| pub-67e1775130984d3b982c6ca41261bc0c.r2.dev/index.html | 104.18.2.35 | 200 OK | 587 B |
URL User Request GET HTTP/1.1pub-67e1775130984d3b982c6ca41261bc0c.r2.dev/index.html IP104.18.2.35:443
CertificateIssuerLet's Encrypt Subject*.r2.dev Fingerprint48:74:F0:98:E0:A1:57:3E:86:18:BF:B3:DC:C9:7A:5B:53:50:FE:E0 ValidityFri, 05 Apr 2024 15:25:24 GMT - Thu, 04 Jul 2024 15:25:23 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashe147b3c5b0770cc094c4723053bed794 2d08f1c1099114ac80b8e35d342c237ca91cd9ed 1a3dba09f2bc53b1b799a8b6cd9587c662f7b76a97cedc3b5309beda003374cc
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Docusign | OpenPhish | phishing | DocuSign | PhishTank | phishing | Other |
GET /index.html HTTP/1.1
Host: pub-67e1775130984d3b982c6ca41261bc0c.r2.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 18:02:38 GMT
Content-Type: text/html
Content-Length: 587
Connection: keep-alive
Accept-Ranges: bytes
ETag: "e147b3c5b0770cc094c4723053bed794"
Last-Modified: Fri, 19 Apr 2024 19:36:43 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880b5c9f5ac70b4d-OSL
|
|
| cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js | 104.17.25.14 | 200 OK | 4.5 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js IP104.17.25.14:443
Requested byhttps://pub-67e1775130984d3b982c6ca41261bc0c.r2.dev/index.html CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text Hash053305c2b293c27c02523cda42962c09 556b0af7346b9e21a8eea1be8b195b563169ecd5 be483938eb34538b970684f72e312f62652e84b42b7ad86953962d1ce2217c44
GET /ajax/libs/jquery.mask/1.14.10/jquery.mask.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 18:02:38 GMT
content-type: application/javascript; charset=utf-8
content-length: 4517
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec3-4e98"
last-modified: Mon, 04 May 2020 16:11:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 593746
expires: Mon, 28 Apr 2025 18:02:38 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gAu9jNDZ7An7pY1YXHKFzoRBLIBy3XHiIbehrf5ltFpu233Fb1O08LtzKWI2l4PrhEloRGM7t%2BVOFmFGtj%2FMGhQttScZnplhlb%2BKu0wr86QfrMljAGfj%2BvrTV4bhKsAhgBqo14MG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 880b5ca938455699-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js | 152.199.19.160 | 200 OK | 30 kB |
URL GET HTTP/2ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js IP152.199.19.160:443
Requested byhttps://pub-67e1775130984d3b982c6ca41261bc0c.r2.dev/index.html CertificateIssuerDigiCert Inc Subject*.vo.msecnd.net Fingerprint86:E0:37:E4:B1:31:51:81:DD:54:33:82:FF:4D:EB:D1:15:5F:65:C4 ValidityTue, 30 Jan 2024 00:00:00 GMT - Thu, 30 Jan 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hasha09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
GET /ajax/jQuery/jquery-3.3.1.min.js HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 3858158
cache-control: public,max-age=31536000
content-type: application/javascript
date: Wed, 08 May 2024 18:02:38 GMT
etag: "80288516b793d31:0"
last-modified: Mon, 22 Jan 2018 19:27:49 GMT
server: ECAcc (ska/F6AE)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 30394
X-Firefox-Spdy: h2
|
|
| docucdn-a.akamaihd.net/olive/images/2.47.0/header-logos/docusign.svg | 23.36.76.243 | 200 OK | 1.3 kB |
URL GET HTTP/2docucdn-a.akamaihd.net/olive/images/2.47.0/header-logos/docusign.svg IP23.36.76.243:443 ASN#20940 Akamai International B.V.
Requested byhttps://pub-67e1775130984d3b982c6ca41261bc0c.r2.dev/index.html CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net Fingerprint28:39:AF:63:7D:02:E8:F7:17:23:A0:EE:E0:C9:2F:9C:64:17:68:0A ValidityThu, 18 Apr 2024 00:00:00 GMT - Sat, 19 Apr 2025 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash440fe9f91ffea5c808b75d74298423e7 c42c5c7b43ef49f1c1a3191efd5624477e9cc549 7c5e35b0c8299b8660a9c4f4393c7af2ced0143540a1ecdf266d174b690b779b
GET /olive/images/2.47.0/header-logos/docusign.svg HTTP/1.1
Host: docucdn-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: "440fe9f91ffea5c808b75d74298423e7:1660684826.417675"
last-modified: Fri, 12 Aug 2022 19:56:41 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31529300
date: Wed, 08 May 2024 18:02:39 GMT
content-length: 1257
access-control-allow-origin: *
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| seeklogo.com/images/D/docusign-logo-2C4F5FAE95-seeklogo.com.png | 172.67.190.76 | 200 OK | 2.5 kB |
URL GET HTTP/2seeklogo.com/images/D/docusign-logo-2C4F5FAE95-seeklogo.com.png IP172.67.190.76:443
Requested byhttps://pub-67e1775130984d3b982c6ca41261bc0c.r2.dev/index.html CertificateIssuerLet's Encrypt Subjectseeklogo.com Fingerprint79:1C:65:70:D5:30:59:87:BB:3C:90:04:40:65:19:45:8D:96:3A:37 ValiditySun, 31 Mar 2024 10:17:27 GMT - Sat, 29 Jun 2024 10:17:26 GMT
File typePNG image data, 300 x 300, 8-bit colormap, non-interlaced Hash539bae789201d3577c14106c34df631d b00ad53a3779811136b4e8ec979c5f1574929889 2f2dc59ea0dc82ff30683861f43987f900f1861a6635de031264a69577d62eb4
GET /images/D/docusign-logo-2C4F5FAE95-seeklogo.com.png HTTP/1.1
Host: seeklogo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 18:02:39 GMT
content-type: image/png
content-length: 2527
cache-control: public, max-age=31536000
last-modified: Sun, 27 Nov 2022 01:23:07 GMT
etag: "1d901fecdc9865f"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-download-options: noopen
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self'
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 3772
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fvp4TBz6ggfJsdrc7CBzBBDK9qwiYPYSoRgOUZ%2BoiNucXo%2FnUk4tPnjTpcUi7GYqNeoNpoxpah%2BJ2zPnMsI8j0Xd6Djj3Dz4fseUpQm%2B0tvBQwvOlznK7nX52mQ0Zww%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b5ca9efd756b1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| docu-y5u.pages.dev/images/look.png | 172.66.45.29 | 200 OK | 34 kB |
URL GET HTTP/2docu-y5u.pages.dev/images/look.png IP172.66.45.29:443
Requested byhttps://pub-67e1775130984d3b982c6ca41261bc0c.r2.dev/index.html CertificateIssuerLet's Encrypt Subjectdocu-y5u.pages.dev Fingerprint33:58:96:C8:3B:5C:69:F2:98:7D:AC:6E:8C:3B:F7:F0:10:52:FA:65 ValidityThu, 04 Apr 2024 12:13:02 GMT - Wed, 03 Jul 2024 12:13:01 GMT
File typePNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced Hasha3cdfeaf028cf60d90337ce4bb1b632f 44f084707b89b3a999b9a58c06e872ac6ca909d3 2f128c34e99f47c352178964fc87af68352b7395984d68313bba7a5b2647abaa
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Docusign |
GET /images/look.png HTTP/1.1
Host: docu-y5u.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 18:02:39 GMT
content-type: image/png
content-length: 34316
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "920f141cb9133095ad177d782f9c63dd"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nNuI8W0R26iAXeT6s0f3Z1GmDYf5oAg6DlDK22CUZv73FuesPcWGb1jLP1DS8BtowcoAJTEZ5A1S72rXc4JIcu1BJIv8uDArMJv5UoKhGIxmBo6%2Bmlkhc8HgmuRL0sp%2FXeUaSHA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b5ca9c80456ca-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| docu-y5u.pages.dev/images/aol.png | 172.66.45.29 | 200 OK | 18 kB |
URL GET HTTP/2docu-y5u.pages.dev/images/aol.png IP172.66.45.29:443
Requested byhttps://pub-67e1775130984d3b982c6ca41261bc0c.r2.dev/index.html CertificateIssuerLet's Encrypt Subjectdocu-y5u.pages.dev Fingerprint33:58:96:C8:3B:5C:69:F2:98:7D:AC:6E:8C:3B:F7:F0:10:52:FA:65 ValidityThu, 04 Apr 2024 12:13:02 GMT - Wed, 03 Jul 2024 12:13:01 GMT
File typePNG image data, 1280 x 511, 8-bit gray+alpha, non-interlaced Hash7c7cf7681aee5e76ca1a7dbf2ec7c318 f49db999fd79caec4192dc372e0357753df5a004 6a9935d6d50e144151e34c0b42b5222853231ee05f51533cc8f1de146e275f8d
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Docusign |
GET /images/aol.png HTTP/1.1
Host: docu-y5u.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 18:02:39 GMT
content-type: image/png
content-length: 17665
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "e4cabf90e1eb0c4b5779057215e6192f"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nnSsxxvzT71ghAP2MMLKPRxG%2B4JK7OZmDMvTof7r%2BOrHE7MN3f9bRTAtlLM01Hg5PoeoA7UQ5Y24Tp9iRo40ty3b0CBq7YuVacEAn77OSAu8G9kOHWiMAKzT%2BUResuu7lCQWOHI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b5ca9cffa56ca-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| docu-y5u.pages.dev/images/other1.png | 172.66.45.29 | 200 OK | 22 kB |
URL GET HTTP/2docu-y5u.pages.dev/images/other1.png IP172.66.45.29:443
Requested byhttps://pub-67e1775130984d3b982c6ca41261bc0c.r2.dev/index.html CertificateIssuerLet's Encrypt Subjectdocu-y5u.pages.dev Fingerprint33:58:96:C8:3B:5C:69:F2:98:7D:AC:6E:8C:3B:F7:F0:10:52:FA:65 ValidityThu, 04 Apr 2024 12:13:02 GMT - Wed, 03 Jul 2024 12:13:01 GMT
File typePNG image data, 190 x 187, 8-bit/color RGBA, non-interlaced Hash6843a244e12fab158aa189680b5e7049 0e1c691f87cc4fa35c88344974f2829c40176b70 3a9b144d6482b78afc4e0a940a1d3c22240f14fa535b808cf4dab9635339569f
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Docusign |
GET /images/other1.png HTTP/1.1
Host: docu-y5u.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 18:02:39 GMT
content-type: image/png
content-length: 21882
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ce396a535465db1166706e8f2fd2d252"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RjltTLP3KLt%2FvgL1w%2F254vv2BlO%2FggcYygH4hKwgJRqdcGrYJMEgxXeTSIqofNkEEnLxg6p1IzK%2FUJ7VZ3uWMfrjl2cWMeRHP%2FF39FSj17zTE16wLWpv%2Boy0PZ%2BenibUKLWv4MQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b5ca9c80656ca-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| docu-y5u.pages.dev/images/yah2.png | 172.66.45.29 | 200 OK | 67 kB |
URL GET HTTP/2docu-y5u.pages.dev/images/yah2.png IP172.66.45.29:443
Requested byhttps://pub-67e1775130984d3b982c6ca41261bc0c.r2.dev/index.html CertificateIssuerLet's Encrypt Subjectdocu-y5u.pages.dev Fingerprint33:58:96:C8:3B:5C:69:F2:98:7D:AC:6E:8C:3B:F7:F0:10:52:FA:65 ValidityThu, 04 Apr 2024 12:13:02 GMT - Wed, 03 Jul 2024 12:13:01 GMT
File typePNG image data, 2560 x 709, 8-bit/color RGBA, non-interlaced Hash0a7edf5ea8f987f8f6f3f60c5446cbbf 5114aa0685e69b614ee4ed77a37ab187bd5e560f 4e5feb95191aebc6cb65710a428c70c2411c7ac6cf5e1946b221c2f1b92ed0c8
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Docusign |
GET /images/yah2.png HTTP/1.1
Host: docu-y5u.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 18:02:39 GMT
content-type: image/png
content-length: 67162
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "c3d42417b96cb75c4dd06d01c853808c"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r88X%2B%2BtKP0UGh20DPRK%2FmyoS9R1tLMTUKtfxthqzfF6wIfBJTDfVL7I8iFb4tuXAJ9Qvy4Qa01NDbpgwUbYnAg06Dg72jUrLS729RpX3TNQ3aZEXGowJ87UNGBIVxGIonhHdUFw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b5ca9c80256ca-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| docu-y5u.pages.dev/images/yah.png | 172.66.45.29 | 200 OK | 72 kB |
URL GET HTTP/2docu-y5u.pages.dev/images/yah.png IP172.66.45.29:443
Requested byhttps://pub-67e1775130984d3b982c6ca41261bc0c.r2.dev/index.html CertificateIssuerLet's Encrypt Subjectdocu-y5u.pages.dev Fingerprint33:58:96:C8:3B:5C:69:F2:98:7D:AC:6E:8C:3B:F7:F0:10:52:FA:65 ValidityThu, 04 Apr 2024 12:13:02 GMT - Wed, 03 Jul 2024 12:13:01 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 840x544, components 3 Hash4449f4d52b3c39575efe9e8dd1deea4c 630364eeb6ccc5c8fdeca83cd580034e38e3ae08 41c25e225507c2f7aea38f876a90c5963a12807f110e08956082acf23a03e8ab
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Docusign |
GET /images/yah.png HTTP/1.1
Host: docu-y5u.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 18:02:39 GMT
content-type: image/png
content-length: 72145
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "6c1e8f13444033b5d6f6d16fd6bc0927"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aQiTWpFzhEwutXEt7mpSVz2xaGr5WFFVVgI%2F%2Fbu50dK%2FgIsBrx3bXtTWZ22tljGu9hS5QDLkvO5vE%2BrzUwnfijwVnI9leRjGOT%2BGzLVc9DxwjENBbSxSbGw8nTR5NS2DwDgRfag%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b5ca9cffd56ca-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| docu-y5u.pages.dev/images/office3651.png | 172.66.45.29 | 200 OK | 18 kB |
URL GET HTTP/2docu-y5u.pages.dev/images/office3651.png IP172.66.45.29:443
Requested byhttps://pub-67e1775130984d3b982c6ca41261bc0c.r2.dev/index.html CertificateIssuerLet's Encrypt Subjectdocu-y5u.pages.dev Fingerprint33:58:96:C8:3B:5C:69:F2:98:7D:AC:6E:8C:3B:F7:F0:10:52:FA:65 ValidityThu, 04 Apr 2024 12:13:02 GMT - Wed, 03 Jul 2024 12:13:01 GMT
File typePNG image data, 187 x 188, 8-bit/color RGBA, non-interlaced Hasha5cdadd60382e9ae6228121542eb1c2a cec15f6470d0237569e931d7d11752b41ac5d8a3 71e729939e175f4ae9d3fcc645d6b7389ec341a47a84950e047197331fdc22f1
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Docusign |
GET /images/office3651.png HTTP/1.1
Host: docu-y5u.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 18:02:39 GMT
content-type: image/png
content-length: 18147
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "4e0f64e8bb5ef17abb09f0a04ee8d19d"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9%2FDL%2BPmOBDzrpEeRnEvqeJoPETdzcxPZ4%2B3kuuWkMDFGoIMB3PBkTnp4UZyYQiOUQj%2B4JcRV336Mrppx%2B3TLQZK60SbOz2VL9S2dEs0%2BYtuCQBPnHCdkuLqxu6En5A6lJJLJT%2FQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b5ca9c80156ca-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| docu-y5u.pages.dev/images/offi.png | 172.66.45.29 | 200 OK | 64 kB |
URL GET HTTP/2docu-y5u.pages.dev/images/offi.png IP172.66.45.29:443
Requested byhttps://pub-67e1775130984d3b982c6ca41261bc0c.r2.dev/index.html CertificateIssuerLet's Encrypt Subjectdocu-y5u.pages.dev Fingerprint33:58:96:C8:3B:5C:69:F2:98:7D:AC:6E:8C:3B:F7:F0:10:52:FA:65 ValidityThu, 04 Apr 2024 12:13:02 GMT - Wed, 03 Jul 2024 12:13:01 GMT
File typePNG image data, 864 x 1024, 8-bit/color RGBA, non-interlaced Hashada6a19789e5c72533c9872541ba42a6 5192839b8888eead65db3ccee7fd68e86e7ccb53 0c1ebf2bbc55550d5f3c379f178f308a1d45e4e885a623a118d3689b1be6c704
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Docusign |
GET /images/offi.png HTTP/1.1
Host: docu-y5u.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 18:02:39 GMT
content-type: image/png
content-length: 64019
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "75591e4741ce99b7b9792c6359ec3b86"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qNXhgUx0jgF%2FrT6w5qIenCs7qh9XCHxA82YxucfU8W0n3tCd%2B8EhTRhKa2KuQOW33WAbYqRn82FstFv6deo28HAbIxdI%2B%2FBOTIijHDn9TiXFvQjCk3xRCBEk4S2mWYZ07DfVV5o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b5ca9c80056ca-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| docu-y5u.pages.dev/images/mailo.png | 172.66.45.29 | 200 OK | 578 kB |
URL GET HTTP/2docu-y5u.pages.dev/images/mailo.png IP172.66.45.29:443
Requested byhttps://pub-67e1775130984d3b982c6ca41261bc0c.r2.dev/index.html CertificateIssuerLet's Encrypt Subjectdocu-y5u.pages.dev Fingerprint33:58:96:C8:3B:5C:69:F2:98:7D:AC:6E:8C:3B:F7:F0:10:52:FA:65 ValidityThu, 04 Apr 2024 12:13:02 GMT - Wed, 03 Jul 2024 12:13:01 GMT
File typePNG image data, 600 x 596, 8-bit/color RGBA, non-interlaced Size578 kB (578451 bytes) Hashb291bda6b904cd07b552b3ce84266143 d24f424286c59aab5672248de698281be4c1929b 86b84a5512c4a5d4af354ca4978a018f17472e301b4ba7e86a178cdacb709bf3
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Docusign |
GET /images/mailo.png HTTP/1.1
Host: docu-y5u.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 18:02:39 GMT
content-type: image/png
content-length: 578451
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "7ab2cbf852b6162148c033e18b91a6ed"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H%2FOt7jiJ8nczb8s9DCB8jHnULYoL6mYR5Ui2ZVbhgdJAHObPf1goO3DpAGpW%2B5xaCYWdRvzXEfgysP8PLbfYA6jOwrhyG9sL%2BhWngRiwyhUJiqb1N9mYhBYTb8p%2BOG7MsoAKEHE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b5ca9cfff56ca-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| i.imgur.com/5yZj1kl.png | 151.101.244.193 | 200 OK | 34 kB |
IP151.101.244.193:443
Requested byhttps://pub-67e1775130984d3b982c6ca41261bc0c.r2.dev/index.html CertificateIssuerSectigo Limited Subject*.imgur.com Fingerprint39:5B:E1:0D:4A:FC:A4:C7:F3:71:DE:C4:5C:12:69:F9:5F:58:9F:42 ValidityThu, 15 Feb 2024 00:00:00 GMT - Fri, 14 Feb 2025 23:59:59 GMT
File typePNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced Hash1d2139ee0d22054e95c8e0fdec395691 eda09f92c8685eec7e31414b3237bda06e331b45 b571e2ee5a15b8ef193d859efd2ad277691302ba2aeca7c4c2d23dfbc768fa8b
GET /5yZj1kl.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
last-modified: Tue, 29 Nov 2022 15:29:15 GMT
etag: "1d2139ee0d22054e95c8e0fdec395691"
x-amz-cf-pop: IAD12-P2
x-amz-cf-id: Gb4BdggNjqLGSNqIHQlSrGUObW7P8mV3yDC0rUkZ3ZTRTTsvQUNbQg==
cache-control: public, max-age=31536000
accept-ranges: bytes
age: 1335427
date: Wed, 08 May 2024 18:02:39 GMT
x-served-by: cache-iad-kcgs7200055-IAD, cache-hel1410032-HEL
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 857, 0
x-timer: S1715191359.158442,VS0,VE2
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 34197
X-Firefox-Spdy: h2
|
|
| dev-sqlmfia.pantheonsite.io/sqlfax/jquery.js | 23.185.0.3 | 200 OK | 111 kB |
URL GET HTTP/2dev-sqlmfia.pantheonsite.io/sqlfax/jquery.js IP23.185.0.3:443
Requested byhttps://pub-67e1775130984d3b982c6ca41261bc0c.r2.dev/index.html CertificateIssuerLet's Encrypt Subjectpantheonsite.io FingerprintF0:B6:EE:9C:03:9F:B0:36:8C:F7:7A:BA:A2:D4:49:C5:4D:32:99:59 ValidityMon, 22 Apr 2024 16:38:54 GMT - Sun, 21 Jul 2024 16:38:53 GMT
File typegzip compressed data, max speed, from Unix Size111 kB (110772 bytes) Hash8172d84689322bdaeea75e7ce7bb11dc df3b3ca0004c9ed0360aa7de9360227760f14310 e44c60199f4b663ade3558c66039debab3d5dbc843d6b9ae4b73048ed62d654f
GET /sqlfax/jquery.js HTTP/1.1
Host: dev-sqlmfia.pantheonsite.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-67e1775130984d3b982c6ca41261bc0c.r2.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
content-type: application/x-javascript
etag: W/"65b2d514-47090"
expires: Wed, 08 May 2024 18:02:37 GMT
last-modified: Thu, 25 Jan 2024 21:39:32 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3-a-b789bbb5d-9rbpc
x-styx-req-id: 27fa16aa-0d65-11ef-8076-faa25f1afe88
cache-control: no-cache, must-revalidate
date: Wed, 08 May 2024 18:02:38 GMT
x-served-by: cache-chi-kigq8000028-CHI, cache-hel1410024-HEL
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1715191358.466504,VS0,VE137
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
X-Firefox-Spdy: h2
|
|
| docu-y5u.pages.dev/css/app.css | 172.66.45.29 | 200 OK | 2.7 kB |
URL GET HTTP/2docu-y5u.pages.dev/css/app.css IP172.66.45.29:443
Requested byhttps://pub-67e1775130984d3b982c6ca41261bc0c.r2.dev/index.html CertificateIssuerLet's Encrypt Subjectdocu-y5u.pages.dev Fingerprint33:58:96:C8:3B:5C:69:F2:98:7D:AC:6E:8C:3B:F7:F0:10:52:FA:65 ValidityThu, 04 Apr 2024 12:13:02 GMT - Wed, 03 Jul 2024 12:13:01 GMT
File typeassembler source, ASCII text, with CRLF line terminators Hash9a6e2d743d1d9d8f0248181ef653a179 7787807a7f438b96b250499dd0c3171e15c4133c abede81197469472079897b5bbfdea971d5df79e9ee8f6e166825a3061b0f3ed
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Docusign |
GET /css/app.css HTTP/1.1
Host: docu-y5u.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 18:02:39 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"e3fce4bcdec1fd1ce710d5dce319bf87"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MOfgQfGO695hEY%2BeA7qxg8SM8eQ9SjBoXlpQN%2BHn3Eth6e4zfehMTihmz5A7cgnAlP2crFOhu9j%2BShSW%2Bu%2B2ScOOXKEDIRFwpBcQxJResPcbb%2BwGmOD19Sdc7%2FcIyD%2Fc3Mg52Qc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880b5ca9cff556ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml | 35.244.181.201 | | 444 B |
URL aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml IP35.244.181.201:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typeXML 1.0 document, ASCII text, with very long lines (332) Hash3b324dec137a87ef7e24a30a65b13dd0 c0faa95b2f1018e264b3a14aaf50d1003e6c27b3 6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463
GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-06-09-11-51-10.chain; p384ecdsa=TP2m2wr1A0iYP5-ZSyuKX8Zv1TGQkKjHjF1MJrFxTqT_cic6JnLmg3_hd24-fVejB13Lvh7BshytX6TYto4X012aPfTNNeFa2PdVGauVCH9wnAAvx8bFb51iw585jilD
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
date: Wed, 08 May 2024 18:01:01 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 444
age: 115
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| www.docusign.com/sites/all/themes/custom/docusign/favicons/favicon.ico | 0.0.0.0 | | 0 B |
URL GET www.docusign.com/sites/all/themes/custom/docusign/favicons/favicon.ico IP0.0.0.0:0
Requested byhttps://pub-67e1775130984d3b982c6ca41261bc0c.r2.dev/index.html CertificateIssuerDigiCert Inc Subjectwww.docusign.com Fingerprint2E:4B:A6:1E:A7:6D:EE:E5:14:17:84:6E:4B:CF:55:45:30:B5:3A:69 ValidityTue, 07 May 2024 00:00:00 GMT - Sat, 07 Jun 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sites/all/themes/custom/docusign/favicons/favicon.ico HTTP/1.1
Host: www.docusign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=31622400
content-type: image/x-icon
etag: "66237e3a-3c2e"
expires: Mon, 21 Apr 2025 11:52:06 GMT
last-modified: Sat, 20 Apr 2024 08:35:06 GMT
server: nginx
x-pantheon-styx-hostname: styx-fe3-b-c7695954b-blb9d
x-styx-req-id: 69236a6b-ff0c-11ee-9bde-7e3417314868
content-encoding: gzip
x-timer: S1713847238.088117,VS0,VE112
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 08 May 2024 18:02:39 GMT
age: 1577434
x-served-by: cache-chi-kigq8000093-CHI, cache-hel1410027-HEL, cache-hel1410031-HEL
x-cache: HIT, MISS, HIT
x-cache-hits: 0, 0, 320
vary: Accept-Encoding, X-Original-Host
strict-transport-security: max-age=31557600; includeSubDomains; preload
set-cookie: ds_ts_re=0; HttpOnly; SameSite=Strict; Secure; Path=/
content-length: 1362
X-Firefox-Spdy: h2
|
|
| dev-sqlmfia.pantheonsite.io/sqlfax/basic.js | 23.185.0.3 | 200 OK | 36 kB |
URL GET HTTP/2dev-sqlmfia.pantheonsite.io/sqlfax/basic.js IP23.185.0.3:443
Requested byhttps://pub-67e1775130984d3b982c6ca41261bc0c.r2.dev/index.html CertificateIssuerLet's Encrypt Subjectpantheonsite.io FingerprintF0:B6:EE:9C:03:9F:B0:36:8C:F7:7A:BA:A2:D4:49:C5:4D:32:99:59 ValidityMon, 22 Apr 2024 16:38:54 GMT - Sun, 21 Jul 2024 16:38:53 GMT
File typeJavaScript source, ASCII text, with very long lines (35164), with CRLF line terminators Hash6a3f2993f18f8231c1708e4fd1425eb9 95e57e4af4ef3f46537c33b9b6c7a501afb6c7ff d32ba80189c7a4631859c3085c0ecaa9925f6602d7deba95d5050ad667ca9a63
GET /sqlfax/basic.js HTTP/1.1
Host: dev-sqlmfia.pantheonsite.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-67e1775130984d3b982c6ca41261bc0c.r2.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
content-type: application/x-javascript
etag: W/"6622c6fd-8b87"
expires: Wed, 08 May 2024 18:02:37 GMT
last-modified: Fri, 19 Apr 2024 19:33:17 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe3-a-b789bbb5d-84gzx
x-styx-req-id: 27fd62cb-0d65-11ef-bc95-aa06d938f058
cache-control: no-cache, must-revalidate
date: Wed, 08 May 2024 18:02:38 GMT
x-served-by: cache-chi-kigq8000137-CHI, cache-hel1410024-HEL
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1715191358.486439,VS0,VE135
vary: Accept-Encoding
x-robots-tag: noindex
age: 0
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
X-Firefox-Spdy: h2
|
|
| cdn.glitch.global/8d5109a6-1873-4f95-9253-bd838b3669c7/video.mp4 | 151.101.194.132 | 206 Partial Content | 1.7 MB |
URL GET HTTP/2cdn.glitch.global/8d5109a6-1873-4f95-9253-bd838b3669c7/video.mp4 IP151.101.194.132:443
Requested byhttps://pub-67e1775130984d3b982c6ca41261bc0c.r2.dev/index.html CertificateIssuerLet's Encrypt Subjectcdn.glitch.global FingerprintF2:EB:85:15:C1:89:0D:2A:EF:A5:2E:07:1E:4F:69:31:EF:1C:8C:06 ValiditySun, 31 Mar 2024 19:31:34 GMT - Sat, 29 Jun 2024 19:31:33 GMT
Size1.7 MB (1654775 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /8d5109a6-1873-4f95-9253-bd838b3669c7/video.mp4 HTTP/1.1
Host: cdn.glitch.global
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
x-amz-id-2: qXOqNmjef5euvfhVbuyKWHNHSfusznrX8q70XgPUmX4ryfc2no7PJ24cQhX7DU0z2FyFGAdzrPs=
x-amz-request-id: 56K9S0MNVQ9657A3
last-modified: Mon, 04 Apr 2022 12:42:29 GMT
etag: "710095c093f6424f5bad42c310538527"
cache-control: max-age=31536000
content-type: video/mp4
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
access-control-allow-methods: GET, HEAD, POST
access-control-allow-origin: *
content-security-policy: script-src 'none'
accept-ranges: bytes
age: 244121
content-range: bytes 0-20737963/20737964
date: Wed, 08 May 2024 18:02:39 GMT
x-served-by: cache-iad-kiad7000062-IAD, cache-hel1410026-HEL
x-cache: HIT, HIT
x-cache-hits: 2347, 0
x-timer: S1715191360.741200,VS0,VE1
content-length: 20737964
X-Firefox-Spdy: h2
|
|
| pub-67e1775130984d3b982c6ca41261bc0c.r2.dev/favicon.ico | 0.0.0.0 | | 0 B |
URL GET pub-67e1775130984d3b982c6ca41261bc0c.r2.dev/favicon.ico IP0.0.0.0:0
Requested byhttps://pub-67e1775130984d3b982c6ca41261bc0c.r2.dev/index.html CertificateIssuerLet's Encrypt Subject*.r2.dev Fingerprint48:74:F0:98:E0:A1:57:3E:86:18:BF:B3:DC:C9:7A:5B:53:50:FE:E0 ValidityFri, 05 Apr 2024 15:25:24 GMT - Thu, 04 Jul 2024 15:25:23 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Docusign |
GET /favicon.ico HTTP/1.1
Host: pub-67e1775130984d3b982c6ca41261bc0c.r2.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-67e1775130984d3b982c6ca41261bc0c.r2.dev/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
|
|