Report - v5hhx.shop/

Report Overview

Submitted URL
v5hhx.shop/
IP
104.21.57.253
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-25 18:02:23
Access
public
Website Title
Газпром-Инвест Официальный сайт
Final URL
v5hhx.shop/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
66

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-04-24	2.2 kB	127 kB	104.17.25.14
code.jquery.com	634	2005-12-10	2012-05-21	2024-04-25	404 B	90 kB	151.101.130.137
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-25	3.2 kB	184 kB	142.250.74.99
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-25	507 B	29 kB	142.250.74.106
aus5.mozilla.org	2548	1998-01-24	2015-10-27	2024-04-24	512 B	1.2 kB	35.244.181.201
ipinfo.io	8136	2013-04-23	2013-12-16	2024-04-25	409 B	680 B	34.117.186.192
v5hhx.shop	unknown	2024-02-05	2024-02-10	2024-02-11	15 kB	5.1 MB	104.21.57.253

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-04-25 18:01:57	medium	Client IP	34.117.186.192	ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-25	medium	v5hhx.shop/	Gazprom
2024-04-25	medium	v5hhx.shop/	Gazprom
2024-04-25	medium	v5hhx.shop/	Gazprom
2024-04-25	medium	v5hhx.shop/	Gazprom
2024-04-25	medium	v5hhx.shop/	Gazprom
2024-04-25	medium	v5hhx.shop/	Gazprom
2024-04-25	medium	v5hhx.shop/	Gazprom
2024-04-25	medium	v5hhx.shop/	Gazprom
2024-04-25	medium	v5hhx.shop/	Gazprom
2024-04-25	medium	v5hhx.shop/	Gazprom
2024-04-25	medium	v5hhx.shop/	Gazprom
2024-04-25	medium	v5hhx.shop/	Gazprom
2024-04-25	medium	v5hhx.shop/	Gazprom
2024-04-25	medium	v5hhx.shop/	Gazprom
2024-04-25	medium	v5hhx.shop/	Gazprom
2024-04-25	medium	v5hhx.shop/	Gazprom
2024-04-25	medium	v5hhx.shop/	Gazprom
2024-04-25	medium	v5hhx.shop/	Gazprom
2024-04-25	medium	v5hhx.shop/	Gazprom
2024-04-25	medium	v5hhx.shop/	Gazprom
2024-04-25	medium	v5hhx.shop/	Gazprom
2024-04-25	medium	v5hhx.shop/	Gazprom
2024-04-25	medium	v5hhx.shop/	Gazprom
2024-04-25	medium	v5hhx.shop/	Gazprom
2024-04-25	medium	v5hhx.shop/	Gazprom
2024-04-25	medium	v5hhx.shop/	Gazprom
2024-04-25	medium	v5hhx.shop/	Gazprom
2024-04-25	medium	v5hhx.shop/	Gazprom
2024-04-25	medium	v5hhx.shop/	Gazprom
2024-04-25	medium	v5hhx.shop/	Gazprom
2024-04-25	medium	v5hhx.shop/	Gazprom
2024-04-25	medium	v5hhx.shop/	Gazprom
2024-04-25	medium	v5hhx.shop/	Gazprom

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (11)

	URL	Size	First Seen	Last Seen
	cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js	90 kB	2023-03-07	2024-05-05
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-05-05 11:23:47 Times Seen141554 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	v5hhx.shop/l/gaz/js/index.js	992 B	2023-09-16	2024-05-05
Pretty URL v5hhx.shop/l/gaz/js/index.js IP 104.21.57.253 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-16 05:55:04 Last Seen2024-05-05 08:06:52 Times Seen14425 Hash 1adfefb340541281830ef6167ef51db5 6e63bd31cb65aca647043cfd03630fd8f06da6aa 963362ac5b92fb739eff1dce8f8e48238c7b6597d2b8c1b87d18b055277cb05b Loading...

	v5hhx.shop/l/gaz/js/landing_url2.js	257 B	2023-09-16	2024-05-05
Pretty URL v5hhx.shop/l/gaz/js/landing_url2.js IP 104.21.57.253 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-16 05:55:04 Last Seen2024-05-05 08:06:52 Times Seen14464 Hash 2afba324c360fd0ed40f992335bb8c92 699177e3e1a216e054f249ac2f498e26ada9d9a1 9db54e0a4b17459fb1c5f1991a75f3f57e1204b160b90638409391f6234471cd Loading...

	v5hhx.shop/	539 B	2023-09-16	2024-05-05
Pretty URL v5hhx.shop/ IP 104.21.57.253 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-16 05:55:04 Last Seen2024-05-05 08:06:52 Times Seen11339 Hash 468a5049db1adf2d5f4f7c420aeec45f 56f1d3150e5a056be36805153c4ca952df1a5069 0b8f88f3590bd4f0ea8ecd461c920a744f12f337a857c497b93f2b306626993e Loading...

	cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.15/js/utils.js	251 kB	2023-03-07	2024-05-05
Pretty URL cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.15/js/utils.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:15 Last Seen2024-05-05 08:06:53 Times Seen24399 Hash badf39299033bb934da6325eea28ce72 bf68e8fd78007eb5539e08f0621a75c76c977f22 2c70f3d32d8ed2924ff688ad77a9b8f65663a433b5b0e5f4ba38879956961652 Loading...

	code.jquery.com/jquery-3.6.0.min.js	90 kB	2023-03-07	2024-05-05
Pretty URL code.jquery.com/jquery-3.6.0.min.js IP 151.101.130.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-05-05 10:41:27 Times Seen266045 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	v5hhx.shop/	298 B	2023-09-16	2024-05-05
Pretty URL v5hhx.shop/ IP 104.21.57.253 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-16 05:55:04 Last Seen2024-05-05 08:06:52 Times Seen11287 Hash c50bdad10d5fe5ba42c30f80ca8ecbfe 50aedce3f6a2194c7fbe87d2fd538614de8d3e4c 732bf6f9fc306d0e15b283137fb020243e02abe7086aa26ea169ddba6df3f4d0 Loading...

	cdnjs.cloudflare.com/ajax/libs/bootstrap/5.0.1/js/bootstrap.min.js	60 kB	2023-03-07	2024-05-05
Pretty URL cdnjs.cloudflare.com/ajax/libs/bootstrap/5.0.1/js/bootstrap.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:18 Last Seen2024-05-05 08:06:53 Times Seen23102 Hash b5730588db13e71c65bdb1d234089260 282209ef6065e8451a5623c1b208d256d7b14c27 77e1728245a0c2de7d0859163ee081e1113aa75fd6894602cb5eb0d7e739bca9 Loading...

	cdnjs.cloudflare.com/ajax/libs/ion-rangeslider/2.3.1/js/ion.rangeSlider.min.js	41 kB	2023-04-05	2024-05-05
Pretty URL cdnjs.cloudflare.com/ajax/libs/ion-rangeslider/2.3.1/js/ion.rangeSlider.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 23:55:04 Last Seen2024-05-05 08:06:52 Times Seen11659 Hash dd2250b414858d83d5bff500e9c418d8 e6efd1a460c2f6c5d94924079e0f2029b46272cb 54a80c57a4102dcfca059ae31110176b10e52706b4dc15bb6a621f38909ea64b Loading...

	v5hhx.shop/l/gaz/js/intlTelInput.min.js	30 kB	2023-04-07	2024-05-05
Pretty URL v5hhx.shop/l/gaz/js/intlTelInput.min.js IP 104.21.57.253 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-07 08:40:51 Last Seen2024-05-05 08:06:52 Times Seen11500 Hash 9c8154f4404aec64d3fccdf1375da301 4bfc43bdaf6c1e8654e13873c5a99f6369677f35 a7fdd130131c8899e7cda1f6afb542aeb729b8dc5423f00353c682b5460c643c Loading...

	v5hhx.shop/l/gaz/js/errors.js?t=2	4.2 kB	2023-09-16	2024-05-05
Pretty URL v5hhx.shop/l/gaz/js/errors.js?t=2 IP 104.21.57.253 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-16 05:55:04 Last Seen2024-05-05 08:06:53 Times Seen14487 Hash d8bacacbb94df09ddf8d3609d0d18feb ba0208dfefe91cc867282f5bff6bd01de3275d11 566e2f0b77fd55ac4ac6170043c91efe2df9204882d5e030ac2b1169fd167dc1 Loading...

HTTP Transactions (49)

URL IP Response Size

v5hhx.shop/l/gaz/img/logo.png

104.21.57.253

200 OK

1.1 kB

URL GET HTTP/3
v5hhx.shop/l/gaz/img/logo.png
IP
104.21.57.253:443
ASN
#13335 CLOUDFLARENET

Requested by
https://v5hhx.shop/
Certificate
IssuerGoogle Trust Services LLC
Subjectv5hhx.shop
FingerprintDC:AF:A4:EC:10:5A:90:B0:55:CD:BB:EA:B1:62:96:F8:96:E5:94:38
ValidityThu, 04 Apr 2024 12:40:09 GMT - Wed, 03 Jul 2024 12:40:08 GMT

File type
PNG image data, 114 x 56, 4-bit colormap, non-interlaced
Size
1.1 kB (1065 bytes)
Hash
04385fdb7e2e6f1404f87d7c9f10f00a
e1aa2aca309de313e591d4ae0fa2ef66b5fb7a23
fcba35abb4f62bcb7cbba58e9c7c488f5a49b4f3e99cd469dcc3a47f2df44b5c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Gazprom

HTTP Headers

GET /l/gaz/img/logo.png HTTP/1.1
Host: v5hhx.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://v5hhx.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:01:56 GMT
content-type: image/png
content-length: 1065
last-modified: Sun, 05 Mar 2023 06:50:19 GMT
etag: "64043bab-429"
expires: Sat, 25 May 2024 12:23:02 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 20334
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k8DrYTdspptBilVzy2OHiedQYo6pAu%2FGNUYYdF%2FpIIZ9GmoOTTP%2FUkE9qgsJgH3H9Rl3T6n5q0DzDL0QTKZUsk3WGWVkAbbi9EMwJyesOdgGgvCChVZbEHgpKc34"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03dc24e8056c4-OSL
alt-svc: h3=":443"; ma=86400

v5hhx.shop/l/gaz/img/rus.png

104.21.57.253

200 OK

2.3 kB

URL GET HTTP/3
v5hhx.shop/l/gaz/img/rus.png
IP
104.21.57.253:443
ASN
#13335 CLOUDFLARENET

Requested by
https://v5hhx.shop/
Certificate
IssuerGoogle Trust Services LLC
Subjectv5hhx.shop
FingerprintDC:AF:A4:EC:10:5A:90:B0:55:CD:BB:EA:B1:62:96:F8:96:E5:94:38
ValidityThu, 04 Apr 2024 12:40:09 GMT - Wed, 03 Jul 2024 12:40:08 GMT

File type
PNG image data, 162 x 56, 8-bit colormap, non-interlaced
Size
2.3 kB (2336 bytes)
Hash
3019a0f4b4dce8e60124f6f0a43c18b5
59d55a14fa68c7d11044fb0daa78617629372b8e
071b949e723dee01c3dcec2832dba89ac844b30564249ec3e5d1500d10e3f05a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Gazprom

HTTP Headers

GET /l/gaz/img/rus.png HTTP/1.1
Host: v5hhx.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://v5hhx.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:01:56 GMT
content-type: image/png
content-length: 2336
last-modified: Sun, 05 Mar 2023 06:50:19 GMT
etag: "64043bab-920"
expires: Sat, 25 May 2024 12:23:02 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 20334
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UZslkaBys41v2sCvgP1%2FGlHvLogAPNC6zc%2FCK77AcrmPju0M7v0TsePXHoMj8XQ79JQwFvNafVRSGwmyx9%2BVyyMAMkFIxvHQreQpR8TrbN7d25TxRmLdFSYN2m5M"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03dc24e8356c4-OSL
alt-svc: h3=":443"; ma=86400

v5hhx.shop/l/gaz/img/photo.jpg

104.21.57.253

200 OK

32 kB

URL GET HTTP/3
v5hhx.shop/l/gaz/img/photo.jpg
IP
104.21.57.253:443
ASN
#13335 CLOUDFLARENET

Requested by
https://v5hhx.shop/
Certificate
IssuerGoogle Trust Services LLC
Subjectv5hhx.shop
FingerprintDC:AF:A4:EC:10:5A:90:B0:55:CD:BB:EA:B1:62:96:F8:96:E5:94:38
ValidityThu, 04 Apr 2024 12:40:09 GMT - Wed, 03 Jul 2024 12:40:08 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 738x808, components 3
Size
32 kB (32109 bytes)
Hash
3fdae4cd437f4c40b9c08785782fa5ce
9a0f1b6f6bd9dccc1932ba1dc3ed0983e900efd3
8cf9de22d548227ffb3aebe51d012b0352ceeee02e36d215f7b80d0c9bc50d43

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Gazprom

HTTP Headers

GET /l/gaz/img/photo.jpg HTTP/1.1
Host: v5hhx.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://v5hhx.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:01:56 GMT
content-type: image/jpeg
content-length: 32109
last-modified: Sun, 05 Mar 2023 06:50:19 GMT
etag: "64043bab-7d6d"
expires: Sat, 25 May 2024 12:23:03 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 20333
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pdcROpiJ7K1qISe3SYM9PHNmQnL%2BeffU8eC6%2BUcXtubgWOZq4SwT%2F9RFIyCi9Pu74aGM97y%2BmUDmo14klnjReGjZjnFfOuMVxQhY7qo4JKUAzMHKYxECPYsUIjfk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03dc24e8c56c4-OSL
alt-svc: h3=":443"; ma=86400

v5hhx.shop/

104.21.57.253

200 OK

76 kB

URL User Request GET HTTP/2
v5hhx.shop/
IP
104.21.57.253:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectv5hhx.shop
FingerprintDC:AF:A4:EC:10:5A:90:B0:55:CD:BB:EA:B1:62:96:F8:96:E5:94:38
ValidityThu, 04 Apr 2024 12:40:09 GMT - Wed, 03 Jul 2024 12:40:08 GMT

File type
HTML document, Unicode text, UTF-8 text
Size
76 kB (75517 bytes)
Hash
20a61b21f6a51240f8ede962dbb5d869
73b7bd7a08257d0b1e3a695187831f7b0aa9b62e
9f93c478c10c3c03c21a0a8136512d437470efd2110267f711e8b96d38e516fb

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Gazprom

HTTP Headers

GET / HTTP/1.1
Host: v5hhx.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 18:01:56 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.2.13
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: sid=deleted; expires=Wed, 26 Apr 2023 18:01:55 GMT; Max-Age=0; path=/; httponly; samesite=lax
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j7VF58329qTnKwylwVSjckkRPfcekmLOz2Q4j%2BdUlKwaVUj%2BpbknlxJZ%2FMPQVXu0an5BkxaiedYADl5TZFsqaUSn7EngJvoba0iuIcvf0SpruHAunyaKkGoOAxoz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a03dbeec4ab4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

v5hhx.shop/l/gaz/img/license.jpg

104.21.57.253

200 OK

504 kB

URL GET HTTP/3
v5hhx.shop/l/gaz/img/license.jpg
IP
104.21.57.253:443
ASN
#13335 CLOUDFLARENET

Requested by
https://v5hhx.shop/
Certificate
IssuerGoogle Trust Services LLC
Subjectv5hhx.shop
FingerprintDC:AF:A4:EC:10:5A:90:B0:55:CD:BB:EA:B1:62:96:F8:96:E5:94:38
ValidityThu, 04 Apr 2024 12:40:09 GMT - Wed, 03 Jul 2024 12:40:08 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1343x1900, components 3
Size
504 kB (503545 bytes)
Hash
23f74188101be1f61d925652a5a4a125
f7fa278087d032a53275eb4d58e770fb16cc77cc
2039b2ae5b6876263012ee356c4a6dd0c70b595109347f9bee8dd55d60d5558b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Gazprom

HTTP Headers

GET /l/gaz/img/license.jpg HTTP/1.1
Host: v5hhx.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://v5hhx.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:01:56 GMT
content-type: image/jpeg
content-length: 503545
last-modified: Sun, 05 Mar 2023 06:50:19 GMT
etag: "64043bab-7aef9"
expires: Sat, 25 May 2024 12:23:03 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 20333
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NnkwAWF%2FpxYZ3sQ9BS7AIwh5XXRw31xnVgs7uB7BzQkh9icYpyWvjDrbDkAg%2BlTPcx20dJyT%2B%2Fmg3B1WSXFNlra6OfELFqSiNCNfP88b7ITrRRcJ1CA3ro5jImlR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03dc24e8d56c4-OSL
alt-svc: h3=":443"; ma=86400

v5hhx.shop/l/gaz/img/image%2053.jpg

104.21.57.253

200 OK

61 kB

URL GET HTTP/3
v5hhx.shop/l/gaz/img/image%2053.jpg
IP
104.21.57.253:443
ASN
#13335 CLOUDFLARENET

Requested by
https://v5hhx.shop/
Certificate
IssuerGoogle Trust Services LLC
Subjectv5hhx.shop
FingerprintDC:AF:A4:EC:10:5A:90:B0:55:CD:BB:EA:B1:62:96:F8:96:E5:94:38
ValidityThu, 04 Apr 2024 12:40:09 GMT - Wed, 03 Jul 2024 12:40:08 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x564, components 3
Size
61 kB (60749 bytes)
Hash
ff3619179edca92ec7c521620ba4da04
8a361aeca8645a9fe5bab1e1baaf14c79b9beb7f
6b0379257e26ed216b6e14110fe1bef430ef1254d2c8c1668732fbafaec754c6

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Gazprom

HTTP Headers

GET /l/gaz/img/image%2053.jpg HTTP/1.1
Host: v5hhx.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://v5hhx.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:01:56 GMT
content-type: image/jpeg
content-length: 60749
last-modified: Sun, 05 Mar 2023 06:50:19 GMT
etag: "64043bab-ed4d"
expires: Sat, 25 May 2024 12:23:03 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 20333
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fa8%2FpPfp9xqk91WUtCLfdYvwyy%2FOA9jXsvwp1pw2bW32f5PHeb3Ao9R9N7%2BOX9MXTygGFWT9fPMKDv7A3jAtkGa%2Bzv9tjvwnGlEyuYXCousv7W39UMDTpEdtoREi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03dc25e9556c4-OSL
alt-svc: h3=":443"; ma=86400

v5hhx.shop/l/gaz/img/image%2052.jpg

104.21.57.253

200 OK

42 kB

URL GET HTTP/3
v5hhx.shop/l/gaz/img/image%2052.jpg
IP
104.21.57.253:443
ASN
#13335 CLOUDFLARENET

Requested by
https://v5hhx.shop/
Certificate
IssuerGoogle Trust Services LLC
Subjectv5hhx.shop
FingerprintDC:AF:A4:EC:10:5A:90:B0:55:CD:BB:EA:B1:62:96:F8:96:E5:94:38
ValidityThu, 04 Apr 2024 12:40:09 GMT - Wed, 03 Jul 2024 12:40:08 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x564, components 3
Size
42 kB (41866 bytes)
Hash
f0c662297936ce98871f3893f31a8453
fb2739f2545cae2ca591259677416a9d5a91274d
f122b6d4e754445720d6231bee649a99cd53adeb131fabccb058cd9d5d21a68e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Gazprom

HTTP Headers

GET /l/gaz/img/image%2052.jpg HTTP/1.1
Host: v5hhx.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://v5hhx.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:01:56 GMT
content-type: image/jpeg
content-length: 41866
last-modified: Sun, 05 Mar 2023 06:50:19 GMT
etag: "64043bab-a38a"
expires: Sat, 25 May 2024 12:23:03 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 20333
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CBwTT4aUqvWWoeEDn96FMIO4Qfw7XmvsIVs%2FUj0ivgWgyQGzgPax%2F6mPvg9NMnPP5dNOpjD7MJL6gZXj0bCyqByoTPOVp9RZ9Mg7cp2%2BcpFy5BVNrzJiUNFsalh2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03dc25e9656c4-OSL
alt-svc: h3=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

104.17.25.14

200 OK

28 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://v5hhx.shop/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
28 kB (27958 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://v5hhx.shop
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 18:01:56 GMT
content-type: application/javascript; charset=utf-8
content-length: 27958
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 77735
expires: Tue, 15 Apr 2025 18:01:56 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tFCdkBt1VdeZh3focrjL2tsv34Y7fdsSAy4v1bTMAiWAQwvOM6JyR9RFZ%2FWLewE%2F4jgPhHoFbQnXk6D4CZSgAuO7QHxZBJ0aHsfUFywLsGVFJpA0d%2Fm4bHM9ncXjz0c8gpoB1EDN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87a03dc2cd4356a4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/ion-rangeslider/2.3.1/js/ion.rangeSlider.min.js

104.17.25.14

200 OK

7.7 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/ion-rangeslider/2.3.1/js/ion.rangeSlider.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://v5hhx.shop/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (41067)
Size
7.7 kB (7685 bytes)
Hash
b5c1f83e8e2c9fad4a9c7a7e8c34b2fa
a1c7a35489061767940a66b546466ff5212a4625
67adfdac93b9ec1899cd00e55ac1b217e109dc5b379c3e2940f91f8a64f2dd2f

HTTP Headers

GET /ajax/libs/ion-rangeslider/2.3.1/js/ion.rangeSlider.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://v5hhx.shop
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 18:01:56 GMT
content-type: application/javascript; charset=utf-8
content-length: 7685
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ea7-a0d3"
last-modified: Mon, 04 May 2020 16:11:19 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 75049
expires: Tue, 15 Apr 2025 18:01:56 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mkFooTA%2F4jdqNb%2BaEoCobejYeh0Z08jMagkorrNXwV4PiamreV5PIKdZV%2FxngOvHfE6WUozNl%2FqKd0aA8erkD0sk12oBGr72X77hQ1DhlAjXzxFMCfR5FtR3W%2BSNfMGkvnvTd7Ar"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87a03dc2dd4756a4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/bootstrap/5.0.1/js/bootstrap.min.js

104.17.25.14

200 OK

14 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/bootstrap/5.0.1/js/bootstrap.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://v5hhx.shop/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (59812)
Size
14 kB (14192 bytes)
Hash
b5730588db13e71c65bdb1d234089260
282209ef6065e8451a5623c1b208d256d7b14c27
77e1728245a0c2de7d0859163ee081e1113aa75fd6894602cb5eb0d7e739bca9

HTTP Headers

GET /ajax/libs/bootstrap/5.0.1/js/bootstrap.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://v5hhx.shop
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 18:01:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 14192
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "60f76446-3770"
last-modified: Wed, 21 Jul 2021 00:03:18 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 863278
expires: Tue, 15 Apr 2025 18:01:57 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WJiJB5eipUvXj%2FYAMI1cZOFHjJyiPLn07QFdMlpzstgDg7%2FvDPWQjgjh4QF%2B20lt1ZA1lnzTu7RbPtyQ%2BlEzcUMgGC2W2Tr%2F5tC6RcZZpGoaaq6jZWWDHkg2iB3o5Ps24Eq9NGZG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87a03dc35dd256a4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.6.0.min.js

151.101.130.137

200 OK

90 kB

URL GET HTTP/2
code.jquery.com/jquery-3.6.0.min.js
IP
151.101.130.137:443
ASN
#54113 FASTLY

Requested by
https://v5hhx.shop/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
90 kB (89501 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

HTTP Headers

GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://v5hhx.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: "28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 25 Apr 2024 18:01:57 GMT
age: 114597
x-served-by: cache-lga21931-LGA, cache-hel1410034-HEL
x-cache: HIT, HIT
x-cache-hits: 222, 48339
x-timer: S1714068117.041289,VS0,VE0
vary: Accept-Encoding
content-length: 89501
X-Firefox-Spdy: h2

v5hhx.shop/l/gaz/js/errors.js?t=2

104.21.57.253

200 OK

3.5 kB

URL GET HTTP/3
v5hhx.shop/l/gaz/js/errors.js?t=2
IP
104.21.57.253:443
ASN
#13335 CLOUDFLARENET

Requested by
https://v5hhx.shop/
Certificate
IssuerGoogle Trust Services LLC
Subjectv5hhx.shop
FingerprintDC:AF:A4:EC:10:5A:90:B0:55:CD:BB:EA:B1:62:96:F8:96:E5:94:38
ValidityThu, 04 Apr 2024 12:40:09 GMT - Wed, 03 Jul 2024 12:40:08 GMT

File type
Algol 68 source, ASCII text
Size
3.5 kB (3479 bytes)
Hash
d8bacacbb94df09ddf8d3609d0d18feb
ba0208dfefe91cc867282f5bff6bd01de3275d11
566e2f0b77fd55ac4ac6170043c91efe2df9204882d5e030ac2b1169fd167dc1

HTTP Headers

GET /l/gaz/js/errors.js?t=2 HTTP/1.1
Host: v5hhx.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://v5hhx.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:01:56 GMT
content-type: application/javascript; charset=utf8
last-modified: Sun, 05 Mar 2023 06:50:19 GMT
etag: W/"64043bab-1051"
expires: Sat, 25 May 2024 12:23:03 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 20333
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8jIuFhCYTrP5FHLb8GguRwY823HUFGfxjM1IeRMBxy88guZXAzyKdv%2FolJVMuTSpm3G2Xg8xclRQUsf5PdYegwv6UhEKChswZ1zj9AYL5dDRqAibjI4koIuMyvO1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03dc25ea256c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

v5hhx.shop/l/gaz/js/index.js

104.21.57.253

200 OK

5.8 kB

URL GET HTTP/3
v5hhx.shop/l/gaz/js/index.js
IP
104.21.57.253:443
ASN
#13335 CLOUDFLARENET

Requested by
https://v5hhx.shop/
Certificate
IssuerGoogle Trust Services LLC
Subjectv5hhx.shop
FingerprintDC:AF:A4:EC:10:5A:90:B0:55:CD:BB:EA:B1:62:96:F8:96:E5:94:38
ValidityThu, 04 Apr 2024 12:40:09 GMT - Wed, 03 Jul 2024 12:40:08 GMT

File type
JavaScript source, Unicode text, UTF-8 text
Size
5.8 kB (5778 bytes)
Hash
1adfefb340541281830ef6167ef51db5
6e63bd31cb65aca647043cfd03630fd8f06da6aa
963362ac5b92fb739eff1dce8f8e48238c7b6597d2b8c1b87d18b055277cb05b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Gazprom

HTTP Headers

GET /l/gaz/js/index.js HTTP/1.1
Host: v5hhx.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://v5hhx.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:01:56 GMT
content-type: application/javascript; charset=utf8
last-modified: Sun, 05 Mar 2023 06:50:19 GMT
etag: W/"64043bab-3e0"
expires: Sat, 25 May 2024 12:23:03 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 20333
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xIgPeDsSkbXov9sa438MKD1uUwW7LMAWLqh4%2Bvy%2BfKcleXQoB%2FSzu%2BvCrOZ1FD9ytKLfF2GhRFzFbINO5vHpUi%2FmUFxlxDDvCr8j7frvnzyIifk%2BN%2Fz5ZWgJuMb0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03dc25ea056c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

v5hhx.shop/l/gaz/img/img2.svg

104.21.57.253

200 OK

5.3 kB

URL GET HTTP/3
v5hhx.shop/l/gaz/img/img2.svg
IP
104.21.57.253:443
ASN
#13335 CLOUDFLARENET

Requested by
https://v5hhx.shop/
Certificate
IssuerGoogle Trust Services LLC
Subjectv5hhx.shop
FingerprintDC:AF:A4:EC:10:5A:90:B0:55:CD:BB:EA:B1:62:96:F8:96:E5:94:38
ValidityThu, 04 Apr 2024 12:40:09 GMT - Wed, 03 Jul 2024 12:40:08 GMT

File type
SVG Scalable Vector Graphics image
Size
5.3 kB (5273 bytes)
Hash
53a632a7497ecd4803fb4208c9f6843a
c19a1766603c6a401b4352852fbdf6fda05f14a3
5c9c89052bff64e0821767b5219b15f86122901a8de1aec3d9a439cfe8c07ca7

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Gazprom

HTTP Headers

GET /l/gaz/img/img2.svg HTTP/1.1
Host: v5hhx.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://v5hhx.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:01:56 GMT
content-type: image/svg+xml
last-modified: Sun, 05 Mar 2023 06:50:19 GMT
etag: W/"64043bab-4c63"
expires: Sat, 25 May 2024 12:23:02 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 20334
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YR1AunknTBeUlpPhYDcMkMpRkjYnDlYr4iQZUfRP7%2BCK%2FbKgdGasKd%2FE4yNty2rvq6t8ITBl1soKKZ3YhRMtH4RbUGX0a5FG8VKGb9qqqprqT6OPMrJqGGm90ZxP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03dc24e8756c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

v5hhx.shop/l/gaz/img/sprite12.svg

104.21.57.253

200 OK

33 kB

URL GET HTTP/3
v5hhx.shop/l/gaz/img/sprite12.svg
IP
104.21.57.253:443
ASN
#13335 CLOUDFLARENET

Requested by
https://v5hhx.shop/
Certificate
IssuerGoogle Trust Services LLC
Subjectv5hhx.shop
FingerprintDC:AF:A4:EC:10:5A:90:B0:55:CD:BB:EA:B1:62:96:F8:96:E5:94:38
ValidityThu, 04 Apr 2024 12:40:09 GMT - Wed, 03 Jul 2024 12:40:08 GMT

File type
SVG Scalable Vector Graphics image
Size
33 kB (32738 bytes)
Hash
1485211ad1d53b026e468cbf96d186b1
f3704e1e63a905b87060eb6a3b05a4a0d1f4b0ce
42d12b02a2081435a2156ddcc6f9f932e23b9e1c8f0ba7041558fc139c0f69fa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Gazprom

HTTP Headers

GET /l/gaz/img/sprite12.svg HTTP/1.1
Host: v5hhx.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://v5hhx.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:01:57 GMT
content-type: image/svg+xml
last-modified: Sun, 05 Mar 2023 06:50:19 GMT
etag: W/"64043bab-20cb"
expires: Sat, 25 May 2024 12:23:03 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 20334
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KKCtYgUwncL6s7qg600ccxGI2zJMNiKdBq0VzSU9DNhNuSJsgio2T9q4%2F7LwVmvjjBhddubTdS8S0iqFbzvj1MwsPWDAEW8mOnSkGdU%2Fn7TNBXForlZLRPWE0en3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03dc5797856c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2

142.250.74.99

200 OK

35 kB

URL GET HTTP/2
fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://v5hhx.shop/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 34852, version 1.0
Size
35 kB (34852 bytes)
Hash
0e8eefb4549a2edf26c560cb9845952e
8d0b1718aacad934fd0043c87cbc54aa091396bf
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

HTTP Headers

GET /s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://v5hhx.shop
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34852
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 Apr 2024 02:20:38 GMT
expires: Sun, 20 Apr 2025 02:20:38 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
content-type: font/woff2
age: 488479
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.99

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://v5hhx.shop/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://v5hhx.shop
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 08:04:32 GMT
expires: Wed, 23 Apr 2025 08:04:32 GMT
cache-control: public, max-age=31536000
age: 208645
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

v5hhx.shop/l/gaz/img/img3.svg

104.21.57.253

200 OK

29 kB

URL GET HTTP/3
v5hhx.shop/l/gaz/img/img3.svg
IP
104.21.57.253:443
ASN
#13335 CLOUDFLARENET

Requested by
https://v5hhx.shop/
Certificate
IssuerGoogle Trust Services LLC
Subjectv5hhx.shop
FingerprintDC:AF:A4:EC:10:5A:90:B0:55:CD:BB:EA:B1:62:96:F8:96:E5:94:38
ValidityThu, 04 Apr 2024 12:40:09 GMT - Wed, 03 Jul 2024 12:40:08 GMT

File type
SVG Scalable Vector Graphics image
Size
29 kB (28850 bytes)
Hash
0685ab7a7f1613725ac083f51d62dd9e
e9aeb297b2447e9b871fb32dd309434634b705be
693d77da621b2eb643d726ac6cf9bdbd9972311cabbe612700046a5138b32305

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Gazprom

HTTP Headers

GET /l/gaz/img/img3.svg HTTP/1.1
Host: v5hhx.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://v5hhx.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:01:56 GMT
content-type: image/svg+xml
last-modified: Sun, 05 Mar 2023 06:50:19 GMT
etag: W/"64043bab-6e39"
expires: Sat, 25 May 2024 12:23:03 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 20333
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yy89i9p%2FqWfzA9%2BQe%2FSio3GrflhYSSd7dmeU%2Falq09bBEZOqIwRLq7RXX9FQRbKOw3Cz6GB3Y48WNGqq3KmnpqFIhfyp5gS%2FT8pKLPBVGWD9RjZFQO9894wC0LmQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03dc24e8b56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

142.250.74.99

200 OK

27 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://v5hhx.shop/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 26736, version 1.0
Size
27 kB (26736 bytes)
Hash
8404cfed82d322c1be8e149fd9f40eb8
3e3657246db3b889e68d520904ac294a230db56d
8f76526e440538ec1300aa89f671acd1b746925833f7160f6c0e29443008f97f

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://v5hhx.shop
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26736
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 17:21:58 GMT
expires: Fri, 25 Apr 2025 17:21:58 GMT
cache-control: public, max-age=31536000
age: 2399
last-modified: Thu, 14 Dec 2023 02:00:28 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

v5hhx.shop/l/gaz/img/sprite3.svg

104.21.57.253

200 OK

30 kB

URL GET HTTP/3
v5hhx.shop/l/gaz/img/sprite3.svg
IP
104.21.57.253:443
ASN
#13335 CLOUDFLARENET

Requested by
https://v5hhx.shop/
Certificate
IssuerGoogle Trust Services LLC
Subjectv5hhx.shop
FingerprintDC:AF:A4:EC:10:5A:90:B0:55:CD:BB:EA:B1:62:96:F8:96:E5:94:38
ValidityThu, 04 Apr 2024 12:40:09 GMT - Wed, 03 Jul 2024 12:40:08 GMT

File type
SVG Scalable Vector Graphics image
Size
30 kB (29559 bytes)
Hash
3c40078d5ac9621f42c6177e30ff6f16
24824c45dfa39d0dcec2d04b4821710c26f6b4d7
db8561dc1b5c1b3794d437279503e077f71c68d942761641df52169204ab51a2

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Gazprom

HTTP Headers

GET /l/gaz/img/sprite3.svg HTTP/1.1
Host: v5hhx.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://v5hhx.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:01:57 GMT
content-type: image/svg+xml
last-modified: Sun, 05 Mar 2023 06:50:19 GMT
etag: W/"64043bab-1dd4"
expires: Sat, 25 May 2024 12:23:03 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 20334
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PYRnugueEM6l4KisQ3%2Bxk9jtHZmyKb5UePzVPGXApwtw2NjojD%2BuK7B%2FDk5RFhfY57DEQoxpKlvpO4OatjpMdMH303%2B7C%2F2A0oLuNzFoEFfQIuQ52KPefZhHFCb3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03dc5696e56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

v5hhx.shop/l/gaz/js/intlTelInput.min.js

104.21.57.253

200 OK

36 kB

URL GET HTTP/3
v5hhx.shop/l/gaz/js/intlTelInput.min.js
IP
104.21.57.253:443
ASN
#13335 CLOUDFLARENET

Requested by
https://v5hhx.shop/
Certificate
IssuerGoogle Trust Services LLC
Subjectv5hhx.shop
FingerprintDC:AF:A4:EC:10:5A:90:B0:55:CD:BB:EA:B1:62:96:F8:96:E5:94:38
ValidityThu, 04 Apr 2024 12:40:09 GMT - Wed, 03 Jul 2024 12:40:08 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (26995)
Size
36 kB (35611 bytes)
Hash
5c903c8ffd747d2b7db2d362d573bff8
9c0a0caf1658891a03c6030b2a1cbe945719b420
b8f6de98e9dfdcfe1e69e2c779b2f03c2ef56116eedd6341bcee226d87819c6b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Gazprom

HTTP Headers

GET /l/gaz/js/intlTelInput.min.js HTTP/1.1
Host: v5hhx.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://v5hhx.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:01:56 GMT
content-type: application/javascript; charset=utf8
last-modified: Sun, 05 Mar 2023 06:50:19 GMT
etag: W/"64043bab-7351"
expires: Sat, 25 May 2024 12:23:03 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 20333
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4WpzgQ%2FK8xa6hTOh%2BMBjUBExWsJhT%2Ba8tcat0%2BLZLKYqAnqnSQ%2BWaNK5AAZcCdci8fD7bBsAod4PhTlbqrIRwR6skL9hZS95MeCONgQcp1V3tbfoJSenhXkfQlRb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03dc25ea156c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

v5hhx.shop/l/gaz/img/sprite9.svg

104.21.57.253

200 OK

50 kB

URL GET HTTP/3
v5hhx.shop/l/gaz/img/sprite9.svg
IP
104.21.57.253:443
ASN
#13335 CLOUDFLARENET

Requested by
https://v5hhx.shop/
Certificate
IssuerGoogle Trust Services LLC
Subjectv5hhx.shop
FingerprintDC:AF:A4:EC:10:5A:90:B0:55:CD:BB:EA:B1:62:96:F8:96:E5:94:38
ValidityThu, 04 Apr 2024 12:40:09 GMT - Wed, 03 Jul 2024 12:40:08 GMT

File type
SVG Scalable Vector Graphics image
Size
50 kB (49643 bytes)
Hash
3e06cfb0b1b70b477949a032bd368f04
b74b11da343401293158cf66196df6099a9ae40c
e3b83d75777fce9aa2721b6fc5419a31002a385fd2345cda69e6b152f9223554

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Gazprom

HTTP Headers

GET /l/gaz/img/sprite9.svg HTTP/1.1
Host: v5hhx.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://v5hhx.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:01:57 GMT
content-type: image/svg+xml
last-modified: Sun, 05 Mar 2023 06:50:19 GMT
etag: W/"64043bab-c4b"
expires: Sat, 25 May 2024 12:23:03 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 20334
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jDNetUra9oFG9SrmnDOjxzsjS6bOEeGa5zzJxSGraIqSVlD40KaM7n9gCkMUQBZ%2FMnRF6pYCtbaJQfeyoV2JlZU56gyncPSusUX9Hu23cpNkrssZZpItJxmHOHWC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03dc5797c56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

v5hhx.shop/l/gaz/img/flags.png

104.21.57.253

200 OK

71 kB

URL GET HTTP/3
v5hhx.shop/l/gaz/img/flags.png
IP
104.21.57.253:443
ASN
#13335 CLOUDFLARENET

Requested by
https://v5hhx.shop/
Certificate
IssuerGoogle Trust Services LLC
Subjectv5hhx.shop
FingerprintDC:AF:A4:EC:10:5A:90:B0:55:CD:BB:EA:B1:62:96:F8:96:E5:94:38
ValidityThu, 04 Apr 2024 12:40:09 GMT - Wed, 03 Jul 2024 12:40:08 GMT

File type
PNG image data, 5652 x 15, 8-bit/color RGBA, non-interlaced
Size
71 kB (70857 bytes)
Hash
416250f60d785a2e02f17e054d2e4e44
21572c9751e5a3dc20395befa0fcb349c32c4811
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Gazprom

HTTP Headers

GET /l/gaz/img/flags.png HTTP/1.1
Host: v5hhx.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://v5hhx.shop/l/gaz/css/bundle.e15e13582eb553ce5360.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:01:57 GMT
content-type: image/png
content-length: 70857
last-modified: Sun, 05 Mar 2023 06:50:19 GMT
etag: "64043bab-114c9"
expires: Sat, 25 May 2024 12:23:03 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 20334
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=alF1tpB2bfBx%2FnpnzCiLzUuRu0LZxJIZ%2FgO3PyK6UtmtqJkPyrCaXHLMr3J6TGFrs5dtSE0rzoKtNKJBAfH7czLO1FMN711iHWqSjA1XpLpNB1UGCryNW5EgIOZ4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03dc86c3f56c4-OSL
alt-svc: h3=":443"; ma=86400

v5hhx.shop/l/gaz/img/sprite1.svg

104.21.57.253

200 OK

1.2 kB

URL GET HTTP/3
v5hhx.shop/l/gaz/img/sprite1.svg
IP
104.21.57.253:443
ASN
#13335 CLOUDFLARENET

Requested by
https://v5hhx.shop/
Certificate
IssuerGoogle Trust Services LLC
Subjectv5hhx.shop
FingerprintDC:AF:A4:EC:10:5A:90:B0:55:CD:BB:EA:B1:62:96:F8:96:E5:94:38
ValidityThu, 04 Apr 2024 12:40:09 GMT - Wed, 03 Jul 2024 12:40:08 GMT

File type
SVG Scalable Vector Graphics image
Size
1.2 kB (1191 bytes)
Hash
d545476b52540ca23983db14ac2ec935
74311315be08e4bb0f2fea73d79b8462432874f7
b6b83436c3f15526dbb050f066c268bcab5a03b91fbfd764153865f5b10ba385

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Gazprom

HTTP Headers

GET /l/gaz/img/sprite1.svg HTTP/1.1
Host: v5hhx.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://v5hhx.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:01:57 GMT
content-type: image/svg+xml
last-modified: Sun, 05 Mar 2023 06:50:19 GMT
etag: W/"64043bab-76c"
expires: Sat, 25 May 2024 12:23:03 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 20334
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pnijqWTuSSHFysuWSEQdlWDr7XF%2FKhqr1kgEyDsVuVCR5SKvZHVtg3Ja5FzgT4yi%2BJXjCxgryNbvDa5r4C9J%2FTOwNcBW3H9rovMs44fU1Sr7REpK7G6o3CMeWdD7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03dc5696d56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

v5hhx.shop/uniq

104.21.57.253

200 OK

509 B

URL GET HTTP/3
v5hhx.shop/uniq
IP
104.21.57.253:443
ASN
#13335 CLOUDFLARENET

Requested by
https://v5hhx.shop/
Certificate
IssuerGoogle Trust Services LLC
Subjectv5hhx.shop
FingerprintDC:AF:A4:EC:10:5A:90:B0:55:CD:BB:EA:B1:62:96:F8:96:E5:94:38
ValidityThu, 04 Apr 2024 12:40:09 GMT - Wed, 03 Jul 2024 12:40:08 GMT

File type
ASCII text, with no line terminators
Size
509 B (509 bytes)
Hash
444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Gazprom

HTTP Headers

GET /uniq HTTP/1.1
Host: v5hhx.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://v5hhx.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:01:57 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.2.13
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: sid=deleted; expires=Wed, 26 Apr 2023 18:01:56 GMT; Max-Age=0; path=/; httponly; samesite=lax
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ygQJnNUUXsbEHBLt%2FxlBNl5J67uNXpJCkjZY4iQpizxdny4oEmlgtBKdjZ1m8imvcxgAJOMfztiIukAULWy4JE10tRDVT%2BpL%2BQ1a9J3vhJTbTmmxOojanAvtuv97"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a03dc5190d56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

v5hhx.shop/l/gaz/css/bundle.e15e13582eb553ce5360.css

104.21.57.253

200 OK

110 kB

URL GET HTTP/3
v5hhx.shop/l/gaz/css/bundle.e15e13582eb553ce5360.css
IP
104.21.57.253:443
ASN
#13335 CLOUDFLARENET

Requested by
https://v5hhx.shop/
Certificate
IssuerGoogle Trust Services LLC
Subjectv5hhx.shop
FingerprintDC:AF:A4:EC:10:5A:90:B0:55:CD:BB:EA:B1:62:96:F8:96:E5:94:38
ValidityThu, 04 Apr 2024 12:40:09 GMT - Wed, 03 Jul 2024 12:40:08 GMT

File type
Unicode text, UTF-8 text, with very long lines (19902)
Size
110 kB (109742 bytes)
Hash
d6bc30f0477cfd3665bdefec98fb4566
46a0a84c7f1a1adb264644a298784bdb69f04548
cfbfd145b39de672d6ddd2267dd076520bb050550428156df9765099f1a4b5ad

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Gazprom

HTTP Headers

GET /l/gaz/css/bundle.e15e13582eb553ce5360.css HTTP/1.1
Host: v5hhx.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://v5hhx.shop/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:01:56 GMT
content-type: text/css
last-modified: Sun, 05 Mar 2023 06:50:19 GMT
etag: W/"64043bab-d91fb"
expires: Sat, 25 May 2024 12:23:02 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 20334
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0H5ezbbUKwkg%2FoaVuu9HEfzo1LuHNKWiPWPYhBxTa6fB8eptZKr17kfOx224o7M6UUuJzV4J8Rz8XpECAxdNaPJV4CY5agPWbb60GRvAHmFpOj%2FTu6w25EfD4rsm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03dc24e7956c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

v5hhx.shop/l/gaz/img/sprite4.svg

104.21.57.253

200 OK

9.4 kB

URL GET HTTP/3
v5hhx.shop/l/gaz/img/sprite4.svg
IP
104.21.57.253:443
ASN
#13335 CLOUDFLARENET

Requested by
https://v5hhx.shop/
Certificate
IssuerGoogle Trust Services LLC
Subjectv5hhx.shop
FingerprintDC:AF:A4:EC:10:5A:90:B0:55:CD:BB:EA:B1:62:96:F8:96:E5:94:38
ValidityThu, 04 Apr 2024 12:40:09 GMT - Wed, 03 Jul 2024 12:40:08 GMT

File type
SVG Scalable Vector Graphics image
Size
9.4 kB (9428 bytes)
Hash
eef5d4eb7bfe0b509764cce858ec1d2f
872c396247d1db1a2c915484095771640cd47244
e57a4152ea0e055f1bdd8f0336a7cd6c0df80dfc06a660f54bc64c19482ee643

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Gazprom

HTTP Headers

GET /l/gaz/img/sprite4.svg HTTP/1.1
Host: v5hhx.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://v5hhx.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:01:57 GMT
content-type: image/svg+xml
last-modified: Sun, 05 Mar 2023 06:50:19 GMT
etag: W/"64043bab-2a83"
expires: Sat, 25 May 2024 12:23:03 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 20334
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xImukkSRxLzIGY3dtq7KOmebqF7WQPZHSH4iuhVhXPCWIyFf0skR37%2Ft22cRiwRulN0iWuUpc77SLc%2B1dP322xFnlQLxKSaueVrXMWLPXra41oSFEQq3utkiMBPE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03dc5798156c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css?family=Open+Sans:400,700,800|Ubuntu:400,500,700&display=swap&subset=cyrillic,cyrillic-ext,latin-ext

142.250.74.106

200 OK

28 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Open+Sans:400,700,800|Ubuntu:400,500,700&display=swap&subset=cyrillic,cyrillic-ext,latin-ext
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://v5hhx.shop/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT

File type
gzip compressed data, max compression
Size
28 kB (28198 bytes)
Hash
1b77449d8b377b93613e1faa7e4e5a61
66f7d0a2c61f387262d0984aff794154a700e20c
0aaa5db811d76f78cd3a5fc5c13957d42edeb193917528e38f6c300fcbddc80e

HTTP Headers

GET /css?family=Open+Sans:400,700,800|Ubuntu:400,500,700&display=swap&subset=cyrillic,cyrillic-ext,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://v5hhx.shop/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 25 Apr 2024 18:01:57 GMT
date: Thu, 25 Apr 2024 18:01:57 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.15/js/utils.js

104.17.25.14

200 OK

47 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.15/js/utils.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://v5hhx.shop/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (1435)
Size
47 kB (46616 bytes)
Hash
badf39299033bb934da6325eea28ce72
bf68e8fd78007eb5539e08f0621a75c76c977f22
2c70f3d32d8ed2924ff688ad77a9b8f65663a433b5b0e5f4ba38879956961652

HTTP Headers

GET /ajax/libs/intl-tel-input/17.0.15/js/utils.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://v5hhx.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:01:58 GMT
content-type: application/javascript; charset=utf-8
content-length: 46616
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "61a59596-b618"
last-modified: Tue, 30 Nov 2021 03:08:06 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 777423
expires: Tue, 15 Apr 2025 18:01:58 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lqL%2B%2FvElLcOruL8MqpvLDCPe%2Fq5jaw8CeuIp7JSo6r94t8OYiZ40MBAj1eyvThGJk2PHTzlRHw5rWFgKtQksimxI545%2BGqaHi%2B%2FY534TgRbzpff8oh7l0uYdUG5b0WICDzBv3sZR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87a03dcd2d615695-OSL
alt-svc: h3=":443"; ma=86400

v5hhx.shop/l/gaz/css/errors.css

104.21.57.253

200 OK

2.2 MB

URL GET HTTP/3
v5hhx.shop/l/gaz/css/errors.css
IP
104.21.57.253:443
ASN
#13335 CLOUDFLARENET

Requested by
https://v5hhx.shop/
Certificate
IssuerGoogle Trust Services LLC
Subjectv5hhx.shop
FingerprintDC:AF:A4:EC:10:5A:90:B0:55:CD:BB:EA:B1:62:96:F8:96:E5:94:38
ValidityThu, 04 Apr 2024 12:40:09 GMT - Wed, 03 Jul 2024 12:40:08 GMT

File type
ASCII text
Size
2.2 MB (2178138 bytes)
Hash
22a7d010505b33d89e8fe16bb6e7b99e
1d9dbe2cdcdac913fd51cfafa7b9d5d8fa51b5be
3aef2497637b734e03ad0aaff15ffcabf914ccaf430361324de236e53ca69f3d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Gazprom

HTTP Headers

GET /l/gaz/css/errors.css HTTP/1.1
Host: v5hhx.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://v5hhx.shop/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:01:56 GMT
content-type: text/css
last-modified: Sun, 05 Mar 2023 06:50:19 GMT
etag: W/"64043bab-93c"
expires: Sat, 25 May 2024 12:23:02 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 20334
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oo8SUGhYxqazcltDKAQ8KRchxNDoMA7ZTHgsFAjWcci4FurWfgXTW3PDa%2B2wbXimvYt9s8QI6UBxnI%2F54J1NIPotXMeAucciA0%2BsPZ1XTzsPA3dSaSRfqHrsIi%2FN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03dc24e7656c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

v5hhx.shop/l/gaz/img/gaz-platform-preview_Moment.jpg

104.21.57.253

206 Partial Content

35 kB

URL GET HTTP/3
v5hhx.shop/l/gaz/img/gaz-platform-preview_Moment.jpg
IP
104.21.57.253:443
ASN
#13335 CLOUDFLARENET

Requested by
https://v5hhx.shop/
Certificate
IssuerGoogle Trust Services LLC
Subjectv5hhx.shop
FingerprintDC:AF:A4:EC:10:5A:90:B0:55:CD:BB:EA:B1:62:96:F8:96:E5:94:38
ValidityThu, 04 Apr 2024 12:40:09 GMT - Wed, 03 Jul 2024 12:40:08 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [ - TIFF image data, big-endian, direntries=2], baseline, precision 8, 1280x720, components 3
Size
35 kB (34725 bytes)
Hash
154b0211de71c46c1af74197fbcc6cd9
a4dd9bf106c147cd42deb2482f14cafb93955674
b487679bda487edd96cfc8ed8abedfd3dccfd2fd669e4b86492e9de1aeb0a3f6

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Gazprom

HTTP Headers

GET /l/gaz/img/gaz-platform-preview_Moment.jpg HTTP/1.1
Host: v5hhx.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://v5hhx.shop/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 206 Partial Content
date: Thu, 25 Apr 2024 18:01:58 GMT
content-type: image/jpeg
content-length: 1564162
last-modified: Sun, 05 Mar 2023 06:50:19 GMT
etag: "64043bab-17de02"
expires: Sat, 25 May 2024 18:01:58 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
content-range: bytes 0-1564161/1564162
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xp%2B%2B3q1FLxtQZNswyct7ChDCTFewKLq%2F4ZoFMN4XF8rj4yjbYTgf6nXQe73xCWlvhF%2BmxOgp3tPLm57GwhI77lQuGMbgGYkZ1YWY0fwxWdwKQaymTPa1%2Fri8lgGd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03dc8ac6256c4-OSL
alt-svc: h3=":443"; ma=86400

aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml

35.244.181.201

444 B

URL
aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml
IP
35.244.181.201:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
XML 1.0 document, ASCII text, with very long lines (332)
Size
444 B (444 bytes)
Hash
3b324dec137a87ef7e24a30a65b13dd0
c0faa95b2f1018e264b3a14aaf50d1003e6c27b3
6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463

HTTP Headers

GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-06-09-11-51-10.chain; p384ecdsa=nK9joxadShufnF-SCydFRnentbclqLMmuKCJUSewmOD044nt5t0MZppnAs2ZjyvjqVjE3tB8_pXmjH0rCJHCErrSTL7Tape_Me-ietFhSPda_7JvNz-gplGP9C27Uwb7
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
date: Thu, 25 Apr 2024 18:01:44 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 444
age: 31
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.13/css/intlTelInput.css

104.17.25.14

200 OK

25 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.13/css/intlTelInput.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://v5hhx.shop/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text
Size
25 kB (25254 bytes)
Hash
a69aa970266649e0b08c2cb4bc166568
d9314a52085a2bb6d284421bb18a4c546ecb73d4
ad32b1248207ba91fb945a37d38e7c9deafcba849245872203482db42930d491

HTTP Headers

GET /ajax/libs/intl-tel-input/17.0.13/css/intlTelInput.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://v5hhx.shop/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 18:01:57 GMT
content-type: text/css; charset=utf-8
content-length: 1970
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "60c32345-7b2"
last-modified: Fri, 11 Jun 2021 08:48:05 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1822936
expires: Tue, 15 Apr 2025 18:01:57 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YyU9atUuuGhdlxLYrxyTH9p8QO72OVQNpR589QQwEkSo6Fuj8M6xiI5KWGIZ9LQ9TiGyhFU2oRPXmzJfZoKSbD%2BLBXk9n2Z6Zp8i6k4d4rguO03DLvNeXAZ9nWs3suJ6Hkh6LbRA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87a03dc47ef756a4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

v5hhx.shop/l/gaz/img/sprite6.svg

104.21.57.253

200 OK

10 kB

URL GET HTTP/3
v5hhx.shop/l/gaz/img/sprite6.svg
IP
104.21.57.253:443
ASN
#13335 CLOUDFLARENET

Requested by
https://v5hhx.shop/
Certificate
IssuerGoogle Trust Services LLC
Subjectv5hhx.shop
FingerprintDC:AF:A4:EC:10:5A:90:B0:55:CD:BB:EA:B1:62:96:F8:96:E5:94:38
ValidityThu, 04 Apr 2024 12:40:09 GMT - Wed, 03 Jul 2024 12:40:08 GMT

File type
SVG Scalable Vector Graphics image
Size
10 kB (10056 bytes)
Hash
577c76d3485408273e65c1f426004c12
564b0efe86ca0c405e7843e953d2608eb34157be
56e699128aff9d28a360999931de0694df469a397d1d73be4b263a1a3561d36b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Gazprom

HTTP Headers

GET /l/gaz/img/sprite6.svg HTTP/1.1
Host: v5hhx.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://v5hhx.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:01:57 GMT
content-type: image/svg+xml
last-modified: Sun, 05 Mar 2023 06:50:19 GMT
etag: W/"64043bab-2748"
expires: Sat, 25 May 2024 12:23:03 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 20334
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BJrSX6fmyM%2BjSyFlLWBu06CTvK9OtYQS39bH%2BuCN%2BNO6J44OlKLqBeFKoao0WLWRb4R1GCO7J%2BKBUf%2FJYdUIdvuXWn1fY1%2FSlvDUSbwzypLO982WRgHvxpzVUhiG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03dc5696556c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

v5hhx.shop/l/gaz/img/sprite5.svg

104.21.57.253

200 OK

4.5 kB

URL GET HTTP/3
v5hhx.shop/l/gaz/img/sprite5.svg
IP
104.21.57.253:443
ASN
#13335 CLOUDFLARENET

Requested by
https://v5hhx.shop/
Certificate
IssuerGoogle Trust Services LLC
Subjectv5hhx.shop
FingerprintDC:AF:A4:EC:10:5A:90:B0:55:CD:BB:EA:B1:62:96:F8:96:E5:94:38
ValidityThu, 04 Apr 2024 12:40:09 GMT - Wed, 03 Jul 2024 12:40:08 GMT

File type
SVG Scalable Vector Graphics image
Size
4.5 kB (4460 bytes)
Hash
c3bac6d32fe9c133103b2ee76637790e
3feffee9c8136843bcd768659faf4ec01cecd000
4bc5d08ef99bdc338169bf0f0b0643e3beb9bce4c8fd2dceb8b774f4e55fff90

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Gazprom

HTTP Headers

GET /l/gaz/img/sprite5.svg HTTP/1.1
Host: v5hhx.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://v5hhx.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:01:57 GMT
content-type: image/svg+xml
last-modified: Sun, 05 Mar 2023 06:50:19 GMT
etag: W/"64043bab-116c"
expires: Sat, 25 May 2024 12:23:03 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 20334
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qTJfBgJO0lDRYpnU1d5AFvWfWeyidi1ApscftBvXT2fgoCOIIGpS99e5r3ecJd8tZDqvyxCw%2F3AEmzz4NtEsooBPsf8annbtGHghPlX8Qo8tu4VNv6Rv9Q4uTXwd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03dc5798556c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

v5hhx.shop/l/gaz/img/sprite7.svg

104.21.57.253

200 OK

7.7 kB

URL GET HTTP/3
v5hhx.shop/l/gaz/img/sprite7.svg
IP
104.21.57.253:443
ASN
#13335 CLOUDFLARENET

Requested by
https://v5hhx.shop/
Certificate
IssuerGoogle Trust Services LLC
Subjectv5hhx.shop
FingerprintDC:AF:A4:EC:10:5A:90:B0:55:CD:BB:EA:B1:62:96:F8:96:E5:94:38
ValidityThu, 04 Apr 2024 12:40:09 GMT - Wed, 03 Jul 2024 12:40:08 GMT

File type
SVG Scalable Vector Graphics image
Size
7.7 kB (7709 bytes)
Hash
9cd03b34315fb1d8b2e5ea5d645eb561
145842ca640d6b8b05396c0adb0b720e8dd0c97d
0c6a7f69a2b4cd2ee3d7536f54706d729b2da67633315499ee892d920b441d73

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Gazprom

HTTP Headers

GET /l/gaz/img/sprite7.svg HTTP/1.1
Host: v5hhx.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://v5hhx.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:01:57 GMT
content-type: image/svg+xml
last-modified: Sun, 05 Mar 2023 06:50:19 GMT
etag: W/"64043bab-1e1d"
expires: Sat, 25 May 2024 12:23:03 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 20334
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GIWZokWgQVGQKBONjaeMmZYvQCK7dsjoG0tybnnTNVXOG1IcefL2uUEhmIJVbGQpY3bgFZWIJJmZdqU6z2LAZkPv0K7xV%2F8nMTxlrjQhLGwGNPuYG%2BycU8FdfHgb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03dc5898b56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

v5hhx.shop/l/gaz/img/favicon.ico

104.21.57.253

200 OK

1.2 kB

URL GET HTTP/3
v5hhx.shop/l/gaz/img/favicon.ico
IP
104.21.57.253:443
ASN
#13335 CLOUDFLARENET

Requested by
https://v5hhx.shop/
Certificate
IssuerGoogle Trust Services LLC
Subjectv5hhx.shop
FingerprintDC:AF:A4:EC:10:5A:90:B0:55:CD:BB:EA:B1:62:96:F8:96:E5:94:38
ValidityThu, 04 Apr 2024 12:40:09 GMT - Wed, 03 Jul 2024 12:40:08 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Size
1.2 kB (1150 bytes)
Hash
213beed7102b1e9a334ca0e45a90870d
b92df83ff543e68aad4f796826ea93fbd45e7855
8d753707c334888732d902d8680d85a6cf1e458fcced2494875e9812eae03490

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Gazprom

HTTP Headers

GET /l/gaz/img/favicon.ico HTTP/1.1
Host: v5hhx.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://v5hhx.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:01:58 GMT
content-type: image/x-icon
last-modified: Sun, 05 Mar 2023 06:50:19 GMT
etag: W/"64043bab-47e"
expires: Sat, 25 May 2024 12:23:04 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 20334
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5sEQh8K6LMEQseCBkckVmlRhEvkJgzLcJCk9NkLsDW7YF58Wr3S3UA%2BBwv%2FItb0faOVzKRV%2BzQ5K20bSPug%2BcZQoMvHheMmBts01z0ZF0A%2FOZJJCAH4zz4oNPcKC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03dca8e3e56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

v5hhx.shop/l/gaz/img/sprite2.svg

104.21.57.253

200 OK

9.9 kB

URL GET HTTP/3
v5hhx.shop/l/gaz/img/sprite2.svg
IP
104.21.57.253:443
ASN
#13335 CLOUDFLARENET

Requested by
https://v5hhx.shop/
Certificate
IssuerGoogle Trust Services LLC
Subjectv5hhx.shop
FingerprintDC:AF:A4:EC:10:5A:90:B0:55:CD:BB:EA:B1:62:96:F8:96:E5:94:38
ValidityThu, 04 Apr 2024 12:40:09 GMT - Wed, 03 Jul 2024 12:40:08 GMT

File type
SVG Scalable Vector Graphics image
Size
9.9 kB (9932 bytes)
Hash
8d5bb2fc82b75a4c8984bc346c9dc70c
ddc24335ecb65a4026bd99fb04ba2c61c840e902
a7f862e53881475164e35ce88648d046119a849d198dcf104c2b711cb4db160c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Gazprom

HTTP Headers

GET /l/gaz/img/sprite2.svg HTTP/1.1
Host: v5hhx.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://v5hhx.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:01:57 GMT
content-type: image/svg+xml
last-modified: Sun, 05 Mar 2023 06:50:19 GMT
etag: W/"64043bab-26cc"
expires: Sat, 25 May 2024 12:23:03 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 20334
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZjQngbkDkYQt%2FIuMgXis2uriPrBiJu0x%2FZaaQST%2Bdis%2FN5Eno793mHST3OCgOaL8NOxDp6HGBdgE8SqPS0PFeSyk6afA5fdMUTBIYkGFlS9ZQZpb93kvucsJq9bc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03dc5696856c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

v5hhx.shop/l/gaz/img/image%2051.jpg

104.21.57.253

200 OK

65 kB

URL GET HTTP/3
v5hhx.shop/l/gaz/img/image%2051.jpg
IP
104.21.57.253:443
ASN
#13335 CLOUDFLARENET

Requested by
https://v5hhx.shop/
Certificate
IssuerGoogle Trust Services LLC
Subjectv5hhx.shop
FingerprintDC:AF:A4:EC:10:5A:90:B0:55:CD:BB:EA:B1:62:96:F8:96:E5:94:38
ValidityThu, 04 Apr 2024 12:40:09 GMT - Wed, 03 Jul 2024 12:40:08 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x564, components 3
Size
65 kB (65334 bytes)
Hash
b9380925144986fcdef1f5cb82a2e1b7
e333dd7a6e3cb5cfa0ae9670ccf5793af8d6777c
99de95d603e85d20ba9d8bc90a314ab139342b0e58ab78b2c6c17cbab56cd2bc

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Gazprom

HTTP Headers

GET /l/gaz/img/image%2051.jpg HTTP/1.1
Host: v5hhx.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://v5hhx.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:01:56 GMT
content-type: image/jpeg
content-length: 65334
last-modified: Sun, 05 Mar 2023 06:50:19 GMT
etag: "64043bab-ff36"
expires: Sat, 25 May 2024 12:23:03 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 20333
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zkpMtSRZZaFoGOqe6dp6PPER1SiMtUg7uSJp4lb9Bws1U6AiP4oyWfd8gimDgCdzn9gnaOHTlHFlJ11RSF0jPEzSpiE9j2Hfnuz9PLcwFnh1JDeEf2ddJIdzT7CC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03dc24e8e56c4-OSL
alt-svc: h3=":443"; ma=86400

v5hhx.shop/l/gaz/videos/gaz-platform-preview.mp4

104.21.57.253

206 Partial Content

1.6 MB

URL GET HTTP/3
v5hhx.shop/l/gaz/videos/gaz-platform-preview.mp4
IP
104.21.57.253:443
ASN
#13335 CLOUDFLARENET

Requested by
https://v5hhx.shop/
Certificate
IssuerGoogle Trust Services LLC
Subjectv5hhx.shop
FingerprintDC:AF:A4:EC:10:5A:90:B0:55:CD:BB:EA:B1:62:96:F8:96:E5:94:38
ValidityThu, 04 Apr 2024 12:40:09 GMT - Wed, 03 Jul 2024 12:40:08 GMT

File type

Size
1.6 MB (1572864 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Gazprom

HTTP Headers

GET /l/gaz/videos/gaz-platform-preview.mp4 HTTP/1.1
Host: v5hhx.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://v5hhx.shop/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 206 Partial Content
date: Thu, 25 Apr 2024 18:01:57 GMT
content-type: video/mp4
content-length: 33432152
last-modified: Sun, 05 Mar 2023 06:50:20 GMT
etag: "64043bac-1fe2258"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
content-range: bytes 0-33432151/33432152
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R4p4mPLiMIjjhGVe%2FrVmOPXoYdSNlXwMFld40Nb1WFgezWZ9zFAfC%2F%2F4qnK5Xr6nY1Fj6KizWYt%2Fzq4HpHFlEXHt%2B9e5KwL%2FJ9IzMn40tdfemIuTntcDq4x0RDx1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03dc65a6856c4-OSL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2

142.250.74.99

200 OK

30 kB

URL GET HTTP/2
fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://v5hhx.shop/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 29752, version 1.0
Size
30 kB (29752 bytes)
Hash
ab1fc8621287e4ea9319a3136812cf80
fb4ed2e52e2a8d7ac50a7618a0c2ea5507a24ef3
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa

HTTP Headers

GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://v5hhx.shop
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 Apr 2024 22:37:11 GMT
expires: Tue, 22 Apr 2025 22:37:11 GMT
cache-control: public, max-age=31536000
age: 242686
last-modified: Wed, 27 Apr 2022 17:05:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ipinfo.io/json

34.117.186.192

200 OK

280 B

URL GET HTTP/2
ipinfo.io/json
IP
34.117.186.192:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://v5hhx.shop/
Certificate
IssuerLet's Encrypt
Subjectipinfo.io
FingerprintC3:D1:C0:FE:0C:C8:E1:18:4F:C8:22:D0:9C:FF:D9:F4:EF:72:CD:6B
ValidityFri, 19 Apr 2024 20:17:23 GMT - Thu, 18 Jul 2024 20:17:22 GMT

File type
ASCII text, with very long lines (331), with no line terminators
Size
280 B (280 bytes)
Hash
1438617e5afe35240ea18211e338db01
89cd78f604e6cbe17941a252074a02a4a01e4f44
3ea7df984d0727ca5eddf1c01b8f584629a1fb93caa8c0b581e5835ede012c1d

HTTP Headers

GET /json HTTP/1.1
Host: ipinfo.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://v5hhx.shop/
Origin: https://v5hhx.shop
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.24.0
date: Thu, 25 Apr 2024 18:01:57 GMT
content-type: application/json; charset=utf-8
content-length: 280
access-control-allow-origin: *
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
via: 1.1 google
strict-transport-security: max-age=2592000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

v5hhx.shop/l/gaz/js/landing_url2.js

104.21.57.253

200 OK

257 B

URL GET HTTP/3
v5hhx.shop/l/gaz/js/landing_url2.js
IP
104.21.57.253:443
ASN
#13335 CLOUDFLARENET

Requested by
https://v5hhx.shop/
Certificate
IssuerGoogle Trust Services LLC
Subjectv5hhx.shop
FingerprintDC:AF:A4:EC:10:5A:90:B0:55:CD:BB:EA:B1:62:96:F8:96:E5:94:38
ValidityThu, 04 Apr 2024 12:40:09 GMT - Wed, 03 Jul 2024 12:40:08 GMT

File type
ASCII text, with no line terminators
Size
257 B (257 bytes)
Hash
f776ce66f65c39ec530a3bd2d09c9933
ebe59a2d5aaa6b873174e30e6e7f2cdfe7bcb2e4
4a2953bfe6a4596f47493279dd3f86935bf92e02cd00f6782245badb1c9991b2

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Gazprom

HTTP Headers

GET /l/gaz/js/landing_url2.js HTTP/1.1
Host: v5hhx.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://v5hhx.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:01:56 GMT
content-type: application/javascript; charset=utf8
last-modified: Sun, 05 Mar 2023 06:50:19 GMT
etag: W/"64043bab-101"
expires: Sat, 25 May 2024 12:23:03 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 20333
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d5UAcT84p5hKxCFuw7vxIxPSgVMDzf4q3t4qyynHOHNECqZimwkcrqQLaorPr7Y%2B1ePh3oNKesNFR1kL21nkGHbzcUGtIyf4ruJX2hwsJp%2FU1J9xduonODcLP7Hn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03dc25ea356c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKew72j00.woff2

142.250.74.99

200 OK

21 kB

URL GET HTTP/2
fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKew72j00.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://v5hhx.shop/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 20860, version 1.0
Size
21 kB (20860 bytes)
Hash
15b0d42b9ec6606a60edbdcced868466
73ca3f9f966f6722e78409b22db328ce4da475a9
f1400c92345dcd9dbf746acab2c60e8580aa959473e9e56c8772cadcf7734b76

HTTP Headers

GET /s/ubuntu/v20/4iCs6KVjbNBYlgoKew72j00.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://v5hhx.shop
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:50:32 GMT
expires: Fri, 25 Apr 2025 02:50:32 GMT
cache-control: public, max-age=31536000
age: 54685
last-modified: Wed, 27 Apr 2022 16:15:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

v5hhx.shop/l/gaz/img/img.svg

104.21.57.253

200 OK

60 kB

URL GET HTTP/3
v5hhx.shop/l/gaz/img/img.svg
IP
104.21.57.253:443
ASN
#13335 CLOUDFLARENET

Requested by
https://v5hhx.shop/
Certificate
IssuerGoogle Trust Services LLC
Subjectv5hhx.shop
FingerprintDC:AF:A4:EC:10:5A:90:B0:55:CD:BB:EA:B1:62:96:F8:96:E5:94:38
ValidityThu, 04 Apr 2024 12:40:09 GMT - Wed, 03 Jul 2024 12:40:08 GMT

File type
SVG Scalable Vector Graphics image
Size
60 kB (60346 bytes)
Hash
51120bbddd53794d1dd188eeacd1259c
ec43bc418d3644250cafeeada7d5d1133f60c4bb
4bd591ba5310c896b04e725fb1621dc2e66c3e57e97a160efb90848cb6146e70

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Gazprom

HTTP Headers

GET /l/gaz/img/img.svg HTTP/1.1
Host: v5hhx.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://v5hhx.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:01:56 GMT
content-type: image/svg+xml
last-modified: Sun, 05 Mar 2023 06:50:19 GMT
etag: W/"64043bab-ebba"
expires: Sat, 25 May 2024 12:23:02 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 20334
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p8YGZCmDR%2BMYfupQikFrtxm7Fpx872rd9mIZDkvixlPIKMakmWibJSJt2FioRdjMpaJj2dl8jInAmVl8uQTNSpcZarRjvVUJs0e9YujRhNgBtxLAwVkD4aYNDtIa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03dc24e8656c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

v5hhx.shop/l/gaz/img/sprite11.svg

104.21.57.253

200 OK

17 kB

URL GET HTTP/3
v5hhx.shop/l/gaz/img/sprite11.svg
IP
104.21.57.253:443
ASN
#13335 CLOUDFLARENET

Requested by
https://v5hhx.shop/
Certificate
IssuerGoogle Trust Services LLC
Subjectv5hhx.shop
FingerprintDC:AF:A4:EC:10:5A:90:B0:55:CD:BB:EA:B1:62:96:F8:96:E5:94:38
ValidityThu, 04 Apr 2024 12:40:09 GMT - Wed, 03 Jul 2024 12:40:08 GMT

File type
SVG Scalable Vector Graphics image
Size
17 kB (16735 bytes)
Hash
0d31c1df315404c74ab459b7dcdf0445
93182488675530bb2df97dd74acd47fd5f537ebd
ed1b1f5e3a2769494eec30f7c4d37a434861f8eef21280f23e4a1df95a35e654

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Gazprom

HTTP Headers

GET /l/gaz/img/sprite11.svg HTTP/1.1
Host: v5hhx.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://v5hhx.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:01:57 GMT
content-type: image/svg+xml
last-modified: Sun, 05 Mar 2023 06:50:19 GMT
etag: W/"64043bab-415f"
expires: Sat, 25 May 2024 12:23:03 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 20334
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RAIe4c52IQjQ9qudM3gtJkhV7j6aBPpurfUbCaASzcwXmYgNCtN8yK7kHrifiJukO53MzCCpcLH40PHCKMNE5L7p9aRrHQweWdIFxPLhXXjlVKr%2F40OltLfm7w0b"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03dc5797a56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

v5hhx.shop/l/gaz/img/sprite8.svg

104.21.57.253

200 OK

46 kB

URL GET HTTP/3
v5hhx.shop/l/gaz/img/sprite8.svg
IP
104.21.57.253:443
ASN
#13335 CLOUDFLARENET

Requested by
https://v5hhx.shop/
Certificate
IssuerGoogle Trust Services LLC
Subjectv5hhx.shop
FingerprintDC:AF:A4:EC:10:5A:90:B0:55:CD:BB:EA:B1:62:96:F8:96:E5:94:38
ValidityThu, 04 Apr 2024 12:40:09 GMT - Wed, 03 Jul 2024 12:40:08 GMT

File type
SVG Scalable Vector Graphics image
Size
46 kB (45668 bytes)
Hash
df93c5e07081b864c87d0946fe166bd4
06376f1fadeacbf1d4425dbe6647d3c07eb654f4
9dd34c6d50df718d2bd6c5cc7d89733c3bed24cc3badb3ffef0f91cef47f4c5a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Gazprom

HTTP Headers

GET /l/gaz/img/sprite8.svg HTTP/1.1
Host: v5hhx.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://v5hhx.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:01:57 GMT
content-type: image/svg+xml
last-modified: Sun, 05 Mar 2023 06:50:19 GMT
etag: W/"64043bab-b264"
expires: Sat, 25 May 2024 12:23:03 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 20334
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EaOhQhivFBOSrhpapVzgASCOjpZlLpQuYpvl%2B4SBZ%2Brm0jOG4mySoPmOGco00L4YLw5IQ3mxcc%2B%2BqvDyVGvMKhnwx58BUA7m%2FFsLucBZqnRykZgkBRW6vc5BmUto"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03dc5798356c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

v5hhx.shop/l/gaz/img/sprite10.svg

104.21.57.253

200 OK

3.2 kB

URL GET HTTP/3
v5hhx.shop/l/gaz/img/sprite10.svg
IP
104.21.57.253:443
ASN
#13335 CLOUDFLARENET

Requested by
https://v5hhx.shop/
Certificate
IssuerGoogle Trust Services LLC
Subjectv5hhx.shop
FingerprintDC:AF:A4:EC:10:5A:90:B0:55:CD:BB:EA:B1:62:96:F8:96:E5:94:38
ValidityThu, 04 Apr 2024 12:40:09 GMT - Wed, 03 Jul 2024 12:40:08 GMT

File type
SVG Scalable Vector Graphics image
Size
3.2 kB (3226 bytes)
Hash
91d85ff0298bab27a1b4e34c04c34e4d
d01ca7a27b32224355407e3acf1f7916fd6947ab
49926b18d29097ca07044c52ec08c2a8ee90975f4f65a584c4e69d2bc52e6b03

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Gazprom

HTTP Headers

GET /l/gaz/img/sprite10.svg HTTP/1.1
Host: v5hhx.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://v5hhx.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 18:01:57 GMT
content-type: image/svg+xml
last-modified: Sun, 05 Mar 2023 06:50:19 GMT
etag: W/"64043bab-c9a"
expires: Sat, 25 May 2024 12:23:03 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 20334
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pcPbjuRFyXsdq60Pkh4PSoaZT1SoTaJaj8QdQvdv1yW1jxw1P%2FJK5uJZkbRYpawuccYm%2B87GpfKi2gwzJg8RR1VA%2BFbVFE49lrdRw9CJvTq6zP3iXjjepw62bdTd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a03dc5797356c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjtGyNL4U.woff2

142.250.74.99

200 OK

18 kB

URL GET HTTP/2
fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjtGyNL4U.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://v5hhx.shop/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18200, version 1.0
Size
18 kB (18200 bytes)
Hash
8c7519686a5ddf20a3981e660a5f2610
3e0d73d14e4892b36fb5c6a9854c7d2e6bec005a
caeaf02fa4a8a45438c270767c4e50fc7f3ed5f94a4c90984eaacb87c2e8a693

HTTP Headers

GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjtGyNL4U.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://v5hhx.shop
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18200
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 Apr 2024 23:13:40 GMT
expires: Tue, 22 Apr 2025 23:13:40 GMT
cache-control: public, max-age=31536000
age: 240497
last-modified: Wed, 27 Apr 2022 17:10:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML