Report - secure-login-keeslerfuc.pages.dev/robots.txt

Report Overview

Submitted URL
secure-login-keeslerfuc.pages.dev/robots.txt
IP
172.66.47.129
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-09 01:20:24
Access
public
Website Title
Keesler Federal
Final URL
secure-login-keeslerfuc.pages.dev/robots.txt
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
38

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
secure-login-keeslerfuc.pages.dev	unknown	unknown	No data	No data	9.2 kB	770 kB	172.66.44.127
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-08	551 B	17 kB	142.250.74.99

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-09	medium	secure-login-keeslerfuc.pages.dev	Sinkholed
2024-05-09	medium	secure-login-keeslerfuc.pages.dev	Sinkholed
2024-05-09	medium	secure-login-keeslerfuc.pages.dev	Sinkholed
2024-05-09	medium	secure-login-keeslerfuc.pages.dev	Sinkholed
2024-05-09	medium	secure-login-keeslerfuc.pages.dev	Sinkholed
2024-05-09	medium	secure-login-keeslerfuc.pages.dev	Sinkholed
2024-05-09	medium	secure-login-keeslerfuc.pages.dev	Sinkholed
2024-05-09	medium	secure-login-keeslerfuc.pages.dev	Sinkholed
2024-05-09	medium	secure-login-keeslerfuc.pages.dev	Sinkholed
2024-05-09	medium	secure-login-keeslerfuc.pages.dev	Sinkholed
2024-05-09	medium	secure-login-keeslerfuc.pages.dev	Sinkholed
2024-05-09	medium	secure-login-keeslerfuc.pages.dev	Sinkholed
2024-05-09	medium	secure-login-keeslerfuc.pages.dev	Sinkholed
2024-05-09	medium	secure-login-keeslerfuc.pages.dev	Sinkholed
2024-05-09	medium	secure-login-keeslerfuc.pages.dev	Sinkholed
2024-05-09	medium	secure-login-keeslerfuc.pages.dev	Sinkholed
2024-05-09	medium	secure-login-keeslerfuc.pages.dev	Sinkholed
2024-05-09	medium	secure-login-keeslerfuc.pages.dev	Sinkholed
2024-05-09	medium	secure-login-keeslerfuc.pages.dev	Sinkholed

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (20)

URL IP Response Size

secure-login-keeslerfuc.pages.dev/css/font-icons.css

172.66.44.127

200 OK

43 kB

URL GET HTTP/3
secure-login-keeslerfuc.pages.dev/css/font-icons.css
IP
172.66.44.127:443
ASN
#13335 CLOUDFLARENET

Requested by
https://secure-login-keeslerfuc.pages.dev/robots.txt
Certificate
IssuerLet's Encrypt
Subjectsecure-login-keeslerfuc.pages.dev
Fingerprint2D:3A:7C:FB:45:5F:39:39:AE:24:D0:3A:72:B2:7E:FF:8E:F7:B9:D0
ValidityWed, 08 May 2024 15:39:07 GMT - Tue, 06 Aug 2024 15:39:06 GMT

File type
ASCII text
Size
43 kB (43318 bytes)
Hash
1a5d68c1034b27069a47f79e90c35775
b05f852596b06fc19de48adff0cd977f0324c5d0
b732cce907baa80850c8857d858358284883f9ea9b7239fc6a5ed6e7eaa9b5b1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/font-icons.css HTTP/1.1
Host: secure-login-keeslerfuc.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://secure-login-keeslerfuc.pages.dev/robots.txt
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 01:19:59 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"d8b2af67a6988296423039e29e7fb2e5"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pMaSGogxK360kLjKsWNJkgh5ocqUp9PIHBIlUWjhqCZrn21s3Uh%2Bu%2FrUqLRvH6cL99PbuMvc2EZEnbom3wH8x8q%2FpHUGsHIMSQ9HsAwh6eq%2B07kD0qapE6wHkvihNq0kuEj5wSvP%2BuCxBGSRt5BoW63djqk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880ddd4ddc2356b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

secure-login-keeslerfuc.pages.dev/Alkami.woff2

172.66.44.127

200 OK

42 kB

URL GET HTTP/3
secure-login-keeslerfuc.pages.dev/Alkami.woff2
IP
172.66.44.127:443
ASN
#13335 CLOUDFLARENET

Requested by
https://secure-login-keeslerfuc.pages.dev/robots.txt
Certificate
IssuerLet's Encrypt
Subjectsecure-login-keeslerfuc.pages.dev
Fingerprint2D:3A:7C:FB:45:5F:39:39:AE:24:D0:3A:72:B2:7E:FF:8E:F7:B9:D0
ValidityWed, 08 May 2024 15:39:07 GMT - Tue, 06 Aug 2024 15:39:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 41960, version 1.0
Size
42 kB (41960 bytes)
Hash
52cad9764bad2f9d90208c91a7c5e847
6179e764e760b16d8b8ac30b9251ce2311b83dd1
4e2bcd3f2e35e841bece706f0426cc746ac77cfd2148ea365ce05eebd5124a45

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /Alkami.woff2 HTTP/1.1
Host: secure-login-keeslerfuc.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://secure-login-keeslerfuc.pages.dev/css/font-icons.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 01:20:00 GMT
content-length: 41960
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "5783a176049ca972e916d2afb31f85dd"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MLURlmgPf8AJa%2BsT%2FA6WTEPj6Y0XlKQ3E%2FJh%2BzAu0uM2onhaRViQ5V8oDl%2Bz8H5R78FBeFpSllHv1YOvxe616hR8211N2yrulvPm3lfZN4iMXltPWUACsSAS7WyDPmLvLst%2F9U10%2BiVeb0TtceB%2FjSedSzo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880ddd506d4c56b9-OSL
alt-svc: h3=":443"; ma=86400

secure-login-keeslerfuc.pages.dev/css/iris-foundation.min.css

172.66.44.127

200 OK

23 kB

URL GET HTTP/3
secure-login-keeslerfuc.pages.dev/css/iris-foundation.min.css
IP
172.66.44.127:443
ASN
#13335 CLOUDFLARENET

Requested by
https://secure-login-keeslerfuc.pages.dev/robots.txt
Certificate
IssuerLet's Encrypt
Subjectsecure-login-keeslerfuc.pages.dev
Fingerprint2D:3A:7C:FB:45:5F:39:39:AE:24:D0:3A:72:B2:7E:FF:8E:F7:B9:D0
ValidityWed, 08 May 2024 15:39:07 GMT - Tue, 06 Aug 2024 15:39:06 GMT

File type
ASCII text, with very long lines (50964)
Size
23 kB (22794 bytes)
Hash
b8c864cda1f61ea4ffc57ba52f038a41
5c8784412d182c24f931531629a9bcf1455e9e76
f6fca06e2aac270b488f73bcf0a10d249e2722a015135e60dbb49360c5335a72

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/iris-foundation.min.css HTTP/1.1
Host: secure-login-keeslerfuc.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://secure-login-keeslerfuc.pages.dev/robots.txt
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 01:19:59 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"30510574fe9f3330128f6ef8cc58e173"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CaZY8LyHnilKg%2BSH0OCJ74phoTVbd2fU3fH4AwiYBBMoHDRNMQQg6D8XwC9sRzm4%2BnSEPu7x3T%2FvBXtmMaPDK4tixD2E4%2FlBo%2BWbQJucYPOrqZVlkKLFxgPZUxdYwXcI%2BWAbwTsoyEYbTk0IyuaCPfFFAgQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880ddd4ddc2f56b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

secure-login-keeslerfuc.pages.dev/css/iris-components.shim.mobile.min.css

172.66.44.127

200 OK

10 kB

URL GET HTTP/3
secure-login-keeslerfuc.pages.dev/css/iris-components.shim.mobile.min.css
IP
172.66.44.127:443
ASN
#13335 CLOUDFLARENET

Requested by
https://secure-login-keeslerfuc.pages.dev/robots.txt
Certificate
IssuerLet's Encrypt
Subjectsecure-login-keeslerfuc.pages.dev
Fingerprint2D:3A:7C:FB:45:5F:39:39:AE:24:D0:3A:72:B2:7E:FF:8E:F7:B9:D0
ValidityWed, 08 May 2024 15:39:07 GMT - Tue, 06 Aug 2024 15:39:06 GMT

File type
ASCII text, with very long lines (687)
Size
10 kB (10007 bytes)
Hash
60dde7c37106236fae3bcc06ffa35849
7e09219b5ad0c81acf07aff53c0d6bd24318d4d8
a0ed31680bc7f4621bdc1189abb0930e6e3213c00920003c0c7bd766e1d06e09

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/iris-components.shim.mobile.min.css HTTP/1.1
Host: secure-login-keeslerfuc.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://secure-login-keeslerfuc.pages.dev/robots.txt
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 01:19:59 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"cb8dcecaf349a854f35f350196a1bcc5"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i%2B5XXi8HHWsCV7IVCE2M8IvmSJgZ5avojzH1x3SxdSsDZ5v3WGlelxOePicwzQ9HS565WRnI%2FKVd3JVQatHUcYm29TQS%2BdhXV2i%2Ble64gD7CmU%2F7DmXxm9ovf17%2B0MptdVKnOca%2Bb3vmLp%2BLZnd3nwWRG8g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880ddd4ddc3256b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

secure-login-keeslerfuc.pages.dev/css/iris.shim.mobile.min.css

172.66.44.127

200 OK

6.0 kB

URL GET HTTP/3
secure-login-keeslerfuc.pages.dev/css/iris.shim.mobile.min.css
IP
172.66.44.127:443
ASN
#13335 CLOUDFLARENET

Requested by
https://secure-login-keeslerfuc.pages.dev/robots.txt
Certificate
IssuerLet's Encrypt
Subjectsecure-login-keeslerfuc.pages.dev
Fingerprint2D:3A:7C:FB:45:5F:39:39:AE:24:D0:3A:72:B2:7E:FF:8E:F7:B9:D0
ValidityWed, 08 May 2024 15:39:07 GMT - Tue, 06 Aug 2024 15:39:06 GMT

File type
ASCII text, with very long lines (557)
Size
6.0 kB (5982 bytes)
Hash
2b495c471e337eac5d280f5519c6fc53
285689d6b41833ced6b63a3f82892d2901d4039b
06dee56fb4e2677948bc2f6ce7e20e9900e3c7431843ae3d9c9d975ff03889a7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/iris.shim.mobile.min.css HTTP/1.1
Host: secure-login-keeslerfuc.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://secure-login-keeslerfuc.pages.dev/robots.txt
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 01:19:59 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"5ce5269d454ada57aaf907d09110fd78"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uMbrnui4KSfXOEE%2BV4oVYtyIJoEiZ7NqEfh8o%2BCgg3iw0c58ZYbibotx7UZ8DrbJ1w83pGfunDzkTWAWpKv5sgaL0EVK8m%2FUGkEVpE3YzDCFME203PuWO7bxmBdbI4bwZdIz0aeqnvI51GsCAVKEdI9VKG8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880ddd4ddc2d56b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

secure-login-keeslerfuc.pages.dev/robots.txt

172.66.44.127

200 OK

25 kB

URL User Request GET HTTP/2
secure-login-keeslerfuc.pages.dev/robots.txt
IP
172.66.44.127:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectsecure-login-keeslerfuc.pages.dev
Fingerprint2D:3A:7C:FB:45:5F:39:39:AE:24:D0:3A:72:B2:7E:FF:8E:F7:B9:D0
ValidityWed, 08 May 2024 15:39:07 GMT - Tue, 06 Aug 2024 15:39:06 GMT

File type

Size
25 kB (24942 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /robots.txt HTTP/1.1
Host: secure-login-keeslerfuc.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 01:19:59 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"10eec588f43dcdb5e918762d18eefadd"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wwYcdvnQJRmLMOwhnSBcR7Z16y6Sa1Z0xEBWFobRhK3crhfvXWpkCRGRwr2HgUAkFjMvc8qAvtHP7wnxgQR7FNbv8xhSKqgpImgZiFkgsZWr%2BghvptihD6MzJUE1hUWi2FqxrC3lCfSdRRyOSa0hmtsEoR8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880ddd4a8e247128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

secure-login-keeslerfuc.pages.dev/isotope.min.css

172.66.44.127

200 OK

15 kB

URL GET HTTP/3
secure-login-keeslerfuc.pages.dev/isotope.min.css
IP
172.66.44.127:443
ASN
#13335 CLOUDFLARENET

Requested by
https://secure-login-keeslerfuc.pages.dev/robots.txt
Certificate
IssuerLet's Encrypt
Subjectsecure-login-keeslerfuc.pages.dev
Fingerprint2D:3A:7C:FB:45:5F:39:39:AE:24:D0:3A:72:B2:7E:FF:8E:F7:B9:D0
ValidityWed, 08 May 2024 15:39:07 GMT - Tue, 06 Aug 2024 15:39:06 GMT

File type
ASCII text, with very long lines (5626)
Size
15 kB (14601 bytes)
Hash
709d01e56ec1c87ebac53ddc1a294eeb
e4049e62eecd6b499a4d12a2965aa68d016c3e50
8a46fcf51f11418130adafc88cf7833f90f9d1e5cb000cf9d7554ecf463978f6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /isotope.min.css HTTP/1.1
Host: secure-login-keeslerfuc.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://secure-login-keeslerfuc.pages.dev/robots.txt
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 01:19:59 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"552897eb38e845c5b43f5a6b90e3d242"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ucezaf2wEoU1B2ZfcZkcUU4%2FRqpJvL92QxXZYBr8V%2BCRL433BI6jxW7eYGQeCqIwGLrjAg0AuLbTObAjha9lsGCRrD3wpTQhH8SL6uTtvwN8d9zNU8npV9eIhVTm7K%2FtEmehibGpKJHr4DLymhFn6j3gUTM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880ddd4dec3656b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

secure-login-keeslerfuc.pages.dev/MobileLogo.png

172.66.44.127

200 OK

35 kB

URL GET HTTP/3
secure-login-keeslerfuc.pages.dev/MobileLogo.png
IP
172.66.44.127:443
ASN
#13335 CLOUDFLARENET

Requested by
https://secure-login-keeslerfuc.pages.dev/robots.txt
Certificate
IssuerLet's Encrypt
Subjectsecure-login-keeslerfuc.pages.dev
Fingerprint2D:3A:7C:FB:45:5F:39:39:AE:24:D0:3A:72:B2:7E:FF:8E:F7:B9:D0
ValidityWed, 08 May 2024 15:39:07 GMT - Tue, 06 Aug 2024 15:39:06 GMT

File type
PNG image data, 945 x 345, 8-bit/color RGBA, non-interlaced
Size
35 kB (34846 bytes)
Hash
67277511e17ba0c06c0ccbde73a57e6e
98fd2d653ced9bcd26b1c045ca0eb74b4fe09c00
0bb7e66ec13cdc10cf254866c9aa07fa02a1deacd01a63a92802718df2d25bd0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /MobileLogo.png HTTP/1.1
Host: secure-login-keeslerfuc.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://secure-login-keeslerfuc.pages.dev/isotope.min.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 01:20:00 GMT
content-type: image/png
content-length: 34846
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "70fa92d3ab73cd8e6776002eef95760f"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7BwV%2FzbQ5ZTUT0VRQIzkL%2FNVhnGe%2BsFV5tzDJYPklAiYrHJJEDCEHJjYAatbIJgvWCCJ8lsbrX4nXHCBmJIIuNhmjnMAmqO%2BjsQc8fc4GdPP6pFnrn8GdMLEAx9hT%2F8QMYVmSKQiGehMVzfAvYTMQAeaxQA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880ddd505d4256b9-OSL
alt-svc: h3=":443"; ma=86400

secure-login-keeslerfuc.pages.dev/css/iris-components.min.css

172.66.44.127

200 OK

192 kB

URL GET HTTP/3
secure-login-keeslerfuc.pages.dev/css/iris-components.min.css
IP
172.66.44.127:443
ASN
#13335 CLOUDFLARENET

Requested by
https://secure-login-keeslerfuc.pages.dev/robots.txt
Certificate
IssuerLet's Encrypt
Subjectsecure-login-keeslerfuc.pages.dev
Fingerprint2D:3A:7C:FB:45:5F:39:39:AE:24:D0:3A:72:B2:7E:FF:8E:F7:B9:D0
ValidityWed, 08 May 2024 15:39:07 GMT - Tue, 06 Aug 2024 15:39:06 GMT

File type
ASCII text, with very long lines (65309)
Size
192 kB (191750 bytes)
Hash
3f422952c888b7d59b49fa322dff0b45
e0f6c5e1ae3834a01aa40d33d17ec3f4e46e7e78
85392c1de142face2c43f99a314465b26754b0c3b84a66c744802e4268fee931

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/iris-components.min.css HTTP/1.1
Host: secure-login-keeslerfuc.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://secure-login-keeslerfuc.pages.dev/robots.txt
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 01:20:00 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"c98a8914a0ed5385367565f4a0fa73fc"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=986TBx0c7U7y%2FOgQRuYwYiQWk8TSk3xup%2B2pry1lTZf1BuJVEY2WhkSJhyIQeZGjEaP2UWttwqTVvwvdNvUTXESAIVFGH7x9qnFIzGQqnmurkAGd989FQ3EMy258idUYAIsB1hiQ%2FR8x62cKe%2BLRzHB1%2FSI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880ddd4ddc3456b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.99

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://secure-login-keeslerfuc.pages.dev/robots.txt
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://secure-login-keeslerfuc.pages.dev/
Origin: https://secure-login-keeslerfuc.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 06:08:19 GMT
expires: Sat, 03 May 2025 06:08:19 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 501101
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

secure-login-keeslerfuc.pages.dev/css/jquery-ui.min.css

172.66.44.127

200 OK

31 kB

URL GET HTTP/3
secure-login-keeslerfuc.pages.dev/css/jquery-ui.min.css
IP
172.66.44.127:443
ASN
#13335 CLOUDFLARENET

Requested by
https://secure-login-keeslerfuc.pages.dev/robots.txt
Certificate
IssuerLet's Encrypt
Subjectsecure-login-keeslerfuc.pages.dev
Fingerprint2D:3A:7C:FB:45:5F:39:39:AE:24:D0:3A:72:B2:7E:FF:8E:F7:B9:D0
ValidityWed, 08 May 2024 15:39:07 GMT - Tue, 06 Aug 2024 15:39:06 GMT

File type
ASCII text, with very long lines (29486)
Size
31 kB (31291 bytes)
Hash
0ba6b64b2cc5a2e2a1f0866d8e4f141f
575fc9181fbacd2bdd8953554171c89dc57d4e20
5bed9d2f4811025c2bde2c4747db5f3cacc9e4547ea594a0468b1e4f00965df9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/jquery-ui.min.css HTTP/1.1
Host: secure-login-keeslerfuc.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://secure-login-keeslerfuc.pages.dev/robots.txt
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 01:19:59 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"6e5f9fa17f963977d636f6fe28e0545e"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D8ZSerh2WSYK8gkMXQiDYRYw2tYUyTyTpCoY6RMBmKoL03tlVVxgzAv9kBx%2B4pFdGiDrO4LZHC%2BoQCEyWbawEiXVcme2lBnoE%2FBcEzgUt8rB84ig%2F9ZLo%2FAQR8HF0pfDnUmvH1bbE6fJFTk0cF%2BEixKZAd8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880ddd4ddc2a56b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

secure-login-keeslerfuc.pages.dev/css/theme.mobile.min.css

172.66.44.127

200 OK

115 kB

URL GET HTTP/3
secure-login-keeslerfuc.pages.dev/css/theme.mobile.min.css
IP
172.66.44.127:443
ASN
#13335 CLOUDFLARENET

Requested by
https://secure-login-keeslerfuc.pages.dev/robots.txt
Certificate
IssuerLet's Encrypt
Subjectsecure-login-keeslerfuc.pages.dev
Fingerprint2D:3A:7C:FB:45:5F:39:39:AE:24:D0:3A:72:B2:7E:FF:8E:F7:B9:D0
ValidityWed, 08 May 2024 15:39:07 GMT - Tue, 06 Aug 2024 15:39:06 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
115 kB (114780 bytes)
Hash
c8821e4017de2c0400a7f724976edbc5
53cdc80ffff4f7a9141695ef3b3315934c58e7ad
e68a4eec77e984e73b04c021c1296f12def2d00262265f37a5f2e20a44878582

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/theme.mobile.min.css HTTP/1.1
Host: secure-login-keeslerfuc.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://secure-login-keeslerfuc.pages.dev/robots.txt
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 01:19:59 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"b53e42364edae65eaf6d408f926a61ac"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FcjGc2He9jXLIbImM%2BJx9AN%2Bw5XLGqr0A%2F0kxhMzxjS%2FqJV1wZVwu533TEFDvbVbmVewdrCiXzWxPxgNWcfnvorFz5f8cWluur3F9mJqeO8K6kJBticYQk26pbYX8Yqm8COMYnZhq5HDYzpFF5%2Fd5%2BZxLSY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880ddd4ddc3056b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

secure-login-keeslerfuc.pages.dev/Isotope/Images/app-store-badge.svg

172.66.44.127

200 OK

25 kB

URL GET HTTP/3
secure-login-keeslerfuc.pages.dev/Isotope/Images/app-store-badge.svg
IP
172.66.44.127:443
ASN
#13335 CLOUDFLARENET

Requested by
https://secure-login-keeslerfuc.pages.dev/robots.txt
Certificate
IssuerLet's Encrypt
Subjectsecure-login-keeslerfuc.pages.dev
Fingerprint2D:3A:7C:FB:45:5F:39:39:AE:24:D0:3A:72:B2:7E:FF:8E:F7:B9:D0
ValidityWed, 08 May 2024 15:39:07 GMT - Tue, 06 Aug 2024 15:39:06 GMT

File type

Size
25 kB (24942 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /Isotope/Images/app-store-badge.svg HTTP/1.1
Host: secure-login-keeslerfuc.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://secure-login-keeslerfuc.pages.dev/robots.txt
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 01:19:59 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"10eec588f43dcdb5e918762d18eefadd"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QAcFzfBaot7hWH%2B0i31pqiHq%2F219bhgq1AKkK5TlPtPWMbVEwqzB4ncMHGJoFmgbfiMlV1ABzAR6h801szJEu5n%2BQMH52X0Ifrulnrr6PKqMMh7e8CgtwjA19t%2B8Qb8KqdcI2s7LzU1LmE%2BIEQPlCSKbB1s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880ddd4dec3a56b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

secure-login-keeslerfuc.pages.dev/Isotope/Images/google-play-badge.svg

172.66.44.127

200 OK

25 kB

URL GET HTTP/3
secure-login-keeslerfuc.pages.dev/Isotope/Images/google-play-badge.svg
IP
172.66.44.127:443
ASN
#13335 CLOUDFLARENET

Requested by
https://secure-login-keeslerfuc.pages.dev/robots.txt
Certificate
IssuerLet's Encrypt
Subjectsecure-login-keeslerfuc.pages.dev
Fingerprint2D:3A:7C:FB:45:5F:39:39:AE:24:D0:3A:72:B2:7E:FF:8E:F7:B9:D0
ValidityWed, 08 May 2024 15:39:07 GMT - Tue, 06 Aug 2024 15:39:06 GMT

File type

Size
25 kB (24942 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /Isotope/Images/google-play-badge.svg HTTP/1.1
Host: secure-login-keeslerfuc.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://secure-login-keeslerfuc.pages.dev/robots.txt
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 01:19:59 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"10eec588f43dcdb5e918762d18eefadd"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fMRl%2FO4zPRhx9gd6yUKJ52QQUtXy1aJuAmE4dJ%2BLY7IvCxVgxyJCp27uQNd6IoMuQfTDW9eMN%2FUxuUc0qv9fuU2iRmFdJwDif6qX7%2Fx6%2BXtxlzlBPugVLg99GKd1N7ZmsiTlpjerm%2FCBGzkjVkYitFv1u6I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880ddd4dec3b56b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

secure-login-keeslerfuc.pages.dev/favicon.ico

172.66.44.127

200 OK

7.4 kB

URL GET HTTP/3
secure-login-keeslerfuc.pages.dev/favicon.ico
IP
172.66.44.127:443
ASN
#13335 CLOUDFLARENET

Requested by
https://secure-login-keeslerfuc.pages.dev/robots.txt
Certificate
IssuerLet's Encrypt
Subjectsecure-login-keeslerfuc.pages.dev
Fingerprint2D:3A:7C:FB:45:5F:39:39:AE:24:D0:3A:72:B2:7E:FF:8E:F7:B9:D0
ValidityWed, 08 May 2024 15:39:07 GMT - Tue, 06 Aug 2024 15:39:06 GMT

File type
MS Windows icon resource - 3 icons, 48x48, 8 bits/pixel, 32x32, 8 bits/pixel
Size
7.4 kB (7406 bytes)
Hash
681d7c17deb6699aaaf8527958220836
7c5e1743d23805882eb3ea385086169d3c9b26a8
de1f10007a2f218cc207c1a1d35a33baec9b5899f816d689dcdaf38df868c235

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: secure-login-keeslerfuc.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://secure-login-keeslerfuc.pages.dev/robots.txt
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 01:20:00 GMT
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"0b43f0111e884e45b6f22576f3357d05"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hB2%2B5KoTrnrOyLatdCQk4ddYOe1DDtYSiZBhE%2FKXQ%2Ff19x%2B0yf%2F1eMg8jgwKHpn7mH72lL3OtuXH6KHFFZ3PrYbMoTTImvZj2gXCw77Qmbtnxa9hz7HaLZQIcmVcGo%2Fb7iZAW3Fr1nxoH%2FSykeYWrEnVOi8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880ddd501d2256b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

secure-login-keeslerfuc.pages.dev/css/css.css

172.66.44.127

200 OK

2.0 kB

URL GET HTTP/3
secure-login-keeslerfuc.pages.dev/css/css.css
IP
172.66.44.127:443
ASN
#13335 CLOUDFLARENET

Requested by
https://secure-login-keeslerfuc.pages.dev/robots.txt
Certificate
IssuerLet's Encrypt
Subjectsecure-login-keeslerfuc.pages.dev
Fingerprint2D:3A:7C:FB:45:5F:39:39:AE:24:D0:3A:72:B2:7E:FF:8E:F7:B9:D0
ValidityWed, 08 May 2024 15:39:07 GMT - Tue, 06 Aug 2024 15:39:06 GMT

File type
ASCII text, with very long lines (2042), with no line terminators
Size
2.0 kB (1986 bytes)
Hash
b1c09f4b5f17add18524d7ca99ec5c73
ddb7cf725f008f8a66c69181082a1a3300ffa278
7fa16ed85ff37fa47131c999bffc496757d85924d4f72e00549ee5b308de4e23

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/css.css HTTP/1.1
Host: secure-login-keeslerfuc.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://secure-login-keeslerfuc.pages.dev/robots.txt
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 01:19:59 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"aeb71a3201fec4e44691a4d312f4f5c8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HfQ6QIplad%2F6eOH04JxKSLWN1nsrfoQGeqMg67ySRZatp18udSIxeGzT0UkrjZFz0bb0meyDC%2BUh2e8zBhR7gu%2FW5nhYlnkhfdg25%2BNzaIoG9%2BmAPGp%2FaNQ2r66W3NudYFsN38ysDkRnDd%2Fw%2F4lN5%2BX6wUw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880ddd4ddc2556b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

secure-login-keeslerfuc.pages.dev/css/base.min.css

172.66.44.127

200 OK

2.2 kB

URL GET HTTP/3
secure-login-keeslerfuc.pages.dev/css/base.min.css
IP
172.66.44.127:443
ASN
#13335 CLOUDFLARENET

Requested by
https://secure-login-keeslerfuc.pages.dev/robots.txt
Certificate
IssuerLet's Encrypt
Subjectsecure-login-keeslerfuc.pages.dev
Fingerprint2D:3A:7C:FB:45:5F:39:39:AE:24:D0:3A:72:B2:7E:FF:8E:F7:B9:D0
ValidityWed, 08 May 2024 15:39:07 GMT - Tue, 06 Aug 2024 15:39:06 GMT

File type
ASCII text, with very long lines (2259), with no line terminators
Size
2.2 kB (2247 bytes)
Hash
99b7f8952d3577bc6963d97c37e3f773
25c02ba04444c137c84644e48ef91eec673fec4b
ec94cbaaf42c4b4420ab287fdbca16345adec2d9ee4f380c6355d4dc9621797e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/base.min.css HTTP/1.1
Host: secure-login-keeslerfuc.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://secure-login-keeslerfuc.pages.dev/robots.txt
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 01:19:59 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"fd88b89d36d594e84ca0e637c74283a7"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rYB5%2FSDreXHCQubGhrHOxUcMqQl7EU%2FwvJuRXKRL%2BxHm%2FMyN1DOsR8ZgVmCi3cggMJMEIhYYINQ9pzX9JcDWuG%2BR0y2SH1UVlW3%2FRmvPLLoAGV0hd4hl%2Fab71QaUXSiBcKfzskSHvDqlqN%2FJyk9J7hUW2Wo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880ddd4ddc2c56b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

secure-login-keeslerfuc.pages.dev/css/iris.android.min.css

172.66.44.127

200 OK

98 kB

URL GET HTTP/3
secure-login-keeslerfuc.pages.dev/css/iris.android.min.css
IP
172.66.44.127:443
ASN
#13335 CLOUDFLARENET

Requested by
https://secure-login-keeslerfuc.pages.dev/robots.txt
Certificate
IssuerLet's Encrypt
Subjectsecure-login-keeslerfuc.pages.dev
Fingerprint2D:3A:7C:FB:45:5F:39:39:AE:24:D0:3A:72:B2:7E:FF:8E:F7:B9:D0
ValidityWed, 08 May 2024 15:39:07 GMT - Tue, 06 Aug 2024 15:39:06 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
98 kB (98295 bytes)
Hash
be81b5e26048fc742fb16310834da4ad
03112d4ed94d9ee41cf5012c1f594fb4f8b5c1c8
65c12121b00f8425f4bd66383649d717e0b381b0336eaf39c732e6d5bb1109e5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/iris.android.min.css HTTP/1.1
Host: secure-login-keeslerfuc.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://secure-login-keeslerfuc.pages.dev/robots.txt
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 01:19:59 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"9dcbf1b9640084e0724ad5e25164d442"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QFt77PqbK%2B%2Fscm47yvjUEs8BBkxl74wSCyNMqZVeHoUzX6jHsQsUkF5We94oJBpXjhSAxL5T1hq4LL03gRqSMjyvS%2FH%2F%2B0jWo10l6c3Egxk4zuUDm13PH5%2FaeE3fkNkQWVP4upmKGkHVmv3gCGQgBAy84CQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880ddd4ddc2e56b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

secure-login-keeslerfuc.pages.dev/css/iris-foundation.min1.css

172.66.44.127

200 OK

51 kB

URL GET HTTP/3
secure-login-keeslerfuc.pages.dev/css/iris-foundation.min1.css
IP
172.66.44.127:443
ASN
#13335 CLOUDFLARENET

Requested by
https://secure-login-keeslerfuc.pages.dev/robots.txt
Certificate
IssuerLet's Encrypt
Subjectsecure-login-keeslerfuc.pages.dev
Fingerprint2D:3A:7C:FB:45:5F:39:39:AE:24:D0:3A:72:B2:7E:FF:8E:F7:B9:D0
ValidityWed, 08 May 2024 15:39:07 GMT - Tue, 06 Aug 2024 15:39:06 GMT

File type
ASCII text, with very long lines (50964)
Size
51 kB (51310 bytes)
Hash
0160c354e11f9e1f2ffcd720f880dc2e
7c3b5681a9483a0f37110476e04375e7e88d8fcc
037e5f8a4d2ef765d97f6c14e087cab4f8f27a1ac2a6a7584793b1a76a08fb8f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/iris-foundation.min1.css HTTP/1.1
Host: secure-login-keeslerfuc.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://secure-login-keeslerfuc.pages.dev/robots.txt
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 01:19:59 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"3381a46cd5614c6fc0907e933c2d8e1a"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8m0db2q1nqrokhDIckAvsaDc5TwKoAVWetOe5TBp4v%2FAaYXqyAntIitSxS5B5zn2t4oX1DaIZToy%2FwuCNlPRvPbw3YyrLLRz3GsvMm%2F%2BIgxPNb6yLpOz80Ok84Fur6jcVVQPSP0q2qLvi6GKhp%2BLj2s%2B8L8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880ddd4ddc3356b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

secure-login-keeslerfuc.pages.dev/favicon.ico

172.66.44.127

200 OK

7.4 kB

URL GET HTTP/3
secure-login-keeslerfuc.pages.dev/favicon.ico
IP
172.66.44.127:443
ASN
#13335 CLOUDFLARENET

Requested by
https://secure-login-keeslerfuc.pages.dev/robots.txt
Certificate
IssuerLet's Encrypt
Subjectsecure-login-keeslerfuc.pages.dev
Fingerprint2D:3A:7C:FB:45:5F:39:39:AE:24:D0:3A:72:B2:7E:FF:8E:F7:B9:D0
ValidityWed, 08 May 2024 15:39:07 GMT - Tue, 06 Aug 2024 15:39:06 GMT

File type
MS Windows icon resource - 3 icons, 48x48, 8 bits/pixel, 32x32, 8 bits/pixel
Size
7.4 kB (7406 bytes)
Hash
681d7c17deb6699aaaf8527958220836
7c5e1743d23805882eb3ea385086169d3c9b26a8
de1f10007a2f218cc207c1a1d35a33baec9b5899f816d689dcdaf38df868c235

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: secure-login-keeslerfuc.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://secure-login-keeslerfuc.pages.dev/robots.txt
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 01:20:00 GMT
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"0b43f0111e884e45b6f22576f3357d05"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lee%2BLpDmNpOhuwtZQZ69B8ltzti8MxCCkFqmAbJj666en99gdHfbbeVt33JepQXKsTK%2BwH67OUGIDp6uawLE0nJ%2FnYRjMKlcptvOnbcAvM3yx00ok5uWZKpmTMxNyvqdCAk6gqcuLGn0zYhG7XQmUxdv2TM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880ddd501d2156b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (20)

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/2

IP

ASN