| geant.ocsp.sectigo.com/ |  172.64.149.23 | | 727 B |
IP172.64.149.23:0
Hash43ccf83bcd0a0e33800b019cd34a7c02 9db8feb096cdba3e8d6aec91d82fd6693ed136d1 3c7443efc4b816cb4329d25343dff5af222f83b6bcce53ee83d0cbc39024c177
POST / HTTP/1.1
Host: geant.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 12 Jan 2024 05:08:12 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Wed, 10 Jan 2024 07:48:59 GMT
Expires: Wed, 17 Jan 2024 07:48:58 GMT
Etag: "9db8feb096cdba3e8d6aec91d82fd6693ed136d1"
Cache-Control: max-age=441045,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 8442e1593b8a7128-OSL
|
|
| mail1.ge.cnr.it/img/logo/favicon.ico |  150.145.0.157 | 200 OK | 1.2 kB |
URL GET HTTP/2mail1.ge.cnr.it/img/logo/favicon.ico IP150.145.0.157:443
Requested byhttps://57757574.000webhostapp.com/ CertificateIssuerGEANT Vereniging Subjectmail1.ge.cnr.it Fingerprint02:4D:23:E2:22:F7:DC:D6:66:7F:54:E4:9C:BB:3D:EF:09:C4:69:DE ValidityTue, 04 Apr 2023 00:00:00 GMT - Wed, 03 Apr 2024 23:59:59 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hash8c7d1c14e4b9c42f07bd6b800d93b806 87e49826ffb3bc1ddac38feebb6bb98eaef568b2 1afd891aacc433e75265e3ddc9cb4fc63b88259977811384426c535037711637
GET /img/logo/favicon.ico HTTP/1.1
Host: mail1.ge.cnr.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://57757574.000webhostapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 12 Jan 2024 05:08:13 GMT
content-type: image/x-icon
content-length: 1150
x-frame-options: SAMEORIGIN
expires: Sun, 11 Feb 2024 06:08:13 GMT
cache-control: public, max-age=2595600
last-modified: Fri, 01 Dec 2023 09:26:12 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| mail1.ge.cnr.it/css/common,login,zhtml,skin.css?skin=harmony&v=190329055110 | 150.145.0.157 | 200 OK | 15 kB |
URL GET HTTP/2mail1.ge.cnr.it/css/common,login,zhtml,skin.css?skin=harmony&v=190329055110 IP150.145.0.157:443
Requested byhttps://57757574.000webhostapp.com/ CertificateIssuerGEANT Vereniging Subjectmail1.ge.cnr.it Fingerprint02:4D:23:E2:22:F7:DC:D6:66:7F:54:E4:9C:BB:3D:EF:09:C4:69:DE ValidityTue, 04 Apr 2023 00:00:00 GMT - Wed, 03 Apr 2024 23:59:59 GMT
File typegzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT) Hashe7018720cf1dd6e1df5468161272775c 2030413332be8759b6dd96dc2be953f27ac7addf e62b18ad56ffe9ecaf9a773d1aa5078c1a6f371ed58ca9fc77db3815da7666ed
GET /css/common,login,zhtml,skin.css?skin=harmony&v=190329055110 HTTP/1.1
Host: mail1.ge.cnr.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://57757574.000webhostapp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 12 Jan 2024 05:08:13 GMT
content-type: text/css
x-frame-options: SAMEORIGIN
expires: Sun, 11 Feb 2024 06:08:12 GMT
cache-control: public, max-age=2595600
vary: User-Agent, Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| aus5.mozilla.org/update/3/GMP/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-76-generic%20(GTK%203.24.34%2Clibpulse%20not-available)/default/default/update.xml | 35.244.181.201 | | 5.8 kB |
URL aus5.mozilla.org/update/3/GMP/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-76-generic%20(GTK%203.24.34%2Clibpulse%20not-available)/default/default/update.xml IP35.244.181.201:0
File typegzip compressed data, max speed, from Unix Hashc344a9a0ebcec7abc2e5fd1bc31459d9 e19c399652cbd4a242ea4f6d8d84ab275a92d12e 3a59d21f84cd3b7f3ed3ca00c9c97e508cfd2723840b8e66e2f28acca51c8460
GET /update/3/GMP/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-76-generic%20(GTK%203.24.34%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 12 Jan 2024 05:08:30 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=90
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-02-29-06-55-23.chain; p384ecdsa=wAjCPXclwL0GmtJEg4VGg7aQNP9Y-lXkaN8YLqd_pC336QmGVnmIKOXP__sQoLwcBI6w0KSJj1piziy7rBedKcYj1LcWZGd7o-iT9IUyzO2KpHwPwguABy_EFFWvxTfD
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ciscobinary.openh264.org/openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip |  2.22.61.59 | | 512 kB |
URL ciscobinary.openh264.org/openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip IP2.22.61.59:0 ASN#20940 Akamai International B.V.
File typeZip archive data, at least v2.0 to extract, compression method=deflate Size512 kB (511815 bytes) Hash152eda253e242e18443ef3282495bc7c ff0fa85565f21ec4931baad4573b4c0bd08c4019 8e03090fee16f6e0ee2e436af8e51d0c3deed6d9f0db80dec048e668fc009a48
GET /openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip HTTP/1.1
Host: ciscobinary.openh264.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Last-Modified: Thu, 16 Nov 2023 07:38:15 GMT
ETag: 152eda253e242e18443ef3282495bc7c
Content-Length: 511815
Accept-Ranges: bytes
X-Timestamp: 1700120294.87662
Content-Type: application/zip
X-Trans-Id: tx35e1afa589ba4bd9a93ea-006556c567dfw1
Cache-Control: public, max-age=29593
Expires: Fri, 12 Jan 2024 13:21:44 GMT
Date: Fri, 12 Jan 2024 05:08:31 GMT
Connection: keep-alive
|
|
| mail1.ge.cnr.it/skins/_base/logos/LoginBanner_white.png?v=231201095347 | 150.145.0.157 | 200 OK | 3.3 kB |
URL GET HTTP/2mail1.ge.cnr.it/skins/_base/logos/LoginBanner_white.png?v=231201095347 IP150.145.0.157:443
Requested byhttps://57757574.000webhostapp.com/ CertificateIssuerGEANT Vereniging Subjectmail1.ge.cnr.it Fingerprint02:4D:23:E2:22:F7:DC:D6:66:7F:54:E4:9C:BB:3D:EF:09:C4:69:DE ValidityTue, 04 Apr 2023 00:00:00 GMT - Wed, 03 Apr 2024 23:59:59 GMT
File typePNG image data, 163 x 36, 8-bit/color RGBA, non-interlaced Hashe04d149f1a5dec8a4b31e20e1f1413fb 44e9355e76474683c0f9ebd8c8150fffd30f9e9b 8db258b55ceabeb5c9c8bf41f59a2743c579cfcee58c34cacc945ad9c01d6ef1
GET /skins/_base/logos/LoginBanner_white.png?v=231201095347 HTTP/1.1
Host: mail1.ge.cnr.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail1.ge.cnr.it/css/common,login,zhtml,skin.css?skin=harmony&v=190329055110
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 12 Jan 2024 05:08:13 GMT
content-type: image/png
content-length: 3299
x-frame-options: SAMEORIGIN
expires: Sun, 11 Feb 2024 06:08:13 GMT
cache-control: public, max-age=2595600
last-modified: Fri, 01 Dec 2023 09:26:12 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 57757574.000webhostapp.com/ |  145.14.144.151 | 200 OK | 12 kB |
URL User Request GET HTTP/257757574.000webhostapp.com/ IP145.14.144.151:443 ASN#204915 Hostinger International Limited
CertificateIssuerDigiCert Inc Subject*.000webhostapp.com FingerprintB0:57:03:97:AE:15:06:79:FC:86:0E:E2:79:B6:B0:9D:37:04:A5:49 ValidityTue, 11 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Webmail Providers | | PhishTank | phishing | Other |
GET / HTTP/1.1
Host: 57757574.000webhostapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 12 Jan 2024 05:08:11 GMT
content-type: text/html; charset=UTF-8
server: awex
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-request-id: 4deefdb730cae688997009810179d777
content-encoding: gzip
X-Firefox-Spdy: h2
|
|