Report - xsecures214579523147645cdnjcnjvfjfj.pages.dev/

Report Overview

Submitted URL
xsecures214579523147645cdnjcnjvfjfj.pages.dev/
IP
188.114.97.1
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-04 17:46:39
Access
public
Website Title
Microsoft
Final URL
xsecures214579523147645cdnjcnjvfjfj.pages.dev/#
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
102

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
stackpath.bootstrapcdn.com	2467	2012-05-25	2018-06-15	2024-05-03	1.1 kB	222 kB	104.18.10.207
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-05-04	954 B	30 kB	104.17.25.14
code.jquery.com	634	2005-12-10	2012-05-21	2024-05-03	439 B	31 kB	151.101.194.137
xsecures214579523147645cdnjcnjvfjfj.pages.dev	unknown	2020-09-02	2022-12-20	2024-04-12	28 kB	1.4 MB	188.114.96.1
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-05-03	448 B	72 kB	142.250.74.168
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-04	589 B	9.2 kB	142.250.74.106
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-04	2.2 kB	35 kB	216.58.207.227
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18	2024-05-03	1.1 kB	96 kB	104.18.10.207

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365
2024-05-04	medium	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	Office365

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (31)

	URL	Size	First Seen	Last Seen
	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	103 B	2023-03-07	2024-05-16
Pretty URL xsecures214579523147645cdnjcnjvfjfj.pages.dev/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:09:10 Last Seen2024-05-16 08:28:40 Times Seen31 Hash fd79e5323bf320593baf28c55c6c4a9f d4de9b0a491fa4f0ed59829c1ef6c79119165dd0 a75477ab81bd4f9743929438c1bfbb5ccb4ce0848f1250d60fb4e34abe45264d Loading...

	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	182 B	2023-03-11	2024-05-16
Pretty URL xsecures214579523147645cdnjcnjvfjfj.pages.dev/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-11 09:14:45 Last Seen2024-05-16 08:28:40 Times Seen22 Hash 85d69597899d25b7d1d9042018f57242 0b2b75f4ad382ec61d4d5883210aaf2ad38c493a dc270ad8d110845247f10925105ca213c5dfc8bfc7423d40f683d07950ac7edf Loading...

	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	518 B	2023-03-07	2024-05-16
Pretty URL xsecures214579523147645cdnjcnjvfjfj.pages.dev/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 15:16:21 Last Seen2024-05-16 08:28:40 Times Seen23 Hash 8a0ae1dde183081cc238530fcec7e384 6d781e65d7ce6a25cd5c0e69623863a1238b2962 f1cb49bf567053ddc8f335c2a1b38b78ebd796fc6f12e25791bd3010133df6fb Loading...

	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	118 B	2023-03-07	2024-05-16
Pretty URL xsecures214579523147645cdnjcnjvfjfj.pages.dev/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:09:10 Last Seen2024-05-16 08:28:40 Times Seen38 Hash a069627b2e404d3cee72e58320067315 1af5e15bac7c4cf436b5bff0481647c310884fb2 7cfcf974f97a6a29a1b8bcce9b98a8295917a68cd9d18cc31791fccf59d75648 Loading...

	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	231 B	2023-03-07	2024-05-16
Pretty URL xsecures214579523147645cdnjcnjvfjfj.pages.dev/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:09:10 Last Seen2024-05-16 08:28:40 Times Seen38 Hash d2a672f14be8e059e73969c2a67736a7 5354d4a19eedc08d4f26b6185cb992ff3eda2950 f75e46e4788f7a3e78a680a410ad6dd038d824e76c13104914f14f8528dcc481 Loading...

	code.jquery.com/jquery-3.2.1.min.js	87 kB	2023-03-07	2024-05-18
Pretty URL code.jquery.com/jquery-3.2.1.min.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-18 11:10:38 Times Seen67761 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-05-18
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-18 11:22:22 Times Seen349723 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js	84 kB	2023-03-07	2024-05-17
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:40 Last Seen2024-05-17 19:45:34 Times Seen11158 Hash 7f9fb969ce353c5d77707836391eb28d 62c4042e9ebc691a5372d653b424512a561d1670 2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515 Loading...

	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	700 B	2023-03-07	2024-05-16
Pretty URL xsecures214579523147645cdnjcnjvfjfj.pages.dev/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:09:10 Last Seen2024-05-16 08:28:40 Times Seen38 Hash bd5c8fd69a4ece137896f659984eaa77 8dd71508ee882b9a9cccb60c5c8e2bf3687d2107 fcb901368624d2cda4e817e1f8ad4873e9f168108683e31399ceca136fb91efe Loading...

	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	311 B	2023-03-07	2024-05-16
Pretty URL xsecures214579523147645cdnjcnjvfjfj.pages.dev/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:09:10 Last Seen2024-05-16 08:28:40 Times Seen38 Hash dd2569c9b459eeda44193708ef090637 26cf5c631e40e683a49abaf5d19881f32e72fdeb 1059ae25ef3c5332aee1f95559d9b9dd1c9c677403e483d027cde663447801c0 Loading...

	unknown	19 B	2023-04-10	2024-05-18
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-10 16:23:44 Last Seen2024-05-18 07:34:45 Times Seen2650 Hash 57381d43f260aa3b8c47820ca38655a3 8d087b53d91f8e3ff0def7d1d94a6dada72fac79 35b90e4b54b87ed6cd2b439eac195f9eb59e731e17248c95fb1e26e15d61f943 Loading...

	xsecures214579523147645cdnjcnjvfjfj.pages.dev/	91 B	2024-03-10	2024-05-04
Pretty URL xsecures214579523147645cdnjcnjvfjfj.pages.dev/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-03-10 07:21:44 Last Seen2024-05-04 19:46:40 Times Seen4 Hash c3b916c9c8c5ac8877be165e9371961d 34fae4ebe760305e8baeb069b544de7919e47c5f 53cdfefec5514fb99d8a135f4e418d584e8d4307f4a6c66bb8ebd022ca020d4a Loading...

	xsecures214579523147645cdnjcnjvfjfj.pages.dev/#	197 B	2023-09-17	2024-05-16
Pretty URL xsecures214579523147645cdnjcnjvfjfj.pages.dev/# IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-17 15:21:24 Last Seen2024-05-16 08:28:40 Times Seen22 Hash 9407008ed581c944522381608bc84014 85e0d303c5494113d31c63150f0dd294e98da59a e4a62b228bd862739ea2db759cace9de3048a0e488f57eb99c0ffeba9584086f Loading...

	xsecures214579523147645cdnjcnjvfjfj.pages.dev/#	374 B	2023-09-17	2024-05-16
Pretty URL xsecures214579523147645cdnjcnjvfjfj.pages.dev/# IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-17 15:21:24 Last Seen2024-05-16 08:28:40 Times Seen22 Hash b0a3d9d820cff2b0245893026700414d 90b78ccc08d0c0a41d911a4554bd19ee81664905 fbdc03c3b26e299fae361694f0737cefb7a7ba25d36eca54a5f74b4534e2b242 Loading...

	xsecures214579523147645cdnjcnjvfjfj.pages.dev/sandbox%20eval%20code	147 B	2023-04-11	2024-05-18
Pretty URL xsecures214579523147645cdnjcnjvfjfj.pages.dev/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-18 11:22:21 Times Seen350235 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	xsecures214579523147645cdnjcnjvfjfj.pages.dev/#	362 B	2023-03-07	2024-05-16
Pretty URL xsecures214579523147645cdnjcnjvfjfj.pages.dev/# IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:01:50 Last Seen2024-05-16 08:28:40 Times Seen61 Hash 7be7944afb861aecd3aa7708dd670bf5 87e594c16e969cf47895f08299aea479f7816ac7 970b5b28305342edec2da42b3c65afc56020fc362ff245434480a6a42356d0ca Loading...

	xsecures214579523147645cdnjcnjvfjfj.pages.dev/#	72 B	2023-03-07	2024-05-16
Pretty URL xsecures214579523147645cdnjcnjvfjfj.pages.dev/# IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:09:10 Last Seen2024-05-16 08:28:40 Times Seen38 Hash 714d29d5b488bde276ce618de9879e9c 72a33ba20680824998fdc58c9a84d98e67981305 4ea2f5204599f5918a755dace1bc6caa058d956623280df126c9da36c555654b Loading...

	xsecures214579523147645cdnjcnjvfjfj.pages.dev/#	83 B	2023-09-17	2024-05-16
Pretty URL xsecures214579523147645cdnjcnjvfjfj.pages.dev/# IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-17 15:21:24 Last Seen2024-05-16 08:28:40 Times Seen22 Hash d007baa8cec10379dabf7808b99deb88 bfe385eda991b64db606db55d5a72538d2eb9495 5527731757eff8470874a6462d0d4d1badabf9e3fff0761f7d5c438803d49c75 Loading...

	xsecures214579523147645cdnjcnjvfjfj.pages.dev/#	320 B	2023-03-07	2024-05-16
Pretty URL xsecures214579523147645cdnjcnjvfjfj.pages.dev/# IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:09:10 Last Seen2024-05-16 08:28:40 Times Seen25 Hash 3d69ef542a54511ea9e6fc6411f713f0 b5ac05063ae8ba08e5c65a901bfa930d2b9c520e bfad63c7cf357a32e6563b2bdcfe3dd338df177b1828cf5b7eda63fe178d541b Loading...

	xsecures214579523147645cdnjcnjvfjfj.pages.dev/#	149 B	2023-03-07	2024-05-16
Pretty URL xsecures214579523147645cdnjcnjvfjfj.pages.dev/# IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:11:16 Last Seen2024-05-16 08:28:40 Times Seen65 Hash 1ef0d42ee74ef53d1d18bbe7a2d56bf2 9db93538573e87105b0f6aa4f55147fd56e6bca7 32e8240f3e8fae863d9d2094a5319b5d9949cac1318c0379dce62c9d8feb1fff Loading...

	xsecures214579523147645cdnjcnjvfjfj.pages.dev/#	29 B	2023-03-07	2024-05-16
Pretty URL xsecures214579523147645cdnjcnjvfjfj.pages.dev/# IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:14:54 Last Seen2024-05-16 08:28:40 Times Seen225 Hash b1cb68711eabf10521a5607b934cc2d4 fb5622af852db2dbb77450007d03974ca5425938 191f23c8b39228dd6066811d0f4d97adc6cbf38bb7a4bc25f398e6d0bb0f8286 Loading...

	xsecures214579523147645cdnjcnjvfjfj.pages.dev/#	30 B	2023-03-07	2024-05-16
Pretty URL xsecures214579523147645cdnjcnjvfjfj.pages.dev/# IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:14:54 Last Seen2024-05-16 08:28:41 Times Seen130 Hash 9734c5652d82a524c3fbd3938eaf214d 982c19a953702dd048da577d87f9480da89e36ba b37c7da95920676d3cd924e9069ea23c910f3ef4fabc316f666ba38eae24c86f Loading...

	xsecures214579523147645cdnjcnjvfjfj.pages.dev/#	90 B	2023-03-07	2024-05-16
Pretty URL xsecures214579523147645cdnjcnjvfjfj.pages.dev/# IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:09:10 Last Seen2024-05-16 08:28:41 Times Seen34 Hash 5f95337bfe7a2df11ab3e74b7f7ebb71 3928bbc2ce49e003549e193e7ea6a2e64e259f4a fee13a31902dbd3626d50721ae065aba72cca0c3b238050db8da3afd0ac7ed38 Loading...

	stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js	60 kB	2023-03-07	2024-05-18
Pretty URL stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js IP 104.18.10.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:50 Last Seen2024-05-18 08:48:10 Times Seen7647 Hash 02d223393e00c273efdcb1ade8f4f8b1 0cc93b8421d89c24a889642428b363cb831de78a 79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582 Loading...

	xsecures214579523147645cdnjcnjvfjfj.pages.dev/#	7.4 kB	2023-09-17	2024-05-16
Pretty URL xsecures214579523147645cdnjcnjvfjfj.pages.dev/# IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-17 15:21:24 Last Seen2024-05-16 08:28:41 Times Seen22 Hash 86282e28012418588f9dc9857850cabd cb1517234b819f22fbc520098cf702b624e71dd5 b71c7bdf9c04935bd262910b07514dcb7b21882dd1497a9fe61cf448f5b52c28 Loading...

	www.googletagmanager.com/gtag/js?id=UA-xxx-x	195 kB	2024-05-04	2024-05-04
Pretty URL www.googletagmanager.com/gtag/js?id=UA-xxx-x IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 19:46:40 Last Seen2024-05-04 19:46:41 Times Seen2 Hash d09d7012ace9ed561a48f0ff44e364c4 f03b2c4b261ed09eb0bf040bb93ca96d2968ab46 509dc7e2d51d9f533fcf6a00ad7356e9f382e7720149db56c36a66e25893ba9e Loading...

	xsecures214579523147645cdnjcnjvfjfj.pages.dev/#	81 B	2023-03-07	2024-05-16
Pretty URL xsecures214579523147645cdnjcnjvfjfj.pages.dev/# IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:01:50 Last Seen2024-05-16 08:28:41 Times Seen61 Hash ea30926c246b181671bebe13ef02a3a5 a983c85a2b6e99fa47aa4b86e0abbd69751bc754 69a0522c4f114a051bbdeda40f0d494e730eb4908bc7a8ea4894d8f273301746 Loading...

	xsecures214579523147645cdnjcnjvfjfj.pages.dev/#	133 B	2023-03-07	2024-05-16
Pretty URL xsecures214579523147645cdnjcnjvfjfj.pages.dev/# IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:01:50 Last Seen2024-05-16 08:28:41 Times Seen59 Hash cebcc1baee73bd4fd0e2c99e6f8ea251 cd1ac64cbb80876ea8826c5957865c686b1d0af6 2370c4b6930e8808719902cfc6fb7494d59e058c0aab1c3e71157c630ab243f9 Loading...

	xsecures214579523147645cdnjcnjvfjfj.pages.dev/#	120 B	2023-03-07	2024-05-16
Pretty URL xsecures214579523147645cdnjcnjvfjfj.pages.dev/# IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:01:50 Last Seen2024-05-16 08:28:41 Times Seen57 Hash 90231c02eb7afd87a90c973d86805f7a 3accb734afab1b870f1e524dcf6029a9c465958a 64a7f5d8d705c6b363eb9420beec6b977ec531c1806b518d269622b2128dcc6d Loading...

		Size	First Seen	Last Seen
	#1 Write - 61fa210df28dab84bdac0f4dd101c29e	22 B	2024-03-10	2024-05-04
Pretty Observations First Seen2024-03-10 07:21:44 Last Seen2024-05-04 19:46:40 Times Seen4 Hash 61fa210df28dab84bdac0f4dd101c29e d3febe85dfe8f04a7315e08da573930d26eec5ba 4d04a91543d1c3804d043bd429fac9c4c3963285f2897a789bb6b59d7055dded Loading...

	#2 Write - 0525824987afd788be7b5a6d4cb54401	11 B	2024-03-10	2024-05-04
Pretty Observations First Seen2024-03-10 07:21:44 Last Seen2024-05-04 19:46:40 Times Seen4 Hash 0525824987afd788be7b5a6d4cb54401 6d632932d9e9dae7ab41af83c1be89afd0e45dce d2cfa643d9fb1d00c9f0ac365d754bdb8fc63e42790fc5386878c9010831c3fc Loading...

HTTP Transactions (64)

URL IP Response Size

cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js

104.17.25.14

200 OK

27 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32180)
Size
27 kB (26660 bytes)
Hash
7f9fb969ce353c5d77707836391eb28d
62c4042e9ebc691a5372d653b424512a561d1670
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515

HTTP Headers

GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 17:46:10 GMT
content-type: application/javascript; charset=utf-8
content-length: 26660
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-14983"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 346769
expires: Thu, 24 Apr 2025 17:46:10 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9tSks8hz%2FOfM9LkJ8wGOY%2BPTqdMKcv0Owis5scpJaFFocOL%2F%2FVtLIi58%2B1KKAkO96N53Gmby%2BIR7zLjEy22HJtC9Ylbhj6dwJDJeXZCqSsk2lS0FAdMp0HEaM3iLsuCcl55SJonX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87ea4f0a0a6d0b51-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/froala-editor/2.8.5/css/froala_style.min.css

104.17.25.14

200 OK

1.4 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/froala-editor/2.8.5/css/froala_style.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (7048)
Size
1.4 kB (1380 bytes)
Hash
8d4fba5186f02a0c4458986b0cf91667
785579011ecdda9e4754ca41649fa2fc06453b52
1cfc73a6db9523c12b6b7f5d009bed19c8799eed001f607bd891a1fd838b7739

HTTP Headers

GET /ajax/libs/froala-editor/2.8.5/css/froala_style.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 17:46:10 GMT
content-type: text/css; charset=utf-8
content-length: 1380
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e6a-1c28"
last-modified: Mon, 04 May 2020 16:10:18 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 333332
expires: Thu, 24 Apr 2025 17:46:10 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eb2%2B4yWANiJpCbbNGb9vUnNoZaLJXML%2BcaVZH%2BSIMr85FppnwP5BWw5Nhl2q7vJPX4Z8XeR72WhAqalhnyllwJFOFkkzDXyupddi6LzvTOUAgjhGjxTWVKzrjjBbGplc9S1s7rG5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87ea4f0a0a7d0b51-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.2.1.min.js

151.101.194.137

200 OK

30 kB

URL GET HTTP/2
code.jquery.com/jquery-3.2.1.min.js
IP
151.101.194.137:443
ASN
#54113 FASTLY

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32058)
Size
30 kB (30125 bytes)
Hash
c9f5aeeca3ad37bf2aa006139b935f0a
1055018c28ab41087ef9ccefe411606893dabea2
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

HTTP Headers

GET /jquery-3.2.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15283"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 May 2024 17:46:10 GMT
age: 9393337
x-served-by: cache-lga21971-LGA, cache-hel1410030-HEL
x-cache: HIT, HIT
x-cache-hits: 29, 352559
x-timer: S1714844771.899226,VS0,VE0
vary: Accept-Encoding
content-length: 30125
X-Firefox-Spdy: h2

xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bba58587_v.png

188.114.96.1

200 OK

128 B

URL GET HTTP/3
xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bba58587_v.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type
PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced
Size
128 B (128 bytes)
Hash
0bb86caf792dd7d24731c18cd37bb68e
dda1e433a0eaf785b2aa2c6214d5e48cb82a3a25
2ac27821ba64d645f36e2ad197492d30c11b10a032cc474554679555f4604622

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /5f205bba58587_v.png HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:10 GMT
content-type: image/png
content-length: 128
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "716018fe568eb003c2e5c767a6744f01"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qEbD7WPkjsWHktkpIh1cWW6IFjG7oeWtnKY7NcTvHvoboWedTgukqsr1DtT2IrJNaSM7kNxHUnzIyK1fe%2FsvzsyoROsd43GlG4PGDkLiRlWh7oFSXDqZ9TrPqdPFvJOig0w8GPinPkkPy8RTIk6YkpKXw1D0%2FL1t%2F0dREkssa80%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f09beb75685-OSL
alt-svc: h3=":443"; ma=86400

xsecures214579523147645cdnjcnjvfjfj.pages.dev/microsoft.jpg

188.114.96.1

200 OK

2.0 kB

URL GET HTTP/3
xsecures214579523147645cdnjcnjvfjfj.pages.dev/microsoft.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 47x46, components 3
Size
2.0 kB (2004 bytes)
Hash
513307d24832cc64115e69c57dd4f69a
ba2e4718f5dec696d5e1e9ab95361f5dfb337f23
f70249b342aecd9e3d2367aea39df606e92562f9d7945ad8849b36cd3e3a85a1

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /microsoft.jpg HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:10 GMT
content-type: image/jpeg
content-length: 2004
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "2fb10ecfbac7eb44dcf7cd10a0e04aff"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rD2Anlobr1x1W4JN%2BLsgqm4sW%2BxgCFCO66EtS1UdGuz22NWw3V4gcNHVnOC4MYiXt92jOz4Smo0bZSYU3xbDCrbXi6W2qSItHB5ghQw8yLOh3JvU2MCaN43y1iIJLOHs1Jw73mE8hOF%2FgR1tepfbq%2BiDRRL9rwrvpLTHATs8pro%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f09beae5685-OSL
alt-svc: h3=":443"; ma=86400

xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bbbf25aa_v.gif

188.114.96.1

200 OK

1.5 kB

URL GET HTTP/3
xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bbbf25aa_v.gif
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type
GIF image data, version 89a, 80 x 65
Size
1.5 kB (1506 bytes)
Hash
0d3c4efabb6072ec3312574009be3ef8
02d319a4e46538bcadcc5122883e1a0c3e94c123
45a676a0eb476e7706e0187d975b612f51f3bb4c26596f991d55f5e68fbef3e3

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /5f205bbbf25aa_v.gif HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:10 GMT
content-type: image/gif
content-length: 1506
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "b79fc93a137bdb4771a1c52124efac77"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U2RN5akYn4BNDAP9TbMIfUUIw%2B3%2BNDPXuLRdZ%2FaKztvdkqi97VsUQPgxJbTY6077f%2BbxEHrSX63XKObbgrRKHOq4EU%2FGX6X%2F%2F3zZzVJv13WRVLHaRrgaLE0rKs1FXV23KLdWo%2FWxShMcqOTAV9jdNKlOo%2FOUOR3%2FW7qAmaWTOf4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f09bec05685-OSL
alt-svc: h3=":443"; ma=86400

xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bb63ccd2_v.css

188.114.96.1

200 OK

0 B

URL GET HTTP/3
xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bb63ccd2_v.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /5f205bb63ccd2_v.css HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:10 GMT
content-type: text/css; charset=utf-8
content-length: 0
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "9e7a27539226d700e116522ee435029d"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EQAnhBI3%2BsARSbSF46gZk55K5lGq5Rxlca186%2FGGniOBU4HrR%2FCPnikpTaRCNVSdEzihW6by24EB7hD1%2BRr7Se156Kx50N%2FwR%2BdMeAB6RWD5GspOHurENDvAO6hIR17hFUrnJ9uModOIeJaO9HQnl5vImnnk0wiwP%2BJi6bMfFgQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f09bea85685-OSL
alt-svc: h3=":443"; ma=86400

xsecures214579523147645cdnjcnjvfjfj.pages.dev/microsoft.png

188.114.96.1

200 OK

1.0 kB

URL GET HTTP/3
xsecures214579523147645cdnjcnjvfjfj.pages.dev/microsoft.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type
PNG image data, 47 x 46, 8-bit/color RGBA, non-interlaced
Size
1.0 kB (1045 bytes)
Hash
bf2b460590fbb9d8e9611a6e9006b816
561e1dab259d61e798b3ce380527b71b61074ff3
ee4bc5fe81fa7c1e8497d79c9c8a96485df217092d334e9b48fa8840fed11d03

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /microsoft.png HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:10 GMT
content-type: image/png
content-length: 1045
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "784ab5e987249ef1422816edc26a250f"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ddbVK7xH4T7YkWuWbGuUYPyRVZLlnbH9D%2FmYMq0tTmjuOVmozuuySl54inCZsm4lWx59MQBKnyYaPi5fLWWI6B6tvX5ZOJiz5%2FP6vUhR6b6cfTkp%2BMtsklieMcN8zMpgecS7cZXqQGzpQqPnugqRrXyOU1OXhfRSu6T9s69NH1Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f09beb65685-OSL
alt-svc: h3=":443"; ma=86400

xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bbb6fc7d_v.gif

188.114.96.1

200 OK

102 B

URL GET HTTP/3
xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bbb6fc7d_v.gif
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type
GIF image data, version 89a, 24 x 9
Size
102 B (102 bytes)
Hash
ef14d57c065fdbd3c66d017a729ca91f
2e7b72d674361a9c2b41767ccfbed2486e6695dd
6fcbfcda8a36536a0f9b0bc8c4a6ca451d9bafd4a879d56697e48e209691ba36

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /5f205bbb6fc7d_v.gif HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:10 GMT
content-type: image/gif
content-length: 102
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "40e933c6110bf926e3aed6bfee33acd0"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fq3kWl61%2BOv0krgnGjznGvuHD7IGq6pdquzpKVaeb%2BC4AG7IQRymPg1QkcXUC82WKgeCpu%2Br%2FyRfv2YM98TinkcmGDkZ%2F3dRvCF2Rspjj%2Bizc0oej%2BKqy%2BQK74cA6JKSueflYPNJYetiE3ykLXzKbMcF09MxgD4VQcv6VdA31cY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f09bebf5685-OSL
alt-svc: h3=":443"; ma=86400

xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bbc8a6e3_v.gif

188.114.96.1

200 OK

1.5 kB

URL GET HTTP/3
xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bbc8a6e3_v.gif
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type
GIF image data, version 89a, 65 x 80
Size
1.5 kB (1547 bytes)
Hash
af52e51f42fd0c55bc3cf2c8ece71492
016f83da68ff461a5c6aebcc2a45668317b2f24c
e91f304cf7409723968740e6363dda01b50acb8e94b5ca05b4a4617666ff095c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /5f205bbc8a6e3_v.gif HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:10 GMT
content-type: image/gif
content-length: 1547
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "e07c4b56e0330a7ab00e21f12e7b8fef"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JCDzHykwCYSxCWnuCeiqkIIgvxdgJCjMCkZmUAOJfmjPDK9L4LoJRSQ9uAe0thmE1Y7HmagdqfR%2BamNXQxs2aDfNNfFVdBJa2UiUeD2gVElserjHltJ4lU1Iy1JFes7bU%2BvLWiw0AGRWhDL7IcUHb%2FD%2FDeXFMt6V5D4YGkupaPU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f09ced55685-OSL
alt-svc: h3=":443"; ma=86400

xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bbece31e_v.gif

188.114.96.1

200 OK

1.5 kB

URL GET HTTP/3
xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bbece31e_v.gif
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type
GIF image data, version 89a, 30 x 29
Size
1.5 kB (1509 bytes)
Hash
1834c112f6e54f620d2ef8f8c037d450
b911b12717fc708c9418b4a2a0d72f79c5c53be3
81a5f62c155d307316d16a11e5a907a99fcfa3f70dce41d01d9f65518206734e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /5f205bbece31e_v.gif HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:10 GMT
content-type: image/gif
content-length: 1509
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "c0bc1a0dbe7f469d69d4170c9fa8e4f9"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U%2BdyfhG%2FsEHPR6DPS7exag50NzpBQ8D3XTumonvxwuV9okGf%2BwIFuQ9bkAtoQaPoI0riOlghYcMxiWM%2FLSmde6fliWVZCEyW61QNb%2F0pU9Zus1YRbItTtmcldQ4QvfqBnCHCef569elH7wtZZqEncPEAyXnAZYsVsthydytfkBE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f09dede5685-OSL
alt-svc: h3=":443"; ma=86400

xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bbf6a050_v.gif

188.114.96.1

200 OK

1.2 kB

URL GET HTTP/3
xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bbf6a050_v.gif
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type
GIF image data, version 89a, 29 x 29
Size
1.2 kB (1245 bytes)
Hash
6d0c71ad95c413318e0946960a597318
297fa9d7797afcb90cb49adb045b673672b360ec
f2b1758e4d68018096355641f5e7163b0df07efc85e9c3513e51949a75c0446d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /5f205bbf6a050_v.gif HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:11 GMT
content-type: image/gif
content-length: 1245
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "e4530ea5a667f71ac649973679e32073"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P8UFLMvUKL2s02CRlPTX7tKPCKSQrnQeRMJeW9vnOWw9VHmq57dzhOD%2FBi46HZ4ry9lXwh64h0ZX6zFs2tNulN5aMOtiNn00D%2F4nc0GF8taD8WHfuAfh5kHKecT0Iu%2FY8%2BCRskrSHpZzxA8%2FvFwyosrqU70fHeH%2FKVE3U1Sw0Wg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f09deff5685-OSL
alt-svc: h3=":443"; ma=86400

xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bc2c1b4b_v.gif

188.114.96.1

200 OK

234 B

URL GET HTTP/3
xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bc2c1b4b_v.gif
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type
GIF image data, version 89a, 16 x 16
Size
234 B (234 bytes)
Hash
9ce99ec458daf212f9812a90f3fadd13
9e3041bc91b79a17b52e0fbb6c2d0e2f905d98a1
b0d335401c9fd5fac9991ec92edaf7865ff3a491ebe390120936c69796c3b753

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /5f205bc2c1b4b_v.gif HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:11 GMT
content-type: image/gif
content-length: 234
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "77658f49c3237c43feb1f812a11dc45b"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CFezd80KPJEf4drZeo7oqj2HeWXINYsBFSqp10eSu86EAg3mzIZ6ge8%2FZ8WSNC3H5bUUhm3l%2Fa0v1D4JeT3GeETGtEnIuqkDH1cjyMkKvzCxuNS%2F0JUejBYx6UzYjNFeOUFFDzjxPWMV1fGUjFLRUr6QU16Oe4QMZneeKfYaDFo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f09df085685-OSL
alt-svc: h3=":443"; ma=86400

xsecures214579523147645cdnjcnjvfjfj.pages.dev/minus.png

188.114.96.1

200 OK

945 B

URL GET HTTP/3
xsecures214579523147645cdnjcnjvfjfj.pages.dev/minus.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type
PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced
Size
945 B (945 bytes)
Hash
e6eb3d938f3ebebd85c71307b38a3bf3
387223165f8e86f861a09adb1e3c10a8f2ec7006
2b6c8e23b2a2c49ac71393cb3e1740b7e2fccaa310ee06b68ca27b693d133f8e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /minus.png HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:11 GMT
content-type: image/png
content-length: 945
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "715a3a123fc024df0a9f0d171386bebc"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2JP1pDTvHX%2F5MWEB2fIYwQW9qqcqPx7kt3DBxTcdXoNvQlhu6A9xlu80llkrzRlwTikeVUdRr30iONppuS86f22MAcxp59MSjWHXXmk%2BFup99rkytdXAubfhdqd%2FRLm974n3QW05VLwncGkc5KTz4%2F6Sa0SuEyRBVxlyfjuIo%2F0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f09beb15685-OSL
alt-svc: h3=":443"; ma=86400

xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bc2379ac_v.gif

188.114.96.1

200 OK

377 B

URL GET HTTP/3
xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bc2379ac_v.gif
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type
GIF image data, version 89a, 16 x 16
Size
377 B (377 bytes)
Hash
c10bdec858cb0cf9e6cc5865d5925746
697c095ed5509e5a5af0c5ebf2380662aeffc531
b65b47a79e32335d9ca35ff59c6975d2b5808f84da0db88d11ce777b33e72ad9

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /5f205bc2379ac_v.gif HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:11 GMT
content-type: image/gif
content-length: 377
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "9f6c72ab1272f4bbadf6b026cfcf0490"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9BE1RKVdaNhAwFXIcorqRQsPaR5z6Dy5YVDGOFOEEZgmN1NTS2mIl6CA%2BbziLnpDhXUYjN91bTk%2Bv5xFipm7SGkDAvWFZ6d%2Fh5ELN0YOsW2477BMXiwXT1fcgQTiqsIVOaJTvlERphxn%2FdRP2Azj3pJwVV0%2FjWV5B54RCouUSKc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f09df035685-OSL
alt-svc: h3=":443"; ma=86400

xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bbae3ed9_v.png

188.114.96.1

200 OK

349 B

URL GET HTTP/3
xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bbae3ed9_v.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type
PNG image data, 13 x 13, 8-bit/color RGB, non-interlaced
Size
349 B (349 bytes)
Hash
7454c652e0733d92de6c920c2d646ae0
34a5bd8c7401f95e346895b0e5ccffbf0e9ad638
44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /5f205bbae3ed9_v.png HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:11 GMT
content-type: image/png
content-length: 349
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "0d6dd742fc1124fe244e6f4f212155f3"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DjHWCZpy5VoeQPVRY%2F8Bc1NwCh%2FEMU6NXu9PZB%2B5qFSSQ8lTB7Br3bPaAzA4QWwxSbcrVI1TuEaRiWi8mJFbXXeSW89r805Um52MgQYkHXV3mOnsMwOWBswNrf%2F0k5vAG32yVtpKG766p7ZaTjdPJ%2FJaYdomAWFF9%2BEHqiPejDs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f09bebc5685-OSL
alt-svc: h3=":443"; ma=86400

xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bc00090f_v.gif

188.114.96.1

200 OK

949 B

URL GET HTTP/3
xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bc00090f_v.gif
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type
GIF image data, version 89a, 78 x 68
Size
949 B (949 bytes)
Hash
da9d153375da51a616a7663f1504e3a5
bd81fe60fe017bfe79be8c1afed88b659ff166d9
9bb88049c3d3f3c172d97246fa148bb725e727847c37e28c3be156be240a0c04

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /5f205bc00090f_v.gif HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:11 GMT
content-type: image/gif
content-length: 949
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "f783fbbf25820b1a0be467bd6ce995fe"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fts3lQlQwxHVkTle5N6jQt9uTuJoy9PJ3Mq0Os6eaBu7%2F3wVuYqo%2Fuhv3FDs2AvBHWRjSCHjnRlg1BK%2FWT0FRxscBuZ3WUg3O3i%2FIX1QlBQARAEaPWcZMYIapbDHRDC4JTLknbYmjF6DKoNSqR%2FYPMHyncYHo%2BJRFoj6MaUuX44%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f09ced95685-OSL
alt-svc: h3=":443"; ma=86400

xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bbe46967_v.png

188.114.96.1

200 OK

293 B

URL GET HTTP/3
xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bbe46967_v.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type
PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced
Size
293 B (293 bytes)
Hash
9eb68d2ce05c151bda542a7a6356e22c
baeeefe4a7ac657c10a5f081841015de1bcf90dd
2d2b7040bc32b397c3c60d800de9aa7d86404f1874862eba61bdaa21f1523eb7

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /5f205bbe46967_v.png HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:11 GMT
content-type: image/png
content-length: 293
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "50d567cbc4ca65349c78e08b48e4ce01"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X1OhK4GF1LYlZBTaPIuEpJqu9HW7KujJwOgjZLKlsDQvqtqx1YfnuCwmK2DbMhtRo%2BySSeZR6MWJiho13lN2bYH0p9%2BpLMWo7tJsfM10iqdo6%2BoRiUEcdGpo3YkLdCyo1KqJsEWoMVFLRySvurM0RK8Y9NB9g48TcDozERSelF0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f09beb85685-OSL
alt-svc: h3=":443"; ma=86400

xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bb9bf55a_v.gif

188.114.96.1

200 OK

1.8 kB

URL GET HTTP/3
xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bb9bf55a_v.gif
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type
GIF image data, version 89a, 120 x 97
Size
1.8 kB (1776 bytes)
Hash
8806694db55d271b6c836433d103afcd
a532ae846499ffa93bd6ed8baafcbdabb2cc8da1
989f955c24583be00defab08c4cf80b17fe4c12756686359367144f0506eb8b8

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /5f205bb9bf55a_v.gif HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:11 GMT
content-type: image/gif
content-length: 1776
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "e6f4b8a850008864fc4699371ab48e7a"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bYMt9uOHdxU6J%2B2MgOlyMORV5GXT%2FPITQGrdpSpjfnCR6YLZD9oPG2LqxkJlBcRMJ1oQOlis%2FdRlEFijny5HB4EK1fSeCY%2FVHMi8bWfNYKCJX1H0WUDFVyWLIm%2B9dFpB0hOPZuQYvDXtISiSw%2BzD86nmy21sLGzm51gDTQTWcZA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f09bebe5685-OSL
alt-svc: h3=":443"; ma=86400

xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bc1a74d5_v.gif

188.114.96.1

200 OK

69 B

URL GET HTTP/3
xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bc1a74d5_v.gif
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type
GIF image data, version 89a, 16 x 16
Size
69 B (69 bytes)
Hash
3ae573d079dcd1d2da4086f2c0c72c45
e7c9dabec81379373476ed23168dcecb9b8c56aa
9cce08ab28e94790cf78c87e37f8690acbc6c535e4b43ae7b38506b94538e107

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /5f205bc1a74d5_v.gif HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:11 GMT
content-type: image/gif
content-length: 69
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "aaf6c5e1ac9ac320bede916158ed5d07"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KHlgdJiYGF4qE7MYb0l22VsbmRuclKvQca%2BKi8WVNfrNNWgHStV5Fg8ra8wt8BpmXua51xzLdy9wowc057K8GtB2PNMhv0GOkJr3D3yQE7dLx2UT6EiiGRSUen%2FGj8ABKYN8GZy6NgMILquEQ7YAfoN3Mmc8PHeDMoHyI0sRbt4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f09df005685-OSL
alt-svc: h3=":443"; ma=86400

xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bbdae210_v.png

188.114.96.1

200 OK

364 B

URL GET HTTP/3
xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bbdae210_v.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type
PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced
Size
364 B (364 bytes)
Hash
e144c3378090087c8ce129a30cb6cb4e
59da5466551de941d0215e45c54aa2ceaf436be1
b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /5f205bbdae210_v.png HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:11 GMT
content-type: image/png
content-length: 364
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ee63d8b934f54cf7e606ebae2b4bfcf6"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8kMHt4%2BZvr7qikOuNBPDVPJqmaij44VHDOzclfsd2Jrj%2BdqoPV7R%2FRnYPHSMqcUM0Q%2Bl7JWTZkX0mY1BLnbdMYwP3ZFCHQyVHtmlzHlfkR%2BGQGkT%2F17Z%2BJvaX%2FLylHm6l5x1gjQw05pb%2Byelo82VoiAK95WLbMsN6ZVoZv8c9cM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f09bebb5685-OSL
alt-svc: h3=":443"; ma=86400

xsecures214579523147645cdnjcnjvfjfj.pages.dev/cut.png

188.114.96.1

200 OK

1.2 kB

URL GET HTTP/3
xsecures214579523147645cdnjcnjvfjfj.pages.dev/cut.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type
PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced
Size
1.2 kB (1192 bytes)
Hash
e526e4ff50594a6c4a5d05c18474d6e7
705609a2bd21c1e3e13666451c75d2c51436c83e
d25cf2403704d5208d662af4ef703d424cedeac253a43a1aec6e60e0db43837f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /cut.png HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:11 GMT
content-type: image/png
content-length: 1192
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "0d27498074b71cae952cc8068bce9007"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SxEhPYt3sWpwKEm1cmLmClfQ2RsG%2F3KhGKuv50WGC1FNnXDUzq%2F5QLp7ljhji7gGrUp%2BdOzTvkpehmgbW96D9J5rr1J4cVEuzPXCfpEPH5vvdSDzzMvLaGDII5tAKzIqPHAIzrLZYWhVWZlVSLZdHDmRlx%2F7%2BRDorMxXNwmVuVM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f09beaf5685-OSL
alt-svc: h3=":443"; ma=86400

xsecures214579523147645cdnjcnjvfjfj.pages.dev/background-2.png

188.114.96.1

200 OK

588 kB

URL GET HTTP/3
xsecures214579523147645cdnjcnjvfjfj.pages.dev/background-2.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type
PNG image data, 3024 x 1964, 8-bit colormap, non-interlaced
Size
588 kB (587475 bytes)
Hash
d25c772bd50627bb5ccb5382a6b1a572
79fe73d3cbb6ff86c2168d7e306a92d7bb75f5b5
d7938fe9f0a1db964cddece748c293f441c00f08aa125cebc2f2734c379d9ad0

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /background-2.png HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:11 GMT
content-type: image/png
content-length: 587475
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "09e89a2c1f26b1b948ebfd8555e37625"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vfyPwmY8JjAuRa4UiHjkM8xpg3Y8ogJT034W90AVGtjD%2FPYbEEClo6CfiGXdY3UgtTWJxVBj2klfPBetQJqOKOzazPkbDg99rfLrlOT1VJtuDuT8TU1ACg3jLBvX6hdcGf7WR6GhYuRNxQz9nq2KZWGpNW5D%2FOuBowHTpB1fzI4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f09beb25685-OSL
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtag/js?id=UA-xxx-x

142.250.74.168

200 OK

71 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-xxx-x
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (1822)
Size
71 kB (70866 bytes)
Hash
d09d7012ace9ed561a48f0ff44e364c4
f03b2c4b261ed09eb0bf040bb93ca96d2968ab46
509dc7e2d51d9f533fcf6a00ad7356e9f382e7720149db56c36a66e25893ba9e

HTTP Headers

GET /gtag/js?id=UA-xxx-x HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 17:46:11 GMT
expires: Sat, 04 May 2024 17:46:11 GMT
cache-control: private, max-age=900
last-modified: Sat, 04 May 2024 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 70866
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

142.250.74.106

200 OK

8.6 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
gzip compressed data, max compression
Size
8.6 kB (8591 bytes)
Hash
446c5e11469f78f2ff47d5b323581431
e3a800adbcc847f725786eff807a8d61ba9543b1
49988a53964169d687e66ce07d6ee80197452cc23bdbfd0f358d3be06dcd6188

HTTP Headers

GET /css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 17:46:11 GMT
date: Sat, 04 May 2024 17:46:11 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

216.58.207.227

200 OK

7.8 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7816, version 1.0
Size
7.8 kB (7816 bytes)
Hash
25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

HTTP Headers

GET /s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:53:08 GMT
expires: Fri, 02 May 2025 01:53:08 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:00:32 GMT
content-type: font/woff2
age: 229983
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

216.58.207.227

200 OK

8.0 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 8000, version 1.0
Size
8.0 kB (8000 bytes)
Hash
72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

HTTP Headers

GET /s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 15:13:04 GMT
expires: Fri, 02 May 2025 15:13:04 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:00:59 GMT
content-type: font/woff2
age: 181987
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

xsecures214579523147645cdnjcnjvfjfj.pages.dev/alertms.mp3

188.114.96.1

200 OK

8.4 kB

URL GET HTTP/3
xsecures214579523147645cdnjcnjvfjfj.pages.dev/alertms.mp3
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type
Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 56 kbps, 44.1 kHz, Monaural
Size
8.4 kB (8405 bytes)
Hash
8618fbb0911e3b8fc96725dee8bfd81f
1bbcb78922946d0cf18fbf3a9e092e36453eb767
0589be7715d2320e559eae6bd26f3528e97450c70293da2e1e8ce45f77f99ab1

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /alertms.mp3 HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Range: bytes=0-
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:11 GMT
content-type: audio/mpeg
content-length: 8405
access-control-allow-origin: *
etag: "0825ebad9a641a19e1944426ffe4916e"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FVEbJuQ727%2BUFNVO4m2pCizporgo23o0%2Fw3M4E1mY6%2FWtCHKudpBlZ6njczhi0rxm6pak%2BjQ7EhaYWUKgRnkQOjms%2BKDsaN0GB%2BUdq1WNeZE4tD6NqWKWnpnupx9bLn%2BYtpjrtor1FnPCmWpdsVj5oLpEPkkcyQcCfQ8s5Mh1I0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f0e7fd85685-OSL
alt-svc: h3=":443"; ma=86400

xsecures214579523147645cdnjcnjvfjfj.pages.dev/warning.mp3

188.114.96.1

200 OK

600 kB

URL GET HTTP/3
xsecures214579523147645cdnjcnjvfjfj.pages.dev/warning.mp3
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type
Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 160 kbps, 44.1 kHz, Stereo
Size
600 kB (599923 bytes)
Hash
f3d32764e7a865c600257dd427f632aa
99a63e5585b7a749d313857364892c37fae3992b
ab536cbd2f47380112a48bd939ab21c024fcd41ad82dd665c13fa49b17fcb5e7

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /warning.mp3 HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Range: bytes=0-
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:11 GMT
content-type: audio/mpeg
content-length: 599923
access-control-allow-origin: *
etag: "bb6e4064f308359635ad0b6b8710d0e5"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4bGtMxLmJIblHeRz7kA0C6SKO2g40zRDemqKq%2FcmzUKfLKval8%2FYwUrC2FY7Ik7WiEsSUSBm7r3tr4CBEPvrb4Iz3p0qvz6Difs1P2zMoAm0pV1VibIuEWR5572VqF3p2XAOR5GKtJ38rl9QtHkG1CwyLTaoh6vteowiqBNbujo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f0e6fbc5685-OSL
alt-svc: h3=":443"; ma=86400

xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php

188.114.96.1

200 OK

1.0 kB

URL GET HTTP/3
xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type
PHP script, Unicode text, UTF-8 text
Size
1.0 kB (1000 bytes)
Hash
c1c79a3dbf20179512517a949e3d0c80
897c904d8a119287a52cb8d3abcaf2c086f8c7dc
f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:12 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Uj8nJks15ZEhRNitQEX0vMfoxg3vwSv1T5DM92sNO6RTEUE%2BQcGeykJbgRL3GdWtg7KFaiGBi0CdVWTbKOId4A6h9FePoWCP1rh3ksUwZ6Qs0PvzZGwtdQcbfYGhCG2%2F8FLV6ZoW0xQbSM8onfdNsBhukPPyWrHITdsgui2akM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f153a675685-OSL
alt-svc: h3=":443"; ma=86400

xsecures214579523147645cdnjcnjvfjfj.pages.dev/favicon.ico

188.114.96.1

200 OK

18 kB

URL GET HTTP/3
xsecures214579523147645cdnjcnjvfjfj.pages.dev/favicon.ico
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (688), with CRLF line terminators
Size
18 kB (18306 bytes)
Hash
512e81d9f168def1ddc98f3a4a30ae97
8c527554fc86a343ec0e9d65a7c91a3415b6010c
49292223685acb48f832c633123434488ab6acbc1239612cc804f8b028e12f7a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:11 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"ab33d055a320f2ae605df7b9d4967753"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YKn3n6bjw0scYR8TDVtl5amqqVUiOhRLBqQ0YobSWZXyMUAjwmxm59yUz7PgUHyEF%2FmNE2iAQ79BUgzYyGQps%2BoBk8Lo5rBX%2B8ECIBrKtWGeAVWTwmmAGty1ccXIkHKIz6X4dCkdAW6c7Pwgf9VSq3V%2FoJinEveODa0Vur12fc4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f0faa235685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

216.58.207.227

200 OK

7.7 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7748, version 1.0
Size
7.7 kB (7748 bytes)
Hash
a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

HTTP Headers

GET /s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 Apr 2024 03:25:26 GMT
expires: Wed, 30 Apr 2025 03:25:26 GMT
cache-control: public, max-age=31536000
age: 397247
last-modified: Fri, 22 Mar 2024 00:01:14 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php

188.114.96.1

200 OK

1.0 kB

URL GET HTTP/3
xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type
PHP script, Unicode text, UTF-8 text
Size
1.0 kB (1000 bytes)
Hash
c1c79a3dbf20179512517a949e3d0c80
897c904d8a119287a52cb8d3abcaf2c086f8c7dc
f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:13 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zV4jhB1JMjxBLX4x043BmDivohWWGmFADOSjLFX81WrawEVaKGjpf5XTP8QC4XU8WfgUWI4wExSIfSFrJao4A%2BZpzKt6yYIcdWa5DfHPT4tDic3b5piApHQY3TCalSWCfqq7A1O0LI5CDHKxAoKDPk0DIVq6IGIebdRlNFRAI4Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f1c1ce95685-OSL
alt-svc: h3=":443"; ma=86400

xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php

188.114.96.1

200 OK

1.0 kB

URL GET HTTP/3
xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type
PHP script, Unicode text, UTF-8 text
Size
1.0 kB (1000 bytes)
Hash
c1c79a3dbf20179512517a949e3d0c80
897c904d8a119287a52cb8d3abcaf2c086f8c7dc
f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:14 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZvYTNBrfSl1R5A2cBa4Ts7AZC%2F4FhO2SIEN4DU5lmzSXz%2BNG1JiWM16P3itI%2B%2B5WiD2wxkGeiezK3FeQSIbqbcu4RbPRv3J7uGt0s1%2BEhepJuUIj1JbGkIzgGHQDIYAQPfru%2Fc6eTB6ZgRwxrVzQQIrIBIrwuQgNrz2r2JesWnY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f22ff855685-OSL
alt-svc: h3=":443"; ma=86400

xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php

188.114.96.1

200 OK

1.0 kB

URL GET HTTP/3
xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type
PHP script, Unicode text, UTF-8 text
Size
1.0 kB (1000 bytes)
Hash
c1c79a3dbf20179512517a949e3d0c80
897c904d8a119287a52cb8d3abcaf2c086f8c7dc
f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:16 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x%2FMMlkZ5I%2F%2FE4OBxGyfQyFceuJ6zwBnXnTvB%2FivXUrZcECIhaGa5BXKMfE5AvI66IYaKTwtaYOvRmzxXMJDfmu4tGfdJ7dEANS97ENb99P2rP3EVAHbapVhz6YZ2XC%2F5WY57q5MQd4XfYhA9XMxbgXnU8liOc0dQ2EuvWQYSd8k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f29daab5685-OSL
alt-svc: h3=":443"; ma=86400

xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php

188.114.96.1

200 OK

1.0 kB

URL GET HTTP/3
xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type
PHP script, Unicode text, UTF-8 text
Size
1.0 kB (1000 bytes)
Hash
c1c79a3dbf20179512517a949e3d0c80
897c904d8a119287a52cb8d3abcaf2c086f8c7dc
f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:17 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TbMUyuyC3AVL3eWiCTs8QxiBF6RK%2BiPJQlgUa%2F6Dsh9lwqVSvwEmd%2FkGC%2F37pgYcKpRn11WmW0%2FysjQzzU0CJy%2FPa9mmzXKoArrpwbta2f9YuJM1omUnaKFH0FjT4LwT7mqJ3asAns86hPuN%2F7wZwAnUE69gd8yPg7JfHuhMPFc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f30cdba5685-OSL
alt-svc: h3=":443"; ma=86400

xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php

188.114.96.1

200 OK

1.0 kB

URL GET HTTP/3
xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type
PHP script, Unicode text, UTF-8 text
Size
1.0 kB (1000 bytes)
Hash
c1c79a3dbf20179512517a949e3d0c80
897c904d8a119287a52cb8d3abcaf2c086f8c7dc
f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:18 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BHNNPYAgt8ruXjqZd55n2KiDC0lTD3Gn%2BMdTASVYCquMhhLO9rxEgZ1W8LiC48DE%2BFo%2F573rkLL%2BWofZiEgE5ByhjrsYKdMnRMo55VWykxgq8fMm%2FDZBsud9uwcZh1oeYqDyIASsu%2BzF7ZmIR9YpHgslzF%2BU8ZHJpZ2Hq%2Fdp654%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f37a8625685-OSL
alt-svc: h3=":443"; ma=86400

xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php

188.114.96.1

200 OK

1.0 kB

URL GET HTTP/3
xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type
PHP script, Unicode text, UTF-8 text
Size
1.0 kB (1000 bytes)
Hash
c1c79a3dbf20179512517a949e3d0c80
897c904d8a119287a52cb8d3abcaf2c086f8c7dc
f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:19 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KaQkmEMbo%2Bhw1UuoJsjqCHy9IHOJL1GXW7fEYpmYNW2v4o%2B63tZq%2BGiHwfuDlPQgo%2FBJZn8jeIkkd50Y7%2FbEykLpOhZLJbpk8z7A8DM7wRER%2FIwi6Q1gphVF8LKA09%2FSogNk%2F5PmLA1Dnkbj%2BvyKNX6sv3vuhTzdm6gSo9oSbRs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f3e8d185685-OSL
alt-svc: h3=":443"; ma=86400

xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php

188.114.96.1

200 OK

1.0 kB

URL GET HTTP/3
xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type
PHP script, Unicode text, UTF-8 text
Size
1.0 kB (1000 bytes)
Hash
c1c79a3dbf20179512517a949e3d0c80
897c904d8a119287a52cb8d3abcaf2c086f8c7dc
f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:20 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ltbXufLdjnzAzzoX4ck9%2BpAHn2A4jcPGGPRmNWZucLRywjGMnKuXdOZf94kWso1iQ%2FdphLF8L%2B9l%2BkLAtPxpdNYzbkkHfNiwCjP6LyvzQGY8edxyZcLgXjA3L4OdmoL3wMls22NTJZGynf%2FqXA8psgZSy%2Fjy%2FDUXYm29dZs6EzA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f456f825685-OSL
alt-svc: h3=":443"; ma=86400

xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php

188.114.96.1

200 OK

1.0 kB

URL GET HTTP/3
xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type
PHP script, Unicode text, UTF-8 text
Size
1.0 kB (1000 bytes)
Hash
c1c79a3dbf20179512517a949e3d0c80
897c904d8a119287a52cb8d3abcaf2c086f8c7dc
f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:21 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XzXWtzdFsQn5ka2nUKHZ11CL7WOnW1AnhuMRC2p2v9ZrL7vBrayU8Cr07wo%2F5ts3QYTSzQFiSFjZcDTxCUsNsrIAOegVHn76LF6h%2B%2FFZJX7TktDGI1jMR1dtxDh5loQuR%2FbwVvJ76ACCA1aNdAys%2Fk5IlA217svwxQYfK2Nw1MA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f4c4a015685-OSL
alt-svc: h3=":443"; ma=86400

xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php

188.114.96.1

200 OK

1.0 kB

URL GET HTTP/3
xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type
PHP script, Unicode text, UTF-8 text
Size
1.0 kB (1000 bytes)
Hash
c1c79a3dbf20179512517a949e3d0c80
897c904d8a119287a52cb8d3abcaf2c086f8c7dc
f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:22 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1vl9BZf4dpNOQK4Eb3158NLmP3skHQqHiXcphsMn%2F7HJdhL7mmBfoPiOwDGBVLXaN4EFu0%2FgSpcB5NHM%2B8BVKJHahMJCpg2tp0iSiMbKJ%2BeSRVLyJY7VbEyLrAemILiVsbdopZdF1DNy73M3yTAQwgR9lPOB2H51FhkL34Nwy2s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f532e605685-OSL
alt-svc: h3=":443"; ma=86400

xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php

188.114.96.1

200 OK

1.0 kB

URL GET HTTP/3
xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type
PHP script, Unicode text, UTF-8 text
Size
1.0 kB (1000 bytes)
Hash
c1c79a3dbf20179512517a949e3d0c80
897c904d8a119287a52cb8d3abcaf2c086f8c7dc
f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:23 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U3lCkxHtvv1YQt%2BPZ4qH7Av0va%2BNWhntFGaXVe%2BlVc2Ckk0%2F4r3tc6eR4MC9XEc8nW6O7c3TyVZsUVkyyHbSWXNzwGb%2B579bLTOxWYvG4N%2BzoZxAcDmzQ%2FQrl6wDzBDQg2MeLLwxKYaSvSY2Imv0fPdGM5uDanLfp6cZ9Bxwk%2Fs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f5a1a115685-OSL
alt-svc: h3=":443"; ma=86400

xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php

188.114.96.1

200 OK

1.0 kB

URL GET HTTP/3
xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type
PHP script, Unicode text, UTF-8 text
Size
1.0 kB (1000 bytes)
Hash
c1c79a3dbf20179512517a949e3d0c80
897c904d8a119287a52cb8d3abcaf2c086f8c7dc
f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:24 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nwb7N39eflgkmHJANumTdFl%2FUxNMk%2BHh0SpvN6Fe4i6mghiNBIeDqODeJL6bEZWbKH2cx8CPNmyckr4ionDzTettYc8nFo7YTEYIWAfsG%2FT7%2BU5YDeAq0HFdCqeNM4xcZ7CqREvdb3EV4NtLzx%2BpV1O%2FwIuDZpe5rsea1KOnork%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f60fc4a5685-OSL
alt-svc: h3=":443"; ma=86400

xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php

188.114.96.1

200 OK

1.0 kB

URL GET HTTP/3
xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type
PHP script, Unicode text, UTF-8 text
Size
1.0 kB (1000 bytes)
Hash
c1c79a3dbf20179512517a949e3d0c80
897c904d8a119287a52cb8d3abcaf2c086f8c7dc
f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:25 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7rpwaBwayNkMTULHC%2BqrbJGCiuZHqOuALp3dZ98XfEEbhAxq2T5udJiVt90KXf12ssJFBSO2U5sYAJ%2Bf6TJZhbu424UBQ0iRhYgEHN70tqOdXSdSlSvKjzTaDcJpOfjnFy0vUMg1j2xCyqFoMQ3uEFLII6NbgfFchp9oIpJiPRI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f67deff5685-OSL
alt-svc: h3=":443"; ma=86400

xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php

188.114.96.1

200 OK

1.0 kB

URL GET HTTP/3
xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type
PHP script, Unicode text, UTF-8 text
Size
1.0 kB (1000 bytes)
Hash
c1c79a3dbf20179512517a949e3d0c80
897c904d8a119287a52cb8d3abcaf2c086f8c7dc
f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:27 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DkOHiFEpPSo%2BTWx62XVELieLqgmtUq2T4mfeRLSrpKy%2B5Yk1Ec6Udo4hookNi%2BauRv6XZ9JJrWvSAKjkzZLV0JyZhd6OXfIK3KH5b1h2WDhCt0QVlfMEnDhu8aIneu7TpKm7INc0ARTmo%2BnV46sVR7x2vCiHfUXNWdmuQFyIm4o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f6ebab35685-OSL
alt-svc: h3=":443"; ma=86400

maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0

104.18.10.207

200 OK

67 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
Web Open Font Format (Version 2), TrueType, length 66624, version 4.262
Size
67 kB (66624 bytes)
Hash
db812d8a70a4e88e888744c1c9a27e89
638c652d623280a58144f93e7b552c66d1667a11
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

HTTP Headers

GET /font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 04 May 2024 17:46:27 GMT
content-type: font/woff2
content-length: 66624
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "db812d8a70a4e88e888744c1c9a27e89"
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 10/31/2023 18:48:08
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 4ca3abf3637d39cc9a49fed17e6f7e63
cdn-cache: HIT
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87ea4f72eb861bfe-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php

188.114.96.1

200 OK

1.0 kB

URL GET HTTP/3
xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type
PHP script, Unicode text, UTF-8 text
Size
1.0 kB (1000 bytes)
Hash
c1c79a3dbf20179512517a949e3d0c80
897c904d8a119287a52cb8d3abcaf2c086f8c7dc
f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:28 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g780JW7M4v2%2F3r7V5TmAW%2FQMm9KjsQ3YYG2lC76VQVqyHYCQg2VExI884W7QKXrlwxxEVmOyK4BbM1KuLKQ3W4IQELKuE2mYQ6kWKeBOTeWC%2F16XPJwWNNqcOgkYJvFGgm7Qh1IOpKYwMyPg6hJ74W38HmZbPOynIWNKGqBWEDg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f75ae925685-OSL
alt-svc: h3=":443"; ma=86400

xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php

188.114.96.1

200 OK

1.0 kB

URL GET HTTP/3
xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type
PHP script, Unicode text, UTF-8 text
Size
1.0 kB (1000 bytes)
Hash
c1c79a3dbf20179512517a949e3d0c80
897c904d8a119287a52cb8d3abcaf2c086f8c7dc
f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:29 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QAgeR%2Flrat9nCafVpg214IRUy71MZ7TFs6qsKt3iNC5EHDGk9Fylx0Aqz7Bdi9BVnuYO%2F0v1LDRZsstIL8mm0wZwOXGI%2FHm0bSUhbZQ%2F1VcHD%2BlIYP0ftWJUpulw%2BYbU2eT%2BVkzwVeqf31koEtdxvxuheuI3JPcbdfQP8Bc7Zvg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f7c891c5685-OSL
alt-svc: h3=":443"; ma=86400

xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php

188.114.96.1

200 OK

1.0 kB

URL GET HTTP/3
xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type
PHP script, Unicode text, UTF-8 text
Size
1.0 kB (1000 bytes)
Hash
c1c79a3dbf20179512517a949e3d0c80
897c904d8a119287a52cb8d3abcaf2c086f8c7dc
f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:30 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PPPfzCu8W5o6X%2B1iV2BZK0fnD9Cf4lXXcxd4WrXLo%2FVn2OCKevgt%2BerzOoaLYvd%2BGn6161GE7rOLf77AcMzE9siXVcyhF1Swx5MIIGaT7rwhrts%2F4C4S3khxW2NhB6QN0WKSIJs0Ty%2BaQLGzGjYtFqcVeDR%2F7SXi5mfJyFT6dyI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f837dbf5685-OSL
alt-svc: h3=":443"; ma=86400

xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php

188.114.96.1

200 OK

1.0 kB

URL GET HTTP/3
xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type
PHP script, Unicode text, UTF-8 text
Size
1.0 kB (1000 bytes)
Hash
c1c79a3dbf20179512517a949e3d0c80
897c904d8a119287a52cb8d3abcaf2c086f8c7dc
f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:31 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YexFBmJPXkX0E8Tr%2FwCy8J4Fy74ItLe3HbsTBVSFc6kg%2F5ElAE8hp7kAkS3OIn98Xc1PYsvmI5taM4UPd0GH0Kw8qTQQ0Tdr6MozXzWeg5up7%2BlEG%2FVncPGorUAd2Y%2FZJMJ0xm7JfvjP2%2FST%2FhAi8%2BfRmcday8IWFDn7%2F8zA5tY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f8a3fd45685-OSL
alt-svc: h3=":443"; ma=86400

xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php

188.114.96.1

200 OK

1.0 kB

URL GET HTTP/3
xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type
PHP script, Unicode text, UTF-8 text
Size
1.0 kB (1000 bytes)
Hash
c1c79a3dbf20179512517a949e3d0c80
897c904d8a119287a52cb8d3abcaf2c086f8c7dc
f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:32 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HXZbQrNFGkXd9U9pcXYPDVbFcOuKBoY08Gjq9R6b9STQM6ZRHed4uY8kHcBUjSUeyrUHFpQDK8qhwQ1xzHCc2yR0KYmXwkGGdnFBdqsNHiRVQe8kC7Y1TpvFyWWpc91%2BZioNkFzlVNVc3U3Udl%2BQ%2FjZxfjFaAsOezKBQmYB%2FRl4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f912d115685-OSL
alt-svc: h3=":443"; ma=86400

xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php

188.114.96.1

200 OK

1.0 kB

URL GET HTTP/3
xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type
PHP script, Unicode text, UTF-8 text
Size
1.0 kB (1000 bytes)
Hash
c1c79a3dbf20179512517a949e3d0c80
897c904d8a119287a52cb8d3abcaf2c086f8c7dc
f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:33 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5u6eQ6GKcSdADDv4%2BfNEQ3d7IUJk9PhzumNhJ3hDtj1q7SNB5h%2B0S06CCJ%2BHynRX1nZX3IVcACcsiZ4iaO8NHlMkJsUr8mQ%2BMqLb49nIMAKfP7B%2BqlUx9lmzpR1w8qOcKiZZSXaJDGUYzoeRJeFQDFpKx1Geo8Tc7B4c6fs5qWI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f9808ea5685-OSL
alt-svc: h3=":443"; ma=86400

xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php

188.114.96.1

200 OK

1.0 kB

URL GET HTTP/3
xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type
PHP script, Unicode text, UTF-8 text
Size
1.0 kB (1000 bytes)
Hash
c1c79a3dbf20179512517a949e3d0c80
897c904d8a119287a52cb8d3abcaf2c086f8c7dc
f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:34 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ig61fvKEAVPW1uQl01S5cPDEao61mbTx31hoZV8imq0vmBz%2FHmMryGvoXiCsgmI%2BReFiIvrd0KJSnRxsn1u1h4GRePXEbdPzAYffexEFW6n4e1qSWz40x70EcPlgKMkDRW%2Fz6T9xkAlYHu9I%2FhARVEyFwUOaqwN0UHK8PPQAKYo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f9efcf95685-OSL
alt-svc: h3=":443"; ma=86400

xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php

188.114.96.1

200 OK

1.0 kB

URL GET HTTP/3
xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type
PHP script, Unicode text, UTF-8 text
Size
1.0 kB (1000 bytes)
Hash
c1c79a3dbf20179512517a949e3d0c80
897c904d8a119287a52cb8d3abcaf2c086f8c7dc
f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:35 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PQs5SR3Xkn%2FBl84yoXEO%2Bp%2BWiXke6AlA3ZkVKeHYxiwZ8n4ZigUFjce0e0Jq%2BLniorUIpmLTBsKQCtCm299x6e%2FMUmUe6Jk%2FWsClC8AN83nxda0EmS3tn3C%2BLB2p98e57811ItNITH0x3KvNobPt7IbMcdwWci0JESg7N%2BvYy8Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4fa5cf895685-OSL
alt-svc: h3=":443"; ma=86400

xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php

188.114.96.1

200 OK

1.0 kB

URL GET HTTP/3
xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type
PHP script, Unicode text, UTF-8 text
Size
1.0 kB (1000 bytes)
Hash
c1c79a3dbf20179512517a949e3d0c80
897c904d8a119287a52cb8d3abcaf2c086f8c7dc
f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:37 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xK0czCweCNyhmQzKAjp%2BiYtp6Oa9XZkxX8YSXmpc94a6BBap%2FRJvbLXSIMhV2tcdLi00XPVfCB2j4KH%2FYDyaTbJHe%2BfrM0WclaJ9dGOsVOx6PiG3YrU4VjWQ7KhmYsIl3mGckavvTpdGAs95ynL6T0zmnCd5ob%2BXwHB4TFZXlT0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4fad2b535685-OSL
alt-svc: h3=":443"; ma=86400

xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bc497791_v.css

188.114.96.1

200 OK

77 B

URL GET HTTP/3
xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bc497791_v.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type
ASCII text, with no line terminators
Size
77 B (77 bytes)
Hash
c224c9454434c12a965e5a8259325f5a
1dceb7ea37b52ac9b8d325b09017cf5f50e704f8
51f4ae19ea7fe7f228896adc341e0de545adf45b96bc5bd725f2f25e8ba0c402

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /5f205bc497791_v.css HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:10 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"f960d0bb61fc43a4e873d0368d7422a5"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DvDg34eqCyHhcXrOvwt8IPc2AcsOoaQFFY%2Bv5umVZsQ9O%2FFZWCsQZf8uUMP1SlZsfjyXdrwm%2FW2netIXJoOGEOFvX3i2r7RKqBYz1Ngw5zlt4XqzIQESxV6fodG7ef5ECge%2B8dJvHweZBTrbokVWM%2BSNQu1JwOt4%2F6qrFrS34%2Fw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f09beab5685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

216.58.207.227

200 OK

7.9 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 19:57:12 GMT
expires: Fri, 02 May 2025 19:57:12 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
content-type: font/woff2
age: 164939
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css

104.18.10.207

200 OK

160 kB

URL GET HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
ASCII text, with very long lines (65326)
Size
160 kB (160302 bytes)
Hash
816af0eddd3b4822c2756227c7e7b7ee
c470239d4c7db36d56dc3a74a080c62218c6edc4
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a

HTTP Headers

GET /bootstrap/4.5.2/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Origin: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 17:46:11 GMT
content-type: text/css; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"816af0eddd3b4822c2756227c7e7b7ee"
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
cdn-cachedat: 03/18/2024 12:45:42
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 865
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: e45b797f469006c9b0a5e1b8ef94f0c5
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87ea4f0a0eac1bfe-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js

104.18.10.207

200 OK

60 kB

URL GET HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
JavaScript source, ASCII text, with very long lines (59765)
Size
60 kB (60044 bytes)
Hash
02d223393e00c273efdcb1ade8f4f8b1
0cc93b8421d89c24a889642428b363cb831de78a
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582

HTTP Headers

GET /bootstrap/4.5.2/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Origin: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 17:46:10 GMT
content-type: application/javascript; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"02d223393e00c273efdcb1ade8f4f8b1"
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
cdn-cachedat: 03/25/2024 22:48:44
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1053
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: d8304aeb4f88689bb8cc8048fefd4c0c
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87ea4f09fe971bfe-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

xsecures214579523147645cdnjcnjvfjfj.pages.dev/img/anim_red.gif

188.114.96.1

200 OK

43 kB

URL GET HTTP/3
xsecures214579523147645cdnjcnjvfjfj.pages.dev/img/anim_red.gif
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type

Size
43 kB (42657 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /img/anim_red.gif HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:16 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"ab33d055a320f2ae605df7b9d4967753"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uyxu0Y5%2B70t%2BqwpQ%2B9qjcI3cHtMdaZB41Uoh7%2FXxPIBU4wVi%2FojwrRdOLNNFpznCU6IFwPhkLDBCWSIOSQeB%2BCtrip23kq6eU8Giu0QkSPNmc64gwqNTciC4cu6YGg9gdMAMQayph48udojOGLN7POLUbMr4gMmegZNQLZ%2B6%2Bw0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f2d48265685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

xsecures214579523147645cdnjcnjvfjfj.pages.dev/img/anim_orange.gif

188.114.96.1

200 OK

43 kB

URL GET HTTP/3
xsecures214579523147645cdnjcnjvfjfj.pages.dev/img/anim_orange.gif
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type

Size
43 kB (42657 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /img/anim_orange.gif HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:13 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"ab33d055a320f2ae605df7b9d4967753"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rSqD3gTCkYeydW4Y3J0cmx57hbP5e7S%2BbovmxY4kRNCHYF39SiEAjApOMrj9nITgW6P47I%2FCPU%2FspOP24IUp%2BNXCgTLqQwSLbVqXhq1hmwJ8nBSb9iTiDvumjvrZ8WGpZ%2B1MpD79Xc%2BJ5hKoQRZc7SSD1NRZ3EV6kqA2LN8NDuE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f1a8a7a5685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

xsecures214579523147645cdnjcnjvfjfj.pages.dev/

188.114.96.1

200 OK

43 kB

URL User Request GET HTTP/2
xsecures214579523147645cdnjcnjvfjfj.pages.dev/
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type

Size
43 kB (42657 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET / HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 17:46:10 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"ab33d055a320f2ae605df7b9d4967753"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6X6Y1iSo0I5O2sgS2T6eLxqjZeOwFG1FaJUloNzGjnjdEXUA6MqTqr9lP1p0Cdt58pqlGBVzm5xh5FQxhorB5j%2FxPdl%2FqjweEyFFfEI4oa7fAxyZ4ByKa8D3vJLjF8oGKY3sLVwoNiD1YPAao4kGRDFLdAgEAXUCauts4p4%2BxpY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f072aee0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bb74a5eb_v.css

188.114.96.1

200 OK

25 kB

URL GET HTTP/3
xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bb74a5eb_v.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev
FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB
ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT

File type
ASCII text, with CRLF line terminators
Size
25 kB (25100 bytes)
Hash
f91306edf4659f5a06180f788431c6ad
9742c6e636f9a339704598142088b22cfa399841
d7f23adb7bc2ab9f580a1717f97c8f8b89cdec79e0bba2bed4ce2a44d35174e3

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /5f205bb74a5eb_v.css HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:11 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"b91213050e39416ad014cdfbe5565958"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X2HmxsRMnphkwaSuavwyBq0fBuHmGPGipZt5N6DnrzMVR4oSARak6d927tiNjg2fTqR1erwhKkUFE1ZugbVhT9fuS1AEKNBwKvfwzD51hHJmR5QASYRF4Hi0NhmT0ICgCpUkpeFSG9eNlEdpPVL6%2B5f4ein2BEOXlhHsONS06qs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f09ae945685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

104.18.11.207

200 OK

28 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
ASCII text, with very long lines (27303)
Size
28 kB (27466 bytes)
Hash
4fbd15cb6047af93373f4f895639c8bf
12d6861075de8e293265ff6ff03b1f3adcb44c76
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

HTTP Headers

GET /font-awesome/4.5.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 17:46:10 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"4fbd15cb6047af93373f4f895639c8bf"
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 10/31/2023 18:58:32
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1047
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 9bd489b3b47817325036093612d128df
cdn-cache: HIT
cf-cache-status: HIT
age: 336860
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87ea4f09fcdd56c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (31)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML