Report - inodive.us/wp-content/css/YmNpY0BiY2ljLm9yZy5pbg==

Report Overview

Visited public
2024-07-10 12:01:21
Tags
phishing microsoft outlook
URL
inodive.us/wp-content/css/YmNpY0BiY2ljLm9yZy5pbg==
Finishing URL
elderly-natural-sing.glitch.me/#bcic@bcic.org.in
IP / ASN
68.171.218.65
#22878 ASACENET1
Title
bcic - Mail
Phishing - Generic phishing
Phishing - Microsoft Outlook

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
inodive.us	unknown	2009-02-26	2018-02-07 14:28:20	2022-05-24 09:50:51	504 B	439 B	68.171.218.65
elderly-natural-sing.glitch.me	unknown	unknown	No data	No data	1.0 kB	166 kB	52.70.66.19
o.pki.goog	unknown	2016-06-13	2024-04-24 13:44:57	2024-07-08 18:24:16	650 B	1.4 kB	142.250.74.131
i.ibb.co	13485	2010-07-20	2018-11-25 11:13:48	2024-07-08 21:35:22	904 B	328 kB	162.19.58.161
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2024-07-08 21:59:01	457 B	173 kB	142.250.74.106
logo.clearbit.com	27344	2003-07-04	2015-06-30 18:39:45	2024-07-09 15:25:10	892 B	23 kB	54.240.174.79
kit.fontawesome.com	1868	2012-10-18	2019-12-16 20:51:31	2024-07-08 18:19:25	469 B	12 kB	104.18.40.68
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-07-08 18:12:20	2.3 kB	6.2 kB	23.36.76.226
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21 01:06:24	2024-07-09 15:13:58	338 B	942 B	143.204.53.97
ka-f.fontawesome.com	3598	2012-10-18	2019-12-17 07:36:13	2024-07-08 22:11:06	2.6 kB	225 kB	104.21.26.223

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-07-10 12:00:56	medium	Client IP	52.70.66.19	ET HUNTING Suspicious Glitch Hosted TLS SNI Request - Possible Phishing Landing
2024-07-10 12:00:56	low	Client IP	52.70.66.19	ET INFO Observed Online Application Hosting Domain (glitch .me in TLS SNI)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (4)

	URL	Size	First Seen	Last Seen
	elderly-natural-sing.glitch.me/#bcic@bcic.org.in	82 kB	2024-07-09 21:11	2024-08-19 17:28
Pretty URL elderly-natural-sing.glitch.me/#bcic@bcic.org.in IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-07-09 21:11 Last Seen2024-08-19 17:28 Times Seen53 Hash 69a6cd1dd1e0afb5ba01598f1251f724 67df007cd27c632dbaa49daa40de7559c418ac5c 7458cb6733e2e617edc3e798d3cdb1341addaa5ccf0a40ce2838a0a5de8fd89a Loading...

	kit.fontawesome.com/f6136e9b49.js	12 kB	2024-04-10 20:28	2024-08-20 05:05
Pretty URL kit.fontawesome.com/f6136e9b49.js IP 104.18.40.68 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-10 20:28 Last Seen2024-08-20 05:05 Times Seen379 Hash 95ca010d08c5ef1c7fc1dac41ffa1f4c 42b3e8e5d65b482a558b722ead345d49db0b5148 d39cccc4cd6f99a67eb05aa4f43c8ecdd9cb9fb1b7966b0a7b02b22478832124 Loading...

	unknown	4.2 kB	2024-07-09 21:11	2024-08-19 17:28
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-09 21:11 Last Seen2024-08-19 17:28 Times Seen53 Hash b2729272efc86b5b57fa8963eeb62312 ee6abf3347a068d400975fff1b5009fbe17a048d 8f4d38733138b80011fe6a85736a5d869c461331bcdb358f9c391877dabb78e7 Loading...

		Size	First Seen	Last Seen
	#1 Write - 0acdfca501e26a2114cf4294a09b3cd0	11 kB	2024-07-09 21:11	2024-08-19 17:28
Pretty Observations First Seen2024-07-09 21:11 Last Seen2024-08-19 17:28 Times Seen53 Hash 0acdfca501e26a2114cf4294a09b3cd0 9804628e215365e6ef8f384893aeaaa946d1289a 41684d1819aa4fa70b576317a06af862d44cc9bac63f50984ba836572296e576 Loading...

HTTP Transactions (24)

URL IP Response Size

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
b34ca6af54e2b9fea57d418f5d1928f7
510b69f4470789a573217726d6f1a3d6ee765460
41e6a348aac9e9db44bfa14b3aa29d411f4489b375ae1f1be6b0d280af98541d

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "41E6A348AAC9E9DB44BFA14B3AA29D411F4489B375AE1F1BE6B0D280AF98541D"
Last-Modified: Mon, 08 Jul 2024 01:53:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5296
Expires: Wed, 10 Jul 2024 13:29:11 GMT
Date: Wed, 10 Jul 2024 12:00:55 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
e08576e0904dc9903a9c20fa9e3d15b8
74feff76140500fd4a61e89c7e9d8d0a60df1183
ee690bacddf55fd12ae0c9c39e330e0a1a18776b9edc91b4aa6c5bae28824f1e

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "EE690BACDDF55FD12AE0C9C39E330E0A1A18776B9EDC91B4AA6C5BAE28824F1E"
Last-Modified: Tue, 09 Jul 2024 15:28:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21078
Expires: Wed, 10 Jul 2024 17:52:13 GMT
Date: Wed, 10 Jul 2024 12:00:55 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
e7492695b5254a3a63fcffb4f1ee8cec
0361713c6d8129210245347284c7c6babfd28fb7
5d1bc1c01894fd88a0d4680490977488d6458bb58a98ace24ef8aa103538bc1f

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "5D1BC1C01894FD88A0D4680490977488D6458BB58A98ACE24EF8AA103538BC1F"
Last-Modified: Tue, 09 Jul 2024 23:47:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16476
Expires: Wed, 10 Jul 2024 16:35:31 GMT
Date: Wed, 10 Jul 2024 12:00:55 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
fc076d7a99abd74b9da6b35304bb93e9
9d541501d5141dcf7b4d839d6fcffabec81e1a14
c86804eff01a7bb9ff866508bfdb1b071cfa4a26617d11094b9f5226e1a4b970

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "C86804EFF01A7BB9FF866508BFDB1B071CFA4A26617D11094B9F5226E1A4B970"
Last-Modified: Tue, 09 Jul 2024 16:18:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16922
Expires: Wed, 10 Jul 2024 16:42:57 GMT
Date: Wed, 10 Jul 2024 12:00:55 GMT
Connection: keep-alive

inodive.us/wp-content/css/YmNpY0BiY2ljLm9yZy5pbg==

68.171.218.65

123 B

URL
inodive.us/wp-content/css/YmNpY0BiY2ljLm9yZy5pbg==
IP
68.171.218.65:0
ASN
#22878 ASACENET1

File type
HTML document, ASCII text
Size
123 B (123 bytes)
Hash
260221b9a5687f06716ee1bce38e6640
dcb8c69c73bc4fb2506b69a747dd57013f6b5144
e649027571d8d3ce6e026a3c5423c3728406872b722e77b034cd6f8cb47ed995

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /wp-content/css/YmNpY0BiY2ljLm9yZy5pbg== HTTP/1.1
Host: inodive.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 10 Jul 2024 12:00:56 GMT
Server: Apache
X-Powered-By: PHP/7.4.33
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
Content-Length: 123
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
61f15d2d834e4e25a8ce7ce11fa7d78b
d15d8ec07814a18a24fa05b16aa8771a7e28a161
6f09894109d9d84e5a050521d9b406480f1545cf92c9670985f706991817bfd8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Wed, 10 Jul 2024 12:00:56 GMT
Last-Modified: Wed, 10 Jul 2024 10:21:37 GMT
Server: ECAcc (ska/F756)
X-Cache: Miss from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: LpoWhU71KJlji0FxjtkkZaqIv2xU8nnau3iw_0g5Uvu9pwpZhC45Cg==
Age: 5960

elderly-natural-sing.glitch.me/

52.70.66.19

82 kB

URL
elderly-natural-sing.glitch.me/
IP
52.70.66.19:0
ASN
#14618 AMAZON-AES

File type
JavaScript source, ASCII text, with very long lines (65500)
Size
82 kB (82529 bytes)
Hash
d44ae5223e70c5edad69e18e08891303
e3dfed10f5f3d56f0cd03a4b6c332dab0a318b86
f0f3a38d85f5db4687da40b9c1e8fd1fba14a924a95f284341b7f54f928d34eb

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET / HTTP/1.1
Host: elderly-natural-sing.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://inodive.us/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 10 Jul 2024 12:00:56 GMT
content-type: text/html; charset=utf-8
content-length: 82529
x-amz-id-2: vsamkArg+HuxpNF4KJfURTKwyozTRsjn0BNY+bInBnksCSdXyg0+I9BfCMl7AdMOP5c56FkuZTA=
x-amz-request-id: PQJXH3NRCY404YPG
last-modified: Tue, 09 Jul 2024 15:59:01 GMT
etag: "d44ae5223e70c5edad69e18e08891303"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: 8b3VbRfCWJYlN8mUlpM0T3JXMW3yAnTz
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f43ac803ddaed04e157d8f4cc47f9d30
3b124d1a4787acb012f8dba86c2682286225e6ec
fcc49c4f85feed0addfb35ac975528e62fd12609e78afb3acab0451051523e88

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 10 Jul 2024 12:00:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

i.ibb.co/7yS7TgY/1BJKFkm.png

162.19.58.161

200 OK

36 kB

URL GET HTTP/2
i.ibb.co/7yS7TgY/1BJKFkm.png
IP
162.19.58.161:443
ASN
#16276 OVH SAS

Requested by
https://elderly-natural-sing.glitch.me/#bcic@bcic.org.in
Certificate
IssuerLet's Encrypt
Subjectibb.co
Fingerprint5F:18:DC:78:83:E8:A9:2D:9B:15:95:2F:AC:0C:82:09:04:D5:10:6D
ValidityFri, 21 Jun 2024 07:49:37 GMT - Thu, 19 Sep 2024 07:49:36 GMT

File type
PNG image data, 1000 x 100, 8-bit/color RGBA, non-interlaced
Size
36 kB (36383 bytes)
Hash
f4f008291c3c2a0a650872b3d275333f
15a533adeb26d26fb06517a707dc1d13f2e1f7a7
a59679ee3b01c11c153681481e175b4964bdea8fc3fd8676b5fd2cffbcf38bf7

HTTP Headers

GET /7yS7TgY/1BJKFkm.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://elderly-natural-sing.glitch.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 10 Jul 2024 12:00:57 GMT
content-type: image/png
content-length: 36383
last-modified: Fri, 15 Mar 2024 16:24:11 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

i.ibb.co/nfzhv0y/ZvlG0Sw.jpg

162.19.58.161

200 OK

291 kB

URL GET HTTP/2
i.ibb.co/nfzhv0y/ZvlG0Sw.jpg
IP
162.19.58.161:443
ASN
#16276 OVH SAS

Requested by
https://elderly-natural-sing.glitch.me/#bcic@bcic.org.in
Certificate
IssuerLet's Encrypt
Subjectibb.co
Fingerprint5F:18:DC:78:83:E8:A9:2D:9B:15:95:2F:AC:0C:82:09:04:D5:10:6D
ValidityFri, 21 Jun 2024 07:49:37 GMT - Thu, 19 Sep 2024 07:49:36 GMT

File type
JPEG image data, progressive, precision 8, 2529x1350, components 3
Size
291 kB (290884 bytes)
Hash
efa223fc4fbf982e380696cf1e733520
f2b2d1a4fbe41dc13a4686765322dd6acd4df21a
d0eb1eeb6dcb3e4e264284cec98e59ae7c056b0f31b48db1ca582a4246a27f05

HTTP Headers

GET /nfzhv0y/ZvlG0Sw.jpg HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://elderly-natural-sing.glitch.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 10 Jul 2024 12:00:57 GMT
content-type: image/jpeg
content-length: 290884
last-modified: Fri, 15 Mar 2024 11:41:27 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f43ac803ddaed04e157d8f4cc47f9d30
3b124d1a4787acb012f8dba86c2682286225e6ec
fcc49c4f85feed0addfb35ac975528e62fd12609e78afb3acab0451051523e88

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 10 Jul 2024 12:00:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Roboto:100,400,500,700

142.250.74.106

200 OK

172 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:100,400,500,700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://elderly-natural-sing.glitch.me/#bcic@bcic.org.in
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintC7:12:52:3A:BD:E0:73:20:AD:A8:5F:DF:12:DB:C6:DE:AF:63:88:6B
ValidityThu, 13 Jun 2024 16:32:33 GMT - Thu, 05 Sep 2024 16:32:32 GMT

File type
gzip compressed data, max compression
Size
172 kB (172060 bytes)
Hash
fe03bb01bd84efbcf7778783108c9dcc
fa64f603c42d4dca9617b4ac33736302d68acd04
3c36695e0c4f7d4e6e2805fd8d25c04c9aab56b97eb00f8954613825163b1895

HTTP Headers

GET /css?family=Roboto:100,400,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://elderly-natural-sing.glitch.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 10 Jul 2024 12:00:57 GMT
date: Wed, 10 Jul 2024 12:00:57 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
d7b2c37e4b6c062d80ad32046f42d3d8
131cd5c2ca2a258c3cf11746f94cfd43a6a4f04c
317f60a1498c7b52833955e8a54a0ba66b5b8dc9e9862c2ac262b874d491fce2

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "317F60A1498C7B52833955E8A54A0BA66B5B8DC9E9862C2AC262B874D491FCE2"
Last-Modified: Mon, 08 Jul 2024 05:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9158
Expires: Wed, 10 Jul 2024 14:33:36 GMT
Date: Wed, 10 Jul 2024 12:00:58 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
d7b2c37e4b6c062d80ad32046f42d3d8
131cd5c2ca2a258c3cf11746f94cfd43a6a4f04c
317f60a1498c7b52833955e8a54a0ba66b5b8dc9e9862c2ac262b874d491fce2

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "317F60A1498C7B52833955E8A54A0BA66B5B8DC9E9862C2AC262B874D491FCE2"
Last-Modified: Mon, 08 Jul 2024 05:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9158
Expires: Wed, 10 Jul 2024 14:33:36 GMT
Date: Wed, 10 Jul 2024 12:00:58 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
d7b2c37e4b6c062d80ad32046f42d3d8
131cd5c2ca2a258c3cf11746f94cfd43a6a4f04c
317f60a1498c7b52833955e8a54a0ba66b5b8dc9e9862c2ac262b874d491fce2

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "317F60A1498C7B52833955E8A54A0BA66B5B8DC9E9862C2AC262B874D491FCE2"
Last-Modified: Mon, 08 Jul 2024 05:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9158
Expires: Wed, 10 Jul 2024 14:33:36 GMT
Date: Wed, 10 Jul 2024 12:00:58 GMT
Connection: keep-alive

ka-f.fontawesome.com/releases/v6.5.2/css/free-v4-font-face.min.css?token=f6136e9b49

104.21.26.223

200 OK

7.3 kB

URL GET HTTP/2
ka-f.fontawesome.com/releases/v6.5.2/css/free-v4-font-face.min.css?token=f6136e9b49
IP
104.21.26.223:443
ASN
#13335 CLOUDFLARENET

Requested by
https://elderly-natural-sing.glitch.me/#bcic@bcic.org.in
Certificate
IssuerGoogle Trust Services
Subjectka-f.fontawesome.com
Fingerprint6D:72:F5:B4:68:5B:A6:B0:2B:E9:FE:83:27:B3:F4:90:E8:F3:E9:0A
ValidityMon, 01 Jul 2024 12:54:00 GMT - Sun, 29 Sep 2024 12:53:59 GMT

File type
gzip compressed data, from Unix
Size
7.3 kB (7323 bytes)
Hash
ee3e77d40a2328b999c483da842e5ed1
7c62a8c32f72850ad0e6a70b7087c9eeaa22cbdc
1e7a5087a51bf881013596e73b873886a42a4d25c6c143ed02d083fc409a4966

HTTP Headers

GET /releases/v6.5.2/css/free-v4-font-face.min.css?token=f6136e9b49 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://elderly-natural-sing.glitch.me/
Origin: https://elderly-natural-sing.glitch.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 10 Jul 2024 12:00:57 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 02 Apr 2024 15:26:25 GMT
etag: W/"9c9f596493867f0e7ef5f9fe99103fce"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _qgb_fDqeBGHYP6PiALe7E_k8CaZxKpTH9j71FgfUM5-usQfIpFp_A==
age: 60571
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8X1ljcX3s3OTKTbzPIOlNukyCW1T6sEtM9GYojXOtOWvT%2BIXldZP5fg0wnzl%2FEuJpniHrpgOSl0PjKVzKvT4eBsgdn%2FxyErGe0pclA078q2uJSJTKvApve8hSs5BasL%2B7HOX9b6HgA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a106577582156bb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

logo.clearbit.com/bcic.org.in

54.240.174.79

200 OK

19 kB

URL GET HTTP/2
logo.clearbit.com/bcic.org.in
IP
54.240.174.79:443
ASN
#16509 AMAZON-02

Requested by
https://elderly-natural-sing.glitch.me/#bcic@bcic.org.in
Certificate
IssuerAmazon
Subjectclearbit.com
FingerprintCE:16:94:BB:21:1F:D1:5C:C5:B1:B0:D0:51:6C:C5:26:30:0D:59:72
ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT

File type
PNG image data, 128 x 128, 8-bit/color RGB, non-interlaced
Size
19 kB (18720 bytes)
Hash
953d4ccc46d68bbfcc0d214fe90730a2
8819699cf83381f1495750d0a0182fe10a928db4
546d590cd981ba399532b15eed93c4927ecf9215ca1a52dc10092a9e305af29d

HTTP Headers

GET /bcic.org.in HTTP/1.1
Host: logo.clearbit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://elderly-natural-sing.glitch.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
date: Wed, 10 Jul 2024 02:01:42 GMT
x-envoy-response-flags: -
server: Clearbit
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6jhAXvTTqq-2HSLSGhFUFnNHmIZdRXGvk-S9w4HYoS4cnxnPm59KDA==
age: 35955
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v6.5.2/css/free.min.css?token=f6136e9b49

104.21.26.223

200 OK

28 kB

URL GET HTTP/2
ka-f.fontawesome.com/releases/v6.5.2/css/free.min.css?token=f6136e9b49
IP
104.21.26.223:443
ASN
#13335 CLOUDFLARENET

Requested by
https://elderly-natural-sing.glitch.me/#bcic@bcic.org.in
Certificate
IssuerGoogle Trust Services
Subjectka-f.fontawesome.com
Fingerprint6D:72:F5:B4:68:5B:A6:B0:2B:E9:FE:83:27:B3:F4:90:E8:F3:E9:0A
ValidityMon, 01 Jul 2024 12:54:00 GMT - Sun, 29 Sep 2024 12:53:59 GMT

File type
gzip compressed data, from Unix
Size
28 kB (27710 bytes)
Hash
347e26d1cd0dc5f880e6533299f9e762
f969a10ce2fbd3c6c95b72d4d99bd82f726f4a05
b7ab882d2833d1075921616509ce6a9a39c6ac6e77eb4649e01a42a94a91b556

HTTP Headers

GET /releases/v6.5.2/css/free.min.css?token=f6136e9b49 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://elderly-natural-sing.glitch.me/
Origin: https://elderly-natural-sing.glitch.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 10 Jul 2024 12:00:57 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 02 Apr 2024 15:26:25 GMT
etag: W/"7f29cd8c97789aa298af8c61623ca28b"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: uEJJ4xDHAKAgJwmnU34oEpMEEED4ZslguxT9WTk6WPzjS4pqZRw59A==
age: 60571
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7VLb9OoExAw2OYyS2Lmi8iT5cgyv2H0XU4vkrBrPapaSHf4LtZwKZANLkSqLBi13Dtsf1hglnFvV3WdbMP6svyWu8LSG88guvcibfwK80JzB2216Ne%2BT%2FfVA4TUgVNsW4wz8QxduUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a106577582a56bb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

elderly-natural-sing.glitch.me/

52.70.66.19

200 OK

82 kB

URL User Request GET HTTP/2
elderly-natural-sing.glitch.me/
IP
52.70.66.19:443
ASN
#14618 AMAZON-AES

Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint57:4F:13:8A:33:42:32:7C:F7:C9:C5:1F:DF:C1:35:65:F0:E9:70:EE
ValidityMon, 04 Dec 2023 00:00:00 GMT - Wed, 01 Jan 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65500)
Size
82 kB (82529 bytes)
Hash
d44ae5223e70c5edad69e18e08891303
e3dfed10f5f3d56f0cd03a4b6c332dab0a318b86
f0f3a38d85f5db4687da40b9c1e8fd1fba14a924a95f284341b7f54f928d34eb

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET / HTTP/1.1
Host: elderly-natural-sing.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://inodive.us/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 10 Jul 2024 12:00:56 GMT
content-type: text/html; charset=utf-8
content-length: 82529
x-amz-id-2: vsamkArg+HuxpNF4KJfURTKwyozTRsjn0BNY+bInBnksCSdXyg0+I9BfCMl7AdMOP5c56FkuZTA=
x-amz-request-id: PQJXH3NRCY404YPG
last-modified: Tue, 09 Jul 2024 15:59:01 GMT
etag: "d44ae5223e70c5edad69e18e08891303"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: 8b3VbRfCWJYlN8mUlpM0T3JXMW3yAnTz
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

logo.clearbit.com/inbox.com

54.240.174.79

200 OK

3.5 kB

URL GET HTTP/2
logo.clearbit.com/inbox.com
IP
54.240.174.79:443
ASN
#16509 AMAZON-02

Requested by
https://elderly-natural-sing.glitch.me/#bcic@bcic.org.in
Certificate
IssuerAmazon
Subjectclearbit.com
FingerprintCE:16:94:BB:21:1F:D1:5C:C5:B1:B0:D0:51:6C:C5:26:30:0D:59:72
ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT

File type
PNG image data, 128 x 34, 8-bit/color RGBA, non-interlaced
Size
3.5 kB (3487 bytes)
Hash
a4f2c54a52c942c8431fe192e201c65a
e7f8a33204cc5d41ad9d2ee4dafb96026acb2a44
d6a9a5e080fcfdf1a944b08718ad594b0af0e47b710fc99080cbdafca8e8f39e

HTTP Headers

GET /inbox.com HTTP/1.1
Host: logo.clearbit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://elderly-natural-sing.glitch.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
date: Wed, 26 Jun 2024 04:30:17 GMT
x-envoy-response-flags: -
server: Clearbit
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qFAUmgSrItzzS2cfemXSyygsD7UYlGw7PTvYn--v99oFgdOEfBU3uA==
age: 1236639
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v6.5.2/css/free-v4-shims.min.css?token=f6136e9b49

104.21.26.223

200 OK

28 kB

URL GET HTTP/2
ka-f.fontawesome.com/releases/v6.5.2/css/free-v4-shims.min.css?token=f6136e9b49
IP
104.21.26.223:443
ASN
#13335 CLOUDFLARENET

Requested by
https://elderly-natural-sing.glitch.me/#bcic@bcic.org.in
Certificate
IssuerGoogle Trust Services
Subjectka-f.fontawesome.com
Fingerprint6D:72:F5:B4:68:5B:A6:B0:2B:E9:FE:83:27:B3:F4:90:E8:F3:E9:0A
ValidityMon, 01 Jul 2024 12:54:00 GMT - Sun, 29 Sep 2024 12:53:59 GMT

File type
ASCII text, with very long lines (27377)
Size
28 kB (27592 bytes)
Hash
940b066040a876fa1dc7b2ee2d222a58
64b2aea0b4d60d879d4ff7540192a906ffc0fd92
f4e953827930889e844103c3a6771bd2e9de17d091b36378c40362271858e075

HTTP Headers

GET /releases/v6.5.2/css/free-v4-shims.min.css?token=f6136e9b49 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://elderly-natural-sing.glitch.me/
Origin: https://elderly-natural-sing.glitch.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 10 Jul 2024 12:00:57 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 02 Apr 2024 15:26:25 GMT
etag: W/"940b066040a876fa1dc7b2ee2d222a58"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wCuCRxre3KOlnJrWxRIxxOXEn5eXeO6nPRUbpnnpsOVOwAMI1BzD7w==
age: 60571
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3%2Boj3YswbMymZkON0sGOlSXQwzftSidUfQ24NAJBeaLjZYsRfV3YC5Knd%2Bd9ECPQhDNcyUotc%2FwD3%2BwXvgjtG6q4BhJ3yXrpTaEcXDL%2F1pQL6FEvZBFR%2BX9SpsLWvDhMjDk%2FyOCSlg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a106577481b56bb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v6.5.2/css/free-v5-font-face.min.css?token=f6136e9b49

104.21.26.223

200 OK

823 B

URL GET HTTP/2
ka-f.fontawesome.com/releases/v6.5.2/css/free-v5-font-face.min.css?token=f6136e9b49
IP
104.21.26.223:443
ASN
#13335 CLOUDFLARENET

Requested by
https://elderly-natural-sing.glitch.me/#bcic@bcic.org.in
Certificate
IssuerGoogle Trust Services
Subjectka-f.fontawesome.com
Fingerprint6D:72:F5:B4:68:5B:A6:B0:2B:E9:FE:83:27:B3:F4:90:E8:F3:E9:0A
ValidityMon, 01 Jul 2024 12:54:00 GMT - Sun, 29 Sep 2024 12:53:59 GMT

File type
ASCII text, with very long lines (845), with no line terminators
Size
823 B (823 bytes)
Hash
d8a0274a5097af25642c9310d6d4bb3e
61512d739400e60d9360863446eaf008395859fb
84f5ae05668bcfe4bd7447d5035e909686423e998d8dfc2c96789875ef78cdd3

HTTP Headers

GET /releases/v6.5.2/css/free-v5-font-face.min.css?token=f6136e9b49 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://elderly-natural-sing.glitch.me/
Origin: https://elderly-natural-sing.glitch.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 10 Jul 2024 12:00:57 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 02 Apr 2024 15:26:25 GMT
etag: W/"a3d53e21a02e37af6cbc00ac63b3cc1e"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: py556Y_Vt8gVeK79RRTQpepcOoAZY6m1NW2nXWn3Tsf7p6YSFifXjQ==
age: 60571
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cIpo6Xam2fA1%2BFuT%2BEsB4bYF%2FyQ26QYWqP5b8s39ypx3k0TLJfMltNIRUo5v8ODD%2FyWKBDkxgza3Kpbtta8SQgW0nSdrxhx1M0NAg17rYLvS1YsPodWHuE9vTvCEWLhuWxqIAJaymw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8a106577582456bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v6.5.2/webfonts/free-fa-solid-900.woff2

104.21.26.223

200 OK

156 kB

URL GET HTTP/2
ka-f.fontawesome.com/releases/v6.5.2/webfonts/free-fa-solid-900.woff2
IP
104.21.26.223:443
ASN
#13335 CLOUDFLARENET

Requested by
https://elderly-natural-sing.glitch.me/#bcic@bcic.org.in
Certificate
IssuerGoogle Trust Services
Subjectka-f.fontawesome.com
Fingerprint6D:72:F5:B4:68:5B:A6:B0:2B:E9:FE:83:27:B3:F4:90:E8:F3:E9:0A
ValidityMon, 01 Jul 2024 12:54:00 GMT - Sun, 29 Sep 2024 12:53:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 156388, version 773.1280
Size
156 kB (156388 bytes)
Hash
ae015e3286ef56a0daf8e83838a32a88
7c18577fd6c4e7d9036b244215ace3945372eefe
41dca0965bdfd255f85e7fc8e9a3dc1fe3eb810996c553d4ef2b8872737ee825

HTTP Headers

GET /releases/v6.5.2/webfonts/free-fa-solid-900.woff2 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://elderly-natural-sing.glitch.me
DNT: 1
Connection: keep-alive
Referer: https://elderly-natural-sing.glitch.me/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 10 Jul 2024 12:00:57 GMT
content-type: font/woff2
content-length: 156388
last-modified: Tue, 02 Apr 2024 15:51:14 GMT
etag: "ae015e3286ef56a0daf8e83838a32a88"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: fa-kit-token
access-control-max-age: 3000
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rRkhPvO0IxqE4_fyAP-icq9ssCHnAenXvhFfkY5NMRhPXejay6_CUg==
age: 60570
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z9QCFSxnBvuVI2dfAHa2x%2BfB5tV3MS%2BFveiSnn7HYheeLYNYuEEHWpTkqu4ltf3ciFCMiEXPOQIbqh3yZ7cjM44WCroZVuc0GErda4bgin%2Fjf35n4udcIHECwoKhXLuI2CIrvzwsQA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8a106578595256bb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

kit.fontawesome.com/f6136e9b49.js

104.18.40.68

200 OK

12 kB

URL GET HTTP/2
kit.fontawesome.com/f6136e9b49.js
IP
104.18.40.68:443
ASN
#13335 CLOUDFLARENET

Requested by
https://elderly-natural-sing.glitch.me/#bcic@bcic.org.in
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint93:F9:69:8C:73:B0:08:60:65:F3:39:41:39:66:D3:2B:78:3A:6E:3D
ValidityMon, 04 Dec 2023 00:00:00 GMT - Fri, 03 Jan 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (11461)
Size
12 kB (11890 bytes)
Hash
95ca010d08c5ef1c7fc1dac41ffa1f4c
42b3e8e5d65b482a558b722ead345d49db0b5148
d39cccc4cd6f99a67eb05aa4f43c8ecdd9cb9fb1b7966b0a7b02b22478832124

HTTP Headers

GET /f6136e9b49.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://elderly-natural-sing.glitch.me
DNT: 1
Connection: keep-alive
Referer: https://elderly-natural-sing.glitch.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 10 Jul 2024 12:00:57 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, stale-while-revalidate=30
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: F-DYPCsq7YMaHQ15a9Bi
cf-cache-status: HIT
age: 47
server: cloudflare
cf-ray: 8a1065757daf0b51-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

HTTP Transactions (24)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN