| mail-live.net-s03.net/en/?code=dc122e823cb198732e83ed78981effa8 |  3.125.99.57 | 200 OK | 2.5 kB |
URL User Request GET HTTP/2mail-live.net-s03.net/en/?code=dc122e823cb198732e83ed78981effa8 IP3.125.99.57:443
CertificateIssuerAmazon Subjectcom-trusted.com FingerprintFC:FA:CE:D5:DD:4A:D8:9F:6C:90:0D:D7:53:CB:0B:C3:0C:53:B6:13 ValiditySun, 07 Apr 2024 00:00:00 GMT - Wed, 07 May 2025 23:59:59 GMT
File typeHTML document, ASCII text Hash9a3669bd673c3e3919fd6867d6bd5ebe c3f1d57a36dd2f9d1d82cdbbd443d4373d6fcc42 561ca805bc49b0f2302fdb12a9a444895f884b21a31e86332bd5ef88feadf465
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Generic/Spear Phishing |
GET /en/?code=dc122e823cb198732e83ed78981effa8 HTTP/1.1
Host: mail-live.net-s03.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 03:59:41 GMT
content-type: text/html
content-length: 2476
server: nginx
last-modified: Thu, 18 Apr 2024 14:26:12 GMT
etag: "66212d84-9ac"
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: strict-origin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mail-live.net-s03.net/assets/fonts/material-icons.min.css?ver=1713450364885 | 3.125.99.57 | 200 OK | 671 B |
URL GET HTTP/2mail-live.net-s03.net/assets/fonts/material-icons.min.css?ver=1713450364885 IP3.125.99.57:443
Requested byhttps://mail-live.net-s03.net/en/?code=dc122e823cb198732e83ed78981effa8 CertificateIssuerAmazon Subjectcom-trusted.com FingerprintFC:FA:CE:D5:DD:4A:D8:9F:6C:90:0D:D7:53:CB:0B:C3:0C:53:B6:13 ValiditySun, 07 Apr 2024 00:00:00 GMT - Wed, 07 May 2025 23:59:59 GMT
File typeASCII text, with very long lines (671), with no line terminators Hash153cb0236d11634c653d18181b3a1613 c172b0d031ca071a42478626bc78cdd44f26b2cb e8e23ea893b24b7b7cfef869d747e400f8f9b0f8c5580a59ce729665daec03fc
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Generic/Spear Phishing |
GET /assets/fonts/material-icons.min.css?ver=1713450364885 HTTP/1.1
Host: mail-live.net-s03.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mail-live.net-s03.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 25 Apr 2024 03:59:41 GMT
content-type: text/css
content-length: 671
server: nginx
last-modified: Thu, 18 Apr 2024 14:26:04 GMT
etag: "66212d7c-29f"
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: strict-origin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mail-live.net-s03.net/assets/fonts/typicons.min.css?ver=1713450364885 | 3.125.99.57 | 200 OK | 15 kB |
URL GET HTTP/2mail-live.net-s03.net/assets/fonts/typicons.min.css?ver=1713450364885 IP3.125.99.57:443
Requested byhttps://mail-live.net-s03.net/en/?code=dc122e823cb198732e83ed78981effa8 CertificateIssuerAmazon Subjectcom-trusted.com FingerprintFC:FA:CE:D5:DD:4A:D8:9F:6C:90:0D:D7:53:CB:0B:C3:0C:53:B6:13 ValiditySun, 07 Apr 2024 00:00:00 GMT - Wed, 07 May 2025 23:59:59 GMT
File typeASCII text, with very long lines (14985), with no line terminators Hash5d68383bd41df3b979ee00688e6e8821 cc754446b7fc19de41d3a2012d37c8281afce9be 8660ed12799916f277ccbb1fa1ba74dc2483dffa91089998ddfed5a9feb32200
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Generic/Spear Phishing |
GET /assets/fonts/typicons.min.css?ver=1713450364885 HTTP/1.1
Host: mail-live.net-s03.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mail-live.net-s03.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 25 Apr 2024 03:59:41 GMT
content-type: text/css
content-length: 14985
server: nginx
last-modified: Thu, 18 Apr 2024 14:26:04 GMT
etag: "66212d7c-3a89"
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: strict-origin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mail-live.net-s03.net/assets/css/styles.css?ver=1713450364885 | 3.125.99.57 | 200 OK | 1.6 kB |
URL GET HTTP/2mail-live.net-s03.net/assets/css/styles.css?ver=1713450364885 IP3.125.99.57:443
Requested byhttps://mail-live.net-s03.net/en/?code=dc122e823cb198732e83ed78981effa8 CertificateIssuerAmazon Subjectcom-trusted.com FingerprintFC:FA:CE:D5:DD:4A:D8:9F:6C:90:0D:D7:53:CB:0B:C3:0C:53:B6:13 ValiditySun, 07 Apr 2024 00:00:00 GMT - Wed, 07 May 2025 23:59:59 GMT
Hashc6838f1b7dae06bd024064d1f24f0bee 8a55735a5d69258535c52c76dec89b49c9b07398 3c24a3baf597cd07ba141c94a8e327d638077824a2aa836de1a9828974a91849
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Generic/Spear Phishing |
GET /assets/css/styles.css?ver=1713450364885 HTTP/1.1
Host: mail-live.net-s03.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mail-live.net-s03.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 25 Apr 2024 03:59:41 GMT
content-type: text/css
content-length: 1648
server: nginx
last-modified: Thu, 18 Apr 2024 14:26:04 GMT
etag: "66212d7c-670"
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: strict-origin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mail-live.net-s03.net/assets/js/version.js?ver=1713450364885 | 3.125.99.57 | 200 OK | 80 B |
URL GET HTTP/2mail-live.net-s03.net/assets/js/version.js?ver=1713450364885 IP3.125.99.57:443
Requested byhttps://mail-live.net-s03.net/en/?code=dc122e823cb198732e83ed78981effa8 CertificateIssuerAmazon Subjectcom-trusted.com FingerprintFC:FA:CE:D5:DD:4A:D8:9F:6C:90:0D:D7:53:CB:0B:C3:0C:53:B6:13 ValiditySun, 07 Apr 2024 00:00:00 GMT - Wed, 07 May 2025 23:59:59 GMT
Hashb0011af9a7a12411a37c6bb45f2bb145 1b67106162e117fceca0f36eb50722dc8ccc78a9 7ddd577dbd825cb40efcb51d5c85d82a73f17ddafbcdd480244a0b0eaaa8d575
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Generic/Spear Phishing |
GET /assets/js/version.js?ver=1713450364885 HTTP/1.1
Host: mail-live.net-s03.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mail-live.net-s03.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 25 Apr 2024 03:59:41 GMT
content-type: application/javascript
content-length: 80
server: nginx
last-modified: Thu, 18 Apr 2024 14:26:04 GMT
etag: "66212d7c-50"
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: strict-origin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mail-live.net-s03.net/assets/fonts/fontawesome-all.min.css?ver=1713450364885 | 3.125.99.57 | 200 OK | 41 kB |
URL GET HTTP/2mail-live.net-s03.net/assets/fonts/fontawesome-all.min.css?ver=1713450364885 IP3.125.99.57:443
Requested byhttps://mail-live.net-s03.net/en/?code=dc122e823cb198732e83ed78981effa8 CertificateIssuerAmazon Subjectcom-trusted.com FingerprintFC:FA:CE:D5:DD:4A:D8:9F:6C:90:0D:D7:53:CB:0B:C3:0C:53:B6:13 ValiditySun, 07 Apr 2024 00:00:00 GMT - Wed, 07 May 2025 23:59:59 GMT
File typeASCII text, with very long lines (40830) Hash81a0b4338f791f33588b3b8a7672dd4b c766be0c45c27e3e7ea6863f9b2bc2522d9836f4 fd702d8d6882cc47c74308ec46b1476035492c3d887741b279bb830c49b9b2bf
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Generic/Spear Phishing |
GET /assets/fonts/fontawesome-all.min.css?ver=1713450364885 HTTP/1.1
Host: mail-live.net-s03.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mail-live.net-s03.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 25 Apr 2024 03:59:41 GMT
content-type: text/css
content-length: 41011
server: nginx
last-modified: Thu, 18 Apr 2024 14:26:04 GMT
etag: "66212d7c-a033"
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: strict-origin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mail-live.net-s03.net/assets/bootstrap/css/bootstrap.min.css?ver=1713450364885 | 3.125.99.57 | 200 OK | 141 kB |
URL GET HTTP/2mail-live.net-s03.net/assets/bootstrap/css/bootstrap.min.css?ver=1713450364885 IP3.125.99.57:443
Requested byhttps://mail-live.net-s03.net/en/?code=dc122e823cb198732e83ed78981effa8 CertificateIssuerAmazon Subjectcom-trusted.com FingerprintFC:FA:CE:D5:DD:4A:D8:9F:6C:90:0D:D7:53:CB:0B:C3:0C:53:B6:13 ValiditySun, 07 Apr 2024 00:00:00 GMT - Wed, 07 May 2025 23:59:59 GMT
File typeASCII text, with very long lines (65324) Size141 kB (140870 bytes) Hashd5b85a4a84702977b70e32ce38f6bf30 ee6efb12cc93fd0f78ebc047600b7f2559395b11 46b4721c80749cc5e1ec6cf4c5fec78a2c51fdfc4ee9c94f2223cdaf4fbd8ced
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Generic/Spear Phishing |
GET /assets/bootstrap/css/bootstrap.min.css?ver=1713450364885 HTTP/1.1
Host: mail-live.net-s03.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mail-live.net-s03.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 25 Apr 2024 03:59:41 GMT
content-type: text/css
content-length: 140870
server: nginx
last-modified: Thu, 18 Apr 2024 14:26:04 GMT
etag: "66212d7c-22646"
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: strict-origin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mail-live.net-s03.net/assets/js/jquery.min.js | 3.125.99.57 | 200 OK | 90 kB |
URL GET HTTP/2mail-live.net-s03.net/assets/js/jquery.min.js IP3.125.99.57:443
Requested byhttps://mail-live.net-s03.net/en/?code=dc122e823cb198732e83ed78981effa8 CertificateIssuerAmazon Subjectcom-trusted.com FingerprintFC:FA:CE:D5:DD:4A:D8:9F:6C:90:0D:D7:53:CB:0B:C3:0C:53:B6:13 ValiditySun, 07 Apr 2024 00:00:00 GMT - Wed, 07 May 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Generic/Spear Phishing |
GET /assets/js/jquery.min.js HTTP/1.1
Host: mail-live.net-s03.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mail-live.net-s03.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 25 Apr 2024 03:59:41 GMT
content-type: application/javascript
content-length: 89501
server: nginx
last-modified: Thu, 18 Apr 2024 14:26:04 GMT
etag: "66212d7c-15d9d"
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: strict-origin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mail-live.net-s03.net/assets/js/bundle.min.js?ver=1713450364885 | 3.125.99.57 | 200 OK | 292 kB |
URL GET HTTP/2mail-live.net-s03.net/assets/js/bundle.min.js?ver=1713450364885 IP3.125.99.57:443
Requested byhttps://mail-live.net-s03.net/en/?code=dc122e823cb198732e83ed78981effa8 CertificateIssuerAmazon Subjectcom-trusted.com FingerprintFC:FA:CE:D5:DD:4A:D8:9F:6C:90:0D:D7:53:CB:0B:C3:0C:53:B6:13 ValiditySun, 07 Apr 2024 00:00:00 GMT - Wed, 07 May 2025 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with CRLF, LF line terminators Size292 kB (291973 bytes) Hash6af2b24b9ad4c2a0eab48d0b00975657 c08043ee196fff57c1fb04b24657d8cba49ec042 623fa1d8e331c56d82440c1b37a66a800403550327dae2d4a3bc32554548d7a7
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Generic/Spear Phishing |
GET /assets/js/bundle.min.js?ver=1713450364885 HTTP/1.1
Host: mail-live.net-s03.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mail-live.net-s03.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 25 Apr 2024 03:59:41 GMT
content-type: application/javascript
content-length: 291973
server: nginx
last-modified: Thu, 18 Apr 2024 14:26:04 GMT
etag: "66212d7c-47485"
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: strict-origin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mail-live.net-s03.net/assets/logo.svg | 3.125.99.57 | 200 OK | 1.0 kB |
URL GET HTTP/2mail-live.net-s03.net/assets/logo.svg IP3.125.99.57:443
Requested byhttps://mail-live.net-s03.net/en/?code=dc122e823cb198732e83ed78981effa8 CertificateIssuerAmazon Subjectcom-trusted.com FingerprintFC:FA:CE:D5:DD:4A:D8:9F:6C:90:0D:D7:53:CB:0B:C3:0C:53:B6:13 ValiditySun, 07 Apr 2024 00:00:00 GMT - Wed, 07 May 2025 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash3b4fe9f5354983a5f3188f3df6d8d881 dede452489fa5150e6b33473817f098d571a0df3 447c3cb7961021002df62bdf8b2fd88843601ffea10c747a0aeaf2dd7289bde6
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Generic/Spear Phishing |
GET /assets/logo.svg HTTP/1.1
Host: mail-live.net-s03.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mail-live.net-s03.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 25 Apr 2024 03:59:42 GMT
content-type: image/svg+xml
content-length: 1039
server: nginx
last-modified: Thu, 18 Apr 2024 14:26:04 GMT
etag: "66212d7c-40f"
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: strict-origin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mail-live.net-s03.net/assets/fonts/fa-regular-400.woff2 | 3.125.99.57 | 200 OK | 12 kB |
URL GET HTTP/2mail-live.net-s03.net/assets/fonts/fa-regular-400.woff2 IP3.125.99.57:443
Requested byhttps://mail-live.net-s03.net/en/?code=dc122e823cb198732e83ed78981effa8 CertificateIssuerAmazon Subjectcom-trusted.com FingerprintFC:FA:CE:D5:DD:4A:D8:9F:6C:90:0D:D7:53:CB:0B:C3:0C:53:B6:13 ValiditySun, 07 Apr 2024 00:00:00 GMT - Wed, 07 May 2025 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 12168, version 1.0 Hash914437d606603d81e81a52e9e9b704b5 5e3d47f9e327334619cf59adf343757f1f7b59b2 ffc3f51a8f40f01a9d86853282c5b952e2a42f88820ef98dee0462a91b93082c
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Generic/Spear Phishing |
GET /assets/fonts/fa-regular-400.woff2 HTTP/1.1
Host: mail-live.net-s03.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://mail-live.net-s03.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 25 Apr 2024 03:59:42 GMT
content-type: application/octet-stream
content-length: 12168
server: nginx
last-modified: Thu, 18 Apr 2024 14:26:04 GMT
etag: "66212d7c-2f88"
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: strict-origin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mail-live.net-s03.net/favicon.ico | 3.125.99.57 | 204 No Content | 0 B |
URL GET HTTP/2mail-live.net-s03.net/favicon.ico IP3.125.99.57:443
Requested byhttps://mail-live.net-s03.net/en/?code=dc122e823cb198732e83ed78981effa8 CertificateIssuerAmazon Subjectcom-trusted.com FingerprintFC:FA:CE:D5:DD:4A:D8:9F:6C:90:0D:D7:53:CB:0B:C3:0C:53:B6:13 ValiditySun, 07 Apr 2024 00:00:00 GMT - Wed, 07 May 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Generic/Spear Phishing |
GET /favicon.ico HTTP/1.1
Host: mail-live.net-s03.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mail-live.net-s03.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Thu, 25 Apr 2024 03:59:42 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: strict-origin
X-Firefox-Spdy: h2
|
|
| api.sosafe.de/v1/user/ip | 52.29.125.85 | 200 OK | 76 B |
IP52.29.125.85:443
Requested byhttps://mail-live.net-s03.net/en/?code=dc122e823cb198732e83ed78981effa8 CertificateIssuerAmazon Subject*.sosafe.de FingerprintD9:1E:C3:EA:9C:F2:D3:26:42:F1:FA:C1:8B:31:AE:C5:E8:4B:89:36 ValiditySun, 25 Feb 2024 00:00:00 GMT - Wed, 26 Mar 2025 23:59:59 GMT
Hashedfbd102dd818e11bce9740c3260f608 b5b43b723c29fe58219099b432d79d3833b139cc 957c24bd324d60081456a437df66bcbc8dc167368dd2749acda20438297df41f
GET /v1/user/ip HTTP/1.1
Host: api.sosafe.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mail-live.net-s03.net/
Origin: https://mail-live.net-s03.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 03:59:42 GMT
content-type: application/json; charset=utf-8
content-length: 76
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
access-control-allow-origin: *
access-control-allow-credentials: true
etag: W/"4c-tbQ7cjwp/lghkJm0MtedODOxOcw"
X-Firefox-Spdy: h2
|
|
| api.sosafe.de/v1/report/info?code=dc122e823cb198732e83ed78981effa8 | 52.29.125.85 | 200 OK | 624 B |
URL GET HTTP/2api.sosafe.de/v1/report/info?code=dc122e823cb198732e83ed78981effa8 IP52.29.125.85:443
Requested byhttps://mail-live.net-s03.net/en/?code=dc122e823cb198732e83ed78981effa8 CertificateIssuerAmazon Subject*.sosafe.de FingerprintD9:1E:C3:EA:9C:F2:D3:26:42:F1:FA:C1:8B:31:AE:C5:E8:4B:89:36 ValiditySun, 25 Feb 2024 00:00:00 GMT - Wed, 26 Mar 2025 23:59:59 GMT
Hash8e2b9645e97ffab37fdee8b8a426d879 4252a7b0ae5865c24e9497b1c4948827db777bf7 771f9e65fb86c106152466d28292c6f69923dd18d02703445b8c6f8870ec473d
GET /v1/report/info?code=dc122e823cb198732e83ed78981effa8 HTTP/1.1
Host: api.sosafe.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mail-live.net-s03.net/
Origin: https://mail-live.net-s03.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 25 Apr 2024 03:59:42 GMT
content-type: application/json; charset=utf-8
content-length: 624
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
access-control-allow-origin: *
access-control-allow-credentials: true
etag: W/"270-QlKnsK5YZcJOlJexxJSIJ9t3e/c"
X-Firefox-Spdy: h2
|
|
| sentry.sosafe.de/api/25/envelope/?sentry_key=f4fcbdbd596c4b2cb672b939a7ee93c6&sentry_version=7 | 18.193.21.21 | 200 OK | 2 B |
URL POST HTTP/2sentry.sosafe.de/api/25/envelope/?sentry_key=f4fcbdbd596c4b2cb672b939a7ee93c6&sentry_version=7 IP18.193.21.21:443
Requested byhttps://mail-live.net-s03.net/en/?code=dc122e823cb198732e83ed78981effa8 CertificateIssuerAmazon Subjectsentry.sosafe.de FingerprintAD:B6:5D:AF:A2:F9:E0:81:CC:5F:60:CE:80:D7:1E:82:D5:D5:1E:60 ValidityWed, 10 Apr 2024 00:00:00 GMT - Fri, 09 May 2025 23:59:59 GMT
Hash99914b932bd37a50b983c5e7c90ae93b bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/25/envelope/?sentry_key=f4fcbdbd596c4b2cb672b939a7ee93c6&sentry_version=7 HTTP/1.1
Host: sentry.sosafe.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mail-live.net-s03.net/
Content-Type: text/plain;charset=UTF-8
Content-Length: 443
Origin: https://mail-live.net-s03.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 03:59:42 GMT
content-type: application/json
content-length: 2
server: nginx
access-control-allow-origin: https://mail-live.net-s03.net
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
vary: Origin
X-Firefox-Spdy: h2
|
|
| api.sosafe.de/v1/report?code=dc122e823cb198732e83ed78981effa8&type=2 | 52.29.125.85 | 200 OK | 127 kB |
URL GET HTTP/2api.sosafe.de/v1/report?code=dc122e823cb198732e83ed78981effa8&type=2 IP52.29.125.85:443
Requested byhttps://mail-live.net-s03.net/en/?code=dc122e823cb198732e83ed78981effa8 CertificateIssuerAmazon Subject*.sosafe.de FingerprintD9:1E:C3:EA:9C:F2:D3:26:42:F1:FA:C1:8B:31:AE:C5:E8:4B:89:36 ValiditySun, 25 Feb 2024 00:00:00 GMT - Wed, 26 Mar 2025 23:59:59 GMT
Size127 kB (127077 bytes) Hashe6c7c0dc31f60a232c1ce9b1e0d1bf69 6cae18966af3f32b686f6fe65d620fd7e6a7b8f1 703252fd9cbd7da9cbfe3bf7fbc75a0a8c2af902843210c3c722ded029f269e5
GET /v1/report?code=dc122e823cb198732e83ed78981effa8&type=2 HTTP/1.1
Host: api.sosafe.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mail-live.net-s03.net/
Origin: https://mail-live.net-s03.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 25 Apr 2024 03:59:42 GMT
content-type: application/json; charset=utf-8
content-length: 127077
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
access-control-allow-origin: *
access-control-allow-credentials: true
etag: W/"1f065-bK4Ylmrz8ytob2/mXWIP1+anuPE"
X-Firefox-Spdy: h2
|
|