Report - internet-security-alert-q-app-ye9oo.ondigitalocean.app/

Report Overview

Visited public
2023-09-03 02:16:32
Tags
fake_software fraud
Submit Tags
URL
internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Finishing URL
internet-security-alert-q-app-ye9oo.ondigitalocean.app/
IP / ASN
104.17.241.31
#13335 CLOUDFLARENET
Title
Security Center Code0x268d3 Ch0#07frt97 Services
Fraud - Fake AntiVirus / Security software

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-09-02 06:14:37	958 B	145 kB	142.250.74.168
ocsp.sectigo.com	487	2018-08-16	2019-11-29 12:50:24	2023-09-02 06:47:45	330 B	963 B	104.18.15.101
api.ipify.org	3267	2014-01-05	2014-10-06 14:38:43	2023-09-02 12:09:57	552 B	219 B	173.231.16.76
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18 02:37:31	2023-09-02 05:09:14	1.1 kB	96 kB	104.18.11.207
internet-security-alert-q-app-ye9oo.ondigitalocean.app	unknown	2020-06-01	2023-09-02 00:01:18	2023-09-03 04:16:08	10 kB	972 kB	104.18.118.88
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2023-09-02 05:09:14	950 B	33 kB	104.17.25.14
cdn.jsdelivr.net	439	2012-05-16	2012-09-30 02:15:09	2023-09-02 05:11:05	1.1 kB	51 kB	151.101.193.229
ocsp.pki.goog	175	2016-06-13	2018-07-01 08:43:07	2023-09-02 05:09:14	666 B	1.4 kB	142.250.74.131

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-09-03 02:16:03	low	Client IP	Internal IP	ET INFO External IP Lookup Domain (ipify .org) in DNS Lookup
2023-09-03 02:16:03	low	Client IP	Internal IP	ET INFO External IP Lookup Domain (ipify .org) in DNS Lookup
2023-09-03 02:16:03	low	Client IP	Internal IP	ET INFO External IP Lookup Domain (ipify .org) in DNS Lookup
2023-09-03 02:16:03	low	Client IP	173.231.16.76	ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-09-02	medium	internet-security-alert-q-app-ye9oo.ondigitalocean.app/	Office365
2023-09-02	medium	internet-security-alert-q-app-ye9oo.ondigitalocean.app/	Office365
2023-09-02	medium	internet-security-alert-q-app-ye9oo.ondigitalocean.app/	Office365
2023-09-02	medium	internet-security-alert-q-app-ye9oo.ondigitalocean.app/	Office365
2023-09-02	medium	internet-security-alert-q-app-ye9oo.ondigitalocean.app/	Office365
2023-09-02	medium	internet-security-alert-q-app-ye9oo.ondigitalocean.app/	Office365
2023-09-02	medium	internet-security-alert-q-app-ye9oo.ondigitalocean.app/	Office365
2023-09-02	medium	internet-security-alert-q-app-ye9oo.ondigitalocean.app/	Office365
2023-09-02	medium	internet-security-alert-q-app-ye9oo.ondigitalocean.app/	Office365
2023-09-02	medium	internet-security-alert-q-app-ye9oo.ondigitalocean.app/	Office365
2023-09-02	medium	internet-security-alert-q-app-ye9oo.ondigitalocean.app/	Office365
2023-09-02	medium	internet-security-alert-q-app-ye9oo.ondigitalocean.app/	Office365
2023-09-02	medium	internet-security-alert-q-app-ye9oo.ondigitalocean.app/	Office365
2023-09-02	medium	internet-security-alert-q-app-ye9oo.ondigitalocean.app/	Office365
2023-09-02	medium	internet-security-alert-q-app-ye9oo.ondigitalocean.app/	Office365
2023-09-02	medium	internet-security-alert-q-app-ye9oo.ondigitalocean.app/	Office365
2023-09-02	medium	internet-security-alert-q-app-ye9oo.ondigitalocean.app/	Office365
2023-09-02	medium	internet-security-alert-q-app-ye9oo.ondigitalocean.app/	Office365
2023-09-02	medium	internet-security-alert-q-app-ye9oo.ondigitalocean.app/	Office365
2023-09-02	medium	internet-security-alert-q-app-ye9oo.ondigitalocean.app/	Office365

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (26)

	URL	From	Size	First Seen	Last Seen
	internet-security-alert-q-app-ye9oo.ondigitalocean.app/	ScriptElement	947 B	2023-03-07	2025-05-16
Pretty URL internet-security-alert-q-app-ye9oo.ondigitalocean.app/ IP 104.18.118.88 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-05-16 13:51 Times Seen944 Hash bdef85124f57f822d19cfa00f81b963b a3340b3288e6c3544fd013ed4a664b85f53d88d2 26f081811536ae9cf31db110acd4a319f399de9bad0e354ce20299685b3561cf Loading...

	internet-security-alert-q-app-ye9oo.ondigitalocean.app/	ScriptElement	692 B	2023-03-13	2025-02-03
Pretty URL internet-security-alert-q-app-ye9oo.ondigitalocean.app/ IP 104.18.118.88 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 20:50 Last Seen2025-02-03 17:21 Times Seen129 Hash d8df27a4e40f3ddcad8a360550bb07af 3bab8356a0b6623fab94a84139621a13fc36d436 73d421a18c011fa3bd22c13488fb8026de50e9d15d15486ba8d70341a79d4900 Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-06-30
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-06-30 06:18 Times Seen378573 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	internet-security-alert-q-app-ye9oo.ondigitalocean.app/main.js	ScriptElement	1.3 kB	2023-03-07	2025-05-16
Pretty URL internet-security-alert-q-app-ye9oo.ondigitalocean.app/main.js IP 104.18.118.88 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14 Last Seen2025-05-16 13:51 Times Seen186 Hash feee4ae71d078d42a5da82ab704f2238 79b33b7b11bb68db03ebbb2f0fbe4bfda5566c8c 8d5d7f0a7361ea45135e12c3f9b4a9249abd119d0df47d83c765c2389410c389 Loading...

	internet-security-alert-q-app-ye9oo.ondigitalocean.app/	ScriptElement	560 B	2023-03-07	2025-02-03
Pretty URL internet-security-alert-q-app-ye9oo.ondigitalocean.app/ IP 104.18.118.88 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:15 Last Seen2025-02-03 17:21 Times Seen179 Hash 29e4c323124c308b2afb50e93a1aa186 50e880f5dce53dda8dc0c8cda607c5caf3fb16c2 9b4274b5e7839824b622b14e7bb0fde4611960fabd4c3d16fe1ce9d7738eec52 Loading...

	internet-security-alert-q-app-ye9oo.ondigitalocean.app/light.js	ScriptElement	503 B	2023-03-07	2025-06-30
Pretty URL internet-security-alert-q-app-ye9oo.ondigitalocean.app/light.js IP 104.18.118.88 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-06-30 05:51 Times Seen6195 Hash cd6c33fbc221d0271c910af910e6ebed 9b52f24d6f10b885bb19db1c4b531469f96d2914 318698ae5e67c32550d6b40ac09848d598f6317f51a8f09638ba925f6e7cc479 Loading...

	internet-security-alert-q-app-ye9oo.ondigitalocean.app/	ScriptElement	440 B	2023-03-07	2025-04-10
Pretty URL internet-security-alert-q-app-ye9oo.ondigitalocean.app/ IP 104.18.118.88 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-04-10 12:38 Times Seen603 Hash 00fadc8947f0dbbdeae061e8fd0b1921 d8969451c66ff82ad37e7cc56a9da4d63259df8e b5c7cb0438303e8d088cc38f3a241829f76813cc14e0fcfb2c797a0c62e1ca24 Loading...

	internet-security-alert-q-app-ye9oo.ondigitalocean.app/	ScriptElement	3.9 kB	2023-03-07	2025-05-16
Pretty URL internet-security-alert-q-app-ye9oo.ondigitalocean.app/ IP 104.18.118.88 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-05-16 13:51 Times Seen671 Hash 3139f7d4c337fc7ea46b9a9730008e52 4938996f8712f57facebb2d5ed622a49c0ea95f0 4c66d3873787387414ffa9fe6a26555cfcf4e8dc271f32c8291390d10bc35974 Loading...

	internet-security-alert-q-app-ye9oo.ondigitalocean.app/	ScriptElement	285 B	2023-03-07	2025-02-03
Pretty URL internet-security-alert-q-app-ye9oo.ondigitalocean.app/ IP 104.18.118.88 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:14 Last Seen2025-02-03 17:21 Times Seen463 Hash 72a576f86bc0b4b6d512d56e973439d5 c1aa81af8fc290eb884eea0f62a8cbf1016364a1 539f6d9aa71defa04e3dac1209071a8c8edf9360e5194252cd803a02b28facf2 Loading...

	www.googletagmanager.com/gtag/js?id=G-3EFSNQMCXD&l=dataLayer&cx=c	ScriptElement	216 kB	2023-09-03	2023-09-03
Pretty URL www.googletagmanager.com/gtag/js?id=G-3EFSNQMCXD&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-03 04:16 Last Seen2023-09-03 04:16 Times Seen2 Hash af04c5aa4ba061617cb5deab69f895f2 d2c7920317ad780d35c6653988398bb5a969c49f dd18f425032428c969f992fa889cec9f289c8c9a519c0c46c4757af4ca8bfc71 Loading...

	internet-security-alert-q-app-ye9oo.ondigitalocean.app/	ScriptElement	146 B	2023-03-07	2025-05-16
Pretty URL internet-security-alert-q-app-ye9oo.ondigitalocean.app/ IP 104.18.118.88 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-05-16 13:51 Times Seen968 Hash 01c7c3ae0abdb0272bf7bd209dbb84b2 bf44fb29c253e6790a29c47d3aba9e316a35b8b2 b63a8c8faf6e973bdbe4b87efdaf0bdb4fac88eebd573eba529d75467e4e0a0c Loading...

	cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js	ScriptElement	84 kB	2023-03-07	2025-06-30
Pretty URL cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js IP 151.101.193.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-30 04:47 Times Seen2583 Hash f81d0a1705048649befc8b595e455a94 aec551e4d573463088fca7d14fb644eb389f1839 b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b Loading...

	unknown	EventHandler	19 B	2023-04-10	2025-06-30
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-10 16:23 Last Seen2025-06-30 05:51 Times Seen10355 Hash 57381d43f260aa3b8c47820ca38655a3 8d087b53d91f8e3ff0def7d1d94a6dada72fac79 35b90e4b54b87ed6cd2b439eac195f9eb59e731e17248c95fb1e26e15d61f943 Loading...

	internet-security-alert-q-app-ye9oo.ondigitalocean.app/fullscreen.js	ScriptElement	245 B	2023-03-07	2025-05-16
Pretty URL internet-security-alert-q-app-ye9oo.ondigitalocean.app/fullscreen.js IP 104.18.118.88 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-16 13:51 Times Seen998 Hash 62f519fe72808a3ec681392b7ff47417 2ee16112e35feb9d6d48ae0f4e66187514dec811 43703d37b8fe2769cb2e12db7aa281dbcca175124d05ff4b0cc3d152534698a4 Loading...

	internet-security-alert-q-app-ye9oo.ondigitalocean.app/before.js	ScriptElement	366 B	2023-03-07	2025-05-16
Pretty URL internet-security-alert-q-app-ye9oo.ondigitalocean.app/before.js IP 104.18.118.88 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-16 13:51 Times Seen1024 Hash 87c2dc3aeb373ca8445f7410ef387689 688f4be3cfb8688b4441f382724495a7b82b3f62 31681779c6f394370dad146169896e9ec2b8f7c716c4b1db78c459033e48bf95 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js	ScriptElement	84 kB	2023-03-07	2025-06-30
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14 Last Seen2025-06-30 06:06 Times Seen7116 Hash 7f9fb969ce353c5d77707836391eb28d 62c4042e9ebc691a5372d653b424512a561d1670 2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515 Loading...

	internet-security-alert-q-app-ye9oo.ondigitalocean.app/	ScriptElement	268 B	2023-03-07	2025-05-16
Pretty URL internet-security-alert-q-app-ye9oo.ondigitalocean.app/ IP 104.18.118.88 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-05-16 13:51 Times Seen941 Hash f79dd5e30c3ffc1f47cb576925817390 f1e0088b7aaed01974807ca980dc7310bc73bee2 c091a178652a39bea6ffed82b2517edf4046b3fbf84cf1a754b29861d95af80f Loading...

	internet-security-alert-q-app-ye9oo.ondigitalocean.app/	ScriptElement	755 B	2023-03-07	2025-05-16
Pretty URL internet-security-alert-q-app-ye9oo.ondigitalocean.app/ IP 104.18.118.88 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-05-16 13:51 Times Seen638 Hash 4e2f05b574fedaf91f2512387645cc58 ea0cf59a0337bae5fab7ef33718cb5743475b774 a72cb2c772959b2af05bb5fa7aa8c44fb1c3fb2645180874f6758b761307890a Loading...

	internet-security-alert-q-app-ye9oo.ondigitalocean.app/	ScriptElement	86 B	2023-03-07	2025-05-16
Pretty URL internet-security-alert-q-app-ye9oo.ondigitalocean.app/ IP 104.18.118.88 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-05-16 13:51 Times Seen641 Hash c29ebcb02d59af397a5eec3b649acf42 900496a5912defe85a3a8fcf77bb4526f9bec22c 56bc284830b8a74f516c857972a0b2d2c8d288b29e9871e5df3c7fe421f3ef0d Loading...

	internet-security-alert-q-app-ye9oo.ondigitalocean.app/	ScriptElement	137 B	2023-03-07	2025-04-30
Pretty URL internet-security-alert-q-app-ye9oo.ondigitalocean.app/ IP 104.18.118.88 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:14 Last Seen2025-04-30 14:41 Times Seen541 Hash 50fc2b790c3447a81317ac8e2f9d37a8 690a275ed76f9ab5a56c1318bd97cb616796a37c edbebe1cab5254d6b88e54eef2b62e1eeab3b2cf05b9d6fe99b24996f8744efd Loading...

	internet-security-alert-q-app-ye9oo.ondigitalocean.app/	ScriptElement	132 B	2023-03-07	2025-05-16
Pretty URL internet-security-alert-q-app-ye9oo.ondigitalocean.app/ IP 104.18.118.88 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-05-16 13:51 Times Seen520 Hash 097ad91a9137e5860c2e3597c7edd18f e70d3167dcdb773950b2afa18946651dd9699753 bd64b18546b48624030136387aaa882ec621662537e1f5b21ce1016961350701 Loading...

	internet-security-alert-q-app-ye9oo.ondigitalocean.app/	ScriptElement	80 B	2023-03-11	2025-06-28
Pretty URL internet-security-alert-q-app-ye9oo.ondigitalocean.app/ IP 104.18.118.88 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-11 16:00 Last Seen2025-06-28 13:29 Times Seen643 Hash 098086b1bbf40f10405f153960ab1626 28d36d514b1c8db680c0d43988bc4fb81615a761 958de44636de988c9ab3cba4c3f0d72871a3231f61340b4e16169f0f57f52e94 Loading...

	www.googletagmanager.com/gtag/js?id=UA-77514673-1	ScriptElement	184 kB	2023-09-03	2023-09-03
Pretty URL www.googletagmanager.com/gtag/js?id=UA-77514673-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-03 04:16 Last Seen2023-09-03 04:16 Times Seen1 Hash adc189c4fd55e362c54846c10b7a7395 fddd9cb7414567b763245a4b7d7d46d539a34dae 62add7d8f375a5a9df88e77241f20c41bc897b23f9c565c0569710436e61a97b Loading...

	internet-security-alert-q-app-ye9oo.ondigitalocean.app/	ScriptElement	154 B	2023-03-09	2024-08-21
Pretty URL internet-security-alert-q-app-ye9oo.ondigitalocean.app/ IP 104.18.118.88 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-09 04:53 Last Seen2024-08-21 08:26 Times Seen16 Hash 59e455621c73dd9ecc00854907bbe524 17d6817c514f6136517ace16bec9bd8d66925646 aa2847da3f26819d6b938ce4e3f49a143e1ca4cb9a098c01fdf279361c3919b4 Loading...

	cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js	ScriptElement	11 kB	2023-03-07	2025-06-30
Pretty URL cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-30 02:13 Times Seen2679 Hash 65f1d21d5fcc9d21da758adababd0c3c e0661d07d64c00008bc9d013d16eec0a0f156dc7 d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe Loading...

	internet-security-alert-q-app-ye9oo.ondigitalocean.app/sandbox%20eval%20code		147 B	2023-04-11	2025-06-30
Pretty URL internet-security-alert-q-app-ye9oo.ondigitalocean.app/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-06-30 06:18 Times Seen379126 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

HTTP Transactions (32)

URL IP Response Size

GET internet-security-alert-q-app-ye9oo.ondigitalocean.app/minimize.jpeg

104.18.118.88

200 OK

2.2 kB

URL GET HTTP/2
internet-security-alert-q-app-ye9oo.ondigitalocean.app/minimize.jpeg
IP
104.18.118.88:443
ASN
#13335 CLOUDFLARENET

Requested by
https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Certificate
IssuerCloudflare, Inc.
Subjectondigitalocean.app
FingerprintAA:97:76:9D:D6:B8:8B:AA:A0:3C:B5:7B:DE:76:62:84:C0:19:EC:A0
ValidityTue, 18 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 180x39, components 3\012- data
Size
2.2 kB (2247 bytes)
Hash
1ba392dce74f8987dca48bf65d817c8f
db0b8444c46125105b52f272bd422a7f52da1f72
a05245b6f7fd752af4a7b0131bbdfdf3eaee6c5a25a81cb498e0f0759189473c

Detections

Analyzer	Verdict	Alert
urlquery	fraud	Fraud - Fake AntiVirus / Security software
OpenPhish	phishing	Office365

HTTP Headers

GET /minimize.jpeg HTTP/1.1
Host: internet-security-alert-q-app-ye9oo.ondigitalocean.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Sep 2023 02:16:14 GMT
content-type: image/jpeg
content-length: 2247
cf-bgj: h2pri
cache-control: public,max-age=10,s-maxage=86400
etag: "1ba392dce74f8987dca48bf65d817c8f"
last-modified: Fri, 01 Sep 2023 20:08:29 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: tx00000e05372b18bd3b40b-0064f3cf35-3ae0d08a-sfo3a
x-do-app-origin: f2d94b8c-c2b7-4c7d-b069-571372fce7f7
x-do-orig-status: 200
x-envoy-upstream-healthchecked-cluster: 
x-rgw-object-type: Normal
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 800a7d52982bb509-OSL
X-Firefox-Spdy: h2

GET internet-security-alert-q-app-ye9oo.ondigitalocean.app/setting.png

104.18.118.88

200 OK

364 B

URL GET HTTP/2
internet-security-alert-q-app-ye9oo.ondigitalocean.app/setting.png
IP
104.18.118.88:443
ASN
#13335 CLOUDFLARENET

Requested by
https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Certificate
IssuerCloudflare, Inc.
Subjectondigitalocean.app
FingerprintAA:97:76:9D:D6:B8:8B:AA:A0:3C:B5:7B:DE:76:62:84:C0:19:EC:A0
ValidityTue, 18 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT

File type
PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced\012- data
Size
364 B (364 bytes)
Hash
e144c3378090087c8ce129a30cb6cb4e
59da5466551de941d0215e45c54aa2ceaf436be1
b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a

Detections

Analyzer	Verdict	Alert
urlquery	fraud	Fraud - Fake AntiVirus / Security software
OpenPhish	phishing	Office365

HTTP Headers

GET /setting.png HTTP/1.1
Host: internet-security-alert-q-app-ye9oo.ondigitalocean.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Sep 2023 02:16:14 GMT
content-type: image/png
content-length: 364
last-modified: Fri, 01 Sep 2023 20:08:29 GMT
x-rgw-object-type: Normal
etag: "e144c3378090087c8ce129a30cb6cb4e"
x-amz-request-id: tx0000023e3ff890baba0b6-0064f3cf35-3ae225f4-sfo3a
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-envoy-upstream-healthchecked-cluster: 
cache-control: public,max-age=10,s-maxage=86400
x-do-app-origin: f2d94b8c-c2b7-4c7d-b069-571372fce7f7
x-do-orig-status: 200
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 800a7d529833b509-OSL
X-Firefox-Spdy: h2

GET internet-security-alert-q-app-ye9oo.ondigitalocean.app/bell.png

104.18.118.88

200 OK

1.1 kB

URL GET HTTP/2
internet-security-alert-q-app-ye9oo.ondigitalocean.app/bell.png
IP
104.18.118.88:443
ASN
#13335 CLOUDFLARENET

Requested by
https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Certificate
IssuerCloudflare, Inc.
Subjectondigitalocean.app
FingerprintAA:97:76:9D:D6:B8:8B:AA:A0:3C:B5:7B:DE:76:62:84:C0:19:EC:A0
ValidityTue, 18 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT

File type
PNG image data, 13 x 13, 8-bit/color RGBA, non-interlaced\012- data
Size
1.1 kB (1108 bytes)
Hash
a3555871399f1f67bfacaf437974b03a
b6337de87cd7a75a73cd804774651d14c83fe76a
2e48fef820929c21295e13444901f60e3aed61ba6f8c773ff1466e6843e76b49

Detections

Analyzer	Verdict	Alert
urlquery	fraud	Fraud - Fake AntiVirus / Security software
OpenPhish	phishing	Office365

HTTP Headers

GET /bell.png HTTP/1.1
Host: internet-security-alert-q-app-ye9oo.ondigitalocean.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Sep 2023 02:16:14 GMT
content-type: image/png
content-length: 1108
last-modified: Fri, 01 Sep 2023 20:08:28 GMT
x-rgw-object-type: Normal
etag: "a3555871399f1f67bfacaf437974b03a"
x-amz-request-id: tx0000002a767af6e72c9f4-0064f3cf35-3ae225f4-sfo3a
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-envoy-upstream-healthchecked-cluster: 
cache-control: public,max-age=10,s-maxage=86400
x-do-app-origin: f2d94b8c-c2b7-4c7d-b069-571372fce7f7
x-do-orig-status: 200
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 800a7d529836b509-OSL
X-Firefox-Spdy: h2

GET internet-security-alert-q-app-ye9oo.ondigitalocean.app/pc.png

104.18.118.88

200 OK

4.9 kB

URL GET HTTP/2
internet-security-alert-q-app-ye9oo.ondigitalocean.app/pc.png
IP
104.18.118.88:443
ASN
#13335 CLOUDFLARENET

Requested by
https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Certificate
IssuerCloudflare, Inc.
Subjectondigitalocean.app
FingerprintAA:97:76:9D:D6:B8:8B:AA:A0:3C:B5:7B:DE:76:62:84:C0:19:EC:A0
ValidityTue, 18 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT

File type
PNG image data, 166 x 92, 8-bit/color RGBA, non-interlaced\012- data
Size
4.9 kB (4949 bytes)
Hash
cc5132b56ba46b03dd998aa1fe220106
403e007a0b17d76a9945fa5ec46a9d01733b3040
598699133be5eef63e3b9b5540609ec0dc91d7af9c7f70a3b890e57491a70ae0

Detections

Analyzer	Verdict	Alert
urlquery	fraud	Fraud - Fake AntiVirus / Security software
OpenPhish	phishing	Office365

HTTP Headers

GET /pc.png HTTP/1.1
Host: internet-security-alert-q-app-ye9oo.ondigitalocean.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Sep 2023 02:16:14 GMT
content-type: image/png
content-length: 4949
last-modified: Fri, 01 Sep 2023 20:08:29 GMT
x-rgw-object-type: Normal
etag: "cc5132b56ba46b03dd998aa1fe220106"
x-amz-request-id: tx00000215975df6b2dd4f6-0064f3cf35-3ae225f4-sfo3a
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-envoy-upstream-healthchecked-cluster: 
cache-control: public,max-age=10,s-maxage=86400
x-do-app-origin: f2d94b8c-c2b7-4c7d-b069-571372fce7f7
x-do-orig-status: 200
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 800a7d529837b509-OSL
X-Firefox-Spdy: h2

GET internet-security-alert-q-app-ye9oo.ondigitalocean.app/microsoft.png

104.18.118.88

200 OK

1.0 kB

URL GET HTTP/2
internet-security-alert-q-app-ye9oo.ondigitalocean.app/microsoft.png
IP
104.18.118.88:443
ASN
#13335 CLOUDFLARENET

Requested by
https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Certificate
IssuerCloudflare, Inc.
Subjectondigitalocean.app
FingerprintAA:97:76:9D:D6:B8:8B:AA:A0:3C:B5:7B:DE:76:62:84:C0:19:EC:A0
ValidityTue, 18 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT

File type
PNG image data, 47 x 46, 8-bit/color RGBA, non-interlaced\012- data
Size
1.0 kB (1045 bytes)
Hash
bf2b460590fbb9d8e9611a6e9006b816
561e1dab259d61e798b3ce380527b71b61074ff3
ee4bc5fe81fa7c1e8497d79c9c8a96485df217092d334e9b48fa8840fed11d03

Detections

Analyzer	Verdict	Alert
urlquery	fraud	Fraud - Fake AntiVirus / Security software
OpenPhish	phishing	Office365

HTTP Headers

GET /microsoft.png HTTP/1.1
Host: internet-security-alert-q-app-ye9oo.ondigitalocean.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Sep 2023 02:16:14 GMT
content-type: image/png
content-length: 1045
last-modified: Fri, 01 Sep 2023 20:08:29 GMT
x-rgw-object-type: Normal
etag: "bf2b460590fbb9d8e9611a6e9006b816"
x-amz-request-id: tx000002c8e3f8c2ba3b377-0064f3cf35-3ae225f4-sfo3a
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-envoy-upstream-healthchecked-cluster: 
cache-control: public,max-age=10,s-maxage=86400
x-do-app-origin: f2d94b8c-c2b7-4c7d-b069-571372fce7f7
x-do-orig-status: 200
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 800a7d529832b509-OSL
X-Firefox-Spdy: h2

GET internet-security-alert-q-app-ye9oo.ondigitalocean.app/que.png

104.18.118.88

200 OK

349 B

URL GET HTTP/2
internet-security-alert-q-app-ye9oo.ondigitalocean.app/que.png
IP
104.18.118.88:443
ASN
#13335 CLOUDFLARENET

Requested by
https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Certificate
IssuerCloudflare, Inc.
Subjectondigitalocean.app
FingerprintAA:97:76:9D:D6:B8:8B:AA:A0:3C:B5:7B:DE:76:62:84:C0:19:EC:A0
ValidityTue, 18 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT

File type
PNG image data, 13 x 13, 8-bit/color RGB, non-interlaced\012- data
Size
349 B (349 bytes)
Hash
7454c652e0733d92de6c920c2d646ae0
34a5bd8c7401f95e346895b0e5ccffbf0e9ad638
44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7

Detections

Analyzer	Verdict	Alert
urlquery	fraud	Fraud - Fake AntiVirus / Security software
OpenPhish	phishing	Office365

HTTP Headers

GET /que.png HTTP/1.1
Host: internet-security-alert-q-app-ye9oo.ondigitalocean.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Sep 2023 02:16:14 GMT
content-type: image/png
content-length: 349
last-modified: Fri, 01 Sep 2023 20:08:29 GMT
x-rgw-object-type: Normal
etag: "7454c652e0733d92de6c920c2d646ae0"
x-amz-request-id: tx000003f9c5befe63f27eb-0064f3cf35-3ae225f4-sfo3a
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-envoy-upstream-healthchecked-cluster: 
cache-control: public,max-age=10,s-maxage=86400
x-do-app-origin: f2d94b8c-c2b7-4c7d-b069-571372fce7f7
x-do-orig-status: 200
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 800a7d529834b509-OSL
X-Firefox-Spdy: h2

GET internet-security-alert-q-app-ye9oo.ondigitalocean.app/def.png

104.18.118.88

200 OK

3.8 kB

URL GET HTTP/2
internet-security-alert-q-app-ye9oo.ondigitalocean.app/def.png
IP
104.18.118.88:443
ASN
#13335 CLOUDFLARENET

Requested by
https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Certificate
IssuerCloudflare, Inc.
Subjectondigitalocean.app
FingerprintAA:97:76:9D:D6:B8:8B:AA:A0:3C:B5:7B:DE:76:62:84:C0:19:EC:A0
ValidityTue, 18 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
3.8 kB (3834 bytes)
Hash
77a2ffc5545f87551d74781201de9b3b
c9c3798afd2ae95aa3bba3c428335d49c8255b06
316e6a6737bd296ab30aca2ef7fa36f119d15786a2432d01e31fdc130272f15c

Detections

Analyzer	Verdict	Alert
urlquery	fraud	Fraud - Fake AntiVirus / Security software
OpenPhish	phishing	Office365

HTTP Headers

GET /def.png HTTP/1.1
Host: internet-security-alert-q-app-ye9oo.ondigitalocean.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Sep 2023 02:16:14 GMT
content-type: image/png
content-length: 3834
last-modified: Fri, 01 Sep 2023 20:08:28 GMT
x-rgw-object-type: Normal
etag: "77a2ffc5545f87551d74781201de9b3b"
x-amz-request-id: tx00000fdfde13155a34379-0064f3cf35-3ae0d08a-sfo3a
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-envoy-upstream-healthchecked-cluster: 
cache-control: public,max-age=10,s-maxage=86400
x-do-app-origin: f2d94b8c-c2b7-4c7d-b069-571372fce7f7
x-do-orig-status: 200
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 800a7d52a838b509-OSL
X-Firefox-Spdy: h2

GET cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js

104.17.25.14

200 OK

27 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (32180)
Size
27 kB (26660 bytes)
Hash
7f9fb969ce353c5d77707836391eb28d
62c4042e9ebc691a5372d653b424512a561d1670
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515

HTTP Headers

GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Sep 2023 02:16:14 GMT
content-type: application/javascript; charset=utf-8
content-length: 26660
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-14983"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 12374698
expires: Fri, 23 Aug 2024 02:16:14 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=orc6p%2Bthv1LwgFsYwrR0dBFUl3ZmyCZQ9mOcq1C2DTtg3SD1GTUEANI5bD0lVeGWsExOebledOIhQuHGYzwf8vi%2BpLdcpd%2BpbQHxkhi%2FmfyHPTM%2BpQEUOlPRc3cwf%2FjOKRmMVn3A"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 800a7d52cba65695-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET internet-security-alert-q-app-ye9oo.ondigitalocean.app/virus-scan.png

104.18.118.88

200 OK

26 kB

URL GET HTTP/2
internet-security-alert-q-app-ye9oo.ondigitalocean.app/virus-scan.png
IP
104.18.118.88:443
ASN
#13335 CLOUDFLARENET

Requested by
https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Certificate
IssuerCloudflare, Inc.
Subjectondigitalocean.app
FingerprintAA:97:76:9D:D6:B8:8B:AA:A0:3C:B5:7B:DE:76:62:84:C0:19:EC:A0
ValidityTue, 18 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size
26 kB (25871 bytes)
Hash
2c497dfff84bd8c5af9254c9d6278ce1
667e72e7ba6f00a54629e28133317022d4b59af6
b2dc4153ee7019c70a1095d5d1304d540e3bba045d99e141f63e5b13362e5a4e

Detections

Analyzer	Verdict	Alert
urlquery	fraud	Fraud - Fake AntiVirus / Security software
OpenPhish	phishing	Office365

HTTP Headers

GET /virus-scan.png HTTP/1.1
Host: internet-security-alert-q-app-ye9oo.ondigitalocean.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Sep 2023 02:16:14 GMT
content-type: image/png
content-length: 25871
last-modified: Fri, 01 Sep 2023 20:08:29 GMT
x-rgw-object-type: Normal
etag: "2c497dfff84bd8c5af9254c9d6278ce1"
x-amz-request-id: tx0000075f5860b3c926310-0064f3cf35-3ae0d08a-sfo3a
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-envoy-upstream-healthchecked-cluster: 
cache-control: public,max-age=10,s-maxage=86400
x-do-app-origin: f2d94b8c-c2b7-4c7d-b069-571372fce7f7
x-do-orig-status: 200
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 800a7d529835b509-OSL
X-Firefox-Spdy: h2

GET internet-security-alert-q-app-ye9oo.ondigitalocean.app/cross.png

104.18.118.88

200 OK

44 kB

URL GET HTTP/2
internet-security-alert-q-app-ye9oo.ondigitalocean.app/cross.png
IP
104.18.118.88:443
ASN
#13335 CLOUDFLARENET

Requested by
https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Certificate
IssuerCloudflare, Inc.
Subjectondigitalocean.app
FingerprintAA:97:76:9D:D6:B8:8B:AA:A0:3C:B5:7B:DE:76:62:84:C0:19:EC:A0
ValidityTue, 18 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT

File type
PNG image data, 2080 x 2080, 8-bit/color RGBA, non-interlaced\012- data
Size
44 kB (44098 bytes)
Hash
4487a588bf2a07e3d1936d705c5ceefd
db193b3e2ab9fbee6eae99ced2366b1ef5f16971
3821ef20f5904fdb993e34d87ff8fb9c5786a382efb0eeee8b4f00c91428b701

Detections

Analyzer	Verdict	Alert
urlquery	fraud	Fraud - Fake AntiVirus / Security software
OpenPhish	phishing	Office365

HTTP Headers

GET /cross.png HTTP/1.1
Host: internet-security-alert-q-app-ye9oo.ondigitalocean.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Sep 2023 02:16:14 GMT
content-type: image/png
content-length: 44098
last-modified: Fri, 01 Sep 2023 20:08:28 GMT
x-rgw-object-type: Normal
etag: "4487a588bf2a07e3d1936d705c5ceefd"
x-amz-request-id: tx000000ef73c8ed774ff56-0064f3cf35-3ae0d08a-sfo3a
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-envoy-upstream-healthchecked-cluster: 
cache-control: public,max-age=10,s-maxage=86400
x-do-app-origin: f2d94b8c-c2b7-4c7d-b069-571372fce7f7
x-do-orig-status: 200
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 800a7d52a839b509-OSL
X-Firefox-Spdy: h2

GET internet-security-alert-q-app-ye9oo.ondigitalocean.app/virus-images.jpeg

104.18.118.88

200 OK

8.2 kB

URL GET HTTP/2
internet-security-alert-q-app-ye9oo.ondigitalocean.app/virus-images.jpeg
IP
104.18.118.88:443
ASN
#13335 CLOUDFLARENET

Requested by
https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Certificate
IssuerCloudflare, Inc.
Subjectondigitalocean.app
FingerprintAA:97:76:9D:D6:B8:8B:AA:A0:3C:B5:7B:DE:76:62:84:C0:19:EC:A0
ValidityTue, 18 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 254x71, components 3\012- data
Size
8.2 kB (8196 bytes)
Hash
5fc559a242f0ea0a023f10830887d2af
9d744c2f3a6bf5b715496350c8de7124cdd7ddc8
3b531d403dc8ce7cbb0efb1a0c307cfb2bbaaf21feaff9f3546f13bebda71887

Detections

Analyzer	Verdict	Alert
urlquery	fraud	Fraud - Fake AntiVirus / Security software
OpenPhish	phishing	Office365

HTTP Headers

GET /virus-images.jpeg HTTP/1.1
Host: internet-security-alert-q-app-ye9oo.ondigitalocean.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Sep 2023 02:16:14 GMT
content-type: image/jpeg
content-length: 8196
cf-bgj: h2pri
cache-control: public,max-age=10,s-maxage=86400
etag: "5fc559a242f0ea0a023f10830887d2af"
last-modified: Fri, 01 Sep 2023 20:08:29 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: tx00000b649b960eb2f0135-0064f3cf35-3ae0d08a-sfo3a
x-do-app-origin: f2d94b8c-c2b7-4c7d-b069-571372fce7f7
x-do-orig-status: 200
x-envoy-upstream-healthchecked-cluster: 
x-rgw-object-type: Normal
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 800a7d52a83ab509-OSL
X-Firefox-Spdy: h2

GET internet-security-alert-q-app-ye9oo.ondigitalocean.app/background.png

104.18.118.88

200 OK

606 kB

URL GET HTTP/2
internet-security-alert-q-app-ye9oo.ondigitalocean.app/background.png
IP
104.18.118.88:443
ASN
#13335 CLOUDFLARENET

Requested by
https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Certificate
IssuerCloudflare, Inc.
Subjectondigitalocean.app
FingerprintAA:97:76:9D:D6:B8:8B:AA:A0:3C:B5:7B:DE:76:62:84:C0:19:EC:A0
ValidityTue, 18 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT

File type
PNG image data, 1920 x 1080, 8-bit/color RGB, non-interlaced\012- data
Size
606 kB (605621 bytes)
Hash
b5e4f6810697e4324b909bc88945473f
78388667f9b3b7a50bbdc4d07c5ab06c22b53c29
1b3c01ab939e1b2429802fdd7350780229c73c72d57a2846e6b00afdc1108d7b

Detections

Analyzer	Verdict	Alert
urlquery	fraud	Fraud - Fake AntiVirus / Security software
OpenPhish	phishing	Office365

HTTP Headers

GET /background.png HTTP/1.1
Host: internet-security-alert-q-app-ye9oo.ondigitalocean.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 03 Sep 2023 02:16:14 GMT
content-type: image/png
content-length: 605621
last-modified: Fri, 01 Sep 2023 20:08:28 GMT
x-rgw-object-type: Normal
etag: "b5e4f6810697e4324b909bc88945473f"
x-amz-request-id: tx00000b3727a027389517a-0064f3cf35-3ae0d08a-sfo3a
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-envoy-upstream-healthchecked-cluster: 
cache-control: public,max-age=10,s-maxage=86400
x-do-app-origin: f2d94b8c-c2b7-4c7d-b069-571372fce7f7
x-do-orig-status: 200
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 800a7d529828b509-OSL
X-Firefox-Spdy: h2

GET cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js

104.17.25.14

200 OK

4.0 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (11084), with no line terminators
Size
4.0 kB (3980 bytes)
Hash
65f1d21d5fcc9d21da758adababd0c3c
e0661d07d64c00008bc9d013d16eec0a0f156dc7
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe

HTTP Headers

GET /ajax/libs/modernizr/2.8.3/modernizr.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Sep 2023 02:16:14 GMT
content-type: application/javascript; charset=utf-8
content-length: 3980
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03f26-2b4c"
last-modified: Mon, 04 May 2020 16:13:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 6251404
expires: Fri, 23 Aug 2024 02:16:14 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RViEClCglgz9AnsqjWXtjY4ZEu5cEBohEYPUCctOoibgZbkQF5f%2B51XAWdK7T5ypEpX8hH1%2BGMPLBgCPXEBkFFavbYXWKbXky%2B7O8KM2d9bUR8WhURKDl4f6cFbfaKOUKjVRapSx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 800a7d533bc25695-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css

151.101.193.229

200 OK

26 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F
ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT

File type
ASCII text, with very long lines (65326)
Size
26 kB (26291 bytes)
Hash
d432e4222814b62dd30c9513dcc29440
2cac4afc120983921411296bd4e8fd8a94ba237e
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601

HTTP Headers

GET /npm/bootstrap@4.6.0/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://internet-security-alert-q-app-ye9oo.ondigitalocean.app
DNT: 1
Connection: keep-alive
Referer: https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.6.0
x-jsd-version-type: version
etag: W/"27681-LKxK/BIJg5IUESlr1Oj9ipS6I34"
content-encoding: br
accept-ranges: bytes
date: Sun, 03 Sep 2023 02:16:14 GMT
age: 14667070
x-served-by: cache-fra-eddf8230111-FRA, cache-bma1638-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26291
X-Firefox-Spdy: h2

GET cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js

151.101.193.229

200 OK

23 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F
ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT

File type
ASCII text, with very long lines (65299)
Size
23 kB (23377 bytes)
Hash
f81d0a1705048649befc8b595e455a94
aec551e4d573463088fca7d14fb644eb389f1839
b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b

HTTP Headers

GET /npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://internet-security-alert-q-app-ye9oo.ondigitalocean.app
DNT: 1
Connection: keep-alive
Referer: https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.6.0
x-jsd-version-type: version
etag: W/"1499a-rsVR5NVzRjCI/KfRT7ZE6zifGDk"
content-encoding: br
accept-ranges: bytes
date: Sun, 03 Sep 2023 02:16:14 GMT
age: 14822190
x-served-by: cache-fra-eddf8230133-FRA, cache-bma1638-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23377
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
35c32a61c03d768b5fcad7d7590a5201
90faf66380caf7a72f33317be1d97646fbe11027
f3a1fdb8658adda1117027032f78788cffa760feef9e9a345fd4c4a140dee2dd

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 03 Sep 2023 02:16:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET www.googletagmanager.com/gtag/js?id=UA-77514673-1

142.250.74.168

200 OK

67 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-77514673-1
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint4E:35:EC:AC:A4:3A:09:F9:F3:9A:26:43:94:A7:BA:2C:01:54:DA:12
ValidityMon, 07 Aug 2023 12:16:40 GMT - Mon, 30 Oct 2023 12:16:39 GMT

File type
ASCII text, with very long lines (4179)
Size
67 kB (66737 bytes)
Hash
adc189c4fd55e362c54846c10b7a7395
fddd9cb7414567b763245a4b7d7d46d539a34dae
62add7d8f375a5a9df88e77241f20c41bc897b23f9c565c0569710436e61a97b

HTTP Headers

GET /gtag/js?id=UA-77514673-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 03 Sep 2023 02:16:14 GMT
expires: Sun, 03 Sep 2023 02:16:14 GMT
cache-control: private, max-age=900
last-modified: Sun, 03 Sep 2023 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 66737
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
35c32a61c03d768b5fcad7d7590a5201
90faf66380caf7a72f33317be1d97646fbe11027
f3a1fdb8658adda1117027032f78788cffa760feef9e9a345fd4c4a140dee2dd

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 03 Sep 2023 02:16:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET internet-security-alert-q-app-ye9oo.ondigitalocean.app/0wa0rni0ng0.mp3

104.18.118.88

206 Partial Content

8.4 kB

URL GET HTTP/2
internet-security-alert-q-app-ye9oo.ondigitalocean.app/0wa0rni0ng0.mp3
IP
104.18.118.88:443
ASN
#13335 CLOUDFLARENET

Requested by
https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Certificate
IssuerCloudflare, Inc.
Subjectondigitalocean.app
FingerprintAA:97:76:9D:D6:B8:8B:AA:A0:3C:B5:7B:DE:76:62:84:C0:19:EC:A0
ValidityTue, 18 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT

File type
Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 56 kbps, 44.1 kHz, Monaural\012- data
Size
8.4 kB (8405 bytes)
Hash
8618fbb0911e3b8fc96725dee8bfd81f
1bbcb78922946d0cf18fbf3a9e092e36453eb767
0589be7715d2320e559eae6bd26f3528e97450c70293da2e1e8ce45f77f99ab1

Detections

Analyzer	Verdict	Alert
urlquery	fraud	Fraud - Fake AntiVirus / Security software
OpenPhish	phishing	Office365

HTTP Headers

GET /0wa0rni0ng0.mp3 HTTP/1.1
Host: internet-security-alert-q-app-ye9oo.ondigitalocean.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 206 Partial Content
date: Sun, 03 Sep 2023 02:16:15 GMT
content-type: audio/mpeg
content-length: 8405
last-modified: Fri, 01 Sep 2023 20:08:27 GMT
x-rgw-object-type: Normal
etag: "8618fbb0911e3b8fc96725dee8bfd81f"
x-amz-request-id: tx000006a06aa6f8f2607ba-0064f3cf36-3ae225f4-sfo3a
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-envoy-upstream-healthchecked-cluster: 
cache-control: public,max-age=10,s-maxage=86400
x-do-app-origin: f2d94b8c-c2b7-4c7d-b069-571372fce7f7
x-do-orig-status: 200
cf-cache-status: HIT
content-range: bytes 0-8404/8405
server: cloudflare
cf-ray: 800a7d563909b509-OSL
X-Firefox-Spdy: h2

GET internet-security-alert-q-app-ye9oo.ondigitalocean.app/wa0lDErtm0s.mp3

104.18.118.88

206 Partial Content

201 kB

URL GET HTTP/2
internet-security-alert-q-app-ye9oo.ondigitalocean.app/wa0lDErtm0s.mp3
IP
104.18.118.88:443
ASN
#13335 CLOUDFLARENET

Requested by
https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Certificate
IssuerCloudflare, Inc.
Subjectondigitalocean.app
FingerprintAA:97:76:9D:D6:B8:8B:AA:A0:3C:B5:7B:DE:76:62:84:C0:19:EC:A0
ValidityTue, 18 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT

File type
Audio file with ID3 version 2.3.0, contains:\012- MPEG ADTS, layer III, v2, 64 kbps, 22.05 kHz, Monaural\012- data
Size
201 kB (200832 bytes)
Hash
0116152611dd51432e852781f8cc7e82
2408d3d281b25649894f78a4e19f7f8a8ac735f9
fc59bbb18f923747b9cd3f3b23537ff09c5ad2fdfc1505a4800a3f269a234e65

Detections

Analyzer	Verdict	Alert
urlquery	fraud	Fraud - Fake AntiVirus / Security software
OpenPhish	phishing	Office365

HTTP Headers

GET /wa0lDErtm0s.mp3 HTTP/1.1
Host: internet-security-alert-q-app-ye9oo.ondigitalocean.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 206 Partial Content
date: Sun, 03 Sep 2023 02:16:15 GMT
content-type: audio/mpeg
content-length: 200832
last-modified: Fri, 01 Sep 2023 20:08:29 GMT
x-rgw-object-type: Normal
etag: "0116152611dd51432e852781f8cc7e82"
x-amz-request-id: tx00000eb25d7ac565160b3-0064f3cf36-3ae225f4-sfo3a
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-envoy-upstream-healthchecked-cluster: 
cache-control: public,max-age=10,s-maxage=86400
x-do-app-origin: f2d94b8c-c2b7-4c7d-b069-571372fce7f7
x-do-orig-status: 200
cf-cache-status: HIT
content-range: bytes 0-200831/200832
server: cloudflare
cf-ray: 800a7d56490eb509-OSL
X-Firefox-Spdy: h2

GET www.googletagmanager.com/gtag/js?id=G-3EFSNQMCXD&l=dataLayer&cx=c

142.250.74.168

200 OK

77 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-3EFSNQMCXD&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint4E:35:EC:AC:A4:3A:09:F9:F3:9A:26:43:94:A7:BA:2C:01:54:DA:12
ValidityMon, 07 Aug 2023 12:16:40 GMT - Mon, 30 Oct 2023 12:16:39 GMT

File type
ASCII text, with very long lines (4179)
Size
77 kB (77370 bytes)
Hash
af04c5aa4ba061617cb5deab69f895f2
d2c7920317ad780d35c6653988398bb5a969c49f
dd18f425032428c969f992fa889cec9f289c8c9a519c0c46c4757af4ca8bfc71

HTTP Headers

GET /gtag/js?id=G-3EFSNQMCXD&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 03 Sep 2023 02:16:15 GMT
expires: Sun, 03 Sep 2023 02:16:15 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77370
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ocsp.sectigo.com/

104.18.15.101

471 B

URL
ocsp.sectigo.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
516489c22304743ebbcf11cbde61a5db
866f7fbf035674069fa8b694aca0e114ef6cb7b8
bdf6a156de96abd9351a00e8b492bbc1090ec873f0690faab9621e11d41ba6c0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 03 Sep 2023 02:16:15 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 03 Sep 2023 00:03:53 GMT
Expires: Sun, 10 Sep 2023 00:03:52 GMT
Etag: "866f7fbf035674069fa8b694aca0e114ef6cb7b8"
Cache-Control: max-age=597989,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 800a7d576afeb50f-OSL

GET api.ipify.org/?format=json

173.231.16.76

200 OK

21 B

URL GET HTTP/1.1
api.ipify.org/?format=json
IP
173.231.16.76:443
ASN
#18450 WEBNX

Requested by
https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Certificate
IssuerSectigo Limited
Subject*.ipify.org
FingerprintF4:76:2D:2C:65:D1:15:BE:19:A4:C5:E0:8D:EB:89:1A:B6:75:4A:54
ValidityTue, 07 Feb 2023 00:00:00 GMT - Sun, 18 Feb 2024 23:59:59 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
21 B (21 bytes)
Hash
7d69c71af0f191e9a72db6153f8018d1
f67c5f2887bc05654b47f76e9621e53a4091aed1
5bac6e06cf0e1ad38c55f9f9d12122272bf4b8157877629fe68cd33fe2133c65

HTTP Headers

GET /?format=json HTTP/1.1
Host: api.ipify.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://internet-security-alert-q-app-ye9oo.ondigitalocean.app
DNT: 1
Connection: keep-alive
Referer: https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.1
Date: Sun, 03 Sep 2023 02:16:15 GMT
Content-Type: application/json
Content-Length: 21
Connection: keep-alive
Access-Control-Allow-Origin: *
Vary: Origin

GET maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0

104.18.11.207

200 OK

67 kB

URL GET HTTP/3
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 66624, version 4.262\012- data
Size
67 kB (66624 bytes)
Hash
db812d8a70a4e88e888744c1c9a27e89
638c652d623280a58144f93e7b552c66d1667a11
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

HTTP Headers

GET /font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://internet-security-alert-q-app-ye9oo.ondigitalocean.app
DNT: 1
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 03 Sep 2023 02:16:17 GMT
content-type: font/woff2
content-length: 66624
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "db812d8a70a4e88e888744c1c9a27e89"
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 08/15/2022 13:52:58
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: f753d205b68c0352de9553d555fa41fc
cdn-cache: HIT
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 800a7d65e8ce56c1-OSL
alt-svc: h3=":443"; ma=86400

GET internet-security-alert-q-app-ye9oo.ondigitalocean.app/main.css

104.18.118.88

200 OK

12 kB

URL GET HTTP/2
internet-security-alert-q-app-ye9oo.ondigitalocean.app/main.css
IP
104.18.118.88:443
ASN
#13335 CLOUDFLARENET

Requested by
https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Certificate
IssuerCloudflare, Inc.
Subjectondigitalocean.app
FingerprintAA:97:76:9D:D6:B8:8B:AA:A0:3C:B5:7B:DE:76:62:84:C0:19:EC:A0
ValidityTue, 18 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
12 kB (12097 bytes)
Hash
31fa8c40f6852c6f77676a241dd9d26e
12160e92eebf846280bdd483f2cd8630eecdf5fb
733b181fd322493d5a99f4d05e17fc4b1b29e8e0dea3a226c8498f38587b3640

Detections

Analyzer	Verdict	Alert
urlquery	fraud	Fraud - Fake AntiVirus / Security software
OpenPhish	phishing	Office365

HTTP Headers

GET /main.css HTTP/1.1
Host: internet-security-alert-q-app-ye9oo.ondigitalocean.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Sep 2023 02:16:14 GMT
content-type: text/css; charset=utf-8
last-modified: Fri, 01 Sep 2023 20:08:29 GMT
x-rgw-object-type: Normal
etag: W/"31fa8c40f6852c6f77676a241dd9d26e"
x-amz-request-id: tx00000017eced2527d81e2-0064f3cf34-3ae0d08a-sfo3a
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-envoy-upstream-healthchecked-cluster: 
cache-control: public,max-age=10,s-maxage=86400
x-do-app-origin: f2d94b8c-c2b7-4c7d-b069-571372fce7f7
x-do-orig-status: 200
cf-cache-status: HIT
server: cloudflare
cf-ray: 800a7d529825b509-OSL
content-encoding: br
X-Firefox-Spdy: h2

GET internet-security-alert-q-app-ye9oo.ondigitalocean.app/fullscreen.js

104.18.118.88

200 OK

245 B

URL GET HTTP/2
internet-security-alert-q-app-ye9oo.ondigitalocean.app/fullscreen.js
IP
104.18.118.88:443
ASN
#13335 CLOUDFLARENET

Requested by
https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Certificate
IssuerCloudflare, Inc.
Subjectondigitalocean.app
FingerprintAA:97:76:9D:D6:B8:8B:AA:A0:3C:B5:7B:DE:76:62:84:C0:19:EC:A0
ValidityTue, 18 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
245 B (245 bytes)
Hash
e70e5bc6acccc111d1016ccb1de66c20
b75154dabdb11f3c546fe085efdd740a8b88ea90
c8988f92f8e1a825f5f34ed45ca542b25eab1b845c5a0f459dff5045a4ee486e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /fullscreen.js HTTP/1.1
Host: internet-security-alert-q-app-ye9oo.ondigitalocean.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Sep 2023 02:16:14 GMT
content-type: text/javascript; charset=utf-8
last-modified: Fri, 01 Sep 2023 20:08:28 GMT
x-rgw-object-type: Normal
etag: W/"62f519fe72808a3ec681392b7ff47417"
x-amz-request-id: tx0000017bbe55b02ae374c-0064f3cf35-3ae0d08a-sfo3a
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-envoy-upstream-healthchecked-cluster: 
cache-control: public,max-age=10,s-maxage=86400
x-do-app-origin: f2d94b8c-c2b7-4c7d-b069-571372fce7f7
x-do-orig-status: 200
cf-cache-status: HIT
server: cloudflare
cf-ray: 800a7d52a83bb509-OSL
content-encoding: br
X-Firefox-Spdy: h2

GET internet-security-alert-q-app-ye9oo.ondigitalocean.app/before.js

104.18.118.88

200 OK

366 B

URL GET HTTP/2
internet-security-alert-q-app-ye9oo.ondigitalocean.app/before.js
IP
104.18.118.88:443
ASN
#13335 CLOUDFLARENET

Requested by
https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Certificate
IssuerCloudflare, Inc.
Subjectondigitalocean.app
FingerprintAA:97:76:9D:D6:B8:8B:AA:A0:3C:B5:7B:DE:76:62:84:C0:19:EC:A0
ValidityTue, 18 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT

File type
ASCII text, with very long lines (380), with no line terminators
Size
366 B (366 bytes)
Hash
30ab0fccfb4c857f608e51c255c26796
5923f53a21825d79b436e2c98e6ab53068370ad3
92e7f01957ef9660eb84aa2d821d4fff017b66659f7a74b900fad60053a1c88c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /before.js HTTP/1.1
Host: internet-security-alert-q-app-ye9oo.ondigitalocean.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Sep 2023 02:16:14 GMT
content-type: text/javascript; charset=utf-8
last-modified: Fri, 01 Sep 2023 20:08:28 GMT
x-rgw-object-type: Normal
etag: W/"87c2dc3aeb373ca8445f7410ef387689"
x-amz-request-id: tx00000f90ccbc209fafdac-0064f3cf35-3ae225f4-sfo3a
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-envoy-upstream-healthchecked-cluster: 
cache-control: public,max-age=10,s-maxage=86400
x-do-app-origin: f2d94b8c-c2b7-4c7d-b069-571372fce7f7
x-do-orig-status: 200
cf-cache-status: HIT
server: cloudflare
cf-ray: 800a7d52a83cb509-OSL
content-encoding: br
X-Firefox-Spdy: h2

GET maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

104.18.11.207

200 OK

28 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (27303)
Size
28 kB (27466 bytes)
Hash
4fbd15cb6047af93373f4f895639c8bf
12d6861075de8e293265ff6ff03b1f3adcb44c76
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

HTTP Headers

GET /font-awesome/4.5.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Sep 2023 02:16:14 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: US
cdn-edgestorageid: 617, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-06-08 14:23:29
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 990eb37a8813a99367bd383681b974a4
cdn-cache: HIT
cf-cache-status: HIT
age: 217090
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 800a7d52ce84b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET internet-security-alert-q-app-ye9oo.ondigitalocean.app/

104.18.118.88

200 OK

37 kB

URL User Request GET HTTP/2
internet-security-alert-q-app-ye9oo.ondigitalocean.app/
IP
104.18.118.88:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectondigitalocean.app
FingerprintAA:97:76:9D:D6:B8:8B:AA:A0:3C:B5:7B:DE:76:62:84:C0:19:EC:A0
ValidityTue, 18 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
37 kB (36748 bytes)
Hash
5df5ac715e07764ce179c693dc16b4d1
18940eb7251c401c3a10e8343fd3498d2384614c
a8f1a85d304290fbf01607c2d8b496fbacd68a9b0f7f5741e7abd001c2e9a2f9

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET / HTTP/1.1
Host: internet-security-alert-q-app-ye9oo.ondigitalocean.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Sep 2023 02:16:14 GMT
content-type: text/html; charset=utf-8
last-modified: Fri, 01 Sep 2023 20:08:29 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx000003c9991ed9a11ba41-0064f3ec6d-3ae0d08a-sfo3a
x-envoy-upstream-healthchecked-cluster: 
cache-control: public,max-age=10,s-maxage=86400
x-do-app-origin: f2d94b8c-c2b7-4c7d-b069-571372fce7f7
x-do-orig-status: 200
cf-cache-status: EXPIRED
vary: Accept-Encoding
server: cloudflare
cf-ray: 800a7d47fcdfb509-OSL
content-encoding: br
X-Firefox-Spdy: h2

GET internet-security-alert-q-app-ye9oo.ondigitalocean.app/main.js

104.18.118.88

200 OK

1.3 kB

URL GET HTTP/2
internet-security-alert-q-app-ye9oo.ondigitalocean.app/main.js
IP
104.18.118.88:443
ASN
#13335 CLOUDFLARENET

Requested by
https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Certificate
IssuerCloudflare, Inc.
Subjectondigitalocean.app
FingerprintAA:97:76:9D:D6:B8:8B:AA:A0:3C:B5:7B:DE:76:62:84:C0:19:EC:A0
ValidityTue, 18 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT

File type
ASCII text, with very long lines (1440), with no line terminators
Size
1.3 kB (1290 bytes)
Hash
0623cddfa7783dc8fc61b18ada9d6b8b
dede1eff8f20e836a0d3f2ecdc410022501d8141
44105f682f72a8f3de00bce06321ada7a6dc3449b5030e5742a6a40147f70a6e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /main.js HTTP/1.1
Host: internet-security-alert-q-app-ye9oo.ondigitalocean.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Sep 2023 02:16:14 GMT
content-type: text/javascript; charset=utf-8
last-modified: Fri, 01 Sep 2023 20:08:29 GMT
x-rgw-object-type: Normal
etag: W/"feee4ae71d078d42a5da82ab704f2238"
x-amz-request-id: tx00000b86e78c0d7bc7528-0064f3cf35-3ae0d08a-sfo3a
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-envoy-upstream-healthchecked-cluster: 
cache-control: public,max-age=10,s-maxage=86400
x-do-app-origin: f2d94b8c-c2b7-4c7d-b069-571372fce7f7
x-do-orig-status: 200
cf-cache-status: HIT
server: cloudflare
cf-ray: 800a7d52a83eb509-OSL
content-encoding: br
X-Firefox-Spdy: h2

GET internet-security-alert-q-app-ye9oo.ondigitalocean.app/light.js

104.18.118.88

200 OK

503 B

URL GET HTTP/2
internet-security-alert-q-app-ye9oo.ondigitalocean.app/light.js
IP
104.18.118.88:443
ASN
#13335 CLOUDFLARENET

Requested by
https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Certificate
IssuerCloudflare, Inc.
Subjectondigitalocean.app
FingerprintAA:97:76:9D:D6:B8:8B:AA:A0:3C:B5:7B:DE:76:62:84:C0:19:EC:A0
ValidityTue, 18 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT

File type
ASCII text, with very long lines (545), with no line terminators
Size
503 B (503 bytes)
Hash
d64718a85daf432be5f8d3c9fe3a45bd
d1b2721f29e5a1a6e6344a53162f32c53eb98e1e
de0997f0917e44e1840ce9d82cc86fd7f6cae542f906c62d78ae71c6af0ee303

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /light.js HTTP/1.1
Host: internet-security-alert-q-app-ye9oo.ondigitalocean.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Sep 2023 02:16:14 GMT
content-type: text/javascript; charset=utf-8
last-modified: Fri, 01 Sep 2023 20:08:29 GMT
x-rgw-object-type: Normal
etag: W/"cd6c33fbc221d0271c910af910e6ebed"
x-amz-request-id: tx00000b2b65f3d7b76c4c7-0064f3cf35-3ae0d08a-sfo3a
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-envoy-upstream-healthchecked-cluster: 
cache-control: public,max-age=10,s-maxage=86400
x-do-app-origin: f2d94b8c-c2b7-4c7d-b069-571372fce7f7
x-do-orig-status: 200
cf-cache-status: HIT
server: cloudflare
cf-ray: 800a7d52a83fb509-OSL
content-encoding: br
X-Firefox-Spdy: h2

GET internet-security-alert-q-app-ye9oo.ondigitalocean.app/favicon.ico

104.18.118.88

404 Not Found

1.0 kB

URL GET HTTP/2
internet-security-alert-q-app-ye9oo.ondigitalocean.app/favicon.ico
IP
104.18.118.88:443
ASN
#13335 CLOUDFLARENET

Requested by
https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Certificate
IssuerCloudflare, Inc.
Subjectondigitalocean.app
FingerprintAA:97:76:9D:D6:B8:8B:AA:A0:3C:B5:7B:DE:76:62:84:C0:19:EC:A0
ValidityTue, 18 Oct 2022 00:00:00 GMT - Tue, 17 Oct 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1084), with no line terminators
Size
1.0 kB (1019 bytes)
Hash
f72b78fdeac65876be60fdd5c9dc8d3a
17f3d2a8580524e7ab4cd9f0cff25793f0e91fab
e439c42fff5f773c2fdca78e9c53ee5c24cd8bb56a4053245fd3c0acabd7985c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: internet-security-alert-q-app-ye9oo.ondigitalocean.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://internet-security-alert-q-app-ye9oo.ondigitalocean.app/
Cookie: _ga_3EFSNQMCXD=GS1.1.1693707363.1.0.1693707363.0.0.0; _ga=GA1.1.623597834.1693707364
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Sun, 03 Sep 2023 02:16:16 GMT
content-type: text/html; charset=utf-8
last-modified: Fri, 01 Sep 2023 20:08:27 GMT
x-rgw-object-type: Normal
x-amz-request-id: tx000000c9e05b6029a1733-0064f3ec70-3ae225f4-sfo3a
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-envoy-upstream-healthchecked-cluster: 
cache-control: public,max-age=10,s-maxage=86400
x-do-app-origin: f2d94b8c-c2b7-4c7d-b069-571372fce7f7
x-do-orig-status: 404
cf-cache-status: MISS
server: cloudflare
cf-ray: 800a7d581982b509-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (26)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by