Report - inodive.us/wp-content/css/bWlrZUBlbGV2YXRlZGVkdWNhdGlvbi5jb20=

Report Overview

Submitted URL
inodive.us/wp-content/css/bWlrZUBlbGV2YXRlZGVkdWNhdGlvbi5jb20=
IP
68.171.218.65
ASN
#22878 ASACENET1
Submitted
2024-07-10 12:00:50
Access
public
Website Title
elevatededucation - Mail
Final URL
elderly-natural-sing.glitch.me/#mike@elevatededucation.com
Tags
phishing microsoft outlook
urlquery detections
Phishing - Generic phishing
Phishing - Microsoft Outlook

Detections

urlquery
6
Network Intrusion Detection
2
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21 01:06:24	2024-07-09 15:13:58	338 B	942 B	143.204.53.97
i.ibb.co	13485	2010-07-20	2018-11-25 11:13:48	2024-07-08 21:35:22	904 B	328 kB	162.19.58.160
kit.fontawesome.com	1868	2012-10-18	2019-12-16 20:51:31	2024-07-08 18:19:25	467 B	5.4 kB	104.18.40.68
ka-f.fontawesome.com	3598	2012-10-18	2019-12-17 07:36:13	2024-07-08 22:11:06	2.6 kB	296 kB	172.67.139.119
logo.clearbit.com	27344	2003-07-04	2015-06-30 18:39:45	2024-07-09 15:25:10	1.4 kB	5.0 kB	54.240.174.116
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-07-08 18:12:20	2.3 kB	6.2 kB	23.36.77.32
inodive.us	unknown	2009-02-26	2018-02-07 14:28:20	2022-05-24 09:50:51	516 B	444 B	68.171.218.65
elderly-natural-sing.glitch.me	unknown	unknown	No data	No data	1.0 kB	166 kB	52.70.66.19
o.pki.goog	unknown	2016-06-13	2024-04-24 13:44:57	2024-07-08 18:24:16	325 B	700 B	142.250.74.131
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2024-07-08 21:59:01	459 B	9.4 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-07-10 12:00:21	medium	Client IP	52.70.66.19	ET HUNTING Suspicious Glitch Hosted TLS SNI Request - Possible Phishing Landing
2024-07-10 12:00:21	low	Client IP	52.70.66.19	ET INFO Observed Online Application Hosting Domain (glitch .me in TLS SNI)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (4)

	URL	Size	First Seen	Last Seen
	kit.fontawesome.com/f6136e9b49.js	12 kB	2024-04-10 20:28	2024-08-20 05:05
Pretty URL kit.fontawesome.com/f6136e9b49.js IP 104.18.40.68 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-10 20:28 Last Seen2024-08-20 05:05 Times Seen379 Hash 95ca010d08c5ef1c7fc1dac41ffa1f4c 42b3e8e5d65b482a558b722ead345d49db0b5148 d39cccc4cd6f99a67eb05aa4f43c8ecdd9cb9fb1b7966b0a7b02b22478832124 Loading...

	unknown	4.2 kB	2024-07-09 21:11	2024-08-19 17:28
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-09 21:11 Last Seen2024-08-19 17:28 Times Seen53 Hash b2729272efc86b5b57fa8963eeb62312 ee6abf3347a068d400975fff1b5009fbe17a048d 8f4d38733138b80011fe6a85736a5d869c461331bcdb358f9c391877dabb78e7 Loading...

	elderly-natural-sing.glitch.me/#mike@elevatededucation.com	82 kB	2024-07-09 21:11	2024-08-19 17:28
Pretty URL elderly-natural-sing.glitch.me/#mike@elevatededucation.com IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-07-09 21:11 Last Seen2024-08-19 17:28 Times Seen53 Hash 69a6cd1dd1e0afb5ba01598f1251f724 67df007cd27c632dbaa49daa40de7559c418ac5c 7458cb6733e2e617edc3e798d3cdb1341addaa5ccf0a40ce2838a0a5de8fd89a Loading...

		Size	First Seen	Last Seen
	#1 Write - 0acdfca501e26a2114cf4294a09b3cd0	11 kB	2024-07-09 21:11	2024-08-19 17:28
Pretty Observations First Seen2024-07-09 21:11 Last Seen2024-08-19 17:28 Times Seen53 Hash 0acdfca501e26a2114cf4294a09b3cd0 9804628e215365e6ef8f384893aeaaa946d1289a 41684d1819aa4fa70b576317a06af862d44cc9bac63f50984ba836572296e576 Loading...

HTTP Transactions (24)

URL IP Response Size

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
b34ca6af54e2b9fea57d418f5d1928f7
510b69f4470789a573217726d6f1a3d6ee765460
41e6a348aac9e9db44bfa14b3aa29d411f4489b375ae1f1be6b0d280af98541d

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "41E6A348AAC9E9DB44BFA14B3AA29D411F4489B375AE1F1BE6B0D280AF98541D"
Last-Modified: Mon, 08 Jul 2024 01:53:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5334
Expires: Wed, 10 Jul 2024 13:29:14 GMT
Date: Wed, 10 Jul 2024 12:00:20 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
e08576e0904dc9903a9c20fa9e3d15b8
74feff76140500fd4a61e89c7e9d8d0a60df1183
ee690bacddf55fd12ae0c9c39e330e0a1a18776b9edc91b4aa6c5bae28824f1e

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "EE690BACDDF55FD12AE0C9C39E330E0A1A18776B9EDC91B4AA6C5BAE28824F1E"
Last-Modified: Tue, 09 Jul 2024 15:28:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21141
Expires: Wed, 10 Jul 2024 17:52:41 GMT
Date: Wed, 10 Jul 2024 12:00:20 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
e7492695b5254a3a63fcffb4f1ee8cec
0361713c6d8129210245347284c7c6babfd28fb7
5d1bc1c01894fd88a0d4680490977488d6458bb58a98ace24ef8aa103538bc1f

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "5D1BC1C01894FD88A0D4680490977488D6458BB58A98ACE24EF8AA103538BC1F"
Last-Modified: Tue, 09 Jul 2024 23:47:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16581
Expires: Wed, 10 Jul 2024 16:36:41 GMT
Date: Wed, 10 Jul 2024 12:00:20 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
fc076d7a99abd74b9da6b35304bb93e9
9d541501d5141dcf7b4d839d6fcffabec81e1a14
c86804eff01a7bb9ff866508bfdb1b071cfa4a26617d11094b9f5226e1a4b970

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "C86804EFF01A7BB9FF866508BFDB1B071CFA4A26617D11094B9F5226E1A4B970"
Last-Modified: Tue, 09 Jul 2024 16:18:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16963
Expires: Wed, 10 Jul 2024 16:43:04 GMT
Date: Wed, 10 Jul 2024 12:00:21 GMT
Connection: keep-alive

inodive.us/wp-content/css/bWlrZUBlbGV2YXRlZGVkdWNhdGlvbi5jb20=

68.171.218.65

128 B

URL
inodive.us/wp-content/css/bWlrZUBlbGV2YXRlZGVkdWNhdGlvbi5jb20=
IP
68.171.218.65:0
ASN
#22878 ASACENET1

File type
HTML document, ASCII text
Size
128 B (128 bytes)
Hash
7c41b0c7798bd8f5207e6373986ecf09
27bf73a1e54240cfb8fc80f678d251ba4f5c8863
b8cb287c40bb83887fc569bba9566b99beac48cee2bf3481a562bc72cac29423

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /wp-content/css/bWlrZUBlbGV2YXRlZGVkdWNhdGlvbi5jb20= HTTP/1.1
Host: inodive.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 10 Jul 2024 12:00:21 GMT
Server: Apache
X-Powered-By: PHP/7.4.33
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
Content-Length: 128
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
61f15d2d834e4e25a8ce7ce11fa7d78b
d15d8ec07814a18a24fa05b16aa8771a7e28a161
6f09894109d9d84e5a050521d9b406480f1545cf92c9670985f706991817bfd8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Wed, 10 Jul 2024 12:00:22 GMT
Last-Modified: Wed, 10 Jul 2024 10:52:40 GMT
Server: ECAcc (ska/F73A)
X-Cache: Miss from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: rGruSj2PwxD8-A3FxJyjGDkGoForRg8L_B6KDsGw4fN4eAA5w0Weng==
Age: 4062

elderly-natural-sing.glitch.me/

52.70.66.19

82 kB

URL
elderly-natural-sing.glitch.me/
IP
52.70.66.19:0
ASN
#14618 AMAZON-AES

File type
JavaScript source, ASCII text, with very long lines (65500)
Size
82 kB (82529 bytes)
Hash
d44ae5223e70c5edad69e18e08891303
e3dfed10f5f3d56f0cd03a4b6c332dab0a318b86
f0f3a38d85f5db4687da40b9c1e8fd1fba14a924a95f284341b7f54f928d34eb

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET / HTTP/1.1
Host: elderly-natural-sing.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://inodive.us/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 10 Jul 2024 12:00:22 GMT
content-type: text/html; charset=utf-8
content-length: 82529
x-amz-id-2: ej9ssYLITTifRmqdBSr1RQB46st7ByUeP0TR9QKeJPgY4eblz0PlY57QU4ppc4JUdZ+cVP+gooV5htOHAIz38IV+4+jWWjUC4UGITcbteWM=
x-amz-request-id: 57T8WPXCSD79QKXK
last-modified: Tue, 09 Jul 2024 15:59:01 GMT
etag: "d44ae5223e70c5edad69e18e08891303"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: 8b3VbRfCWJYlN8mUlpM0T3JXMW3yAnTz
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

i.ibb.co/7yS7TgY/1BJKFkm.png

162.19.58.160

200 OK

36 kB

URL GET HTTP/2
i.ibb.co/7yS7TgY/1BJKFkm.png
IP
162.19.58.160:443
ASN
#16276 OVH SAS

Requested by
https://elderly-natural-sing.glitch.me/#mike@elevatededucation.com
Certificate
IssuerLet's Encrypt
Subjectibb.co
Fingerprint5F:18:DC:78:83:E8:A9:2D:9B:15:95:2F:AC:0C:82:09:04:D5:10:6D
ValidityFri, 21 Jun 2024 07:49:37 GMT - Thu, 19 Sep 2024 07:49:36 GMT

File type
PNG image data, 1000 x 100, 8-bit/color RGBA, non-interlaced
Size
36 kB (36383 bytes)
Hash
f4f008291c3c2a0a650872b3d275333f
15a533adeb26d26fb06517a707dc1d13f2e1f7a7
a59679ee3b01c11c153681481e175b4964bdea8fc3fd8676b5fd2cffbcf38bf7

HTTP Headers

GET /7yS7TgY/1BJKFkm.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://elderly-natural-sing.glitch.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 10 Jul 2024 12:00:22 GMT
content-type: image/png
content-length: 36383
last-modified: Fri, 15 Mar 2024 16:24:11 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

i.ibb.co/nfzhv0y/ZvlG0Sw.jpg

162.19.58.160

200 OK

291 kB

URL GET HTTP/2
i.ibb.co/nfzhv0y/ZvlG0Sw.jpg
IP
162.19.58.160:443
ASN
#16276 OVH SAS

Requested by
https://elderly-natural-sing.glitch.me/#mike@elevatededucation.com
Certificate
IssuerLet's Encrypt
Subjectibb.co
Fingerprint5F:18:DC:78:83:E8:A9:2D:9B:15:95:2F:AC:0C:82:09:04:D5:10:6D
ValidityFri, 21 Jun 2024 07:49:37 GMT - Thu, 19 Sep 2024 07:49:36 GMT

File type
JPEG image data, progressive, precision 8, 2529x1350, components 3
Size
291 kB (290884 bytes)
Hash
efa223fc4fbf982e380696cf1e733520
f2b2d1a4fbe41dc13a4686765322dd6acd4df21a
d0eb1eeb6dcb3e4e264284cec98e59ae7c056b0f31b48db1ca582a4246a27f05

HTTP Headers

GET /nfzhv0y/ZvlG0Sw.jpg HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://elderly-natural-sing.glitch.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 10 Jul 2024 12:00:22 GMT
content-type: image/jpeg
content-length: 290884
last-modified: Fri, 15 Mar 2024 11:41:27 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

kit.fontawesome.com/f6136e9b49.js

104.18.40.68

200 OK

4.8 kB

URL GET HTTP/2
kit.fontawesome.com/f6136e9b49.js
IP
104.18.40.68:443
ASN
#13335 CLOUDFLARENET

Requested by
https://elderly-natural-sing.glitch.me/#mike@elevatededucation.com
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint93:F9:69:8C:73:B0:08:60:65:F3:39:41:39:66:D3:2B:78:3A:6E:3D
ValidityMon, 04 Dec 2023 00:00:00 GMT - Fri, 03 Jan 2025 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
4.8 kB (4822 bytes)
Hash
9693b67bcfdc67f6cd6ad04eaf35f4f7
a3470e3857c6b217798aadeba57d8ba808362ee8
df44eac0a605a31a3b4ac06799f923cba3091b8dbbd65b0ac783cd43050bb9b5

HTTP Headers

GET /f6136e9b49.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://elderly-natural-sing.glitch.me
DNT: 1
Connection: keep-alive
Referer: https://elderly-natural-sing.glitch.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 10 Jul 2024 12:00:22 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, stale-while-revalidate=30
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: F-DYPCsq7YMaHQ15a9Bi
cf-cache-status: HIT
age: 12
server: cloudflare
cf-ray: 8a10649c9fc356a8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f43ac803ddaed04e157d8f4cc47f9d30
3b124d1a4787acb012f8dba86c2682286225e6ec
fcc49c4f85feed0addfb35ac975528e62fd12609e78afb3acab0451051523e88

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 10 Jul 2024 12:00:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ka-f.fontawesome.com/releases/v6.5.2/webfonts/free-fa-solid-900.woff2

172.67.139.119

200 OK

156 kB

URL GET HTTP/2
ka-f.fontawesome.com/releases/v6.5.2/webfonts/free-fa-solid-900.woff2
IP
172.67.139.119:443
ASN
#13335 CLOUDFLARENET

Requested by
https://elderly-natural-sing.glitch.me/#mike@elevatededucation.com
Certificate
IssuerGoogle Trust Services
Subjectka-f.fontawesome.com
Fingerprint6D:72:F5:B4:68:5B:A6:B0:2B:E9:FE:83:27:B3:F4:90:E8:F3:E9:0A
ValidityMon, 01 Jul 2024 12:54:00 GMT - Sun, 29 Sep 2024 12:53:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 156388, version 773.1280
Size
156 kB (156388 bytes)
Hash
ae015e3286ef56a0daf8e83838a32a88
7c18577fd6c4e7d9036b244215ace3945372eefe
41dca0965bdfd255f85e7fc8e9a3dc1fe3eb810996c553d4ef2b8872737ee825

HTTP Headers

GET /releases/v6.5.2/webfonts/free-fa-solid-900.woff2 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://elderly-natural-sing.glitch.me
DNT: 1
Connection: keep-alive
Referer: https://elderly-natural-sing.glitch.me/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 10 Jul 2024 12:00:22 GMT
content-type: font/woff2
content-length: 156388
last-modified: Tue, 02 Apr 2024 15:51:14 GMT
etag: "ae015e3286ef56a0daf8e83838a32a88"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: fa-kit-token
access-control-max-age: 3000
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rRkhPvO0IxqE4_fyAP-icq9ssCHnAenXvhFfkY5NMRhPXejay6_CUg==
age: 60535
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wphpMF1i%2BGcJWHVqkf2SoXMSiz7%2BU99I8MjHulJMDDKT%2B47HKQoKXnnlqApqS0%2FJ0RfIyQfL6SjyhDe80JnDDjvF9c78U6Ss4rmKm%2FgQKmmd%2BmCtnfQUpo%2FQf3tSBURIAu7KEk7s3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8a10649f8c1b569f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

logo.clearbit.com/elevatededucation.com

54.240.174.116

404 Not Found

1 B

URL GET HTTP/2
logo.clearbit.com/elevatededucation.com
IP
54.240.174.116:443
ASN
#16509 AMAZON-02

Requested by
https://elderly-natural-sing.glitch.me/#mike@elevatededucation.com
Certificate
IssuerAmazon
Subjectclearbit.com
FingerprintCE:16:94:BB:21:1F:D1:5C:C5:B1:B0:D0:51:6C:C5:26:30:0D:59:72
ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
68b329da9893e34099c7d8ad5cb9c940
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

HTTP Headers

GET /elevatededucation.com HTTP/1.1
Host: logo.clearbit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://elderly-natural-sing.glitch.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/plain; charset=utf-8
content-length: 1
date: Wed, 10 Jul 2024 12:00:22 GMT
x-envoy-response-flags: -
server: Clearbit
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: Error from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7kZbc9QM9eZGUVa7cSlRSH1XvtRVPK5HJGzeweyPuLwDsb1GvcSHAA==
X-Firefox-Spdy: h2

logo.clearbit.com/elevatededucation.com

54.240.174.116

404 Not Found

1 B

URL GET HTTP/2
logo.clearbit.com/elevatededucation.com
IP
54.240.174.116:443
ASN
#16509 AMAZON-02

Requested by
https://elderly-natural-sing.glitch.me/#mike@elevatededucation.com
Certificate
IssuerAmazon
Subjectclearbit.com
FingerprintCE:16:94:BB:21:1F:D1:5C:C5:B1:B0:D0:51:6C:C5:26:30:0D:59:72
ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
68b329da9893e34099c7d8ad5cb9c940
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

HTTP Headers

GET /elevatededucation.com HTTP/1.1
Host: logo.clearbit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://elderly-natural-sing.glitch.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
content-type: text/plain; charset=utf-8
content-length: 1
date: Wed, 10 Jul 2024 12:00:22 GMT
x-envoy-response-flags: -
server: Clearbit
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: Error from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bNPi14xLPkg6pvozaDT0DDE6lZYTjSGjc3iXD87M_-yzsqopV4aTiA==
X-Firefox-Spdy: h2

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
d7b2c37e4b6c062d80ad32046f42d3d8
131cd5c2ca2a258c3cf11746f94cfd43a6a4f04c
317f60a1498c7b52833955e8a54a0ba66b5b8dc9e9862c2ac262b874d491fce2

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "317F60A1498C7B52833955E8A54A0BA66B5B8DC9E9862C2AC262B874D491FCE2"
Last-Modified: Mon, 08 Jul 2024 05:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9184
Expires: Wed, 10 Jul 2024 14:33:27 GMT
Date: Wed, 10 Jul 2024 12:00:23 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
d7b2c37e4b6c062d80ad32046f42d3d8
131cd5c2ca2a258c3cf11746f94cfd43a6a4f04c
317f60a1498c7b52833955e8a54a0ba66b5b8dc9e9862c2ac262b874d491fce2

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "317F60A1498C7B52833955E8A54A0BA66B5B8DC9E9862C2AC262B874D491FCE2"
Last-Modified: Mon, 08 Jul 2024 05:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9184
Expires: Wed, 10 Jul 2024 14:33:27 GMT
Date: Wed, 10 Jul 2024 12:00:23 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
d7b2c37e4b6c062d80ad32046f42d3d8
131cd5c2ca2a258c3cf11746f94cfd43a6a4f04c
317f60a1498c7b52833955e8a54a0ba66b5b8dc9e9862c2ac262b874d491fce2

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "317F60A1498C7B52833955E8A54A0BA66B5B8DC9E9862C2AC262B874D491FCE2"
Last-Modified: Mon, 08 Jul 2024 05:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9184
Expires: Wed, 10 Jul 2024 14:33:27 GMT
Date: Wed, 10 Jul 2024 12:00:23 GMT
Connection: keep-alive

ka-f.fontawesome.com/releases/v6.5.2/css/free-v4-shims.min.css?token=f6136e9b49

172.67.139.119

200 OK

28 kB

URL GET HTTP/2
ka-f.fontawesome.com/releases/v6.5.2/css/free-v4-shims.min.css?token=f6136e9b49
IP
172.67.139.119:443
ASN
#13335 CLOUDFLARENET

Requested by
https://elderly-natural-sing.glitch.me/#mike@elevatededucation.com
Certificate
IssuerGoogle Trust Services
Subjectka-f.fontawesome.com
Fingerprint6D:72:F5:B4:68:5B:A6:B0:2B:E9:FE:83:27:B3:F4:90:E8:F3:E9:0A
ValidityMon, 01 Jul 2024 12:54:00 GMT - Sun, 29 Sep 2024 12:53:59 GMT

File type
ASCII text, with very long lines (27377)
Size
28 kB (27592 bytes)
Hash
940b066040a876fa1dc7b2ee2d222a58
64b2aea0b4d60d879d4ff7540192a906ffc0fd92
f4e953827930889e844103c3a6771bd2e9de17d091b36378c40362271858e075

HTTP Headers

GET /releases/v6.5.2/css/free-v4-shims.min.css?token=f6136e9b49 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://elderly-natural-sing.glitch.me/
Origin: https://elderly-natural-sing.glitch.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 10 Jul 2024 12:00:22 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 02 Apr 2024 15:26:25 GMT
etag: W/"940b066040a876fa1dc7b2ee2d222a58"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wCuCRxre3KOlnJrWxRIxxOXEn5eXeO6nPRUbpnnpsOVOwAMI1BzD7w==
age: 60536
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ilr9j5yH%2Bu8n2Dpfrxs8MXELAtUZ9S%2FHTzpSuJ%2FS3f2upp9MnpfxAFvJB4c99nnwuMViU7to5TxUnJ%2BKK7rl2bN2YwDHHoPn2VQU3N%2BghlCOrUTliJj2lUpGEeOE1O0E651KJCm06g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a10649ebae7569f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

elderly-natural-sing.glitch.me/

52.70.66.19

200 OK

82 kB

URL User Request GET HTTP/2
elderly-natural-sing.glitch.me/
IP
52.70.66.19:443
ASN
#14618 AMAZON-AES

Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint57:4F:13:8A:33:42:32:7C:F7:C9:C5:1F:DF:C1:35:65:F0:E9:70:EE
ValidityMon, 04 Dec 2023 00:00:00 GMT - Wed, 01 Jan 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65500)
Size
82 kB (82529 bytes)
Hash
d44ae5223e70c5edad69e18e08891303
e3dfed10f5f3d56f0cd03a4b6c332dab0a318b86
f0f3a38d85f5db4687da40b9c1e8fd1fba14a924a95f284341b7f54f928d34eb

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET / HTTP/1.1
Host: elderly-natural-sing.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://inodive.us/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 10 Jul 2024 12:00:22 GMT
content-type: text/html; charset=utf-8
content-length: 82529
x-amz-id-2: ej9ssYLITTifRmqdBSr1RQB46st7ByUeP0TR9QKeJPgY4eblz0PlY57QU4ppc4JUdZ+cVP+gooV5htOHAIz38IV+4+jWWjUC4UGITcbteWM=
x-amz-request-id: 57T8WPXCSD79QKXK
last-modified: Tue, 09 Jul 2024 15:59:01 GMT
etag: "d44ae5223e70c5edad69e18e08891303"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: 8b3VbRfCWJYlN8mUlpM0T3JXMW3yAnTz
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v6.5.2/css/free-v5-font-face.min.css?token=f6136e9b49

172.67.139.119

200 OK

823 B

URL GET HTTP/2
ka-f.fontawesome.com/releases/v6.5.2/css/free-v5-font-face.min.css?token=f6136e9b49
IP
172.67.139.119:443
ASN
#13335 CLOUDFLARENET

Requested by
https://elderly-natural-sing.glitch.me/#mike@elevatededucation.com
Certificate
IssuerGoogle Trust Services
Subjectka-f.fontawesome.com
Fingerprint6D:72:F5:B4:68:5B:A6:B0:2B:E9:FE:83:27:B3:F4:90:E8:F3:E9:0A
ValidityMon, 01 Jul 2024 12:54:00 GMT - Sun, 29 Sep 2024 12:53:59 GMT

File type
ASCII text, with very long lines (845), with no line terminators
Size
823 B (823 bytes)
Hash
d8a0274a5097af25642c9310d6d4bb3e
61512d739400e60d9360863446eaf008395859fb
84f5ae05668bcfe4bd7447d5035e909686423e998d8dfc2c96789875ef78cdd3

HTTP Headers

GET /releases/v6.5.2/css/free-v5-font-face.min.css?token=f6136e9b49 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://elderly-natural-sing.glitch.me/
Origin: https://elderly-natural-sing.glitch.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 10 Jul 2024 12:00:22 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 02 Apr 2024 15:26:25 GMT
etag: W/"a3d53e21a02e37af6cbc00ac63b3cc1e"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: py556Y_Vt8gVeK79RRTQpepcOoAZY6m1NW2nXWn3Tsf7p6YSFifXjQ==
age: 60536
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CBf7dG4DxxrIhXoCLNoyETZH%2BRY5pHJRels%2B9XaIKNsZuMkEL6K7UO02T9wKJpHepaTSlc0x0fmfDl6odKkMuq%2BPCpAq%2FBPTI8AGsBWfvL0zW3DulEiNM8esA6ZijElMp3%2FthLctRA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8a10649ecaf7569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v6.5.2/css/free-v4-font-face.min.css?token=f6136e9b49

172.67.139.119

200 OK

1.8 kB

URL GET HTTP/2
ka-f.fontawesome.com/releases/v6.5.2/css/free-v4-font-face.min.css?token=f6136e9b49
IP
172.67.139.119:443
ASN
#13335 CLOUDFLARENET

Requested by
https://elderly-natural-sing.glitch.me/#mike@elevatededucation.com
Certificate
IssuerGoogle Trust Services
Subjectka-f.fontawesome.com
Fingerprint6D:72:F5:B4:68:5B:A6:B0:2B:E9:FE:83:27:B3:F4:90:E8:F3:E9:0A
ValidityMon, 01 Jul 2024 12:54:00 GMT - Sun, 29 Sep 2024 12:53:59 GMT

File type
ASCII text, with very long lines (1803), with no line terminators
Size
1.8 kB (1775 bytes)
Hash
36f549800bc029aaadd0d7ac3d1d0f54
45bfcbb57c0155a2f22a47117deae6dc87706d4a
4048a832df1b9ac88058b1964ab9c45300daf6c10b0a02d697a29d729a81ea30

HTTP Headers

GET /releases/v6.5.2/css/free-v4-font-face.min.css?token=f6136e9b49 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://elderly-natural-sing.glitch.me/
Origin: https://elderly-natural-sing.glitch.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 10 Jul 2024 12:00:22 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 02 Apr 2024 15:26:25 GMT
etag: W/"9c9f596493867f0e7ef5f9fe99103fce"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _qgb_fDqeBGHYP6PiALe7E_k8CaZxKpTH9j71FgfUM5-usQfIpFp_A==
age: 60536
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G5dPaDsCMKsWWe3gOTZjP8mXTI7DsEQh75XP%2Bbo5QsWN2ZkBCzOrMy3AdAYahZvdTPi0lc3Mn%2FKJXHkYgfDvuR5Ao9%2BxMMeQRyy0TjBFktvvi8agE7FxHj7mxgTRIx2V6nDcEmLVVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a10649ecaf2569f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:100,400,500,700

142.250.74.106

200 OK

8.7 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:100,400,500,700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://elderly-natural-sing.glitch.me/#mike@elevatededucation.com
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintC7:12:52:3A:BD:E0:73:20:AD:A8:5F:DF:12:DB:C6:DE:AF:63:88:6B
ValidityThu, 13 Jun 2024 16:32:33 GMT - Thu, 05 Sep 2024 16:32:32 GMT

File type
ASCII text, with very long lines (8949), with no line terminators
Size
8.7 kB (8725 bytes)
Hash
b589d5a560fb9de54ce7ddda59a5f54a
de11b88f717916c3c16321231768a33744a769b5
c5d8c17b6e7ffac5f7079f9617b5defe8ede2974c828bbc69a07fd81c5efeae0

HTTP Headers

GET /css?family=Roboto:100,400,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://elderly-natural-sing.glitch.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 10 Jul 2024 12:00:22 GMT
date: Wed, 10 Jul 2024 12:00:22 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

logo.clearbit.com/inbox.com

54.240.174.116

200 OK

3.5 kB

URL GET HTTP/2
logo.clearbit.com/inbox.com
IP
54.240.174.116:443
ASN
#16509 AMAZON-02

Requested by
https://elderly-natural-sing.glitch.me/#mike@elevatededucation.com
Certificate
IssuerAmazon
Subjectclearbit.com
FingerprintCE:16:94:BB:21:1F:D1:5C:C5:B1:B0:D0:51:6C:C5:26:30:0D:59:72
ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT

File type
PNG image data, 128 x 34, 8-bit/color RGBA, non-interlaced
Size
3.5 kB (3487 bytes)
Hash
a4f2c54a52c942c8431fe192e201c65a
e7f8a33204cc5d41ad9d2ee4dafb96026acb2a44
d6a9a5e080fcfdf1a944b08718ad594b0af0e47b710fc99080cbdafca8e8f39e

HTTP Headers

GET /inbox.com HTTP/1.1
Host: logo.clearbit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://elderly-natural-sing.glitch.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
date: Wed, 26 Jun 2024 04:30:17 GMT
x-envoy-response-flags: -
server: Clearbit
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Km3waOMScBzJNSjev2zsgboLh7v_1Ctz3uMxlkINsUmWLcSwVyN3yw==
age: 1236604
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v6.5.2/css/free.min.css?token=f6136e9b49

172.67.139.119

200 OK

104 kB

URL GET HTTP/2
ka-f.fontawesome.com/releases/v6.5.2/css/free.min.css?token=f6136e9b49
IP
172.67.139.119:443
ASN
#13335 CLOUDFLARENET

Requested by
https://elderly-natural-sing.glitch.me/#mike@elevatededucation.com
Certificate
IssuerGoogle Trust Services
Subjectka-f.fontawesome.com
Fingerprint6D:72:F5:B4:68:5B:A6:B0:2B:E9:FE:83:27:B3:F4:90:E8:F3:E9:0A
ValidityMon, 01 Jul 2024 12:54:00 GMT - Sun, 29 Sep 2024 12:53:59 GMT

File type
ASCII text, with very long lines (65321)
Size
104 kB (103541 bytes)
Hash
7f29cd8c97789aa298af8c61623ca28b
af8109e0e5c8bb2c1c3ab44ba7b5d25900ca454a
3e9c73fa687cd4110688668977a7caa87f5a1dee0d11f03687bd4871deedf1c1

HTTP Headers

GET /releases/v6.5.2/css/free.min.css?token=f6136e9b49 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://elderly-natural-sing.glitch.me/
Origin: https://elderly-natural-sing.glitch.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 10 Jul 2024 12:00:22 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 02 Apr 2024 15:26:25 GMT
etag: W/"7f29cd8c97789aa298af8c61623ca28b"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: uEJJ4xDHAKAgJwmnU34oEpMEEED4ZslguxT9WTk6WPzjS4pqZRw59A==
age: 60536
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=djLqDrC4h4A8SOhXzhENvYKm3Mf4Tizb5llJgOiNcKKOejXWZJ2YvSwWKa41x87o%2BQJ%2BoG2Kp7wLcn8cIg6C2GHTn0OChPPDvw70eH5o2VP0MYlmenBs3mqWbXm1eLjTfgwKTNUx3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8a10649ebadc569f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

HTTP Transactions (24)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size