| ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js | 216.58.211.10 | 200 OK | 33 kB |
URL GET HTTP/2ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js IP216.58.211.10:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeJavaScript source, ASCII text, with very long lines (32086) Hash8101d596b2b8fa35fe3a634ea342d7c3 d6c1f41972de07b09bfa63d2e50f9ab41ec372bd 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
GET /ajax/libs/jquery/1.11.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f.asx2.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33434
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:47:24 GMT
expires: Fri, 02 May 2025 01:47:24 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 190564
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js | 216.58.211.10 | 200 OK | 33 kB |
URL GET HTTP/2ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js IP216.58.211.10:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeJavaScript source, ASCII text, with very long lines (32086) Hash8101d596b2b8fa35fe3a634ea342d7c3 d6c1f41972de07b09bfa63d2e50f9ab41ec372bd 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
GET /ajax/libs/jquery/1.11.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://g.xce3.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33434
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:47:24 GMT
expires: Fri, 02 May 2025 01:47:24 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 190565
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 563cdn.com/images/laptopfree.jpeg | 188.114.97.1 | | 91 kB |
URL 563cdn.com/images/laptopfree.jpeg IP188.114.97.1:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1082x672, components 3 Hashad43c64a98ce069e008bd61dbd64f87e c8882647f2bc82bcb66752ed094dd4d9e5c6ec4c 7887bebae5fca7fb2139245ab9ae67b401da166c6737367a98097b73b7db8dda
GET /images/laptopfree.jpeg HTTP/1.1
Host: 563cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://g.xce3.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 06:43:29 GMT
content-type: image/jpeg
content-length: 90602
etag: "ad43c64a98ce069e008bd61dbd64f87e"
last-modified: Wed, 24 Jan 2024 01:59:12 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v%2B5IS0ZAIeR%2FZD6jMnjKZj5%2FN9yh%2BbnG5IfmGIPG7wugDDCeiZY34ruDlxwZPFZwOLmqVlaQw61xQ14YZXHDUhLMcI4SjJivjhB%2Fdf0NtVo9yCKPWtjAcTp1zs%2FE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6844a1bb356ae-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| tj.657g.xyz/api/event | 188.114.97.1 | | 2 B |
IP188.114.97.1:0
File typeASCII text, with no line terminators Hash444bcb3a3fcf8389296c49467f27e1d6 7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Analyzer | Verdict | Alert | OpenPhish | phishing | PayPal Inc. |
POST /api/event HTTP/1.1
Host: tj.657g.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 97
Origin: https://g.xce3.xyz
DNT: 1
Connection: keep-alive
Referer: https://g.xce3.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 202 Accepted
date: Sat, 04 May 2024 06:43:29 GMT
content-type: text/plain; charset=utf-8
content-length: 2
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
x-request-id: F8w2MBugu7D5OsUOHj0i
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wkcB%2BTihfHrvKo9C4%2FEb6RRxYQilow7aSfqEm991lVcLWWYP0YYANXvZkzP1forcAqwlSnLUi2dZiRd1v72QdQLpm8k%2BfblH574I1cDZw%2BKGop%2Fnr0%2BLn4o3n2%2FisQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6844b3e79b4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| g.xce3.xyz/favicon.ico | 104.21.81.142 | | 7.2 kB |
IP104.21.81.142:0
File typeHTML document, ASCII text Hash5a5e8efb2b060a20e1e745e3f0115664 72f17dfd86e34d991d94ebfd967635b849b56bd0 5d1d75b702f13e1bb14ff8d52cac1690acacec3a15821af7fe482a79afda5b99
GET /favicon.ico HTTP/1.1
Host: g.xce3.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://g.xce3.xyz/
Cookie: loclang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Sat, 04 May 2024 06:43:29 GMT
content-type: text/html
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gif6bc1KqvOf2UvhVeOC3XWaReSP5ZpU60mc%2BI5LOzwON6QjlH0dGwhmuidvEyZ%2BeSix0QMeVUJ2pwEmGmbT7qhJFg%2FamEzDbeFqs7YTlhZYaO%2B5G0yv9iVGjFO3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e6844ca947b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| | 104.21.81.142 | 200 OK | 17 kB |
URL User Request GET HTTP/2IP104.21.81.142:443
CertificateIssuerGoogle Trust Services LLC Subjectxce3.xyz Fingerprint8A:C2:40:E0:18:07:7F:1A:8C:91:03:ED:15:1C:7C:0C:18:8A:B4:0D ValidityFri, 03 May 2024 19:03:18 GMT - Thu, 01 Aug 2024 19:03:17 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: g.xce3.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f.asx2.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 06:43:28 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: loclang=en; expires=Sun, 05-May-2024 06:43:28 GMT; Max-Age=86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ljM%2BqT2TR2CaVu9t3TvD%2BA6183qyu2w5cbcQxfj%2FRNukKo%2BSUrQWJq3NLM8ei3iv%2F%2BULnkfs65QW9BTaUPlwUWNhCWhUmkFO9SZpKUHXPjjWYnb5PGyTftXXOCsH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e684489aeb569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| tj.657g.xyz/js/script.js | 188.114.97.1 | 200 OK | 1.3 kB |
IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subject657g.xyz Fingerprint62:A7:5F:68:68:61:92:3D:96:17:20:8B:09:D3:38:03:80:11:C4:39 ValidityFri, 03 May 2024 08:38:58 GMT - Thu, 01 Aug 2024 08:38:57 GMT
File typeASCII text, with very long lines (1384), with no line terminators Hash16cfd1982a40489c41a52add24d36b85 344f1896d895c5d0a7c4caecafcf1942603cd026 72073aacecd145e525b16c4c845c07bff5798e813eeed702dff748a18b6186ce
Analyzer | Verdict | Alert | OpenPhish | phishing | PayPal Inc. |
GET /js/script.js HTTP/1.1
Host: tj.657g.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://g.xce3.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 06:43:29 GMT
content-type: application/javascript
cf-bgj: minify
expires: Sat, 04 May 2024 10:57:02 GMT
vary: Accept-Encoding
x-cache: HIT
access-control-allow-origin: *
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 28116
last-modified: Fri, 03 May 2024 22:54:53 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3YpXkj%2BkvHsT7NlbfJBmbXkGJktlVufqrk4KuvAxkCArCGQH7gmVzvWSJ%2BB8r9lfN20F9cliwJkCBIiMilG%2Bz6yslDj72s3myWphEQYTUJq9X7TlUDIASivHac78fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6844a5d1eb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|