| weathered-boat-0f9d.paulw2453.workers.dev/ | 188.114.97.1 | 200 OK | 50 kB |
URL User Request GET HTTP/2weathered-boat-0f9d.paulw2453.workers.dev/ IP188.114.97.1:443
CertificateIssuerLet's Encrypt Subjectpaulw2453.workers.dev FingerprintF1:87:37:0A:E8:38:9E:EF:41:A1:25:0D:5A:67:9F:F2:1B:2E:40:21 ValidityWed, 03 Apr 2024 10:34:23 GMT - Tue, 02 Jul 2024 10:34:22 GMT
File typeHTML document, ASCII text, with very long lines (64829) Hash08e63bc28fdbc22c93d1768394e6c4fd aec8ca24cac8f0ce17e2168b05e9e610895b5044 ed3fa50c0c2e0f4502829722f8b7c7ceeca072ba1e3a8c2b24bc8e3f43c1e23e
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft | OpenPhish | phishing | Outlook | PhishTank | phishing | Microsoft |
GET / HTTP/1.1
Host: weathered-boat-0f9d.paulw2453.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:00:51 GMT
content-type: text/html
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UaeTVoCMeORIbN234g2nwiBA61LrlvI5A%2Brrzw%2BfjXW4JYgDF4Wc3w9VF3Ge8z7Fv841FV2wPv40C1w%2BucaRnVPrC1%2BSZnm3kVIIq5AugaGmuZZMFCaGODPrkRPUDAaPgSdAj8YkJFfu6l1h19Q%2F%2BU5%2BNb4cNaMxJWaOiA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8761c01269b85695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| smtpjs.com/v3/smtp.js | 109.169.71.112 | 200 OK | 871 B |
IP109.169.71.112:443 ASN#20860 Iomart Cloud Services Limited
Requested byhttps://weathered-boat-0f9d.paulw2453.workers.dev/ CertificateIssuerLet's Encrypt Subjectsmtpjs.com FingerprintEC:83:1D:D8:A2:64:CE:2A:CC:AC:62:79:7D:42:09:D5:21:4E:8D:05 ValidityTue, 09 Apr 2024 02:31:24 GMT - Mon, 08 Jul 2024 02:31:23 GMT
File typeJavaScript source, Unicode text, UTF-8 (with BOM) text, with very long lines (841), with CRLF line terminators Hash3834e1b9e65ca954b7479464ea1e5118 437df45dbf59c3a3414236f44e3bcd5045bfe314 fc33c6b2c79aafa930e841962ae3c25bf8f56cbc20ec48fc2b0ddd0aa6ee23b6
GET /v3/smtp.js HTTP/1.1
Host: smtpjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weathered-boat-0f9d.paulw2453.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 15 Mar 2024 10:08:42 GMT
accept-ranges: bytes
etag: "b65c4ac2c076da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: *
date: Thu, 18 Apr 2024 04:00:51 GMT
content-length: 871
X-Firefox-Spdy: h2
|
|
| aadcdn.msauth.net/ests/2.1/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg | 13.107.246.53 | 200 OK | 673 B |
URL GET HTTP/2aadcdn.msauth.net/ests/2.1/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg IP13.107.246.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://weathered-boat-0f9d.paulw2453.workers.dev/ CertificateIssuerDigiCert Inc Subjectaadcdn.msauth.net FingerprintEB:7C:D1:4E:EF:B5:D4:72:25:0B:1A:AF:5F:10:3D:EA:13:80:5A:47 ValidityMon, 29 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashbc3d32a696895f78c19df6c717586a5d 9191cb156a30a3ed79c44c0a16c95159e8ff689d 0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
GET /ests/2.1/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weathered-boat-0f9d.paulw2453.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:00:52 GMT
content-type: image/svg+xml
content-length: 673
cache-control: public, max-age=31536000
content-encoding: gzip
last-modified: Thu, 13 Feb 2020 02:05:12 GMT
etag: 0x8D7B0292911C366
x-ms-request-id: 01d5d257-b01e-001d-5008-918aa7000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20240418T040052Z-17f9dd4c48bcwxss4wdmr3vu6000000001tg000000000rzg
x-fd-int-roxy-purgeid: 4554691
x-cache-info: L1_T2
x-cache: TCP_HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| aadcdn.msauth.net/ests/2.1/content/images/microsoft_logo_ed9c9eb0dce17d752bedea6b5acda6d9.png | 13.107.246.53 | 200 OK | 1.1 kB |
URL GET HTTP/2aadcdn.msauth.net/ests/2.1/content/images/microsoft_logo_ed9c9eb0dce17d752bedea6b5acda6d9.png IP13.107.246.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://weathered-boat-0f9d.paulw2453.workers.dev/ CertificateIssuerDigiCert Inc Subjectaadcdn.msauth.net FingerprintEB:7C:D1:4E:EF:B5:D4:72:25:0B:1A:AF:5F:10:3D:EA:13:80:5A:47 ValidityMon, 29 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT
File typePNG image data, 108 x 24, 8-bit/color RGBA, non-interlaced Hashed9c9eb0dce17d752bedea6b5acda6d9 eca56c4904354eed5da0debcd6bd66856ab4784d f664b8138c2da6ec7565500a7cc839da6372614a31dc04c5a2169a26b8d9767c
GET /ests/2.1/content/images/microsoft_logo_ed9c9eb0dce17d752bedea6b5acda6d9.png HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weathered-boat-0f9d.paulw2453.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:00:52 GMT
content-type: image/png
content-length: 1057
cache-control: public, max-age=604800
last-modified: Fri, 02 Nov 2018 20:25:31 GMT
etag: 0x8D641015620C409
x-ms-request-id: a39d39ca-301e-0039-021b-91b79c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20240418T040052Z-17f9dd4c48bcwxss4wdmr3vu6000000001tg000000000rzm
x-fd-int-roxy-purgeid: 4554691
x-cache-info: L1_T2
x-cache: TCP_HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| api.ipify.org/?format=jsonp&callback=getPublic | 172.67.74.152 | 200 OK | 33 B |
URL GET HTTP/2api.ipify.org/?format=jsonp&callback=getPublic IP172.67.74.152:443
Requested byhttps://weathered-boat-0f9d.paulw2453.workers.dev/ CertificateIssuerGoogle Trust Services LLC Subjectipify.org FingerprintC8:1A:05:47:C5:73:C6:CE:DF:1D:A6:DE:00:11:A9:9A:8C:DB:EF:A7 ValidityThu, 21 Mar 2024 19:56:02 GMT - Wed, 19 Jun 2024 19:56:01 GMT
File typeASCII text, with no line terminators Hashb1fdb43145cf7c3f6f2a1370889232f1 19cd287ba1ffae5908cf8d53d13abc302dac6f9c 9a751b74811a7c42413bc5109600706395ac8a8c057f7e6a55fc45b7ea41b191
GET /?format=jsonp&callback=getPublic HTTP/1.1
Host: api.ipify.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weathered-boat-0f9d.paulw2453.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:00:52 GMT
content-type: application/javascript
content-length: 33
vary: Origin
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8761c0149c30b51e-OSL
X-Firefox-Spdy: h2
|
|
| aadcdn.msauth.net/ests/2.1/content/images/arrow_left_7cc096da6aa2dba3f81fcc1c8262157c.png | 13.107.246.53 | 200 OK | 240 B |
URL GET HTTP/2aadcdn.msauth.net/ests/2.1/content/images/arrow_left_7cc096da6aa2dba3f81fcc1c8262157c.png IP13.107.246.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://weathered-boat-0f9d.paulw2453.workers.dev/ CertificateIssuerDigiCert Inc Subjectaadcdn.msauth.net FingerprintEB:7C:D1:4E:EF:B5:D4:72:25:0B:1A:AF:5F:10:3D:EA:13:80:5A:47 ValidityMon, 29 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT
File typePNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced Hash7cc096da6aa2dba3f81fcc1c8262157c a50776316f0220ed7cd7882a68c742a8861c999d ab50358475adae73a435466c72d1a48ab124e8ae06614663716a46dce5ac8b83
GET /ests/2.1/content/images/arrow_left_7cc096da6aa2dba3f81fcc1c8262157c.png HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weathered-boat-0f9d.paulw2453.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:00:52 GMT
content-type: image/png
content-length: 240
cache-control: public, max-age=604800
last-modified: Fri, 02 Nov 2018 20:25:10 GMT
etag: 0x8D64101494D74DC
x-ms-request-id: 5643c4e4-501e-007b-6345-913289000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20240418T040052Z-17f9dd4c48bcwxss4wdmr3vu6000000001tg000000000rzk
x-fd-int-roxy-purgeid: 4554691
x-cache: TCP_MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| aadcdn.msauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico | 13.107.246.53 | 200 OK | 17 kB |
URL GET HTTP/2aadcdn.msauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico IP13.107.246.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://weathered-boat-0f9d.paulw2453.workers.dev/ CertificateIssuerDigiCert Inc Subjectaadcdn.msauth.net FingerprintEB:7C:D1:4E:EF:B5:D4:72:25:0B:1A:AF:5F:10:3D:EA:13:80:5A:47 ValidityMon, 29 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT
File typeMS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors Hash12e3dac858061d088023b2bd48e2fa96 e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5 90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
GET /ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weathered-boat-0f9d.paulw2453.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:00:52 GMT
content-type: image/x-icon
content-length: 17174
cache-control: public, max-age=604800
last-modified: Fri, 02 Nov 2018 20:25:25 GMT
etag: 0x8D6410152A9D7E1
x-ms-request-id: 5bc7d03e-401e-000a-187b-90eb8b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20240418T040052Z-17f9dd4c48bcwxss4wdmr3vu6000000001tg000000000s02
x-fd-int-roxy-purgeid: 4554691
x-cache-info: L1_T2
x-cache: TCP_HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| aadcdn.msauth.net/ests/2.1/content/images/ellipsis_white_0ad43084800fd8b50a2576b5173746fe.png | 13.107.246.53 | 200 OK | 207 B |
URL GET HTTP/2aadcdn.msauth.net/ests/2.1/content/images/ellipsis_white_0ad43084800fd8b50a2576b5173746fe.png IP13.107.246.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://weathered-boat-0f9d.paulw2453.workers.dev/ CertificateIssuerDigiCert Inc Subjectaadcdn.msauth.net FingerprintEB:7C:D1:4E:EF:B5:D4:72:25:0B:1A:AF:5F:10:3D:EA:13:80:5A:47 ValidityMon, 29 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hash0ad43084800fd8b50a2576b5173746fe 97c08e6062ff37f6e7a6c65e94d693ccc9ccd443 2c03ee38a4eba6a047c3a5bacb3eb461efe14be8acd46ae772350a4dea2f0175
GET /ests/2.1/content/images/ellipsis_white_0ad43084800fd8b50a2576b5173746fe.png HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weathered-boat-0f9d.paulw2453.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:00:52 GMT
content-type: image/png
content-length: 207
cache-control: public, max-age=604800
last-modified: Fri, 02 Nov 2018 20:25:24 GMT
etag: 0x8D6410151EBB082
x-ms-request-id: 68b42861-c01e-003e-2945-916692000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20240418T040052Z-17f9dd4c48bcwxss4wdmr3vu6000000001tg000000000rzh
x-fd-int-roxy-purgeid: 4554691
x-cache: TCP_MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| code.jquery.com/jquery-3.1.1.min.js | 151.101.66.137 | 200 OK | 87 kB |
URL GET HTTP/2code.jquery.com/jquery-3.1.1.min.js IP151.101.66.137:443
Requested byhttps://weathered-boat-0f9d.paulw2453.workers.dev/ CertificateIssuerSectigo Limited Subject*.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (32030) Hashe071abda8fe61194711cfc2ab99fe104 f647a6d37dc4ca055ced3cf64bbc1f490070acba 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
GET /jquery-3.1.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://weathered-boat-0f9d.paulw2453.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-152b5"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 18 Apr 2024 04:00:51 GMT
age: 18612252
x-served-by: cache-lga21947-LGA, cache-hel1410026-HEL
x-cache: HIT, HIT
x-cache-hits: 118, 463
x-timer: S1713412852.988175,VS0,VE0
vary: Accept-Encoding
content-length: 30070
X-Firefox-Spdy: h2
|
|