Report - serialdealer.digidip.net/visit?url=https://dasc.standard.us-east-1.oortech.com/smoot/godson.html#yahoo@yahoo.com

Report Overview

Submitted URL
serialdealer.digidip.net/visit?url=https://dasc.standard.us-east-1.oortech.com/smoot/godson.html#yahoo@yahoo.com
IP
52.29.238.37
ASN
#16509 AMAZON-02
Submitted
2024-04-17 09:44:04
Access
public
Website Title
dasc.standard.us-east-1.oortech.com/smoot/godson.html#yahoo@yahoo.com
Final URL
dasc.standard.us-east-1.oortech.com/smoot/godson.html#yahoo@yahoo.com
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21	2024-04-16	338 B	942 B	143.204.53.97
serialdealer.digidip.net	unknown	2012-08-22	2015-03-05	2024-03-20	1.1 kB	1.9 kB	3.65.142.17
dasc.standard.us-east-1.oortech.com	unknown	2022-03-04	2024-03-18	2024-03-20	2.3 kB	3.5 kB	170.106.47.94
ocsp.trust-provider.cn	unknown	2015-04-09	2022-02-10	2024-04-16	334 B	1.5 kB	183.201.243.154
redir.digidip.net	unknown	2012-08-22	2023-10-19	2024-04-16	608 B	478 B	54.195.90.153

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-03-19	medium	dasc.standard.us-east-1.oortech.com/smoot/godson.html	Generic/Spear Phishing
2024-03-19	medium	dasc.standard.us-east-1.oortech.com/smoot/godson.html	Generic/Spear Phishing
2024-03-19	medium	dasc.standard.us-east-1.oortech.com/smoot/godson.html	Generic/Spear Phishing
2024-03-19	medium	dasc.standard.us-east-1.oortech.com/smoot/godson.html	Generic/Spear Phishing

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (10)

URL IP Response Size

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
b8e8c5c6b2c1dc8faa5f8123730ba257
1092ea888d14f6ffedbbe6fa9fb3cd2c6b96553e
6588c79799029eeee28439df81102cdc19b440c398a20d031d9ab0c3727384da

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Wed, 17 Apr 2024 09:43:39 GMT
Last-Modified: Wed, 17 Apr 2024 08:32:30 GMT
Server: ECAcc (ska/F790)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: igGW_HQjCz_HeY4pnRTywsQR-dCX7JDxm9ZXhtjsFJmxAIEUb4xrCQ==
Age: 4269

serialdealer.digidip.net/visit?url=https://dasc.standard.us-east-1.oortech.com/smoot/godson.html

3.65.142.17

1.1 kB

URL
serialdealer.digidip.net/visit?url=https://dasc.standard.us-east-1.oortech.com/smoot/godson.html
IP
3.65.142.17:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text, with very long lines (375)
Size
1.1 kB (1071 bytes)
Hash
d4726a0f97e1c8f432386d83ff249122
87a660a2c555675dd7531e446f433fffaa2902cc
d98a60bf76b588742b20875f997d316e041ac4f5c59150c84bdd6769541fb555

HTTP Headers

GET /visit?url=https://dasc.standard.us-east-1.oortech.com/smoot/godson.html HTTP/1.1
Host: serialdealer.digidip.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Wed, 17 Apr 2024 09:43:39 GMT
content-type: text/html; charset=UTF-8
location: https://redir.digidip.net/?s=dgd&u=92jkmtrj30ow007db94jmv3lq0jsettkmg596jgrqpoimj0i6&url=https%3A%2F%2Fdasc.standard.us-east-1.oortech.com%2Fsmoot%2Fgodson.html
server: nginx
cache-control: no-cache, private
X-Firefox-Spdy: h2

dasc.standard.us-east-1.oortech.com/smoot/godson.html

170.106.47.94

161 B

URL
dasc.standard.us-east-1.oortech.com/smoot/godson.html
IP
170.106.47.94:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type
ASCII text, with no line terminators
Size
161 B (161 bytes)
Hash
d7fc6cb4dcd624e321aec6259fba143e
b89c69c38b5ee3303b38fe56930705c5561ae425
97941b0d5d167af81c50835c8fa01fab6166cff4e9a387f6028f65ab777939ff

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing

HTTP Headers

GET /smoot/godson.html HTTP/1.1
Host: dasc.standard.us-east-1.oortech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 400 Bad Request
date: Wed, 17 Apr 2024 09:43:41 GMT
content-type: application/xml; charset=utf-8
content-length: 161
server: nginx/1.18.0 (Ubuntu)
access-control-allow-headers: *
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH,HEAD,CONNECT,OPTIONS,TRACE
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Headers, Content-Type, token, refresh_token
access-control-max-age: 3628800
X-Firefox-Spdy: h2

dasc.standard.us-east-1.oortech.com/smoot/godson.html

170.106.47.94

161 B

URL
dasc.standard.us-east-1.oortech.com/smoot/godson.html
IP
170.106.47.94:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type
ASCII text, with no line terminators
Size
161 B (161 bytes)
Hash
7940c7cfdd03f1f1b2328848173e407c
9853abc5f28f1152e5e21d117a7c7ed875c79ad8
01d34a6afde56e70356b4db613970e161db7cd445fa8a8934a267774051690e6

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing

HTTP Headers

GET /smoot/godson.html HTTP/1.1
Host: dasc.standard.us-east-1.oortech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 400 Bad Request
Date: Wed, 17 Apr 2024 09:43:41 GMT
Content-Type: application/xml; charset=utf-8
Content-Length: 161
Connection: keep-alive
Server: nginx/1.18.0 (Ubuntu)
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,PATCH,HEAD,CONNECT,OPTIONS,TRACE
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Headers, Content-Type, token, refresh_token
Access-Control-Max-Age: 3628800

dasc.standard.us-east-1.oortech.com/favicon.ico

170.106.47.94

400 Bad Request

161 B

URL GET HTTP/1.1
dasc.standard.us-east-1.oortech.com/favicon.ico
IP
170.106.47.94:80
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
http://dasc.standard.us-east-1.oortech.com/smoot/godson.html#yahoo@yahoo.com

File type
ASCII text, with no line terminators
Size
161 B (161 bytes)
Hash
34f2569b7ec664f9bd382511159f4f49
0f0c3ba8ec83529f77d0c279b86d8914e3dafaef
646fe983800684efa61d01bac26920d82708023f29ceeb74d1b3f26877263f66

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: dasc.standard.us-east-1.oortech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dasc.standard.us-east-1.oortech.com/smoot/godson.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 400 Bad Request
Date: Wed, 17 Apr 2024 09:43:41 GMT
Content-Type: application/xml; charset=utf-8
Content-Length: 161
Connection: keep-alive
Server: nginx/1.18.0 (Ubuntu)
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,PATCH,HEAD,CONNECT,OPTIONS,TRACE
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Headers, Content-Type, token, refresh_token
Access-Control-Max-Age: 3628800

ocsp.trust-provider.cn/

183.201.243.154

599 B

URL
ocsp.trust-provider.cn/
IP
183.201.243.154:0
ASN
#132510 IDC ShanXi China Mobile communications corporation

File type
data
Size
599 B (599 bytes)
Hash
43ecf75d39bebb0a875d883c682185b6
1ce135249d22ba1bd0322e2bfa48f7dc9023e5bf
6b88113114c60bf799b2139b3eaaf25f211e6f8bb3e9bb1fbbf31b66fd041890

HTTP Headers

POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: volc-dcdn
Content-Type: application/ocsp-response
Content-Length: 599
Connection: keep-alive
Date: Wed, 17 Apr 2024 09:43:41 GMT
Last-Modified: Wed, 17 Apr 2024 01:26:08 GMT
Expires: Wed, 24 Apr 2024 01:26:07 GMT
Etag: "1ce135249d22ba1bd0322e2bfa48f7dc9023e5bf"
Cache-Control: max-age=3600
X-CCACDN-Proxy-ID: scdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
CF-RAY: 875b78e1eee15fe1-SIN
Age: 0
Ctl-Cache-Status: MISS from sg-singapore2-ca13, MISS from fj-quanzhou7-ca52, MISS from zj-shaoxing1-ca15, MISS from zj-shaoxing1-ca14
Request-Id: 661f99cdc60ddf4d92984e619f6f1b4b
via: n157-073-026.njmp.ToB,n183-201-243-132.bdcdn-tycm06.ToB
x-request-ip: 91.90.42.154
x-tt-trace-tag: id=5
x-dsa-trace-id: 1713347021fc4771a81d722912927188467cfdd972
X-Dsa-Origin-Status: 200
server-timing: cdn-cache;desc=MISS,  origin;dur=823, edge;dur=27, cdn-cache;desc=MISS

serialdealer.digidip.net/visit?url=https://dasc.standard.us-east-1.oortech.com/smoot/godson.html

3.65.142.17

302 Found

161 B

URL User Request GET HTTP/2
serialdealer.digidip.net/visit?url=https://dasc.standard.us-east-1.oortech.com/smoot/godson.html
IP
3.65.142.17:443
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subjectvisit.digidip.net
Fingerprint14:D3:3E:DC:26:1F:F3:88:F4:2C:C7:18:A0:5C:36:B6:C0:26:5F:A8
ValidityThu, 06 Jul 2023 00:00:00 GMT - Sat, 03 Aug 2024 23:59:59 GMT

File type

Size
161 B (161 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /visit?url=https://dasc.standard.us-east-1.oortech.com/smoot/godson.html HTTP/1.1
Host: serialdealer.digidip.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Wed, 17 Apr 2024 09:43:39 GMT
content-type: text/html; charset=UTF-8
location: https://redir.digidip.net/?s=dgd&u=92jkmtrj30ow007db94jmv3lq0jsettkmg596jgrqpoimj0i6&url=https%3A%2F%2Fdasc.standard.us-east-1.oortech.com%2Fsmoot%2Fgodson.html
server: nginx
cache-control: no-cache, private
X-Firefox-Spdy: h2

redir.digidip.net/?s=dgd&u=92jkmtrj30ow007db94jmv3lq0jsettkmg596jgrqpoimj0i6&url=https%3A%2F%2Fdasc.standard.us-east-1.oortech.com%2Fsmoot%2Fgodson.html

54.195.90.153

302 Found

161 B

URL User Request GET HTTP/2
redir.digidip.net/?s=dgd&u=92jkmtrj30ow007db94jmv3lq0jsettkmg596jgrqpoimj0i6&url=https%3A%2F%2Fdasc.standard.us-east-1.oortech.com%2Fsmoot%2Fgodson.html
IP
54.195.90.153:443
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subjectredir.digidip.net
Fingerprint38:A4:0C:8F:66:80:DF:C1:96:70:AD:6F:A3:BC:53:EB:C5:58:30:A1
ValidityMon, 18 Mar 2024 00:00:00 GMT - Wed, 16 Apr 2025 23:59:59 GMT

File type

Size
161 B (161 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?s=dgd&u=92jkmtrj30ow007db94jmv3lq0jsettkmg596jgrqpoimj0i6&url=https%3A%2F%2Fdasc.standard.us-east-1.oortech.com%2Fsmoot%2Fgodson.html HTTP/1.1
Host: redir.digidip.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Wed, 17 Apr 2024 09:43:39 GMT
content-type: text/html; charset=utf-8
content-length: 153
location: https://dasc.standard.us-east-1.oortech.com/smoot/godson.html
x-correlation-id: 7dfd875a-df27-491c-bf16-87b40b53a6f8
x-clickout-click-key: 01HVNQ1GWZA1018QHJV7Y04JMY
X-Firefox-Spdy: h2

dasc.standard.us-east-1.oortech.com/smoot/godson.html

170.106.47.94

400 Bad Request

161 B

URL User Request GET HTTP/2
dasc.standard.us-east-1.oortech.com/smoot/godson.html
IP
170.106.47.94:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Certificate
IssuerTrustAsia Technologies, Inc.
Subject*.standard.us-east-1.oortech.com
FingerprintB5:7D:C1:DF:83:AA:29:2B:BC:3A:C0:93:E7:92:D6:09:28:E3:1C:43
ValidityThu, 28 Mar 2024 00:00:00 GMT - Fri, 28 Mar 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
161 B (161 bytes)
Hash
d7fc6cb4dcd624e321aec6259fba143e
b89c69c38b5ee3303b38fe56930705c5561ae425
97941b0d5d167af81c50835c8fa01fab6166cff4e9a387f6028f65ab777939ff

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing

HTTP Headers

GET /smoot/godson.html HTTP/1.1
Host: dasc.standard.us-east-1.oortech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 400 Bad Request
date: Wed, 17 Apr 2024 09:43:41 GMT
content-type: application/xml; charset=utf-8
content-length: 161
server: nginx/1.18.0 (Ubuntu)
access-control-allow-headers: *
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH,HEAD,CONNECT,OPTIONS,TRACE
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Headers, Content-Type, token, refresh_token
access-control-max-age: 3628800
X-Firefox-Spdy: h2

dasc.standard.us-east-1.oortech.com/smoot/godson.html

170.106.47.94

400 Bad Request

161 B

URL User Request GET HTTP/1.1
dasc.standard.us-east-1.oortech.com/smoot/godson.html
IP
170.106.47.94:80
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type
ASCII text, with no line terminators
Size
161 B (161 bytes)
Hash
7940c7cfdd03f1f1b2328848173e407c
9853abc5f28f1152e5e21d117a7c7ed875c79ad8
01d34a6afde56e70356b4db613970e161db7cd445fa8a8934a267774051690e6

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing

HTTP Headers

GET /smoot/godson.html HTTP/1.1
Host: dasc.standard.us-east-1.oortech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 400 Bad Request
Date: Wed, 17 Apr 2024 09:43:41 GMT
Content-Type: application/xml; charset=utf-8
Content-Length: 161
Connection: keep-alive
Server: nginx/1.18.0 (Ubuntu)
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,PATCH,HEAD,CONNECT,OPTIONS,TRACE
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Methods, Access-Control-Allow-Headers, Content-Type, token, refresh_token
Access-Control-Max-Age: 3628800

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (10)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers