phishing.cyberhub.at Open in urlscan Pro
90.146.7.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://phishing.cyberhub.at/?rid=Ybz9JNp
Submission: On November 22 via manual (November 22nd 2019, 11:13:49 pm UTC) from HK

Summary HTTP 88 Redirects Links 47 Behaviour Indicators

Summary

This website contacted 27 IPs in 8 countries across 22 domains to perform 88 HTTP transactions. The main IP is 90.146.7.3, located in Julbach, Austria and belongs to LIWEST-AT Linz, Austria, AT. The main domain is phishing.cyberhub.at.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 8th 2019. Valid for: 3 months.

This is the only time phishing.cyberhub.at was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	90.146.7.3 90.146.7.3	12605 (LIWEST-AT...) (LIWEST-AT Linz)
1	2a02:26f0:6c0... 2a02:26f0:6c00:196::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1 5	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY - Fastly)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE - Google LLC)
15	13.225.78.13 13.225.78.13	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
17	13.224.196.60 13.224.196.60	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE - Google LLC)
2 3	2a00:1450:400... 2a00:1450:4001:818::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:816::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER - Twitter Inc.)
2	35.190.88.7 35.190.88.7	15169 (GOOGLE) (GOOGLE - Google LLC)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER - Twitter Inc.)
1	2001:4860:480... 2001:4860:4802:32::15	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1 2	172.217.22.6 172.217.22.6	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1288:f03... 2a00:1288:f03d:1fa::2000	10310 (YAHOO-1) (YAHOO-1 - Oath Holdings Inc.)
1	54.77.20.174 54.77.20.174	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	5.57.17.99 5.57.17.99	43996 (BOOKING-B...) (BOOKING-BV Booking.com)
1	85.222.128.209 85.222.128.209	14340 (SALESFORCE) (SALESFORCE - Salesforce.com)
3	161.71.1.165 161.71.1.165	14340 (SALESFORCE) (SALESFORCE - Salesforce.com)
2	3.225.17.244 3.225.17.244	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
88	27

1 90.146.7.3 (Julbach, Austria)

ASN12605 (LIWEST-AT Linz, Austria, AT)
PTR: cpe90-146-7-2-static.liwest.at

phishing.cyberhub.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:196::13b8 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s46-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 13.225.78.13 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-78-13.fra2.r.cloudfront.net

www.icelandair.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 13.224.196.60 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-196-60.fra2.r.cloudfront.net

pixels-cache.icelandair.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9d (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:818::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER - Twitter Inc., US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.88.7 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 7.88.190.35.bc.googleusercontent.com

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER - Twitter Inc., US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::15 (United States)

ASN15169 (GOOGLE - Google LLC, US)

fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.22.6 (United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s14-in-f6.1e100.net

5325168.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:f03d:1fa::2000 (United Kingdom)

ASN10310 (YAHOO-1 - Oath Holdings Inc., US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.20.174 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-77-20-174.eu-west-1.compute.amazonaws.com

w.usabilla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.194.58 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.57.17.99 (Amsterdam, Netherlands)

ASN43996 (BOOKING-BV Booking.com, NL)
PTR: q.bstatic.com

q.bstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.222.128.209 (United Kingdom)

ASN14340 (SALESFORCE - Salesforce.com, Inc., US)
PTR: dcl2-frf.eu13-frf.my.salesforce.com

icelandair.my.salesforce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 161.71.1.165 (London, United Kingdom)

ASN14340 (SALESFORCE - Salesforce.com, Inc., US)
PTR: dcl4-ncg0-lhr3.um3-lo2.force.com

service.force.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.225.17.244 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-225-17-244.compute-1.amazonaws.com

errors.client.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	icelandair.com www.icelandair.com pixels-cache.icelandair.com	1 MB
5	doubleclick.net 3 redirects stats.g.doubleclick.net googleads.g.doubleclick.net 5325168.fls.doubleclick.net	3 KB
5	google-analytics.com 1 redirects www.google-analytics.com	57 KB
3	force.com service.force.com	9 KB
3	facebook.net connect.facebook.net	123 KB
3	google.de www.google.de	743 B
3	google.com 2 redirects www.google.com	651 B
3	optimizely.com cdn.optimizely.com errors.client.optimizely.com	90 KB
2	facebook.com www.facebook.com	468 B
2	yimg.com s.yimg.com	6 KB
2	fullstory.com fullstory.com rs.fullstory.com	66 KB
2	bugsnag.com sessions.bugsnag.com	328 B
2	bing.com bat.bing.com	8 KB
1	salesforce.com icelandair.my.salesforce.com	9 KB
1	bstatic.com q.bstatic.com	1 KB
1	usabilla.com w.usabilla.com	90 B
1	twitter.com analytics.twitter.com	495 B
1	t.co t.co	448 B
1	googleadservices.com www.googleadservices.com	10 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	googletagmanager.com www.googletagmanager.com	33 KB
1	cyberhub.at phishing.cyberhub.at	129 KB
88	22

	Domain	Requested by
17	pixels-cache.icelandair.com	phishing.cyberhub.at www.google-analytics.com www.icelandair.com
15	www.icelandair.com	phishing.cyberhub.at www.icelandair.com
5	www.google-analytics.com	1 redirects www.googletagmanager.com phishing.cyberhub.at www.google-analytics.com
3	service.force.com	icelandair.my.salesforce.com
3	connect.facebook.net	phishing.cyberhub.at connect.facebook.net
3	www.google.de	phishing.cyberhub.at
3	www.google.com	2 redirects phishing.cyberhub.at
2	errors.client.optimizely.com	cdn.optimizely.com
2	www.facebook.com	phishing.cyberhub.at connect.facebook.net
2	s.yimg.com	phishing.cyberhub.at s.yimg.com
2	5325168.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	sessions.bugsnag.com	www.icelandair.com phishing.cyberhub.at
2	stats.g.doubleclick.net	2 redirects
2	bat.bing.com	www.googletagmanager.com phishing.cyberhub.at
1	icelandair.my.salesforce.com	www.icelandair.com
1	q.bstatic.com	www.icelandair.com
1	rs.fullstory.com	fullstory.com
1	w.usabilla.com	phishing.cyberhub.at
1	fullstory.com	phishing.cyberhub.at
1	analytics.twitter.com	static.ads-twitter.com
1	t.co	phishing.cyberhub.at
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	www.googletagmanager.com	phishing.cyberhub.at
1	cdn.optimizely.com	phishing.cyberhub.at
1	phishing.cyberhub.at
88	27

This site contains links to these domains. Also see Links.

Domain
www.icelandair.com
carrental.icelandair.com
hotels.icelandair.com
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com

Subject Issuer	Validity	Valid
phishing.cyberhub.at Let's Encrypt Authority X3	`2019-10-08` - `2020-01-06`	3 months	crt.sh
cdn.optimizely.com DigiCert ECC Secure Server CA	`2018-11-24` - `2020-02-23`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2019-08-14` - `2020-08-18`	a year	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
www.googleadservices.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.icelandair.com DigiCert SHA2 High Assurance Server CA	`2018-11-05` - `2021-01-22`	2 years	crt.sh
www.google.de GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh
www.google.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.bugsnag.com COMODO RSA Domain Validation Secure Server CA	`2018-05-18` - `2020-06-01`	2 years	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh
*.fullstory.com COMODO RSA Domain Validation Secure Server CA	`2017-12-27` - `2021-03-26`	3 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-11-06` - `2020-02-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2019-11-01` - `2019-12-16`	a month	crt.sh
w.usabilla.com Amazon	`2019-05-08` - `2020-06-08`	a year	crt.sh
*.bstatic.com DigiCert ECC Secure Server CA	`2019-01-08` - `2020-01-13`	a year	crt.sh
*.my.salesforce.com DigiCert SHA2 Secure Server CA	`2017-12-03` - `2020-12-02`	3 years	crt.sh
*.um3.force.com DigiCert SHA2 Secure Server CA	`2018-06-24` - `2020-06-24`	2 years	crt.sh
errors.client.optimizely.com DigiCert SHA2 High Assurance Server CA	`2018-09-24` - `2020-09-28`	2 years	crt.sh

This page contains 4 frames:

Primary Page: https://phishing.cyberhub.at/?rid=Ybz9JNp
Frame ID: 6F43662F85C8EE2B95BA4EAF745CD15D
Requests: 87 HTTP requests in this frame

Frame: https://5325168.fls.doubleclick.net/activityi;dc_pre=CIyepID5_uUCFQKLdwodqQEGPA;src=5325168;type=remar0;cat=gener0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7829769459688.36
Frame ID: 00399E4A14BD60C7474F28A298FEB2CC
Requests: 1 HTTP requests in this frame

Frame: https://w.usabilla.com/ac5d7b0d8b59.js?lv=1
Frame ID: 0874DB3B30DFBBFA661538050C8C0078
Requests: 1 HTTP requests in this frame

Frame: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://phishing.cyberhub.at/?rid=Ybz9JNp
Frame ID: CD2C02BB772881A8B553342EFAC707D9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<[^>]+data-react/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /optimizely\.com.*\.js/i

Page Statistics

88
Requests

80 %
HTTPS

44 %
IPv6

22
Domains

27
Subdomains

27
IPs

8
Countries

1921 kB
Transfer

6393 kB
Size

13
Cookies

47 Outgoing links

These are links going to different origins than the main page.

URL: https://www.icelandair.com/blogg/tilkynning-vegna-boeing-737max/
Title: Tilkynning Icelandair vegna Boeing 737MAX

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/is/#booking_section
Title: Beint í að bóka

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/flug/
Title: Flug

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/flug/stopover/
Title: Stopover

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/flug/gjafabref/
Title: Gjafabréf

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/frequent-flyer/
Title: Saga Club

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/pakkaferdir/hopabokun/
Title: Hópabókun

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/flug/london/
Title: London

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/flug/paris/
Title: París

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/flug/kaupmannahofn/
Title: Kaupmannahöfn

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/flug/amsterdam/
Title: Amsterdam

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/flug/reykjavik/
Title: Reykjavík

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/flug/berlin/
Title: Berlín

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/pakkaferdir/
Title: Pakkaferðir

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/pakkaferdir/ferdir/
Title: Ferðir

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/pakkaferdir/nordurljos/
Title: Norðurljós

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/pakkaferdir/borgarferdir/
Title: Borgarferðir

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/pakkaferdir/rutuferdir-med-fararstjorn/
Title: Leiðsögn

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/pakkaferdir/flug-og-bill/
Title: Flug

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/adstod/
Title: Aðstoð

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/adstod/farangur/
Title: Farangursreglur

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/adstod/fyrir-flugid/
Title: Fyrir flug

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/adstod/um-bord/
Title: Um borð

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/adstod/seradstod/
Title: Séraðstoð

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/adstod/um-bord/farrymi-um-bord/
Title: Fargjöld og farrými

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/adstod/flugvellir/
Title: Flugvellir

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/adstod/hafdu-samband/
Title: Hafðu samband

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/adstod/fyrir-flugid/stada-a-flugi/
Title: Staða á flugi

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/#cars
Title: Bílaleiga

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/#book-hotel
Title: Hótel

Search URL Search Domain Scan URL

URL: https://carrental.icelandair.com/?adplat=mobilenav&adcamp=mobilepage&preflang=us
Title: Bíll

Search URL Search Domain Scan URL

URL: https://hotels.icelandair.com/?lang=en-us&selected_currency=USD&label=mobilenav
Title: Hótel

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/flug/boston/
Title: BostonLesa nánar

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/flug/toronto/
Title: TorontoLesa nánar

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/um-okkur/kolefnisjafna/
Title: Lesa nánar

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/frequent-flyer/sertilbod/
Title: Lesa nánar

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Icelandair/

Search URL Search Domain Scan URL

URL: https://twitter.com/Icelandair/
Title: Twitter-blackCreated with Sketch.

Search URL Search Domain Scan URL

URL: https://www.instagram.com/icelandair/
Title: InstagramCreated with Sketch.

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/icelandair/
Title: ShapeCreated with Sketch.

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/um-okkur/
Title: Um okkur

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/adstod/fyrir-flugid/flugaaetlun/
Title: Flugáætlun

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/blogg/
Title: Blogg

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/sitemap/
Title: Veftré

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/um-okkur/job-vacancies/
Title: Störf í boði

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/is/adstod/skilmalar-og-skilyrdi/notkun-fotspora/
Title: notkun fótspora

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-100058470-6&cid=1262014645.1574464412&jid=148747761&gjid=239768589&_gid=1961017051.1574464412&_u=YGBAgEAB~&z=1149738372 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-100058470-6&cid=1262014645.1574464412&jid=148747761&_v=j79&z=1149738372 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-100058470-6&cid=1262014645.1574464412&jid=148747761&_v=j79&z=1149738372&slf_rd=1&random=3677003393

Request Chain 15

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=15442558&t=pageview&_s=1&dl=https%3A%2F%2Fphishing.cyberhub.at%2F%3Frid%3DYbz9JNp&ul=en-us&de=UTF-8&dt=Flug%20til%20Evr%C3%B3pu%20og%20Nor%C3%B0ur-Amer%C3%ADku%20%7C%20Icelandair&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YGDACEABB~&jid=1434073151&gjid=1519941014&cid=1262014645.1574464412&tid=UA-100058470-1&_gid=1961017051.1574464412&_r=1&gtm=2wgav9KJ476ZB&cd9=Icelandair%20Web&cd7=is-IS&cd8=blt715fda00704788b2&z=412701876 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-100058470-1&cid=1262014645.1574464412&jid=1434073151&_gid=1961017051.1574464412&gjid=1519941014&_v=j79&z=412701876 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-100058470-1&cid=1262014645.1574464412&jid=1434073151&_v=j79&z=412701876 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-100058470-1&cid=1262014645.1574464412&jid=1434073151&_v=j79&z=412701876&slf_rd=1&random=3209967692

Request Chain 47

https://5325168.fls.doubleclick.net/activityi;src=5325168;type=remar0;cat=gener0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7829769459688.36 HTTP 302
https://5325168.fls.doubleclick.net/activityi;dc_pre=CIyepID5_uUCFQKLdwodqQEGPA;src=5325168;type=remar0;cat=gener0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7829769459688.36

88 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
phishing.cyberhub.at/ 627 KB
129 KB 202ms
107ms Document
text/html 90.146.7.3
LIWEST-AT Linz

General

Check archive.org

Show headers Download Go to

Full URL: https://phishing.cyberhub.at/?rid=Ybz9JNp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 90.146.7.3 Julbach, Austria, ASN12605 (LIWEST-AT Linz, Austria, AT),
Reverse DNS: cpe90-146-7-2-static.liwest.at
Software: nginx/1.10.3 /
Resource Hash: a7d9cec51905cc029a38f975ae54fccb19ae25baa67e836e17d09b3af756efd7

Request headers

Host: phishing.cyberhub.at
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Sec-Fetch-User: ?1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Sec-Fetch-User: ?1

Response headers

Server: nginx/1.10.3
Date: Fri, 22 Nov 2019 23:13:32 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
X-Server: gophish

GET
H2 200 optimizely.js Show response
cdn.optimizely.com/public/8562715284/s/ 308 KB
90 KB 54ms
30ms Script
text/javascript 2a02:26f0:6c00:196::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/public/8562715284/s/optimizely.js

Requested by

Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:196::13b8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e10f1ac43bcfaf848fa964091ccd9b94229f0dfb9a831cbebd0f7a489fbdda2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: EsuSCD1_buiZoOtgsRp3odNdvhXEmptt
content-encoding: gzip
x-amz-request-id: 064B2D5D370EA1BC
status: 200
access-control-max-age: 86400
date: Fri, 22 Nov 2019 23:13:32 GMT
x-amz-replication-status: COMPLETED
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="5";dur=0,cdnip;desc="2a02:26f0:6c00:196::13b8";dur=0,cdnmap;desc="";dur=0,proto;desc="h2";dur=0
strict-transport-security: max-age=15768000
content-length: 91080
x-amz-id-2: 7UspO9bQxesyZRPb7X1afYsYgXN5BGI5f9uoqaibjCe6faFuDRm+Lkg5LnW3tE55PNzFYZSrjIA=
last-modified: Wed, 20 Nov 2019 12:18:18 GMT
server: AmazonS3
etag: "3d1abe1cdfc119fccb94813eef2ed9fe"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
x-amz-meta-revision: 3515
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 106 KB
33 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:806::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KJ476ZB

Requested by

Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

81f6adcfaa579637c9539e8eb6376a92bae5544fc0e2755bb100055b00b7c9e0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 23:13:32 GMT
content-encoding: br
last-modified: Fri, 22 Nov 2019 21:26:41 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 33342
x-xss-protection: 0
expires: Fri, 22 Nov 2019 23:13:32 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJ476ZB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 2395
date: Fri, 22 Nov 2019 22:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Sat, 23 Nov 2019 00:33:37 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 19ms
6ms Script
application/javascript 151.101.12.157
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJ476ZB
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 23:13:32 GMT
content-encoding: gzip
age: 53992
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1954
x-served-by: cache-fra19173-FRA
last-modified: Tue, 23 Jan 2018 20:09:00 GMT
x-timer: S1574464412.339814,VS0,VE0
etag: "b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
H2 200 bat.js Show response
bat.bing.com/ 23 KB
7 KB 74ms
46ms Script
application/javascript 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJ476ZB
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 23:13:31 GMT
content-encoding: gzip
last-modified: Tue, 10 Sep 2019 18:57:28 GMT
x-msedge-ref: Ref A: FB7196C98C234184ACC572732CE7167F Ref B: VIEEDGE0321 Ref C: 2019-11-22T23:13:32Z
access-control-allow-origin: *
etag: "09c5197968d51:0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7148

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 25 KB
10 KB 27ms
15ms Script
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJ476ZB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

69e3a796f4b120879065a812b95b56fd4d28f88faf8c1976ad9b0fa2f31dc0eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 23:13:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9614
x-xss-protection: 0
server: cafe
etag: 5296095546589048175
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 22 Nov 2019 23:13:32 GMT

GET
H2 200 app.3bf0340d20e2f3937fd3.css
www.icelandair.com/ 570 KB
92 KB 62ms
10ms Stylesheet
text/css 13.225.78.13
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.icelandair.com/app.3bf0340d20e2f3937fd3.css
Requested by: Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.13 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-78-13.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 84c0ca1efc4704e0af66ab44b08a03b85002ccf147a9d959506acb811348d923

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 11:34:09 GMT
content-encoding: gzip
last-modified: Fri, 22 Nov 2019 11:07:55 GMT
server: nginx
age: 8064
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
status: 200
cache-control: public, max-age=86400
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: bYEw9WVfynRLpX38mz4YQVw91jCwHb7Snz6YtPfS--qQuWIEiPV-5A==
via: 1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)

GET
H2 200 bltbfbff19cec7c56b4.svg
pixels-cache.icelandair.com/upload/icelandair/ 5 KB
2 KB 50ms
7ms Image
image/svg+xml 13.224.196.60
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixels-cache.icelandair.com/upload/icelandair/bltbfbff19cec7c56b4.svg
Requested by: Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.196.60 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-196-60.fra2.r.cloudfront.net
Software: cloudinary /
Resource Hash: 31a2dff11fb3789bdf4f432de711f80969395dcaf2854c56ef635bcd127ef63b

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Tue, 01 Oct 2019 18:50:25 GMT
content-encoding: gzip
x-amz-cf-pop: FRA2-C1
edge-cache-tag: 260763478252089303584690682717182431845,3504db265fc3fe876ff0ee3e475954d8
status: 200
content-disposition: attachment; filename="bltbfbff19cec7c56b4.svg"
content-length: 1820
via: 1.1 varnish, 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
x-served-by: cache-fra19123-FRA
x-cache: Hit from cloudfront
last-modified: Fri, 17 Aug 2018 11:32:47 GMT
server: cloudinary
x-timer: S1569955826.690959,VS0,VE172
etag: W/"280c0b6c865820a6478ff842af43117a"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Range,User-Agent
x-amz-cf-id: JcvoVLQForNrsdg_v1g8XFw5q_Tkjy0nPIj5n2wMJa1BRFRORM63IQ==
x-cache-hits: 0

GET
H2 200 app.708c76e4ff882a2ad5dc.js Show response
www.icelandair.com/ 3 MB
849 KB 56ms
21ms Script
application/javascript 13.225.78.13
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.icelandair.com/app.708c76e4ff882a2ad5dc.js
Requested by: Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.13 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-78-13.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 973ba412c47abddeb91a7d4d9c7c2fa648a9bb444d797f720ebf768f0cbbd39c

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 11:34:09 GMT
content-encoding: gzip
last-modified: Fri, 22 Nov 2019 11:07:55 GMT
server: nginx
age: 8064
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 75Sl5o9C_-fhOhjbYmZC2EmwigP5c7dXkUpuCj3go8gUn84v2CWKhg==
via: 1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)

GET
H2 200 bltf2847770c998d7ef.jpg
pixels-cache.icelandair.com/upload/w_420%2Ch_345%2Cg_auto%2Cc_fill%2Cf_auto%2Cq_auto/icelandair/ 27 KB
27 KB 34ms
9ms Image
image/jpeg 13.224.196.60
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixels-cache.icelandair.com/upload/w_420%2Ch_345%2Cg_auto%2Cc_fill%2Cf_auto%2Cq_auto/icelandair/bltf2847770c998d7ef.jpg
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.196.60 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-196-60.fra2.r.cloudfront.net
Software: cloudinary /
Resource Hash: 8e00832acda0f6ec247647fcc6178e2d7795fea4c41883b10c6b0052a0026303

Request headers

Referer: https://www.icelandair.com/is/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Tue, 15 Oct 2019 14:39:30 GMT
via: 1.1 varnish, 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
edge-cache-tag: 202341593660264392345842948659500718373,233263233724832891939130247513961513552,3504db265fc3fe876ff0ee3e475954d8
status: 200
x-cache: Hit from cloudfront
content-length: 27403
x-served-by: cache-hhn4032-HHN
last-modified: Sat, 14 Jul 2018 21:14:16 GMT
server: cloudinary
x-timer: S1568753576.693082,VS0,VE1
etag: "264824ad2d74d08f80ce0a6b9f640834"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Range,User-Agent
x-amz-cf-id: Dek-1eDnJzCVrLWpuRorI3MZKUzQZbZITTcldWJWVpFuhpeu6U9adg==
x-cache-hits: 1

GET
H2 200 bltf7023fdb009f9adc.jpg
pixels-cache.icelandair.com/upload/w_420%2Ch_345%2Cg_auto%2Cc_fill%2Cf_auto%2Cq_auto/icelandair/ 26 KB
27 KB 34ms
9ms Image
image/jpeg 13.224.196.60
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixels-cache.icelandair.com/upload/w_420%2Ch_345%2Cg_auto%2Cc_fill%2Cf_auto%2Cq_auto/icelandair/bltf7023fdb009f9adc.jpg
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.196.60 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-196-60.fra2.r.cloudfront.net
Software: cloudinary /
Resource Hash: 5df05085223c4ef3b06e45abd0685317cc2c293adcfc55f07094171498375cae

Request headers

Referer: https://www.icelandair.com/is/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Sat, 16 Nov 2019 08:46:39 GMT
via: 1.1 varnish, 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
age: 27243
edge-cache-tag: 437858938308289637129056994667444064173,233263233724832891939130247513961513552,3504db265fc3fe876ff0ee3e475954d8
status: 200
x-cache: Hit from cloudfront
content-length: 27068
x-served-by: cache-fra19146-FRA
last-modified: Mon, 16 Jul 2018 16:11:35 GMT
server: cloudinary
x-timer: S1568708733.692080,VS0,VE225
etag: "10b391acedad3f0157e9651358280155"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, no-transform, immutable, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Range,User-Agent
x-amz-cf-id: wju0jtxdK987A_R15FYiUzUCU9GvWCWOmOtyy0DA6fKPkC3u14WPjA==
x-cache-hits: 0

GET
H2 200 blt9c8657adad78d14e.jpg
pixels-cache.icelandair.com/upload/w_420%2Ch_345%2Cg_auto%2Cc_fill%2Cf_auto%2Cq_auto/icelandair/ 19 KB
19 KB 33ms
9ms Image
image/jpeg 13.224.196.60
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixels-cache.icelandair.com/upload/w_420%2Ch_345%2Cg_auto%2Cc_fill%2Cf_auto%2Cq_auto/icelandair/blt9c8657adad78d14e.jpg
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.196.60 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-196-60.fra2.r.cloudfront.net
Software: cloudinary /
Resource Hash: ed5b31e8bed3703f57b15bc0fdab600603ae477f5b921ebf810bc8b26394fd85

Request headers

Referer: https://www.icelandair.com/is/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Tue, 08 Oct 2019 19:23:59 GMT
via: 1.1 varnish, 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
edge-cache-tag: 526116806112290964406806954303913136172,233263233724832891939130247513961513552,3504db265fc3fe876ff0ee3e475954d8
status: 200
x-cache: Hit from cloudfront
content-length: 19043
x-served-by: cache-hhn4043-HHN
last-modified: Thu, 19 Jul 2018 09:21:37 GMT
server: cloudinary
x-timer: S1568708991.381890,VS0,VE1
etag: "8e9c56fc10873d9df8c5fa150f599e21"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Range,User-Agent
x-amz-cf-id: FzVKatWmNEGaeFfFbO7_rhCZaLQHcE1hppfyP0BOkhj23BPH_phnVw==
x-cache-hits: 1

GET
H2 200 bltfc81f5ee9c19b106.jpg
pixels-cache.icelandair.com/upload/w_80%2Ch_45%2Cg_north_west%2Cc_fill%2Cf_auto%2Cq_auto%2Ce_blur:140/icelandair/ 698 B
1 KB 35ms
11ms Image
image/jpeg 13.224.196.60
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixels-cache.icelandair.com/upload/w_80%2Ch_45%2Cg_north_west%2Cc_fill%2Cf_auto%2Cq_auto%2Ce_blur:140/icelandair/bltfc81f5ee9c19b106.jpg

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.224.196.60 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-13-224-196-60.fra2.r.cloudfront.net

Software

Cloudinary /

Resource Hash

cdc68713ee7ddd9826413561a37f30b27e2e075130cb8ef1a339dc460181f7bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.icelandair.com/is/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 14:11:49 GMT
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
age: 433856
x-cache: Hit from cloudfront
status: 200
server-timing: cloudinary;dur=65;start=2019-11-15T14:11:49.292Z,fastly;dur=0;total=158;start=2019-11-15T14:11:49.247Z;desc=MISS,rtt;dur=1
content-length: 698
last-modified: Fri, 15 Nov 2019 13:51:30 GMT
server: Cloudinary
etag: "8827c5910018af55d5bec84002b3cb1f"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Server-Timing
cache-control: public, no-transform, immutable, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Bqe92MSQkpNFc120TKPtJLrb7Lp0JOQT6SXehQYIliXGJCWOGdl77Q==

GET
H2 200 collect
www.google-analytics.com/ 35 B
108 B 6ms
5ms Image
image/gif 2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&aip=1&a=15442558&t=pageview&_s=1&dl=https%3A%2F%2Fphishing.cyberhub.at%2F%3Frid%3DYbz9JNp&ul=en-us&de=UTF-8&dt=Flug%20til%20Evr%C3%B3pu%20og%20Nor%C3%B0ur-Amer%C3%ADku%20%7C%20Icelandair&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YGBAgEAB~&jid=148747761&gjid=239768589&cid=1262014645.1574464412&tid=UA-100058470-6&_gid=1961017051.1574464412&gtm=2wgav9KJ476ZB&cg1=Portal&cg2=IS-is&cd9=FI%2FIS%2Fis%2FPortal&z=1601272715

Requested by

Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Nov 2019 00:01:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83547
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-100058470-6&cid=1262014645.1574464412&jid=148747761&gjid=239768589&_gid=1961017051.1574464412&_u=YGBAgEAB~&z=1149738372
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-100058470-6&cid=1262014645.1574464412&jid=148747761&_v=j79&z=1149738372
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-100058470-6&cid=1262014645.1574464412&jid=148747761&_v=j79&z=1149738372&slf_rd=1&random=3677003393

42 B
109 B

17ms
17ms

Image
image/gif

2a00:1450:4001:800::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-100058470-6&cid=1262014645.1574464412&jid=148747761&_v=j79&z=1149738372&slf_rd=1&random=3677003393

Requested by

Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Nov 2019 23:13:32 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 22 Nov 2019 23:13:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-100058470-6&cid=1262014645.1574464412&jid=148747761&_v=j79&z=1149738372&slf_rd=1&random=3677003393
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=15442558&t=pageview&_s=1&dl=https%3A%2F%2Fphishing.cyberhub.at%2F%3Frid%3DYbz9JNp&ul=en-us&de=UTF-8&dt=Flug%20til%20Evr%C3%B3pu%20og%20Nor%C3...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-100058470-1&cid=1262014645.1574464412&jid=1434073151&_gid=1961017051.1574464412&gjid=1519941014&_v=j79&z=412701876
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-100058470-1&cid=1262014645.1574464412&jid=1434073151&_v=j79&z=412701876
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-100058470-1&cid=1262014645.1574464412&jid=1434073151&_v=j79&z=412701876&slf_rd=1&random=3209967692

42 B
109 B

19ms
18ms

Image
image/gif

2a00:1450:4001:800::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-100058470-1&cid=1262014645.1574464412&jid=1434073151&_v=j79&z=412701876&slf_rd=1&random=3209967692

Requested by

Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Nov 2019 23:13:32 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 22 Nov 2019 23:13:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-100058470-1&cid=1262014645.1574464412&jid=1434073151&_v=j79&z=412701876&slf_rd=1&random=3209967692
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1035035799/ 2 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1035035799/?random=1574464412378&cv=9&fst=1574464412378&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgav9&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fphishing.cyberhub.at%2F%3Frid%3DYbz9JNp&tiba=Flug%20til%20Evr%C3%B3pu%20og%20Nor%C3%B0ur-Amer%C3%ADku%20%7C%20Icelandair&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

fd96281305a635ebd130f654c20e3c5c20a9ed97ab3958cfb5093f12031f3ea2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Nov 2019 23:13:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 976
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
448 B 125ms
111ms Image
image/gif 104.244.42.197
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nyzs6&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

Requested by

Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 23:13:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=0
content-length: 65
x-xss-protection: 0
x-response-time: 104
pragma: no-cache
last-modified: Fri, 22 Nov 2019 23:13:32 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 7b2263c895d92c01ddba19e6e714651f
x-transaction: 0020b236006bfc3b
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1035035799/ 42 B
287 B 22ms
21ms Image
image/gif 2a00:1450:4001:818::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1035035799/?random=1574464412378&cv=9&fst=1574463600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgav9&sendb=1&frm=0&url=https%3A%2F%2Fphishing.cyberhub.at%2F%3Frid%3DYbz9JNp&tiba=Flug%20til%20Evr%C3%B3pu%20og%20Nor%C3%B0ur-Amer%C3%ADku%20%7C%20Icelandair&async=1&fmt=3&is_vtc=1&random=738427232&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Nov 2019 23:13:32 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1035035799/ 42 B
525 B 33ms
22ms Image
image/gif 2a00:1450:4001:800::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1035035799/?random=1574464412378&cv=9&fst=1574463600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgav9&sendb=1&frm=0&url=https%3A%2F%2Fphishing.cyberhub.at%2F%3Frid%3DYbz9JNp&tiba=Flug%20til%20Evr%C3%B3pu%20og%20Nor%C3%B0ur-Amer%C3%ADku%20%7C%20Icelandair&async=1&fmt=3&is_vtc=1&random=738427232&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Nov 2019 23:13:32 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 545 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13064e6beb64237b4b1d0ad0981317636135b306f071c28b4ec5e938b0d0a800

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET 34843D_C_0.woff2
www.icelandair.com/static/fonts/NeueHaasUnicaPro/ 0
0

GET Altitude-Medium.woff2
www.icelandair.com/static/fonts/Altitude/ 0
0

GET
H2 200 0849b92f-12f7-438c-acdf-d269e324373e.svg
pixels-cache.icelandair.com/upload/icelandair/ 168 KB
77 KB 7ms
7ms Image
image/svg+xml 13.224.196.60
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixels-cache.icelandair.com/upload/icelandair/0849b92f-12f7-438c-acdf-d269e324373e.svg
Requested by: Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.196.60 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-196-60.fra2.r.cloudfront.net
Software: cloudinary /
Resource Hash: 6ee805b7b405789f22b3c8f6eb6ed9dc70f4dea8baf6471e69c4754c06233cf0

Request headers

Referer: https://www.icelandair.com/app.3bf0340d20e2f3937fd3.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Mon, 18 Nov 2019 00:15:04 GMT
content-encoding: gzip
age: 428308
edge-cache-tag: 303525825606928239408065653165776000947,3504db265fc3fe876ff0ee3e475954d8
status: 200
content-disposition: attachment; filename="0849b92f-12f7-438c-acdf-d269e324373e.svg"
via: 1.1 varnish, 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
x-served-by: cache-fra19130-FRA
x-cache: Hit from cloudfront
last-modified: Tue, 02 Jul 2019 10:02:57 GMT
server: cloudinary
x-timer: S1571443678.132088,VS0,VE289
etag: W/"de1f945c4bb421fcf3c35a4bf2f402e1"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, no-transform, immutable, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Range,User-Agent
x-amz-cf-id: 8aGKhoj51DcbeGPxfXQ-I30xcFQIeLtUo_JWL51cwsBvm0qcigm9aQ==
x-cache-hits: 0

GET 34843D_8_0.woff2
www.icelandair.com/static/fonts/NeueHaasUnicaPro/ 0
0

GET Altitude-Regular.woff2
www.icelandair.com/static/fonts/Altitude/ 0
0

GET 34843D_3_0.woff2
www.icelandair.com/static/fonts/NeueHaasUnicaPro/ 0
0

GET 34843D_A_0.woff2
www.icelandair.com/static/fonts/NeueHaasUnicaPro/ 0
0

GET 34843D_C_0.woff
www.icelandair.com/static/fonts/NeueHaasUnicaPro/ 0
0

GET
H2 204 0
bat.bing.com/action/ 0
148 B 47ms
46ms Image
text/plain 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=4052855&Ver=2&mid=9bcefdb7-b754-6e8e-734a-303daa810f9a&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Flug%20til%20Evr%C3%B3pu%20og%20Nor%C3%B0ur-Amer%C3%ADku%20%7C%20Icelandair&p=https%3A%2F%2Fphishing.cyberhub.at%2F%3Frid%3DYbz9JNp&r=&evt=pageLoad&msclkid=N&rn=186120
Requested by: Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Fri, 22 Nov 2019 23:13:31 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: F9FF600C0C814E96860C6A2CAD95ED5E Ref B: VIEEDGE0321 Ref C: 2019-11-22T23:13:32Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET 34843D_A_0.woff
www.icelandair.com/static/fonts/NeueHaasUnicaPro/ 0
0

GET 34843D_3_0.woff
www.icelandair.com/static/fonts/NeueHaasUnicaPro/ 0
0

GET Altitude-Medium.woff
www.icelandair.com/static/fonts/Altitude/ 0
0

GET 34843D_8_0.woff
www.icelandair.com/static/fonts/NeueHaasUnicaPro/ 0
0

GET Altitude-Regular.woff
www.icelandair.com/static/fonts/Altitude/ 0
0

GET 34843D_C_0.ttf
www.icelandair.com/static/fonts/NeueHaasUnicaPro/ 0
0

GET 34843D_3_0.ttf
www.icelandair.com/static/fonts/NeueHaasUnicaPro/ 0
0

GET 34843D_A_0.ttf
www.icelandair.com/static/fonts/NeueHaasUnicaPro/ 0
0

GET Altitude-Regular.ttf
www.icelandair.com/static/fonts/Altitude/ 0
0

GET 34843D_8_0.ttf
www.icelandair.com/static/fonts/NeueHaasUnicaPro/ 0
0

GET Altitude-Medium.ttf
www.icelandair.com/static/fonts/Altitude/ 0
0

OPTIONS
H2 200 / Show response
sessions.bugsnag.com/ 0
222 B 157ms
143ms XHR
text/plain 35.190.88.7
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: www.icelandair.com
URL: https://www.icelandair.com/app.708c76e4ff882a2ad5dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.88.7 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 7.88.190.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://phishing.cyberhub.at
Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type

Response headers

date: Fri, 22 Nov 2019 23:13:32 GMT
via: 1.1 google
access-control-allow-origin: *
access-control-allow-methods: POST
status: 200
access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
alt-svc: clear
content-length: 0

OPTIONS
H2 403 / Show response
www.icelandair.com/api/ip/ 0
0 6ms
5ms Fetch
text/html 13.225.78.13
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.icelandair.com/api/ip/
Requested by: Host: www.icelandair.com
URL: https://www.icelandair.com/app.708c76e4ff882a2ad5dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.13 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-78-13.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: GET
Origin: https://phishing.cyberhub.at
Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers: x-correlation-id

Response headers

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
495 B 118ms
118ms Script
application/javascript 104.244.42.3
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nyzs6&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fphishing.cyberhub.at%2F%3Frid%3DYbz9JNp

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 23:13:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 113
pragma: no-cache
last-modified: Fri, 22 Nov 2019 23:13:32 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 57f9bbdbd86a6b2199e98f39561b7477
x-transaction: 0063b290008755e9
expires: Tue, 31 Mar 1981 05:00:00 GMT

OPTIONS
H2 403 index.json Show response
www.icelandair.com/api/bookingconfig/v1/ 0
0 6ms
6ms Fetch
text/html 13.225.78.13
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.icelandair.com/api/bookingconfig/v1/index.json
Requested by: Host: www.icelandair.com
URL: https://www.icelandair.com/app.708c76e4ff882a2ad5dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.13 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-78-13.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: GET
Origin: https://phishing.cyberhub.at
Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers: x-correlation-id

Response headers

GET
H2 200 fs.js Show response
fullstory.com/s/ 179 KB
65 KB 40ms
14ms Script
application/javascript 2001:4860:4802:32::15
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fullstory.com/s/fs.js

Requested by

Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

0d6f67ad4ef16f69d04d1d86fac8b5ad460b145b86a363ebc91d76cf0b98b721

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
content-encoding: gzip
server: Google Frontend
age: 271
etag: "zM_jJg"
vary: Accept-Encoding
content-type: application/javascript
status: 200
x-cloud-trace-context: b26d3d71c9ec01caf59df699ef39d261
cache-control: public, max-age=600
date: Fri, 22 Nov 2019 23:09:01 GMT
timing-allow-origin: *
access-control-allow-origin: *
content-length: 66524
expires: Fri, 22 Nov 2019 23:19:01 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 121 KB
27 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

f20f83cb7683a1a3138cd52201d83436e33a5e67ef0b9c96bbdab860b5f7da16

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
content-length: 26765
x-xss-protection: 0
pragma: public
x-fb-debug: ZLzbA62l+iJaN49EkTVOw9wIDuSpufePJWSGgCINodHuAp/lTBbQOVs8FhPe02mjySUpshK87xljj+1LHvrF1A==
x-fb-trip-id: 420120009
date: Fri, 22 Nov 2019 23:13:32 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CIyepID5_uUCFQKLdwodqQEGPA;src=5325168;type=remar0;cat=gener0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7829769459688.36
5325168.fls.doubleclick.net/ Frame 0039
Redirect Chain

https://5325168.fls.doubleclick.net/activityi;src=5325168;type=remar0;cat=gener0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7829769459688.36?
https://5325168.fls.doubleclick.net/activityi;dc_pre=CIyepID5_uUCFQKLdwodqQEGPA;src=5325168;type=remar0;cat=gener0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7829769459688.36?

0
0

24ms
24ms

Document
text/html

172.217.22.6
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://5325168.fls.doubleclick.net/activityi;dc_pre=CIyepID5_uUCFQKLdwodqQEGPA;src=5325168;type=remar0;cat=gener0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7829769459688.36?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJ476ZB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.6 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5325168.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CIyepID5_uUCFQKLdwodqQEGPA;src=5325168;type=remar0;cat=gener0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7829769459688.36?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlo9GXE4DA4DoGm5o6kL6477Bj2OiRoaFNVeT_CPA-PpYHAXnQjuVJvRDJJ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Fri, 22 Nov 2019 23:13:32 GMT
expires: Fri, 22 Nov 2019 23:13:32 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 319
x-xss-protection: 0
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Fri, 22 Nov 2019 23:13:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5325168.fls.doubleclick.net/activityi;dc_pre=CIyepID5_uUCFQKLdwodqQEGPA;src=5325168;type=remar0;cat=gener0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7829769459688.36?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: IDE=AHWqTUlo9GXE4DA4DoGm5o6kL6477Bj2OiRoaFNVeT_CPA-PpYHAXnQjuVJvRDJJ; expires=Wed, 16-Dec-2020 23:13:32 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 19 KB
6 KB 40ms
12ms Script
application/javascript 2a00:1288:f03d:1fa::2000
Oath Holdings Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),

Reverse DNS

Software

ATS /

Resource Hash

7edb2213c1f4f569617389783ba544f9997d11a1fc5e54406582b25967bfde66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 23:10:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 168
x-amz-server-side-encryption: AES256
status: 200
content-length: 5150
strict-transport-security: max-age=15552000
x-amz-request-id: C208B71B41297A44
x-amz-id-2: iwF/E7OLuMm1eLn3YnUgFhV+bakX0efTc9FG+Mw3wf/F8DgRgEevkAzoGZkiTatv6baUqVQJRSM=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 12 Nov 2020 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 08 Oct 2019 10:16:59 GMT
server: ATS
etag: "254a43f994019deb4ca1830f04bd5d32-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
x-amz-version-id: x4Y4HVRbF4l0Lw4GKvYmVr0DuE8bwWr0
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
accept-ranges: bytes
content-type: application/javascript

OPTIONS
H2 403 index.json Show response
www.icelandair.com/api/content/v3/wwwconfig/v1/en-us/ 0
0 114ms
114ms Fetch
text/html 13.225.78.13
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.icelandair.com/api/content/v3/wwwconfig/v1/en-us/index.json
Requested by: Host: www.icelandair.com
URL: https://www.icelandair.com/app.708c76e4ff882a2ad5dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.13 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-78-13.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: GET
Origin: https://phishing.cyberhub.at
Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers: x-correlation-id

Response headers

GET
H2 204 ac5d7b0d8b59.js Show response
w.usabilla.com/ Frame 0874 0
90 B 111ms
50ms Script
text/plain 54.77.20.174
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://w.usabilla.com/ac5d7b0d8b59.js?lv=1
Requested by: Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.20.174 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-77-20-174.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Fri, 22 Nov 2019 23:13:32 GMT
cache-control: public, max-age=60
x-widget-server: 2.1

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 40 KB
10 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.13

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

764934a7bd43ca9db4f39284e1e8945bb4b1960cd82062cf12f6e857b945602f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
content-length: 10323
x-xss-protection: 0
pragma: public
x-fb-debug: /LZp8ZlKWUEXIfjq5U4b3s0W38RSo0O0x3krI6P/a8A+xqhCFseDCpANXGYYN/ODX6T0hKL0neJ16dnieVu+sw==
x-fb-trip-id: 420120009
date: Fri, 22 Nov 2019 23:13:32 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1817864205105571 Show response
connect.facebook.net/signals/config/ 349 KB
86 KB 60ms
60ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1817864205105571?v=2.9.13&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

826bbbaf6bf5386012412b1b5f41c2554528c5005b342e84f1791bc9ec982f07

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: DiSTP5NvaSf4TRUGm3Md2gUbxTlzWeFcX6rill8iW1xnPvG/TV3ykF3rWGV6cnGjmcOenHwsezsSw7fFomou8w==
x-fb-trip-id: 420120009
date: Fri, 22 Nov 2019 23:13:32 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 10057461.json Show response
s.yimg.com/wi/config/ 2 B
481 B 198ms
174ms XHR
application/json 2a00:1288:f03d:1fa::2000
Oath Holdings Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10057461.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
Origin: https://phishing.cyberhub.at

Response headers

date: Fri, 22 Nov 2019 23:13:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
status: 200
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: 85F3F322805EAABB
x-amz-id-2: 21vK4blqPSfoXU1tmibDx5qc9lISQzbAFyrL2MWLAhJJUF+NueJl3W4RtxwsxmqFbfwZrMkSA/s=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600

POST
H2 202 page Show response
rs.fullstory.com/rec/ 15 B
246 B 125ms
112ms XHR
text/plain 35.186.194.58
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://rs.fullstory.com/rec/page

Requested by

Host: fullstory.com
URL: https://fullstory.com/s/fs.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.186.194.58 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

58.194.186.35.bc.googleusercontent.com

Software

Resource Hash

1a052772b12b3f9f3d47958687439a18596431ffd6c06566a0cdf1cedcdc311b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
Origin: https://phishing.cyberhub.at
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 22 Nov 2019 23:13:32 GMT
via: 1.1 google
x-content-type-options: nosniff
status: 202
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://phishing.cyberhub.at
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 15
expires: 0

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
106 B 149ms
149ms XHR
application/json 35.190.88.7
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.88.7 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 7.88.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1.0
Origin: https://phishing.cyberhub.at
Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
Bugsnag-Sent-At: 2019-11-22T23:13:32.661Z
Bugsnag-Api-Key: 57a7d03d7244e2243335a6643d18e9fe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type: application/json

Response headers

status: 202
date: Fri, 22 Nov 2019 23:13:32 GMT
via: 1.1 google
access-control-allow-origin: *
alt-svc: clear
content-length: 21
content-type: application/json

GET
H2 200 /
www.facebook.com/tr/ 44 B
359 B 18ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1817864205105571&ev=PageView&dl=https%3A%2F%2Fphishing.cyberhub.at%2F%3Frid%3DYbz9JNp&rl=&if=false&ts=1574464412868&sw=1600&sh=1200&v=2.9.13&r=stable&ec=0&o=30&fbp=fb.1.1574464412867.1311434841&it=1574464412785&coo=false&rqm=GET

Requested by

Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 23:13:32 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-23=":443"; ma=3600
content-length: 44
expires: Fri, 22 Nov 2019 23:13:32 GMT

GET
H2 200 undefined Show response
www.icelandair.com/api/ipapi/ 475 B
930 B 12ms
12ms XHR
application/json 13.225.78.13
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.icelandair.com/api/ipapi/undefined

Requested by

Host: www.icelandair.com
URL: https://www.icelandair.com/app.708c76e4ff882a2ad5dc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.225.78.13 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-13-225-78-13.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

0900cc5bdb5a9b31035214ecb22ea2d8c76563052d07db402cd99e5315d2598d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
Origin: https://phishing.cyberhub.at
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 20:59:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
status: 200
allow: HEAD, POST, OPTIONS, OPTIONS, GET
vary: Host,Origin
x-xss-protection: 1; mode=block
x-cache-nginx-date: Fri, 22 Nov 2019 20:59:09 GMT
access-control-allow-origin: https://phishing.cyberhub.at
x-cache-nginx: Status:
server: nginx
x-frame-options: SAMEORIGIN, DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
cf-ray: 539dd356bc882997-DUB
x-amz-cf-id: rENdRkex_kvN4OexV3pyGk46_sr7yLRk9my4GQK4m1zSi-gfECwX1A==

OPTIONS
H2 403 alert.json Show response
www.icelandair.com/api/content/v3/travel-alert/v2/en-us/ 0
0 6ms
6ms Fetch
text/html 13.225.78.13
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.icelandair.com/api/content/v3/travel-alert/v2/en-us/alert.json
Requested by: Host: www.icelandair.com
URL: https://www.icelandair.com/app.708c76e4ff882a2ad5dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.13 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-78-13.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: GET
Origin: https://phishing.cyberhub.at
Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers: x-correlation-id

Response headers

GET
H/1.1 200
OK search_extension.js Show response
q.bstatic.com/static/affiliate_base/js/ 1 KB
1 KB 68ms
26ms Script
application/javascript 5.57.17.99
BOOKING-BV Bookin...

General

Check archive.org

Show headers Download Go to

Full URL

https://q.bstatic.com/static/affiliate_base/js/search_extension.js

Requested by

Host: www.icelandair.com
URL: https://www.icelandair.com/app.708c76e4ff882a2ad5dc.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

5.57.17.99 Amsterdam, Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),

Reverse DNS

q.bstatic.com

Software

nginx /

Resource Hash

f15f76413ad7daa76cdac98ef1992f8955ffdcecf5277ace23135598fe5f0c9e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Fri, 22 Nov 2019 23:13:33 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 Jul 2019 15:26:45 GMT
Server: nginx
ETag: W/"5d41b335-5c6"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Timing-Allow-Origin: *
X-XSS-Protection: 1; mode=block
Expires: Sun, 22 Dec 2019 23:13:33 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a573fe5f45483f715b23ef88f4ec79bc2ccb6f0b273cf378faaf2201e9e4531

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

OPTIONS
H2 403 return Show response
www.icelandair.com/api/instantSearch/v1/bestPrice/ 0
0 6ms
6ms Fetch
text/html 13.225.78.13
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.icelandair.com/api/instantSearch/v1/bestPrice/return?departure=NYC&arrival=LON&locale=en-US&period=180&tripDuration=14&tripDurationFlexibility=14&fallbackToRouteCurrency=true&X-Correlation-Id=WWWUserRequest
Requested by: Host: www.icelandair.com
URL: https://www.icelandair.com/app.708c76e4ff882a2ad5dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.13 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-78-13.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: GET
Origin: https://phishing.cyberhub.at
Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers: x-correlation-id

Response headers

OPTIONS
H2 403 return Show response
www.icelandair.com/api/instantSearch/v1/bestPrice/ 0
0 6ms
6ms Fetch
text/html 13.225.78.13
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.icelandair.com/api/instantSearch/v1/bestPrice/return?departure=NYC&arrival=CPH&locale=en-US&period=180&tripDuration=14&tripDurationFlexibility=14&fallbackToRouteCurrency=true&X-Correlation-Id=WWWUserRequest
Requested by: Host: www.icelandair.com
URL: https://www.icelandair.com/app.708c76e4ff882a2ad5dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.13 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-78-13.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: GET
Origin: https://phishing.cyberhub.at
Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers: x-correlation-id

Response headers

OPTIONS
H2 403 return Show response
www.icelandair.com/api/instantSearch/v1/bestPrice/ 0
0 5ms
5ms Fetch
text/html 13.225.78.13
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.icelandair.com/api/instantSearch/v1/bestPrice/return?departure=NYC&arrival=BER&locale=en-US&period=180&tripDuration=14&tripDurationFlexibility=14&fallbackToRouteCurrency=true&X-Correlation-Id=WWWUserRequest
Requested by: Host: www.icelandair.com
URL: https://www.icelandair.com/app.708c76e4ff882a2ad5dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.13 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-78-13.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: GET
Origin: https://phishing.cyberhub.at
Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers: x-correlation-id

Response headers

OPTIONS
H2 403 return Show response
www.icelandair.com/api/instantSearch/v1/bestPrice/ 0
0 6ms
5ms Fetch
text/html 13.225.78.13
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.icelandair.com/api/instantSearch/v1/bestPrice/return?departure=NYC&arrival=BOS&locale=en-US&period=180&tripDuration=14&tripDurationFlexibility=14&fallbackToRouteCurrency=true&X-Correlation-Id=WWWUserRequest
Requested by: Host: www.icelandair.com
URL: https://www.icelandair.com/app.708c76e4ff882a2ad5dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.13 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-78-13.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: GET
Origin: https://phishing.cyberhub.at
Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers: x-correlation-id

Response headers

OPTIONS
H2 403 return Show response
www.icelandair.com/api/instantSearch/v1/bestPrice/ 0
0 6ms
5ms Fetch
text/html 13.225.78.13
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.icelandair.com/api/instantSearch/v1/bestPrice/return?departure=NYC&arrival=YTO&locale=en-US&period=180&tripDuration=14&tripDurationFlexibility=14&fallbackToRouteCurrency=true&X-Correlation-Id=WWWUserRequest
Requested by: Host: www.icelandair.com
URL: https://www.icelandair.com/app.708c76e4ff882a2ad5dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.13 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-78-13.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: GET
Origin: https://phishing.cyberhub.at
Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers: x-correlation-id

Response headers

OPTIONS
H2 403 / Show response
www.icelandair.com/api/content/v1/blog/ 0
0 6ms
5ms Fetch
text/html 13.225.78.13
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.icelandair.com/api/content/v1/blog/?locationId=us&languageId=en-US&range=1-3
Requested by: Host: www.icelandair.com
URL: https://www.icelandair.com/app.708c76e4ff882a2ad5dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.13 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-78-13.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: GET
Origin: https://phishing.cyberhub.at
Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers: x-correlation-id

Response headers

GET
H2 200 bltf2847770c998d7ef.jpg
pixels-cache.icelandair.com/upload/w_80%2Ch_45%2Cg_auto%2Cc_fill%2Cf_auto%2Cq_auto%2Ce_blur:140/icelandair/ 785 B
1 KB 8ms
7ms Image
image/jpeg 13.224.196.60
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixels-cache.icelandair.com/upload/w_80%2Ch_45%2Cg_auto%2Cc_fill%2Cf_auto%2Cq_auto%2Ce_blur:140/icelandair/bltf2847770c998d7ef.jpg
Requested by: Host: www.icelandair.com
URL: https://www.icelandair.com/app.708c76e4ff882a2ad5dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.196.60 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-196-60.fra2.r.cloudfront.net
Software: cloudinary /
Resource Hash: 6e5f4be86330152faf5b11d458d2d9c6c16a13b472d8276fbfea0934c96cd1d6

Request headers

Referer: https://www.icelandair.com/is/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 11:14:39 GMT
via: 1.1 varnish, 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
age: 241549
edge-cache-tag: 202341593660264392345842948659500718373,424087156456528992043391794585255388999,3504db265fc3fe876ff0ee3e475954d8
status: 200
x-cache: Hit from cloudfront
content-length: 785
x-served-by: cache-hhn4045-HHN
last-modified: Tue, 17 Jul 2018 10:13:43 GMT
server: cloudinary
x-timer: S1568718880.797798,VS0,VE1
etag: "bed56c306c50ecbe6a6acb807ef7f423"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Range,User-Agent
x-amz-cf-id: KBxieyVZFLjfJNGTuOVOw7ddzehCuaaZNcqeGoSoqqIOUogtIAnc5A==
x-cache-hits: 1

GET
H2 200 blt7cf00f5ae4229d57.jpg
pixels-cache.icelandair.com/upload/w_80%2Ch_45%2Cg_auto%2Cc_fill%2Cf_auto%2Cq_auto%2Ce_blur:140/icelandair/ 1 KB
2 KB 8ms
8ms Image
image/jpeg 13.224.196.60
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixels-cache.icelandair.com/upload/w_80%2Ch_45%2Cg_auto%2Cc_fill%2Cf_auto%2Cq_auto%2Ce_blur:140/icelandair/blt7cf00f5ae4229d57.jpg
Requested by: Host: www.icelandair.com
URL: https://www.icelandair.com/app.708c76e4ff882a2ad5dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.196.60 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-196-60.fra2.r.cloudfront.net
Software: cloudinary /
Resource Hash: 79eb80eefa1fdd403d49406acef77d01553c8a91cf2886e5580f509815d69f32

Request headers

Referer: https://www.icelandair.com/is/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Tue, 12 Nov 2019 18:02:23 GMT
via: 1.1 varnish, 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
age: 215597
edge-cache-tag: 496473911391340198874252796350145166969,424087156456528992043391794585255388999,3504db265fc3fe876ff0ee3e475954d8
status: 200
x-cache: Hit from cloudfront
content-length: 1433
x-served-by: cache-fra19174-FRA
last-modified: Tue, 17 Jul 2018 10:13:46 GMT
server: cloudinary
x-timer: S1568735981.466320,VS0,VE1
etag: "155aa3559ef6638bfd25133b90eece3a"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, no-transform, immutable, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Range,User-Agent
x-amz-cf-id: QHh6hbnxEjVzyBK7kvQw3hDs7VK3Q3oIceKMMlEUsIlUp-8HjlsTag==
x-cache-hits: 1

GET
H2 200 blt579dbb468c324c71.jpg
pixels-cache.icelandair.com/upload/w_80%2Ch_45%2Cg_north%2Cc_fill%2Cf_auto%2Cq_auto%2Ce_blur:140/icelandair/ 802 B
1 KB 9ms
9ms Image
image/jpeg 13.224.196.60
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixels-cache.icelandair.com/upload/w_80%2Ch_45%2Cg_north%2Cc_fill%2Cf_auto%2Cq_auto%2Ce_blur:140/icelandair/blt579dbb468c324c71.jpg
Requested by: Host: www.icelandair.com
URL: https://www.icelandair.com/app.708c76e4ff882a2ad5dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.196.60 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-196-60.fra2.r.cloudfront.net
Software: cloudinary /
Resource Hash: 4aacfde951f0196df09d6abcdfbab9597c5405af02537faf773905201167dc44

Request headers

Referer: https://www.icelandair.com/is/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 04:49:40 GMT
via: 1.1 varnish, 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
age: 214234
edge-cache-tag: 438499235996545713079683965977505506207,314994147895406482447376983479527673544,3504db265fc3fe876ff0ee3e475954d8
status: 200
x-cache: Hit from cloudfront
content-length: 802
x-served-by: cache-fra19157-FRA
last-modified: Tue, 17 Jul 2018 12:23:53 GMT
server: cloudinary
x-timer: S1568695781.573542,VS0,VE1
etag: "df0ced1291f572fed4a3aac20d8d3f91"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Range,User-Agent
x-amz-cf-id: 4-tZI7T3mPSStQaMBi4eS148Lu6ptnhm5DRKH8Zyehw1emDRI8kXyg==
x-cache-hits: 1

GET
H2 200 blt73eb6d347e68046b.jpg
pixels-cache.icelandair.com/upload/w_80%2Ch_45%2Cg_auto%2Cc_fill%2Cf_auto%2Cq_auto%2Ce_blur:140/icelandair/ 810 B
1 KB 8ms
8ms Image
image/jpeg 13.224.196.60
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixels-cache.icelandair.com/upload/w_80%2Ch_45%2Cg_auto%2Cc_fill%2Cf_auto%2Cq_auto%2Ce_blur:140/icelandair/blt73eb6d347e68046b.jpg
Requested by: Host: www.icelandair.com
URL: https://www.icelandair.com/app.708c76e4ff882a2ad5dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.196.60 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-196-60.fra2.r.cloudfront.net
Software: cloudinary /
Resource Hash: fdebda5121fb40296c92af54738f5c019f42411b38bcf5cdaebe92a25ad4e3f5

Request headers

Referer: https://www.icelandair.com/is/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 06:23:58 GMT
via: 1.1 varnish, 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
age: 60575
edge-cache-tag: 498012309205542376936016959383307349747,424087156456528992043391794585255388999,3504db265fc3fe876ff0ee3e475954d8
status: 200
x-cache: Hit from cloudfront
content-length: 810
x-served-by: cache-hhn4064-HHN
last-modified: Tue, 17 Jul 2018 15:17:39 GMT
server: cloudinary
x-timer: S1568713881.010825,VS0,VE1
etag: "f1d78f786da8888f4b6c11f502153bff"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Range,User-Agent
x-amz-cf-id: cKIIuD5NH4aCPx0cjsJoNHVcvilC9rAjZkafJt5AaclNQp0Qdlb8NA==
x-cache-hits: 1

GET
H2 200 blt547df3cfbe852381.jpg
pixels-cache.icelandair.com/upload/w_80%2Ch_45%2Cg_auto%2Cc_fill%2Cf_auto%2Cq_auto%2Ce_blur:140/icelandair/ 642 B
1 KB 8ms
8ms Image
image/jpeg 13.224.196.60
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixels-cache.icelandair.com/upload/w_80%2Ch_45%2Cg_auto%2Cc_fill%2Cf_auto%2Cq_auto%2Ce_blur:140/icelandair/blt547df3cfbe852381.jpg
Requested by: Host: www.icelandair.com
URL: https://www.icelandair.com/app.708c76e4ff882a2ad5dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.196.60 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-196-60.fra2.r.cloudfront.net
Software: cloudinary /
Resource Hash: d7e32312789f76f0bf351c55d78187058cf94361a15a4a5e56bf169acd93275c

Request headers

Referer: https://www.icelandair.com/is/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Wed, 18 Sep 2019 07:29:09 GMT
via: 1.1 varnish, 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
edge-cache-tag: 417834722739783219315494587852293570498,424087156456528992043391794585255388999,3504db265fc3fe876ff0ee3e475954d8
status: 200
x-cache: Hit from cloudfront
content-length: 642
x-served-by: cache-hhn4057-HHN
last-modified: Mon, 16 Jul 2018 18:34:27 GMT
server: cloudinary
x-timer: S1568791749.091425,VS0,VE151
etag: "58eb1187af8efc89f0e351deaec1af31"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Range,User-Agent
x-amz-cf-id: B0YT4qkAQgoc31jhH5XUM7RC8YXPOLP_RM9VCgRw0_enlZD2n3j0dw==
x-cache-hits: 0

GET
H/1.1 200
OK esw.min.js Show response
icelandair.my.salesforce.com/embeddedservice/5.0/ 28 KB
9 KB 58ms
9ms Script
application/x-javascript 85.222.128.209
Salesforce.com

General

Check archive.org

Show headers Download Go to

Full URL

https://icelandair.my.salesforce.com/embeddedservice/5.0/esw.min.js

Requested by

Host: www.icelandair.com
URL: https://www.icelandair.com/app.708c76e4ff882a2ad5dc.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

85.222.128.209 , United Kingdom, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),

Reverse DNS

dcl2-frf.eu13-frf.my.salesforce.com

Software

Resource Hash

10958248c2a8e8629601a59c888ae5dfd1d73ba7f41fb7ab5bb35fa6e26dc64e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536002; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Fri, 22 Nov 2019 23:13:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 24 Oct 2019 15:36:26 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00D0Y000001f2bvm"
Strict-Transport-Security: max-age=31536002; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00D0Y000001f2bvm";
Accept-Ranges: bytes
X-Robots-Tag: none
Expires: Sat, 23 Nov 2019 23:13:33 GMT

GET
H2 200 bltfc81f5ee9c19b106.jpg
pixels-cache.icelandair.com/upload/w_1500%2Ch_600,g_north_west,c_fill,f_auto%2Cq_auto/icelandair/ 75 KB
76 KB 25ms
24ms Image
image/jpeg 13.224.196.60
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixels-cache.icelandair.com/upload/w_1500%2Ch_600,g_north_west,c_fill,f_auto%2Cq_auto/icelandair/bltfc81f5ee9c19b106.jpg

Requested by

Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.224.196.60 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-13-224-196-60.fra2.r.cloudfront.net

Software

Cloudinary /

Resource Hash

feb8fb9eed605ee3c38e270e5ce725b2350e9a8a7d153ace19be2c27a8cae7e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 14:32:14 GMT
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
status: 200
server-timing: cloudinary;dur=43;start=2019-11-15T14:32:14.819Z,fastly;dur=0;total=132;start=2019-11-15T14:32:14.776Z;desc=MISS,rtt;dur=1
content-length: 76888
last-modified: Fri, 15 Nov 2019 14:14:11 GMT
server: Cloudinary
etag: "7a4dc8ebb59ccff57874a1902c233426"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Server-Timing
cache-control: public, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 3P7zVU8uADc4SpQdOvkWfp7EOOTjMyAGlQRotKaNLM8XL4N5XayOzg==

OPTIONS
H2 200 session_started
www.icelandair.com/api/eventlogging/v1/log/ 0
0 85ms
85ms XHR
text/plain 13.225.78.13
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.icelandair.com/api/eventlogging/v1/log/session_started
Requested by: Host: www.icelandair.com
URL: https://www.icelandair.com/app.708c76e4ff882a2ad5dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.13 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-78-13.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Access-Control-Request-Method: POST
Origin: https://phishing.cyberhub.at
Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers: authorization,content-type

Response headers

OPTIONS
H2 200 page_viewed
www.icelandair.com/api/eventlogging/v1/log/ 0
0 282ms
282ms XHR
text/plain 13.225.78.13
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.icelandair.com/api/eventlogging/v1/log/page_viewed
Requested by: Host: www.icelandair.com
URL: https://www.icelandair.com/app.708c76e4ff882a2ad5dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.13 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-78-13.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Access-Control-Request-Method: POST
Origin: https://phishing.cyberhub.at
Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers: authorization,content-type

Response headers

GET
H2 200 bltf2847770c998d7ef.jpg
pixels-cache.icelandair.com/upload/w_500%2Ch_300,g_auto,c_fill,f_auto%2Cq_auto/icelandair/ 36 KB
37 KB 8ms
8ms Image
image/jpeg 13.224.196.60
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixels-cache.icelandair.com/upload/w_500%2Ch_300,g_auto,c_fill,f_auto%2Cq_auto/icelandair/bltf2847770c998d7ef.jpg
Requested by: Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.196.60 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-196-60.fra2.r.cloudfront.net
Software: cloudinary /
Resource Hash: b200ee300cc4d4bf7afe30bfb1ed1aef92f158f6e7e197a4f83d61168af8b620

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Wed, 23 Oct 2019 16:04:49 GMT
via: 1.1 varnish, 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
edge-cache-tag: 202341593660264392345842948659500718373,274788562707936960202265574514228396117,3504db265fc3fe876ff0ee3e475954d8
status: 200
x-cache: Hit from cloudfront
content-length: 37029
x-served-by: cache-fra19169-FRA
last-modified: Mon, 13 Aug 2018 10:58:06 GMT
server: cloudinary
x-timer: S1571846690.758749,VS0,VE1
etag: "cf71f4aa4fc948b315f5860688925f42"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Range,User-Agent
x-amz-cf-id: 0xX15KCx4QclqeEZU01AUEro57GPPPTTJrAwvrYdHUjMffEc3EFD-A==
x-cache-hits: 1

GET
H2 200 blt7cf00f5ae4229d57.jpg
pixels-cache.icelandair.com/upload/w_500%2Ch_300,g_auto,c_fill,f_auto%2Cq_auto/icelandair/ 45 KB
45 KB 12ms
11ms Image
image/jpeg 13.224.196.60
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixels-cache.icelandair.com/upload/w_500%2Ch_300,g_auto,c_fill,f_auto%2Cq_auto/icelandair/blt7cf00f5ae4229d57.jpg
Requested by: Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.196.60 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-196-60.fra2.r.cloudfront.net
Software: cloudinary /
Resource Hash: d25e9332dad86eacb13664f7de4b7143ba6f4e198443cb2184156ab87db6e724

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Wed, 18 Sep 2019 07:32:38 GMT
via: 1.1 varnish, 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
age: 224483
edge-cache-tag: 496473911391340198874252796350145166969,274788562707936960202265574514228396117,3504db265fc3fe876ff0ee3e475954d8
status: 200
x-cache: Hit from cloudfront
content-length: 45801
x-served-by: cache-hhn4051-HHN
last-modified: Mon, 13 Aug 2018 10:58:09 GMT
server: cloudinary
x-timer: S1568791959.541465,VS0,VE151
etag: "ad1a39328df59c494a6a5434d9aba6cd"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Range,User-Agent
x-amz-cf-id: 5u3wy1yNKGOl0_JDhcOP3cHrE5cpbfU88cs1TAn-geA6eLnKo8ep0w==
x-cache-hits: 0

GET
H2 200 blt579dbb468c324c71.jpg
pixels-cache.icelandair.com/upload/w_500%2Ch_300,g_north,c_fill,f_auto%2Cq_auto/icelandair/ 34 KB
35 KB 13ms
13ms Image
image/jpeg 13.224.196.60
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixels-cache.icelandair.com/upload/w_500%2Ch_300,g_north,c_fill,f_auto%2Cq_auto/icelandair/blt579dbb468c324c71.jpg
Requested by: Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.196.60 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-196-60.fra2.r.cloudfront.net
Software: cloudinary /
Resource Hash: 17c292ff71a58ddb5c52741dbfad313bfa19e0fd365ccc539d4162c321443ca3

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 04:49:41 GMT
via: 1.1 varnish, 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
age: 224483
edge-cache-tag: 438499235996545713079683965977505506207,336929290331767490903410822978018374486,3504db265fc3fe876ff0ee3e475954d8
status: 200
x-cache: Hit from cloudfront
content-length: 35276
x-served-by: cache-hhn4051-HHN
last-modified: Wed, 15 Aug 2018 12:24:26 GMT
server: cloudinary
x-timer: S1568695781.091751,VS0,VE1
etag: "4c7a0b7c662893505002a801ee68da85"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Range,User-Agent
x-amz-cf-id: 3inWGKx7bsj8GP_IC8bKTNyeWfQMpH4ldSSZVCV5CtmuV-EqcjJ8Sw==
x-cache-hits: 1

GET
H2 200 blt73eb6d347e68046b.jpg
pixels-cache.icelandair.com/upload/w_500%2Ch_300,g_auto,c_fill,f_auto%2Cq_auto/icelandair/ 55 KB
56 KB 9ms
8ms Image
image/jpeg 13.224.196.60
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixels-cache.icelandair.com/upload/w_500%2Ch_300,g_auto,c_fill,f_auto%2Cq_auto/icelandair/blt73eb6d347e68046b.jpg
Requested by: Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.196.60 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-196-60.fra2.r.cloudfront.net
Software: cloudinary /
Resource Hash: 61e2caddc3bc8b4c891e5f264f5b97493f72d9d9ec33004b525539b9b0a0bfa2

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Sun, 17 Nov 2019 07:41:09 GMT
via: 1.1 varnish, 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
age: 487944
edge-cache-tag: 498012309205542376936016959383307349747,274788562707936960202265574514228396117,3504db265fc3fe876ff0ee3e475954d8
status: 200
x-cache: Hit from cloudfront
content-length: 56519
x-served-by: cache-fra19176-FRA
last-modified: Mon, 13 Aug 2018 13:17:14 GMT
server: cloudinary
x-timer: S1568713882.726642,VS0,VE1
etag: "f9545c50b662addf6f240f141ce7a8cb"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Range,User-Agent
x-amz-cf-id: fBL0Glhbh-eFp_YM1Th8CcLdI1wdOEyhn68rUhpKLjNfI8uvVI-cEg==
x-cache-hits: 1

GET
H2 200 blt547df3cfbe852381.jpg
pixels-cache.icelandair.com/upload/w_500%2Ch_300,g_auto,c_fill,f_auto%2Cq_auto/icelandair/ 20 KB
21 KB 10ms
10ms Image
image/jpeg 13.224.196.60
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixels-cache.icelandair.com/upload/w_500%2Ch_300,g_auto,c_fill,f_auto%2Cq_auto/icelandair/blt547df3cfbe852381.jpg
Requested by: Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.196.60 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-196-60.fra2.r.cloudfront.net
Software: cloudinary /
Resource Hash: 02904bdaa0e638b6c63b6036b0db33d4ce0b0b172b86bec729f2a6443f668cb7

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Wed, 18 Sep 2019 07:29:09 GMT
via: 1.1 varnish, 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
edge-cache-tag: 417834722739783219315494587852293570498,274788562707936960202265574514228396117,3504db265fc3fe876ff0ee3e475954d8
status: 200
x-cache: Hit from cloudfront
content-length: 20880
x-served-by: cache-fra19145-FRA
last-modified: Tue, 14 Aug 2018 11:58:02 GMT
server: cloudinary
x-timer: S1568791749.352597,VS0,VE1
etag: "088831cdc2d46bfeab5899afe168064c"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Range,User-Agent
x-amz-cf-id: 6f01ILqTD-mPioIWbYl1trFMY__JWS9pvO9A4bQl9UYFj-Dg-hqlpw==
x-cache-hits: 1

GET
H/1.1 200
OK esw.min.css
service.force.com/embeddedservice/5.0/ 8 KB
5 KB 76ms
18ms Stylesheet
text/css 161.71.1.165
Salesforce.com

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.min.css

Requested by

Host: icelandair.my.salesforce.com
URL: https://icelandair.my.salesforce.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.1.165 London, United Kingdom, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),

Reverse DNS

dcl4-ncg0-lhr3.um3-lo2.force.com

Software

Resource Hash

f33990d4691a89cd87e4d4e0bde1ac8f5dfcf32fbd8d838ec206d790f24531e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Fri, 22 Nov 2019 18:24:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 17340
Content-Length: 3946
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 22 Aug 2019 23:00:22 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public,max-age=86400
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Accept-Ranges: bytes
X-Robots-Tag: none
Expires: Sat, 23 Nov 2019 18:24:33 GMT

GET
H/1.1 200
OK liveagent.esw.min.js Show response
service.force.com/embeddedservice/5.0/client/ 13 KB
5 KB 76ms
18ms Script
application/x-javascript 161.71.1.165
Salesforce.com

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js

Requested by

Host: icelandair.my.salesforce.com
URL: https://icelandair.my.salesforce.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.1.165 London, United Kingdom, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),

Reverse DNS

dcl4-ncg0-lhr3.um3-lo2.force.com

Software

Resource Hash

9462aa1fa784087dd094701321025336abf77e8c122358b8699fcb91906820ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Fri, 22 Nov 2019 12:40:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 37960
Content-Length: 3952
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 24 Oct 2019 15:36:26 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Accept-Ranges: bytes
X-Robots-Tag: none
Expires: Sat, 23 Nov 2019 12:40:53 GMT

OPTIONS
H/1.1 200
OK log Show response
errors.client.optimizely.com/ 13 B
412 B 351ms
88ms XHR
text/plain 3.225.17.244
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/public/8562715284/s/optimizely.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.17.244 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-3-225-17-244.compute-1.amazonaws.com
Software: /
Resource Hash: 16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12

Request headers

Access-Control-Request-Method: POST
Origin: https://phishing.cyberhub.at
Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Fri, 22 Nov 2019 23:13:33 GMT
Allow: POST,OPTIONS
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://phishing.cyberhub.at
Access-Control-Max-Age: 1800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin
Content-Length: 13

GET
H/1.1 200
OK Cookie set esw.html
service.force.com/embeddedservice/5.0/ Frame CD2C 0
0 20ms
20ms Document
text/html 161.71.1.165
Salesforce.com

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.html?parent=https://phishing.cyberhub.at/?rid=Ybz9JNp

Requested by

Host: icelandair.my.salesforce.com
URL: https://icelandair.my.salesforce.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.1.165 London, United Kingdom, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),

Reverse DNS

dcl4-ncg0-lhr3.um3-lo2.force.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: service.force.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp

Response headers

Date: Fri, 22 Nov 2019 23:13:33 GMT
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: upgrade-insecure-requests
X-Robots-Tag: none
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=86400
Set-Cookie: BrowserId=tDPUzw19EeqqDVvJ6W7_gg;Path=/;Domain=.force.com;Expires=Tue, 21-Jan-2020 23:13:33 GMT;Max-Age=5184000
Expires: Sat, 23 Nov 2019 23:13:33 GMT
Last-Modified: Fri, 02 Aug 2019 08:43:42 GMT
Content-Type: text/html;charset=UTF-8
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 58 KB
22 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-PX5HVTP&t=gtm9&cid=1262014645.1574464412

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ac9f5edd2be44b5be929f4374e2d4e4e23d4ee59a50d342cbab682ca6626c02a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 23:13:33 GMT
content-encoding: br
last-modified: Fri, 22 Nov 2019 21:26:41 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 21994
x-xss-protection: 0
expires: Fri, 22 Nov 2019 23:13:33 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJ476ZB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 2396
date: Fri, 22 Nov 2019 22:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Sat, 23 Nov 2019 00:33:37 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
109 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
Origin: https://phishing.cyberhub.at
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryaip1AZo5pk4aUAWq

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
access-control-allow-origin: https://phishing.cyberhub.at
date: Fri, 22 Nov 2019 23:13:33 GMT
content-type: text/plain
status: 200
access-control-allow-credentials: true
alt-svc: h3-23=":443"; ma=3600
content-length: 0

POST
H/1.1 204
No Content log Show response
errors.client.optimizely.com/ 0
246 B 88ms
88ms XHR
text/plain 3.225.17.244
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.17.244 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-3-225-17-244.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
Origin: https://phishing.cyberhub.at
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://phishing.cyberhub.at
Access-Control-Expose-Headers
Access-Control-Allow-Credentials: true
Connection: keep-alive
Date: Fri, 22 Nov 2019 23:13:33 GMT
Content-Type: text/plain

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.icelandair.com
URL: https://www.icelandair.com/static/fonts/NeueHaasUnicaPro/34843D_C_0.woff2

Domain: www.icelandair.com
URL: https://www.icelandair.com/static/fonts/Altitude/Altitude-Medium.woff2

Domain: www.icelandair.com
URL: https://www.icelandair.com/static/fonts/NeueHaasUnicaPro/34843D_8_0.woff2

Domain: www.icelandair.com
URL: https://www.icelandair.com/static/fonts/Altitude/Altitude-Regular.woff2

Domain: www.icelandair.com
URL: https://www.icelandair.com/static/fonts/NeueHaasUnicaPro/34843D_3_0.woff2

Domain: www.icelandair.com
URL: https://www.icelandair.com/static/fonts/NeueHaasUnicaPro/34843D_A_0.woff2

Domain: www.icelandair.com
URL: https://www.icelandair.com/static/fonts/NeueHaasUnicaPro/34843D_C_0.woff

Domain: www.icelandair.com
URL: https://www.icelandair.com/static/fonts/NeueHaasUnicaPro/34843D_A_0.woff

Domain: www.icelandair.com
URL: https://www.icelandair.com/static/fonts/NeueHaasUnicaPro/34843D_3_0.woff

Domain: www.icelandair.com
URL: https://www.icelandair.com/static/fonts/Altitude/Altitude-Medium.woff

Domain: www.icelandair.com
URL: https://www.icelandair.com/static/fonts/NeueHaasUnicaPro/34843D_8_0.woff

Domain: www.icelandair.com
URL: https://www.icelandair.com/static/fonts/Altitude/Altitude-Regular.woff

Domain: www.icelandair.com
URL: https://www.icelandair.com/static/fonts/NeueHaasUnicaPro/34843D_C_0.ttf

Domain: www.icelandair.com
URL: https://www.icelandair.com/static/fonts/NeueHaasUnicaPro/34843D_3_0.ttf

Domain: www.icelandair.com
URL: https://www.icelandair.com/static/fonts/NeueHaasUnicaPro/34843D_A_0.ttf

Domain: www.icelandair.com
URL: https://www.icelandair.com/static/fonts/Altitude/Altitude-Regular.ttf

Domain: www.icelandair.com
URL: https://www.icelandair.com/static/fonts/NeueHaasUnicaPro/34843D_8_0.ttf

Domain: www.icelandair.com
URL: https://www.icelandair.com/static/fonts/Altitude/Altitude-Medium.ttf

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
phishing.cyberhub.at/	1969-12-31 23:59:59	Name: ice_lastEventSent Value: 1574464412997
.cyberhub.at/	1970-01-22 20:57:04	Name: reduxPersistIndex Value: [%22persist:auth%22]
.cyberhub.at/	1970-01-19 07:30:40	Name: _fbp Value: fb.1.1574464412867.1311434841
phishing.cyberhub.at/	1970-01-22 21:01:23	Name: ice_uuid Value: 5b435442-c2da-47da-a491-8d4d55012896
.cyberhub.at/	1970-01-19 05:22:30	Name: _gid Value: GA1.2.1961017051.1574464412
.cyberhub.at/	1970-01-19 05:21:04	Name: _dc_gtm_UA-100058470-6 Value: 1
.doubleclick.net/	1970-01-19 14:42:40	Name: IDE Value: AHWqTUlo9GXE4DA4DoGm5o6kL6477Bj2OiRoaFNVeT_CPA-PpYHAXnQjuVJvRDJJ
phishing.cyberhub.at/	1969-12-31 23:59:59	Name: ice_sessionStarted Value: true
.cyberhub.at/	1970-01-22 20:57:04	Name: persist%3Aauth Value: {%22valid%22:%22false%22%2C%22isFetching%22:%22false%22%2C%22_persist%22:%22{%5C%22version%5C%22:-1%2C%5C%22rehydrated%5C%22:true}%22}
.cyberhub.at/	1970-01-19 05:21:04	Name: _gat_UA-100058470-1 Value: 1
.cyberhub.at/	1970-01-19 22:52:16	Name: _ga Value: GA1.2.1262014645.1574464412
phishing.cyberhub.at/	1969-12-31 23:59:59	Name: ice_sessionId Value: 1574464412994
.cyberhub.at/	1970-01-19 07:30:40	Name: _gcl_au Value: 1.1.1263095093.1574464412

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://www.icelandair.com/app.708c76e4ff882a2ad5dc.js(Line 179) Message: [bugsnag] Loaded!

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5325168.fls.doubleclick.net
analytics.twitter.com
bat.bing.com
cdn.optimizely.com
connect.facebook.net
errors.client.optimizely.com
fullstory.com
googleads.g.doubleclick.net
icelandair.my.salesforce.com
phishing.cyberhub.at
pixels-cache.icelandair.com
q.bstatic.com
rs.fullstory.com
s.yimg.com
service.force.com
sessions.bugsnag.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
w.usabilla.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.icelandair.com
www.icelandair.com
104.244.42.197
104.244.42.3
13.224.196.60
13.225.78.13
151.101.12.157
161.71.1.165
172.217.16.130
172.217.22.6
2001:4860:4802:32::15
2620:1ec:c11::200
2a00:1288:f03d:1fa::2000
2a00:1450:4001:800::2003
2a00:1450:4001:806::2008
2a00:1450:4001:816::2002
2a00:1450:4001:818::2004
2a00:1450:4001:81c::200e
2a00:1450:400c:c08::9d
2a02:26f0:6c00:196::13b8
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.225.17.244
35.186.194.58
35.190.88.7
5.57.17.99
54.77.20.174
85.222.128.209
90.146.7.3
02904bdaa0e638b6c63b6036b0db33d4ce0b0b172b86bec729f2a6443f668cb7
0900cc5bdb5a9b31035214ecb22ea2d8c76563052d07db402cd99e5315d2598d
0a573fe5f45483f715b23ef88f4ec79bc2ccb6f0b273cf378faaf2201e9e4531
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0d6f67ad4ef16f69d04d1d86fac8b5ad460b145b86a363ebc91d76cf0b98b721
10958248c2a8e8629601a59c888ae5dfd1d73ba7f41fb7ab5bb35fa6e26dc64e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13064e6beb64237b4b1d0ad0981317636135b306f071c28b4ec5e938b0d0a800
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
17c292ff71a58ddb5c52741dbfad313bfa19e0fd365ccc539d4162c321443ca3
1a052772b12b3f9f3d47958687439a18596431ffd6c06566a0cdf1cedcdc311b
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
31a2dff11fb3789bdf4f432de711f80969395dcaf2854c56ef635bcd127ef63b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4aacfde951f0196df09d6abcdfbab9597c5405af02537faf773905201167dc44
5df05085223c4ef3b06e45abd0685317cc2c293adcfc55f07094171498375cae
61e2caddc3bc8b4c891e5f264f5b97493f72d9d9ec33004b525539b9b0a0bfa2
69e3a796f4b120879065a812b95b56fd4d28f88faf8c1976ad9b0fa2f31dc0eb
6e5f4be86330152faf5b11d458d2d9c6c16a13b472d8276fbfea0934c96cd1d6
6ee805b7b405789f22b3c8f6eb6ed9dc70f4dea8baf6471e69c4754c06233cf0
764934a7bd43ca9db4f39284e1e8945bb4b1960cd82062cf12f6e857b945602f
79eb80eefa1fdd403d49406acef77d01553c8a91cf2886e5580f509815d69f32
7edb2213c1f4f569617389783ba544f9997d11a1fc5e54406582b25967bfde66
81f6adcfaa579637c9539e8eb6376a92bae5544fc0e2755bb100055b00b7c9e0
826bbbaf6bf5386012412b1b5f41c2554528c5005b342e84f1791bc9ec982f07
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84c0ca1efc4704e0af66ab44b08a03b85002ccf147a9d959506acb811348d923
8e00832acda0f6ec247647fcc6178e2d7795fea4c41883b10c6b0052a0026303
9462aa1fa784087dd094701321025336abf77e8c122358b8699fcb91906820ad
973ba412c47abddeb91a7d4d9c7c2fa648a9bb444d797f720ebf768f0cbbd39c
a7d9cec51905cc029a38f975ae54fccb19ae25baa67e836e17d09b3af756efd7
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ac9f5edd2be44b5be929f4374e2d4e4e23d4ee59a50d342cbab682ca6626c02a
b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721
b200ee300cc4d4bf7afe30bfb1ed1aef92f158f6e7e197a4f83d61168af8b620
cdc68713ee7ddd9826413561a37f30b27e2e075130cb8ef1a339dc460181f7bb
d25e9332dad86eacb13664f7de4b7143ba6f4e198443cb2184156ab87db6e724
d7e32312789f76f0bf351c55d78187058cf94361a15a4a5e56bf169acd93275c
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e10f1ac43bcfaf848fa964091ccd9b94229f0dfb9a831cbebd0f7a489fbdda2f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed5b31e8bed3703f57b15bc0fdab600603ae477f5b921ebf810bc8b26394fd85
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f15f76413ad7daa76cdac98ef1992f8955ffdcecf5277ace23135598fe5f0c9e
f20f83cb7683a1a3138cd52201d83436e33a5e67ef0b9c96bbdab860b5f7da16
f33990d4691a89cd87e4d4e0bde1ac8f5dfcf32fbd8d838ec206d790f24531e1
fd96281305a635ebd130f654c20e3c5c20a9ed97ab3958cfb5093f12031f3ea2
fdebda5121fb40296c92af54738f5c019f42411b38bcf5cdaebe92a25ad4e3f5
feb8fb9eed605ee3c38e270e5ce725b2350e9a8a7d153ace19be2c27a8cae7e3

phishing.cyberhub.at Open in urlscan Pro 90.146.7.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

88 Requests

80 %HTTPS

44 %IPv6

22 Domains

27 Subdomains

27 IPs

8 Countries

1921 kBTransfer

6393 kBSize

13 Cookies

47 Outgoing links

Redirected requests

88 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

phishing.cyberhub.at Open in urlscan Pro
90.146.7.3 Public Scan

Screenshot
Live screenshot

Full Image

88
Requests

80 %
HTTPS

44 %
IPv6

22
Domains

27
Subdomains

27
IPs

8
Countries

1921 kB
Transfer

6393 kB
Size

13
Cookies

88 HTTP transactions
2 data transactions