| cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js | 104.17.25.14 | 200 OK | 27 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js IP104.17.25.14:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (32180) Hash7f9fb969ce353c5d77707836391eb28d 62c4042e9ebc691a5372d653b424512a561d1670 2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 17:46:10 GMT
content-type: application/javascript; charset=utf-8
content-length: 26660
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-14983"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 346769
expires: Thu, 24 Apr 2025 17:46:10 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9tSks8hz%2FOfM9LkJ8wGOY%2BPTqdMKcv0Owis5scpJaFFocOL%2F%2FVtLIi58%2B1KKAkO96N53Gmby%2BIR7zLjEy22HJtC9Ylbhj6dwJDJeXZCqSsk2lS0FAdMp0HEaM3iLsuCcl55SJonX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87ea4f0a0a6d0b51-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/froala-editor/2.8.5/css/froala_style.min.css | 104.17.25.14 | 200 OK | 1.4 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/froala-editor/2.8.5/css/froala_style.min.css IP104.17.25.14:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (7048) Hash8d4fba5186f02a0c4458986b0cf91667 785579011ecdda9e4754ca41649fa2fc06453b52 1cfc73a6db9523c12b6b7f5d009bed19c8799eed001f607bd891a1fd838b7739
GET /ajax/libs/froala-editor/2.8.5/css/froala_style.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 17:46:10 GMT
content-type: text/css; charset=utf-8
content-length: 1380
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e6a-1c28"
last-modified: Mon, 04 May 2020 16:10:18 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 333332
expires: Thu, 24 Apr 2025 17:46:10 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eb2%2B4yWANiJpCbbNGb9vUnNoZaLJXML%2BcaVZH%2BSIMr85FppnwP5BWw5Nhl2q7vJPX4Z8XeR72WhAqalhnyllwJFOFkkzDXyupddi6LzvTOUAgjhGjxTWVKzrjjBbGplc9S1s7rG5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87ea4f0a0a7d0b51-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| code.jquery.com/jquery-3.2.1.min.js | 151.101.194.137 | 200 OK | 30 kB |
URL GET HTTP/2code.jquery.com/jquery-3.2.1.min.js IP151.101.194.137:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerSectigo Limited Subject*.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (32058) Hashc9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
GET /jquery-3.2.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15283"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 May 2024 17:46:10 GMT
age: 9393337
x-served-by: cache-lga21971-LGA, cache-hel1410030-HEL
x-cache: HIT, HIT
x-cache-hits: 29, 352559
x-timer: S1714844771.899226,VS0,VE0
vary: Accept-Encoding
content-length: 30125
X-Firefox-Spdy: h2
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bba58587_v.png | 188.114.96.1 | 200 OK | 128 B |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bba58587_v.png IP188.114.96.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePNG image data, 12 x 12, 8-bit/color RGB, non-interlaced Hash0bb86caf792dd7d24731c18cd37bb68e dda1e433a0eaf785b2aa2c6214d5e48cb82a3a25 2ac27821ba64d645f36e2ad197492d30c11b10a032cc474554679555f4604622
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /5f205bba58587_v.png HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:10 GMT
content-type: image/png
content-length: 128
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "716018fe568eb003c2e5c767a6744f01"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qEbD7WPkjsWHktkpIh1cWW6IFjG7oeWtnKY7NcTvHvoboWedTgukqsr1DtT2IrJNaSM7kNxHUnzIyK1fe%2FsvzsyoROsd43GlG4PGDkLiRlWh7oFSXDqZ9TrPqdPFvJOig0w8GPinPkkPy8RTIk6YkpKXw1D0%2FL1t%2F0dREkssa80%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f09beb75685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/microsoft.jpg | 188.114.96.1 | 200 OK | 2.0 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/microsoft.jpg IP188.114.96.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 47x46, components 3 Hash513307d24832cc64115e69c57dd4f69a ba2e4718f5dec696d5e1e9ab95361f5dfb337f23 f70249b342aecd9e3d2367aea39df606e92562f9d7945ad8849b36cd3e3a85a1
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /microsoft.jpg HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:10 GMT
content-type: image/jpeg
content-length: 2004
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "2fb10ecfbac7eb44dcf7cd10a0e04aff"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rD2Anlobr1x1W4JN%2BLsgqm4sW%2BxgCFCO66EtS1UdGuz22NWw3V4gcNHVnOC4MYiXt92jOz4Smo0bZSYU3xbDCrbXi6W2qSItHB5ghQw8yLOh3JvU2MCaN43y1iIJLOHs1Jw73mE8hOF%2FgR1tepfbq%2BiDRRL9rwrvpLTHATs8pro%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f09beae5685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bbbf25aa_v.gif | 188.114.96.1 | 200 OK | 1.5 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bbbf25aa_v.gif IP188.114.96.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typeGIF image data, version 89a, 80 x 65 Hash0d3c4efabb6072ec3312574009be3ef8 02d319a4e46538bcadcc5122883e1a0c3e94c123 45a676a0eb476e7706e0187d975b612f51f3bb4c26596f991d55f5e68fbef3e3
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /5f205bbbf25aa_v.gif HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:10 GMT
content-type: image/gif
content-length: 1506
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "b79fc93a137bdb4771a1c52124efac77"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U2RN5akYn4BNDAP9TbMIfUUIw%2B3%2BNDPXuLRdZ%2FaKztvdkqi97VsUQPgxJbTY6077f%2BbxEHrSX63XKObbgrRKHOq4EU%2FGX6X%2F%2F3zZzVJv13WRVLHaRrgaLE0rKs1FXV23KLdWo%2FWxShMcqOTAV9jdNKlOo%2FOUOR3%2FW7qAmaWTOf4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f09bec05685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bb63ccd2_v.css | 188.114.96.1 | 200 OK | 0 B |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bb63ccd2_v.css IP188.114.96.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /5f205bb63ccd2_v.css HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:10 GMT
content-type: text/css; charset=utf-8
content-length: 0
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "9e7a27539226d700e116522ee435029d"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EQAnhBI3%2BsARSbSF46gZk55K5lGq5Rxlca186%2FGGniOBU4HrR%2FCPnikpTaRCNVSdEzihW6by24EB7hD1%2BRr7Se156Kx50N%2FwR%2BdMeAB6RWD5GspOHurENDvAO6hIR17hFUrnJ9uModOIeJaO9HQnl5vImnnk0wiwP%2BJi6bMfFgQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f09bea85685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/microsoft.png | 188.114.96.1 | 200 OK | 1.0 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/microsoft.png IP188.114.96.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePNG image data, 47 x 46, 8-bit/color RGBA, non-interlaced Hashbf2b460590fbb9d8e9611a6e9006b816 561e1dab259d61e798b3ce380527b71b61074ff3 ee4bc5fe81fa7c1e8497d79c9c8a96485df217092d334e9b48fa8840fed11d03
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /microsoft.png HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:10 GMT
content-type: image/png
content-length: 1045
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "784ab5e987249ef1422816edc26a250f"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ddbVK7xH4T7YkWuWbGuUYPyRVZLlnbH9D%2FmYMq0tTmjuOVmozuuySl54inCZsm4lWx59MQBKnyYaPi5fLWWI6B6tvX5ZOJiz5%2FP6vUhR6b6cfTkp%2BMtsklieMcN8zMpgecS7cZXqQGzpQqPnugqRrXyOU1OXhfRSu6T9s69NH1Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f09beb65685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bbb6fc7d_v.gif | 188.114.96.1 | 200 OK | 102 B |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bbb6fc7d_v.gif IP188.114.96.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typeGIF image data, version 89a, 24 x 9 Hashef14d57c065fdbd3c66d017a729ca91f 2e7b72d674361a9c2b41767ccfbed2486e6695dd 6fcbfcda8a36536a0f9b0bc8c4a6ca451d9bafd4a879d56697e48e209691ba36
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /5f205bbb6fc7d_v.gif HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:10 GMT
content-type: image/gif
content-length: 102
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "40e933c6110bf926e3aed6bfee33acd0"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fq3kWl61%2BOv0krgnGjznGvuHD7IGq6pdquzpKVaeb%2BC4AG7IQRymPg1QkcXUC82WKgeCpu%2Br%2FyRfv2YM98TinkcmGDkZ%2F3dRvCF2Rspjj%2Bizc0oej%2BKqy%2BQK74cA6JKSueflYPNJYetiE3ykLXzKbMcF09MxgD4VQcv6VdA31cY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f09bebf5685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bbc8a6e3_v.gif | 188.114.96.1 | 200 OK | 1.5 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bbc8a6e3_v.gif IP188.114.96.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typeGIF image data, version 89a, 65 x 80 Hashaf52e51f42fd0c55bc3cf2c8ece71492 016f83da68ff461a5c6aebcc2a45668317b2f24c e91f304cf7409723968740e6363dda01b50acb8e94b5ca05b4a4617666ff095c
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /5f205bbc8a6e3_v.gif HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:10 GMT
content-type: image/gif
content-length: 1547
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "e07c4b56e0330a7ab00e21f12e7b8fef"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JCDzHykwCYSxCWnuCeiqkIIgvxdgJCjMCkZmUAOJfmjPDK9L4LoJRSQ9uAe0thmE1Y7HmagdqfR%2BamNXQxs2aDfNNfFVdBJa2UiUeD2gVElserjHltJ4lU1Iy1JFes7bU%2BvLWiw0AGRWhDL7IcUHb%2FD%2FDeXFMt6V5D4YGkupaPU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f09ced55685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bbece31e_v.gif | 188.114.96.1 | 200 OK | 1.5 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bbece31e_v.gif IP188.114.96.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typeGIF image data, version 89a, 30 x 29 Hash1834c112f6e54f620d2ef8f8c037d450 b911b12717fc708c9418b4a2a0d72f79c5c53be3 81a5f62c155d307316d16a11e5a907a99fcfa3f70dce41d01d9f65518206734e
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /5f205bbece31e_v.gif HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:10 GMT
content-type: image/gif
content-length: 1509
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "c0bc1a0dbe7f469d69d4170c9fa8e4f9"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U%2BdyfhG%2FsEHPR6DPS7exag50NzpBQ8D3XTumonvxwuV9okGf%2BwIFuQ9bkAtoQaPoI0riOlghYcMxiWM%2FLSmde6fliWVZCEyW61QNb%2F0pU9Zus1YRbItTtmcldQ4QvfqBnCHCef569elH7wtZZqEncPEAyXnAZYsVsthydytfkBE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f09dede5685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bbf6a050_v.gif | 188.114.96.1 | 200 OK | 1.2 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bbf6a050_v.gif IP188.114.96.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typeGIF image data, version 89a, 29 x 29 Hash6d0c71ad95c413318e0946960a597318 297fa9d7797afcb90cb49adb045b673672b360ec f2b1758e4d68018096355641f5e7163b0df07efc85e9c3513e51949a75c0446d
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /5f205bbf6a050_v.gif HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:11 GMT
content-type: image/gif
content-length: 1245
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "e4530ea5a667f71ac649973679e32073"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P8UFLMvUKL2s02CRlPTX7tKPCKSQrnQeRMJeW9vnOWw9VHmq57dzhOD%2FBi46HZ4ry9lXwh64h0ZX6zFs2tNulN5aMOtiNn00D%2F4nc0GF8taD8WHfuAfh5kHKecT0Iu%2FY8%2BCRskrSHpZzxA8%2FvFwyosrqU70fHeH%2FKVE3U1Sw0Wg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f09deff5685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bc2c1b4b_v.gif | 188.114.96.1 | 200 OK | 234 B |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bc2c1b4b_v.gif IP188.114.96.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typeGIF image data, version 89a, 16 x 16 Hash9ce99ec458daf212f9812a90f3fadd13 9e3041bc91b79a17b52e0fbb6c2d0e2f905d98a1 b0d335401c9fd5fac9991ec92edaf7865ff3a491ebe390120936c69796c3b753
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /5f205bc2c1b4b_v.gif HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:11 GMT
content-type: image/gif
content-length: 234
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "77658f49c3237c43feb1f812a11dc45b"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CFezd80KPJEf4drZeo7oqj2HeWXINYsBFSqp10eSu86EAg3mzIZ6ge8%2FZ8WSNC3H5bUUhm3l%2Fa0v1D4JeT3GeETGtEnIuqkDH1cjyMkKvzCxuNS%2F0JUejBYx6UzYjNFeOUFFDzjxPWMV1fGUjFLRUr6QU16Oe4QMZneeKfYaDFo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f09df085685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/minus.png | 188.114.96.1 | 200 OK | 945 B |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/minus.png IP188.114.96.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced Hashe6eb3d938f3ebebd85c71307b38a3bf3 387223165f8e86f861a09adb1e3c10a8f2ec7006 2b6c8e23b2a2c49ac71393cb3e1740b7e2fccaa310ee06b68ca27b693d133f8e
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /minus.png HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:11 GMT
content-type: image/png
content-length: 945
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "715a3a123fc024df0a9f0d171386bebc"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2JP1pDTvHX%2F5MWEB2fIYwQW9qqcqPx7kt3DBxTcdXoNvQlhu6A9xlu80llkrzRlwTikeVUdRr30iONppuS86f22MAcxp59MSjWHXXmk%2BFup99rkytdXAubfhdqd%2FRLm974n3QW05VLwncGkc5KTz4%2F6Sa0SuEyRBVxlyfjuIo%2F0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f09beb15685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bc2379ac_v.gif | 188.114.96.1 | 200 OK | 377 B |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bc2379ac_v.gif IP188.114.96.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typeGIF image data, version 89a, 16 x 16 Hashc10bdec858cb0cf9e6cc5865d5925746 697c095ed5509e5a5af0c5ebf2380662aeffc531 b65b47a79e32335d9ca35ff59c6975d2b5808f84da0db88d11ce777b33e72ad9
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /5f205bc2379ac_v.gif HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:11 GMT
content-type: image/gif
content-length: 377
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "9f6c72ab1272f4bbadf6b026cfcf0490"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9BE1RKVdaNhAwFXIcorqRQsPaR5z6Dy5YVDGOFOEEZgmN1NTS2mIl6CA%2BbziLnpDhXUYjN91bTk%2Bv5xFipm7SGkDAvWFZ6d%2Fh5ELN0YOsW2477BMXiwXT1fcgQTiqsIVOaJTvlERphxn%2FdRP2Azj3pJwVV0%2FjWV5B54RCouUSKc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f09df035685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bbae3ed9_v.png | 188.114.96.1 | 200 OK | 349 B |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bbae3ed9_v.png IP188.114.96.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePNG image data, 13 x 13, 8-bit/color RGB, non-interlaced Hash7454c652e0733d92de6c920c2d646ae0 34a5bd8c7401f95e346895b0e5ccffbf0e9ad638 44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /5f205bbae3ed9_v.png HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:11 GMT
content-type: image/png
content-length: 349
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "0d6dd742fc1124fe244e6f4f212155f3"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DjHWCZpy5VoeQPVRY%2F8Bc1NwCh%2FEMU6NXu9PZB%2B5qFSSQ8lTB7Br3bPaAzA4QWwxSbcrVI1TuEaRiWi8mJFbXXeSW89r805Um52MgQYkHXV3mOnsMwOWBswNrf%2F0k5vAG32yVtpKG766p7ZaTjdPJ%2FJaYdomAWFF9%2BEHqiPejDs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f09bebc5685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bc00090f_v.gif | 188.114.96.1 | 200 OK | 949 B |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bc00090f_v.gif IP188.114.96.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typeGIF image data, version 89a, 78 x 68 Hashda9d153375da51a616a7663f1504e3a5 bd81fe60fe017bfe79be8c1afed88b659ff166d9 9bb88049c3d3f3c172d97246fa148bb725e727847c37e28c3be156be240a0c04
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /5f205bc00090f_v.gif HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:11 GMT
content-type: image/gif
content-length: 949
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "f783fbbf25820b1a0be467bd6ce995fe"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fts3lQlQwxHVkTle5N6jQt9uTuJoy9PJ3Mq0Os6eaBu7%2F3wVuYqo%2Fuhv3FDs2AvBHWRjSCHjnRlg1BK%2FWT0FRxscBuZ3WUg3O3i%2FIX1QlBQARAEaPWcZMYIapbDHRDC4JTLknbYmjF6DKoNSqR%2FYPMHyncYHo%2BJRFoj6MaUuX44%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f09ced95685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bbe46967_v.png | 188.114.96.1 | 200 OK | 293 B |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bbe46967_v.png IP188.114.96.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePNG image data, 12 x 12, 8-bit/color RGB, non-interlaced Hash9eb68d2ce05c151bda542a7a6356e22c baeeefe4a7ac657c10a5f081841015de1bcf90dd 2d2b7040bc32b397c3c60d800de9aa7d86404f1874862eba61bdaa21f1523eb7
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /5f205bbe46967_v.png HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:11 GMT
content-type: image/png
content-length: 293
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "50d567cbc4ca65349c78e08b48e4ce01"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X1OhK4GF1LYlZBTaPIuEpJqu9HW7KujJwOgjZLKlsDQvqtqx1YfnuCwmK2DbMhtRo%2BySSeZR6MWJiho13lN2bYH0p9%2BpLMWo7tJsfM10iqdo6%2BoRiUEcdGpo3YkLdCyo1KqJsEWoMVFLRySvurM0RK8Y9NB9g48TcDozERSelF0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f09beb85685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bb9bf55a_v.gif | 188.114.96.1 | 200 OK | 1.8 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bb9bf55a_v.gif IP188.114.96.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typeGIF image data, version 89a, 120 x 97 Hash8806694db55d271b6c836433d103afcd a532ae846499ffa93bd6ed8baafcbdabb2cc8da1 989f955c24583be00defab08c4cf80b17fe4c12756686359367144f0506eb8b8
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /5f205bb9bf55a_v.gif HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:11 GMT
content-type: image/gif
content-length: 1776
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "e6f4b8a850008864fc4699371ab48e7a"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bYMt9uOHdxU6J%2B2MgOlyMORV5GXT%2FPITQGrdpSpjfnCR6YLZD9oPG2LqxkJlBcRMJ1oQOlis%2FdRlEFijny5HB4EK1fSeCY%2FVHMi8bWfNYKCJX1H0WUDFVyWLIm%2B9dFpB0hOPZuQYvDXtISiSw%2BzD86nmy21sLGzm51gDTQTWcZA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f09bebe5685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bc1a74d5_v.gif | 188.114.96.1 | 200 OK | 69 B |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bc1a74d5_v.gif IP188.114.96.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typeGIF image data, version 89a, 16 x 16 Hash3ae573d079dcd1d2da4086f2c0c72c45 e7c9dabec81379373476ed23168dcecb9b8c56aa 9cce08ab28e94790cf78c87e37f8690acbc6c535e4b43ae7b38506b94538e107
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /5f205bc1a74d5_v.gif HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:11 GMT
content-type: image/gif
content-length: 69
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "aaf6c5e1ac9ac320bede916158ed5d07"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KHlgdJiYGF4qE7MYb0l22VsbmRuclKvQca%2BKi8WVNfrNNWgHStV5Fg8ra8wt8BpmXua51xzLdy9wowc057K8GtB2PNMhv0GOkJr3D3yQE7dLx2UT6EiiGRSUen%2FGj8ABKYN8GZy6NgMILquEQ7YAfoN3Mmc8PHeDMoHyI0sRbt4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f09df005685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bbdae210_v.png | 188.114.96.1 | 200 OK | 364 B |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bbdae210_v.png IP188.114.96.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePNG image data, 12 x 12, 8-bit/color RGB, non-interlaced Hashe144c3378090087c8ce129a30cb6cb4e 59da5466551de941d0215e45c54aa2ceaf436be1 b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /5f205bbdae210_v.png HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:11 GMT
content-type: image/png
content-length: 364
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ee63d8b934f54cf7e606ebae2b4bfcf6"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8kMHt4%2BZvr7qikOuNBPDVPJqmaij44VHDOzclfsd2Jrj%2BdqoPV7R%2FRnYPHSMqcUM0Q%2Bl7JWTZkX0mY1BLnbdMYwP3ZFCHQyVHtmlzHlfkR%2BGQGkT%2F17Z%2BJvaX%2FLylHm6l5x1gjQw05pb%2Byelo82VoiAK95WLbMsN6ZVoZv8c9cM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f09bebb5685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/cut.png | 188.114.96.1 | 200 OK | 1.2 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/cut.png IP188.114.96.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced Hashe526e4ff50594a6c4a5d05c18474d6e7 705609a2bd21c1e3e13666451c75d2c51436c83e d25cf2403704d5208d662af4ef703d424cedeac253a43a1aec6e60e0db43837f
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /cut.png HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:11 GMT
content-type: image/png
content-length: 1192
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "0d27498074b71cae952cc8068bce9007"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SxEhPYt3sWpwKEm1cmLmClfQ2RsG%2F3KhGKuv50WGC1FNnXDUzq%2F5QLp7ljhji7gGrUp%2BdOzTvkpehmgbW96D9J5rr1J4cVEuzPXCfpEPH5vvdSDzzMvLaGDII5tAKzIqPHAIzrLZYWhVWZlVSLZdHDmRlx%2F7%2BRDorMxXNwmVuVM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f09beaf5685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/background-2.png | 188.114.96.1 | 200 OK | 588 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/background-2.png IP188.114.96.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePNG image data, 3024 x 1964, 8-bit colormap, non-interlaced Size588 kB (587475 bytes) Hashd25c772bd50627bb5ccb5382a6b1a572 79fe73d3cbb6ff86c2168d7e306a92d7bb75f5b5 d7938fe9f0a1db964cddece748c293f441c00f08aa125cebc2f2734c379d9ad0
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /background-2.png HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:11 GMT
content-type: image/png
content-length: 587475
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "09e89a2c1f26b1b948ebfd8555e37625"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vfyPwmY8JjAuRa4UiHjkM8xpg3Y8ogJT034W90AVGtjD%2FPYbEEClo6CfiGXdY3UgtTWJxVBj2klfPBetQJqOKOzazPkbDg99rfLrlOT1VJtuDuT8TU1ACg3jLBvX6hdcGf7WR6GhYuRNxQz9nq2KZWGpNW5D%2FOuBowHTpB1fzI4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f09beb25685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtag/js?id=UA-xxx-x | 142.250.74.168 | 200 OK | 71 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=UA-xxx-x IP142.250.74.168:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (1822) Hashd09d7012ace9ed561a48f0ff44e364c4 f03b2c4b261ed09eb0bf040bb93ca96d2968ab46 509dc7e2d51d9f533fcf6a00ad7356e9f382e7720149db56c36a66e25893ba9e
GET /gtag/js?id=UA-xxx-x HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 17:46:11 GMT
expires: Sat, 04 May 2024 17:46:11 GMT
cache-control: private, max-age=900
last-modified: Sat, 04 May 2024 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 70866
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap | 142.250.74.106 | 200 OK | 8.6 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap IP142.250.74.106:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hash446c5e11469f78f2ff47d5b323581431 e3a800adbcc847f725786eff807a8d61ba9543b1 49988a53964169d687e66ce07d6ee80197452cc23bdbfd0f358d3be06dcd6188
GET /css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 17:46:11 GMT
date: Sat, 04 May 2024 17:46:11 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 | 216.58.207.227 | 200 OK | 7.8 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 IP216.58.207.227:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7816, version 1.0 Hash25b0e113ca7cce3770d542736db26368 cb726212d5d525021752a1d8470a0fb593e0c49e 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:53:08 GMT
expires: Fri, 02 May 2025 01:53:08 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:00:32 GMT
content-type: font/woff2
age: 229983
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 | 216.58.207.227 | 200 OK | 8.0 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 IP216.58.207.227:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 8000, version 1.0 Hash72993dddf88a63e8f226656f7de88e57 179f97ec0275f09603a8db94d4380eb584d81cd5 f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 15:13:04 GMT
expires: Fri, 02 May 2025 15:13:04 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:00:59 GMT
content-type: font/woff2
age: 181987
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/alertms.mp3 | 188.114.96.1 | 200 OK | 8.4 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/alertms.mp3 IP188.114.96.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typeAudio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 56 kbps, 44.1 kHz, Monaural Hash8618fbb0911e3b8fc96725dee8bfd81f 1bbcb78922946d0cf18fbf3a9e092e36453eb767 0589be7715d2320e559eae6bd26f3528e97450c70293da2e1e8ce45f77f99ab1
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /alertms.mp3 HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Range: bytes=0-
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:11 GMT
content-type: audio/mpeg
content-length: 8405
access-control-allow-origin: *
etag: "0825ebad9a641a19e1944426ffe4916e"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FVEbJuQ727%2BUFNVO4m2pCizporgo23o0%2Fw3M4E1mY6%2FWtCHKudpBlZ6njczhi0rxm6pak%2BjQ7EhaYWUKgRnkQOjms%2BKDsaN0GB%2BUdq1WNeZE4tD6NqWKWnpnupx9bLn%2BYtpjrtor1FnPCmWpdsVj5oLpEPkkcyQcCfQ8s5Mh1I0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f0e7fd85685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/warning.mp3 | 188.114.96.1 | 200 OK | 600 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/warning.mp3 IP188.114.96.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typeAudio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 160 kbps, 44.1 kHz, Stereo Size600 kB (599923 bytes) Hashf3d32764e7a865c600257dd427f632aa 99a63e5585b7a749d313857364892c37fae3992b ab536cbd2f47380112a48bd939ab21c024fcd41ad82dd665c13fa49b17fcb5e7
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /warning.mp3 HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Range: bytes=0-
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:11 GMT
content-type: audio/mpeg
content-length: 599923
access-control-allow-origin: *
etag: "bb6e4064f308359635ad0b6b8710d0e5"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4bGtMxLmJIblHeRz7kA0C6SKO2g40zRDemqKq%2FcmzUKfLKval8%2FYwUrC2FY7Ik7WiEsSUSBm7r3tr4CBEPvrb4Iz3p0qvz6Difs1P2zMoAm0pV1VibIuEWR5572VqF3p2XAOR5GKtJ38rl9QtHkG1CwyLTaoh6vteowiqBNbujo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f0e6fbc5685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php | 188.114.96.1 | 200 OK | 1.0 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php IP188.114.96.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePHP script, Unicode text, UTF-8 text Hashc1c79a3dbf20179512517a949e3d0c80 897c904d8a119287a52cb8d3abcaf2c086f8c7dc f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:12 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Uj8nJks15ZEhRNitQEX0vMfoxg3vwSv1T5DM92sNO6RTEUE%2BQcGeykJbgRL3GdWtg7KFaiGBi0CdVWTbKOId4A6h9FePoWCP1rh3ksUwZ6Qs0PvzZGwtdQcbfYGhCG2%2F8FLV6ZoW0xQbSM8onfdNsBhukPPyWrHITdsgui2akM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f153a675685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/favicon.ico | 188.114.96.1 | 200 OK | 18 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/favicon.ico IP188.114.96.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (688), with CRLF line terminators Hash512e81d9f168def1ddc98f3a4a30ae97 8c527554fc86a343ec0e9d65a7c91a3415b6010c 49292223685acb48f832c633123434488ab6acbc1239612cc804f8b028e12f7a
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /favicon.ico HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:11 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"ab33d055a320f2ae605df7b9d4967753"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YKn3n6bjw0scYR8TDVtl5amqqVUiOhRLBqQ0YobSWZXyMUAjwmxm59yUz7PgUHyEF%2FmNE2iAQ79BUgzYyGQps%2BoBk8Lo5rBX%2B8ECIBrKtWGeAVWTwmmAGty1ccXIkHKIz6X4dCkdAW6c7Pwgf9VSq3V%2FoJinEveODa0Vur12fc4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f0faa235685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 | 216.58.207.227 | 200 OK | 7.7 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 IP216.58.207.227:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7748, version 1.0 Hasha09f2fccfee35b7247b08a1a266f0328 0da2d17e738f46d2a09e6fb7969da451719a9820 cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 Apr 2024 03:25:26 GMT
expires: Wed, 30 Apr 2025 03:25:26 GMT
cache-control: public, max-age=31536000
age: 397247
last-modified: Fri, 22 Mar 2024 00:01:14 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php | 188.114.96.1 | 200 OK | 1.0 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php IP188.114.96.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePHP script, Unicode text, UTF-8 text Hashc1c79a3dbf20179512517a949e3d0c80 897c904d8a119287a52cb8d3abcaf2c086f8c7dc f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:13 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zV4jhB1JMjxBLX4x043BmDivohWWGmFADOSjLFX81WrawEVaKGjpf5XTP8QC4XU8WfgUWI4wExSIfSFrJao4A%2BZpzKt6yYIcdWa5DfHPT4tDic3b5piApHQY3TCalSWCfqq7A1O0LI5CDHKxAoKDPk0DIVq6IGIebdRlNFRAI4Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f1c1ce95685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php | 188.114.96.1 | 200 OK | 1.0 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php IP188.114.96.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePHP script, Unicode text, UTF-8 text Hashc1c79a3dbf20179512517a949e3d0c80 897c904d8a119287a52cb8d3abcaf2c086f8c7dc f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:14 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZvYTNBrfSl1R5A2cBa4Ts7AZC%2F4FhO2SIEN4DU5lmzSXz%2BNG1JiWM16P3itI%2B%2B5WiD2wxkGeiezK3FeQSIbqbcu4RbPRv3J7uGt0s1%2BEhepJuUIj1JbGkIzgGHQDIYAQPfru%2Fc6eTB6ZgRwxrVzQQIrIBIrwuQgNrz2r2JesWnY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f22ff855685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php | 188.114.96.1 | 200 OK | 1.0 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php IP188.114.96.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePHP script, Unicode text, UTF-8 text Hashc1c79a3dbf20179512517a949e3d0c80 897c904d8a119287a52cb8d3abcaf2c086f8c7dc f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:16 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x%2FMMlkZ5I%2F%2FE4OBxGyfQyFceuJ6zwBnXnTvB%2FivXUrZcECIhaGa5BXKMfE5AvI66IYaKTwtaYOvRmzxXMJDfmu4tGfdJ7dEANS97ENb99P2rP3EVAHbapVhz6YZ2XC%2F5WY57q5MQd4XfYhA9XMxbgXnU8liOc0dQ2EuvWQYSd8k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f29daab5685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php | 188.114.96.1 | 200 OK | 1.0 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php IP188.114.96.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePHP script, Unicode text, UTF-8 text Hashc1c79a3dbf20179512517a949e3d0c80 897c904d8a119287a52cb8d3abcaf2c086f8c7dc f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:17 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TbMUyuyC3AVL3eWiCTs8QxiBF6RK%2BiPJQlgUa%2F6Dsh9lwqVSvwEmd%2FkGC%2F37pgYcKpRn11WmW0%2FysjQzzU0CJy%2FPa9mmzXKoArrpwbta2f9YuJM1omUnaKFH0FjT4LwT7mqJ3asAns86hPuN%2F7wZwAnUE69gd8yPg7JfHuhMPFc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f30cdba5685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php | 188.114.96.1 | 200 OK | 1.0 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php IP188.114.96.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePHP script, Unicode text, UTF-8 text Hashc1c79a3dbf20179512517a949e3d0c80 897c904d8a119287a52cb8d3abcaf2c086f8c7dc f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:18 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BHNNPYAgt8ruXjqZd55n2KiDC0lTD3Gn%2BMdTASVYCquMhhLO9rxEgZ1W8LiC48DE%2BFo%2F573rkLL%2BWofZiEgE5ByhjrsYKdMnRMo55VWykxgq8fMm%2FDZBsud9uwcZh1oeYqDyIASsu%2BzF7ZmIR9YpHgslzF%2BU8ZHJpZ2Hq%2Fdp654%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f37a8625685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php | 188.114.96.1 | 200 OK | 1.0 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php IP188.114.96.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePHP script, Unicode text, UTF-8 text Hashc1c79a3dbf20179512517a949e3d0c80 897c904d8a119287a52cb8d3abcaf2c086f8c7dc f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:19 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KaQkmEMbo%2Bhw1UuoJsjqCHy9IHOJL1GXW7fEYpmYNW2v4o%2B63tZq%2BGiHwfuDlPQgo%2FBJZn8jeIkkd50Y7%2FbEykLpOhZLJbpk8z7A8DM7wRER%2FIwi6Q1gphVF8LKA09%2FSogNk%2F5PmLA1Dnkbj%2BvyKNX6sv3vuhTzdm6gSo9oSbRs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f3e8d185685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php | 188.114.96.1 | 200 OK | 1.0 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php IP188.114.96.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePHP script, Unicode text, UTF-8 text Hashc1c79a3dbf20179512517a949e3d0c80 897c904d8a119287a52cb8d3abcaf2c086f8c7dc f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:20 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ltbXufLdjnzAzzoX4ck9%2BpAHn2A4jcPGGPRmNWZucLRywjGMnKuXdOZf94kWso1iQ%2FdphLF8L%2B9l%2BkLAtPxpdNYzbkkHfNiwCjP6LyvzQGY8edxyZcLgXjA3L4OdmoL3wMls22NTJZGynf%2FqXA8psgZSy%2Fjy%2FDUXYm29dZs6EzA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f456f825685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php | 188.114.96.1 | 200 OK | 1.0 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php IP188.114.96.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePHP script, Unicode text, UTF-8 text Hashc1c79a3dbf20179512517a949e3d0c80 897c904d8a119287a52cb8d3abcaf2c086f8c7dc f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:21 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XzXWtzdFsQn5ka2nUKHZ11CL7WOnW1AnhuMRC2p2v9ZrL7vBrayU8Cr07wo%2F5ts3QYTSzQFiSFjZcDTxCUsNsrIAOegVHn76LF6h%2B%2FFZJX7TktDGI1jMR1dtxDh5loQuR%2FbwVvJ76ACCA1aNdAys%2Fk5IlA217svwxQYfK2Nw1MA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f4c4a015685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php | 188.114.96.1 | 200 OK | 1.0 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php IP188.114.96.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePHP script, Unicode text, UTF-8 text Hashc1c79a3dbf20179512517a949e3d0c80 897c904d8a119287a52cb8d3abcaf2c086f8c7dc f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:22 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1vl9BZf4dpNOQK4Eb3158NLmP3skHQqHiXcphsMn%2F7HJdhL7mmBfoPiOwDGBVLXaN4EFu0%2FgSpcB5NHM%2B8BVKJHahMJCpg2tp0iSiMbKJ%2BeSRVLyJY7VbEyLrAemILiVsbdopZdF1DNy73M3yTAQwgR9lPOB2H51FhkL34Nwy2s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f532e605685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php | 188.114.96.1 | 200 OK | 1.0 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php IP188.114.96.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePHP script, Unicode text, UTF-8 text Hashc1c79a3dbf20179512517a949e3d0c80 897c904d8a119287a52cb8d3abcaf2c086f8c7dc f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:23 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U3lCkxHtvv1YQt%2BPZ4qH7Av0va%2BNWhntFGaXVe%2BlVc2Ckk0%2F4r3tc6eR4MC9XEc8nW6O7c3TyVZsUVkyyHbSWXNzwGb%2B579bLTOxWYvG4N%2BzoZxAcDmzQ%2FQrl6wDzBDQg2MeLLwxKYaSvSY2Imv0fPdGM5uDanLfp6cZ9Bxwk%2Fs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f5a1a115685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php | 188.114.96.1 | 200 OK | 1.0 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php IP188.114.96.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePHP script, Unicode text, UTF-8 text Hashc1c79a3dbf20179512517a949e3d0c80 897c904d8a119287a52cb8d3abcaf2c086f8c7dc f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:24 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nwb7N39eflgkmHJANumTdFl%2FUxNMk%2BHh0SpvN6Fe4i6mghiNBIeDqODeJL6bEZWbKH2cx8CPNmyckr4ionDzTettYc8nFo7YTEYIWAfsG%2FT7%2BU5YDeAq0HFdCqeNM4xcZ7CqREvdb3EV4NtLzx%2BpV1O%2FwIuDZpe5rsea1KOnork%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f60fc4a5685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php | 188.114.96.1 | 200 OK | 1.0 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php IP188.114.96.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePHP script, Unicode text, UTF-8 text Hashc1c79a3dbf20179512517a949e3d0c80 897c904d8a119287a52cb8d3abcaf2c086f8c7dc f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:25 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7rpwaBwayNkMTULHC%2BqrbJGCiuZHqOuALp3dZ98XfEEbhAxq2T5udJiVt90KXf12ssJFBSO2U5sYAJ%2Bf6TJZhbu424UBQ0iRhYgEHN70tqOdXSdSlSvKjzTaDcJpOfjnFy0vUMg1j2xCyqFoMQ3uEFLII6NbgfFchp9oIpJiPRI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f67deff5685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php | 188.114.96.1 | 200 OK | 1.0 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php IP188.114.96.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePHP script, Unicode text, UTF-8 text Hashc1c79a3dbf20179512517a949e3d0c80 897c904d8a119287a52cb8d3abcaf2c086f8c7dc f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:27 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DkOHiFEpPSo%2BTWx62XVELieLqgmtUq2T4mfeRLSrpKy%2B5Yk1Ec6Udo4hookNi%2BauRv6XZ9JJrWvSAKjkzZLV0JyZhd6OXfIK3KH5b1h2WDhCt0QVlfMEnDhu8aIneu7TpKm7INc0ARTmo%2BnV46sVR7x2vCiHfUXNWdmuQFyIm4o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f6ebab35685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0 | 104.18.10.207 | 200 OK | 67 kB |
URL GET HTTP/2maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0 IP104.18.10.207:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 66624, version 4.262 Hashdb812d8a70a4e88e888744c1c9a27e89 638c652d623280a58144f93e7b552c66d1667a11 ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
GET /font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 17:46:27 GMT
content-type: font/woff2
content-length: 66624
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "db812d8a70a4e88e888744c1c9a27e89"
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 10/31/2023 18:48:08
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 4ca3abf3637d39cc9a49fed17e6f7e63
cdn-cache: HIT
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87ea4f72eb861bfe-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php | 188.114.96.1 | 200 OK | 1.0 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php IP188.114.96.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePHP script, Unicode text, UTF-8 text Hashc1c79a3dbf20179512517a949e3d0c80 897c904d8a119287a52cb8d3abcaf2c086f8c7dc f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:28 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g780JW7M4v2%2F3r7V5TmAW%2FQMm9KjsQ3YYG2lC76VQVqyHYCQg2VExI884W7QKXrlwxxEVmOyK4BbM1KuLKQ3W4IQELKuE2mYQ6kWKeBOTeWC%2F16XPJwWNNqcOgkYJvFGgm7Qh1IOpKYwMyPg6hJ74W38HmZbPOynIWNKGqBWEDg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f75ae925685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php | 188.114.96.1 | 200 OK | 1.0 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php IP188.114.96.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePHP script, Unicode text, UTF-8 text Hashc1c79a3dbf20179512517a949e3d0c80 897c904d8a119287a52cb8d3abcaf2c086f8c7dc f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:29 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QAgeR%2Flrat9nCafVpg214IRUy71MZ7TFs6qsKt3iNC5EHDGk9Fylx0Aqz7Bdi9BVnuYO%2F0v1LDRZsstIL8mm0wZwOXGI%2FHm0bSUhbZQ%2F1VcHD%2BlIYP0ftWJUpulw%2BYbU2eT%2BVkzwVeqf31koEtdxvxuheuI3JPcbdfQP8Bc7Zvg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f7c891c5685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php | 188.114.96.1 | 200 OK | 1.0 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php IP188.114.96.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePHP script, Unicode text, UTF-8 text Hashc1c79a3dbf20179512517a949e3d0c80 897c904d8a119287a52cb8d3abcaf2c086f8c7dc f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:30 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PPPfzCu8W5o6X%2B1iV2BZK0fnD9Cf4lXXcxd4WrXLo%2FVn2OCKevgt%2BerzOoaLYvd%2BGn6161GE7rOLf77AcMzE9siXVcyhF1Swx5MIIGaT7rwhrts%2F4C4S3khxW2NhB6QN0WKSIJs0Ty%2BaQLGzGjYtFqcVeDR%2F7SXi5mfJyFT6dyI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f837dbf5685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php | 188.114.96.1 | 200 OK | 1.0 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php IP188.114.96.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePHP script, Unicode text, UTF-8 text Hashc1c79a3dbf20179512517a949e3d0c80 897c904d8a119287a52cb8d3abcaf2c086f8c7dc f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:31 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YexFBmJPXkX0E8Tr%2FwCy8J4Fy74ItLe3HbsTBVSFc6kg%2F5ElAE8hp7kAkS3OIn98Xc1PYsvmI5taM4UPd0GH0Kw8qTQQ0Tdr6MozXzWeg5up7%2BlEG%2FVncPGorUAd2Y%2FZJMJ0xm7JfvjP2%2FST%2FhAi8%2BfRmcday8IWFDn7%2F8zA5tY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f8a3fd45685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php | 188.114.96.1 | 200 OK | 1.0 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php IP188.114.96.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePHP script, Unicode text, UTF-8 text Hashc1c79a3dbf20179512517a949e3d0c80 897c904d8a119287a52cb8d3abcaf2c086f8c7dc f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:32 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HXZbQrNFGkXd9U9pcXYPDVbFcOuKBoY08Gjq9R6b9STQM6ZRHed4uY8kHcBUjSUeyrUHFpQDK8qhwQ1xzHCc2yR0KYmXwkGGdnFBdqsNHiRVQe8kC7Y1TpvFyWWpc91%2BZioNkFzlVNVc3U3Udl%2BQ%2FjZxfjFaAsOezKBQmYB%2FRl4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f912d115685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php | 188.114.96.1 | 200 OK | 1.0 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php IP188.114.96.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePHP script, Unicode text, UTF-8 text Hashc1c79a3dbf20179512517a949e3d0c80 897c904d8a119287a52cb8d3abcaf2c086f8c7dc f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:33 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5u6eQ6GKcSdADDv4%2BfNEQ3d7IUJk9PhzumNhJ3hDtj1q7SNB5h%2B0S06CCJ%2BHynRX1nZX3IVcACcsiZ4iaO8NHlMkJsUr8mQ%2BMqLb49nIMAKfP7B%2BqlUx9lmzpR1w8qOcKiZZSXaJDGUYzoeRJeFQDFpKx1Geo8Tc7B4c6fs5qWI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f9808ea5685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php | 188.114.96.1 | 200 OK | 1.0 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php IP188.114.96.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePHP script, Unicode text, UTF-8 text Hashc1c79a3dbf20179512517a949e3d0c80 897c904d8a119287a52cb8d3abcaf2c086f8c7dc f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:34 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ig61fvKEAVPW1uQl01S5cPDEao61mbTx31hoZV8imq0vmBz%2FHmMryGvoXiCsgmI%2BReFiIvrd0KJSnRxsn1u1h4GRePXEbdPzAYffexEFW6n4e1qSWz40x70EcPlgKMkDRW%2Fz6T9xkAlYHu9I%2FhARVEyFwUOaqwN0UHK8PPQAKYo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f9efcf95685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php | 188.114.96.1 | 200 OK | 1.0 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php IP188.114.96.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePHP script, Unicode text, UTF-8 text Hashc1c79a3dbf20179512517a949e3d0c80 897c904d8a119287a52cb8d3abcaf2c086f8c7dc f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:35 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PQs5SR3Xkn%2FBl84yoXEO%2Bp%2BWiXke6AlA3ZkVKeHYxiwZ8n4ZigUFjce0e0Jq%2BLniorUIpmLTBsKQCtCm299x6e%2FMUmUe6Jk%2FWsClC8AN83nxda0EmS3tn3C%2BLB2p98e57811ItNITH0x3KvNobPt7IbMcdwWci0JESg7N%2BvYy8Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4fa5cf895685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php | 188.114.96.1 | 200 OK | 1.0 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php IP188.114.96.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePHP script, Unicode text, UTF-8 text Hashc1c79a3dbf20179512517a949e3d0c80 897c904d8a119287a52cb8d3abcaf2c086f8c7dc f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:37 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xK0czCweCNyhmQzKAjp%2BiYtp6Oa9XZkxX8YSXmpc94a6BBap%2FRJvbLXSIMhV2tcdLi00XPVfCB2j4KH%2FYDyaTbJHe%2BfrM0WclaJ9dGOsVOx6PiG3YrU4VjWQ7KhmYsIl3mGckavvTpdGAs95ynL6T0zmnCd5ob%2BXwHB4TFZXlT0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4fad2b535685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bc497791_v.css | 188.114.96.1 | 200 OK | 77 B |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bc497791_v.css IP188.114.96.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typeASCII text, with no line terminators Hashc224c9454434c12a965e5a8259325f5a 1dceb7ea37b52ac9b8d325b09017cf5f50e704f8 51f4ae19ea7fe7f228896adc341e0de545adf45b96bc5bd725f2f25e8ba0c402
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /5f205bc497791_v.css HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:10 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"f960d0bb61fc43a4e873d0368d7422a5"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DvDg34eqCyHhcXrOvwt8IPc2AcsOoaQFFY%2Bv5umVZsQ9O%2FFZWCsQZf8uUMP1SlZsfjyXdrwm%2FW2netIXJoOGEOFvX3i2r7RKqBYz1Ngw5zlt4XqzIQESxV6fodG7ef5ECge%2B8dJvHweZBTrbokVWM%2BSNQu1JwOt4%2F6qrFrS34%2Fw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f09beab5685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 | 216.58.207.227 | 200 OK | 7.9 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 IP216.58.207.227:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7884, version 1.0 Hash9212f6f9860f9fc6c69b02fedf6db8c3 ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 19:57:12 GMT
expires: Fri, 02 May 2025 19:57:12 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
content-type: font/woff2
age: 164939
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css | 104.18.10.207 | 200 OK | 160 kB |
URL GET HTTP/2stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css IP104.18.10.207:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeASCII text, with very long lines (65326) Size160 kB (160302 bytes) Hash816af0eddd3b4822c2756227c7e7b7ee c470239d4c7db36d56dc3a74a080c62218c6edc4 5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
GET /bootstrap/4.5.2/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Origin: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 17:46:11 GMT
content-type: text/css; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"816af0eddd3b4822c2756227c7e7b7ee"
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
cdn-cachedat: 03/18/2024 12:45:42
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 865
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: e45b797f469006c9b0a5e1b8ef94f0c5
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87ea4f0a0eac1bfe-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js | 104.18.10.207 | 200 OK | 60 kB |
URL GET HTTP/2stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js IP104.18.10.207:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeJavaScript source, ASCII text, with very long lines (59765) Hash02d223393e00c273efdcb1ade8f4f8b1 0cc93b8421d89c24a889642428b363cb831de78a 79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
GET /bootstrap/4.5.2/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Origin: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 17:46:10 GMT
content-type: application/javascript; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"02d223393e00c273efdcb1ade8f4f8b1"
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
cdn-cachedat: 03/25/2024 22:48:44
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1053
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: d8304aeb4f88689bb8cc8048fefd4c0c
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87ea4f09fe971bfe-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/img/anim_red.gif | 188.114.96.1 | 200 OK | 43 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/img/anim_red.gif IP188.114.96.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /img/anim_red.gif HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:16 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"ab33d055a320f2ae605df7b9d4967753"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uyxu0Y5%2B70t%2BqwpQ%2B9qjcI3cHtMdaZB41Uoh7%2FXxPIBU4wVi%2FojwrRdOLNNFpznCU6IFwPhkLDBCWSIOSQeB%2BCtrip23kq6eU8Giu0QkSPNmc64gwqNTciC4cu6YGg9gdMAMQayph48udojOGLN7POLUbMr4gMmegZNQLZ%2B6%2Bw0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f2d48265685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/img/anim_orange.gif | 188.114.96.1 | 200 OK | 43 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/img/anim_orange.gif IP188.114.96.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /img/anim_orange.gif HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:13 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"ab33d055a320f2ae605df7b9d4967753"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rSqD3gTCkYeydW4Y3J0cmx57hbP5e7S%2BbovmxY4kRNCHYF39SiEAjApOMrj9nITgW6P47I%2FCPU%2FspOP24IUp%2BNXCgTLqQwSLbVqXhq1hmwJ8nBSb9iTiDvumjvrZ8WGpZ%2B1MpD79Xc%2BJ5hKoQRZc7SSD1NRZ3EV6kqA2LN8NDuE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f1a8a7a5685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/ | 188.114.96.1 | 200 OK | 43 kB |
URL User Request GET HTTP/2xsecures214579523147645cdnjcnjvfjfj.pages.dev/ IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET / HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 17:46:10 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"ab33d055a320f2ae605df7b9d4967753"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6X6Y1iSo0I5O2sgS2T6eLxqjZeOwFG1FaJUloNzGjnjdEXUA6MqTqr9lP1p0Cdt58pqlGBVzm5xh5FQxhorB5j%2FxPdl%2FqjweEyFFfEI4oa7fAxyZ4ByKa8D3vJLjF8oGKY3sLVwoNiD1YPAao4kGRDFLdAgEAXUCauts4p4%2BxpY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f072aee0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bb74a5eb_v.css | 188.114.96.1 | 200 OK | 25 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bb74a5eb_v.css IP188.114.96.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typeASCII text, with CRLF line terminators Hashf91306edf4659f5a06180f788431c6ad 9742c6e636f9a339704598142088b22cfa399841 d7f23adb7bc2ab9f580a1717f97c8f8b89cdec79e0bba2bed4ce2a44d35174e3
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /5f205bb74a5eb_v.css HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 17:46:11 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"b91213050e39416ad014cdfbe5565958"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X2HmxsRMnphkwaSuavwyBq0fBuHmGPGipZt5N6DnrzMVR4oSARak6d927tiNjg2fTqR1erwhKkUFE1ZugbVhT9fuS1AEKNBwKvfwzD51hHJmR5QASYRF4Hi0NhmT0ICgCpUkpeFSG9eNlEdpPVL6%2B5f4ein2BEOXlhHsONS06qs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4f09ae945685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css | 104.18.11.207 | 200 OK | 28 kB |
URL GET HTTP/2maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css IP104.18.11.207:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeASCII text, with very long lines (27303) Hash4fbd15cb6047af93373f4f895639c8bf 12d6861075de8e293265ff6ff03b1f3adcb44c76 ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
GET /font-awesome/4.5.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 17:46:10 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"4fbd15cb6047af93373f4f895639c8bf"
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 10/31/2023 18:58:32
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1047
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 9bd489b3b47817325036093612d128df
cdn-cache: HIT
cf-cache-status: HIT
age: 336860
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87ea4f09fcdd56c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|