phishing.cyberhub.at Open in urlscan Pro
90.146.7.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://phishing.cyberhub.at/?rid=Ybz9JNp
Submission: On November 22 via manual (November 22nd 2019, 8:59:31 pm UTC) from IN

Summary HTTP 95 Redirects Links 47 Behaviour Indicators

Summary

This website contacted 30 IPs in 8 countries across 23 domains to perform 95 HTTP transactions. The main IP is 90.146.7.3, located in Julbach, Austria and belongs to LIWEST-AT Linz, Austria, AT. The main domain is phishing.cyberhub.at.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 8th 2019. Valid for: 3 months.

This is the only time phishing.cyberhub.at was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	90.146.7.3 90.146.7.3	12605 (LIWEST-AT...) (LIWEST-AT Linz)
1	2a02:26f0:6c0... 2a02:26f0:6c00:181::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
15	13.225.78.13 13.225.78.13	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
14	52.222.174.68 52.222.174.68	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:81b::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
7	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2001:4860:480... 2001:4860:4802:36::15	15169 (GOOGLE) (GOOGLE - Google LLC)
1	151.101.112.157 151.101.112.157	54113 (FASTLY) (FASTLY - Fastly)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	2a00:1288:f03... 2a00:1288:f03d:1fa::2000	10310 (YAHOO-1) (YAHOO-1 - Oath Holdings Inc.)
2	35.190.88.7 35.190.88.7	15169 (GOOGLE) (GOOGLE - Google LLC)
1	54.77.20.174 54.77.20.174	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3 4	172.217.21.230 172.217.21.230	15169 (GOOGLE) (GOOGLE - Google LLC)
4	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE - Google LLC)
1 3	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE - Google LLC)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER - Twitter Inc.)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	5.57.17.99 5.57.17.99	43996 (BOOKING-B...) (BOOKING-BV Booking.com)
1	85.222.129.209 85.222.129.209	14340 (SALESFORCE) (SALESFORCE - Salesforce.com)
3	161.71.1.166 161.71.1.166	14340 (SALESFORCE) (SALESFORCE - Salesforce.com)
2	3.225.17.244 3.225.17.244	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER - Twitter Inc.)
95	30

1 90.146.7.3 (Julbach, Austria)

ASN12605 (LIWEST-AT Linz, Austria, AT)
PTR: cpe90-146-7-2-static.liwest.at

phishing.cyberhub.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:181::13b8 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 13.225.78.13 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-78-13.fra2.r.cloudfront.net

www.icelandair.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 52.222.174.68 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-174-68.fra54.r.cloudfront.net

pixels-cache.icelandair.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:36::15 (United States)

ASN15169 (GOOGLE - Google LLC, US)

fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s45-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:f03d:1fa::2000 (United Kingdom)

ASN10310 (YAHOO-1 - Oath Holdings Inc., US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.88.7 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 7.88.190.35.bc.googleusercontent.com

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.20.174 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-77-20-174.eu-west-1.compute.amazonaws.com

w.usabilla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.21.230 (United States) 3 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s13-in-f6.1e100.net

5325168.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.0.66 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.194.58 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER - Twitter Inc., US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.57.17.99 (Amsterdam, Netherlands)

ASN43996 (BOOKING-BV Booking.com, NL)
PTR: q.bstatic.com

q.bstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.222.129.209 (United Kingdom)

ASN14340 (SALESFORCE - Salesforce.com, Inc., US)
PTR: dcl4-frf.eu13-frf.my.salesforce.com

icelandair.my.salesforce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 161.71.1.166 (London, United Kingdom)

ASN14340 (SALESFORCE - Salesforce.com, Inc., US)
PTR: dcl4-ncg0-lhr3.um4-lo2.force.com

service.force.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.225.17.244 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-225-17-244.compute-1.amazonaws.com

errors.client.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER - Twitter Inc., US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	icelandair.com www.icelandair.com pixels-cache.icelandair.com	1 MB
7	doubleclick.net 4 redirects 5325168.fls.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net ad.doubleclick.net	2 KB
7	google-analytics.com www.google-analytics.com	57 KB
4	google.com 1 redirects www.google.com adservice.google.com	542 B
4	travelaudience.com ads.travelaudience.com	21 KB
3	force.com service.force.com	9 KB
3	google.de www.google.de	328 B
3	facebook.net connect.facebook.net	123 KB
3	optimizely.com cdn.optimizely.com errors.client.optimizely.com	90 KB
2	facebook.com www.facebook.com	391 B
2	bugsnag.com sessions.bugsnag.com	328 B
2	yimg.com s.yimg.com	6 KB
2	bing.com bat.bing.com	8 KB
2	fullstory.com fullstory.com rs.fullstory.com	66 KB
1	twitter.com analytics.twitter.com	267 B
1	salesforce.com icelandair.my.salesforce.com	9 KB
1	bstatic.com q.bstatic.com	1 KB
1	t.co t.co	170 B
1	usabilla.com w.usabilla.com	90 B
1	googleadservices.com www.googleadservices.com	10 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	googletagmanager.com www.googletagmanager.com	33 KB
1	cyberhub.at phishing.cyberhub.at	129 KB
95	23

	Domain	Requested by
15	www.icelandair.com	phishing.cyberhub.at www.icelandair.com
14	pixels-cache.icelandair.com	phishing.cyberhub.at www.icelandair.com
7	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com phishing.cyberhub.at
4	ads.travelaudience.com	phishing.cyberhub.at ads.travelaudience.com
3	service.force.com	icelandair.my.salesforce.com
3	www.google.de	phishing.cyberhub.at
3	www.google.com	1 redirects phishing.cyberhub.at
3	connect.facebook.net	phishing.cyberhub.at connect.facebook.net
2	errors.client.optimizely.com	cdn.optimizely.com
2	ad.doubleclick.net	2 redirects
2	www.facebook.com	phishing.cyberhub.at connect.facebook.net
2	stats.g.doubleclick.net	1 redirects www.google-analytics.com
2	5325168.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	sessions.bugsnag.com	www.icelandair.com phishing.cyberhub.at
2	s.yimg.com	phishing.cyberhub.at s.yimg.com
2	bat.bing.com	www.googletagmanager.com phishing.cyberhub.at
1	analytics.twitter.com	static.ads-twitter.com
1	icelandair.my.salesforce.com	www.icelandair.com
1	q.bstatic.com	www.icelandair.com
1	adservice.google.com	phishing.cyberhub.at
1	t.co	phishing.cyberhub.at
1	rs.fullstory.com	fullstory.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	w.usabilla.com	phishing.cyberhub.at
1	www.googleadservices.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	fullstory.com	phishing.cyberhub.at
1	www.googletagmanager.com	phishing.cyberhub.at
1	cdn.optimizely.com	phishing.cyberhub.at
1	phishing.cyberhub.at
95	30

This site contains links to these domains. Also see Links.

Domain
www.icelandair.com
carrental.icelandair.com
hotels.icelandair.com
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com

Subject Issuer	Validity	Valid
phishing.cyberhub.at Let's Encrypt Authority X3	`2019-10-08` - `2020-01-06`	3 months	crt.sh
cdn.optimizely.com DigiCert ECC Secure Server CA	`2018-11-24` - `2020-02-23`	a year	crt.sh
*.icelandair.com DigiCert SHA2 High Assurance Server CA	`2018-11-05` - `2021-01-22`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.fullstory.com COMODO RSA Domain Validation Secure Server CA	`2017-12-27` - `2021-03-26`	3 years	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2019-08-14` - `2020-08-18`	a year	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-11-06` - `2020-02-04`	3 months	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2019-11-01` - `2019-12-16`	a month	crt.sh
*.bugsnag.com COMODO RSA Domain Validation Secure Server CA	`2018-05-18` - `2020-06-01`	2 years	crt.sh
w.usabilla.com Amazon	`2019-05-08` - `2020-06-08`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
ads.travelaudience.com Let's Encrypt Authority X3	`2019-10-24` - `2020-01-22`	3 months	crt.sh
www.google.de GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh
www.google.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.bstatic.com DigiCert ECC Secure Server CA	`2019-01-08` - `2020-01-13`	a year	crt.sh
*.my.salesforce.com DigiCert SHA2 Secure Server CA	`2017-12-03` - `2020-12-02`	3 years	crt.sh
*.um4.force.com DigiCert SHA2 Secure Server CA	`2018-06-24` - `2020-06-24`	2 years	crt.sh
errors.client.optimizely.com DigiCert SHA2 High Assurance Server CA	`2018-09-24` - `2020-09-28`	2 years	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://phishing.cyberhub.at/?rid=Ybz9JNp
Frame ID: 6725C1570C2C0B53A857B31966CF899D
Requests: 94 HTTP requests in this frame

Frame: https://w.usabilla.com/ac5d7b0d8b59.js?lv=1
Frame ID: 6A5A27B4185CBB1BADE763C71B772F1E
Requests: 1 HTTP requests in this frame

Frame: https://5325168.fls.doubleclick.net/activityi;dc_pre=CIHtmfva_uUCFcKadwodgXMDNw;src=5325168;type=remar0;cat=gener0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8775594433068.121
Frame ID: 673DC19C01F04C1F7582454B4F094002
Requests: 1 HTTP requests in this frame

Frame: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://phishing.cyberhub.at/?rid=Ybz9JNp
Frame ID: EE6834155FFE462210D4B21F8862F072
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<[^>]+data-react/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /optimizely\.com.*\.js/i

Page Statistics

95
Requests

81 %
HTTPS

45 %
IPv6

23
Domains

30
Subdomains

30
IPs

8
Countries

1866 kB
Transfer

6402 kB
Size

13
Cookies

47 Outgoing links

These are links going to different origins than the main page.

URL: https://www.icelandair.com/blogg/tilkynning-vegna-boeing-737max/
Title: Tilkynning Icelandair vegna Boeing 737MAX

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/is/#booking_section
Title: Beint í að bóka

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/flug/
Title: Flug

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/flug/stopover/
Title: Stopover

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/flug/gjafabref/
Title: Gjafabréf

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/frequent-flyer/
Title: Saga Club

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/pakkaferdir/hopabokun/
Title: Hópabókun

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/flug/london/
Title: London

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/flug/paris/
Title: París

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/flug/kaupmannahofn/
Title: Kaupmannahöfn

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/flug/amsterdam/
Title: Amsterdam

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/flug/reykjavik/
Title: Reykjavík

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/flug/berlin/
Title: Berlín

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/pakkaferdir/
Title: Pakkaferðir

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/pakkaferdir/ferdir/
Title: Ferðir

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/pakkaferdir/nordurljos/
Title: Norðurljós

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/pakkaferdir/borgarferdir/
Title: Borgarferðir

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/pakkaferdir/rutuferdir-med-fararstjorn/
Title: Leiðsögn

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/pakkaferdir/flug-og-bill/
Title: Flug

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/adstod/
Title: Aðstoð

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/adstod/farangur/
Title: Farangursreglur

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/adstod/fyrir-flugid/
Title: Fyrir flug

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/adstod/um-bord/
Title: Um borð

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/adstod/seradstod/
Title: Séraðstoð

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/adstod/um-bord/farrymi-um-bord/
Title: Fargjöld og farrými

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/adstod/flugvellir/
Title: Flugvellir

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/adstod/hafdu-samband/
Title: Hafðu samband

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/adstod/fyrir-flugid/stada-a-flugi/
Title: Staða á flugi

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/#cars
Title: Bílaleiga

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/#book-hotel
Title: Hótel

Search URL Search Domain Scan URL

URL: https://carrental.icelandair.com/?adplat=mobilenav&adcamp=mobilepage&preflang=us
Title: Bíll

Search URL Search Domain Scan URL

URL: https://hotels.icelandair.com/?lang=en-us&selected_currency=USD&label=mobilenav
Title: Hótel

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/flug/boston/
Title: BostonLesa nánar

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/flug/toronto/
Title: TorontoLesa nánar

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/um-okkur/kolefnisjafna/
Title: Lesa nánar

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/frequent-flyer/sertilbod/
Title: Lesa nánar

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Icelandair/

Search URL Search Domain Scan URL

URL: https://twitter.com/Icelandair/
Title: Twitter-blackCreated with Sketch.

Search URL Search Domain Scan URL

URL: https://www.instagram.com/icelandair/
Title: InstagramCreated with Sketch.

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/icelandair/
Title: ShapeCreated with Sketch.

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/um-okkur/
Title: Um okkur

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/adstod/fyrir-flugid/flugaaetlun/
Title: Flugáætlun

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/blogg/
Title: Blogg

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/sitemap/
Title: Veftré

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/um-okkur/job-vacancies/
Title: Störf í boði

Search URL Search Domain Scan URL

URL: https://www.icelandair.com/is/adstod/skilmalar-og-skilyrdi/notkun-fotspora/
Title: notkun fótspora

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://5325168.fls.doubleclick.net/activityi;src=5325168;type=remar0;cat=gener0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8775594433068.121 HTTP 302
https://5325168.fls.doubleclick.net/activityi;dc_pre=CIHtmfva_uUCFcKadwodgXMDNw;src=5325168;type=remar0;cat=gener0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8775594433068.121

Request Chain 42

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-100058470-6&cid=72595577.1574456349&jid=1776609346&gjid=836620401&_gid=646825255.1574456349&_u=YGBAgEAB~&z=1793609061 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-100058470-6&cid=72595577.1574456349&jid=1776609346&_v=j79&z=1793609061 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-100058470-6&cid=72595577.1574456349&jid=1776609346&_v=j79&z=1793609061&slf_rd=1&random=599110983

Request Chain 60

https://ad.doubleclick.net/ddm/activity/src=9773381;type=lv18k0;cat=icela0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4063345204916.2466 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=9773381;dc_pre=CIPkn_va_uUCFdoGiwodw5cDiw;type=lv18k0;cat=icela0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4063345204916.2466 HTTP 302
https://adservice.google.com/ddm/fls/z/src=9773381;dc_pre=CIPkn_va_uUCFdoGiwodw5cDiw;type=lv18k0;cat=icela0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4063345204916.2466

95 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
phishing.cyberhub.at/ 627 KB
129 KB 215ms
107ms Document
text/html 90.146.7.3
LIWEST-AT Linz

General

Check archive.org

Show headers Download Go to

Full URL: https://phishing.cyberhub.at/?rid=Ybz9JNp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 90.146.7.3 Julbach, Austria, ASN12605 (LIWEST-AT Linz, Austria, AT),
Reverse DNS: cpe90-146-7-2-static.liwest.at
Software: nginx/1.10.3 /
Resource Hash: a7d9cec51905cc029a38f975ae54fccb19ae25baa67e836e17d09b3af756efd7

Request headers

Host: phishing.cyberhub.at
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Sec-Fetch-User: ?1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Sec-Fetch-User: ?1

Response headers

Server: nginx/1.10.3
Date: Fri, 22 Nov 2019 20:59:08 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Vary: Accept-Encoding
X-Server: gophish

GET
H2 200 optimizely.js Show response
cdn.optimizely.com/public/8562715284/s/ 308 KB
90 KB 178ms
178ms Script
text/javascript 2a02:26f0:6c00:181::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/public/8562715284/s/optimizely.js

Requested by

Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:181::13b8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e10f1ac43bcfaf848fa964091ccd9b94229f0dfb9a831cbebd0f7a489fbdda2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: EsuSCD1_buiZoOtgsRp3odNdvhXEmptt
content-encoding: gzip
x-amz-request-id: 064B2D5D370EA1BC
status: 200
access-control-max-age: 86400
date: Fri, 22 Nov 2019 20:59:08 GMT
x-amz-replication-status: COMPLETED
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="5";dur=0,cdnip;desc="2a02:26f0:6c00:181::13b8";dur=0,cdnmap;desc="";dur=0,proto;desc="h2";dur=0
strict-transport-security: max-age=15768000
content-length: 91080
x-amz-id-2: 7UspO9bQxesyZRPb7X1afYsYgXN5BGI5f9uoqaibjCe6faFuDRm+Lkg5LnW3tE55PNzFYZSrjIA=
last-modified: Wed, 20 Nov 2019 12:18:18 GMT
server: AmazonS3
etag: "3d1abe1cdfc119fccb94813eef2ed9fe"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
x-amz-meta-revision: 3515
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 app.3bf0340d20e2f3937fd3.css
www.icelandair.com/ 570 KB
92 KB 89ms
31ms Stylesheet
text/css 13.225.78.13
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.icelandair.com/app.3bf0340d20e2f3937fd3.css
Requested by: Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.13 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-78-13.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 84c0ca1efc4704e0af66ab44b08a03b85002ccf147a9d959506acb811348d923

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 11:34:09 GMT
content-encoding: gzip
last-modified: Fri, 22 Nov 2019 11:07:55 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
status: 200
cache-control: public, max-age=86400
x-amz-cf-id: y1QZwo9njhAQHQAs8DOBPEjR1r0YXvzkPd04B3kM8TLgnvn68BehwQ==
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)

GET
H2 200 bltbfbff19cec7c56b4.svg
pixels-cache.icelandair.com/upload/icelandair/ 5 KB
2 KB 64ms
11ms Image
image/svg+xml 52.222.174.68
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixels-cache.icelandair.com/upload/icelandair/bltbfbff19cec7c56b4.svg
Requested by: Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.174.68 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-174-68.fra54.r.cloudfront.net
Software: cloudinary /
Resource Hash: 31a2dff11fb3789bdf4f432de711f80969395dcaf2854c56ef635bcd127ef63b

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Tue, 01 Oct 2019 18:50:25 GMT
content-encoding: gzip
age: 1818001
edge-cache-tag: 260763478252089303584690682717182431845,3504db265fc3fe876ff0ee3e475954d8
status: 200
content-disposition: attachment; filename="bltbfbff19cec7c56b4.svg"
content-length: 1820
via: 1.1 varnish, 1.1 09f4ecc806a7e34780fd19a93b984724.cloudfront.net (CloudFront)
x-served-by: cache-fra19123-FRA
x-cache: Hit from cloudfront
last-modified: Fri, 17 Aug 2018 11:32:47 GMT
server: cloudinary
x-timer: S1569955826.690959,VS0,VE172
etag: W/"280c0b6c865820a6478ff842af43117a"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA54
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Range,User-Agent
x-amz-cf-id: 9UiuTm3m-O6t2PqQbSRj9jS4fKvM1G6neYJy9mgMPUmrSBmvKETL4g==
x-cache-hits: 0

GET
H2 200 app.708c76e4ff882a2ad5dc.js Show response
www.icelandair.com/ 3 MB
849 KB 62ms
21ms Script
application/javascript 13.225.78.13
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.icelandair.com/app.708c76e4ff882a2ad5dc.js
Requested by: Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.13 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-78-13.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 973ba412c47abddeb91a7d4d9c7c2fa648a9bb444d797f720ebf768f0cbbd39c

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 11:34:09 GMT
content-encoding: gzip
last-modified: Fri, 22 Nov 2019 11:07:55 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
x-amz-cf-id: P2N64vKpWUKccw4YMRR249pidk3XK9Yz1CPNlG5vPiJjM3SbWI_cjA==
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 106 KB
33 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:81b::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KJ476ZB

Requested by

Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

81f6adcfaa579637c9539e8eb6376a92bae5544fc0e2755bb100055b00b7c9e0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 20:59:08 GMT
content-encoding: br
last-modified: Fri, 22 Nov 2019 18:00:00 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 33342
x-xss-protection: 0
expires: Fri, 22 Nov 2019 20:59:08 GMT

GET
DATA 200
OK truncated
/ 545 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13064e6beb64237b4b1d0ad0981317636135b306f071c28b4ec5e938b0d0a800

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 bltfc81f5ee9c19b106.jpg
pixels-cache.icelandair.com/upload/w_80%2Ch_45%2Cg_north_west%2Cc_fill%2Cf_auto%2Cq_auto%2Ce_blur:140/icelandair/ 698 B
1 KB 9ms
8ms Image
image/jpeg 52.222.174.68
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixels-cache.icelandair.com/upload/w_80%2Ch_45%2Cg_north_west%2Cc_fill%2Cf_auto%2Cq_auto%2Ce_blur:140/icelandair/bltfc81f5ee9c19b106.jpg

Requested by

Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.222.174.68 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-52-222-174-68.fra54.r.cloudfront.net

Software

Cloudinary /

Resource Hash

cdc68713ee7ddd9826413561a37f30b27e2e075130cb8ef1a339dc460181f7bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.icelandair.com/is/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 14:11:49 GMT
via: 1.1 09f4ecc806a7e34780fd19a93b984724.cloudfront.net (CloudFront)
age: 240324
x-cache: Hit from cloudfront
status: 200
server-timing: cloudinary;dur=65;start=2019-11-15T14:11:49.292Z,fastly;dur=0;total=158;start=2019-11-15T14:11:49.247Z;desc=MISS,rtt;dur=1
content-length: 698
last-modified: Fri, 15 Nov 2019 13:51:30 GMT
server: Cloudinary
etag: "8827c5910018af55d5bec84002b3cb1f"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Server-Timing
cache-control: public, no-transform, immutable, max-age=2592000
x-amz-cf-pop: FRA54
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 0Txn4o3-k32vQ3nfR_GLbFJGzTa2rMrdIXRy5zw3l4OkARn5lXUoyA==

GET
H2 200 0849b92f-12f7-438c-acdf-d269e324373e.svg
pixels-cache.icelandair.com/upload/icelandair/ 168 KB
77 KB 8ms
7ms Image
image/svg+xml 52.222.174.68
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixels-cache.icelandair.com/upload/icelandair/0849b92f-12f7-438c-acdf-d269e324373e.svg
Requested by: Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.174.68 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-174-68.fra54.r.cloudfront.net
Software: cloudinary /
Resource Hash: 6ee805b7b405789f22b3c8f6eb6ed9dc70f4dea8baf6471e69c4754c06233cf0

Request headers

Referer: https://www.icelandair.com/app.3bf0340d20e2f3937fd3.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 00:59:06 GMT
content-encoding: gzip
age: 2135774
edge-cache-tag: 303525825606928239408065653165776000947,3504db265fc3fe876ff0ee3e475954d8
status: 200
content-disposition: attachment; filename="0849b92f-12f7-438c-acdf-d269e324373e.svg"
via: 1.1 varnish, 1.1 09f4ecc806a7e34780fd19a93b984724.cloudfront.net (CloudFront)
x-served-by: cache-fra19180-FRA
x-cache: Hit from cloudfront
last-modified: Tue, 02 Jul 2019 10:02:57 GMT
server: cloudinary
x-timer: S1567126746.522918,VS0,VE550
etag: W/"de1f945c4bb421fcf3c35a4bf2f402e1"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA54
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Range,User-Agent
x-amz-cf-id: Jp5Bsm3kKRzzFeKoWhphK7Ve9gW9cxVD9JLjDjqUOYmM3jbnDzTAqQ==
x-cache-hits: 0

GET 34843D_A_0.woff2
www.icelandair.com/static/fonts/NeueHaasUnicaPro/ 0
0

GET 34843D_C_0.woff2
www.icelandair.com/static/fonts/NeueHaasUnicaPro/ 0
0

GET Altitude-Medium.woff2
www.icelandair.com/static/fonts/Altitude/ 0
0

GET 34843D_3_0.woff2
www.icelandair.com/static/fonts/NeueHaasUnicaPro/ 0
0

GET Altitude-Regular.woff2
www.icelandair.com/static/fonts/Altitude/ 0
0

GET 34843D_8_0.woff2
www.icelandair.com/static/fonts/NeueHaasUnicaPro/ 0
0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJ476ZB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 1531
date: Fri, 22 Nov 2019 20:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Fri, 22 Nov 2019 22:33:37 GMT

GET
H2 200 fs.js Show response
fullstory.com/s/ 179 KB
65 KB 58ms
13ms Script
application/javascript 2001:4860:4802:36::15
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fullstory.com/s/fs.js

Requested by

Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

0d6f67ad4ef16f69d04d1d86fac8b5ad460b145b86a363ebc91d76cf0b98b721

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
content-encoding: gzip
server: Google Frontend
age: 356
etag: "zM_jJg"
vary: Accept-Encoding
content-type: application/javascript
status: 200
x-cloud-trace-context: 281449b6ab5259953144c701ff6a8991
cache-control: public, max-age=600
date: Fri, 22 Nov 2019 20:53:12 GMT
timing-allow-origin: *
access-control-allow-origin: *
content-length: 66524
expires: Fri, 22 Nov 2019 21:03:12 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 22ms
22ms Script
application/javascript 151.101.112.157
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJ476ZB
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 20:59:08 GMT
content-encoding: gzip
age: 45962
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1954
x-served-by: cache-hhn4033-HHN
last-modified: Tue, 23 Jan 2018 20:09:00 GMT
x-timer: S1574456349.726741,VS0,VE0
etag: "b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
H2 200 bat.js Show response
bat.bing.com/ 23 KB
7 KB 88ms
47ms Script
application/javascript 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJ476ZB
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 20:59:08 GMT
content-encoding: gzip
last-modified: Tue, 10 Sep 2019 18:57:28 GMT
x-msedge-ref: Ref A: 68B16065E6A04221B55AE0FA11056BF3 Ref B: VIEEDGE1109 Ref C: 2019-11-22T20:59:08Z
access-control-allow-origin: *
etag: "09c5197968d51:0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7148

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 25 KB
10 KB 22ms
21ms Script
text/javascript 172.217.23.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJ476ZB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

69e3a796f4b120879065a812b95b56fd4d28f88faf8c1976ad9b0fa2f31dc0eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 20:59:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9614
x-xss-protection: 0
server: cafe
etag: 5296095546589048175
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 22 Nov 2019 20:59:08 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 121 KB
27 KB 21ms
21ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

f20f83cb7683a1a3138cd52201d83436e33a5e67ef0b9c96bbdab860b5f7da16

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
content-length: 26765
x-xss-protection: 0
pragma: public
x-fb-debug: vAP+A9OwLLMzEQROpF4IuPNAuQlvcsRrly2vs6UapuGIkXSJ9h/aWxoA/b1AHn2z2gugH3MCdzFbo6q3pjZ5MA==
x-fb-trip-id: 420120009
date: Fri, 22 Nov 2019 20:59:08 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 19 KB
6 KB 50ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::2000
Oath Holdings Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),

Reverse DNS

Software

ATS /

Resource Hash

7edb2213c1f4f569617389783ba544f9997d11a1fc5e54406582b25967bfde66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 20:21:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2267
x-amz-server-side-encryption: AES256
status: 200
content-length: 5150
strict-transport-security: max-age=15552000
x-amz-request-id: 1D00FA721FE3FD88
x-amz-id-2: tyWn8AegOrk7rqi4x0zVZbJzDwQXM9OAXbKks5vxbogsbS0ur68TU51klRbNxzKTlxIAAjOuF70=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 12 Nov 2020 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 08 Oct 2019 10:16:59 GMT
server: ATS
etag: "254a43f994019deb4ca1830f04bd5d32-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
x-amz-version-id: x4Y4HVRbF4l0Lw4GKvYmVr0DuE8bwWr0
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
accept-ranges: bytes
content-type: application/javascript

GET Altitude-Medium.woff
www.icelandair.com/static/fonts/Altitude/ 0
0

OPTIONS
H2 200 / Show response
sessions.bugsnag.com/ 0
222 B 160ms
146ms XHR
text/plain 35.190.88.7
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: www.icelandair.com
URL: https://www.icelandair.com/app.708c76e4ff882a2ad5dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.88.7 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 7.88.190.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://phishing.cyberhub.at
Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type

Response headers

date: Fri, 22 Nov 2019 20:59:09 GMT
via: 1.1 google
access-control-allow-origin: *
access-control-allow-methods: POST
status: 200
access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
alt-svc: clear
content-length: 0

OPTIONS
H2 403 / Show response
www.icelandair.com/api/ip/ 0
0 7ms
7ms Fetch
text/html 13.225.78.13
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.icelandair.com/api/ip/
Requested by: Host: www.icelandair.com
URL: https://www.icelandair.com/app.708c76e4ff882a2ad5dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.13 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-78-13.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: GET
Origin: https://phishing.cyberhub.at
Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers: x-correlation-id

Response headers

GET 34843D_A_0.woff
www.icelandair.com/static/fonts/NeueHaasUnicaPro/ 0
0

GET 34843D_C_0.woff
www.icelandair.com/static/fonts/NeueHaasUnicaPro/ 0
0

GET
H2 204 ac5d7b0d8b59.js Show response
w.usabilla.com/ Frame 6A5A 0
90 B 106ms
48ms Script
text/plain 54.77.20.174
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://w.usabilla.com/ac5d7b0d8b59.js?lv=1
Requested by: Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.20.174 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-77-20-174.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Fri, 22 Nov 2019 20:59:09 GMT
cache-control: public, max-age=60
x-widget-server: 2.1

GET 34843D_8_0.woff
www.icelandair.com/static/fonts/NeueHaasUnicaPro/ 0
0

GET Altitude-Regular.woff
www.icelandair.com/static/fonts/Altitude/ 0
0

GET 34843D_3_0.woff
www.icelandair.com/static/fonts/NeueHaasUnicaPro/ 0
0

GET Altitude-Medium.ttf
www.icelandair.com/static/fonts/Altitude/ 0
0

GET
H2

200

activityi;dc_pre=CIHtmfva_uUCFcKadwodgXMDNw;src=5325168;type=remar0;cat=gener0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8775594433068.121
5325168.fls.doubleclick.net/ Frame 673D
Redirect Chain

https://5325168.fls.doubleclick.net/activityi;src=5325168;type=remar0;cat=gener0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8775594433068.121?
https://5325168.fls.doubleclick.net/activityi;dc_pre=CIHtmfva_uUCFcKadwodgXMDNw;src=5325168;type=remar0;cat=gener0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8775594433068.121?

0
0

25ms
25ms

Document
text/html

172.217.21.230
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://5325168.fls.doubleclick.net/activityi;dc_pre=CIHtmfva_uUCFcKadwodgXMDNw;src=5325168;type=remar0;cat=gener0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8775594433068.121?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJ476ZB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.230 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s13-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5325168.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CIHtmfva_uUCFcKadwodgXMDNw;src=5325168;type=remar0;cat=gener0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8775594433068.121?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Fri, 22 Nov 2019 20:59:09 GMT
expires: Fri, 22 Nov 2019 20:59:09 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 318
x-xss-protection: 0
set-cookie: IDE=AHWqTUkYetuzZnvDm4lm5vddHmTl68jLHSpIgoYRLyXjd-EUK9RfyYdV1WVtVUap; expires=Wed, 16-Dec-2020 20:59:09 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Fri, 22 Nov 2019 20:59:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5325168.fls.doubleclick.net/activityi;dc_pre=CIHtmfva_uUCFcKadwodgXMDNw;src=5325168;type=remar0;cat=gener0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8775594433068.121?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 22-Nov-2019 21:14:09 GMT; path=/; domain=.doubleclick.net
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

OPTIONS
H2 403 index.json Show response
www.icelandair.com/api/bookingconfig/v1/ 0
0 7ms
6ms Fetch
text/html 13.225.78.13
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.icelandair.com/api/bookingconfig/v1/index.json
Requested by: Host: www.icelandair.com
URL: https://www.icelandair.com/app.708c76e4ff882a2ad5dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.13 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-78-13.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: GET
Origin: https://phishing.cyberhub.at
Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers: x-correlation-id

Response headers

GET 34843D_A_0.ttf
www.icelandair.com/static/fonts/NeueHaasUnicaPro/ 0
0

GET
H2 200 ta.js Show response
ads.travelaudience.com/js/ 80 KB
20 KB 41ms
15ms Script
application/javascript 35.190.0.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.travelaudience.com/js/ta.js
Requested by: Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.0.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 66.0.190.35.bc.googleusercontent.com
Software: nginx/1.15.12 /
Resource Hash: c6254280f2ddca6be619d1471b696f6081d8a37b2e4ec4b8d2ceb5ccfb7ebaf1

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: public
date: Fri, 22 Nov 2019 20:59:09 GMT
content-encoding: gzip
last-modified: Thu, 21 Nov 2019 10:13:09 GMT
server: nginx/1.15.12
etag: W/"5dd66335-14183"
vary: Accept-Encoding, Origin
content-type: application/javascript
status: 200
cache-control: max-age=86400, public
alt-svc: clear
via: 1.1 google
expires: Sat, 23 Nov 2019 20:59:09 GMT

GET 34843D_C_0.ttf
www.icelandair.com/static/fonts/NeueHaasUnicaPro/ 0
0

GET Altitude-Regular.ttf
www.icelandair.com/static/fonts/Altitude/ 0
0

GET 34843D_8_0.ttf
www.icelandair.com/static/fonts/NeueHaasUnicaPro/ 0
0

GET 34843D_3_0.ttf
www.icelandair.com/static/fonts/NeueHaasUnicaPro/ 0
0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1035035799/ 2 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1035035799/?random=1574456349053&cv=9&fst=1574456349053&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgav9&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fphishing.cyberhub.at%2F%3Frid%3DYbz9JNp&tiba=Flug%20til%20Evr%C3%B3pu%20og%20Nor%C3%B0ur-Amer%C3%ADku%20%7C%20Icelandair&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0d38b9cd3b9224e370f9283171222e36e350b2e7fb12b3981b30deca95a8cbe6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Nov 2019 20:59:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 977
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
107 B 16ms
16ms XHR
text/plain 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j79&a=1625664900&t=pageview&_s=1&dl=https%3A%2F%2Fphishing.cyberhub.at%2F%3Frid%3DYbz9JNp&ul=en-us&de=UTF-8&dt=Flug%20til%20Evr%C3%B3pu%20og%20Nor%C3%B0ur-Amer%C3%ADku%20%7C%20Icelandair&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YGDACMABBAAAAC~&jid=2106766412&gjid=126565154&cid=72595577.1574456349&tid=UA-100058470-1&_gid=646825255.1574456349&_r=1&gtm=2wgav9KJ476ZB&cd9=Icelandair%20Web&cd7=is-IS&cd8=blt715fda00704788b2&z=385721365

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
Origin: https://phishing.cyberhub.at
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 22 Nov 2019 20:59:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://phishing.cyberhub.at
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
109 B 7ms
7ms Image
image/gif 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&aip=1&a=1625664900&t=pageview&_s=1&dl=https%3A%2F%2Fphishing.cyberhub.at%2F%3Frid%3DYbz9JNp&ul=en-us&de=UTF-8&dt=Flug%20til%20Evr%C3%B3pu%20og%20Nor%C3%B0ur-Amer%C3%ADku%20%7C%20Icelandair&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YGBAgEAB~&jid=1776609346&gjid=836620401&cid=72595577.1574456349&tid=UA-100058470-6&_gid=646825255.1574456349&gtm=2wgav9KJ476ZB&cg1=Portal&cg2=IS-is&cd9=FI%2FIS%2Fis%2FPortal&z=585939495

Requested by

Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Nov 2019 05:06:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 229951
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-100058470-6&cid=72595577.1574456349&jid=1776609346&gjid=836620401&_gid=646825255.1574456349&_u=YGBAgEAB~&z=1793609061
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-100058470-6&cid=72595577.1574456349&jid=1776609346&_v=j79&z=1793609061
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-100058470-6&cid=72595577.1574456349&jid=1776609346&_v=j79&z=1793609061&slf_rd=1&random=599110983

42 B
109 B

29ms
29ms

Image
image/gif

2a00:1450:4001:806::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-100058470-6&cid=72595577.1574456349&jid=1776609346&_v=j79&z=1793609061&slf_rd=1&random=599110983

Requested by

Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Nov 2019 20:59:09 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 22 Nov 2019 20:59:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-100058470-6&cid=72595577.1574456349&jid=1776609346&_v=j79&z=1793609061&slf_rd=1&random=599110983
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 403 index.json Show response
www.icelandair.com/api/content/v3/wwwconfig/v1/en-us/ 0
0 122ms
122ms Fetch
text/html 13.225.78.13
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.icelandair.com/api/content/v3/wwwconfig/v1/en-us/index.json
Requested by: Host: www.icelandair.com
URL: https://www.icelandair.com/app.708c76e4ff882a2ad5dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.13 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-78-13.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: GET
Origin: https://phishing.cyberhub.at
Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers: x-correlation-id

Response headers

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 40 KB
11 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.13

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

764934a7bd43ca9db4f39284e1e8945bb4b1960cd82062cf12f6e857b945602f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
content-length: 10323
x-xss-protection: 0
pragma: public
x-fb-debug: HdhDUPyaOUr2m+iHFdkZq2fLJujB2KDqedb998Wp3M1PcDL09Q2nhcNhurtb4prw49pt957/3se1DCwy3NhNZw==
x-fb-trip-id: 420120009
date: Fri, 22 Nov 2019 20:59:09 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1817864205105571 Show response
connect.facebook.net/signals/config/ 349 KB
85 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1817864205105571?v=2.9.13&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

826bbbaf6bf5386012412b1b5f41c2554528c5005b342e84f1791bc9ec982f07

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
content-length: 87142
x-xss-protection: 0
pragma: public
x-fb-debug: +NGOigDVhpt7XXvN7jt/7pBIOZV41CTKqzkJnrTfEzZXq7vzdLVS2epPwwjimx3AyVQTD2YJI5XB+Jj1BCawQg==
x-fb-trip-id: 420120009
date: Fri, 22 Nov 2019 20:59:09 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 10057461.json Show response
s.yimg.com/wi/config/ 2 B
481 B 164ms
130ms XHR
application/json 2a00:1288:f03d:1fa::2000
Oath Holdings Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10057461.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
Origin: https://phishing.cyberhub.at

Response headers

date: Fri, 22 Nov 2019 20:59:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1
status: 200
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: 02240A90A5E9B9D6
x-amz-id-2: jVR+EimXripDAxSRbLi62XQqaCijcmynEJ5M17LfD/KEMxDe6jfOuNd7DJxTUiGvQ+dVYwbR4TA=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600

GET
H2 204 0
bat.bing.com/action/ 0
170 B 46ms
46ms Image
text/plain 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=4052855&Ver=2&mid=b88d7358-ffb2-d830-0074-e0991a75f20d&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Flug%20til%20Evr%C3%B3pu%20og%20Nor%C3%B0ur-Amer%C3%ADku%20%7C%20Icelandair&p=https%3A%2F%2Fphishing.cyberhub.at%2F%3Frid%3DYbz9JNp&r=&lt=737&evt=pageLoad&msclkid=N&rn=733481
Requested by: Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Fri, 22 Nov 2019 20:59:09 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: DB5D113952864424A643D63F877A7007 Ref B: VIEEDGE1109 Ref C: 2019-11-22T20:59:09Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 202 page Show response
rs.fullstory.com/rec/ 15 B
246 B 126ms
112ms XHR
text/plain 35.186.194.58
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://rs.fullstory.com/rec/page

Requested by

Host: fullstory.com
URL: https://fullstory.com/s/fs.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.186.194.58 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

58.194.186.35.bc.googleusercontent.com

Software

Resource Hash

1a052772b12b3f9f3d47958687439a18596431ffd6c06566a0cdf1cedcdc311b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
Origin: https://phishing.cyberhub.at
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 22 Nov 2019 20:59:09 GMT
via: 1.1 google
x-content-type-options: nosniff
status: 202
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://phishing.cyberhub.at
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 15
expires: 0

GET
H2 200 adsct
t.co/i/ 43 B
170 B 110ms
110ms Image
image/gif 104.244.42.69
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nyzs6&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

Requested by

Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 20:59:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=0
content-length: 65
x-xss-protection: 0
x-response-time: 104
pragma: no-cache
last-modified: Fri, 22 Nov 2019 20:59:09 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 1b97771e9dfac1ee9d5a756619311388
x-transaction: 001dd3e000b35c6c
expires: Tue, 31 Mar 1981 05:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
93 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c08::9d
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-100058470-1&cid=72595577.1574456349&jid=2106766412&gjid=126565154&_gid=646825255.1574456349&_u=YGDACMABBAAAAC~&z=1930600465

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
Origin: https://phishing.cyberhub.at
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 22 Nov 2019 20:59:09 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://phishing.cyberhub.at
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
106 B 147ms
147ms XHR
application/json 35.190.88.7
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.88.7 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 7.88.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1.0
Origin: https://phishing.cyberhub.at
Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
Bugsnag-Sent-At: 2019-11-22T20:59:08.930Z
Bugsnag-Api-Key: 57a7d03d7244e2243335a6643d18e9fe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type: application/json

Response headers

status: 202
date: Fri, 22 Nov 2019 20:59:09 GMT
via: 1.1 google
access-control-allow-origin: *
alt-svc: clear
content-length: 21
content-type: application/json

GET
H2 200 /
www.google.com/pagead/1p-user-list/1035035799/ 42 B
122 B 21ms
21ms Image
image/gif 2a00:1450:4001:800::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1035035799/?random=1574456349053&cv=9&fst=1574452800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgav9&sendb=1&frm=0&url=https%3A%2F%2Fphishing.cyberhub.at%2F%3Frid%3DYbz9JNp&tiba=Flug%20til%20Evr%C3%B3pu%20og%20Nor%C3%B0ur-Amer%C3%ADku%20%7C%20Icelandair&async=1&fmt=3&is_vtc=1&random=1739797237&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Nov 2019 20:59:09 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1035035799/ 42 B
110 B 22ms
22ms Image
image/gif 2a00:1450:4001:806::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1035035799/?random=1574456349053&cv=9&fst=1574452800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgav9&sendb=1&frm=0&url=https%3A%2F%2Fphishing.cyberhub.at%2F%3Frid%3DYbz9JNp&tiba=Flug%20til%20Evr%C3%B3pu%20og%20Nor%C3%B0ur-Amer%C3%ADku%20%7C%20Icelandair&async=1&fmt=3&is_vtc=1&random=1739797237&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Nov 2019 20:59:09 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 uuid.ashx Show response
ads.travelaudience.com/ 316 B
688 B 15ms
15ms Script
application/javascript 35.190.0.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.travelaudience.com/uuid.ashx?callback=_callbacks_._0k3amnq2l
Requested by: Host: ads.travelaudience.com
URL: https://ads.travelaudience.com/js/ta.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.0.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 66.0.190.35.bc.googleusercontent.com
Software: nginx/1.15.12 /
Resource Hash: 19d9e91ccd136dde91ccc3097b7108b79b7e53794349ab1849e3bc9e3135a749

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 20:59:09 GMT
content-encoding: gzip
x-engine-version: v2.24.0
server: nginx/1.15.12
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
status: 200
x-host: tde-deliveryengine-production-bf48b8659-5xwng
content-type: application/javascript
alt-svc: clear
via: 1.1 google

GET
H2 200 /
www.facebook.com/tr/ 44 B
332 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1817864205105571&ev=PageView&dl=https%3A%2F%2Fphishing.cyberhub.at%2F%3Frid%3DYbz9JNp&rl=&if=false&ts=1574456349128&sw=1600&sh=1200&v=2.9.13&r=stable&ec=0&o=30&fbp=fb.1.1574456349128.165954645&it=1574456349073&coo=false&rqm=GET

Requested by

Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 20:59:09 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-23=":443"; ma=3600
content-length: 44
expires: Fri, 22 Nov 2019 20:59:09 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
120 B 28ms
28ms Image
image/gif 2a00:1450:4001:800::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j79&tid=UA-100058470-1&cid=72595577.1574456349&jid=2106766412&_u=YGDACMABBAAAAC~&z=1412732481

Requested by

Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Nov 2019 20:59:09 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
109 B 28ms
28ms Image
image/gif 2a00:1450:4001:806::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j79&tid=UA-100058470-1&cid=72595577.1574456349&jid=2106766412&_u=YGDACMABBAAAAC~&z=1412732481

Requested by

Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Nov 2019 20:59:09 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 uuid.ashx Show response
ads.travelaudience.com/ 226 B
258 B 14ms
14ms Script
application/javascript 35.190.0.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.travelaudience.com/uuid.ashx?callback=_callbacks_._1k3amnq32
Requested by: Host: ads.travelaudience.com
URL: https://ads.travelaudience.com/js/ta.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.0.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 66.0.190.35.bc.googleusercontent.com
Software: nginx/1.15.12 /
Resource Hash: b14c7ee3ee295c22302a438cdf74c789da16025d2f1278bdd9ac1623994d2f10

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 20:59:09 GMT
content-encoding: gzip
x-engine-version: v2.24.0
server: nginx/1.15.12
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
status: 200
x-host: tde-deliveryengine-production-bf48b8659-5xwng
content-type: application/javascript
alt-svc: clear
via: 1.1 google

GET
H2 200 trg.gif
ads.travelaudience.com/ 35 B
329 B 15ms
15ms Image
image/gif 35.190.0.66
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.travelaudience.com/trg.gif?crypt=dWlkPTM0Q0MwOEM3LTVGRkMtNEYwNy05MDRDLTQ5Q0YzQzVBRDFENiZzYz0xJmFjYz0zMDAwMDM0OSZkcz1hdiZsdmw9MSZwdD01JmxhPWlzJnI9MC45NjgzNzcwNTk0MDMyMjU5JnU9aHR0cHMlM0ElMkYlMkZwaGlzaGluZy5jeWJlcmh1Yi5hdCUyRiUzRnJpZCUzRFliejlKTnA%253D
Requested by: Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.0.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 66.0.190.35.bc.googleusercontent.com
Software: nginx/1.15.12 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 20:59:09 GMT
content-encoding: gzip
x-engine-version: v2.24.0
server: nginx/1.15.12
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
status: 200
x-host: tde-deliveryengine-production-bf48b8659-nzrsz
content-type: image/gif
alt-svc: clear
via: 1.1 google

GET
H2

200

src=9773381;dc_pre=CIPkn_va_uUCFdoGiwodw5cDiw;type=lv18k0;cat=icela0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4063345204916.2466
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=9773381;type=lv18k0;cat=icela0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4063345204916.2466?
https://ad.doubleclick.net/ddm/activity/src=9773381;dc_pre=CIPkn_va_uUCFdoGiwodw5cDiw;type=lv18k0;cat=icela0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4063345204916.2466?
https://adservice.google.com/ddm/fls/z/src=9773381;dc_pre=CIPkn_va_uUCFdoGiwodw5cDiw;type=lv18k0;cat=icela0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4063345204916.2466

42 B
109 B

17ms
17ms

Image
image/gif

2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=9773381;dc_pre=CIPkn_va_uUCFdoGiwodw5cDiw;type=lv18k0;cat=icela0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4063345204916.2466

Requested by

Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Nov 2019 20:59:09 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 22 Nov 2019 20:59:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://adservice.google.com/ddm/fls/z/src=9773381;dc_pre=CIPkn_va_uUCFdoGiwodw5cDiw;type=lv18k0;cat=icela0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4063345204916.2466
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 undefined Show response
www.icelandair.com/api/ipapi/ 475 B
930 B 234ms
234ms XHR
application/json 13.225.78.13
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.icelandair.com/api/ipapi/undefined

Requested by

Host: www.icelandair.com
URL: https://www.icelandair.com/app.708c76e4ff882a2ad5dc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.225.78.13 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-13-225-78-13.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

0900cc5bdb5a9b31035214ecb22ea2d8c76563052d07db402cd99e5315d2598d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
Origin: https://phishing.cyberhub.at
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 20:59:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
status: 200
allow: HEAD, POST, OPTIONS, OPTIONS, GET
vary: Host,Origin
x-xss-protection: 1; mode=block
x-cache-nginx-date: Fri, 22 Nov 2019 20:59:09 GMT
access-control-allow-origin: https://phishing.cyberhub.at
x-cache-nginx: Status:
server: nginx
x-frame-options: SAMEORIGIN, DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
via: 1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
cf-ray: 539dd356bc882997-DUB
x-amz-cf-id: qv_0Jq9pLUXhwFnTtQvzNu00tJsxTt1pp4BZKg0RoT__oDnnVa8gog==

OPTIONS
H2 403 alert.json Show response
www.icelandair.com/api/content/v3/travel-alert/v2/en-us/ 0
0 6ms
6ms Fetch
text/html 13.225.78.13
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.icelandair.com/api/content/v3/travel-alert/v2/en-us/alert.json
Requested by: Host: www.icelandair.com
URL: https://www.icelandair.com/app.708c76e4ff882a2ad5dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.13 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-78-13.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: GET
Origin: https://phishing.cyberhub.at
Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers: x-correlation-id

Response headers

GET
H/1.1 200
OK search_extension.js Show response
q.bstatic.com/static/affiliate_base/js/ 1 KB
1 KB 47ms
12ms Script
application/javascript 5.57.17.99
BOOKING-BV Bookin...

General

Check archive.org

Show headers Download Go to

Full URL

https://q.bstatic.com/static/affiliate_base/js/search_extension.js

Requested by

Host: www.icelandair.com
URL: https://www.icelandair.com/app.708c76e4ff882a2ad5dc.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

5.57.17.99 Amsterdam, Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),

Reverse DNS

q.bstatic.com

Software

nginx /

Resource Hash

f15f76413ad7daa76cdac98ef1992f8955ffdcecf5277ace23135598fe5f0c9e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Fri, 22 Nov 2019 20:59:09 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 Jul 2019 15:26:45 GMT
Server: nginx
ETag: W/"5d41b335-5c6"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Timing-Allow-Origin: *
X-XSS-Protection: 1; mode=block
Expires: Sun, 22 Dec 2019 20:59:09 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a573fe5f45483f715b23ef88f4ec79bc2ccb6f0b273cf378faaf2201e9e4531

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

OPTIONS
H2 403 return Show response
www.icelandair.com/api/instantSearch/v1/bestPrice/ 0
0 8ms
8ms Fetch
text/html 13.225.78.13
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.icelandair.com/api/instantSearch/v1/bestPrice/return?departure=NYC&arrival=LON&locale=en-US&period=180&tripDuration=14&tripDurationFlexibility=14&fallbackToRouteCurrency=true&X-Correlation-Id=WWWUserRequest
Requested by: Host: www.icelandair.com
URL: https://www.icelandair.com/app.708c76e4ff882a2ad5dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.13 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-78-13.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: GET
Origin: https://phishing.cyberhub.at
Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers: x-correlation-id

Response headers

OPTIONS
H2 403 return Show response
www.icelandair.com/api/instantSearch/v1/bestPrice/ 0
0 7ms
7ms Fetch
text/html 13.225.78.13
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.icelandair.com/api/instantSearch/v1/bestPrice/return?departure=NYC&arrival=CPH&locale=en-US&period=180&tripDuration=14&tripDurationFlexibility=14&fallbackToRouteCurrency=true&X-Correlation-Id=WWWUserRequest
Requested by: Host: www.icelandair.com
URL: https://www.icelandair.com/app.708c76e4ff882a2ad5dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.13 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-78-13.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: GET
Origin: https://phishing.cyberhub.at
Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers: x-correlation-id

Response headers

OPTIONS
H2 403 return Show response
www.icelandair.com/api/instantSearch/v1/bestPrice/ 0
0 7ms
6ms Fetch
text/html 13.225.78.13
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.icelandair.com/api/instantSearch/v1/bestPrice/return?departure=NYC&arrival=BER&locale=en-US&period=180&tripDuration=14&tripDurationFlexibility=14&fallbackToRouteCurrency=true&X-Correlation-Id=WWWUserRequest
Requested by: Host: www.icelandair.com
URL: https://www.icelandair.com/app.708c76e4ff882a2ad5dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.13 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-78-13.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: GET
Origin: https://phishing.cyberhub.at
Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers: x-correlation-id

Response headers

OPTIONS
H2 403 return Show response
www.icelandair.com/api/instantSearch/v1/bestPrice/ 0
0 6ms
6ms Fetch
text/html 13.225.78.13
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.icelandair.com/api/instantSearch/v1/bestPrice/return?departure=NYC&arrival=BOS&locale=en-US&period=180&tripDuration=14&tripDurationFlexibility=14&fallbackToRouteCurrency=true&X-Correlation-Id=WWWUserRequest
Requested by: Host: www.icelandair.com
URL: https://www.icelandair.com/app.708c76e4ff882a2ad5dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.13 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-78-13.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: GET
Origin: https://phishing.cyberhub.at
Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers: x-correlation-id

Response headers

OPTIONS
H2 403 return Show response
www.icelandair.com/api/instantSearch/v1/bestPrice/ 0
0 7ms
6ms Fetch
text/html 13.225.78.13
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.icelandair.com/api/instantSearch/v1/bestPrice/return?departure=NYC&arrival=YTO&locale=en-US&period=180&tripDuration=14&tripDurationFlexibility=14&fallbackToRouteCurrency=true&X-Correlation-Id=WWWUserRequest
Requested by: Host: www.icelandair.com
URL: https://www.icelandair.com/app.708c76e4ff882a2ad5dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.13 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-78-13.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: GET
Origin: https://phishing.cyberhub.at
Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers: x-correlation-id

Response headers

OPTIONS
H2 403 / Show response
www.icelandair.com/api/content/v1/blog/ 0
0 6ms
6ms Fetch
text/html 13.225.78.13
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.icelandair.com/api/content/v1/blog/?locationId=us&languageId=en-US&range=1-3
Requested by: Host: www.icelandair.com
URL: https://www.icelandair.com/app.708c76e4ff882a2ad5dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.13 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-78-13.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: GET
Origin: https://phishing.cyberhub.at
Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers: x-correlation-id

Response headers

GET
H2 200 bltf2847770c998d7ef.jpg
pixels-cache.icelandair.com/upload/w_80%2Ch_45%2Cg_auto%2Cc_fill%2Cf_auto%2Cq_auto%2Ce_blur:140/icelandair/ 785 B
1 KB 9ms
9ms Image
image/jpeg 52.222.174.68
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixels-cache.icelandair.com/upload/w_80%2Ch_45%2Cg_auto%2Cc_fill%2Cf_auto%2Cq_auto%2Ce_blur:140/icelandair/bltf2847770c998d7ef.jpg
Requested by: Host: www.icelandair.com
URL: https://www.icelandair.com/app.708c76e4ff882a2ad5dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.174.68 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-174-68.fra54.r.cloudfront.net
Software: cloudinary /
Resource Hash: 6e5f4be86330152faf5b11d458d2d9c6c16a13b472d8276fbfea0934c96cd1d6

Request headers

Referer: https://www.icelandair.com/is/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 11:14:39 GMT
via: 1.1 varnish, 1.1 09f4ecc806a7e34780fd19a93b984724.cloudfront.net (CloudFront)
age: 207587
edge-cache-tag: 202341593660264392345842948659500718373,424087156456528992043391794585255388999,3504db265fc3fe876ff0ee3e475954d8
status: 200
x-cache: Hit from cloudfront
content-length: 785
x-served-by: cache-hhn4045-HHN
last-modified: Tue, 17 Jul 2018 10:13:43 GMT
server: cloudinary
x-timer: S1568718880.797798,VS0,VE1
etag: "bed56c306c50ecbe6a6acb807ef7f423"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA54
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Range,User-Agent
x-amz-cf-id: pWroasnGv-5rDG-oCQNspndxJM3yZlbT8R8c6Gb1Td10oQQNlAopKw==
x-cache-hits: 1

GET
H2 200 blt7cf00f5ae4229d57.jpg
pixels-cache.icelandair.com/upload/w_80%2Ch_45%2Cg_auto%2Cc_fill%2Cf_auto%2Cq_auto%2Ce_blur:140/icelandair/ 1 KB
2 KB 9ms
9ms Image
image/jpeg 52.222.174.68
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixels-cache.icelandair.com/upload/w_80%2Ch_45%2Cg_auto%2Cc_fill%2Cf_auto%2Cq_auto%2Ce_blur:140/icelandair/blt7cf00f5ae4229d57.jpg
Requested by: Host: www.icelandair.com
URL: https://www.icelandair.com/app.708c76e4ff882a2ad5dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.174.68 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-174-68.fra54.r.cloudfront.net
Software: cloudinary /
Resource Hash: 79eb80eefa1fdd403d49406acef77d01553c8a91cf2886e5580f509815d69f32

Request headers

Referer: https://www.icelandair.com/is/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Tue, 12 Nov 2019 18:02:23 GMT
via: 1.1 varnish, 1.1 09f4ecc806a7e34780fd19a93b984724.cloudfront.net (CloudFront)
age: 207587
edge-cache-tag: 496473911391340198874252796350145166969,424087156456528992043391794585255388999,3504db265fc3fe876ff0ee3e475954d8
status: 200
x-cache: Hit from cloudfront
content-length: 1433
x-served-by: cache-fra19174-FRA
last-modified: Tue, 17 Jul 2018 10:13:46 GMT
server: cloudinary
x-timer: S1568735981.466320,VS0,VE1
etag: "155aa3559ef6638bfd25133b90eece3a"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, no-transform, immutable, max-age=2592000
x-amz-cf-pop: FRA54
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Range,User-Agent
x-amz-cf-id: vGweOkX-E_DMiqK9DGJaOXUeaMrPqn06qNctITToErVKkmlBgKlaoA==
x-cache-hits: 1

GET
H2 200 blt579dbb468c324c71.jpg
pixels-cache.icelandair.com/upload/w_80%2Ch_45%2Cg_north%2Cc_fill%2Cf_auto%2Cq_auto%2Ce_blur:140/icelandair/ 802 B
1 KB 12ms
12ms Image
image/jpeg 52.222.174.68
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixels-cache.icelandair.com/upload/w_80%2Ch_45%2Cg_north%2Cc_fill%2Cf_auto%2Cq_auto%2Ce_blur:140/icelandair/blt579dbb468c324c71.jpg
Requested by: Host: www.icelandair.com
URL: https://www.icelandair.com/app.708c76e4ff882a2ad5dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.174.68 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-174-68.fra54.r.cloudfront.net
Software: cloudinary /
Resource Hash: 4aacfde951f0196df09d6abcdfbab9597c5405af02537faf773905201167dc44

Request headers

Referer: https://www.icelandair.com/is/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 04:49:40 GMT
via: 1.1 varnish, 1.1 09f4ecc806a7e34780fd19a93b984724.cloudfront.net (CloudFront)
age: 107182
edge-cache-tag: 438499235996545713079683965977505506207,314994147895406482447376983479527673544,3504db265fc3fe876ff0ee3e475954d8
status: 200
x-cache: Hit from cloudfront
content-length: 802
x-served-by: cache-fra19157-FRA
last-modified: Tue, 17 Jul 2018 12:23:53 GMT
server: cloudinary
x-timer: S1568695781.573542,VS0,VE1
etag: "df0ced1291f572fed4a3aac20d8d3f91"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA54
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Range,User-Agent
x-amz-cf-id: Ec1VvootsCPctIgrKtCOBOjSl4ZNXUKsQOSK3Z5LacJT7U3GnULgpw==
x-cache-hits: 1

GET
H2 200 blt73eb6d347e68046b.jpg
pixels-cache.icelandair.com/upload/w_80%2Ch_45%2Cg_auto%2Cc_fill%2Cf_auto%2Cq_auto%2Ce_blur:140/icelandair/ 810 B
1 KB 11ms
11ms Image
image/jpeg 52.222.174.68
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixels-cache.icelandair.com/upload/w_80%2Ch_45%2Cg_auto%2Cc_fill%2Cf_auto%2Cq_auto%2Ce_blur:140/icelandair/blt73eb6d347e68046b.jpg
Requested by: Host: www.icelandair.com
URL: https://www.icelandair.com/app.708c76e4ff882a2ad5dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.174.68 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-174-68.fra54.r.cloudfront.net
Software: cloudinary /
Resource Hash: fdebda5121fb40296c92af54738f5c019f42411b38bcf5cdaebe92a25ad4e3f5

Request headers

Referer: https://www.icelandair.com/is/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 09:51:21 GMT
via: 1.1 varnish, 1.1 09f4ecc806a7e34780fd19a93b984724.cloudfront.net (CloudFront)
age: 401857
edge-cache-tag: 498012309205542376936016959383307349747,424087156456528992043391794585255388999,3504db265fc3fe876ff0ee3e475954d8
status: 200
x-cache: Hit from cloudfront
content-length: 810
x-served-by: cache-hhn4064-HHN
last-modified: Tue, 17 Jul 2018 15:17:39 GMT
server: cloudinary
x-timer: S1568713881.010825,VS0,VE1
etag: "f1d78f786da8888f4b6c11f502153bff"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA54
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Range,User-Agent
x-amz-cf-id: RAvCIoy6hAl-jJ4uIOmXCPeDpHepCF4UnWcv7tMCfzqMKE_XBEMdfA==
x-cache-hits: 1

GET
H2 200 blt547df3cfbe852381.jpg
pixels-cache.icelandair.com/upload/w_80%2Ch_45%2Cg_auto%2Cc_fill%2Cf_auto%2Cq_auto%2Ce_blur:140/icelandair/ 642 B
1 KB 12ms
12ms Image
image/jpeg 52.222.174.68
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixels-cache.icelandair.com/upload/w_80%2Ch_45%2Cg_auto%2Cc_fill%2Cf_auto%2Cq_auto%2Ce_blur:140/icelandair/blt547df3cfbe852381.jpg
Requested by: Host: www.icelandair.com
URL: https://www.icelandair.com/app.708c76e4ff882a2ad5dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.174.68 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-174-68.fra54.r.cloudfront.net
Software: cloudinary /
Resource Hash: d7e32312789f76f0bf351c55d78187058cf94361a15a4a5e56bf169acd93275c

Request headers

Referer: https://www.icelandair.com/is/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Tue, 12 Nov 2019 17:41:28 GMT
via: 1.1 varnish, 1.1 09f4ecc806a7e34780fd19a93b984724.cloudfront.net (CloudFront)
age: 509962
edge-cache-tag: 417834722739783219315494587852293570498,424087156456528992043391794585255388999,3504db265fc3fe876ff0ee3e475954d8
status: 200
x-cache: Hit from cloudfront
content-length: 642
x-served-by: cache-hhn4057-HHN
last-modified: Mon, 16 Jul 2018 18:34:27 GMT
server: cloudinary
x-timer: S1568791749.091425,VS0,VE151
etag: "58eb1187af8efc89f0e351deaec1af31"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, no-transform, immutable, max-age=2592000
x-amz-cf-pop: FRA54
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Range,User-Agent
x-amz-cf-id: l1WtPbAYkUFW3Qgt2TY-P5M8RzErWYooUmgX85e5eRhpOgxSaf1odg==
x-cache-hits: 0

GET
H/1.1 200
OK esw.min.js Show response
icelandair.my.salesforce.com/embeddedservice/5.0/ 28 KB
9 KB 61ms
11ms Script
application/x-javascript 85.222.129.209
Salesforce.com

General

Check archive.org

Show headers Download Go to

Full URL

https://icelandair.my.salesforce.com/embeddedservice/5.0/esw.min.js

Requested by

Host: www.icelandair.com
URL: https://www.icelandair.com/app.708c76e4ff882a2ad5dc.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

85.222.129.209 , United Kingdom, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),

Reverse DNS

dcl4-frf.eu13-frf.my.salesforce.com

Software

Resource Hash

10958248c2a8e8629601a59c888ae5dfd1d73ba7f41fb7ab5bb35fa6e26dc64e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536002; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Fri, 22 Nov 2019 20:59:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 24 Oct 2019 15:36:26 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/00D0Y000001f2bvm"
Strict-Transport-Security: max-age=31536002; includeSubDomains
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00D0Y000001f2bvm";
Accept-Ranges: bytes
X-Robots-Tag: none
Expires: Sat, 23 Nov 2019 20:59:09 GMT

GET
H2 200 bltfc81f5ee9c19b106.jpg
pixels-cache.icelandair.com/upload/w_1500%2Ch_600,g_north_west,c_fill,f_auto%2Cq_auto/icelandair/ 75 KB
76 KB 21ms
21ms Image
image/jpeg 52.222.174.68
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixels-cache.icelandair.com/upload/w_1500%2Ch_600,g_north_west,c_fill,f_auto%2Cq_auto/icelandair/bltfc81f5ee9c19b106.jpg

Requested by

Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.222.174.68 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-52-222-174-68.fra54.r.cloudfront.net

Software

Cloudinary /

Resource Hash

feb8fb9eed605ee3c38e270e5ce725b2350e9a8a7d153ace19be2c27a8cae7e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 14:32:14 GMT
via: 1.1 09f4ecc806a7e34780fd19a93b984724.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA54
x-cache: Hit from cloudfront
status: 200
server-timing: cloudinary;dur=43;start=2019-11-15T14:32:14.819Z,fastly;dur=0;total=132;start=2019-11-15T14:32:14.776Z;desc=MISS,rtt;dur=1
content-length: 76888
last-modified: Fri, 15 Nov 2019 14:14:11 GMT
server: Cloudinary
etag: "7a4dc8ebb59ccff57874a1902c233426"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Server-Timing
cache-control: public, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: rpCQhiLGrFsbFfEvofjrXdyKv0Jwm-Eez7iCGib-FgAMQvRsTai7FQ==

OPTIONS
H2 200 session_started
www.icelandair.com/api/eventlogging/v1/log/ 0
0 114ms
114ms XHR
text/plain 13.225.78.13
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.icelandair.com/api/eventlogging/v1/log/session_started
Requested by: Host: www.icelandair.com
URL: https://www.icelandair.com/app.708c76e4ff882a2ad5dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.13 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-78-13.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Access-Control-Request-Method: POST
Origin: https://phishing.cyberhub.at
Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers: authorization,content-type

Response headers

OPTIONS
H2 200 page_viewed
www.icelandair.com/api/eventlogging/v1/log/ 0
0 115ms
115ms XHR
text/plain 13.225.78.13
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.icelandair.com/api/eventlogging/v1/log/page_viewed
Requested by: Host: www.icelandair.com
URL: https://www.icelandair.com/app.708c76e4ff882a2ad5dc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.13 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-78-13.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Access-Control-Request-Method: POST
Origin: https://phishing.cyberhub.at
Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers: authorization,content-type

Response headers

GET
H2 200 bltf2847770c998d7ef.jpg
pixels-cache.icelandair.com/upload/w_500%2Ch_300,g_auto,c_fill,f_auto%2Cq_auto/icelandair/ 36 KB
37 KB 10ms
9ms Image
image/jpeg 52.222.174.68
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixels-cache.icelandair.com/upload/w_500%2Ch_300,g_auto,c_fill,f_auto%2Cq_auto/icelandair/bltf2847770c998d7ef.jpg
Requested by: Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.174.68 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-174-68.fra54.r.cloudfront.net
Software: cloudinary /
Resource Hash: b200ee300cc4d4bf7afe30bfb1ed1aef92f158f6e7e197a4f83d61168af8b620

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 16:22:09 GMT
via: 1.1 varnish, 1.1 09f4ecc806a7e34780fd19a93b984724.cloudfront.net (CloudFront)
age: 16620
edge-cache-tag: 202341593660264392345842948659500718373,274788562707936960202265574514228396117,3504db265fc3fe876ff0ee3e475954d8
status: 200
x-cache: Hit from cloudfront
content-length: 37029
x-served-by: cache-fra19169-FRA
last-modified: Mon, 13 Aug 2018 10:58:06 GMT
server: cloudinary
x-timer: S1571846690.758749,VS0,VE1
etag: "cf71f4aa4fc948b315f5860688925f42"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, no-transform, immutable, max-age=2592000
x-amz-cf-pop: FRA54
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Range,User-Agent
x-amz-cf-id: iyXPP0btEC6b_9sOlYR4BG8-3YTOtbCc9AGlHyCXcUMC8p2dYo4yjQ==
x-cache-hits: 1

GET
H2 200 blt7cf00f5ae4229d57.jpg
pixels-cache.icelandair.com/upload/w_500%2Ch_300,g_auto,c_fill,f_auto%2Cq_auto/icelandair/ 45 KB
45 KB 17ms
17ms Image
image/jpeg 52.222.174.68
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixels-cache.icelandair.com/upload/w_500%2Ch_300,g_auto,c_fill,f_auto%2Cq_auto/icelandair/blt7cf00f5ae4229d57.jpg
Requested by: Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.174.68 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-174-68.fra54.r.cloudfront.net
Software: cloudinary /
Resource Hash: d25e9332dad86eacb13664f7de4b7143ba6f4e198443cb2184156ab87db6e724

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Wed, 18 Sep 2019 07:32:38 GMT
via: 1.1 varnish, 1.1 09f4ecc806a7e34780fd19a93b984724.cloudfront.net (CloudFront)
age: 207587
edge-cache-tag: 496473911391340198874252796350145166969,274788562707936960202265574514228396117,3504db265fc3fe876ff0ee3e475954d8
status: 200
x-cache: Hit from cloudfront
content-length: 45801
x-served-by: cache-hhn4051-HHN
last-modified: Mon, 13 Aug 2018 10:58:09 GMT
server: cloudinary
x-timer: S1568791959.541465,VS0,VE151
etag: "ad1a39328df59c494a6a5434d9aba6cd"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA54
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Range,User-Agent
x-amz-cf-id: k8paVk_2hOr5vsbdDOi8DV2R4-wFu3Urh4MgXhN14Ta2L9KkJihdGg==
x-cache-hits: 0

GET
H2 200 blt579dbb468c324c71.jpg
pixels-cache.icelandair.com/upload/w_500%2Ch_300,g_north,c_fill,f_auto%2Cq_auto/icelandair/ 34 KB
35 KB 15ms
15ms Image
image/jpeg 52.222.174.68
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixels-cache.icelandair.com/upload/w_500%2Ch_300,g_north,c_fill,f_auto%2Cq_auto/icelandair/blt579dbb468c324c71.jpg
Requested by: Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.174.68 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-174-68.fra54.r.cloudfront.net
Software: cloudinary /
Resource Hash: 17c292ff71a58ddb5c52741dbfad313bfa19e0fd365ccc539d4162c321443ca3

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 04:49:41 GMT
via: 1.1 varnish, 1.1 09f4ecc806a7e34780fd19a93b984724.cloudfront.net (CloudFront)
age: 107182
edge-cache-tag: 438499235996545713079683965977505506207,336929290331767490903410822978018374486,3504db265fc3fe876ff0ee3e475954d8
status: 200
x-cache: Hit from cloudfront
content-length: 35276
x-served-by: cache-hhn4051-HHN
last-modified: Wed, 15 Aug 2018 12:24:26 GMT
server: cloudinary
x-timer: S1568695781.091751,VS0,VE1
etag: "4c7a0b7c662893505002a801ee68da85"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA54
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Range,User-Agent
x-amz-cf-id: OrsrWDordAIxlZPwOXSggnmOuMI5bpyZndM6W5YyeosTNLWt-gRNKw==
x-cache-hits: 1

GET
H2 200 blt73eb6d347e68046b.jpg
pixels-cache.icelandair.com/upload/w_500%2Ch_300,g_auto,c_fill,f_auto%2Cq_auto/icelandair/ 55 KB
56 KB 16ms
16ms Image
image/jpeg 52.222.174.68
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixels-cache.icelandair.com/upload/w_500%2Ch_300,g_auto,c_fill,f_auto%2Cq_auto/icelandair/blt73eb6d347e68046b.jpg
Requested by: Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.174.68 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-174-68.fra54.r.cloudfront.net
Software: cloudinary /
Resource Hash: 61e2caddc3bc8b4c891e5f264f5b97493f72d9d9ec33004b525539b9b0a0bfa2

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 09:51:21 GMT
via: 1.1 varnish, 1.1 09f4ecc806a7e34780fd19a93b984724.cloudfront.net (CloudFront)
age: 401857
edge-cache-tag: 498012309205542376936016959383307349747,274788562707936960202265574514228396117,3504db265fc3fe876ff0ee3e475954d8
status: 200
x-cache: Hit from cloudfront
content-length: 56519
x-served-by: cache-fra19176-FRA
last-modified: Mon, 13 Aug 2018 13:17:14 GMT
server: cloudinary
x-timer: S1568713882.726642,VS0,VE1
etag: "f9545c50b662addf6f240f141ce7a8cb"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA54
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Range,User-Agent
x-amz-cf-id: CsntTsnNoc8d8AJu9uQ5l00NivODnSOfFCBy-onKgSBLzQUg8XjFTw==
x-cache-hits: 1

GET
H2 200 blt547df3cfbe852381.jpg
pixels-cache.icelandair.com/upload/w_500%2Ch_300,g_auto,c_fill,f_auto%2Cq_auto/icelandair/ 20 KB
21 KB 17ms
17ms Image
image/jpeg 52.222.174.68
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixels-cache.icelandair.com/upload/w_500%2Ch_300,g_auto,c_fill,f_auto%2Cq_auto/icelandair/blt547df3cfbe852381.jpg
Requested by: Host: phishing.cyberhub.at
URL: https://phishing.cyberhub.at/?rid=Ybz9JNp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.174.68 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-174-68.fra54.r.cloudfront.net
Software: cloudinary /
Resource Hash: 02904bdaa0e638b6c63b6036b0db33d4ce0b0b172b86bec729f2a6443f668cb7

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Wed, 18 Sep 2019 07:29:09 GMT
via: 1.1 varnish, 1.1 09f4ecc806a7e34780fd19a93b984724.cloudfront.net (CloudFront)
age: 401857
edge-cache-tag: 417834722739783219315494587852293570498,274788562707936960202265574514228396117,3504db265fc3fe876ff0ee3e475954d8
status: 200
x-cache: Hit from cloudfront
content-length: 20880
x-served-by: cache-fra19145-FRA
last-modified: Tue, 14 Aug 2018 11:58:02 GMT
server: cloudinary
x-timer: S1568791749.352597,VS0,VE1
etag: "088831cdc2d46bfeab5899afe168064c"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA54
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Range,User-Agent
x-amz-cf-id: sJ4ER70LbPzSIcJd-0aJ5tXosdRtJOZvVocddugFX7bginM2NOyRVA==
x-cache-hits: 1

GET
H/1.1 200
OK esw.min.css
service.force.com/embeddedservice/5.0/ 8 KB
5 KB 121ms
18ms Stylesheet
text/css 161.71.1.166
Salesforce.com

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.min.css

Requested by

Host: icelandair.my.salesforce.com
URL: https://icelandair.my.salesforce.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.1.166 London, United Kingdom, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),

Reverse DNS

dcl4-ncg0-lhr3.um4-lo2.force.com

Software

Resource Hash

f33990d4691a89cd87e4d4e0bde1ac8f5dfcf32fbd8d838ec206d790f24531e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Fri, 22 Nov 2019 10:44:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 22 Aug 2019 23:00:22 GMT
Age: 36893
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public,max-age=86400
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Accept-Ranges: bytes
X-Robots-Tag: none
Content-Length: 3946
X-XSS-Protection: 1; mode=block
Expires: Sat, 23 Nov 2019 10:44:16 GMT

GET
H/1.1 200
OK liveagent.esw.min.js Show response
service.force.com/embeddedservice/5.0/client/ 13 KB
5 KB 121ms
19ms Script
application/x-javascript 161.71.1.166
Salesforce.com

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js

Requested by

Host: icelandair.my.salesforce.com
URL: https://icelandair.my.salesforce.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.1.166 London, United Kingdom, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),

Reverse DNS

dcl4-ncg0-lhr3.um4-lo2.force.com

Software

Resource Hash

9462aa1fa784087dd094701321025336abf77e8c122358b8699fcb91906820ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Fri, 22 Nov 2019 14:16:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 24159
Content-Length: 3952
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin
Last-Modified: Thu, 24 Oct 2019 15:36:26 GMT
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: public,max-age=86400
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Accept-Ranges: bytes
X-Robots-Tag: none
Expires: Sat, 23 Nov 2019 14:16:30 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
59 B 6ms
5ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
Origin: https://phishing.cyberhub.at
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryCnS1KT8ROBbA94ji

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
access-control-allow-origin: https://phishing.cyberhub.at
date: Fri, 22 Nov 2019 20:59:09 GMT
content-type: text/plain
status: 200
access-control-allow-credentials: true
alt-svc: h3-23=":443"; ma=3600
content-length: 0

OPTIONS
H/1.1 200
OK log Show response
errors.client.optimizely.com/ 13 B
412 B 88ms
88ms XHR
text/plain 3.225.17.244
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/public/8562715284/s/optimizely.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.17.244 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-3-225-17-244.compute-1.amazonaws.com
Software: /
Resource Hash: 16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12

Request headers

Access-Control-Request-Method: POST
Origin: https://phishing.cyberhub.at
Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Fri, 22 Nov 2019 20:59:09 GMT
Allow: POST,OPTIONS
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://phishing.cyberhub.at
Access-Control-Max-Age: 1800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin
Content-Length: 13

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
267 B 117ms
117ms Script
application/javascript 104.244.42.67
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nyzs6&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fphishing.cyberhub.at%2F%3Frid%3DYbz9JNp

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 20:59:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 110
pragma: no-cache
last-modified: Fri, 22 Nov 2019 20:59:09 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 8c479b45193ab957225094c8f830e2ab
x-transaction: 00b12595000f6947
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK Cookie set esw.html
service.force.com/embeddedservice/5.0/ Frame EE68 0
0 21ms
21ms Document
text/html 161.71.1.166
Salesforce.com

General

Check archive.org

Show headers Download Go to

Full URL

https://service.force.com/embeddedservice/5.0/esw.html?parent=https://phishing.cyberhub.at/?rid=Ybz9JNp

Requested by

Host: icelandair.my.salesforce.com
URL: https://icelandair.my.salesforce.com/embeddedservice/5.0/esw.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.71.1.166 London, United Kingdom, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),

Reverse DNS

dcl4-ncg0-lhr3.um4-lo2.force.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: service.force.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp

Response headers

Date: Fri, 22 Nov 2019 20:59:09 GMT
Public-Key-Pins-Report-Only: pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/nullm";
Expect-CT: max-age=86400, report-uri="https://a.forcesslreports.com/Expect-CT-report/nullm"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Security-Policy: upgrade-insecure-requests
X-Robots-Tag: none
Referrer-Policy: origin-when-cross-origin
Cache-Control: public,max-age=86400
Set-Cookie: BrowserId=7ehMhg1qEeqkUf8qz1ZF7A;Path=/;Domain=.force.com;Expires=Tue, 21-Jan-2020 20:59:09 GMT;Max-Age=5184000
Expires: Sat, 23 Nov 2019 20:59:09 GMT
Last-Modified: Fri, 02 Aug 2019 08:43:42 GMT
Content-Type: text/html;charset=UTF-8
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 58 KB
22 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-PX5HVTP&t=gtm10&cid=72595577.1574456349

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ac9f5edd2be44b5be929f4374e2d4e4e23d4ee59a50d342cbab682ca6626c02a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 20:59:09 GMT
content-encoding: br
last-modified: Fri, 22 Nov 2019 18:00:00 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 21994
x-xss-protection: 0
expires: Fri, 22 Nov 2019 20:59:09 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJ476ZB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 1532
date: Fri, 22 Nov 2019 20:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Fri, 22 Nov 2019 22:33:37 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
103 B 6ms
5ms Image
image/gif 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&aip=1&a=1625664900&t=timing&_s=2&dl=https%3A%2F%2Fphishing.cyberhub.at%2F%3Frid%3DYbz9JNp&ul=en-us&de=UTF-8&dt=Flug%20til%20Evr%C3%B3pu%20og%20Nor%C3%B0ur-Amer%C3%ADku%20%7C%20Icelandair&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&plt=1519&pdt=153&dns=36&rrt=0&srt=107&tcp=70&dit=733&clt=737&_gst=522&_gbt=854&_cst=446&_cbt=516&_u=aGDAiMADRAAAAC~&jid=&gjid=&cid=72595577.1574456349&tid=UA-100058470-6&_gid=646825255.1574456349&gtm=2wgav9KJ476ZB&cg1=Portal&cg2=IS-is&cd9=FI%2FIS%2Fis%2FPortal&z=411912045

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Nov 2019 05:06:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 229951
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
103 B 5ms
5ms Image
image/gif 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=1625664900&t=timing&_s=2&dl=https%3A%2F%2Fphishing.cyberhub.at%2F%3Frid%3DYbz9JNp&ul=en-us&de=UTF-8&dt=Flug%20til%20Evr%C3%B3pu%20og%20Nor%C3%B0ur-Amer%C3%ADku%20%7C%20Icelandair&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&plt=1519&pdt=153&dns=36&rrt=0&srt=107&tcp=70&dit=733&clt=737&_gst=522&_gbt=854&_cst=446&_cbt=516&_u=aGDACMADRAAAAC~&jid=&gjid=&cid=72595577.1574456349&tid=UA-100058470-1&_gid=646825255.1574456349&gtm=2wgav9KJ476ZB&cd9=Icelandair%20Web&cd7=is-IS&cd8=blt715fda00704788b2&z=344018566

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Nov 2019 05:06:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 229951
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content log Show response
errors.client.optimizely.com/ 0
246 B 87ms
87ms XHR
text/plain 3.225.17.244
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.17.244 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-3-225-17-244.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://phishing.cyberhub.at/?rid=Ybz9JNp
Origin: https://phishing.cyberhub.at
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://phishing.cyberhub.at
Access-Control-Expose-Headers
Access-Control-Allow-Credentials: true
Connection: keep-alive
Date: Fri, 22 Nov 2019 20:59:09 GMT
Content-Type: text/plain

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.icelandair.com
URL: https://www.icelandair.com/static/fonts/NeueHaasUnicaPro/34843D_A_0.woff2

Domain: www.icelandair.com
URL: https://www.icelandair.com/static/fonts/NeueHaasUnicaPro/34843D_C_0.woff2

Domain: www.icelandair.com
URL: https://www.icelandair.com/static/fonts/Altitude/Altitude-Medium.woff2

Domain: www.icelandair.com
URL: https://www.icelandair.com/static/fonts/NeueHaasUnicaPro/34843D_3_0.woff2

Domain: www.icelandair.com
URL: https://www.icelandair.com/static/fonts/Altitude/Altitude-Regular.woff2

Domain: www.icelandair.com
URL: https://www.icelandair.com/static/fonts/NeueHaasUnicaPro/34843D_8_0.woff2

Domain: www.icelandair.com
URL: https://www.icelandair.com/static/fonts/Altitude/Altitude-Medium.woff

Domain: www.icelandair.com
URL: https://www.icelandair.com/static/fonts/NeueHaasUnicaPro/34843D_A_0.woff

Domain: www.icelandair.com
URL: https://www.icelandair.com/static/fonts/NeueHaasUnicaPro/34843D_C_0.woff

Domain: www.icelandair.com
URL: https://www.icelandair.com/static/fonts/NeueHaasUnicaPro/34843D_8_0.woff

Domain: www.icelandair.com
URL: https://www.icelandair.com/static/fonts/Altitude/Altitude-Regular.woff

Domain: www.icelandair.com
URL: https://www.icelandair.com/static/fonts/NeueHaasUnicaPro/34843D_3_0.woff

Domain: www.icelandair.com
URL: https://www.icelandair.com/static/fonts/Altitude/Altitude-Medium.ttf

Domain: www.icelandair.com
URL: https://www.icelandair.com/static/fonts/NeueHaasUnicaPro/34843D_A_0.ttf

Domain: www.icelandair.com
URL: https://www.icelandair.com/static/fonts/NeueHaasUnicaPro/34843D_C_0.ttf

Domain: www.icelandair.com
URL: https://www.icelandair.com/static/fonts/Altitude/Altitude-Regular.ttf

Domain: www.icelandair.com
URL: https://www.icelandair.com/static/fonts/NeueHaasUnicaPro/34843D_8_0.ttf

Domain: www.icelandair.com
URL: https://www.icelandair.com/static/fonts/NeueHaasUnicaPro/34843D_3_0.ttf

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
phishing.cyberhub.at/	1969-12-31 23:59:59	Name: ice_lastEventSent Value: 1574456349310
.cyberhub.at/	1970-01-22 20:56:56	Name: reduxPersistIndex Value: [%22persist:auth%22]
.doubleclick.net/	1970-01-19 14:42:32	Name: IDE Value: AHWqTUkYetuzZnvDm4lm5vddHmTl68jLHSpIgoYRLyXjd-EUK9RfyYdV1WVtVUap
phishing.cyberhub.at/	1969-12-31 23:59:59	Name: ice_sessionStarted Value: true
.cyberhub.at/	1970-01-22 20:56:56	Name: persist%3Aauth Value: {%22valid%22:%22false%22%2C%22isFetching%22:%22false%22%2C%22_persist%22:%22{%5C%22version%5C%22:-1%2C%5C%22rehydrated%5C%22:true}%22}
.cyberhub.at/	1970-01-19 05:20:56	Name: _gat_UA-100058470-1 Value: 1
.cyberhub.at/	1970-01-19 05:20:56	Name: _dc_gtm_UA-100058470-6 Value: 1
.cyberhub.at/	1970-01-19 05:22:22	Name: _gid Value: GA1.2.646825255.1574456349
.cyberhub.at/	1970-01-19 22:52:08	Name: _ga Value: GA1.2.72595577.1574456349
.cyberhub.at/	1970-01-19 07:30:32	Name: _fbp Value: fb.1.1574456349128.165954645
phishing.cyberhub.at/	1970-01-22 21:01:15	Name: ice_uuid Value: 40fcb008-b19b-46b3-b555-9a7992c44651
phishing.cyberhub.at/	1969-12-31 23:59:59	Name: ice_sessionId Value: 1574456349307
.cyberhub.at/	1970-01-19 07:30:32	Name: _gcl_au Value: 1.1.70617337.1574456349

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://www.icelandair.com/app.708c76e4ff882a2ad5dc.js(Line 179) Message: [bugsnag] Loaded!

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5325168.fls.doubleclick.net
ad.doubleclick.net
ads.travelaudience.com
adservice.google.com
analytics.twitter.com
bat.bing.com
cdn.optimizely.com
connect.facebook.net
errors.client.optimizely.com
fullstory.com
googleads.g.doubleclick.net
icelandair.my.salesforce.com
phishing.cyberhub.at
pixels-cache.icelandair.com
q.bstatic.com
rs.fullstory.com
s.yimg.com
service.force.com
sessions.bugsnag.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
w.usabilla.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.icelandair.com
www.icelandair.com
104.244.42.67
104.244.42.69
13.225.78.13
151.101.112.157
161.71.1.166
172.217.21.230
172.217.23.98
2001:4860:4802:36::15
2620:1ec:c11::200
2a00:1288:f03d:1fa::2000
2a00:1450:4001:800::2004
2a00:1450:4001:806::2003
2a00:1450:4001:808::200e
2a00:1450:4001:819::2002
2a00:1450:4001:81b::2008
2a00:1450:4001:81c::2002
2a00:1450:400c:c08::9d
2a02:26f0:6c00:181::13b8
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.225.17.244
35.186.194.58
35.190.0.66
35.190.88.7
5.57.17.99
52.222.174.68
54.77.20.174
85.222.129.209
90.146.7.3
02904bdaa0e638b6c63b6036b0db33d4ce0b0b172b86bec729f2a6443f668cb7
0900cc5bdb5a9b31035214ecb22ea2d8c76563052d07db402cd99e5315d2598d
0a573fe5f45483f715b23ef88f4ec79bc2ccb6f0b273cf378faaf2201e9e4531
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0d38b9cd3b9224e370f9283171222e36e350b2e7fb12b3981b30deca95a8cbe6
0d6f67ad4ef16f69d04d1d86fac8b5ad460b145b86a363ebc91d76cf0b98b721
10958248c2a8e8629601a59c888ae5dfd1d73ba7f41fb7ab5bb35fa6e26dc64e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13064e6beb64237b4b1d0ad0981317636135b306f071c28b4ec5e938b0d0a800
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
17c292ff71a58ddb5c52741dbfad313bfa19e0fd365ccc539d4162c321443ca3
19d9e91ccd136dde91ccc3097b7108b79b7e53794349ab1849e3bc9e3135a749
1a052772b12b3f9f3d47958687439a18596431ffd6c06566a0cdf1cedcdc311b
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
31a2dff11fb3789bdf4f432de711f80969395dcaf2854c56ef635bcd127ef63b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4aacfde951f0196df09d6abcdfbab9597c5405af02537faf773905201167dc44
61e2caddc3bc8b4c891e5f264f5b97493f72d9d9ec33004b525539b9b0a0bfa2
69e3a796f4b120879065a812b95b56fd4d28f88faf8c1976ad9b0fa2f31dc0eb
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6e5f4be86330152faf5b11d458d2d9c6c16a13b472d8276fbfea0934c96cd1d6
6ee805b7b405789f22b3c8f6eb6ed9dc70f4dea8baf6471e69c4754c06233cf0
764934a7bd43ca9db4f39284e1e8945bb4b1960cd82062cf12f6e857b945602f
79eb80eefa1fdd403d49406acef77d01553c8a91cf2886e5580f509815d69f32
7edb2213c1f4f569617389783ba544f9997d11a1fc5e54406582b25967bfde66
81f6adcfaa579637c9539e8eb6376a92bae5544fc0e2755bb100055b00b7c9e0
826bbbaf6bf5386012412b1b5f41c2554528c5005b342e84f1791bc9ec982f07
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84c0ca1efc4704e0af66ab44b08a03b85002ccf147a9d959506acb811348d923
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
9462aa1fa784087dd094701321025336abf77e8c122358b8699fcb91906820ad
973ba412c47abddeb91a7d4d9c7c2fa648a9bb444d797f720ebf768f0cbbd39c
a7d9cec51905cc029a38f975ae54fccb19ae25baa67e836e17d09b3af756efd7
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ac9f5edd2be44b5be929f4374e2d4e4e23d4ee59a50d342cbab682ca6626c02a
b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721
b14c7ee3ee295c22302a438cdf74c789da16025d2f1278bdd9ac1623994d2f10
b200ee300cc4d4bf7afe30bfb1ed1aef92f158f6e7e197a4f83d61168af8b620
c6254280f2ddca6be619d1471b696f6081d8a37b2e4ec4b8d2ceb5ccfb7ebaf1
cdc68713ee7ddd9826413561a37f30b27e2e075130cb8ef1a339dc460181f7bb
d25e9332dad86eacb13664f7de4b7143ba6f4e198443cb2184156ab87db6e724
d7e32312789f76f0bf351c55d78187058cf94361a15a4a5e56bf169acd93275c
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e10f1ac43bcfaf848fa964091ccd9b94229f0dfb9a831cbebd0f7a489fbdda2f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f15f76413ad7daa76cdac98ef1992f8955ffdcecf5277ace23135598fe5f0c9e
f20f83cb7683a1a3138cd52201d83436e33a5e67ef0b9c96bbdab860b5f7da16
f33990d4691a89cd87e4d4e0bde1ac8f5dfcf32fbd8d838ec206d790f24531e1
fdebda5121fb40296c92af54738f5c019f42411b38bcf5cdaebe92a25ad4e3f5
feb8fb9eed605ee3c38e270e5ce725b2350e9a8a7d153ace19be2c27a8cae7e3

phishing.cyberhub.at Open in urlscan Pro 90.146.7.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

95 Requests

81 %HTTPS

45 %IPv6

23 Domains

30 Subdomains

30 IPs

8 Countries

1866 kBTransfer

6402 kBSize

13 Cookies

47 Outgoing links

Redirected requests

95 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

phishing.cyberhub.at Open in urlscan Pro
90.146.7.3 Public Scan

Screenshot
Live screenshot

Full Image

95
Requests

81 %
HTTPS

45 %
IPv6

23
Domains

30
Subdomains

30
IPs

8
Countries

1866 kB
Transfer

6402 kB
Size

13
Cookies

95 HTTP transactions
2 data transactions