| linklock.titanhq.com/analyse?url=https://Prestagefarms.oliviagerden.com/tjohnson46525523fessdGpvaG5zb25AcHJlc3RhZ2VmYXJtcy5jb20=70416493?3538747334532680=6196749014251598%23dGpvaG5zb25AcHJlc3RhZ2VmYXJtcy5jb20=&data=eJyNjL1OwzAURp_GGZF9r68TDx6qohZ1QIgBCltqO4lL_mS7EfD0pEIMiAXpWz6do2ONEq4CrgTWJenCmTn6lOvWN3Uc0o2dhmIwbfP8tj3eAy0yFsm4GBYfmeTuEv17P7Uh5WC_5WjyeerGNI0r_9u6mC7nOTHcMNite_hlTH1Ywvqi8-NVX4WfmlQERICNT8nt56Xe0-cJaGPvDr3Fx-4VnoaX4yHbDzqfgDO8LbkUSmpkuEPCqpQloiQEVV2pElqVUnMhgQTpigH-L_sFlnNhtQ%25%25 | 3.124.33.45 | | 209 B |
URL linklock.titanhq.com/analyse?url=https://Prestagefarms.oliviagerden.com/tjohnson46525523fessdGpvaG5zb25AcHJlc3RhZ2VmYXJtcy5jb20=70416493?3538747334532680=6196749014251598%23dGpvaG5zb25AcHJlc3RhZ2VmYXJtcy5jb20=&data=eJyNjL1OwzAURp_GGZF9r68TDx6qohZ1QIgBCltqO4lL_mS7EfD0pEIMiAXpWz6do2ONEq4CrgTWJenCmTn6lOvWN3Uc0o2dhmIwbfP8tj3eAy0yFsm4GBYfmeTuEv17P7Uh5WC_5WjyeerGNI0r_9u6mC7nOTHcMNite_hlTH1Ywvqi8-NVX4WfmlQERICNT8nt56Xe0-cJaGPvDr3Fx-4VnoaX4yHbDzqfgDO8LbkUSmpkuEPCqpQloiQEVV2pElqVUnMhgQTpigH-L_sFlnNhtQ%25%25 IP3.124.33.45:0
File typeHTML document, ASCII text Hashdef9863e66a2a7c4f73bc50a4827a0db 2a5a3d2be1ca8566625ab1bf8b43de4866463aa3 d5dfe3b41c0d8bf6550c5b53f7dad5c98001fa95b2aea45198e78ee43937f661
GET /analyse?url=https://Prestagefarms.oliviagerden.com/tjohnson46525523fessdGpvaG5zb25AcHJlc3RhZ2VmYXJtcy5jb20=70416493?3538747334532680=6196749014251598%23dGpvaG5zb25AcHJlc3RhZ2VmYXJtcy5jb20=&data=eJyNjL1OwzAURp_GGZF9r68TDx6qohZ1QIgBCltqO4lL_mS7EfD0pEIMiAXpWz6do2ONEq4CrgTWJenCmTn6lOvWN3Uc0o2dhmIwbfP8tj3eAy0yFsm4GBYfmeTuEv17P7Uh5WC_5WjyeerGNI0r_9u6mC7nOTHcMNite_hlTH1Ywvqi8-NVX4WfmlQERICNT8nt56Xe0-cJaGPvDr3Fx-4VnoaX4yHbDzqfgDO8LbkUSmpkuEPCqpQloiQEVV2pElqVUnMhgQTpigH-L_sFlnNhtQ%25%25 HTTP/1.1
Host: linklock.titanhq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Tue, 16 Apr 2024 11:15:45 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 209
Connection: keep-alive
Location: https://Prestagefarms.oliviagerden.com/tjohnson46525523fessdGpvaG5zb25AcHJlc3RhZ2VmYXJtcy5jb20=70416493?3538747334532680=6196749014251598#dGpvaG5zb25AcHJlc3RhZ2VmYXJtcy5jb20=
|
|
| prestagefarms.oliviagerden.com/tjohnson46525523fessdGpvaG5zb25AcHJlc3RhZ2VmYXJtcy5jb20=70416493?3538747334532680=6196749014251598 | 172.67.160.169 | | 167 B |
URL prestagefarms.oliviagerden.com/tjohnson46525523fessdGpvaG5zb25AcHJlc3RhZ2VmYXJtcy5jb20=70416493?3538747334532680=6196749014251598 IP172.67.160.169:0
File typeHTML document, ASCII text, with CRLF line terminators Hash0104c301c5e02bd6148b8703d19b3a73 7436e0b4b1f8c222c38069890b75fa2baf9ca620 446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f
GET /tjohnson46525523fessdGpvaG5zb25AcHJlc3RhZ2VmYXJtcy5jb20=70416493?3538747334532680=6196749014251598 HTTP/1.1
Host: prestagefarms.oliviagerden.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Tue, 16 Apr 2024 11:15:45 GMT
content-type: text/html
content-length: 167
location: https://flowcode.com/p/H75J8ePKt?3538747334532680=6196749014251598
cache-control: max-age=3600
expires: Tue, 16 Apr 2024 12:15:45 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4OXOxLPwCf0y4PDh%2BKHPAvV3yN7RAM7pmX90OSDWST6ligHMfBqfthIQw%2BfoPEMpj4UaJuIlAx90pB6NpCoHGQjeJGTcRZ9nq0BhVgx1Em%2BhpXGcWiMWHl9cMQdOvUmW4haz4eQq8P9%2F3giPqlLgZig%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8753c2612d6e0b45-OSL
X-Firefox-Spdy: h2
|
|
| flowcode.com/p/H75J8ePKt?3538747334532680=6196749014251598 | 172.64.145.98 | | 657 B |
URL flowcode.com/p/H75J8ePKt?3538747334532680=6196749014251598 IP172.64.145.98:0
Hashcad4eb9cc94e0011fdd8150a083f81d9 45a8176949f8002878f090bc455f990c743fa7d6 cafdc8dee7aff2783f55256afeadcb59039a57d60abdbb15589d4a46d6fdfed8
GET /p/H75J8ePKt?3538747334532680=6196749014251598 HTTP/1.1
Host: flowcode.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Tue, 16 Apr 2024 11:15:45 GMT
content-type: text/html; charset=utf-8
location: https://bannedbookslist.com/access/index.html
expires: Thu, 01 Jan 1970 00:00:00 UTC
pragma: no-cache
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
set-cookie: rdservice=72a2134a-22ab-4aee-b6da-18665e0ffe7c-SSE:1713266145; Path=/; Domain=flowcode.com; Expires=Sun, 16 Apr 2034 11:15:45 GMT; Secure; SameSite=None
__cf_bm=bGQQrtqVkHmy6.b1HXavIKHbi_JFW8rQueUbi_sv53w-1713266145-1.0.1.1-abTibaeCT7tRQ91hCIxPdv1pUi4pyo73FsgoowJYkMaQ69M1Ghc9pX1p8GcLMTO2yda4jajVxukjRecSgpx4uQ; path=/; expires=Tue, 16-Apr-24 11:45:45 GMT; domain=.flowcode.com; HttpOnly; Secure; SameSite=None
_cfuvid=4y6YyVI23MFEeOYwQhyPv1Q7HlhZaDusbJOUA5fuP24-1713266145710-0.0.1.1-604800000; path=/; domain=.flowcode.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8753c261efa2b517-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.r2m03.amazontrust.com/ | 143.204.53.97 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP143.204.53.97:0
Hasha4018e5f5eac4e2f489b31f16995ae57 1d46ccfb68978d15559d75ede9f11eeca12d4cd0 49f24410b396ee36ca6fad57a8b78a42a629cf08052711942dce4513c6281b36
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: max-age=7200
Date: Tue, 16 Apr 2024 11:15:47 GMT
Server: ECAcc (amb/6B64)
X-Cache: Miss from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _9RA75X3dscZeM2POr1ruG6LkvgC7ApuyA1Mng-uijfzEBTE0qbwjA==
|
|
| bannedbookslist.com/favicon.ico | 192.254.187.85 | | 462 B |
URL bannedbookslist.com/favicon.ico IP192.254.187.85:0 ASN#46606 UNIFIEDLAYER-AS-1
File typeHTML document, ASCII text Hashdbf8ec3db1d4b93b848197591827939c 2e12f671d6101f52060133c32f8d359af756f9b2 63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666
GET /favicon.ico HTTP/1.1
Host: bannedbookslist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bannedbookslist.com/access/index.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
date: Tue, 16 Apr 2024 11:15:47 GMT
server: nginx/1.21.6
content-type: text/html
content-length: 462
last-modified: Tue, 07 Jan 2020 01:46:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ocsp.r2m03.amazontrust.com/ | 143.204.53.97 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP143.204.53.97:0
Hasha4018e5f5eac4e2f489b31f16995ae57 1d46ccfb68978d15559d75ede9f11eeca12d4cd0 49f24410b396ee36ca6fad57a8b78a42a629cf08052711942dce4513c6281b36
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: max-age=7200
Date: Tue, 16 Apr 2024 11:15:47 GMT
Server: ECAcc (amb/6B43)
X-Cache: Miss from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xw3e7f8rFOte_54kKSJr810OJOtmME9UBPa-iJPAT0CfzffkKtWezg==
|
|
| online.dfgy3p2et5no4.amplifyapp.com/ | 54.230.111.27 | 200 OK | 87 kB |
URL User Request GET HTTP/2online.dfgy3p2et5no4.amplifyapp.com/ IP54.230.111.27:443
CertificateIssuerAmazon Subject*.dfgy3p2et5no4.amplifyapp.com FingerprintE7:F6:44:2B:8B:EB:42:E8:76:6E:F1:57:C0:88:6B:27:3B:07:24:58 ValidityTue, 16 Apr 2024 00:00:00 GMT - Thu, 15 May 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET / HTTP/1.1
Host: online.dfgy3p2et5no4.amplifyapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bannedbookslist.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
date: Tue, 16 Apr 2024 11:15:47 GMT
server: AmazonS3
etag: W/"1c24ebcf949041e343d3359e31414ab4"
last-modified: Tue, 16 Apr 2024 07:22:53 GMT
cache-control: public, max-age=0, s-maxage=2
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: SwFIZNoCCt9NNwfVWhmGMOKG5m1UTDx3kj6DwjWnsKjiPN0wXqefIQ==
X-Firefox-Spdy: h2
|
|