| bidevtc.d18q12fh7xh36y.amplifyapp.com/verification1.html |  54.230.111.99 | 301 Moved Permanently | 167 B |
URL HTTP/1.1bidevtc.d18q12fh7xh36y.amplifyapp.com/verification1.html IP54.230.111.99:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hashf5d40b7259645010f9a248858ad14178 b3051d17a6ec8c9e166bf09a62b48261ab86957b 7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
| Analyzer | Verdict | Alert |
|---|
| openphish | Luno | | | fortinet | Phishing | |
GET /verification1.html HTTP/1.1
Host: bidevtc.d18q12fh7xh36y.amplifyapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Sat, 03 Dec 2022 05:29:48 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://bidevtc.d18q12fh7xh36y.amplifyapp.com/verification1.html
X-Cache: Redirect from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: EIMULnHpN6_ELAsGd4MwJL2sxv9q49qt8o0yYZLvSpUuG1HmX29UbQ==
|
|
| r3.o.lencr.org/ |  23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash3bbb845b153026fc5332dd4506585b57 3cad200fac28fd00f34ce6ef79373e661e188743 6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9327
Expires: Sat, 03 Dec 2022 08:05:15 GMT
Date: Sat, 03 Dec 2022 05:29:48 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ |  93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash7439fb99a444b66db1e68ffbfaa38451 4b7742d7956485906f1c392c478515ff89a46184 636327ce88f733e5a1d39af212f97242717a39ce20edaef330fafea238e3a309
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5870
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 05:29:48 GMT
Last-Modified: Sat, 03 Dec 2022 03:51:58 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash55b4c61a1e99001307750e3647fe1102 7559f9f6770b7d3f45b723167062096312641e08 39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8705
Expires: Sat, 03 Dec 2022 07:54:53 GMT
Date: Sat, 03 Dec 2022 05:29:48 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 34.102.187.140 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash30db107dcf4380cef05efea409c2e6a3 96e6a306fbc07299aba64e5c14e2bfca35872fa9 b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 03 Dec 2022 05:19:59 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 589
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash9ebddc2b260d081ebbefee47c037cb28 492bad62a7ca6a74738921ef5ae6f0be5edebf39 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: X6UHGBk/oj/aZ9Sa+P4xYPLcBzmUj7GnuNne0kGCajl2gftGgHxMBeVaoYWmKoYPhNXXGREI9NU=
x-amz-request-id: R38HY5Y3C08CGMR2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 03 Dec 2022 04:46:26 GMT
age: 2602
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.r2m01.amazontrust.com/ | 54.230.80.227 | 200 OK | 471 B |
URL HTTP/1.1ocsp.r2m01.amazontrust.com/ IP54.230.80.227:0
Hasha8208a82179d368bceee5ce5074dab0a dbe30216a85a94e4430d44b0ff466bd43553c634 47bf72343a91a824c2ac02382eab5426ab9bcccca692273426511ad729613107
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=94038
Date: Sat, 03 Dec 2022 05:29:48 GMT
Etag: "6389ab22-1d7"
Expires: Sun, 04 Dec 2022 07:37:06 GMT
Last-Modified: Fri, 02 Dec 2022 07:37:06 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: w2nHLQnR4mbdDcjK6WiW9x2aD7i6K6VQIGvl1AgG_P3n2g0sqCPQwQ==
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 05:29:48 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 34.102.187.140 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 03 Dec 2022 05:11:17 GMT
cache-control: public,max-age=3600
age: 1111
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash7f1f8fc556d1f7e0aea3e1208ee2fd1c 09c341a56ff876479cfc8a0505a5fef4a5d110f1 65adcf58887bcc23f73379f74ab19a61cfbb93285c95c64b44a6716eeacc1482
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5850
Cache-Control: max-age=105275
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 05:29:49 GMT
Etag: "6389c02e-1d7"
Expires: Sun, 04 Dec 2022 10:44:24 GMT
Last-Modified: Fri, 02 Dec 2022 09:06:54 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
|
|
| bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/index_002.js | 54.230.111.99 | 200 OK | 28 B |
URL HTTP/2bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/index_002.js IP54.230.111.99:0
File typeASCII text, with no line terminators Hash5816cced8568d223aa09d889f300692b 95cab5e474d7391762c3da5c7dc50fcf05df529f f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
| Analyzer | Verdict | Alert |
|---|
| openphish | Luno | | | fortinet | Phishing | |
GET /index_files/index_002.js HTTP/1.1
Host: bidevtc.d18q12fh7xh36y.amplifyapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bidevtc.d18q12fh7xh36y.amplifyapp.com/verification1.html
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 28
date: Sat, 03 Dec 2022 05:29:50 GMT
last-modified: Fri, 21 Oct 2022 09:33:57 GMT
etag: "5816cced8568d223aa09d889f300692b"
x-amz-server-side-encryption: AES256
cache-control: public, must-revalidate, max-age=0, s-maxage=2
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IuXIeWV4FdYtQdRordUPwmGrIhos1w265toIDrfdEJJPsGEwEJph4w==
X-Firefox-Spdy: h2
|
|
| bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/out_005.gif | 54.230.111.99 | 200 OK | 42 B |
URL HTTP/2bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/out_005.gif IP54.230.111.99:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
| Analyzer | Verdict | Alert |
|---|
| openphish | Luno | |
GET /index_files/out_005.gif HTTP/1.1
Host: bidevtc.d18q12fh7xh36y.amplifyapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bidevtc.d18q12fh7xh36y.amplifyapp.com/verification1.html
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 42
date: Sat, 03 Dec 2022 05:29:50 GMT
last-modified: Fri, 21 Oct 2022 09:33:58 GMT
etag: "d89746888da2d9510b64a9f031eaecd5"
x-amz-server-side-encryption: AES256
cache-control: public, must-revalidate, max-age=0, s-maxage=2
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TXkpCLEB22_DewaIoCm3720cO_L0tACKAvOF8VAROdX2I6IWKmfh5w==
X-Firefox-Spdy: h2
|
|
| bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/out_010.gif | 54.230.111.99 | 200 OK | 42 B |
URL HTTP/2bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/out_010.gif IP54.230.111.99:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
| Analyzer | Verdict | Alert |
|---|
| openphish | Luno | |
GET /index_files/out_010.gif HTTP/1.1
Host: bidevtc.d18q12fh7xh36y.amplifyapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bidevtc.d18q12fh7xh36y.amplifyapp.com/verification1.html
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 42
date: Sat, 03 Dec 2022 05:29:50 GMT
last-modified: Fri, 21 Oct 2022 09:33:58 GMT
etag: "d89746888da2d9510b64a9f031eaecd5"
x-amz-server-side-encryption: AES256
cache-control: public, must-revalidate, max-age=0, s-maxage=2
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Gn-LVojH5x02ha4Bqow1UBb0rmBSCXdcpEHC-NmTg71bsP9SxUOCFg==
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 52.39.62.124 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP52.39.62.124:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: nq4xBKF7c4G6o4aWexkHzg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: OcRi4LVJT8GCMMYCmFwcnC7H4oE=
|
|
| bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/out_009.gif | 54.230.111.99 | 200 OK | 42 B |
URL HTTP/2bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/out_009.gif IP54.230.111.99:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
| Analyzer | Verdict | Alert |
|---|
| openphish | Luno | |
GET /index_files/out_009.gif HTTP/1.1
Host: bidevtc.d18q12fh7xh36y.amplifyapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bidevtc.d18q12fh7xh36y.amplifyapp.com/verification1.html
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 42
date: Sat, 03 Dec 2022 05:29:50 GMT
last-modified: Fri, 21 Oct 2022 09:33:58 GMT
etag: "d89746888da2d9510b64a9f031eaecd5"
x-amz-server-side-encryption: AES256
cache-control: public, must-revalidate, max-age=0, s-maxage=2
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ku1kezxjVaYvJ5Cccgxk58p6ezdrt-DCLfOsidxz5mutoGvQO4u7hg==
X-Firefox-Spdy: h2
|
|
| bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/out_004.gif | 54.230.111.99 | 200 OK | 42 B |
URL HTTP/2bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/out_004.gif IP54.230.111.99:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
| Analyzer | Verdict | Alert |
|---|
| openphish | Luno | |
GET /index_files/out_004.gif HTTP/1.1
Host: bidevtc.d18q12fh7xh36y.amplifyapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bidevtc.d18q12fh7xh36y.amplifyapp.com/verification1.html
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 42
date: Sat, 03 Dec 2022 05:29:50 GMT
last-modified: Fri, 21 Oct 2022 09:33:58 GMT
etag: "d89746888da2d9510b64a9f031eaecd5"
x-amz-server-side-encryption: AES256
cache-control: public, must-revalidate, max-age=0, s-maxage=2
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -m_7iwLYtUThCZiwe20Gvu50_rRNtqUT-OmwMXeL-YFdoAeGvSaI_Q==
X-Firefox-Spdy: h2
|
|
| bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/DN7MGSCFYVCP5O5VG6AWM4 | 54.230.111.99 | 301 Moved Permanently | 0 B |
URL HTTP/2bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/DN7MGSCFYVCP5O5VG6AWM4 IP54.230.111.99:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| openphish | Luno | | | fortinet | Phishing | |
GET /index_files/DN7MGSCFYVCP5O5VG6AWM4 HTTP/1.1
Host: bidevtc.d18q12fh7xh36y.amplifyapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bidevtc.d18q12fh7xh36y.amplifyapp.com/verification1.html
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 301 Moved Permanently
content-type: application/xml
content-length: 0
date: Sat, 03 Dec 2022 05:29:48 GMT
server: AmazonS3
location: /index_files/DN7MGSCFYVCP5O5VG6AWM4/
x-cache: Error from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IEqRxTnx45gTaXkJp3pcfMrymG6XDyho5dYMUHd3nccymJj2ePXNng==
X-Firefox-Spdy: h2
|
|
| bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/out_006.gif | 54.230.111.99 | 200 OK | 42 B |
URL HTTP/2bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/out_006.gif IP54.230.111.99:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
| Analyzer | Verdict | Alert |
|---|
| openphish | Luno | |
GET /index_files/out_006.gif HTTP/1.1
Host: bidevtc.d18q12fh7xh36y.amplifyapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bidevtc.d18q12fh7xh36y.amplifyapp.com/verification1.html
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 42
date: Sat, 03 Dec 2022 05:29:50 GMT
last-modified: Fri, 21 Oct 2022 09:33:58 GMT
etag: "d89746888da2d9510b64a9f031eaecd5"
x-amz-server-side-encryption: AES256
cache-control: public, must-revalidate, max-age=0, s-maxage=2
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bGevVlJp6f-fyw9JkgIlQuDlDqPm8utwc5Mk-NAlxlQe8rzXeYkk4A==
X-Firefox-Spdy: h2
|
|
| bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/out_012.gif | 54.230.111.99 | 200 OK | 42 B |
URL HTTP/2bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/out_012.gif IP54.230.111.99:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
| Analyzer | Verdict | Alert |
|---|
| openphish | Luno | |
GET /index_files/out_012.gif HTTP/1.1
Host: bidevtc.d18q12fh7xh36y.amplifyapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bidevtc.d18q12fh7xh36y.amplifyapp.com/verification1.html
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 42
date: Sat, 03 Dec 2022 05:29:50 GMT
last-modified: Fri, 21 Oct 2022 09:33:58 GMT
etag: "d89746888da2d9510b64a9f031eaecd5"
x-amz-server-side-encryption: AES256
cache-control: public, must-revalidate, max-age=0, s-maxage=2
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _29QHtTiWKUvVXZJYbKGQ13ZKo-6t8Gmc9C1sPjz2S7Iitx0w1HK_A==
X-Firefox-Spdy: h2
|
|
| bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/out_002.gif | 54.230.111.99 | 200 OK | 42 B |
URL HTTP/2bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/out_002.gif IP54.230.111.99:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
| Analyzer | Verdict | Alert |
|---|
| openphish | Luno | |
GET /index_files/out_002.gif HTTP/1.1
Host: bidevtc.d18q12fh7xh36y.amplifyapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bidevtc.d18q12fh7xh36y.amplifyapp.com/verification1.html
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 42
date: Sat, 03 Dec 2022 05:29:50 GMT
last-modified: Fri, 21 Oct 2022 09:33:58 GMT
etag: "d89746888da2d9510b64a9f031eaecd5"
x-amz-server-side-encryption: AES256
cache-control: public, must-revalidate, max-age=0, s-maxage=2
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BpoL1T8rMOqSqLXX20KydE2DFTakj7v_B2msGqZBPfCHaIFp4wn1tQ==
X-Firefox-Spdy: h2
|
|
| bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/MXXDHVXQWVACJD4VWOM6NP | 54.230.111.99 | 301 Moved Permanently | 0 B |
URL HTTP/2bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/MXXDHVXQWVACJD4VWOM6NP IP54.230.111.99:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| openphish | Luno | | | fortinet | Phishing | |
GET /index_files/MXXDHVXQWVACJD4VWOM6NP HTTP/1.1
Host: bidevtc.d18q12fh7xh36y.amplifyapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bidevtc.d18q12fh7xh36y.amplifyapp.com/verification1.html
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 301 Moved Permanently
content-type: application/xml
content-length: 0
date: Sat, 03 Dec 2022 05:29:48 GMT
server: AmazonS3
location: /index_files/MXXDHVXQWVACJD4VWOM6NP/
x-cache: Error from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _J2zWo0eDQsN2At6aCqo_ozjayTy0BJ4YwNeLUtfSYY6D-bdmscm8A==
X-Firefox-Spdy: h2
|
|
| bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/out_007.gif | 54.230.111.99 | 200 OK | 42 B |
URL HTTP/2bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/out_007.gif IP54.230.111.99:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
| Analyzer | Verdict | Alert |
|---|
| openphish | Luno | |
GET /index_files/out_007.gif HTTP/1.1
Host: bidevtc.d18q12fh7xh36y.amplifyapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bidevtc.d18q12fh7xh36y.amplifyapp.com/verification1.html
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 42
date: Sat, 03 Dec 2022 05:29:50 GMT
last-modified: Fri, 21 Oct 2022 09:33:58 GMT
etag: "d89746888da2d9510b64a9f031eaecd5"
x-amz-server-side-encryption: AES256
cache-control: public, must-revalidate, max-age=0, s-maxage=2
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: M3u9L-tMBLQ_Ut7mP8fmVuLwYboaFdInISHtt2AAaDcbOLRqO8_seg==
X-Firefox-Spdy: h2
|
|
| bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/out_003.gif | 54.230.111.99 | 200 OK | 42 B |
URL HTTP/2bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/out_003.gif IP54.230.111.99:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
| Analyzer | Verdict | Alert |
|---|
| openphish | Luno | |
GET /index_files/out_003.gif HTTP/1.1
Host: bidevtc.d18q12fh7xh36y.amplifyapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bidevtc.d18q12fh7xh36y.amplifyapp.com/verification1.html
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 42
date: Sat, 03 Dec 2022 05:29:50 GMT
last-modified: Fri, 21 Oct 2022 09:33:58 GMT
etag: "d89746888da2d9510b64a9f031eaecd5"
x-amz-server-side-encryption: AES256
cache-control: public, must-revalidate, max-age=0, s-maxage=2
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vwTi9j1I9bbsBMOtfaJp110tguKVFyl06QXPArcTeNzQAgBKvtj6sQ==
X-Firefox-Spdy: h2
|
|
| bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/out_008.gif | 54.230.111.99 | 200 OK | 42 B |
URL HTTP/2bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/out_008.gif IP54.230.111.99:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
| Analyzer | Verdict | Alert |
|---|
| openphish | Luno | |
GET /index_files/out_008.gif HTTP/1.1
Host: bidevtc.d18q12fh7xh36y.amplifyapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bidevtc.d18q12fh7xh36y.amplifyapp.com/verification1.html
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 42
date: Sat, 03 Dec 2022 05:29:50 GMT
last-modified: Fri, 21 Oct 2022 09:33:58 GMT
etag: "d89746888da2d9510b64a9f031eaecd5"
x-amz-server-side-encryption: AES256
cache-control: public, must-revalidate, max-age=0, s-maxage=2
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xC0d6lD_R71vRMLYUTDtFNU9YUULoCWRA3oyJIGmzxEjigvVp_gYMQ==
X-Firefox-Spdy: h2
|
|
| bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/out.gif | 54.230.111.99 | 200 OK | 42 B |
URL HTTP/2bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/out.gif IP54.230.111.99:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
| Analyzer | Verdict | Alert |
|---|
| openphish | Luno | |
GET /index_files/out.gif HTTP/1.1
Host: bidevtc.d18q12fh7xh36y.amplifyapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bidevtc.d18q12fh7xh36y.amplifyapp.com/verification1.html
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 42
date: Sat, 03 Dec 2022 05:29:50 GMT
last-modified: Fri, 21 Oct 2022 09:33:58 GMT
etag: "d89746888da2d9510b64a9f031eaecd5"
x-amz-server-side-encryption: AES256
cache-control: public, must-revalidate, max-age=0, s-maxage=2
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 64Y2CBpcKXtjKXmtQyEMbi_FJLz18D4cFGyj_USNTBSxliVSq4OfNg==
X-Firefox-Spdy: h2
|
|
| bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/track.gif | 54.230.111.99 | 200 OK | 23 B |
URL HTTP/2bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/track.gif IP54.230.111.99:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashda5b449fff36752a93779fa4067cd2eb 71a96eea77f21ab5f1819b96c4cedd5cd34476ca 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
| Analyzer | Verdict | Alert |
|---|
| openphish | Luno | |
GET /index_files/track.gif HTTP/1.1
Host: bidevtc.d18q12fh7xh36y.amplifyapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bidevtc.d18q12fh7xh36y.amplifyapp.com/verification1.html
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 23
date: Sat, 03 Dec 2022 05:29:50 GMT
last-modified: Fri, 21 Oct 2022 09:34:00 GMT
etag: "da5b449fff36752a93779fa4067cd2eb"
x-amz-server-side-encryption: AES256
cache-control: public, must-revalidate, max-age=0, s-maxage=2
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: esxmtDgs2n2Vb5vVziH5R2wO2cS2xC6Zjt5-6NfVNuYZsw5RVL8gSA==
X-Firefox-Spdy: h2
|
|
| bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/out_013.gif | 54.230.111.99 | 200 OK | 42 B |
URL HTTP/2bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/out_013.gif IP54.230.111.99:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
| Analyzer | Verdict | Alert |
|---|
| openphish | Luno | |
GET /index_files/out_013.gif HTTP/1.1
Host: bidevtc.d18q12fh7xh36y.amplifyapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bidevtc.d18q12fh7xh36y.amplifyapp.com/verification1.html
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 42
date: Sat, 03 Dec 2022 05:29:50 GMT
last-modified: Fri, 21 Oct 2022 09:33:58 GMT
etag: "d89746888da2d9510b64a9f031eaecd5"
x-amz-server-side-encryption: AES256
cache-control: public, must-revalidate, max-age=0, s-maxage=2
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: b1fYbaoUFNKW2PtKVo-91bECUpMoJEtJ9jtEAPKtcUOWFRnfYPwBnQ==
X-Firefox-Spdy: h2
|
|
| bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/out_011.gif | 54.230.111.99 | 200 OK | 42 B |
URL HTTP/2bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/out_011.gif IP54.230.111.99:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
| Analyzer | Verdict | Alert |
|---|
| openphish | Luno | |
GET /index_files/out_011.gif HTTP/1.1
Host: bidevtc.d18q12fh7xh36y.amplifyapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bidevtc.d18q12fh7xh36y.amplifyapp.com/verification1.html
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 42
date: Sat, 03 Dec 2022 05:29:50 GMT
last-modified: Fri, 21 Oct 2022 09:33:58 GMT
etag: "d89746888da2d9510b64a9f031eaecd5"
x-amz-server-side-encryption: AES256
cache-control: public, must-revalidate, max-age=0, s-maxage=2
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qH2YzzJOwhAQDgLYq_ypgNDAOpkJpPhJUX7VGt3Drdg0PcTbuDgjog==
X-Firefox-Spdy: h2
|
|
| bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/pleasewait2.gif | 54.230.111.99 | 200 OK | 4.5 kB |
URL HTTP/2bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/pleasewait2.gif IP54.230.111.99:0
File typeGIF image data, version 89a, 280 x 100\012- data Hash5bdff07fc72b8ee7aca4422e6fd0ff9e 5ef88d8373cec71a8881cdbcd0542f51ec1b466c 745b80d8c9691bb2f83651a38771d98b6f0b0b62a8d799fea723d3c58f012a63
| Analyzer | Verdict | Alert |
|---|
| openphish | Luno | |
GET /index_files/pleasewait2.gif HTTP/1.1
Host: bidevtc.d18q12fh7xh36y.amplifyapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bidevtc.d18q12fh7xh36y.amplifyapp.com/verification1.html
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 4548
date: Sat, 03 Dec 2022 05:29:50 GMT
last-modified: Fri, 21 Oct 2022 09:33:59 GMT
etag: "5bdff07fc72b8ee7aca4422e6fd0ff9e"
x-amz-server-side-encryption: AES256
cache-control: public, must-revalidate, max-age=0, s-maxage=2
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1Aa8LvHB6iUItwgQf9ZEzOWaEptgeSY3BfihNefiVVq3DsQInF4AbA==
X-Firefox-Spdy: h2
|
|
| bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/DN7MGSCFYVCP5O5VG6AWM4/ | 54.230.111.99 | 403 Forbidden | 746 B |
URL HTTP/2bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/DN7MGSCFYVCP5O5VG6AWM4/ IP54.230.111.99:0
Hashf8ec945a3a5f795dcf6f4328346baa5d 656aa34818cc312b82db188b2e69c7cbd2f3ea60 fe33d5b9474d0a3d9741351ade3f44937a6c27d6ed5044afdc398d52127d6775
| Analyzer | Verdict | Alert |
|---|
| openphish | Luno | | | fortinet | Phishing | |
GET /index_files/DN7MGSCFYVCP5O5VG6AWM4/ HTTP/1.1
Host: bidevtc.d18q12fh7xh36y.amplifyapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bidevtc.d18q12fh7xh36y.amplifyapp.com/verification1.html
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
content-type: application/xml
date: Sat, 03 Dec 2022 05:29:50 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: s__wiUBwzOhdSj9uj0zls-fLgxkEn-oAPwQOJ4JBMuDqwy_ZQTv0Vw==
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashecab83d593cc540b02689be5be7abc8a 81cda579b7b9b22332b85266b0126585f3d3f73f d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13741
Expires: Sat, 03 Dec 2022 09:18:51 GMT
Date: Sat, 03 Dec 2022 05:29:50 GMT
Connection: keep-alive
|
|
| bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/index.js | 54.230.111.99 | 403 Forbidden | 746 B |
URL HTTP/2bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/index.js IP54.230.111.99:0
Hash14fe39aae2eae16644898093acf59b26 bce9f1d73dce8aca8414b9b3c99d5972217562cc 2739d7c1314fdcdeff514e9bace478c1c119fd12f300581e3f7788139c0641a2
| Analyzer | Verdict | Alert |
|---|
| openphish | Luno | | | fortinet | Phishing | |
GET /index_files/index.js HTTP/1.1
Host: bidevtc.d18q12fh7xh36y.amplifyapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bidevtc.d18q12fh7xh36y.amplifyapp.com/verification1.html
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
content-type: application/xml
date: Sat, 03 Dec 2022 05:29:49 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3DZNMG1RpXmXX2aYnN0F3dr6QNgN0GQy9V8kI1A3l3DL63D7L5Se6w==
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashecab83d593cc540b02689be5be7abc8a 81cda579b7b9b22332b85266b0126585f3d3f73f d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9246
Expires: Sat, 03 Dec 2022 08:03:56 GMT
Date: Sat, 03 Dec 2022 05:29:50 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg | 34.120.237.76 | 200 OK | 2.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashb47431190f34eccf0a6efb98e2a32b7d 9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704 08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XvG2dAUeB914GQ1qJwQRHovAtra8OSjG-CsXeR8UOBq5r8qVjEbPBQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 05:02:08 GMT
age: 1662
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73a3aed7-6615-4aba-95ab-991227988c2f.jpeg | 34.120.237.76 | 200 OK | 7.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73a3aed7-6615-4aba-95ab-991227988c2f.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash750406a3a0b6a62379aef0830ae2cf3d a40580118b667af32464b3e02645d63135700d9c ccd41727dc1c0f49347dea67f6d273f1aee8c0f30d41967bda695c9dcc3c8515
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73a3aed7-6615-4aba-95ab-991227988c2f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7932
x-amzn-requestid: 2259a17c-a282-4093-aa1b-5d0fccc71368
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cY0GtEdTIAMFdWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63869a2a-1c6fd4912e5952ad507036ff;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 23:47:54 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KCPJSmj2yFUn__4ngtZjikL-2Z7TUCYbgLFiqjYqxrKcoTW0ppTwlw==
via: 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 22:03:50 GMT
age: 26760
etag: "a40580118b667af32464b3e02645d63135700d9c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20049904-a818-4d1c-9585-79edf76dcc61.jpeg | 34.120.237.76 | 200 OK | 7.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20049904-a818-4d1c-9585-79edf76dcc61.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash9b77186d0d93f7ccfe729edd9d184af3 458aa485b9abef3b72427d308a172d1c24eceabd 8bed5a8e56e8c43fcbdc807245c2b651d014a06368574e57a25b718399a4a701
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20049904-a818-4d1c-9585-79edf76dcc61.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6966
x-amzn-requestid: 2b40c185-e050-4bfd-9b08-bb70e6f89824
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfAb7Ev3oAMFnrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6389144c-65301ace20da6f580ed77e82;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 20:53:32 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xBRZ6xulfveO7b5ZY8ApNbQJ1Sz8LbzEAb3YqxOEaZGYem-ZRaar_Q==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 08:01:16 GMT
age: 77314
etag: "458aa485b9abef3b72427d308a172d1c24eceabd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg | 34.120.237.76 | 200 OK | 5.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash1e74254b3fdce7d6b84a71a7aff43789 65c8b4abf957f9b54d99d0f78559e639adb29efb f278c3cc6734da7188862a8c651c803e7ac1fda82234e191761453cb1359d3ee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5354
x-amzn-requestid: 3d58ffea-3433-4c5c-a60b-17f6de3a33e5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cSsnvG44oAMFfyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638427ca-63b375f04189b7ce7d84cd5d;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 03:15:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -AurmlKwF0QgfsWBsV3ZN9ZyDhw1Zo82zUqrpkBbvbCfh0j7evV2Tg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 11:01:04 GMT
age: 66526
etag: "65c8b4abf957f9b54d99d0f78559e639adb29efb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/fpconsent.js | 54.230.111.99 | 403 Forbidden | 6.4 kB |
URL HTTP/2bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/fpconsent.js IP54.230.111.99:0
Hashee9e1ed0fc099217321e4ae83bb8f1bd d4047d30389f4cec28bc974d3e3c6130e07692ae 909717450aa44c5abe6a505e47496e652e9e4fc44a66e3741fc9c5f9bb43348f
| Analyzer | Verdict | Alert |
|---|
| openphish | Luno | | | fortinet | Phishing | |
GET /index_files/fpconsent.js HTTP/1.1
Host: bidevtc.d18q12fh7xh36y.amplifyapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bidevtc.d18q12fh7xh36y.amplifyapp.com/verification1.html
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
content-type: application/xml
date: Sat, 03 Dec 2022 05:29:48 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GoIAKxI-U_3V8NWWmlefMN_ruPZvKIFoGmOPYzbzkkFX_txSOVLD9g==
X-Firefox-Spdy: h2
|
|
| bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/sendrolling.js | 54.230.111.99 | 200 OK | 11 kB |
URL HTTP/2bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/sendrolling.js IP54.230.111.99:0
Hash9ab78e599ce90842dc156c340f485c25 a05335e283f67952f7a637581c89a7618d56908e b0f5dbcbfd97e69db71430a42790b16bac9a61c2d64cecb597f7c0f0b6b5a8cb
| Analyzer | Verdict | Alert |
|---|
| openphish | Luno | | | fortinet | Phishing | |
GET /index_files/sendrolling.js HTTP/1.1
Host: bidevtc.d18q12fh7xh36y.amplifyapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bidevtc.d18q12fh7xh36y.amplifyapp.com/verification1.html
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Sat, 03 Dec 2022 05:29:50 GMT
last-modified: Fri, 21 Oct 2022 09:33:59 GMT
etag: W/"c317a5be7d65fa0c4d68d9735af020e4"
x-amz-server-side-encryption: AES256
cache-control: public, must-revalidate, max-age=0, s-maxage=2
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: U0_4VGhy5MrDvRBJjJJWp5ZCyGn68-j82xED_Wmo_Yq-hU4cIyXNDw==
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hashbaaba92c2ccd740f080a25a9ea5cb3ad 3322d5a9fb0b3a2ec83247eac9865234cbcefece 5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 05:29:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/materialicons/v118/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2 | 216.58.207.227 | 200 OK | 119 kB |
URL HTTP/2fonts.gstatic.com/s/materialicons/v118/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2 IP216.58.207.227:0
File typeWeb Open Font Format (Version 2), TrueType, length 119332, version 1.0\012- data Size119 kB (119332 bytes) Hash26d9b8829e64a086e8b97a18461ad4ca f072b953852924633f18c79a9550424b708bdb17 0c67479abb64a499bf624ccac92a3c813fb2630e8d8a81325ddda62231e0da82
GET /s/materialicons/v118/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://bidevtc.d18q12fh7xh36y.amplifyapp.com/
Origin: https://bidevtc.d18q12fh7xh36y.amplifyapp.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 119332
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 14:59:48 GMT
expires: Sat, 02 Dec 2023 14:59:48 GMT
cache-control: public, max-age=31536000
age: 52202
last-modified: Tue, 30 Nov 2021 20:45:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hashbaaba92c2ccd740f080a25a9ea5cb3ad 3322d5a9fb0b3a2ec83247eac9865234cbcefece 5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 05:29:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| d32exi8v9av3ux.cloudfront.net/static/fonts/Fracktif-Regular.woff | 143.204.42.221 | 200 OK | 74 kB |
URL HTTP/2d32exi8v9av3ux.cloudfront.net/static/fonts/Fracktif-Regular.woff IP143.204.42.221:0
File typeWeb Open Font Format, CFF, length 74184, version 0.0\012- data Hash685a5f0c828aa500569e378873d43d2a 2db3d39a26f1e31163ef6eb00011743a513a298c fbff55fa35995b30857a3e31aaaf37d60e60809655b38702211dc74d94790efa
GET /static/fonts/Fracktif-Regular.woff HTTP/1.1
Host: d32exi8v9av3ux.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bidevtc.d18q12fh7xh36y.amplifyapp.com
Connection: keep-alive
Referer: https://bidevtc.d18q12fh7xh36y.amplifyapp.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: font/woff
content-length: 74184
date: Fri, 02 Dec 2022 23:26:12 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Thu, 10 Nov 2022 07:51:52 GMT
etag: "685a5f0c828aa500569e378873d43d2a"
cache-control: public, max-age=604800
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HnqTJCprIBCe46Pken1I-jPMC5guN2zfZ32caaw8kGBeY81NF69nuQ==
age: 21819
X-Firefox-Spdy: h2
|
|
| d32exi8v9av3ux.cloudfront.net/static/fonts/Fracktif-SemiBold.woff | 143.204.42.221 | 200 OK | 75 kB |
URL HTTP/2d32exi8v9av3ux.cloudfront.net/static/fonts/Fracktif-SemiBold.woff IP143.204.42.221:0
File typeWeb Open Font Format, CFF, length 75012, version 0.0\012- data Hashdb0088214c43f64eca60c333838a1d1b c266aceaf4e6095bbda572c3cefd873dc64d6b06 412b2537f5f90857519fd60ec6ad2d749f36dbde3c70172d286367f626beff83
GET /static/fonts/Fracktif-SemiBold.woff HTTP/1.1
Host: d32exi8v9av3ux.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bidevtc.d18q12fh7xh36y.amplifyapp.com
Connection: keep-alive
Referer: https://bidevtc.d18q12fh7xh36y.amplifyapp.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: font/woff
content-length: 75012
date: Fri, 02 Dec 2022 23:26:12 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Thu, 10 Nov 2022 07:51:52 GMT
etag: "db0088214c43f64eca60c333838a1d1b"
cache-control: public, max-age=604800
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: yaseqrqWhelDs_-T1-oFaVuAaylR16isYlX1GIpHpJYB90f4x7JAkQ==
age: 21819
X-Firefox-Spdy: h2
|
|
| d32exi8v9av3ux.cloudfront.net/auth-app/2022/01/17/26465d/auth-app/assets/img/favicon-152x152.png | 143.204.42.221 | 200 OK | 2.3 kB |
URL HTTP/2d32exi8v9av3ux.cloudfront.net/auth-app/2022/01/17/26465d/auth-app/assets/img/favicon-152x152.png IP143.204.42.221:0
File typePNG image data, 152 x 152, 8-bit colormap, non-interlaced\012- data Hashbfdc0fedce221294659346a7783b6a7a 96474ad641d1addab4abc17fa659d73c3940f1a3 e87f5a2d3aeccca887e6c759a0f6ac07cd9f54c5ee85fa2aa9d97c1e678bf013
GET /auth-app/2022/01/17/26465d/auth-app/assets/img/favicon-152x152.png HTTP/1.1
Host: d32exi8v9av3ux.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bidevtc.d18q12fh7xh36y.amplifyapp.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 2286
date: Thu, 24 Nov 2022 07:21:59 GMT
last-modified: Mon, 17 Jan 2022 11:57:28 GMT
etag: "bfdc0fedce221294659346a7783b6a7a"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Z7m9k2WTZmcuaqcvdZVkDtGNo0bObGhs_Cn1Bp2BTtWJLTxDfxr2Uw==
age: 770872
X-Firefox-Spdy: h2
|
|
| d32exi8v9av3ux.cloudfront.net/auth-app/2022/01/17/26465d/auth-app/assets/img/favicon-16x16.png | 143.204.42.221 | 200 OK | 303 B |
URL HTTP/2d32exi8v9av3ux.cloudfront.net/auth-app/2022/01/17/26465d/auth-app/assets/img/favicon-16x16.png IP143.204.42.221:0
File typePNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data Hashdd23e160b468ea5f4b5b88a719ddee63 c1c0d5bba3cbd9bb5bab9ad42aaf5150a3ff1df0 cf0b20b47983a98fb61c7c2e03bd0445b34408c561e0e591ad72b37a9be750ff
GET /auth-app/2022/01/17/26465d/auth-app/assets/img/favicon-16x16.png HTTP/1.1
Host: d32exi8v9av3ux.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bidevtc.d18q12fh7xh36y.amplifyapp.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 303
date: Sat, 03 Dec 2022 01:17:59 GMT
last-modified: Mon, 17 Jan 2022 11:57:28 GMT
etag: "dd23e160b468ea5f4b5b88a719ddee63"
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HMNZl0w8mwXZoKO4wxgMfO4NWPt80uGhNj2SjexXkYp_y54-P8T4_A==
age: 15112
X-Firefox-Spdy: h2
|
|
| bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/styles.css | 54.230.111.99 | 200 OK | 0 B |
URL HTTP/2bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/styles.css IP54.230.111.99:0
| Analyzer | Verdict | Alert |
|---|
| openphish | Luno | |
GET /index_files/styles.css HTTP/1.1
Host: bidevtc.d18q12fh7xh36y.amplifyapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bidevtc.d18q12fh7xh36y.amplifyapp.com/verification1.html
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
date: Sat, 03 Dec 2022 05:29:50 GMT
last-modified: Fri, 21 Oct 2022 09:34:00 GMT
etag: W/"8b6b38195f918628cc0947836e87a474"
x-amz-server-side-encryption: AES256
cache-control: public, must-revalidate, max-age=0, s-maxage=2
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qIzpKpfOsoL_eEcUnR7pwbMeQYjiqrMfsryxkuvj658ZrgUZNc0Ngw==
X-Firefox-Spdy: h2
|
|
| bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/singular-sdk.js | 54.230.111.99 | 200 OK | 0 B |
URL HTTP/2bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/singular-sdk.js IP54.230.111.99:0
| Analyzer | Verdict | Alert |
|---|
| openphish | Luno | | | fortinet | Phishing | |
GET /index_files/singular-sdk.js HTTP/1.1
Host: bidevtc.d18q12fh7xh36y.amplifyapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bidevtc.d18q12fh7xh36y.amplifyapp.com/verification1.html
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Sat, 03 Dec 2022 05:29:50 GMT
last-modified: Fri, 21 Oct 2022 09:34:00 GMT
etag: W/"3b7624f0f44b75dd69fed75edf1ce836"
x-amz-server-side-encryption: AES256
cache-control: public, must-revalidate, max-age=0, s-maxage=2
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NU8vgrgaj9aZi8jWjrgVL5OVzt0b-MJHGeNuLCrTEwKEuYXvQ3BdeA==
X-Firefox-Spdy: h2
|
|
| bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/fpconsent.js | 54.230.111.99 | 403 Forbidden | 0 B |
URL HTTP/2bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/fpconsent.js IP54.230.111.99:0
| Analyzer | Verdict | Alert |
|---|
| openphish | Luno | | | fortinet | Phishing | |
GET /index_files/fpconsent.js HTTP/1.1
Host: bidevtc.d18q12fh7xh36y.amplifyapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bidevtc.d18q12fh7xh36y.amplifyapp.com/verification1.html
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
content-type: application/xml
date: Sat, 03 Dec 2022 05:29:49 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nvJNEQVvf2CM8_XRPYiWB_MTS-1hU96gZgZvzvKhxzks99f6B57p7A==
X-Firefox-Spdy: h2
|
|
| bidevtc.d18q12fh7xh36y.amplifyapp.com/verification1.html | 54.230.111.99 | 200 OK | 0 B |
URL HTTP/2bidevtc.d18q12fh7xh36y.amplifyapp.com/verification1.html IP54.230.111.99:0
| Analyzer | Verdict | Alert |
|---|
| openphish | Luno | | | fortinet | Phishing | |
GET /verification1.html HTTP/1.1
Host: bidevtc.d18q12fh7xh36y.amplifyapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html
date: Sat, 03 Dec 2022 05:29:49 GMT
last-modified: Fri, 21 Oct 2022 09:33:56 GMT
etag: W/"d2655d3649c7240ac57e9a6af9d03471"
x-amz-server-side-encryption: AES256
cache-control: public, must-revalidate, max-age=0, s-maxage=2
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4YVZp9nK1zXUrba-APcXKfnZ-3p_xg2bVwz2lK6nQqWSN4ApdodL-A==
X-Firefox-Spdy: h2
|
|
| bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/DN7MGSCFYVCP5O5VG6AWM4/ | 54.230.111.99 | 403 Forbidden | 0 B |
URL HTTP/2bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/DN7MGSCFYVCP5O5VG6AWM4/ IP54.230.111.99:0
| Analyzer | Verdict | Alert |
|---|
| openphish | Luno | | | fortinet | Phishing | |
GET /index_files/DN7MGSCFYVCP5O5VG6AWM4/ HTTP/1.1
Host: bidevtc.d18q12fh7xh36y.amplifyapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bidevtc.d18q12fh7xh36y.amplifyapp.com/verification1.html
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
content-type: application/xml
date: Sat, 03 Dec 2022 05:29:49 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: C0ZlgZ1EFj91ETxgkkNa0nBIPKrXkqXlZNDj-Vym2qf4ebj2zJD6Eg==
X-Firefox-Spdy: h2
|
|
| bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/MXXDHVXQWVACJD4VWOM6NP/ | 54.230.111.99 | 403 Forbidden | 0 B |
URL HTTP/2bidevtc.d18q12fh7xh36y.amplifyapp.com/index_files/MXXDHVXQWVACJD4VWOM6NP/ IP54.230.111.99:0
| Analyzer | Verdict | Alert |
|---|
| openphish | Luno | | | fortinet | Phishing | |
GET /index_files/MXXDHVXQWVACJD4VWOM6NP/ HTTP/1.1
Host: bidevtc.d18q12fh7xh36y.amplifyapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bidevtc.d18q12fh7xh36y.amplifyapp.com/verification1.html
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
content-type: application/xml
date: Sat, 03 Dec 2022 05:29:50 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fZ4D_lZquqHTx_5DjLkT88vALxzbuf0E6qd9sRXZjz3F0G28nxJCvg==
X-Firefox-Spdy: h2
|
|