| my.pcloud.re/static/js/bundle.js | 31.41.44.134 | 200 OK | 558 kB |
URL GET HTTP/2my.pcloud.re/static/js/bundle.js IP31.41.44.134:443
Requested byhttps://my.pcloud.re/login?cid=IzdfOQ5U1ptYdNly154RDsTv1jXz0wlLQbGTSY6x66BK7BlYdb5D41VuAgR4uuSnMcubw0qiD2R58YDrKS2PnCF8S07TOYWK2FXVS0o6vJztUowR7bwoVRng CertificateIssuerLet's Encrypt Subjectmy.pcloud.re Fingerprint5F:CB:BF:46:39:1A:FF:49:2E:BC:C1:38:8F:FE:FB:89:A9:FE:53:2D ValidityTue, 16 Apr 2024 18:44:16 GMT - Mon, 15 Jul 2024 18:44:15 GMT
File typegzip compressed data, from Unix Size558 kB (558187 bytes) Hash61bb6878051726cfef70f579b06ce7d1 9fe50cfdf4e154366dcf5d32e550be368dc472d7 82884531e0a94a497d3fafe6d5179c29c6cfe7b63c553ce2ef484dca56aefe7c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /static/js/bundle.js HTTP/1.1
Host: my.pcloud.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.pcloud.re/login?cid=IzdfOQ5U1ptYdNly154RDsTv1jXz0wlLQbGTSY6x66BK7BlYdb5D41VuAgR4uuSnMcubw0qiD2R58YDrKS2PnCF8S07TOYWK2FXVS0o6vJztUowR7bwoVRng
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
content-encoding: gzip
content-type: application/javascript; charset=utf-8
date: Wed, 24 Apr 2024 18:56:49 GMT
etag: W/"2a4348-q0n0Dc2pWiUVK1qGMtLOJp/N7dU"
vary: Accept-Encoding
x-powered-by: Express
X-Firefox-Spdy: h2
|
|
| my.pcloud.re/login?cid=IzdfOQ5U1ptYdNly154RDsTv1jXz0wlLQbGTSY6x66BK7BlYdb5D41VuAgR4uuSnMcubw0qiD2R58YDrKS2PnCF8S07TOYWK2FXVS0o6vJztUowR7bwoVRng | 31.41.44.134 | 200 OK | 4.8 kB |
URL User Request GET HTTP/2my.pcloud.re/login?cid=IzdfOQ5U1ptYdNly154RDsTv1jXz0wlLQbGTSY6x66BK7BlYdb5D41VuAgR4uuSnMcubw0qiD2R58YDrKS2PnCF8S07TOYWK2FXVS0o6vJztUowR7bwoVRng IP31.41.44.134:443
CertificateIssuerLet's Encrypt Subjectmy.pcloud.re Fingerprint5F:CB:BF:46:39:1A:FF:49:2E:BC:C1:38:8F:FE:FB:89:A9:FE:53:2D ValidityTue, 16 Apr 2024 18:44:16 GMT - Mon, 15 Jul 2024 18:44:15 GMT
File typegzip compressed data, from Unix Hash290e3be167f6db3a03784b1efb0df483 1b53c7fac52201234e0c4bfb6a7a12d83f7b04b4 0419458099f23cbc409115f517d76868925d02c7b464b954c51cbadefe8dcef3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login?cid=IzdfOQ5U1ptYdNly154RDsTv1jXz0wlLQbGTSY6x66BK7BlYdb5D41VuAgR4uuSnMcubw0qiD2R58YDrKS2PnCF8S07TOYWK2FXVS0o6vJztUowR7bwoVRng HTTP/1.1
Host: my.pcloud.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 24 Apr 2024 18:56:48 GMT
etag: W/"5eb-Ldmcg9AYLiq3sFOZAE0mYhcYPVg"
vary: Accept-Encoding
x-powered-by: Express
X-Firefox-Spdy: h2
|
|
| cdn.intake-lr.com/logger-1.min.js | 104.21.14.29 | 200 OK | 171 kB |
URL GET HTTP/2cdn.intake-lr.com/logger-1.min.js IP104.21.14.29:443
Requested byhttps://my.pcloud.re/login?cid=IzdfOQ5U1ptYdNly154RDsTv1jXz0wlLQbGTSY6x66BK7BlYdb5D41VuAgR4uuSnMcubw0qiD2R58YDrKS2PnCF8S07TOYWK2FXVS0o6vJztUowR7bwoVRng CertificateIssuerLet's Encrypt Subjectintake-lr.com FingerprintFA:C1:FF:AE:C2:23:61:13:24:06:13:26:32:0B:0C:7F:EA:F5:09:73 ValidityWed, 06 Mar 2024 23:57:02 GMT - Tue, 04 Jun 2024 23:57:01 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size171 kB (171051 bytes) Hashd88eb9920f55c7ba981b5799ddf8d25b 774a315ecbb1e160c07c6ff8ff20b6742ccefd37 0c051856e4f679679680e260b4f66cea790373b7fb6afb99861777dd7dd66da8
GET /logger-1.min.js HTTP/1.1
Host: cdn.intake-lr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.pcloud.re/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 18:56:49 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cross-origin-resource-policy: cross-origin
etag: W/"89aa0d196130a4f80d2aa77260ee84b84fb731baed50c94c7e62b021fb901229-br"
last-modified: Wed, 24 Apr 2024 18:48:59 GMT
strict-transport-security: max-age=31556926
x-served-by: cache-osl6529-OSL
x-cache: MISS
x-cache-hits: 0
x-timer: S1713984554.793574,VS0,VE220
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 152
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jWtW1gAkW%2BgW72G%2Fv5pTFBkDhr9bteqHZxUWVRIcys7p7O%2BqZ4ex9Y%2BnelxJUPwj0r3CzvOYWvwm%2BK%2FyMKNaa8d9obAUqKsTEbBh27LoY4llIse5wyvErwxWFaN7Hb13esCiDg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879850c74ad256cb-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 142.250.74.131 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP142.250.74.131:443
Requested byhttps://my.pcloud.re/login?cid=IzdfOQ5U1ptYdNly154RDsTv1jXz0wlLQbGTSY6x66BK7BlYdb5D41VuAgR4uuSnMcubw0qiD2R58YDrKS2PnCF8S07TOYWK2FXVS0o6vJztUowR7bwoVRng CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15920, version 1.0 Hash3a44e06eb954b96aa043227f3534189d 23cef6993ddb2b2979e8e7647fc3763694e2ba7d b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://my.pcloud.re
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:32:53 GMT
expires: Fri, 18 Apr 2025 02:32:53 GMT
cache-control: public, max-age=31536000
age: 577436
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.131 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.131:443
Requested byhttps://my.pcloud.re/login?cid=IzdfOQ5U1ptYdNly154RDsTv1jXz0wlLQbGTSY6x66BK7BlYdb5D41VuAgR4uuSnMcubw0qiD2R58YDrKS2PnCF8S07TOYWK2FXVS0o6vJztUowR7bwoVRng CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://my.pcloud.re
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:37:01 GMT
expires: Fri, 18 Apr 2025 02:37:01 GMT
cache-control: public, max-age=31536000
age: 577188
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 142.250.74.131 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP142.250.74.131:443
Requested byhttps://my.pcloud.re/login?cid=IzdfOQ5U1ptYdNly154RDsTv1jXz0wlLQbGTSY6x66BK7BlYdb5D41VuAgR4uuSnMcubw0qiD2R58YDrKS2PnCF8S07TOYWK2FXVS0o6vJztUowR7bwoVRng CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://my.pcloud.re
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 10:46:32 GMT
expires: Wed, 23 Apr 2025 10:46:32 GMT
cache-control: public, max-age=31536000
age: 115817
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| my.pcloud.re/logo192.png | 31.41.44.134 | 200 OK | 5.3 kB |
IP31.41.44.134:443
Requested byhttps://my.pcloud.re/login?cid=IzdfOQ5U1ptYdNly154RDsTv1jXz0wlLQbGTSY6x66BK7BlYdb5D41VuAgR4uuSnMcubw0qiD2R58YDrKS2PnCF8S07TOYWK2FXVS0o6vJztUowR7bwoVRng CertificateIssuerLet's Encrypt Subjectmy.pcloud.re Fingerprint5F:CB:BF:46:39:1A:FF:49:2E:BC:C1:38:8F:FE:FB:89:A9:FE:53:2D ValidityTue, 16 Apr 2024 18:44:16 GMT - Mon, 15 Jul 2024 18:44:15 GMT
File typePNG image data, 192 x 192, 8-bit colormap, non-interlaced Hash33dbdd0177549353eeeb785d02c294af 7f4f2d68782a7fafceda84554ecab9b489877500 c386396ec70db3608075b5fbfaac4ab1ccaa86ba05a68ab393ec551eb66c3e00
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /logo192.png HTTP/1.1
Host: my.pcloud.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.pcloud.re/login?cid=IzdfOQ5U1ptYdNly154RDsTv1jXz0wlLQbGTSY6x66BK7BlYdb5D41VuAgR4uuSnMcubw0qiD2R58YDrKS2PnCF8S07TOYWK2FXVS0o6vJztUowR7bwoVRng
Cookie: _lr_tabs_-mycloudses%2Flogin={%22sessionID%22:0%2C%22recordingID%22:%225-b8e6f886-84d5-4919-97ca-d84fc4e3c712%22%2C%22webViewID%22:null%2C%22lastActivity%22:1713985010021}; _lr_hb_-mycloudses%2Flogin={%22heartbeat%22:1713985010022}; _lr_uf_-mycloudses=90e6142d-c8b4-48dc-adc3-67e559b9bfad
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: public, max-age=0
content-type: image/png
date: Wed, 24 Apr 2024 18:56:50 GMT
etag: W/"14e3-18efef92a70"
last-modified: Sun, 21 Apr 2024 04:45:26 GMT
x-powered-by: Express
content-length: 5347
X-Firefox-Spdy: h2
|
|
| r.intake-lr.com/i?a=mycloudses%2Flogin&r=5-b8e6f886-84d5-4919-97ca-d84fc4e3c712&t=1c3a8ec0-9ea4-43f6-895c-43560a88b074&s=0&rs=0%2Cu&u=f7348c81-f822-4a5a-bb01-54f754f130e5&is=1 | 104.198.23.205 | 204 No Content | 0 B |
URL OPTIONS HTTP/2r.intake-lr.com/i?a=mycloudses%2Flogin&r=5-b8e6f886-84d5-4919-97ca-d84fc4e3c712&t=1c3a8ec0-9ea4-43f6-895c-43560a88b074&s=0&rs=0%2Cu&u=f7348c81-f822-4a5a-bb01-54f754f130e5&is=1 IP104.198.23.205:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://my.pcloud.re/login?cid=IzdfOQ5U1ptYdNly154RDsTv1jXz0wlLQbGTSY6x66BK7BlYdb5D41VuAgR4uuSnMcubw0qiD2R58YDrKS2PnCF8S07TOYWK2FXVS0o6vJztUowR7bwoVRng CertificateIssuerLet's Encrypt Subjectapi.logrocket.com Fingerprint3E:B3:D8:9E:94:E5:B8:E0:B2:FB:40:36:42:BA:B1:67:70:1E:A1:A3 ValidityFri, 05 Apr 2024 14:45:08 GMT - Thu, 04 Jul 2024 14:45:07 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /i?a=mycloudses%2Flogin&r=5-b8e6f886-84d5-4919-97ca-d84fc4e3c712&t=1c3a8ec0-9ea4-43f6-895c-43560a88b074&s=0&rs=0%2Cu&u=f7348c81-f822-4a5a-bb01-54f754f130e5&is=1 HTTP/1.1
Host: r.intake-lr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-logrocket-relay-version
Referer: https://my.pcloud.re/
Origin: https://my.pcloud.re
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Wed, 24 Apr 2024 18:56:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret,X-LogRocket-Relay-Version
access-control-max-age: 1728000
content-length: 0
X-Firefox-Spdy: h2
|
|
| r.intake-lr.com/i?a=mycloudses%2Flogin&r=5-b8e6f886-84d5-4919-97ca-d84fc4e3c712&t=1c3a8ec0-9ea4-43f6-895c-43560a88b074&s=0&rs=0%2Cu&u=f7348c81-f822-4a5a-bb01-54f754f130e5&is=1 | 104.198.23.205 | 204 No Content | 165 B |
URL OPTIONS HTTP/2r.intake-lr.com/i?a=mycloudses%2Flogin&r=5-b8e6f886-84d5-4919-97ca-d84fc4e3c712&t=1c3a8ec0-9ea4-43f6-895c-43560a88b074&s=0&rs=0%2Cu&u=f7348c81-f822-4a5a-bb01-54f754f130e5&is=1 IP104.198.23.205:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://my.pcloud.re/login?cid=IzdfOQ5U1ptYdNly154RDsTv1jXz0wlLQbGTSY6x66BK7BlYdb5D41VuAgR4uuSnMcubw0qiD2R58YDrKS2PnCF8S07TOYWK2FXVS0o6vJztUowR7bwoVRng CertificateIssuerLet's Encrypt Subjectapi.logrocket.com Fingerprint3E:B3:D8:9E:94:E5:B8:E0:B2:FB:40:36:42:BA:B1:67:70:1E:A1:A3 ValidityFri, 05 Apr 2024 14:45:08 GMT - Thu, 04 Jul 2024 14:45:07 GMT
Hash718ccbcd55db37c391512cb65953b9b4 f64b3bc2a1d438df87245b98925a2f7ce8f7a199 96cc9d14ff0939bd8435e082d7875ceba84b9a575dcf27cfec1e97adf2e3fa7a
POST /i?a=mycloudses%2Flogin&r=5-b8e6f886-84d5-4919-97ca-d84fc4e3c712&t=1c3a8ec0-9ea4-43f6-895c-43560a88b074&s=0&rs=0%2Cu&u=f7348c81-f822-4a5a-bb01-54f754f130e5&is=1 HTTP/1.1
Host: r.intake-lr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-LogRocket-Relay-Version: 2023.12.0
Content-Length: 43004
Origin: https://my.pcloud.re
DNT: 1
Connection: keep-alive
Referer: https://my.pcloud.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 201 Created
date: Wed, 24 Apr 2024 18:56:53 GMT
content-type: application/json; charset=utf-8
content-length: 165
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
etag: W/"a5-9ks7wqHUON+HJFuYklovfOj3oZk"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret,X-LogRocket-Relay-Version
access-control-max-age: 1728000
X-Firefox-Spdy: h2
|
|
| my.pcloud.re/favicon.ico | 31.41.44.134 | 200 OK | 2.2 kB |
IP31.41.44.134:443
Requested byhttps://my.pcloud.re/login?cid=IzdfOQ5U1ptYdNly154RDsTv1jXz0wlLQbGTSY6x66BK7BlYdb5D41VuAgR4uuSnMcubw0qiD2R58YDrKS2PnCF8S07TOYWK2FXVS0o6vJztUowR7bwoVRng CertificateIssuerLet's Encrypt Subjectmy.pcloud.re Fingerprint5F:CB:BF:46:39:1A:FF:49:2E:BC:C1:38:8F:FE:FB:89:A9:FE:53:2D ValidityTue, 16 Apr 2024 18:44:16 GMT - Mon, 15 Jul 2024 18:44:15 GMT
File typeMS Windows icon resource - 1 icon, 32x32, 8 bits/pixel Hashdf0a4ced55547409936727d7b07a3ab1 d594e92a8c2d66bcda165cd788269506015c8fcf 43e73d8fad149576cfba127a8780411cd793d45a837143e1ca0afad4f1ef4cbe
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: my.pcloud.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.pcloud.re/login?cid=IzdfOQ5U1ptYdNly154RDsTv1jXz0wlLQbGTSY6x66BK7BlYdb5D41VuAgR4uuSnMcubw0qiD2R58YDrKS2PnCF8S07TOYWK2FXVS0o6vJztUowR7bwoVRng
Cookie: _lr_tabs_-mycloudses%2Flogin={%22sessionID%22:0%2C%22recordingID%22:%225-b8e6f886-84d5-4919-97ca-d84fc4e3c712%22%2C%22webViewID%22:null%2C%22lastActivity%22:1713985010021}; _lr_hb_-mycloudses%2Flogin={%22heartbeat%22:1713985010022}; _lr_uf_-mycloudses=90e6142d-c8b4-48dc-adc3-67e559b9bfad
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: public, max-age=0
content-encoding: gzip
content-type: image/x-icon
date: Wed, 24 Apr 2024 18:56:50 GMT
etag: W/"8be-18efef92a70"
last-modified: Sun, 21 Apr 2024 04:45:26 GMT
vary: Accept-Encoding
x-powered-by: Express
X-Firefox-Spdy: h2
|
|
| my.pcloud.re:80/ws | 0.0.0.0 | | 0 B |
IP0.0.0.0:0
Requested byhttps://my.pcloud.re/login?cid=IzdfOQ5U1ptYdNly154RDsTv1jXz0wlLQbGTSY6x66BK7BlYdb5D41VuAgR4uuSnMcubw0qiD2R58YDrKS2PnCF8S07TOYWK2FXVS0o6vJztUowR7bwoVRng
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ws HTTP/1.1
Host: my.pcloud.re:80
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://my.pcloud.re
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 00w2ekVDn1p4o0JU/41a8w==
DNT: 1
Connection: keep-alive, Upgrade
Cookie: _lr_tabs_-mycloudses%2Flogin={%22sessionID%22:0%2C%22recordingID%22:%225-b8e6f886-84d5-4919-97ca-d84fc4e3c712%22%2C%22webViewID%22:null%2C%22lastActivity%22:1713985010021}; _lr_hb_-mycloudses%2Flogin={%22heartbeat%22:1713985010022}; _lr_uf_-mycloudses=90e6142d-c8b4-48dc-adc3-67e559b9bfad
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
|
|
| my.pcloud.re:80/ws | 0.0.0.0 | | 0 B |
IP0.0.0.0:0
Requested byhttps://my.pcloud.re/login?cid=IzdfOQ5U1ptYdNly154RDsTv1jXz0wlLQbGTSY6x66BK7BlYdb5D41VuAgR4uuSnMcubw0qiD2R58YDrKS2PnCF8S07TOYWK2FXVS0o6vJztUowR7bwoVRng
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ws HTTP/1.1
Host: my.pcloud.re:80
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://my.pcloud.re
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: XxB6qxxGqxqM3McT5klK/w==
DNT: 1
Connection: keep-alive, Upgrade
Cookie: _lr_tabs_-mycloudses%2Flogin={%22sessionID%22:0%2C%22recordingID%22:%225-b8e6f886-84d5-4919-97ca-d84fc4e3c712%22%2C%22webViewID%22:null%2C%22lastActivity%22:1713985010021}; _lr_hb_-mycloudses%2Flogin={%22heartbeat%22:1713985010022}; _lr_uf_-mycloudses=90e6142d-c8b4-48dc-adc3-67e559b9bfad
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic-ext,latin-ext,vietnamese | 142.250.74.106 | 200 OK | 8.7 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto:300,400,500,700&subset=cyrillic-ext,latin-ext,vietnamese IP142.250.74.106:443
Requested byhttps://my.pcloud.re/login?cid=IzdfOQ5U1ptYdNly154RDsTv1jXz0wlLQbGTSY6x66BK7BlYdb5D41VuAgR4uuSnMcubw0qiD2R58YDrKS2PnCF8S07TOYWK2FXVS0o6vJztUowR7bwoVRng CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeASCII text, with very long lines (8956), with no line terminators Hash91804c0df51e58b0bf469561e1ac2732 cc5a9023e310b49ef8f8ae32bb89ea774fe116ec 8a8aed46bfb9cdec8e34e76343b7e66796cf09926aef42efdfe5fa8a1fdda8aa
GET /css?family=Roboto:300,400,500,700&subset=cyrillic-ext,latin-ext,vietnamese HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.pcloud.re/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 24 Apr 2024 18:56:49 GMT
date: Wed, 24 Apr 2024 18:56:49 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Pathway+Gothic+One&display=swap | 142.250.74.106 | 200 OK | 850 B |
URL GET HTTP/2fonts.googleapis.com/css2?family=Pathway+Gothic+One&display=swap IP142.250.74.106:443
Requested byhttps://my.pcloud.re/login?cid=IzdfOQ5U1ptYdNly154RDsTv1jXz0wlLQbGTSY6x66BK7BlYdb5D41VuAgR4uuSnMcubw0qiD2R58YDrKS2PnCF8S07TOYWK2FXVS0o6vJztUowR7bwoVRng CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeASCII text, with very long lines (868), with no line terminators Hash350b97b8f7955b720ffdfc0975515e02 54e20d3f15b1820d9a3103a03980de76b224da22 222cf725a8927698065e305e38fb469ca2d4af55f85114b02c276a7dfe102b13
GET /css2?family=Pathway+Gothic+One&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://my.pcloud.re/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 24 Apr 2024 18:56:49 GMT
date: Wed, 24 Apr 2024 18:56:49 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| my.pcloud.re:80/ws | 0.0.0.0 | | 0 B |
IP0.0.0.0:0
Requested byhttps://my.pcloud.re/login?cid=IzdfOQ5U1ptYdNly154RDsTv1jXz0wlLQbGTSY6x66BK7BlYdb5D41VuAgR4uuSnMcubw0qiD2R58YDrKS2PnCF8S07TOYWK2FXVS0o6vJztUowR7bwoVRng
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ws HTTP/1.1
Host: my.pcloud.re:80
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://my.pcloud.re
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qdaKBWmOlP3cimCo2zL64g==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
|
|
| my.pcloud.re:80/ws | 0.0.0.0 | | 0 B |
IP0.0.0.0:0
Requested byhttps://my.pcloud.re/login?cid=IzdfOQ5U1ptYdNly154RDsTv1jXz0wlLQbGTSY6x66BK7BlYdb5D41VuAgR4uuSnMcubw0qiD2R58YDrKS2PnCF8S07TOYWK2FXVS0o6vJztUowR7bwoVRng
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ws HTTP/1.1
Host: my.pcloud.re:80
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://my.pcloud.re
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Ip/PVIXfXnlldzPNlN6qGQ==
DNT: 1
Connection: keep-alive, Upgrade
Cookie: _lr_tabs_-mycloudses%2Flogin={%22sessionID%22:0%2C%22recordingID%22:%225-b8e6f886-84d5-4919-97ca-d84fc4e3c712%22%2C%22webViewID%22:null%2C%22lastActivity%22:1713985010021}; _lr_hb_-mycloudses%2Flogin={%22heartbeat%22:1713985010022}; _lr_uf_-mycloudses=90e6142d-c8b4-48dc-adc3-67e559b9bfad
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
|
|
| my.pcloud.re:80/ws | 0.0.0.0 | | 0 B |
IP0.0.0.0:0
Requested byhttps://my.pcloud.re/login?cid=IzdfOQ5U1ptYdNly154RDsTv1jXz0wlLQbGTSY6x66BK7BlYdb5D41VuAgR4uuSnMcubw0qiD2R58YDrKS2PnCF8S07TOYWK2FXVS0o6vJztUowR7bwoVRng
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ws HTTP/1.1
Host: my.pcloud.re:80
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://my.pcloud.re
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: zZt0ELT0Oze/6DnFT9fIbg==
DNT: 1
Connection: keep-alive, Upgrade
Cookie: _lr_tabs_-mycloudses%2Flogin={%22sessionID%22:0%2C%22recordingID%22:%225-b8e6f886-84d5-4919-97ca-d84fc4e3c712%22%2C%22webViewID%22:null%2C%22lastActivity%22:1713985010021}; _lr_hb_-mycloudses%2Flogin={%22heartbeat%22:1713985010022}; _lr_uf_-mycloudses=90e6142d-c8b4-48dc-adc3-67e559b9bfad
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
|
|