URL User Request GET HTTP/2 IP 67.199.248.11:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerDigiCert Inc
Subjectbit.ly
FingerprintA2:9E:97:EA:E4:51:06:C6:7B:BF:11:55:77:67:F5:8F:E5:7A:F7:0A
ValidityFri, 12 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text
Hash 200236d7f156a9f504d9a7813b132812
24f006843551a9fcb8332a98217233aaa586327c
cb67ccbc6a6ec014fe2cad4ba9c8e57974b97a57f3a74969602577ac515e80f2
Analyzer Verdict Alert openphish Monte dei Paschi Di Siena
fortinet Phishing
GET /fastMPS HTTP/1.1
Host: bit.ly
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 00:17:03 GMT
content-type: text/html; charset=utf-8
content-length: 5532
cache-control: private, max-age=90
set-cookie: _bit=n4t0h3-2cfc7eab0597ac0b55-00O; Domain=bit.ly; Expires=Sat, 25 Nov 2023 00:17:03 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
d1ayxb9ooonjts.cloudfront.net/d/C88681CBA60CE9321C6FD2FD8DC97555992FA1A3.png
54.230.245.67200 OK 1.4 kB URL GET HTTP/2 d1ayxb9ooonjts.cloudfront.net/d/C88681CBA60CE9321C6FD2FD8DC97555992FA1A3.png
IP 54.230.245.67:443
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 10be1fc63993fd01005c34be73678406
c88681cba60ce9321c6fd2fd8dc97555992fa1a3
3ce43ec89d890b85133c3a0f68c666b4ff9afb9fdf6d146c642e1d3dcc1cc06b
GET /d/C88681CBA60CE9321C6FD2FD8DC97555992FA1A3.png HTTP/1.1
Host: d1ayxb9ooonjts.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bit.ly/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
content-length: 1421
server: nginx
last-modified: Fri, 03 Feb 2023 01:43:33 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
date: Sun, 28 May 2023 14:26:26 GMT
etag: "10be1fc63993fd01005c34be73678406"
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: h6hr2WnJ2jTyyO1HjMBZjSfp7FYcBxwC7vPaBqrU237yU7WNx5TEfg==
age: 35477
X-Firefox-Spdy: h2
d1ayxb9ooonjts.cloudfront.net/d/ED4B4B67839C89883DD0BCD462FDA54E96FB79ED.svg
54.230.245.67200 OK 55 kB URL GET HTTP/2 d1ayxb9ooonjts.cloudfront.net/d/ED4B4B67839C89883DD0BCD462FDA54E96FB79ED.svg
IP 54.230.245.67:443
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (54837), with no line terminators
Hash 7e0519477cc1d3d7366a23201502af87
ed4b4b67839c89883dd0bcd462fda54e96fb79ed
5ba1988c0124d666326559268701fcf00288e460d5922ec88f9e6634cb829ac4
GET /d/ED4B4B67839C89883DD0BCD462FDA54E96FB79ED.svg HTTP/1.1
Host: d1ayxb9ooonjts.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bit.ly/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
last-modified: Fri, 03 Feb 2023 01:43:33 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
date: Sun, 28 May 2023 15:49:23 GMT
etag: W/"7e0519477cc1d3d7366a23201502af87"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LE2Fb8o5KBzC5-iN9zYA4Yzk-o4ErtNsxMrgLgLmTg8tCcU3hHSJbg==
age: 30459
X-Firefox-Spdy: h2
d1ayxb9ooonjts.cloudfront.net/d/53B03BEE40C746E8FC70731BA2B6902C0FA65CEA.svg
54.230.245.67200 OK 3.5 kB URL GET HTTP/2 d1ayxb9ooonjts.cloudfront.net/d/53B03BEE40C746E8FC70731BA2B6902C0FA65CEA.svg
IP 54.230.245.67:443
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3628), with no line terminators
Hash a13681b385a4114567dc5631b9b8dd07
a5f1ef39615af0dd919499d87494ca92adf71dee
9d75a906beb008505cab22fa9bb4fb22be38069863aea2a3bae502f9004c3aee
GET /d/53B03BEE40C746E8FC70731BA2B6902C0FA65CEA.svg HTTP/1.1
Host: d1ayxb9ooonjts.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bit.ly/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
last-modified: Fri, 03 Feb 2023 01:43:33 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
date: Sun, 28 May 2023 03:10:18 GMT
etag: W/"2eced47f0f8eb035c459a73435cf8ee7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gYsvIer3R4cLsu1JYWX3WKhIw9KGaXEAfJ18Y2U415BG5M428RzsEw==
age: 76235
X-Firefox-Spdy: h2