/scrollreveal.min.js HTTP/1.1
Host: cdn.2h8t.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gw.theshipmodels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 02 May 2024 12:46:22 GMT
content-type: text/javascript
last-modified: Mon, 22 Apr 2024 10:16:58 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: HIT
age: 1540
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YJpQoTTT3smp8RBy9%2BZF1Jf%2BaceHD0eUMxJOMZDKEzxk6T%2FOlwsgGrIbk6H%2BNh9tn8klGI92F7pGjYsJ1CKA9ceyTd1dSAFSQXgImqdfvncJrtxem2dohBWbu5HgsAlc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d81d1feac056c3-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.2h8t.buzz/lightbox-ps4rqx/dist/images/cta-illustration-light.svg

104.21.49.5

200 OK

23 kB

URL GET HTTP/3
cdn.2h8t.buzz/lightbox-ps4rqx/dist/images/cta-illustration-light.svg
IP
104.21.49.5:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gw.theshipmodels.com/?B0Wr0O=m3fzby74&ernie.klug@hsn.net
Certificate
IssuerLet's Encrypt
Subject2h8t.buzz
FingerprintB2:AC:14:36:F0:7C:A0:C5:A4:B2:8F:F5:8B:85:F3:53:96:6F:B8:33
ValidityThu, 18 Apr 2024 08:28:40 GMT - Wed, 17 Jul 2024 08:28:39 GMT

File type
SVG Scalable Vector Graphics image
Size
23 kB (23300 bytes)
Hash
55f2e637417d34856375204e48510910
5a98f7f8e204f9e0c4d897d436dbe4398b849294
d818c00d093d720024dc7dd6769377eb994c38606a2673739818887a91767722

HTTP Headers

GET /lightbox-ps4rqx/dist/images/cta-illustration-light.svg HTTP/1.1
Host: cdn.2h8t.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.2h8t.buzz/lightbox-ps4rqx/dist/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 02 May 2024 12:46:23 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Thu, 09 May 2024 12:20:42 GMT
last-modified: Fri, 24 Feb 2023 13:07:06 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1541
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xNDbPm2uEOb15dEt7MQcwwyAZW3Hcej%2FCdxohEkwtzx0mm6CdvAV2bZfHbQ4r7mwg71xPUNehrTaUibA4xMon8vkKkOzTCoAa%2BFFIjMyOHjA%2B6HfspQrIzg3rPt%2BVrxD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d81d2278395697-OSL
content-encoding: br

cdn.2h8t.buzz/lightbox-ps4rqx/dist/css/style.css

104.21.49.5

200 OK

64 kB

URL GET HTTP/2
cdn.2h8t.buzz/lightbox-ps4rqx/dist/css/style.css
IP
104.21.49.5:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gw.theshipmodels.com/?B0Wr0O=m3fzby74&ernie.klug@hsn.net
Certificate
IssuerLet's Encrypt
Subject2h8t.buzz
FingerprintB2:AC:14:36:F0:7C:A0:C5:A4:B2:8F:F5:8B:85:F3:53:96:6F:B8:33
ValidityThu, 18 Apr 2024 08:28:40 GMT - Wed, 17 Jul 2024 08:28:39 GMT

File type
ASCII text, with very long lines (42861)
Size
64 kB (64378 bytes)
Hash
d18e2c75f28866034410025308d22b77
a6a6fc5ab147c42e634939885c9b4e532046ebde
db9c998e7dacd8caf6161fe77688c62fedcef7369178cef79bc8001f48b09dcd

HTTP Headers

GET /lightbox-ps4rqx/dist/css/style.css HTTP/1.1
Host: cdn.2h8t.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gw.theshipmodels.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 02 May 2024 12:46:22 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 09 May 2024 12:20:42 GMT
last-modified: Fri, 24 Feb 2023 13:07:04 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1540
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KVzxekZX9qlKcHdpUwdi3hUFyXCfGXBYyP8Vz9yX0Ht6lCVohpwZJrUgZ1Is6Np9Sx33Dz%2BWErGnhfsFaHCZ4NTFN3amXiMN3AsTyFUMl94Jco%2BeCXSWv9nkVsgdtU%2Fv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d81d1fca8356c3-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.2h8t.buzz/lightbox-ps4rqx/dist/images/logo-light.svg

104.21.49.5

200 OK

2.6 kB

URL GET HTTP/2
cdn.2h8t.buzz/lightbox-ps4rqx/dist/images/logo-light.svg
IP
104.21.49.5:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gw.theshipmodels.com/?B0Wr0O=m3fzby74&ernie.klug@hsn.net
Certificate
IssuerLet's Encrypt
Subject2h8t.buzz
FingerprintB2:AC:14:36:F0:7C:A0:C5:A4:B2:8F:F5:8B:85:F3:53:96:6F:B8:33
ValidityThu, 18 Apr 2024 08:28:40 GMT - Wed, 17 Jul 2024 08:28:39 GMT

File type
SVG Scalable Vector Graphics image
Size
2.6 kB (2585 bytes)
Hash
447f3a95bbbbec2af2132035583ede6a
dd02bcea5c6bbecd94b348b469c85ab567ee8153
4d104a4de99b3bd77fb149ad44a4a5fe394ac14430eccc96ec550315cfb0c896

HTTP Headers

GET /lightbox-ps4rqx/dist/images/logo-light.svg HTTP/1.1
Host: cdn.2h8t.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gw.theshipmodels.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 02 May 2024 12:46:22 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Thu, 09 May 2024 12:20:42 GMT
last-modified: Mon, 22 Apr 2024 07:53:10 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1540
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WhjuukNjSe2jMeuiRAQw5uUbJYKwUaOpH%2BIZ5iEeosBbKUpaAANzP%2BdS5YcR78HFNxiw9YCX1VUdROuKBR%2BgM%2BqrV2iKJ%2FP1T5qEukzHv7ukwoPUwwZjhsqI5DJ8%2BRGK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d81d1fda9356c3-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.2h8t.buzz/lightbox-ps4rqx/dist/images/hero-media-light.svg

104.21.49.5

200 OK

152 B

URL GET HTTP/2
cdn.2h8t.buzz/lightbox-ps4rqx/dist/images/hero-media-light.svg
IP
104.21.49.5:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gw.theshipmodels.com/?B0Wr0O=m3fzby74&ernie.klug@hsn.net
Certificate
IssuerLet's Encrypt
Subject2h8t.buzz
FingerprintB2:AC:14:36:F0:7C:A0:C5:A4:B2:8F:F5:8B:85:F3:53:96:6F:B8:33
ValidityThu, 18 Apr 2024 08:28:40 GMT - Wed, 17 Jul 2024 08:28:39 GMT

File type
SVG Scalable Vector Graphics image
Size
152 B (152 bytes)
Hash
20ab93112045a5ad9144438f299583ac
06e7c34e38cbf4038ccc86537108f8f186cc43e4
b27878b7c43690bcad4519bc69c413a802de36accfa28a6c726cc7bb5cfbda25

HTTP Headers

GET /lightbox-ps4rqx/dist/images/hero-media-light.svg HTTP/1.1
Host: cdn.2h8t.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gw.theshipmodels.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 02 May 2024 12:46:22 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Thu, 09 May 2024 12:20:42 GMT
last-modified: Fri, 24 Feb 2023 13:07:06 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1540
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wMWEhClCP4UJZqWr9YntyGSirGFc9s7RQfxMEgHcS4ci73Qt3Vx4FZzK7xUs1pjm8rc36F5Z%2Bdx56G7O6il2tWcZPdKZDzVq0GkWpJoNU7nzEzAJElR7VIMc3QGR44RB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d81d1fda9c56c3-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.2h8t.buzz/lightbox-ps4rqx/dist/images/features-illustration-top-light.svg

104.21.49.5

200 OK

7.8 kB

URL GET HTTP/2
cdn.2h8t.buzz/lightbox-ps4rqx/dist/images/features-illustration-top-light.svg
IP
104.21.49.5:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gw.theshipmodels.com/?B0Wr0O=m3fzby74&ernie.klug@hsn.net
Certificate
IssuerLet's Encrypt
Subject2h8t.buzz
FingerprintB2:AC:14:36:F0:7C:A0:C5:A4:B2:8F:F5:8B:85:F3:53:96:6F:B8:33
ValidityThu, 18 Apr 2024 08:28:40 GMT - Wed, 17 Jul 2024 08:28:39 GMT

File type
SVG Scalable Vector Graphics image
Size
7.8 kB (7838 bytes)
Hash
bdb00eb6993a4ad7004458f4eb89c266
911b79374328cb3b66818cab725da1d5806bb3cf
bbe19e3b33cbd472b426c0acdc21d7a0ee51202bc1fd60880bb2478089203700

HTTP Headers

GET /lightbox-ps4rqx/dist/images/features-illustration-top-light.svg HTTP/1.1
Host: cdn.2h8t.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gw.theshipmodels.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 02 May 2024 12:46:22 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Thu, 09 May 2024 12:20:42 GMT
last-modified: Fri, 24 Feb 2023 13:07:06 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1540
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=crAU9jHr6yoqZdnHkxpVzdPiJCETvvRttyob1xvKniVEBydd4RLZRB21xkyncoPf2ZkDQc6Ljf02CDvSQZ3o3kSrvat4lFfwaXVfHYnHtnetEt0t7G3x7B1R5po%2Bw7ay"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d81d1fda8b56c3-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.2h8t.buzz/lightbox-ps4rqx/dist/js/main.min.js

104.21.49.5

200 OK

714 B

URL GET HTTP/2
cdn.2h8t.buzz/lightbox-ps4rqx/dist/js/main.min.js
IP
104.21.49.5:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gw.theshipmodels.com/?B0Wr0O=m3fzby74&ernie.klug@hsn.net
Certificate
IssuerLet's Encrypt
Subject2h8t.buzz
FingerprintB2:AC:14:36:F0:7C:A0:C5:A4:B2:8F:F5:8B:85:F3:53:96:6F:B8:33
ValidityThu, 18 Apr 2024 08:28:40 GMT - Wed, 17 Jul 2024 08:28:39 GMT

File type
ASCII text, with very long lines (750), with no line terminators
Size
714 B (714 bytes)
Hash
d8a0ea77037c8a3e697a6194fdb42f5b
7a6d84fe2418f3c00d3fd20c8843cff089a4bd90
c79e2b97c2ef1e70f8b7fc9a741d37cde8b1c097050e4e2b80bed7cbeabbd1f4

HTTP Headers

GET /lightbox-ps4rqx/dist/js/main.min.js HTTP/1.1
Host: cdn.2h8t.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gw.theshipmodels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 02 May 2024 12:46:22 GMT
content-type: text/javascript
last-modified: Fri, 24 Feb 2023 13:07:06 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: HIT
age: 1540
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=suK1fp6XlkjWh5Rr6yXosx6SE%2BLiwIf07JTdMRL3JTvOuqvVqC8E2cyU5ThjDwblCuMAgzVktx35OvMx0YSymtP0OZa9SRyCXBfauyepDRDKaOdbT0k2dyFM8nW2Ffu4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d81d1ffac356c3-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.2h8t.buzz/lightbox-ps4rqx/dist/images/favicon.ico

0.0.0.0

0 B

URL GET
cdn.2h8t.buzz/lightbox-ps4rqx/dist/images/favicon.ico
IP
0.0.0.0:0
ASN
#0

Requested by
https://gw.theshipmodels.com/?B0Wr0O=m3fzby74&ernie.klug@hsn.net
Certificate
IssuerLet's Encrypt
Subject2h8t.buzz
FingerprintB2:AC:14:36:F0:7C:A0:C5:A4:B2:8F:F5:8B:85:F3:53:96:6F:B8:33
ValidityThu, 18 Apr 2024 08:28:40 GMT - Wed, 17 Jul 2024 08:28:39 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /lightbox-ps4rqx/dist/images/favicon.ico HTTP/1.1
Host: cdn.2h8t.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gw.theshipmodels.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 02 May 2024 12:46:23 GMT
content-type: image/x-icon
cache-control: public, max-age=604800
expires: Thu, 09 May 2024 12:20:42 GMT
last-modified: Mon, 22 Apr 2024 07:50:42 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1541
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vEG75vw3hJuIM9gPIvXWIgD4pjNbxI7cn6DefRYmHPH0jbKsvqiVBL6ARE5RzARujOiaksvWaQc8pJxXejjtDITJQSUJpqjJcjfQBIgNUroNK%2FIN7ZgP6ys9tsN9x4Ta"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d81d23698e5697-OSL
content-encoding: br

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (22)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN