| track.responsegift.com/cbd34e57-ef01-47ba-b82c-fa437f912456/2 | 18.192.249.87 | 302 Found | 0 B |
URL User Request GET HTTP/2track.responsegift.com/cbd34e57-ef01-47ba-b82c-fa437f912456/2 IP18.192.249.87:443
CertificateIssuerLet's Encrypt Subjecttrack.responsegift.com FingerprintF0:87:A1:EF:55:28:F7:F4:84:AA:D2:13:2A:41:38:AD:67:D9:44:97 ValidityFri, 29 Mar 2024 06:54:04 GMT - Thu, 27 Jun 2024 06:54:03 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cbd34e57-ef01-47ba-b82c-fa437f912456/2 HTTP/1.1
Host: track.responsegift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Fri, 19 Apr 2024 11:36:49 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://1.alkads.com/ze1/?cep=l-UKBG_iIK_-X4WPNnPxOYwa7iBgVzRLvrcmLFeD9NXV_RDoAlnBrsjurdpa-7SdZAs2R9CJv7ZSWK4h8L_T8Zshci8ovcO9AUC8LJuYF1DWxIsIPlZfWSU68WHi5sH7lrZ36QGXI_439fg4Cu-AjQeqmV7bB_Qc178sfGacBHrO_sniQyXXfHuDHtUux-iBKJoxM7L_pxY5u3izyBLcKTbBTk0yNbOaY1ei-_guFsZsFO_uHDg4_UXALkgeX9DkJB8B2PhejOdUzngEmfRevR2wpfgTCUecyHABvh1Usxx9QaheIGr3K9rOcFP-x5A4itz8dzEYEuUxMOInRsAO1SthQzX5rk03fH4WIritslCa2ekUTnrQcgYB5eWQMLgN&lptoken=176113c052f1840609fd
pragma: no-cache
set-cookie: cbd34e57-ef01-47ba-b82c-fa437f912456-v4=UyNVd2JnPqBHMbq5zssJwJCYF_GXbV1vKwR4TYik45U; Max-Age=86400; Expires=Sat, 20-Apr-2024 11:36:49 GMT; Domain=track.responsegift.com; Path=/; Secure; HttpOnly;SameSite=None
cep-v4=aD85dxIuS26NkagiI83toQkmKlbE1vWey8JzqpoaDFImpvrmjiyKHOlmF9ztJ_jiuJqVR6zT4sk5SaHMIWdKQXefK2XyP58u2RwpjWgt5kgJHe3pRXQzqxakDO59Rj_0ldkyFjlDdnDvply816KdP-J9KDtQPAOJ-2wQG27gP2ACt21XgGVVcI2aXOIQrFMSy_CGMKg-2WH0JKYH1Cb-ACbGiRkLLK5GQ6PZhiJyuwLe50OkV3BrOh7g07yNbpkfyKFyy2YhervJ9SaZi1vkb5l5ghxtQR_iLijpwltto1EL2PoaI0kSpHc-EuF2IZP__m4KBMD9xGSaVaC5ClTUCTiYSF5EmSKCNkGd7w2oCt2pHvoY-tHrDQggI333sdBN; Max-Age=86400; Expires=Sat, 20-Apr-2024 11:36:49 GMT; Domain=track.responsegift.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/p.js?f=sync&lr=1&partner=9c663d1007dec76d517c8d649a86f6072a79b5585ab25d14184327476f4627a8 | 139.45.195.8 | 200 OK | 697 B |
URL GET HTTP/2my.rtmark.net/p.js?f=sync&lr=1&partner=9c663d1007dec76d517c8d649a86f6072a79b5585ab25d14184327476f4627a8 IP139.45.195.8:443
Requested byhttps://1.alkads.com/ze1/?cep=l-UKBG_iIK_-X4WPNnPxOYwa7iBgVzRLvrcmLFeD9NXV_RDoAlnBrsjurdpa-7SdZAs2R9CJv7ZSWK4h8L_T8Zshci8ovcO9AUC8LJuYF1DWxIsIPlZfWSU68WHi5sH7lrZ36QGXI_439fg4Cu-AjQeqmV7bB_Qc178sfGacBHrO_sniQyXXfHuDHtUux-iBKJoxM7L_pxY5u3izyBLcKTbBTk0yNbOaY1ei-_guFsZsFO_uHDg4_UXALkgeX9DkJB8B2PhejOdUzngEmfRevR2wpfgTCUecyHABvh1Usxx9QaheIGr3K9rOcFP-x5A4itz8dzEYEuUxMOInRsAO1SthQzX5rk03fH4WIritslCa2ekUTnrQcgYB5eWQMLgN&lptoken=176113c052f1840609fd CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
File typeJavaScript source, ASCII text Hashc0f0f92ca7ad5742bab3604a5edcead3 39a8119d6b9942d6676c0805fa41c931874df4f3 f7406dc2b25e60330427144a83f4f94fb15b2938347405f0648619e1bf7dbbc6
GET /p.js?f=sync&lr=1&partner=9c663d1007dec76d517c8d649a86f6072a79b5585ab25d14184327476f4627a8 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1.alkads.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 11:36:49 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| 1.alkads.com/ze1/png/logo.png | 104.21.43.240 | 200 OK | 3.0 kB |
URL GET HTTP/31.alkads.com/ze1/png/logo.png IP104.21.43.240:443
Requested byhttps://1.alkads.com/ze1/?cep=l-UKBG_iIK_-X4WPNnPxOYwa7iBgVzRLvrcmLFeD9NXV_RDoAlnBrsjurdpa-7SdZAs2R9CJv7ZSWK4h8L_T8Zshci8ovcO9AUC8LJuYF1DWxIsIPlZfWSU68WHi5sH7lrZ36QGXI_439fg4Cu-AjQeqmV7bB_Qc178sfGacBHrO_sniQyXXfHuDHtUux-iBKJoxM7L_pxY5u3izyBLcKTbBTk0yNbOaY1ei-_guFsZsFO_uHDg4_UXALkgeX9DkJB8B2PhejOdUzngEmfRevR2wpfgTCUecyHABvh1Usxx9QaheIGr3K9rOcFP-x5A4itz8dzEYEuUxMOInRsAO1SthQzX5rk03fH4WIritslCa2ekUTnrQcgYB5eWQMLgN&lptoken=176113c052f1840609fd CertificateIssuerGoogle Trust Services LLC Subjectalkads.com Fingerprint60:4C:0F:D9:51:E5:B0:B1:53:28:CE:7F:EA:41:2E:59:0C:22:BC:19 ValidityTue, 16 Apr 2024 09:04:40 GMT - Mon, 15 Jul 2024 09:04:39 GMT
File typePNG image data, 144 x 60, 8-bit/color RGBA, non-interlaced Hasha47252e63c9de7bbb6f266986e991861 7f10420d29f0d0acb54e6b0e5ca0c4e9fb9c643c 6a159b41f9e3b1f4925c724ffbdb5d117d1a3de3d0cb8891271ab9cbde60cc6c
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - zelle |
GET /ze1/png/logo.png HTTP/1.1
Host: 1.alkads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1.alkads.com/ze1/?cep=l-UKBG_iIK_-X4WPNnPxOYwa7iBgVzRLvrcmLFeD9NXV_RDoAlnBrsjurdpa-7SdZAs2R9CJv7ZSWK4h8L_T8Zshci8ovcO9AUC8LJuYF1DWxIsIPlZfWSU68WHi5sH7lrZ36QGXI_439fg4Cu-AjQeqmV7bB_Qc178sfGacBHrO_sniQyXXfHuDHtUux-iBKJoxM7L_pxY5u3izyBLcKTbBTk0yNbOaY1ei-_guFsZsFO_uHDg4_UXALkgeX9DkJB8B2PhejOdUzngEmfRevR2wpfgTCUecyHABvh1Usxx9QaheIGr3K9rOcFP-x5A4itz8dzEYEuUxMOInRsAO1SthQzX5rk03fH4WIritslCa2ekUTnrQcgYB5eWQMLgN&lptoken=176113c052f1840609fd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 11:36:50 GMT
content-type: image/png
content-length: 3049
last-modified: Thu, 18 Apr 2024 08:55:16 GMT
etag: "6620dff4-be9"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=af1bslgxzeqUi53PbQdh6nYZUHWangt2En82JFqpuGFIal89DV90Pj%2Ft9xjaCqmHZbpkCnvQ1MOEPGb4S7TjUor4bgauVIFLf4VLKD0usa2%2BfpBgJI1APor%2BoqmUAog%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876c995f0df10b4d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 1.alkads.com/ze1/png/_mark1.png | 104.21.43.240 | 200 OK | 9.8 kB |
URL GET HTTP/31.alkads.com/ze1/png/_mark1.png IP104.21.43.240:443
Requested byhttps://1.alkads.com/ze1/?cep=l-UKBG_iIK_-X4WPNnPxOYwa7iBgVzRLvrcmLFeD9NXV_RDoAlnBrsjurdpa-7SdZAs2R9CJv7ZSWK4h8L_T8Zshci8ovcO9AUC8LJuYF1DWxIsIPlZfWSU68WHi5sH7lrZ36QGXI_439fg4Cu-AjQeqmV7bB_Qc178sfGacBHrO_sniQyXXfHuDHtUux-iBKJoxM7L_pxY5u3izyBLcKTbBTk0yNbOaY1ei-_guFsZsFO_uHDg4_UXALkgeX9DkJB8B2PhejOdUzngEmfRevR2wpfgTCUecyHABvh1Usxx9QaheIGr3K9rOcFP-x5A4itz8dzEYEuUxMOInRsAO1SthQzX5rk03fH4WIritslCa2ekUTnrQcgYB5eWQMLgN&lptoken=176113c052f1840609fd CertificateIssuerGoogle Trust Services LLC Subjectalkads.com Fingerprint60:4C:0F:D9:51:E5:B0:B1:53:28:CE:7F:EA:41:2E:59:0C:22:BC:19 ValidityTue, 16 Apr 2024 09:04:40 GMT - Mon, 15 Jul 2024 09:04:39 GMT
File typePNG image data, 257 x 184, 8-bit colormap, non-interlaced Hash5a1320306aa2e00c157ab7b393035ffe 954eebaf1272ecb737243c816cfafac36f086291 e7d4a4738b3217a9462c27825973bfd5b8083cdbc65e7dbfb460e8e82a113258
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - zelle |
GET /ze1/png/_mark1.png HTTP/1.1
Host: 1.alkads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1.alkads.com/ze1/?cep=l-UKBG_iIK_-X4WPNnPxOYwa7iBgVzRLvrcmLFeD9NXV_RDoAlnBrsjurdpa-7SdZAs2R9CJv7ZSWK4h8L_T8Zshci8ovcO9AUC8LJuYF1DWxIsIPlZfWSU68WHi5sH7lrZ36QGXI_439fg4Cu-AjQeqmV7bB_Qc178sfGacBHrO_sniQyXXfHuDHtUux-iBKJoxM7L_pxY5u3izyBLcKTbBTk0yNbOaY1ei-_guFsZsFO_uHDg4_UXALkgeX9DkJB8B2PhejOdUzngEmfRevR2wpfgTCUecyHABvh1Usxx9QaheIGr3K9rOcFP-x5A4itz8dzEYEuUxMOInRsAO1SthQzX5rk03fH4WIritslCa2ekUTnrQcgYB5eWQMLgN&lptoken=176113c052f1840609fd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 11:36:50 GMT
content-type: image/png
content-length: 9798
last-modified: Thu, 18 Apr 2024 08:55:16 GMT
etag: "6620dff4-2646"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j8mS7y6jvdwRAQ1drcq11ujfiq2N%2Bx9Qsr6GmKRwc4B%2BXoCwOJYt6UKiNnRMFO30ch1db%2BX24pLS5H8IrwSBPBNH5HwEPKWjzAX%2Bv3XvzQ1KjR0AdHyv3Dy5V5ZFQCI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876c995f0df30b4d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 1.alkads.com/ze1/jpg/comment-image.jpg | 104.21.43.240 | 200 OK | 7.4 kB |
URL GET HTTP/31.alkads.com/ze1/jpg/comment-image.jpg IP104.21.43.240:443
Requested byhttps://1.alkads.com/ze1/?cep=l-UKBG_iIK_-X4WPNnPxOYwa7iBgVzRLvrcmLFeD9NXV_RDoAlnBrsjurdpa-7SdZAs2R9CJv7ZSWK4h8L_T8Zshci8ovcO9AUC8LJuYF1DWxIsIPlZfWSU68WHi5sH7lrZ36QGXI_439fg4Cu-AjQeqmV7bB_Qc178sfGacBHrO_sniQyXXfHuDHtUux-iBKJoxM7L_pxY5u3izyBLcKTbBTk0yNbOaY1ei-_guFsZsFO_uHDg4_UXALkgeX9DkJB8B2PhejOdUzngEmfRevR2wpfgTCUecyHABvh1Usxx9QaheIGr3K9rOcFP-x5A4itz8dzEYEuUxMOInRsAO1SthQzX5rk03fH4WIritslCa2ekUTnrQcgYB5eWQMLgN&lptoken=176113c052f1840609fd CertificateIssuerGoogle Trust Services LLC Subjectalkads.com Fingerprint60:4C:0F:D9:51:E5:B0:B1:53:28:CE:7F:EA:41:2E:59:0C:22:BC:19 ValidityTue, 16 Apr 2024 09:04:40 GMT - Mon, 15 Jul 2024 09:04:39 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 200x135, components 3 Hash3e54062f3ac568f3bead01dc59ee82d5 23fd5c086c75c2a6bb851956c4f5c2a959a68ec5 1c37a7880e179fae774f6906842dad0239286b6df3aa97fc6d0da2bddfd9378b
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - zelle |
GET /ze1/jpg/comment-image.jpg HTTP/1.1
Host: 1.alkads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1.alkads.com/ze1/?cep=l-UKBG_iIK_-X4WPNnPxOYwa7iBgVzRLvrcmLFeD9NXV_RDoAlnBrsjurdpa-7SdZAs2R9CJv7ZSWK4h8L_T8Zshci8ovcO9AUC8LJuYF1DWxIsIPlZfWSU68WHi5sH7lrZ36QGXI_439fg4Cu-AjQeqmV7bB_Qc178sfGacBHrO_sniQyXXfHuDHtUux-iBKJoxM7L_pxY5u3izyBLcKTbBTk0yNbOaY1ei-_guFsZsFO_uHDg4_UXALkgeX9DkJB8B2PhejOdUzngEmfRevR2wpfgTCUecyHABvh1Usxx9QaheIGr3K9rOcFP-x5A4itz8dzEYEuUxMOInRsAO1SthQzX5rk03fH4WIritslCa2ekUTnrQcgYB5eWQMLgN&lptoken=176113c052f1840609fd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 11:36:50 GMT
content-type: image/jpeg
content-length: 7447
last-modified: Thu, 18 Apr 2024 08:55:16 GMT
etag: "6620dff4-1d17"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HtHsXQ06hTCXyWesn%2BQxph9CnLU6bMzYw3eKBYS5aNRC5qzZCCkyY%2FDUi%2FvzVZ%2BGmAZNThui%2BguK8%2B8%2BVs7ImebfV435AcoUFioVucimZVfrkLxk6wF1Y55IP%2BrhDWg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876c995f0df50b4d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 1.alkads.com/ze1/png/samsung-s10.png | 104.21.43.240 | 200 OK | 16 kB |
URL GET HTTP/31.alkads.com/ze1/png/samsung-s10.png IP104.21.43.240:443
Requested byhttps://1.alkads.com/ze1/?cep=l-UKBG_iIK_-X4WPNnPxOYwa7iBgVzRLvrcmLFeD9NXV_RDoAlnBrsjurdpa-7SdZAs2R9CJv7ZSWK4h8L_T8Zshci8ovcO9AUC8LJuYF1DWxIsIPlZfWSU68WHi5sH7lrZ36QGXI_439fg4Cu-AjQeqmV7bB_Qc178sfGacBHrO_sniQyXXfHuDHtUux-iBKJoxM7L_pxY5u3izyBLcKTbBTk0yNbOaY1ei-_guFsZsFO_uHDg4_UXALkgeX9DkJB8B2PhejOdUzngEmfRevR2wpfgTCUecyHABvh1Usxx9QaheIGr3K9rOcFP-x5A4itz8dzEYEuUxMOInRsAO1SthQzX5rk03fH4WIritslCa2ekUTnrQcgYB5eWQMLgN&lptoken=176113c052f1840609fd CertificateIssuerGoogle Trust Services LLC Subjectalkads.com Fingerprint60:4C:0F:D9:51:E5:B0:B1:53:28:CE:7F:EA:41:2E:59:0C:22:BC:19 ValidityTue, 16 Apr 2024 09:04:40 GMT - Mon, 15 Jul 2024 09:04:39 GMT
File typePNG image data, 250 x 158, 8-bit/color RGBA, non-interlaced Hash16779548cd28c219f6b7e6d8f9c295ea ce04f611e506c5053cbfe95dc91c64ecb4d74295 8bfabc7e33f6acf8e094e8deb498d4e6f68fbdad46c624e5dad10c3667799cf1
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - zelle |
GET /ze1/png/samsung-s10.png HTTP/1.1
Host: 1.alkads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1.alkads.com/ze1/?cep=l-UKBG_iIK_-X4WPNnPxOYwa7iBgVzRLvrcmLFeD9NXV_RDoAlnBrsjurdpa-7SdZAs2R9CJv7ZSWK4h8L_T8Zshci8ovcO9AUC8LJuYF1DWxIsIPlZfWSU68WHi5sH7lrZ36QGXI_439fg4Cu-AjQeqmV7bB_Qc178sfGacBHrO_sniQyXXfHuDHtUux-iBKJoxM7L_pxY5u3izyBLcKTbBTk0yNbOaY1ei-_guFsZsFO_uHDg4_UXALkgeX9DkJB8B2PhejOdUzngEmfRevR2wpfgTCUecyHABvh1Usxx9QaheIGr3K9rOcFP-x5A4itz8dzEYEuUxMOInRsAO1SthQzX5rk03fH4WIritslCa2ekUTnrQcgYB5eWQMLgN&lptoken=176113c052f1840609fd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 11:36:50 GMT
content-type: image/png
content-length: 16143
last-modified: Thu, 18 Apr 2024 08:55:16 GMT
etag: "6620dff4-3f0f"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bHImRDCqzAhmUPffL61sxD%2F6KoXCgL%2FCN3DOt8ai7NMeRQesbc01HDXz7vkKcuwt4FbxXNf4VtLR5RJXjfGs3nTlgXLH5TktTOufXrQ%2F5RVePMkTTy3KedNN10XHtls%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876c995f1df90b4d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 1.alkads.com/ze1/png/11.png | 104.21.43.240 | 200 OK | 20 kB |
URL GET HTTP/31.alkads.com/ze1/png/11.png IP104.21.43.240:443
Requested byhttps://1.alkads.com/ze1/?cep=l-UKBG_iIK_-X4WPNnPxOYwa7iBgVzRLvrcmLFeD9NXV_RDoAlnBrsjurdpa-7SdZAs2R9CJv7ZSWK4h8L_T8Zshci8ovcO9AUC8LJuYF1DWxIsIPlZfWSU68WHi5sH7lrZ36QGXI_439fg4Cu-AjQeqmV7bB_Qc178sfGacBHrO_sniQyXXfHuDHtUux-iBKJoxM7L_pxY5u3izyBLcKTbBTk0yNbOaY1ei-_guFsZsFO_uHDg4_UXALkgeX9DkJB8B2PhejOdUzngEmfRevR2wpfgTCUecyHABvh1Usxx9QaheIGr3K9rOcFP-x5A4itz8dzEYEuUxMOInRsAO1SthQzX5rk03fH4WIritslCa2ekUTnrQcgYB5eWQMLgN&lptoken=176113c052f1840609fd CertificateIssuerGoogle Trust Services LLC Subjectalkads.com Fingerprint60:4C:0F:D9:51:E5:B0:B1:53:28:CE:7F:EA:41:2E:59:0C:22:BC:19 ValidityTue, 16 Apr 2024 09:04:40 GMT - Mon, 15 Jul 2024 09:04:39 GMT
File typePNG image data, 531 x 531, 8-bit/color RGBA, non-interlaced Hash1c7e1037a62b15dc080894acb7955aa7 4400836d965f60e0dc7f093ce50b2c869f0f5ab7 c379ce20c3e8081a24ee7f71d94ad73d88d2d2db94c99b1d33effd4d6849f31a
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - zelle |
GET /ze1/png/11.png HTTP/1.1
Host: 1.alkads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1.alkads.com/ze1/?cep=l-UKBG_iIK_-X4WPNnPxOYwa7iBgVzRLvrcmLFeD9NXV_RDoAlnBrsjurdpa-7SdZAs2R9CJv7ZSWK4h8L_T8Zshci8ovcO9AUC8LJuYF1DWxIsIPlZfWSU68WHi5sH7lrZ36QGXI_439fg4Cu-AjQeqmV7bB_Qc178sfGacBHrO_sniQyXXfHuDHtUux-iBKJoxM7L_pxY5u3izyBLcKTbBTk0yNbOaY1ei-_guFsZsFO_uHDg4_UXALkgeX9DkJB8B2PhejOdUzngEmfRevR2wpfgTCUecyHABvh1Usxx9QaheIGr3K9rOcFP-x5A4itz8dzEYEuUxMOInRsAO1SthQzX5rk03fH4WIritslCa2ekUTnrQcgYB5eWQMLgN&lptoken=176113c052f1840609fd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 11:36:50 GMT
content-type: image/png
content-length: 19608
last-modified: Thu, 18 Apr 2024 10:29:07 GMT
etag: "6620f5f3-4c98"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DKuzb8S%2BrlkYvE5zm%2FGKoW71nBxjDrIuYI4PdE0H7A3cveo5ZJIRabLC2e0URAPSuIrQoRLyAtgXvwlQmrFPwsR68UJzHxUvCq2oKi53I8VlxCXCzLC44tV4F622IVI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876c995f1dfa0b4d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 1.alkads.com/ze1/png/_mark3_samsung_s10.png | 104.21.43.240 | 200 OK | 16 kB |
URL GET HTTP/31.alkads.com/ze1/png/_mark3_samsung_s10.png IP104.21.43.240:443
Requested byhttps://1.alkads.com/ze1/?cep=l-UKBG_iIK_-X4WPNnPxOYwa7iBgVzRLvrcmLFeD9NXV_RDoAlnBrsjurdpa-7SdZAs2R9CJv7ZSWK4h8L_T8Zshci8ovcO9AUC8LJuYF1DWxIsIPlZfWSU68WHi5sH7lrZ36QGXI_439fg4Cu-AjQeqmV7bB_Qc178sfGacBHrO_sniQyXXfHuDHtUux-iBKJoxM7L_pxY5u3izyBLcKTbBTk0yNbOaY1ei-_guFsZsFO_uHDg4_UXALkgeX9DkJB8B2PhejOdUzngEmfRevR2wpfgTCUecyHABvh1Usxx9QaheIGr3K9rOcFP-x5A4itz8dzEYEuUxMOInRsAO1SthQzX5rk03fH4WIritslCa2ekUTnrQcgYB5eWQMLgN&lptoken=176113c052f1840609fd CertificateIssuerGoogle Trust Services LLC Subjectalkads.com Fingerprint60:4C:0F:D9:51:E5:B0:B1:53:28:CE:7F:EA:41:2E:59:0C:22:BC:19 ValidityTue, 16 Apr 2024 09:04:40 GMT - Mon, 15 Jul 2024 09:04:39 GMT
File typePNG image data, 250 x 158, 8-bit/color RGBA, non-interlaced Hash951d92c6549976227824e2b46effdb7a 0c3b41fe6936be33fd954483dad85d7d73a85b6f 20cb874db642861945c7497100d70d60b6d8b0b83bf8139d21504faa2483d130
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - zelle |
GET /ze1/png/_mark3_samsung_s10.png HTTP/1.1
Host: 1.alkads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1.alkads.com/ze1/?cep=l-UKBG_iIK_-X4WPNnPxOYwa7iBgVzRLvrcmLFeD9NXV_RDoAlnBrsjurdpa-7SdZAs2R9CJv7ZSWK4h8L_T8Zshci8ovcO9AUC8LJuYF1DWxIsIPlZfWSU68WHi5sH7lrZ36QGXI_439fg4Cu-AjQeqmV7bB_Qc178sfGacBHrO_sniQyXXfHuDHtUux-iBKJoxM7L_pxY5u3izyBLcKTbBTk0yNbOaY1ei-_guFsZsFO_uHDg4_UXALkgeX9DkJB8B2PhejOdUzngEmfRevR2wpfgTCUecyHABvh1Usxx9QaheIGr3K9rOcFP-x5A4itz8dzEYEuUxMOInRsAO1SthQzX5rk03fH4WIritslCa2ekUTnrQcgYB5eWQMLgN&lptoken=176113c052f1840609fd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 11:36:50 GMT
content-type: image/png
content-length: 16143
last-modified: Thu, 18 Apr 2024 08:55:16 GMT
etag: "6620dff4-3f0f"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0iJb0YoJTQ%2BN%2F8CbkHCBF0cmlf1UIYcHiPibGeS%2BjmR0IyBJCZItJiTxvZDp99%2BnUwKDn4vyB29aYRi8l%2FCBnUO1w2iOmkWlz2xYCPHGaB9clI4hoiBHiIaJBPaimuQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876c995f1df70b4d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| pentlyconger.com/d/.js?lpref=&lpurl=https%3A%2F%2F1.alkads.com%2Fze1%2F%3Fcep%3Dl-UKBG_iIK_-X4WPNnPxOYwa7iBgVzRLvrcmLFeD9NXV_RDoAlnBrsjurdpa-7SdZAs2R9CJv7ZSWK4h8L_T8Zshci8ovcO9AUC8LJuYF1DWxIsIPlZfWSU68WHi5sH7lrZ36QGXI_439fg4Cu-AjQeqmV7bB_Qc178sfGacBHrO_sniQyXXfHuDHtUux-iBKJoxM7L_pxY5u3izyBLcKTbBTk0yNbOaY1ei-_guFsZsFO_uHDg4_UXALkgeX9DkJB8B2PhejOdUzngEmfRevR2wpfgTCUecyHABvh1Usxx9QaheIGr3K9rOcFP-x5A4itz8dzEYEuUxMOInRsAO1SthQzX5rk03fH4WIritslCa2ekUTnrQcgYB5eWQMLgN%26lptoken%3D176113c052f1840609fd%23&lpt=Zelle&vtm=1713526610550 | 18.192.249.87 | 200 OK | 3.7 kB |
URL GET HTTP/2pentlyconger.com/d/.js?lpref=&lpurl=https%3A%2F%2F1.alkads.com%2Fze1%2F%3Fcep%3Dl-UKBG_iIK_-X4WPNnPxOYwa7iBgVzRLvrcmLFeD9NXV_RDoAlnBrsjurdpa-7SdZAs2R9CJv7ZSWK4h8L_T8Zshci8ovcO9AUC8LJuYF1DWxIsIPlZfWSU68WHi5sH7lrZ36QGXI_439fg4Cu-AjQeqmV7bB_Qc178sfGacBHrO_sniQyXXfHuDHtUux-iBKJoxM7L_pxY5u3izyBLcKTbBTk0yNbOaY1ei-_guFsZsFO_uHDg4_UXALkgeX9DkJB8B2PhejOdUzngEmfRevR2wpfgTCUecyHABvh1Usxx9QaheIGr3K9rOcFP-x5A4itz8dzEYEuUxMOInRsAO1SthQzX5rk03fH4WIritslCa2ekUTnrQcgYB5eWQMLgN%26lptoken%3D176113c052f1840609fd%23&lpt=Zelle&vtm=1713526610550 IP18.192.249.87:443
Requested byhttps://1.alkads.com/ze1/?cep=l-UKBG_iIK_-X4WPNnPxOYwa7iBgVzRLvrcmLFeD9NXV_RDoAlnBrsjurdpa-7SdZAs2R9CJv7ZSWK4h8L_T8Zshci8ovcO9AUC8LJuYF1DWxIsIPlZfWSU68WHi5sH7lrZ36QGXI_439fg4Cu-AjQeqmV7bB_Qc178sfGacBHrO_sniQyXXfHuDHtUux-iBKJoxM7L_pxY5u3izyBLcKTbBTk0yNbOaY1ei-_guFsZsFO_uHDg4_UXALkgeX9DkJB8B2PhejOdUzngEmfRevR2wpfgTCUecyHABvh1Usxx9QaheIGr3K9rOcFP-x5A4itz8dzEYEuUxMOInRsAO1SthQzX5rk03fH4WIritslCa2ekUTnrQcgYB5eWQMLgN&lptoken=176113c052f1840609fd CertificateIssuerLet's Encrypt Subjectpentlyconger.com Fingerprint95:5B:7D:F6:FF:DE:FA:66:4E:48:88:35:D4:C3:41:42:A9:E7:CE:EB ValidityThu, 21 Mar 2024 08:54:13 GMT - Wed, 19 Jun 2024 08:54:12 GMT
File typeJavaScript source, ASCII text, with very long lines (1680) Hashfa32ca933e6ece38dba06c4bff86f1d5 674ceba18018fe36a6e50a323acc1510f361771f a84b48d41c268e9d51ed7d9f3ab9deed726cae4e61774b15adb8d21aa6ef582d
GET /d/.js?lpref=&lpurl=https%3A%2F%2F1.alkads.com%2Fze1%2F%3Fcep%3Dl-UKBG_iIK_-X4WPNnPxOYwa7iBgVzRLvrcmLFeD9NXV_RDoAlnBrsjurdpa-7SdZAs2R9CJv7ZSWK4h8L_T8Zshci8ovcO9AUC8LJuYF1DWxIsIPlZfWSU68WHi5sH7lrZ36QGXI_439fg4Cu-AjQeqmV7bB_Qc178sfGacBHrO_sniQyXXfHuDHtUux-iBKJoxM7L_pxY5u3izyBLcKTbBTk0yNbOaY1ei-_guFsZsFO_uHDg4_UXALkgeX9DkJB8B2PhejOdUzngEmfRevR2wpfgTCUecyHABvh1Usxx9QaheIGr3K9rOcFP-x5A4itz8dzEYEuUxMOInRsAO1SthQzX5rk03fH4WIritslCa2ekUTnrQcgYB5eWQMLgN%26lptoken%3D176113c052f1840609fd%23&lpt=Zelle&vtm=1713526610550 HTTP/1.1
Host: pentlyconger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1.alkads.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 11:36:50 GMT
content-type: application/javascript;charset=UTF-8
content-length: 3711
access-control-allow-origin: *
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
X-Firefox-Spdy: h2
|
|
| ouphouch.com/zone?&pub=0&zone_id=7354034&is_mobile=false&domain=1.alkads.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.501&trace_id=4e1863cf-0655-4044-9a86-3c138994ac5b&action=prerequest | 139.45.197.250 | 200 OK | 0 B |
URL POST HTTP/2ouphouch.com/zone?&pub=0&zone_id=7354034&is_mobile=false&domain=1.alkads.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.501&trace_id=4e1863cf-0655-4044-9a86-3c138994ac5b&action=prerequest IP139.45.197.250:443
Requested byhttps://1.alkads.com/ze1/?cep=l-UKBG_iIK_-X4WPNnPxOYwa7iBgVzRLvrcmLFeD9NXV_RDoAlnBrsjurdpa-7SdZAs2R9CJv7ZSWK4h8L_T8Zshci8ovcO9AUC8LJuYF1DWxIsIPlZfWSU68WHi5sH7lrZ36QGXI_439fg4Cu-AjQeqmV7bB_Qc178sfGacBHrO_sniQyXXfHuDHtUux-iBKJoxM7L_pxY5u3izyBLcKTbBTk0yNbOaY1ei-_guFsZsFO_uHDg4_UXALkgeX9DkJB8B2PhejOdUzngEmfRevR2wpfgTCUecyHABvh1Usxx9QaheIGr3K9rOcFP-x5A4itz8dzEYEuUxMOInRsAO1SthQzX5rk03fH4WIritslCa2ekUTnrQcgYB5eWQMLgN&lptoken=176113c052f1840609fd CertificateIssuerLet's Encrypt Subjectouphouch.com Fingerprint63:C9:F5:31:11:CD:03:30:E2:1D:68:D4:1F:4E:14:BF:08:BC:A2:EE ValidityWed, 21 Feb 2024 05:51:35 GMT - Tue, 21 May 2024 05:51:34 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /zone?&pub=0&zone_id=7354034&is_mobile=false&domain=1.alkads.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.501&trace_id=4e1863cf-0655-4044-9a86-3c138994ac5b&action=prerequest HTTP/1.1
Host: ouphouch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1.alkads.com
DNT: 1
Connection: keep-alive
Referer: https://1.alkads.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 11:36:50 GMT
content-length: 0
x-trace-id: 39a5ad27a7cb611d73198edbf0893d6a
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://1.alkads.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| 1.alkads.com/ze1/js/bootstrap.min.js | 104.21.43.240 | 200 OK | 17 kB |
URL GET HTTP/31.alkads.com/ze1/js/bootstrap.min.js IP104.21.43.240:443
Requested byhttps://1.alkads.com/ze1/?cep=l-UKBG_iIK_-X4WPNnPxOYwa7iBgVzRLvrcmLFeD9NXV_RDoAlnBrsjurdpa-7SdZAs2R9CJv7ZSWK4h8L_T8Zshci8ovcO9AUC8LJuYF1DWxIsIPlZfWSU68WHi5sH7lrZ36QGXI_439fg4Cu-AjQeqmV7bB_Qc178sfGacBHrO_sniQyXXfHuDHtUux-iBKJoxM7L_pxY5u3izyBLcKTbBTk0yNbOaY1ei-_guFsZsFO_uHDg4_UXALkgeX9DkJB8B2PhejOdUzngEmfRevR2wpfgTCUecyHABvh1Usxx9QaheIGr3K9rOcFP-x5A4itz8dzEYEuUxMOInRsAO1SthQzX5rk03fH4WIritslCa2ekUTnrQcgYB5eWQMLgN&lptoken=176113c052f1840609fd CertificateIssuerGoogle Trust Services LLC Subjectalkads.com Fingerprint60:4C:0F:D9:51:E5:B0:B1:53:28:CE:7F:EA:41:2E:59:0C:22:BC:19 ValidityTue, 16 Apr 2024 09:04:40 GMT - Mon, 15 Jul 2024 09:04:39 GMT
File typeJavaScript source, ASCII text, with very long lines (57791), with CRLF line terminators Hash0a958254db529f99f475080fe2a6dcdb eebc17246f2beda813dd3372593cc54a152f9cb4 3bcd802e9f77849e7c1e93c87279fbbb04d45949d2be79b03566ceacde29b158
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - zelle |
GET /ze1/js/bootstrap.min.js HTTP/1.1
Host: 1.alkads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1.alkads.com/ze1/?cep=l-UKBG_iIK_-X4WPNnPxOYwa7iBgVzRLvrcmLFeD9NXV_RDoAlnBrsjurdpa-7SdZAs2R9CJv7ZSWK4h8L_T8Zshci8ovcO9AUC8LJuYF1DWxIsIPlZfWSU68WHi5sH7lrZ36QGXI_439fg4Cu-AjQeqmV7bB_Qc178sfGacBHrO_sniQyXXfHuDHtUux-iBKJoxM7L_pxY5u3izyBLcKTbBTk0yNbOaY1ei-_guFsZsFO_uHDg4_UXALkgeX9DkJB8B2PhejOdUzngEmfRevR2wpfgTCUecyHABvh1Usxx9QaheIGr3K9rOcFP-x5A4itz8dzEYEuUxMOInRsAO1SthQzX5rk03fH4WIritslCa2ekUTnrQcgYB5eWQMLgN&lptoken=176113c052f1840609fd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 11:36:50 GMT
content-type: application/javascript
last-modified: Thu, 18 Apr 2024 08:55:16 GMT
vary: Accept-Encoding
etag: W/"6620dff4-e2de"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uF%2B0AZAXey%2BCkfgHgkWEmEdDRb5ellKUDbX%2F0Ew4nw8X0pllrgnta%2F8Nh3EFaCZfdBJ0pbWgoqnFVWBf1B34EVt%2FcByct0bZhrj%2BNZJudEFG3Ime9OWdzeFTc7kQt1I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c995f1dfc0b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 1.alkads.com/ze1/png/bg-new.png | 104.21.43.240 | 200 OK | 13 kB |
URL GET HTTP/31.alkads.com/ze1/png/bg-new.png IP104.21.43.240:443
Requested byhttps://1.alkads.com/ze1/?cep=l-UKBG_iIK_-X4WPNnPxOYwa7iBgVzRLvrcmLFeD9NXV_RDoAlnBrsjurdpa-7SdZAs2R9CJv7ZSWK4h8L_T8Zshci8ovcO9AUC8LJuYF1DWxIsIPlZfWSU68WHi5sH7lrZ36QGXI_439fg4Cu-AjQeqmV7bB_Qc178sfGacBHrO_sniQyXXfHuDHtUux-iBKJoxM7L_pxY5u3izyBLcKTbBTk0yNbOaY1ei-_guFsZsFO_uHDg4_UXALkgeX9DkJB8B2PhejOdUzngEmfRevR2wpfgTCUecyHABvh1Usxx9QaheIGr3K9rOcFP-x5A4itz8dzEYEuUxMOInRsAO1SthQzX5rk03fH4WIritslCa2ekUTnrQcgYB5eWQMLgN&lptoken=176113c052f1840609fd CertificateIssuerGoogle Trust Services LLC Subjectalkads.com Fingerprint60:4C:0F:D9:51:E5:B0:B1:53:28:CE:7F:EA:41:2E:59:0C:22:BC:19 ValidityTue, 16 Apr 2024 09:04:40 GMT - Mon, 15 Jul 2024 09:04:39 GMT
File typePNG image data, 322 x 574, 8-bit colormap, non-interlaced Hash4e55a0c0f9c65bd0cfdc8e91dfcaa2ab 67f43a9577dbb57e57efc04c3c53733b91628131 26b649b3622d0b25d0283f55cbab37bf0252542cd4a8cb4fdd261368e895ba16
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - zelle |
GET /ze1/png/bg-new.png HTTP/1.1
Host: 1.alkads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1.alkads.com/ze1/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 11:36:50 GMT
content-type: image/png
content-length: 12815
last-modified: Thu, 18 Apr 2024 08:55:16 GMT
etag: "6620dff4-320f"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wqtc7TiRKR%2Bh2XokUloi7qVC8ACsx4DhNg1vuo0%2F0D3yHFM4kpGukh6oQOOzQ%2BjyGU04umLMNiRj1JMQi%2FdLwndt4gpVYzAAWKDoMCEoPFmi3hDVqGccJsppxgi1n%2Bc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876c996358f30b4d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ouphouch.com/pfe/current/micro.tag.min.js?z=7354034&sw=/sw-check-permissions-73a3b.js | 139.45.197.250 | 200 OK | 14 kB |
URL GET HTTP/2ouphouch.com/pfe/current/micro.tag.min.js?z=7354034&sw=/sw-check-permissions-73a3b.js IP139.45.197.250:443
Requested byhttps://1.alkads.com/ze1/?cep=l-UKBG_iIK_-X4WPNnPxOYwa7iBgVzRLvrcmLFeD9NXV_RDoAlnBrsjurdpa-7SdZAs2R9CJv7ZSWK4h8L_T8Zshci8ovcO9AUC8LJuYF1DWxIsIPlZfWSU68WHi5sH7lrZ36QGXI_439fg4Cu-AjQeqmV7bB_Qc178sfGacBHrO_sniQyXXfHuDHtUux-iBKJoxM7L_pxY5u3izyBLcKTbBTk0yNbOaY1ei-_guFsZsFO_uHDg4_UXALkgeX9DkJB8B2PhejOdUzngEmfRevR2wpfgTCUecyHABvh1Usxx9QaheIGr3K9rOcFP-x5A4itz8dzEYEuUxMOInRsAO1SthQzX5rk03fH4WIritslCa2ekUTnrQcgYB5eWQMLgN&lptoken=176113c052f1840609fd CertificateIssuerLet's Encrypt Subjectouphouch.com Fingerprint63:C9:F5:31:11:CD:03:30:E2:1D:68:D4:1F:4E:14:BF:08:BC:A2:EE ValidityWed, 21 Feb 2024 05:51:35 GMT - Tue, 21 May 2024 05:51:34 GMT
File typegzip compressed data, max speed, from Unix Hashc1c1fbb5bc4a0fb5bab60612fcf1fd4d b9b4065d7e668ee6243ad84c7b8d7d565b7f8f9e 6416d54c58b1afed27d6506c720e21729cca436d884a45b8d9ae83aa241f8fdb
GET /pfe/current/micro.tag.min.js?z=7354034&sw=/sw-check-permissions-73a3b.js HTTP/1.1
Host: ouphouch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1.alkads.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 11:36:50 GMT
content-type: application/javascript
last-modified: Fri, 19 Apr 2024 08:30:07 GMT
etag: W/"66222b8f-8eda"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://1.alkads.com/ze1/?cep=l-UKBG_iIK_-X4WPNnPxOYwa7iBgVzRLvrcmLFeD9NXV_RDoAlnBrsjurdpa-7SdZAs2R9CJv7ZSWK4h8L_T8Zshci8ovcO9AUC8LJuYF1DWxIsIPlZfWSU68WHi5sH7lrZ36QGXI_439fg4Cu-AjQeqmV7bB_Qc178sfGacBHrO_sniQyXXfHuDHtUux-iBKJoxM7L_pxY5u3izyBLcKTbBTk0yNbOaY1ei-_guFsZsFO_uHDg4_UXALkgeX9DkJB8B2PhejOdUzngEmfRevR2wpfgTCUecyHABvh1Usxx9QaheIGr3K9rOcFP-x5A4itz8dzEYEuUxMOInRsAO1SthQzX5rk03fH4WIritslCa2ekUTnrQcgYB5eWQMLgN&lptoken=176113c052f1840609fd CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 664
Origin: https://1.alkads.com
DNT: 1
Connection: keep-alive
Referer: https://1.alkads.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 11:36:50 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 59b75c6f725eb55bdde29b4715cf25d7
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://1.alkads.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://1.alkads.com/ze1/?cep=l-UKBG_iIK_-X4WPNnPxOYwa7iBgVzRLvrcmLFeD9NXV_RDoAlnBrsjurdpa-7SdZAs2R9CJv7ZSWK4h8L_T8Zshci8ovcO9AUC8LJuYF1DWxIsIPlZfWSU68WHi5sH7lrZ36QGXI_439fg4Cu-AjQeqmV7bB_Qc178sfGacBHrO_sniQyXXfHuDHtUux-iBKJoxM7L_pxY5u3izyBLcKTbBTk0yNbOaY1ei-_guFsZsFO_uHDg4_UXALkgeX9DkJB8B2PhejOdUzngEmfRevR2wpfgTCUecyHABvh1Usxx9QaheIGr3K9rOcFP-x5A4itz8dzEYEuUxMOInRsAO1SthQzX5rk03fH4WIritslCa2ekUTnrQcgYB5eWQMLgN&lptoken=176113c052f1840609fd CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 665
Origin: https://1.alkads.com
DNT: 1
Connection: keep-alive
Referer: https://1.alkads.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 11:36:50 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: bf78ffa8070c1d0a0137b542d51c7f40
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://1.alkads.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 0 B |
IP139.45.197.250:443
Requested byhttps://1.alkads.com/ze1/?cep=l-UKBG_iIK_-X4WPNnPxOYwa7iBgVzRLvrcmLFeD9NXV_RDoAlnBrsjurdpa-7SdZAs2R9CJv7ZSWK4h8L_T8Zshci8ovcO9AUC8LJuYF1DWxIsIPlZfWSU68WHi5sH7lrZ36QGXI_439fg4Cu-AjQeqmV7bB_Qc178sfGacBHrO_sniQyXXfHuDHtUux-iBKJoxM7L_pxY5u3izyBLcKTbBTk0yNbOaY1ei-_guFsZsFO_uHDg4_UXALkgeX9DkJB8B2PhejOdUzngEmfRevR2wpfgTCUecyHABvh1Usxx9QaheIGr3K9rOcFP-x5A4itz8dzEYEuUxMOInRsAO1SthQzX5rk03fH4WIritslCa2ekUTnrQcgYB5eWQMLgN&lptoken=176113c052f1840609fd CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://1.alkads.com/
Origin: https://1.alkads.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 11:36:50 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://1.alkads.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| 1.alkads.com/ze1/js/notifications.js | 104.21.43.240 | 200 OK | 21 kB |
URL GET HTTP/31.alkads.com/ze1/js/notifications.js IP104.21.43.240:443
Requested byhttps://1.alkads.com/ze1/?cep=l-UKBG_iIK_-X4WPNnPxOYwa7iBgVzRLvrcmLFeD9NXV_RDoAlnBrsjurdpa-7SdZAs2R9CJv7ZSWK4h8L_T8Zshci8ovcO9AUC8LJuYF1DWxIsIPlZfWSU68WHi5sH7lrZ36QGXI_439fg4Cu-AjQeqmV7bB_Qc178sfGacBHrO_sniQyXXfHuDHtUux-iBKJoxM7L_pxY5u3izyBLcKTbBTk0yNbOaY1ei-_guFsZsFO_uHDg4_UXALkgeX9DkJB8B2PhejOdUzngEmfRevR2wpfgTCUecyHABvh1Usxx9QaheIGr3K9rOcFP-x5A4itz8dzEYEuUxMOInRsAO1SthQzX5rk03fH4WIritslCa2ekUTnrQcgYB5eWQMLgN&lptoken=176113c052f1840609fd CertificateIssuerGoogle Trust Services LLC Subjectalkads.com Fingerprint60:4C:0F:D9:51:E5:B0:B1:53:28:CE:7F:EA:41:2E:59:0C:22:BC:19 ValidityTue, 16 Apr 2024 09:04:40 GMT - Mon, 15 Jul 2024 09:04:39 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hashf1b4e3ce2a538523f24a619343f25066 fc706dc6ace8416ceadbeefd56b35ead3bf61736 e2d1d112ada3c3cbc7e919e95b1090e08b7677044ad9256bb1046638f46571d7
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - zelle |
GET /ze1/js/notifications.js HTTP/1.1
Host: 1.alkads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1.alkads.com/ze1/?cep=l-UKBG_iIK_-X4WPNnPxOYwa7iBgVzRLvrcmLFeD9NXV_RDoAlnBrsjurdpa-7SdZAs2R9CJv7ZSWK4h8L_T8Zshci8ovcO9AUC8LJuYF1DWxIsIPlZfWSU68WHi5sH7lrZ36QGXI_439fg4Cu-AjQeqmV7bB_Qc178sfGacBHrO_sniQyXXfHuDHtUux-iBKJoxM7L_pxY5u3izyBLcKTbBTk0yNbOaY1ei-_guFsZsFO_uHDg4_UXALkgeX9DkJB8B2PhejOdUzngEmfRevR2wpfgTCUecyHABvh1Usxx9QaheIGr3K9rOcFP-x5A4itz8dzEYEuUxMOInRsAO1SthQzX5rk03fH4WIritslCa2ekUTnrQcgYB5eWQMLgN&lptoken=176113c052f1840609fd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 11:36:50 GMT
content-type: application/javascript
last-modified: Thu, 18 Apr 2024 08:55:16 GMT
vary: Accept-Encoding
etag: W/"6620dff4-61b"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e%2Bmhut1pGhwo9bmglSJpj8YbT%2BNXutQkw65iBHMBc4%2BB%2Ft4WWZKvqKLMhlww2tIV4f2gYjJYgS2M5DnzHS%2B8%2B9DktGq%2FYmZYQdzED8UIeE%2BJWBe98UWZPmzNFCVb7AM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c995f1dfe0b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 94 B |
IP139.45.197.250:443
Requested byhttps://1.alkads.com/ze1/?cep=l-UKBG_iIK_-X4WPNnPxOYwa7iBgVzRLvrcmLFeD9NXV_RDoAlnBrsjurdpa-7SdZAs2R9CJv7ZSWK4h8L_T8Zshci8ovcO9AUC8LJuYF1DWxIsIPlZfWSU68WHi5sH7lrZ36QGXI_439fg4Cu-AjQeqmV7bB_Qc178sfGacBHrO_sniQyXXfHuDHtUux-iBKJoxM7L_pxY5u3izyBLcKTbBTk0yNbOaY1ei-_guFsZsFO_uHDg4_UXALkgeX9DkJB8B2PhejOdUzngEmfRevR2wpfgTCUecyHABvh1Usxx9QaheIGr3K9rOcFP-x5A4itz8dzEYEuUxMOInRsAO1SthQzX5rk03fH4WIritslCa2ekUTnrQcgYB5eWQMLgN&lptoken=176113c052f1840609fd CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hash1beb5b13088adfe1e55d7bcefe5eea90 c810e13e7d127b43ece2925b072efb9dce414097 afa825a98b9951a2dea4d5bc950d7b7427f0ea95c195dd47a75e2f9c0bd69ceb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1.alkads.com/
Content-Type: application/json
Content-Length: 1288
Origin: https://1.alkads.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 11:36:50 GMT
content-type: application/json; charset=utf-8
content-length: 94
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://1.alkads.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/img.gif?f=sync&partner=9c663d1007dec76d517c8d649a86f6072a79b5585ab25d14184327476f4627a8&ttl=&rurl=https%3A%2F%2F1.alkads.com%2Fze1%2F%3Fcep%3Dl-UKBG_iIK_-X4WPNnPxOYwa7iBgVzRLvrcmLFeD9NXV_RDoAlnBrsjurdpa-7SdZAs2R9CJv7ZSWK4h8L_T8Zshci8ovcO9AUC8LJuYF1DWxIsIPlZfWSU68WHi5sH7lrZ36QGXI_439fg4Cu-AjQeqmV7bB_Qc178sfGacBHrO_sniQyXXfHuDHtUux-iBKJoxM7L_pxY5u3izyBLcKTbBTk0yNbOaY1ei-_guFsZsFO_uHDg4_UXALkgeX9DkJB8B2PhejOdUzngEmfRevR2wpfgTCUecyHABvh1Usxx9QaheIGr3K9rOcFP-x5A4itz8dzEYEuUxMOInRsAO1SthQzX5rk03fH4WIritslCa2ekUTnrQcgYB5eWQMLgN%26lptoken%3D176113c052f1840609fd%23 | 139.45.195.8 | 200 OK | 43 B |
URL GET HTTP/2my.rtmark.net/img.gif?f=sync&partner=9c663d1007dec76d517c8d649a86f6072a79b5585ab25d14184327476f4627a8&ttl=&rurl=https%3A%2F%2F1.alkads.com%2Fze1%2F%3Fcep%3Dl-UKBG_iIK_-X4WPNnPxOYwa7iBgVzRLvrcmLFeD9NXV_RDoAlnBrsjurdpa-7SdZAs2R9CJv7ZSWK4h8L_T8Zshci8ovcO9AUC8LJuYF1DWxIsIPlZfWSU68WHi5sH7lrZ36QGXI_439fg4Cu-AjQeqmV7bB_Qc178sfGacBHrO_sniQyXXfHuDHtUux-iBKJoxM7L_pxY5u3izyBLcKTbBTk0yNbOaY1ei-_guFsZsFO_uHDg4_UXALkgeX9DkJB8B2PhejOdUzngEmfRevR2wpfgTCUecyHABvh1Usxx9QaheIGr3K9rOcFP-x5A4itz8dzEYEuUxMOInRsAO1SthQzX5rk03fH4WIritslCa2ekUTnrQcgYB5eWQMLgN%26lptoken%3D176113c052f1840609fd%23 IP139.45.195.8:443
Requested byhttps://1.alkads.com/ze1/?cep=l-UKBG_iIK_-X4WPNnPxOYwa7iBgVzRLvrcmLFeD9NXV_RDoAlnBrsjurdpa-7SdZAs2R9CJv7ZSWK4h8L_T8Zshci8ovcO9AUC8LJuYF1DWxIsIPlZfWSU68WHi5sH7lrZ36QGXI_439fg4Cu-AjQeqmV7bB_Qc178sfGacBHrO_sniQyXXfHuDHtUux-iBKJoxM7L_pxY5u3izyBLcKTbBTk0yNbOaY1ei-_guFsZsFO_uHDg4_UXALkgeX9DkJB8B2PhejOdUzngEmfRevR2wpfgTCUecyHABvh1Usxx9QaheIGr3K9rOcFP-x5A4itz8dzEYEuUxMOInRsAO1SthQzX5rk03fH4WIritslCa2ekUTnrQcgYB5eWQMLgN&lptoken=176113c052f1840609fd CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=sync&partner=9c663d1007dec76d517c8d649a86f6072a79b5585ab25d14184327476f4627a8&ttl=&rurl=https%3A%2F%2F1.alkads.com%2Fze1%2F%3Fcep%3Dl-UKBG_iIK_-X4WPNnPxOYwa7iBgVzRLvrcmLFeD9NXV_RDoAlnBrsjurdpa-7SdZAs2R9CJv7ZSWK4h8L_T8Zshci8ovcO9AUC8LJuYF1DWxIsIPlZfWSU68WHi5sH7lrZ36QGXI_439fg4Cu-AjQeqmV7bB_Qc178sfGacBHrO_sniQyXXfHuDHtUux-iBKJoxM7L_pxY5u3izyBLcKTbBTk0yNbOaY1ei-_guFsZsFO_uHDg4_UXALkgeX9DkJB8B2PhejOdUzngEmfRevR2wpfgTCUecyHABvh1Usxx9QaheIGr3K9rOcFP-x5A4itz8dzEYEuUxMOInRsAO1SthQzX5rk03fH4WIritslCa2ekUTnrQcgYB5eWQMLgN%26lptoken%3D176113c052f1840609fd%23 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1.alkads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 11:36:51 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=088043db1a764e56ec1da527104254bd; expires=Sat, 19 Apr 2025 11:36:51 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| 1.alkads.com/sw-check-permissions-73a3b.js?zoneId=7354034 | 104.21.43.240 | 200 OK | 12 kB |
URL GET HTTP/31.alkads.com/sw-check-permissions-73a3b.js?zoneId=7354034 IP104.21.43.240:443
Requested byhttps://1.alkads.com/ze1/?cep=l-UKBG_iIK_-X4WPNnPxOYwa7iBgVzRLvrcmLFeD9NXV_RDoAlnBrsjurdpa-7SdZAs2R9CJv7ZSWK4h8L_T8Zshci8ovcO9AUC8LJuYF1DWxIsIPlZfWSU68WHi5sH7lrZ36QGXI_439fg4Cu-AjQeqmV7bB_Qc178sfGacBHrO_sniQyXXfHuDHtUux-iBKJoxM7L_pxY5u3izyBLcKTbBTk0yNbOaY1ei-_guFsZsFO_uHDg4_UXALkgeX9DkJB8B2PhejOdUzngEmfRevR2wpfgTCUecyHABvh1Usxx9QaheIGr3K9rOcFP-x5A4itz8dzEYEuUxMOInRsAO1SthQzX5rk03fH4WIritslCa2ekUTnrQcgYB5eWQMLgN&lptoken=176113c052f1840609fd CertificateIssuerGoogle Trust Services LLC Subjectalkads.com Fingerprint60:4C:0F:D9:51:E5:B0:B1:53:28:CE:7F:EA:41:2E:59:0C:22:BC:19 ValidityTue, 16 Apr 2024 09:04:40 GMT - Mon, 15 Jul 2024 09:04:39 GMT
Hash37ace0e9c77990ff0ad620ee462760b7 10de4f3d9ba9cd09b36accba0f675ba685177cd3 661e371212280f39915efeda30cbdfea821b4c26d213580c5a7d76efe2408792
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - zelle |
GET /sw-check-permissions-73a3b.js?zoneId=7354034 HTTP/1.1
Host: 1.alkads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://1.alkads.com/ze1/?cep=l-UKBG_iIK_-X4WPNnPxOYwa7iBgVzRLvrcmLFeD9NXV_RDoAlnBrsjurdpa-7SdZAs2R9CJv7ZSWK4h8L_T8Zshci8ovcO9AUC8LJuYF1DWxIsIPlZfWSU68WHi5sH7lrZ36QGXI_439fg4Cu-AjQeqmV7bB_Qc178sfGacBHrO_sniQyXXfHuDHtUux-iBKJoxM7L_pxY5u3izyBLcKTbBTk0yNbOaY1ei-_guFsZsFO_uHDg4_UXALkgeX9DkJB8B2PhejOdUzngEmfRevR2wpfgTCUecyHABvh1Usxx9QaheIGr3K9rOcFP-x5A4itz8dzEYEuUxMOInRsAO1SthQzX5rk03fH4WIritslCa2ekUTnrQcgYB5eWQMLgN&lptoken=176113c052f1840609fd
Cookie: vl-cep=cep=ZVZVVqT5UtRXXXnK6jwaVCOqujav-I4M25TfsFm69dX1V506LvHCHT7NwWaIiETH72UT4u6r2iDIJfVEK9cJWengxabdnsQi0BzDTIZ0NAkvDjdq0_IQLwOzFIJy45O_Pt9bGbCM4FrYLTUG9vcu0jsTI6E6mkFIQ-VYk1tF2OQM3L7RUkqMDyZuXx2AlJUiFq7joeW8g8OBnoOsJ23WKQs80JDJ1HOejDTIhixiHbsDiPSbAwfduLNE1ZzgK4WyMlpxhovZe-SyBBTWyC5M6Xf8uzgjf6qRGzYnwUdLbmvB_F6e_gJWHUMN05ZLOrgy3GKVUNQguY7hHPEn7WAOAW2MpUgNF2o6S26p1CWjMqZW9pX5HPHuCqhS5eBepWYE
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 11:36:51 GMT
content-type: application/javascript
last-modified: Tue, 16 Apr 2024 12:50:52 GMT
etag: W/"661e742c-236"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K6aYc48pkfD00Jya9jPUIkRfErc1IGGTn5gO9qCUp3Um5gF0Mjw4KaBrWksoiZAe2b%2B2A0JccCEKqnNQnzynH7QpjAdavknCHGfkoPTbsjdcU7thqt9jBD5hWdYJvPg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876c9965eaaf0b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 1.alkads.com/ze1/css/bootstrap.min.css | 104.21.43.240 | 200 OK | 201 kB |
URL GET HTTP/31.alkads.com/ze1/css/bootstrap.min.css IP104.21.43.240:443
Requested byhttps://1.alkads.com/ze1/?cep=l-UKBG_iIK_-X4WPNnPxOYwa7iBgVzRLvrcmLFeD9NXV_RDoAlnBrsjurdpa-7SdZAs2R9CJv7ZSWK4h8L_T8Zshci8ovcO9AUC8LJuYF1DWxIsIPlZfWSU68WHi5sH7lrZ36QGXI_439fg4Cu-AjQeqmV7bB_Qc178sfGacBHrO_sniQyXXfHuDHtUux-iBKJoxM7L_pxY5u3izyBLcKTbBTk0yNbOaY1ei-_guFsZsFO_uHDg4_UXALkgeX9DkJB8B2PhejOdUzngEmfRevR2wpfgTCUecyHABvh1Usxx9QaheIGr3K9rOcFP-x5A4itz8dzEYEuUxMOInRsAO1SthQzX5rk03fH4WIritslCa2ekUTnrQcgYB5eWQMLgN&lptoken=176113c052f1840609fd CertificateIssuerGoogle Trust Services LLC Subjectalkads.com Fingerprint60:4C:0F:D9:51:E5:B0:B1:53:28:CE:7F:EA:41:2E:59:0C:22:BC:19 ValidityTue, 16 Apr 2024 09:04:40 GMT - Mon, 15 Jul 2024 09:04:39 GMT
File typeASCII text, with CRLF line terminators Size201 kB (200591 bytes) Hash825cd343a63648302d064a61c5bb46bf 30caab53f3c1d0ad49d9fe731aa85f279fd5b0ca 3f6425f45b45bd9b327e827a703bfef5a75aa8e8b11f7efa5a8501427468486e
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - zelle |
GET /ze1/css/bootstrap.min.css HTTP/1.1
Host: 1.alkads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1.alkads.com/ze1/css/style.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 11:36:50 GMT
content-type: text/css
last-modified: Thu, 18 Apr 2024 08:55:16 GMT
vary: Accept-Encoding
etag: W/"6620dff4-30f8f"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UfWhoc5smrIXbUGkbg9aogbCuzIziBMKXhWnh6SL%2B7x4eSVpsHeQheu8SavDx5HyEUFCpSpKLzfPAOt4HAXZZxBtqipvXQ4Agi%2BjlnOJad1Jsn6PU%2Bavdb4POig3rGU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c9960bef60b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 1.alkads.com/ze1/css/animate.css | 104.21.43.240 | 200 OK | 82 kB |
URL GET HTTP/31.alkads.com/ze1/css/animate.css IP104.21.43.240:443
Requested byhttps://1.alkads.com/ze1/?cep=l-UKBG_iIK_-X4WPNnPxOYwa7iBgVzRLvrcmLFeD9NXV_RDoAlnBrsjurdpa-7SdZAs2R9CJv7ZSWK4h8L_T8Zshci8ovcO9AUC8LJuYF1DWxIsIPlZfWSU68WHi5sH7lrZ36QGXI_439fg4Cu-AjQeqmV7bB_Qc178sfGacBHrO_sniQyXXfHuDHtUux-iBKJoxM7L_pxY5u3izyBLcKTbBTk0yNbOaY1ei-_guFsZsFO_uHDg4_UXALkgeX9DkJB8B2PhejOdUzngEmfRevR2wpfgTCUecyHABvh1Usxx9QaheIGr3K9rOcFP-x5A4itz8dzEYEuUxMOInRsAO1SthQzX5rk03fH4WIritslCa2ekUTnrQcgYB5eWQMLgN&lptoken=176113c052f1840609fd CertificateIssuerGoogle Trust Services LLC Subjectalkads.com Fingerprint60:4C:0F:D9:51:E5:B0:B1:53:28:CE:7F:EA:41:2E:59:0C:22:BC:19 ValidityTue, 16 Apr 2024 09:04:40 GMT - Mon, 15 Jul 2024 09:04:39 GMT
File typeASCII text, with CRLF line terminators Hash110df922d0442ba4971d636f26e2dfc0 d0615f29fce34c802f84bddf79b02afab8012f13 54e45a0cb0fb522c4c3637e3fa2d6a7729bf8e9b2266d268cae0ca0583bf6d16
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - zelle |
GET /ze1/css/animate.css HTTP/1.1
Host: 1.alkads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1.alkads.com/ze1/css/style.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 11:36:50 GMT
content-type: text/css
last-modified: Thu, 18 Apr 2024 08:55:16 GMT
vary: Accept-Encoding
etag: W/"6620dff4-13e7a"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZRrbuuf4c1Mx5ybu7gdlmDgQmSJ3yw4lbHbnQh80SelKs3%2FN3UcIi%2FvPslFbCNzwyiSlW%2BcflvuVdNLTc1ZcameMRhppunDpWBpCPjJwKEFZLjy8E%2Bs3AFTD89n7puM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c9960bef70b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 1.alkads.com/ze1/png/like.png | 104.21.43.240 | 200 OK | 1.2 kB |
URL GET HTTP/31.alkads.com/ze1/png/like.png IP104.21.43.240:443
Requested byhttps://1.alkads.com/ze1/?cep=l-UKBG_iIK_-X4WPNnPxOYwa7iBgVzRLvrcmLFeD9NXV_RDoAlnBrsjurdpa-7SdZAs2R9CJv7ZSWK4h8L_T8Zshci8ovcO9AUC8LJuYF1DWxIsIPlZfWSU68WHi5sH7lrZ36QGXI_439fg4Cu-AjQeqmV7bB_Qc178sfGacBHrO_sniQyXXfHuDHtUux-iBKJoxM7L_pxY5u3izyBLcKTbBTk0yNbOaY1ei-_guFsZsFO_uHDg4_UXALkgeX9DkJB8B2PhejOdUzngEmfRevR2wpfgTCUecyHABvh1Usxx9QaheIGr3K9rOcFP-x5A4itz8dzEYEuUxMOInRsAO1SthQzX5rk03fH4WIritslCa2ekUTnrQcgYB5eWQMLgN&lptoken=176113c052f1840609fd CertificateIssuerGoogle Trust Services LLC Subjectalkads.com Fingerprint60:4C:0F:D9:51:E5:B0:B1:53:28:CE:7F:EA:41:2E:59:0C:22:BC:19 ValidityTue, 16 Apr 2024 09:04:40 GMT - Mon, 15 Jul 2024 09:04:39 GMT
File typePNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced Hasha883b7f87057bede4bf0a14fc6acdc76 613c5dc226d26dc64c4c95c882b2ca08a1d23122 e81147bf3f6fff18fae264b65604a7e91e0b490550b9243d9085037c6bc1c8dd
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - zelle |
GET /ze1/png/like.png HTTP/1.1
Host: 1.alkads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1.alkads.com/ze1/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 11:36:50 GMT
content-type: image/png
content-length: 1211
last-modified: Thu, 18 Apr 2024 08:55:16 GMT
etag: "6620dff4-4bb"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z53inR%2BKSZMYIPbZs%2BVsFEXi0mvRop5aO%2FY7ba%2B68CzSxllQ8yBuqTskAh1c8bcaOCHuzM4AXg6yUp%2FZ5c0x8MfL8WUueIcmffqg93aICgugNDTpEe1oqpI%2B1FyvuMs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876c996358fa0b4d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 1.alkads.com/ze1/?cep=l-UKBG_iIK_-X4WPNnPxOYwa7iBgVzRLvrcmLFeD9NXV_RDoAlnBrsjurdpa-7SdZAs2R9CJv7ZSWK4h8L_T8Zshci8ovcO9AUC8LJuYF1DWxIsIPlZfWSU68WHi5sH7lrZ36QGXI_439fg4Cu-AjQeqmV7bB_Qc178sfGacBHrO_sniQyXXfHuDHtUux-iBKJoxM7L_pxY5u3izyBLcKTbBTk0yNbOaY1ei-_guFsZsFO_uHDg4_UXALkgeX9DkJB8B2PhejOdUzngEmfRevR2wpfgTCUecyHABvh1Usxx9QaheIGr3K9rOcFP-x5A4itz8dzEYEuUxMOInRsAO1SthQzX5rk03fH4WIritslCa2ekUTnrQcgYB5eWQMLgN&lptoken=176113c052f1840609fd | 104.21.43.240 | 200 OK | 25 kB |
URL User Request GET HTTP/21.alkads.com/ze1/?cep=l-UKBG_iIK_-X4WPNnPxOYwa7iBgVzRLvrcmLFeD9NXV_RDoAlnBrsjurdpa-7SdZAs2R9CJv7ZSWK4h8L_T8Zshci8ovcO9AUC8LJuYF1DWxIsIPlZfWSU68WHi5sH7lrZ36QGXI_439fg4Cu-AjQeqmV7bB_Qc178sfGacBHrO_sniQyXXfHuDHtUux-iBKJoxM7L_pxY5u3izyBLcKTbBTk0yNbOaY1ei-_guFsZsFO_uHDg4_UXALkgeX9DkJB8B2PhejOdUzngEmfRevR2wpfgTCUecyHABvh1Usxx9QaheIGr3K9rOcFP-x5A4itz8dzEYEuUxMOInRsAO1SthQzX5rk03fH4WIritslCa2ekUTnrQcgYB5eWQMLgN&lptoken=176113c052f1840609fd IP104.21.43.240:443
CertificateIssuerGoogle Trust Services LLC Subjectalkads.com Fingerprint60:4C:0F:D9:51:E5:B0:B1:53:28:CE:7F:EA:41:2E:59:0C:22:BC:19 ValidityTue, 16 Apr 2024 09:04:40 GMT - Mon, 15 Jul 2024 09:04:39 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - zelle |
GET /ze1/?cep=l-UKBG_iIK_-X4WPNnPxOYwa7iBgVzRLvrcmLFeD9NXV_RDoAlnBrsjurdpa-7SdZAs2R9CJv7ZSWK4h8L_T8Zshci8ovcO9AUC8LJuYF1DWxIsIPlZfWSU68WHi5sH7lrZ36QGXI_439fg4Cu-AjQeqmV7bB_Qc178sfGacBHrO_sniQyXXfHuDHtUux-iBKJoxM7L_pxY5u3izyBLcKTbBTk0yNbOaY1ei-_guFsZsFO_uHDg4_UXALkgeX9DkJB8B2PhejOdUzngEmfRevR2wpfgTCUecyHABvh1Usxx9QaheIGr3K9rOcFP-x5A4itz8dzEYEuUxMOInRsAO1SthQzX5rk03fH4WIritslCa2ekUTnrQcgYB5eWQMLgN&lptoken=176113c052f1840609fd HTTP/1.1
Host: 1.alkads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 11:36:49 GMT
content-type: text/html
last-modified: Thu, 18 Apr 2024 10:29:23 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G9AJvQEGxIx5oVABHCdeeW99FvAgtUr%2FtrVbJ%2BC%2BZ3Fl1UAjVAmx4dramLLih3tZvEIht%2B1DvvUf2OMgA13E9dld3WCAOgL36r7sVOU9swa2e%2F5S2hcFf047I5mwyCo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c995c4ba956ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 1.alkads.com/ze1/css/style.css | 104.21.43.240 | 200 OK | 18 kB |
URL GET HTTP/31.alkads.com/ze1/css/style.css IP104.21.43.240:443
Requested byhttps://1.alkads.com/ze1/?cep=l-UKBG_iIK_-X4WPNnPxOYwa7iBgVzRLvrcmLFeD9NXV_RDoAlnBrsjurdpa-7SdZAs2R9CJv7ZSWK4h8L_T8Zshci8ovcO9AUC8LJuYF1DWxIsIPlZfWSU68WHi5sH7lrZ36QGXI_439fg4Cu-AjQeqmV7bB_Qc178sfGacBHrO_sniQyXXfHuDHtUux-iBKJoxM7L_pxY5u3izyBLcKTbBTk0yNbOaY1ei-_guFsZsFO_uHDg4_UXALkgeX9DkJB8B2PhejOdUzngEmfRevR2wpfgTCUecyHABvh1Usxx9QaheIGr3K9rOcFP-x5A4itz8dzEYEuUxMOInRsAO1SthQzX5rk03fH4WIritslCa2ekUTnrQcgYB5eWQMLgN&lptoken=176113c052f1840609fd CertificateIssuerGoogle Trust Services LLC Subjectalkads.com Fingerprint60:4C:0F:D9:51:E5:B0:B1:53:28:CE:7F:EA:41:2E:59:0C:22:BC:19 ValidityTue, 16 Apr 2024 09:04:40 GMT - Mon, 15 Jul 2024 09:04:39 GMT
File typeASCII text, with CRLF line terminators Hash9470cfc2946d2cfb44ee7ffc792a95b7 1758f9011c323f8847321e2f81163c6802c4640a 9f1aafb101211d579c302d1bb3837fd97ca2fdab2f0a44e98bfafb76c577abe2
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - zelle |
GET /ze1/css/style.css HTTP/1.1
Host: 1.alkads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1.alkads.com/ze1/?cep=l-UKBG_iIK_-X4WPNnPxOYwa7iBgVzRLvrcmLFeD9NXV_RDoAlnBrsjurdpa-7SdZAs2R9CJv7ZSWK4h8L_T8Zshci8ovcO9AUC8LJuYF1DWxIsIPlZfWSU68WHi5sH7lrZ36QGXI_439fg4Cu-AjQeqmV7bB_Qc178sfGacBHrO_sniQyXXfHuDHtUux-iBKJoxM7L_pxY5u3izyBLcKTbBTk0yNbOaY1ei-_guFsZsFO_uHDg4_UXALkgeX9DkJB8B2PhejOdUzngEmfRevR2wpfgTCUecyHABvh1Usxx9QaheIGr3K9rOcFP-x5A4itz8dzEYEuUxMOInRsAO1SthQzX5rk03fH4WIritslCa2ekUTnrQcgYB5eWQMLgN&lptoken=176113c052f1840609fd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 11:36:50 GMT
content-type: text/css
last-modified: Thu, 18 Apr 2024 08:55:16 GMT
vary: Accept-Encoding
etag: W/"6620dff4-44d1"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uZ10nUBkWB0zzxpIdcYLZDAZTd99JAqR%2BKOmjXtPrUVCnFqiTrnXN1uOjer5YMjHqPvZbh52KhGMe4PDBhAB4RGYrICwvPyKf%2Fji%2BgPKi3CwDHhuqWL5%2BgTbvSI%2BMH8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c995f0df00b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 1.alkads.com/ze1/jpg/profiles.jpg | 104.21.43.240 | 200 OK | 20 kB |
URL GET HTTP/31.alkads.com/ze1/jpg/profiles.jpg IP104.21.43.240:443
Requested byhttps://1.alkads.com/ze1/?cep=l-UKBG_iIK_-X4WPNnPxOYwa7iBgVzRLvrcmLFeD9NXV_RDoAlnBrsjurdpa-7SdZAs2R9CJv7ZSWK4h8L_T8Zshci8ovcO9AUC8LJuYF1DWxIsIPlZfWSU68WHi5sH7lrZ36QGXI_439fg4Cu-AjQeqmV7bB_Qc178sfGacBHrO_sniQyXXfHuDHtUux-iBKJoxM7L_pxY5u3izyBLcKTbBTk0yNbOaY1ei-_guFsZsFO_uHDg4_UXALkgeX9DkJB8B2PhejOdUzngEmfRevR2wpfgTCUecyHABvh1Usxx9QaheIGr3K9rOcFP-x5A4itz8dzEYEuUxMOInRsAO1SthQzX5rk03fH4WIritslCa2ekUTnrQcgYB5eWQMLgN&lptoken=176113c052f1840609fd CertificateIssuerGoogle Trust Services LLC Subjectalkads.com Fingerprint60:4C:0F:D9:51:E5:B0:B1:53:28:CE:7F:EA:41:2E:59:0C:22:BC:19 ValidityTue, 16 Apr 2024 09:04:40 GMT - Mon, 15 Jul 2024 09:04:39 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 192x192, components 3 Hash3785bc821af0a3234c8cb464eb303260 5661c934a6a28bbbb925d0e9344f909ca4b8d2b0 625fa7e238b94bf3b09fb40da3176bbbbfb1b3b76a60235e57018b6fad9560f8
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - zelle |
GET /ze1/jpg/profiles.jpg HTTP/1.1
Host: 1.alkads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1.alkads.com/ze1/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 11:36:50 GMT
content-type: image/jpeg
content-length: 20026
last-modified: Thu, 18 Apr 2024 08:55:16 GMT
etag: "6620dff4-4e3a"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1qsTR9laAvbfI0H90UKb4JQ112fGzWEiEQBS2YrHvBNjKu4VG%2Bmjh35nkKb5gVInwhUcxjDfeVFfE8kCQGMimN7EC0xsUpCyUgB%2FQsU4DgZ38L2hPqd2eJ8yvikbmrg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876c996358f40b4d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 1.alkads.com/favicon.ico | 104.21.43.240 | 404 Not Found | 150 B |
IP104.21.43.240:443
Requested byhttps://1.alkads.com/ze1/?cep=l-UKBG_iIK_-X4WPNnPxOYwa7iBgVzRLvrcmLFeD9NXV_RDoAlnBrsjurdpa-7SdZAs2R9CJv7ZSWK4h8L_T8Zshci8ovcO9AUC8LJuYF1DWxIsIPlZfWSU68WHi5sH7lrZ36QGXI_439fg4Cu-AjQeqmV7bB_Qc178sfGacBHrO_sniQyXXfHuDHtUux-iBKJoxM7L_pxY5u3izyBLcKTbBTk0yNbOaY1ei-_guFsZsFO_uHDg4_UXALkgeX9DkJB8B2PhejOdUzngEmfRevR2wpfgTCUecyHABvh1Usxx9QaheIGr3K9rOcFP-x5A4itz8dzEYEuUxMOInRsAO1SthQzX5rk03fH4WIritslCa2ekUTnrQcgYB5eWQMLgN&lptoken=176113c052f1840609fd CertificateIssuerGoogle Trust Services LLC Subjectalkads.com Fingerprint60:4C:0F:D9:51:E5:B0:B1:53:28:CE:7F:EA:41:2E:59:0C:22:BC:19 ValidityTue, 16 Apr 2024 09:04:40 GMT - Mon, 15 Jul 2024 09:04:39 GMT
File typeHTML document, ASCII text, with no line terminators Hash3975df6acd9bb32205823270e122bb3f debbb3ecc9183ee7672f25d0f74eea74e3530298 13ed13454e3102135579e64775b002a66280f9eb99c31e4d8b59a69cf7e00425
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - zelle |
GET /favicon.ico HTTP/1.1
Host: 1.alkads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1.alkads.com/ze1/?cep=l-UKBG_iIK_-X4WPNnPxOYwa7iBgVzRLvrcmLFeD9NXV_RDoAlnBrsjurdpa-7SdZAs2R9CJv7ZSWK4h8L_T8Zshci8ovcO9AUC8LJuYF1DWxIsIPlZfWSU68WHi5sH7lrZ36QGXI_439fg4Cu-AjQeqmV7bB_Qc178sfGacBHrO_sniQyXXfHuDHtUux-iBKJoxM7L_pxY5u3izyBLcKTbBTk0yNbOaY1ei-_guFsZsFO_uHDg4_UXALkgeX9DkJB8B2PhejOdUzngEmfRevR2wpfgTCUecyHABvh1Usxx9QaheIGr3K9rOcFP-x5A4itz8dzEYEuUxMOInRsAO1SthQzX5rk03fH4WIritslCa2ekUTnrQcgYB5eWQMLgN&lptoken=176113c052f1840609fd
Cookie: vl-cep=cep=ZVZVVqT5UtRXXXnK6jwaVCOqujav-I4M25TfsFm69dX1V506LvHCHT7NwWaIiETH72UT4u6r2iDIJfVEK9cJWengxabdnsQi0BzDTIZ0NAkvDjdq0_IQLwOzFIJy45O_Pt9bGbCM4FrYLTUG9vcu0jsTI6E6mkFIQ-VYk1tF2OQM3L7RUkqMDyZuXx2AlJUiFq7joeW8g8OBnoOsJ23WKQs80JDJ1HOejDTIhixiHbsDiPSbAwfduLNE1ZzgK4WyMlpxhovZe-SyBBTWyC5M6Xf8uzgjf6qRGzYnwUdLbmvB_F6e_gJWHUMN05ZLOrgy3GKVUNQguY7hHPEn7WAOAW2MpUgNF2o6S26p1CWjMqZW9pX5HPHuCqhS5eBepWYE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Fri, 19 Apr 2024 11:36:51 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mVvZViaU3oIVzdIgtzxzd5p09Ix8ZkZ5Wk2rlVIReuL8SnoElo%2FHsHaNaGxHdKYdet4bHwPS0DWEHP4W390XfgEWbd%2FylHFfwNQFi%2FCbdnGZUZMbP5N%2FykA3sDV5gVQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876c99668b080b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 1.alkads.com/ze1/js/jquery.min.js | 104.21.43.240 | 200 OK | 86 kB |
URL GET HTTP/31.alkads.com/ze1/js/jquery.min.js IP104.21.43.240:443
Requested byhttps://1.alkads.com/ze1/?cep=l-UKBG_iIK_-X4WPNnPxOYwa7iBgVzRLvrcmLFeD9NXV_RDoAlnBrsjurdpa-7SdZAs2R9CJv7ZSWK4h8L_T8Zshci8ovcO9AUC8LJuYF1DWxIsIPlZfWSU68WHi5sH7lrZ36QGXI_439fg4Cu-AjQeqmV7bB_Qc178sfGacBHrO_sniQyXXfHuDHtUux-iBKJoxM7L_pxY5u3izyBLcKTbBTk0yNbOaY1ei-_guFsZsFO_uHDg4_UXALkgeX9DkJB8B2PhejOdUzngEmfRevR2wpfgTCUecyHABvh1Usxx9QaheIGr3K9rOcFP-x5A4itz8dzEYEuUxMOInRsAO1SthQzX5rk03fH4WIritslCa2ekUTnrQcgYB5eWQMLgN&lptoken=176113c052f1840609fd CertificateIssuerGoogle Trust Services LLC Subjectalkads.com Fingerprint60:4C:0F:D9:51:E5:B0:B1:53:28:CE:7F:EA:41:2E:59:0C:22:BC:19 ValidityTue, 16 Apr 2024 09:04:40 GMT - Mon, 15 Jul 2024 09:04:39 GMT
File typeJavaScript source, ASCII text, with very long lines (32065) Hash2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - zelle |
GET /ze1/js/jquery.min.js HTTP/1.1
Host: 1.alkads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1.alkads.com/ze1/?cep=l-UKBG_iIK_-X4WPNnPxOYwa7iBgVzRLvrcmLFeD9NXV_RDoAlnBrsjurdpa-7SdZAs2R9CJv7ZSWK4h8L_T8Zshci8ovcO9AUC8LJuYF1DWxIsIPlZfWSU68WHi5sH7lrZ36QGXI_439fg4Cu-AjQeqmV7bB_Qc178sfGacBHrO_sniQyXXfHuDHtUux-iBKJoxM7L_pxY5u3izyBLcKTbBTk0yNbOaY1ei-_guFsZsFO_uHDg4_UXALkgeX9DkJB8B2PhejOdUzngEmfRevR2wpfgTCUecyHABvh1Usxx9QaheIGr3K9rOcFP-x5A4itz8dzEYEuUxMOInRsAO1SthQzX5rk03fH4WIritslCa2ekUTnrQcgYB5eWQMLgN&lptoken=176113c052f1840609fd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 11:36:50 GMT
content-type: application/javascript
last-modified: Thu, 18 Apr 2024 08:55:16 GMT
vary: Accept-Encoding
etag: W/"6620dff4-14e4a"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vBFHyNyob23Vl1rk%2FJ2U%2F1HElctWtFBMDsE4jnctkBbsSKa%2FgOCT2pBGOtuedE%2Bn7sg2lf0NT02aIjskHKRxr39IhVs29v9hKDQE%2FyvgPi4Ifg3kTR1jwZHCUBnPJIg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c995f1dfb0b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|