| pub-ec21c38ad5864bc9a24d582b8d5eab93.r2.dev/QWddfrt123loOPrgtswe23SERf/OgGhhtyuqweagtsuqwQryuhgfsiki.html | 104.18.3.35 | 200 OK | 476 kB |
URL User Request GET HTTP/1.1pub-ec21c38ad5864bc9a24d582b8d5eab93.r2.dev/QWddfrt123loOPrgtswe23SERf/OgGhhtyuqweagtsuqwQryuhgfsiki.html IP104.18.3.35:443
CertificateIssuerLet's Encrypt Subject*.r2.dev Fingerprint48:74:F0:98:E0:A1:57:3E:86:18:BF:B3:DC:C9:7A:5B:53:50:FE:E0 ValidityFri, 05 Apr 2024 15:25:24 GMT - Thu, 04 Jul 2024 15:25:23 GMT
File typeHTML document, ASCII text, with very long lines (23074) Size476 kB (475703 bytes) Hash773a84b2634ea1a65d9a089abab2e20f c6c5e6b1052215937a8d2e96531875debe878798 1a461c975a5f8ae778e27ef9b5e296c974ff3e152f8dcba0d731795535531ad7
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 | PhishTank | phishing | Other | Quad9 DNS | malicious | Sinkholed |
GET /QWddfrt123loOPrgtswe23SERf/OgGhhtyuqweagtsuqwQryuhgfsiki.html HTTP/1.1
Host: pub-ec21c38ad5864bc9a24d582b8d5eab93.r2.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 16:43:44 GMT
Content-Type: text/html
Content-Length: 475703
Connection: keep-alive
Accept-Ranges: bytes
ETag: "773a84b2634ea1a65d9a089abab2e20f"
Last-Modified: Fri, 16 Feb 2024 13:51:49 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 879fcb314db0712e-OSL
|
| ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js | 142.250.74.106 | 200 OK | 30 kB |
URL GET HTTP/2ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js IP142.250.74.106:443
Requested byhttps://pub-ec21c38ad5864bc9a24d582b8d5eab93.r2.dev/QWddfrt123loOPrgtswe23SERf/OgGhhtyuqweagtsuqwQryuhgfsiki.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hasha09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-ec21c38ad5864bc9a24d582b8d5eab93.r2.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 11:06:17 GMT
expires: Fri, 25 Apr 2025 11:06:17 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 20247
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
IP40.126.53.21:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://pub-ec21c38ad5864bc9a24d582b8d5eab93.r2.dev/QWddfrt123loOPrgtswe23SERf/OgGhhtyuqweagtsuqwQryuhgfsiki.html CertificateIssuerDigiCert Inc Subjectlogin.live.com Fingerprint82:2F:20:E4:BD:99:37:36:52:F8:AF:FC:4D:86:73:BA:3A:7A:65:3E ValidityFri, 29 Mar 2024 00:00:00 GMT - Sat, 29 Mar 2025 23:59:59 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (23567) Hash296f4ea6b3ef94d4d52c9d73eff06ee7 6f63c157976ac5b577722388617ae7d112973d6e 071ba60c2b57df1c11040b1c9cff26874129b82980e70ccfa57b369d576feb9a
GET / HTTP/1.1
Host: login.live.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://pub-ec21c38ad5864bc9a24d582b8d5eab93.r2.dev/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: Thu, 25 Apr 2024 16:42:45 GMT
Vary: Accept-Encoding
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
X-DNS-Prefetch-Control: on
Link: <https://logincdn.msauth.net>; rel=preconnect; crossorigin, <https://acctcdn.msauth.net>; rel=preconnect; crossorigin, <https://acctcdn.msftauth.net>; rel=preconnect; crossorigin, <https://acctcdn.msauth.net/>; rel=dns-prefetch, <https://acctcdn.msftauth.net/>; rel=dns-prefetch, <https://acctcdnmsftuswe2.azureedge.net/>; rel=dns-prefetch, <https://acctcdnvzeuno.azureedge.net/>; rel=dns-prefetch, <https://logincdn.msauth.net/>; rel=dns-prefetch, <https://logincdn.msftauth.net/>; rel=dns-prefetch, <https://lgincdnvzeuno.azureedge.net/>; rel=dns-prefetch, <https://lgincdnmsftuswe2.azureedge.net/>; rel=dns-prefetch
Referrer-Policy: strict-origin-when-cross-origin
x-ms-route-info: C543_BL2
x-ms-request-id: 9f89fd09-2fae-4f06-96e6-9c734815c125
PPServer: PPV: 30 H: BL02EPF0001D94E V: 0
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
Set-Cookie: uaid=0e99efbd4db04eccaa194dbdf4b7a36c; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
MSPRequ=id=N<=1714063425&co=1; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
MSCC=91.90.42.154-NO; expires=Tue, 20-May-2025 16:43:45 GMT; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
MSPOK=$uuid-8c6f256a-79a2-477c-bde9-d31d3b432513; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
OParams=11O.DhMRD6J36iXTIuXMIEDb95vHeEB95rVPyF49HHsv26qrut712Wxcw71KFTwzCUMWs16xNA60VgH5Ys1tmkxqPX5EabDCs6WngKqcbzRXPZJ5UVuqKeQ9cOAdOU7ZDRKXubRwNWTRuqrxosufI84GkDY$; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
Date: Thu, 25 Apr 2024 16:43:45 GMT
Content-Length: 10528
|