Report - patient-wind.dentclinic.workers.dev/

Report Overview

Submitted URL
patient-wind.dentclinic.workers.dev/
IP
104.21.50.177
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-18 19:04:24
Access
public
Website Title
Instagram
Final URL
patient-wind.dentclinic.workers.dev/
Tags
instagram meta social phishing
urlquery detections
Phishing - Instagram

Detections

urlquery
12
Network Intrusion Detection
1
Threat Detection Systems
20

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
patient-wind.dentclinic.workers.dev	unknown	unknown	No data	No data	7.2 kB	911 kB	104.21.50.177
static.cdninstagram.com	61231	2014-05-01	2017-02-22	2024-04-18	12 kB	2.6 MB	31.13.72.53

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-04-18 19:03:54	low	Client IP	104.21.50.177	ET INFO Observed Cloudflare workers.dev Domain in TLS SNI

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-18	medium	patient-wind.dentclinic.workers.dev/	Instagram
2024-04-18	medium	patient-wind.dentclinic.workers.dev/	Instagram
2024-04-18	medium	patient-wind.dentclinic.workers.dev/	Instagram
2024-04-18	medium	patient-wind.dentclinic.workers.dev/	Instagram
2024-04-18	medium	patient-wind.dentclinic.workers.dev/	Instagram
2024-04-18	medium	patient-wind.dentclinic.workers.dev/	Instagram
2024-04-18	medium	patient-wind.dentclinic.workers.dev/	Instagram
2024-04-18	medium	patient-wind.dentclinic.workers.dev/	Instagram
2024-04-18	medium	patient-wind.dentclinic.workers.dev/	Instagram
2024-04-18	medium	patient-wind.dentclinic.workers.dev/	Instagram

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (20)

	URL	Size	First Seen	Last Seen
	static.cdninstagram.com/rsrc.php/v3iQJP4/ym/l/en_US/lijpjbYsPNmsxg0yuue5Ca423EZOgm1ALhwPHuE2_a7_Ngm6arFbm6-BYBHirbomYfPWmUtfXgE70u4f5F4PtmLbHzzQyzZ3zNRnTy2o4hFfBLPBmRPygIsNGegBPePAYhFI5Ppx2hs_Ch8f6ZRsq2DM6_XArhnWexxns7NA2PmDXS8TsN_SBsRUTOdWHNW1vjD32O9bwG3q8gMbJt7paJXk9u_e4lammGOzGi_Q4qAPa9z16RymGTYN0C7-OTa-ZDR8RuD2vqbPDLwqDS59tQNGwiH18CvsWqehdEtWw12LiJjUdcQGCH-OEV-4Wj0DQVEH-g-FDC.js?_nc_x=Ij3Wp8lg5Kz	3.1 MB	2024-04-18	2024-04-18
Pretty URL static.cdninstagram.com/rsrc.php/v3iQJP4/ym/l/en_US/lijpjbYsPNmsxg0yuue5Ca423EZOgm1ALhwPHuE2_a7_Ngm6arFbm6-BYBHirbomYfPWmUtfXgE70u4f5F4PtmLbHzzQyzZ3zNRnTy2o4hFfBLPBmRPygIsNGegBPePAYhFI5Ppx2hs_Ch8f6ZRsq2DM6_XArhnWexxns7NA2PmDXS8TsN_SBsRUTOdWHNW1vjD32O9bwG3q8gMbJt7paJXk9u_e4lammGOzGi_Q4qAPa9z16RymGTYN0C7-OTa-ZDR8RuD2vqbPDLwqDS59tQNGwiH18CvsWqehdEtWw12LiJjUdcQGCH-OEV-4Wj0DQVEH-g-FDC.js?_nc_x=Ij3Wp8lg5Kz IP 31.13.72.53 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 21:04:33 Last Seen2024-04-18 21:04:35 Times Seen2 Hash 894323ca264b63f3604085218dda8293 1273eaded375cf206104e2130b51e3b8098280d3 67191495b0127d38539eb84e5caf48c6a972837055fcf1819e30d0d63ab6374a Loading...

	static.cdninstagram.com/rsrc.php/v3i7M54/yc/l/en_US/OS4XiGf8B3J.js?_nc_x=Ij3Wp8lg5Kz	44 kB	2024-03-30	2024-04-24
Pretty URL static.cdninstagram.com/rsrc.php/v3i7M54/yc/l/en_US/OS4XiGf8B3J.js?_nc_x=Ij3Wp8lg5Kz IP 31.13.72.53 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-30 19:34:27 Last Seen2024-04-24 08:09:13 Times Seen81 Hash 4bf4da66a420e2e10a7d79b5ae9d7394 318f7fd2ea33eaf11e56263ee8584939c810e327 9638a13b4850b49f644721365f4d6a570405110a539e0f178853b31f0a32941e Loading...

	static.cdninstagram.com/rsrc.php/v3/yl/r/wMX1SRmuPgU.js?_nc_x=Ij3Wp8lg5Kz	172 kB	2024-03-23	2024-04-24
Pretty URL static.cdninstagram.com/rsrc.php/v3/yl/r/wMX1SRmuPgU.js?_nc_x=Ij3Wp8lg5Kz IP 31.13.72.53 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-23 19:12:23 Last Seen2024-04-24 08:09:13 Times Seen137 Hash 024b1e572c03685fe4ec7299943bfe03 8f014207819cda7433b85aab795eda9578467807 cb105f383f1c8c4e49513ece1bbf600aedd0b7c0c463d2e5e2a533cb7cd02c60 Loading...

	static.cdninstagram.com/rsrc.php/v3ifvW4/yP/l/en_US/Nzkp7SjN2xI.js?_nc_x=Ij3Wp8lg5Kz	671 kB	2024-04-13	2024-04-18
Pretty URL static.cdninstagram.com/rsrc.php/v3ifvW4/yP/l/en_US/Nzkp7SjN2xI.js?_nc_x=Ij3Wp8lg5Kz IP 31.13.72.53 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-13 19:05:27 Last Seen2024-04-18 21:04:35 Times Seen20 Hash 04442214ef6636eeb5d0d189a5f62f1d 5dbf75812d504c050505b695e8cb82701f3f5831 847d7b7aa66a63c25b5943986e1188f609dd1aff12560bbe7abfb1c88cfd39c3 Loading...

	static.cdninstagram.com/rsrc.php/v3/ys/r/7KFSuqiN3rP.js?_nc_x=Ij3Wp8lg5Kz	963 B	2023-04-26	2024-04-28
Pretty URL static.cdninstagram.com/rsrc.php/v3/ys/r/7KFSuqiN3rP.js?_nc_x=Ij3Wp8lg5Kz IP 31.13.72.53 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-26 14:28:59 Last Seen2024-04-28 19:26:33 Times Seen1066 Hash ac442c71b8ad509620547f552be4c00a 7c83c6d95e16b435f331c77e7620f26b9aee4e9a 17be4317664330f160a5ef2f045d07ff8cde6bde12441aa47256a747e65374fe Loading...

	static.cdninstagram.com/rsrc.php/v3/y2/r/cMd_SZov9Ei.js?_nc_x=Ij3Wp8lg5Kz	273 B	2024-03-28	2024-05-01
Pretty URL static.cdninstagram.com/rsrc.php/v3/y2/r/cMd_SZov9Ei.js?_nc_x=Ij3Wp8lg5Kz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-28 06:43:36 Last Seen2024-05-01 19:24:30 Times Seen86 Hash be263331f8a8b794378a183f0fe01a30 76d86eded17b3d5d7b53d72f72c5bd408f8d6d4d eb444f64f35ab77c79e9b6a663814ca0e24b169ba92a2a3228bf7ec8aa801e58 Loading...

	static.cdninstagram.com/rsrc.php/v3/yo/r/rMjUV3tlg5-.js?_nc_x=Ij3Wp8lg5Kz	961 B	2023-08-15	2024-05-01
Pretty URL static.cdninstagram.com/rsrc.php/v3/yo/r/rMjUV3tlg5-.js?_nc_x=Ij3Wp8lg5Kz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-15 00:40:05 Last Seen2024-05-01 19:24:30 Times Seen2813 Hash f7d45f6cdfe7b145035fefc5518577da 6666c260403bf3851849ca5955d57d85ddffed66 548ba844583be9db2a87dfdfa9a3cc30f52aff0eb6d164c2eb280b5470ed44ad Loading...

	static.cdninstagram.com/rsrc.php/v3iMku4/yr/l/en_US/EJuv8Q4Gmbr.js?_nc_x=Ij3Wp8lg5Kz	152 kB	2024-04-18	2024-04-18
Pretty URL static.cdninstagram.com/rsrc.php/v3iMku4/yr/l/en_US/EJuv8Q4Gmbr.js?_nc_x=Ij3Wp8lg5Kz IP 31.13.72.53 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 21:04:34 Last Seen2024-04-18 21:04:35 Times Seen2 Hash 880075e50f8b87419bdc69de9d04a74e f1ed76499c319c18ed25c4cd2d6165bc301ed9f8 a52f4bfe73ce2091240b9e1c76f98b9f0b8515ec35273e59f74da7231169cb4a Loading...

	static.cdninstagram.com/rsrc.php/v3/yU/r/uisJdChxbEe.js?_nc_x=Ij3Wp8lg5Kz	304 kB	2024-04-18	2024-04-24
Pretty URL static.cdninstagram.com/rsrc.php/v3/yU/r/uisJdChxbEe.js?_nc_x=Ij3Wp8lg5Kz IP 31.13.72.53 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 08:07:32 Last Seen2024-04-24 21:07:06 Times Seen28 Hash e92791ae800aca264f79330fcfb6721e 4c1a6961f30d4c3cc9064d5f73ac7ed61b2e1952 02c2eaebfec729bddc78e39c92d39ff2e16c1387dc7ef751777d2f9e72b5ba8e Loading...

	static.cdninstagram.com/rsrc.php/v3iVjB4/yf/l/en_US/dKLN1lW3HaB.js?_nc_x=Ij3Wp8lg5Kz	916 kB	2024-04-18	2024-04-18
Pretty URL static.cdninstagram.com/rsrc.php/v3iVjB4/yf/l/en_US/dKLN1lW3HaB.js?_nc_x=Ij3Wp8lg5Kz IP 31.13.72.53 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 21:04:34 Last Seen2024-04-18 21:04:35 Times Seen2 Hash 727f7fb3af54242bd429060a993a2756 26f6957ec2782bfa438f10a2be0ee16d164d64af b16c6371070d6d49fa444bba02d0f38d3c0fef0c7e6af3c41ceb73a51a5ec712 Loading...

	static.cdninstagram.com/rsrc.php/v3i_Lz4/yS/l/en_US/fWCc079o0ph.js?_nc_x=Ij3Wp8lg5Kz	470 kB	2024-04-18	2024-04-18
Pretty URL static.cdninstagram.com/rsrc.php/v3i_Lz4/yS/l/en_US/fWCc079o0ph.js?_nc_x=Ij3Wp8lg5Kz IP 31.13.72.53 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 21:04:34 Last Seen2024-04-18 21:04:35 Times Seen2 Hash aaf8221b8b1bdd1e0d6ec50001945e2b c26d5addb85f93511b7100daa43a8e8fa3a7fd56 2aaad1998c803d6c7d56c01cd65c49ee6a8ad9be7bb96944c8cc4dd8a4f34662 Loading...

	static.cdninstagram.com/rsrc.php/v3/yL/r/dbgrMsnD18p.js?_nc_x=Ij3Wp8lg5Kz	422 B	2023-08-15	2024-05-01
Pretty URL static.cdninstagram.com/rsrc.php/v3/yL/r/dbgrMsnD18p.js?_nc_x=Ij3Wp8lg5Kz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-15 00:40:05 Last Seen2024-05-01 19:24:30 Times Seen2813 Hash bc4fd06cf16099df5c8d1087d164befe cc1f81e8715f49591cebf878d71f91e4224ce1d0 79690b8ff5d31df844787e36d4048705a13bfd07f307e42e5087e235e3b16504 Loading...

	static.cdninstagram.com/rsrc.php/v3/yu/r/emmFfFsTUtD.js?_nc_x=Ij3Wp8lg5Kz	1.3 kB	2023-08-15	2024-05-01
Pretty URL static.cdninstagram.com/rsrc.php/v3/yu/r/emmFfFsTUtD.js?_nc_x=Ij3Wp8lg5Kz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-15 00:40:05 Last Seen2024-05-01 19:24:30 Times Seen2813 Hash 7bfa4562a0123d3bdf8c4f995c80feb9 d4419e28eebefbc17a0297939403ba15bdc8c07d a83a319c6e7bf8171265e277fe99f6be0443ce609df2d76316d1f2de1bcdfaa2 Loading...

	static.cdninstagram.com/rsrc.php/v3iIec4/yX/l/en_US/1DsMXwTXNAB.js?_nc_x=Ij3Wp8lg5Kz	275 kB	2024-04-18	2024-04-18
Pretty URL static.cdninstagram.com/rsrc.php/v3iIec4/yX/l/en_US/1DsMXwTXNAB.js?_nc_x=Ij3Wp8lg5Kz IP 31.13.72.53 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 21:04:34 Last Seen2024-04-18 21:04:35 Times Seen2 Hash 96d72bc794af9f52b21aebd570504175 ae1b37386b120344a581264f8688f9a873f47c46 b896f560025e18195bfb535b83934a09173b017a77915342cb5785775dc960e9 Loading...

	static.cdninstagram.com/rsrc.php/v3iCkN4/yW/l/en_US/XL0HG4utHrE.js?_nc_x=Ij3Wp8lg5Kz	611 kB	2024-04-18	2024-04-18
Pretty URL static.cdninstagram.com/rsrc.php/v3iCkN4/yW/l/en_US/XL0HG4utHrE.js?_nc_x=Ij3Wp8lg5Kz IP 31.13.72.53 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 21:04:34 Last Seen2024-04-18 21:04:35 Times Seen2 Hash 4bb538479fc53c25f1fbb9361d9bbe93 37dfc1cde12649b05d8f5f321c19397934cd0e7a 41a275bd243b744bdc39e35cf36abf0f7154c6b668f03780e9f248391776b5da Loading...

	static.cdninstagram.com/rsrc.php/v3/yg/r/pPyylhqFv9y.js?_nc_x=Ij3Wp8lg5Kz	78 kB	2024-04-13	2024-04-18
Pretty URL static.cdninstagram.com/rsrc.php/v3/yg/r/pPyylhqFv9y.js?_nc_x=Ij3Wp8lg5Kz IP 31.13.72.53 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-13 19:05:26 Last Seen2024-04-18 21:04:35 Times Seen20 Hash 945696c3c24945a538d7d73c6bded004 23497b3469cb7b5b345d9345273a8bbed03da0dd dd51af029dbe06ff295485ca150293e744c7e9f9e72e28f0ee5a1b40555a7bce Loading...

	static.cdninstagram.com/rsrc.php/v3iniE4/yW/l/en_US/ievN0Wylb63.js?_nc_x=Ij3Wp8lg5Kz	109 kB	2024-04-14	2024-04-22
Pretty URL static.cdninstagram.com/rsrc.php/v3iniE4/yW/l/en_US/ievN0Wylb63.js?_nc_x=Ij3Wp8lg5Kz IP 31.13.72.53 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-14 19:47:27 Last Seen2024-04-22 20:04:02 Times Seen33 Hash 25e79c3034abae647f589133ed85d94b 54205ea242be49091fbefbfff3e88ecc7bfbefcf 7d7b070a20b5a6f35ab7f2e20eaa93e8cc0030a46c10def28fabc70e6640d3bb Loading...

	static.cdninstagram.com/rsrc.php/v3iMJM4/y5/l/en_US/ZRYRx_6_N9CSzy3QSKi4t79zIjLwYPNHzLMPgvTOCkXN5ohB264gslu_YrvEw8S_cL6FX6W_V-V5G.js?_nc_x=Ij3Wp8lg5Kz	137 kB	2024-04-18	2024-04-18
Pretty URL static.cdninstagram.com/rsrc.php/v3iMJM4/y5/l/en_US/ZRYRx_6_N9CSzy3QSKi4t79zIjLwYPNHzLMPgvTOCkXN5ohB264gslu_YrvEw8S_cL6FX6W_V-V5G.js?_nc_x=Ij3Wp8lg5Kz IP 31.13.72.53 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 21:04:34 Last Seen2024-04-18 21:04:35 Times Seen2 Hash c2359b05edc2be7af36ecd1cba837a2f df714cb31c9dff53bb9833820974cc5015a1cc60 a03ea25a116bd936a0fdae34bfbec637ed76b665f8fb6f39d84edf66e1794e10 Loading...

	static.cdninstagram.com/rsrc.php/v3/yH/r/ZLcKObNuO1b.js?_nc_x=Ij3Wp8lg5Kz	126 B	2023-12-02	2024-05-01
Pretty URL static.cdninstagram.com/rsrc.php/v3/yH/r/ZLcKObNuO1b.js?_nc_x=Ij3Wp8lg5Kz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-02 10:03:12 Last Seen2024-05-01 19:24:30 Times Seen2352 Hash b2f93e99eac952da42895306ecd7e9d0 589a43a48cd6da3d85858dde294e55f235a5e899 41bf28018cbba9df7f9cd3c09452d8b3fa2a8690a381f787113e23fe19c83d2e Loading...

	static.cdninstagram.com/rsrc.php/v3/yc/r/E2a9WfQDMxE.js?_nc_x=Ij3Wp8lg5Kz	1.6 kB	2024-03-06	2024-04-28
Pretty URL static.cdninstagram.com/rsrc.php/v3/yc/r/E2a9WfQDMxE.js?_nc_x=Ij3Wp8lg5Kz IP 31.13.72.53 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-06 19:04:08 Last Seen2024-04-28 19:26:33 Times Seen70 Hash 1ce5e2c18396dccf8a67a5474fe4ec55 21157dd120971f92359f6ff8dce92abb74bbcc8c eb34bf2a9c8e2bf6da1b90a368f597d905dbc525825358acafe5401bf31dce84 Loading...

HTTP Transactions (34)

URL IP Response Size

static.cdninstagram.com/rsrc.php/v3/yr/l/0,cross/WPrndevEYn8zyEpb6SJKFF.css?_nc_x=Ij3Wp8lg5Kz

31.13.72.53

200 OK

1.1 kB

URL GET HTTP/2
static.cdninstagram.com/rsrc.php/v3/yr/l/0,cross/WPrndevEYn8zyEpb6SJKFF.css?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.53:443
ASN
#32934 FACEBOOK

Requested by
https://patient-wind.dentclinic.workers.dev/
Certificate
IssuerDigiCert Inc
Subject*.instagram.com
Fingerprint43:D7:47:48:5F:BB:4A:38:B5:E0:47:51:88:9B:B7:38:7C:8E:A9:47
ValiditySat, 27 Jan 2024 00:00:00 GMT - Fri, 26 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (3608)
Size
1.1 kB (1070 bytes)
Hash
7a64c7c2c16bc47817a7221421285282
2c99e058d8b15c216ac4c52501b069e96e221529
30ad2f24f4cefe24305e5007f17da45fbd7f29f0f6169fe8e45a0d94f5e9a420

HTTP Headers

GET /rsrc.php/v3/yr/l/0,cross/WPrndevEYn8zyEpb6SJKFF.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://patient-wind.dentclinic.workers.dev
DNT: 1
Connection: keep-alive
Referer: https://patient-wind.dentclinic.workers.dev/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: text/css; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 05 Apr 2025 04:09:07 GMT
cache-control: public,max-age=31536000,immutable
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
reporting-endpoints: permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-md5: 8l1npOUQW6XLfIpagElWEw==
x-fb-debug: FzVts3PdDguicu/K247Rh0lj4mAfqsXKYXWjpe3GRV4KKPuyotKsDk1SWdcfAUb00Yfb5h0MMrRuDsDgE1EtZA==
content-length: 1070
date: Thu, 18 Apr 2024 19:03:55 GMT
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=13, mss=1380, tbw=99899, tp=-1, tpl=-1, uplat=2, ullat=-1
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.cdninstagram.com/rsrc.php/v3/y9/l/0,cross/pANZunQCwXdpq_-WeEYvWt.css?_nc_x=Ij3Wp8lg5Kz

31.13.72.53

200 OK

165 kB

URL GET HTTP/2
static.cdninstagram.com/rsrc.php/v3/y9/l/0,cross/pANZunQCwXdpq_-WeEYvWt.css?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.53:443
ASN
#32934 FACEBOOK

Requested by
https://patient-wind.dentclinic.workers.dev/
Certificate
IssuerDigiCert Inc
Subject*.instagram.com
Fingerprint43:D7:47:48:5F:BB:4A:38:B5:E0:47:51:88:9B:B7:38:7C:8E:A9:47
ValiditySat, 27 Jan 2024 00:00:00 GMT - Fri, 26 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (59734)
Size
165 kB (164996 bytes)
Hash
154533090ae2f108e98e5c37fb9ec948
61efbe539d747eb7a33402e22a555a1fab500821
4435d118c51a6b5389aa8fb1c37f44d23e24ba52db8f72022eea4cd1a3610997

HTTP Headers

GET /rsrc.php/v3/y9/l/0,cross/pANZunQCwXdpq_-WeEYvWt.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://patient-wind.dentclinic.workers.dev
DNT: 1
Connection: keep-alive
Referer: https://patient-wind.dentclinic.workers.dev/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: text/css; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 18 Apr 2025 02:12:29 GMT
cache-control: public,max-age=31536000,immutable
reporting-endpoints: permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-md5: 9uE+WOk40KBFJMe/immATA==
x-fb-debug: L9s9miFguQWcW3v9qURvBnM9vn38eAu43HRJE6NfakWYbfkmuvaL91+4MR7Lsh/qiwxQAHS3MW4xdizDuyp2Ww==
content-length: 164996
date: Thu, 18 Apr 2024 19:03:55 GMT
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=13, mss=1380, tbw=3383, tp=-1, tpl=-1, uplat=2, ullat=-1
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.cdninstagram.com/rsrc.php/v3iMku4/yr/l/en_US/EJuv8Q4Gmbr.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.53

200 OK

38 kB

URL GET HTTP/2
static.cdninstagram.com/rsrc.php/v3iMku4/yr/l/en_US/EJuv8Q4Gmbr.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.53:443
ASN
#32934 FACEBOOK

Requested by
https://patient-wind.dentclinic.workers.dev/
Certificate
IssuerDigiCert Inc
Subject*.instagram.com
Fingerprint43:D7:47:48:5F:BB:4A:38:B5:E0:47:51:88:9B:B7:38:7C:8E:A9:47
ValiditySat, 27 Jan 2024 00:00:00 GMT - Fri, 26 Apr 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (10333)
Size
38 kB (38502 bytes)
Hash
880075e50f8b87419bdc69de9d04a74e
f1ed76499c319c18ed25c4cd2d6165bc301ed9f8
a52f4bfe73ce2091240b9e1c76f98b9f0b8515ec35273e59f74da7231169cb4a

HTTP Headers

GET /rsrc.php/v3iMku4/yr/l/en_US/EJuv8Q4Gmbr.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://patient-wind.dentclinic.workers.dev
DNT: 1
Connection: keep-alive
Referer: https://patient-wind.dentclinic.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 18 Apr 2025 03:34:15 GMT
cache-control: public,max-age=31536000,immutable
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
reporting-endpoints: permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-md5: v+5bxjYxInkHu6frUH88vg==
x-fb-debug: R9Bv1ehEzkaxQFIAbUiQ8Oax97qmV1y5Y8Vl3gXqV3wwhIpAhhC8bw48hyxaKGZpHpI573A9NFkx3Z2TUTl+wQ==
content-length: 38502
date: Thu, 18 Apr 2024 19:03:55 GMT
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=14, mss=1380, tbw=99899, tp=-1, tpl=-1, uplat=1, ullat=-1
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.cdninstagram.com/rsrc.php/v3iIec4/yX/l/en_US/1DsMXwTXNAB.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.53

200 OK

56 kB

URL GET HTTP/2
static.cdninstagram.com/rsrc.php/v3iIec4/yX/l/en_US/1DsMXwTXNAB.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.53:443
ASN
#32934 FACEBOOK

Requested by
https://patient-wind.dentclinic.workers.dev/
Certificate
IssuerDigiCert Inc
Subject*.instagram.com
Fingerprint43:D7:47:48:5F:BB:4A:38:B5:E0:47:51:88:9B:B7:38:7C:8E:A9:47
ValiditySat, 27 Jan 2024 00:00:00 GMT - Fri, 26 Apr 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (46199)
Size
56 kB (55910 bytes)
Hash
96d72bc794af9f52b21aebd570504175
ae1b37386b120344a581264f8688f9a873f47c46
b896f560025e18195bfb535b83934a09173b017a77915342cb5785775dc960e9

HTTP Headers

GET /rsrc.php/v3iIec4/yX/l/en_US/1DsMXwTXNAB.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://patient-wind.dentclinic.workers.dev
DNT: 1
Connection: keep-alive
Referer: https://patient-wind.dentclinic.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 18 Apr 2025 03:34:15 GMT
cache-control: public,max-age=31536000,immutable
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
reporting-endpoints: permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-md5: o3mEtyLAR57ASuAmd+78LQ==
x-fb-debug: /lSwRxqXh9feYor4H6/ulaLB2/hvR03HufmTFwizS2QMTTdiU/E7PZnf2sWRJ7KMRCjWQdMWzh1fVpkMECkiQQ==
content-length: 55910
date: Thu, 18 Apr 2024 19:03:55 GMT
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=13, mss=1380, tbw=99899, tp=-1, tpl=-1, uplat=2, ullat=-1
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.cdninstagram.com/rsrc.php/v3/yU/r/uisJdChxbEe.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.53

200 OK

77 kB

URL GET HTTP/2
static.cdninstagram.com/rsrc.php/v3/yU/r/uisJdChxbEe.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.53:443
ASN
#32934 FACEBOOK

Requested by
https://patient-wind.dentclinic.workers.dev/
Certificate
IssuerDigiCert Inc
Subject*.instagram.com
Fingerprint43:D7:47:48:5F:BB:4A:38:B5:E0:47:51:88:9B:B7:38:7C:8E:A9:47
ValiditySat, 27 Jan 2024 00:00:00 GMT - Fri, 26 Apr 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (11228)
Size
77 kB (76753 bytes)
Hash
e92791ae800aca264f79330fcfb6721e
4c1a6961f30d4c3cc9064d5f73ac7ed61b2e1952
02c2eaebfec729bddc78e39c92d39ff2e16c1387dc7ef751777d2f9e72b5ba8e

HTTP Headers

GET /rsrc.php/v3/yU/r/uisJdChxbEe.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://patient-wind.dentclinic.workers.dev
DNT: 1
Connection: keep-alive
Referer: https://patient-wind.dentclinic.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 18 Apr 2025 01:03:40 GMT
cache-control: public,max-age=31536000,immutable
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
reporting-endpoints: permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-md5: Pdtqy02Y3N6lFBfCnq7g/Q==
x-fb-debug: Gsq1arwQ+YfUounEOwEHCh6I7JvD9HehDTv9BuGraFj7/6ZCnxMx1chiVYb/XzVIyfRkrjm001Ctg+vNvpxeAw==
content-length: 76753
date: Thu, 18 Apr 2024 19:03:55 GMT
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=14, mss=1380, tbw=99899, tp=-1, tpl=-1, uplat=4, ullat=-1
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.cdninstagram.com/rsrc.php/v3iCkN4/yW/l/en_US/XL0HG4utHrE.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.53

200 OK

130 kB

URL GET HTTP/2
static.cdninstagram.com/rsrc.php/v3iCkN4/yW/l/en_US/XL0HG4utHrE.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.53:443
ASN
#32934 FACEBOOK

Requested by
https://patient-wind.dentclinic.workers.dev/
Certificate
IssuerDigiCert Inc
Subject*.instagram.com
Fingerprint43:D7:47:48:5F:BB:4A:38:B5:E0:47:51:88:9B:B7:38:7C:8E:A9:47
ValiditySat, 27 Jan 2024 00:00:00 GMT - Fri, 26 Apr 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (19868)
Size
130 kB (129621 bytes)
Hash
4bb538479fc53c25f1fbb9361d9bbe93
37dfc1cde12649b05d8f5f321c19397934cd0e7a
41a275bd243b744bdc39e35cf36abf0f7154c6b668f03780e9f248391776b5da

HTTP Headers

GET /rsrc.php/v3iCkN4/yW/l/en_US/XL0HG4utHrE.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://patient-wind.dentclinic.workers.dev
DNT: 1
Connection: keep-alive
Referer: https://patient-wind.dentclinic.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 17 Apr 2025 23:18:41 GMT
cache-control: public,max-age=31536000,immutable
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
reporting-endpoints: permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-md5: Z64irubY/5DBiyPtog/pqw==
x-fb-debug: fm4qTOHRWMwVJEb9G7ikzLStu1eQlP6nEL0VeLKU/BI1JNfodSMB166DeTJ8As2RcbYaujkc2P3sPpRF26M7aw==
content-length: 129621
date: Thu, 18 Apr 2024 19:03:55 GMT
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=14, mss=1380, tbw=99899, tp=-1, tpl=-1, uplat=2, ullat=-1
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

patient-wind.dentclinic.workers.dev/

104.21.50.177

200 OK

280 kB

URL User Request GET HTTP/2
patient-wind.dentclinic.workers.dev/
IP
104.21.50.177:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectdentclinic.workers.dev
Fingerprint42:01:8F:C2:40:89:0D:84:FB:DE:0E:3B:CC:D2:E1:1A:B3:DD:15:89
ValidityMon, 18 Mar 2024 00:44:58 GMT - Sun, 16 Jun 2024 00:44:57 GMT

File type
HTML document, ASCII text, with very long lines (65536), with no line terminators
Size
280 kB (279900 bytes)
Hash
fd01153bd83cbb9e357af33472b22828
6fab47fb47b10e9ee6c2e78e66beae5a66e4992b
35ecd1b3990584bbc27cb0b1eefcd67913c86daf24a3b920a33409d6b0cab28c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Instagram
OpenPhish	phishing	Instagram

HTTP Headers

GET / HTTP/1.1
Host: patient-wind.dentclinic.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 19:03:55 GMT
content-type: text/html; charset="utf-8"
cf-ray: 8766eae74c25568d-OSL
cf-cache-status: DYNAMIC
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
set-cookie: csrftoken=QzgfJIDAbDqg8e-k7s4QPu; expires=Thu, 17-Apr-2025 19:03:54 GMT; Max-Age=31449600; path=/; domain=.instagram.com; secure; SameSite=None
strict-transport-security: max-age=31536000; preload; includeSubDomains
vary: Accept-Encoding
accept-ch: viewport-width,dpr,Sec-CH-Prefers-Color-Scheme,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model
accept-ch-lifetime: 4838400
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=86400
content-security-policy: frame-ancestors 'self' https://*.dentclinic.site;
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
cross-origin-resource-policy: same-origin
document-policy: force-load-at-top
permissions-policy: accelerometer=(self), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(self), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(self), gyroscope=(self), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown", permissions_policy="https://www.instagram.com/error/ig_web_error_reports/"
x-content-type-options: nosniff
x-fb-debug: KZcf0PoR97LQpbeY77rGFZb3O3d4XZzW+S/aRWn1Agz5l7aoIzc56Op0HcPQC9Ox/3ncLzj1xFQ6ks899C8stA==
x-frame-options: ALLOW FROM https://*.dentclinic.site
x-stack: www
x-xss-protection: 0
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

static.cdninstagram.com/rsrc.php/v3iQJP4/ym/l/en_US/lijpjbYsPNmsxg0yuue5Ca423EZOgm1ALhwPHuE2_a7_Ngm6arFbm6-BYBHirbomYfPWmUtfXgE70u4f5F4PtmLbHzzQyzZ3zNRnTy2o4hFfBLPBmRPygIsNGegBPePAYhFI5Ppx2hs_Ch8f6ZRsq2DM6_XArhnWexxns7NA2PmDXS8TsN_SBsRUTOdWHNW1vjD32O9bwG3q8gMbJt7paJXk9u_e4lammGOzGi_Q4qAPa9z16RymGTYN0C7-OTa-ZDR8RuD2vqbPDLwqDS59tQNGwiH18CvsWqehdEtWw12LiJjUdcQGCH-OEV-4Wj0DQVEH-g-FDC.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.53

200 OK

630 kB

URL GET HTTP/2
static.cdninstagram.com/rsrc.php/v3iQJP4/ym/l/en_US/lijpjbYsPNmsxg0yuue5Ca423EZOgm1ALhwPHuE2_a7_Ngm6arFbm6-BYBHirbomYfPWmUtfXgE70u4f5F4PtmLbHzzQyzZ3zNRnTy2o4hFfBLPBmRPygIsNGegBPePAYhFI5Ppx2hs_Ch8f6ZRsq2DM6_XArhnWexxns7NA2PmDXS8TsN_SBsRUTOdWHNW1vjD32O9bwG3q8gMbJt7paJXk9u_e4lammGOzGi_Q4qAPa9z16RymGTYN0C7-OTa-ZDR8RuD2vqbPDLwqDS59tQNGwiH18CvsWqehdEtWw12LiJjUdcQGCH-OEV-4Wj0DQVEH-g-FDC.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.53:443
ASN
#32934 FACEBOOK

Requested by
https://patient-wind.dentclinic.workers.dev/
Certificate
IssuerDigiCert Inc
Subject*.instagram.com
Fingerprint43:D7:47:48:5F:BB:4A:38:B5:E0:47:51:88:9B:B7:38:7C:8E:A9:47
ValiditySat, 27 Jan 2024 00:00:00 GMT - Fri, 26 Apr 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (18520)
Size
630 kB (630170 bytes)
Hash
894323ca264b63f3604085218dda8293
1273eaded375cf206104e2130b51e3b8098280d3
67191495b0127d38539eb84e5caf48c6a972837055fcf1819e30d0d63ab6374a

HTTP Headers

GET /rsrc.php/v3iQJP4/ym/l/en_US/lijpjbYsPNmsxg0yuue5Ca423EZOgm1ALhwPHuE2_a7_Ngm6arFbm6-BYBHirbomYfPWmUtfXgE70u4f5F4PtmLbHzzQyzZ3zNRnTy2o4hFfBLPBmRPygIsNGegBPePAYhFI5Ppx2hs_Ch8f6ZRsq2DM6_XArhnWexxns7NA2PmDXS8TsN_SBsRUTOdWHNW1vjD32O9bwG3q8gMbJt7paJXk9u_e4lammGOzGi_Q4qAPa9z16RymGTYN0C7-OTa-ZDR8RuD2vqbPDLwqDS59tQNGwiH18CvsWqehdEtWw12LiJjUdcQGCH-OEV-4Wj0DQVEH-g-FDC.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://patient-wind.dentclinic.workers.dev
DNT: 1
Connection: keep-alive
Referer: https://patient-wind.dentclinic.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 18 Apr 2025 09:03:33 GMT
cache-control: public,max-age=31536000,immutable
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
reporting-endpoints: permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-md5: RivABTZKN4BSTysjW5tOuw==
x-fb-debug: nBDjW6366IlH5CrmSc/V9GSDimPIGw9FCoa+MmOtu5UA65xd3LH65aGINj0Xcb/5bBpm+cW8PMJO+StgCQFysg==
content-length: 630170
date: Thu, 18 Apr 2024 19:03:55 GMT
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=28, mss=1380, tbw=99899, tp=-1, tpl=-1, uplat=10, ullat=-1
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.cdninstagram.com/rsrc.php/v3/yI/r/VsNE-OHk_8a.png

31.13.72.53

200 OK

1.8 kB

URL GET HTTP/3
static.cdninstagram.com/rsrc.php/v3/yI/r/VsNE-OHk_8a.png
IP
31.13.72.53:443
ASN
#32934 FACEBOOK

Requested by
https://patient-wind.dentclinic.workers.dev/
Certificate
IssuerDigiCert Inc
Subject*.instagram.com
Fingerprint43:D7:47:48:5F:BB:4A:38:B5:E0:47:51:88:9B:B7:38:7C:8E:A9:47
ValiditySat, 27 Jan 2024 00:00:00 GMT - Fri, 26 Apr 2024 23:59:59 GMT

File type
PNG image data, 32 x 32, 8-bit colormap, non-interlaced
Size
1.8 kB (1772 bytes)
Hash
5fddd61c351f6618b787afaea041831b
388ddf3c6954dee2dd245aec7bccedf035918b69
fdc2ac0085453fedb24be138132b4858add40ec998259ae94fafb9decd459e69

HTTP Headers

GET /rsrc.php/v3/yI/r/VsNE-OHk_8a.png HTTP/1.1
Host: static.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://patient-wind.dentclinic.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: X93WHDUfZhi3h6+uoEGDGw==
expires: Sun, 06 Apr 2025 00:35:20 GMT
cache-control: public,max-age=31536000,immutable
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
reporting-endpoints: permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
origin-agent-cluster: ?0
x-fb-debug: Gg6DynMHDHQ6ZYEbEd5mUU84nnVjrCbp1RjaFkmhlq1SDoX+DVVoudMBoAhqMyFZRUIfQ4iw4/ofTMHhMKto6Q==
content-length: 1772
date: Thu, 18 Apr 2024 19:03:56 GMT
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=12, rtx=0, c=39, mss=1232, tbw=5028, tp=9, tpl=0, uplat=0, ullat=-1
alt-svc: h3=":443"; ma=86400
priority: u=6

static.cdninstagram.com/rsrc.php/y4/r/QaBlI0OZiks.ico

31.13.72.53

200 OK

2.2 kB

URL GET HTTP/3
static.cdninstagram.com/rsrc.php/y4/r/QaBlI0OZiks.ico
IP
31.13.72.53:443
ASN
#32934 FACEBOOK

Requested by
https://patient-wind.dentclinic.workers.dev/
Certificate
IssuerDigiCert Inc
Subject*.instagram.com
Fingerprint43:D7:47:48:5F:BB:4A:38:B5:E0:47:51:88:9B:B7:38:7C:8E:A9:47
ValiditySat, 27 Jan 2024 00:00:00 GMT - Fri, 26 Apr 2024 23:59:59 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
2.2 kB (2214 bytes)
Hash
c3431d927d91a0a9e9a538ce6c98c6b0
95e8c80ee4b90b8157b1350248f5e3ea26e9644e
d31ce478c9729130303a3537a43906bc8164debf5546f7ad4d1beed9d9b2c630

HTTP Headers

GET /rsrc.php/y4/r/QaBlI0OZiks.ico HTTP/1.1
Host: static.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://patient-wind.dentclinic.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: image/x-icon
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: w0Mdkn2RoKnppTjObJjGsA==
expires: Sun, 06 Apr 2025 03:08:10 GMT
cache-control: public,max-age=31536000,immutable
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
reporting-endpoints: permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-debug: 4TKAthlPFiTp4M0wN9NRhdCy/vxXmdfj1Mxb5dc2afX1N0+LzYI1trf7oN4zMU8gQDftVpi8l940QeOMOxd+6A==
content-length: 2214
date: Thu, 18 Apr 2024 19:03:56 GMT
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=12, rtx=0, c=39, mss=1232, tbw=8132, tp=13, tpl=0, uplat=0, ullat=-1
alt-svc: h3=":443"; ma=86400
priority: u=6

static.cdninstagram.com/images/instagram/xig/homepage/phones/home-phones.png?__makehaste_cache_breaker=HOgRclNOosk

31.13.72.53

200 OK

100 kB

URL GET HTTP/3
static.cdninstagram.com/images/instagram/xig/homepage/phones/home-phones.png?__makehaste_cache_breaker=HOgRclNOosk
IP
31.13.72.53:443
ASN
#32934 FACEBOOK

Requested by
https://patient-wind.dentclinic.workers.dev/
Certificate
IssuerDigiCert Inc
Subject*.instagram.com
Fingerprint43:D7:47:48:5F:BB:4A:38:B5:E0:47:51:88:9B:B7:38:7C:8E:A9:47
ValiditySat, 27 Jan 2024 00:00:00 GMT - Fri, 26 Apr 2024 23:59:59 GMT

File type
PNG image data, 465 x 635, 8-bit/color RGBA, non-interlaced
Size
100 kB (99677 bytes)
Hash
43fe412a5a8e044e23154de68b79f21b
ed97e0340a962f09b7de0c91ef9601badcd4582b
75de72e5509f4c6eaecc24f8b5a0236b302d0c466470222c3fe4f2b1d775944f

HTTP Headers

GET /images/instagram/xig/homepage/phones/home-phones.png?__makehaste_cache_breaker=HOgRclNOosk HTTP/1.1
Host: static.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.cdninstagram.com/rsrc.php/v3/y9/l/0,cross/pANZunQCwXdpq_-WeEYvWt.css?_nc_x=Ij3Wp8lg5Kz
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: image/png
access-control-allow-origin: *
content-md5: Q/5BKlqOBE4jFU3mi3nyGw==
expires: Fri, 19 Apr 2024 04:24:28 GMT
cache-control: public,max-age=86400
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
document-policy: force-load-at-top
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-content-type-options: nosniff
timing-allow-origin: *
strict-transport-security: max-age=15552000; includeSubDomains
x-fb-debug: dtBrYsNpCr15Ep4Rtuu2Ns4pbGShW765L6KWWNym1JiJUu4AF2PBXkK25q7myWGk/gDPdNTTnnkU4Lx8S3u+lQ==
content-length: 99677
date: Thu, 18 Apr 2024 19:04:02 GMT
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=0, c=43, mss=1232, tbw=10852, tp=19, tpl=0, uplat=1, ullat=-1
alt-svc: h3=":443"; ma=86400
priority: u=4

static.cdninstagram.com/rsrc.php/v3/yM/r/8n91YnfPq0s.png

31.13.72.53

200 OK

7.8 kB

URL GET HTTP/3
static.cdninstagram.com/rsrc.php/v3/yM/r/8n91YnfPq0s.png
IP
31.13.72.53:443
ASN
#32934 FACEBOOK

Requested by
https://patient-wind.dentclinic.workers.dev/
Certificate
IssuerDigiCert Inc
Subject*.instagram.com
Fingerprint43:D7:47:48:5F:BB:4A:38:B5:E0:47:51:88:9B:B7:38:7C:8E:A9:47
ValiditySat, 27 Jan 2024 00:00:00 GMT - Fri, 26 Apr 2024 23:59:59 GMT

File type
PNG image data, 176 x 258, 8-bit colormap, non-interlaced
Size
7.8 kB (7770 bytes)
Hash
ff150c88ad8f6ddf0de2c9bc71e825de
219d11823232f972015cbd0a4465c1163e77f6b8
3c872bf3a6e0470d517b154027b379cd5031f3d00abd3e4f96da8bff77e09ba3

HTTP Headers

GET /rsrc.php/v3/yM/r/8n91YnfPq0s.png HTTP/1.1
Host: static.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://patient-wind.dentclinic.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: /xUMiK2Pbd8N4sm8cegl3g==
expires: Sat, 05 Apr 2025 02:25:03 GMT
cache-control: public,max-age=31536000,immutable
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
reporting-endpoints: permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
origin-agent-cluster: ?0
x-fb-debug: ooU/KoodPbauKAxCCJi/ns7btChDpNI1Go2oviLmofVDrLgZdpOi5XCDT0gXTaoRt5lyWsk0yoNB/OMndJqDxA==
content-length: 7770
date: Thu, 18 Apr 2024 19:04:02 GMT
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=0, c=43, mss=1232, tbw=10852, tp=19, tpl=0, uplat=0, ullat=-1
alt-svc: h3=":443"; ma=86400
priority: u=4

patient-wind.dentclinic.workers.dev/images/instagram/xig/homepage/screenshots/screenshot1.png?__d=www

104.21.50.177

177 kB

URL GET
patient-wind.dentclinic.workers.dev/images/instagram/xig/homepage/screenshots/screenshot1.png?__d=www
IP
104.21.50.177:0
ASN
#13335 CLOUDFLARENET

Requested by
https://patient-wind.dentclinic.workers.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectdentclinic.workers.dev
Fingerprint42:01:8F:C2:40:89:0D:84:FB:DE:0E:3B:CC:D2:E1:1A:B3:DD:15:89
ValidityMon, 18 Mar 2024 00:44:58 GMT - Sun, 16 Jun 2024 00:44:57 GMT

File type
PNG image data, 250 x 541, 8-bit/color RGBA, non-interlaced
Size
177 kB (176752 bytes)
Hash
7fde4dad3b60a5a6f89f81aad821e33a
586783872936a8de6fcb8bb99e28b9bf964e84c1
5845ba9b16bde454793e65d35fe16eedf485c7c6e485c22c518cb2db64208a2e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Instagram
OpenPhish	phishing	Instagram

HTTP Headers

GET /images/instagram/xig/homepage/screenshots/screenshot1.png?__d=www HTTP/1.1
Host: patient-wind.dentclinic.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://patient-wind.dentclinic.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:04:02 GMT
content-type: image/png
content-length: 176752
cf-ray: 8766eb18eb1fb50f-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 0
cache-control: public,max-age=86400
expires: Fri, 19 Apr 2024 19:04:02 GMT
last-modified: Thu, 18 Apr 2024 19:04:02 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
vary: Accept-Encoding
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=86400
content-md5: f95NrTtgpab4n4Gq2CHjOg==
content-security-policy: frame-ancestors 'self' https://*.dentclinic.site;
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
cross-origin-resource-policy: cross-origin
document-policy: force-load-at-top
edge-control: cache-maxage=86400s
permissions-policy: accelerometer=(self), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(self), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(self), gyroscope=(self), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown", permissions_policy="https://www.instagram.com/error/ig_web_error_reports/"
timing-allow-origin: *
x-content-type-options: nosniff
x-fb-debug: cNA/8wGKGZgDD3fHOASap/avXdf1MCKI3P1TrfG00u/rK93/+H6UpkLFlO9HMudRd47ngNGQm7LSA+1qDTetwA==
x-frame-options: ALLOW FROM https://*.dentclinic.site
x-stack: www
server: cloudflare

patient-wind.dentclinic.workers.dev/images/instagram/xig/homepage/screenshots/screenshot2.png?__d=www

104.21.50.177

52 kB

URL GET
patient-wind.dentclinic.workers.dev/images/instagram/xig/homepage/screenshots/screenshot2.png?__d=www
IP
104.21.50.177:0
ASN
#13335 CLOUDFLARENET

Requested by
https://patient-wind.dentclinic.workers.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectdentclinic.workers.dev
Fingerprint42:01:8F:C2:40:89:0D:84:FB:DE:0E:3B:CC:D2:E1:1A:B3:DD:15:89
ValidityMon, 18 Mar 2024 00:44:58 GMT - Sun, 16 Jun 2024 00:44:57 GMT

File type
PNG image data, 250 x 541, 8-bit/color RGBA, non-interlaced
Size
52 kB (52369 bytes)
Hash
489d893405d48fa9b0547d2ffc80d8e3
35999d0ae8964cc536fb0f1bcb8a00f49c201503
89152c6b5d650050e542912484e0367ffbe7c6080e1b762fafb3c3aa93b91189

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Instagram
OpenPhish	phishing	Instagram

HTTP Headers

GET /images/instagram/xig/homepage/screenshots/screenshot2.png?__d=www HTTP/1.1
Host: patient-wind.dentclinic.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://patient-wind.dentclinic.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:04:02 GMT
content-type: image/png
content-length: 52369
cf-ray: 8766eb18eb21b50f-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 0
cache-control: public,max-age=86400
expires: Fri, 19 Apr 2024 19:04:02 GMT
last-modified: Thu, 18 Apr 2024 19:04:02 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
vary: Accept-Encoding
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=86400
content-md5: SJ2JNAXUj6mwVH0v/IDY4w==
content-security-policy: frame-ancestors 'self' https://*.dentclinic.site;
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
cross-origin-resource-policy: cross-origin
document-policy: force-load-at-top
edge-control: cache-maxage=86400s
permissions-policy: accelerometer=(self), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(self), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(self), gyroscope=(self), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown", permissions_policy="https://www.instagram.com/error/ig_web_error_reports/"
timing-allow-origin: *
x-content-type-options: nosniff
x-fb-debug: 87lmTbmlnTJF82GFlPkta0tugd8HxAqV2ibDhujdW/7kAYpOYkFQ2By2hobsQHdwDyVcKZzulvAdHpUmhGZjOA==
x-frame-options: ALLOW FROM https://*.dentclinic.site
x-stack: www
server: cloudflare

static.cdninstagram.com/rsrc.php/v3/yg/r/pPyylhqFv9y.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.53

200 OK

20 kB

URL GET HTTP/3
static.cdninstagram.com/rsrc.php/v3/yg/r/pPyylhqFv9y.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.53:443
ASN
#32934 FACEBOOK

Requested by
https://patient-wind.dentclinic.workers.dev/
Certificate
IssuerDigiCert Inc
Subject*.instagram.com
Fingerprint43:D7:47:48:5F:BB:4A:38:B5:E0:47:51:88:9B:B7:38:7C:8E:A9:47
ValiditySat, 27 Jan 2024 00:00:00 GMT - Fri, 26 Apr 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (11317)
Size
20 kB (19636 bytes)
Hash
945696c3c24945a538d7d73c6bded004
23497b3469cb7b5b345d9345273a8bbed03da0dd
dd51af029dbe06ff295485ca150293e744c7e9f9e72e28f0ee5a1b40555a7bce

HTTP Headers

GET /rsrc.php/v3/yg/r/pPyylhqFv9y.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://patient-wind.dentclinic.workers.dev
DNT: 1
Connection: keep-alive
Referer: https://patient-wind.dentclinic.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 12 Apr 2025 17:36:38 GMT
cache-control: public,max-age=31536000,immutable
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
reporting-endpoints: permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-md5: ecIT66sluKZhc7eZU4vRvw==
x-fb-debug: fmqh+LHpRI1XmvUwZYZ6EwW5WVMLUiP4G8iiZyHizBXkbLPK8GfGs+HfrxRzlsFVSJXHt1uOXMYxRiYpOVdp7w==
content-length: 19636
date: Thu, 18 Apr 2024 19:04:02 GMT
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=8, rtx=0, c=74, mss=1232, tbw=122612, tp=112, tpl=0, uplat=0, ullat=-1
alt-svc: h3=":443"; ma=86400
priority: u=3,i

static.cdninstagram.com/rsrc.php/v3iniE4/yW/l/en_US/ievN0Wylb63.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.53

200 OK

26 kB

URL GET HTTP/3
static.cdninstagram.com/rsrc.php/v3iniE4/yW/l/en_US/ievN0Wylb63.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.53:443
ASN
#32934 FACEBOOK

Requested by
https://patient-wind.dentclinic.workers.dev/
Certificate
IssuerDigiCert Inc
Subject*.instagram.com
Fingerprint43:D7:47:48:5F:BB:4A:38:B5:E0:47:51:88:9B:B7:38:7C:8E:A9:47
ValiditySat, 27 Jan 2024 00:00:00 GMT - Fri, 26 Apr 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (7990)
Size
26 kB (26325 bytes)
Hash
25e79c3034abae647f589133ed85d94b
54205ea242be49091fbefbfff3e88ecc7bfbefcf
7d7b070a20b5a6f35ab7f2e20eaa93e8cc0030a46c10def28fabc70e6640d3bb

HTTP Headers

GET /rsrc.php/v3iniE4/yW/l/en_US/ievN0Wylb63.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://patient-wind.dentclinic.workers.dev
DNT: 1
Connection: keep-alive
Referer: https://patient-wind.dentclinic.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 13 Apr 2025 17:09:58 GMT
cache-control: public,max-age=31536000,immutable
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
reporting-endpoints: permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-md5: AJcPegtmXGZsmk/BQUA3RA==
x-fb-debug: RrdaNf/wvEdWmLyshTBGWpLUyuv7cOExXOP9nXVUWOwL92ZdpMlXptpKsTaOAId1/JbsAsRjOZp1QEnJJVNVIQ==
content-length: 26325
date: Thu, 18 Apr 2024 19:04:02 GMT
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=8, rtx=0, c=74, mss=1232, tbw=150852, tp=139, tpl=0, uplat=1, ullat=-1
alt-svc: h3=":443"; ma=86400
priority: u=3,i

static.cdninstagram.com/rsrc.php/v3i7M54/yc/l/en_US/OS4XiGf8B3J.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.53

200 OK

12 kB

URL GET HTTP/3
static.cdninstagram.com/rsrc.php/v3i7M54/yc/l/en_US/OS4XiGf8B3J.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.53:443
ASN
#32934 FACEBOOK

Requested by
https://patient-wind.dentclinic.workers.dev/
Certificate
IssuerDigiCert Inc
Subject*.instagram.com
Fingerprint43:D7:47:48:5F:BB:4A:38:B5:E0:47:51:88:9B:B7:38:7C:8E:A9:47
ValiditySat, 27 Jan 2024 00:00:00 GMT - Fri, 26 Apr 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (29846)
Size
12 kB (12332 bytes)
Hash
4bf4da66a420e2e10a7d79b5ae9d7394
318f7fd2ea33eaf11e56263ee8584939c810e327
9638a13b4850b49f644721365f4d6a570405110a539e0f178853b31f0a32941e

HTTP Headers

GET /rsrc.php/v3i7M54/yc/l/en_US/OS4XiGf8B3J.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://patient-wind.dentclinic.workers.dev
DNT: 1
Connection: keep-alive
Referer: https://patient-wind.dentclinic.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 06 Apr 2025 02:14:50 GMT
cache-control: public,max-age=31536000,immutable
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
reporting-endpoints: permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-md5: dE6Qc2vQNjKq5Z+Ppojxog==
x-fb-debug: ZjSt6Wt/zdMOQfxpnPEbiXvRlUlslAhkX9Fkl9lNP4FdAQ/lg1flYfek90hNzuZzboMV/kmldQHm3jgFTOfRPw==
content-length: 12332
date: Thu, 18 Apr 2024 19:04:02 GMT
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=8, rtx=0, c=74, mss=1232, tbw=187812, tp=169, tpl=0, uplat=0, ullat=-1
alt-svc: h3=":443"; ma=86400
priority: u=3,i

patient-wind.dentclinic.workers.dev/images/instagram/xig/homepage/screenshots/screenshot3.png?__d=www

104.21.50.177

144 kB

URL GET
patient-wind.dentclinic.workers.dev/images/instagram/xig/homepage/screenshots/screenshot3.png?__d=www
IP
104.21.50.177:0
ASN
#13335 CLOUDFLARENET

Requested by
https://patient-wind.dentclinic.workers.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectdentclinic.workers.dev
Fingerprint42:01:8F:C2:40:89:0D:84:FB:DE:0E:3B:CC:D2:E1:1A:B3:DD:15:89
ValidityMon, 18 Mar 2024 00:44:58 GMT - Sun, 16 Jun 2024 00:44:57 GMT

File type
PNG image data, 250 x 541, 8-bit/color RGBA, non-interlaced
Size
144 kB (144177 bytes)
Hash
556d6510a5a3a5f14dcaad9baaf32e13
196322012c89e5753148f29ca57f5b8ae540e61c
848159d4a1ae1606b5a1df2e01254de80019a6342a31684c10597fef854c843a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Instagram
OpenPhish	phishing	Instagram

HTTP Headers

GET /images/instagram/xig/homepage/screenshots/screenshot3.png?__d=www HTTP/1.1
Host: patient-wind.dentclinic.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://patient-wind.dentclinic.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:04:02 GMT
content-type: image/png
content-length: 144177
cf-ray: 8766eb18eb29b50f-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 0
cache-control: public,max-age=86400
expires: Fri, 19 Apr 2024 19:04:02 GMT
last-modified: Thu, 18 Apr 2024 19:04:02 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
vary: Accept-Encoding
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=86400
content-md5: VW1lEKWjpfFNyq2bqvMuEw==
content-security-policy: frame-ancestors 'self' https://*.dentclinic.site;
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
cross-origin-resource-policy: cross-origin
document-policy: force-load-at-top
edge-control: cache-maxage=86400s
permissions-policy: accelerometer=(self), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(self), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(self), gyroscope=(self), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown", permissions_policy="https://www.instagram.com/error/ig_web_error_reports/"
timing-allow-origin: *
x-content-type-options: nosniff
x-fb-debug: vKLeJi39ngxAzdSDmZCDUQ3phxq6zR1DnV6/i9+AmXmwSItjbo9gjIWoSr2yIXHG8+IpoLQ0CVXTIstLRfo5yg==
x-frame-options: ALLOW FROM https://*.dentclinic.site
x-stack: www
server: cloudflare

static.cdninstagram.com/rsrc.php/v3/yl/r/wMX1SRmuPgU.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.53

200 OK

50 kB

URL GET HTTP/3
static.cdninstagram.com/rsrc.php/v3/yl/r/wMX1SRmuPgU.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.53:443
ASN
#32934 FACEBOOK

Requested by
https://patient-wind.dentclinic.workers.dev/
Certificate
IssuerDigiCert Inc
Subject*.instagram.com
Fingerprint43:D7:47:48:5F:BB:4A:38:B5:E0:47:51:88:9B:B7:38:7C:8E:A9:47
ValiditySat, 27 Jan 2024 00:00:00 GMT - Fri, 26 Apr 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (47309)
Size
50 kB (50193 bytes)
Hash
024b1e572c03685fe4ec7299943bfe03
8f014207819cda7433b85aab795eda9578467807
cb105f383f1c8c4e49513ece1bbf600aedd0b7c0c463d2e5e2a533cb7cd02c60

HTTP Headers

GET /rsrc.php/v3/yl/r/wMX1SRmuPgU.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://patient-wind.dentclinic.workers.dev
DNT: 1
Connection: keep-alive
Referer: https://patient-wind.dentclinic.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 06 Apr 2025 03:08:29 GMT
cache-control: public,max-age=31536000,immutable
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
reporting-endpoints: permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-md5: /qE7QWUJXwLlSUvTCbOGOg==
x-fb-debug: XwN4WF+Hcknr9vBX/JVWelCuz8bceRR6LeISYIZ7Dz1i3DSNw9fmr1fEypm1szROkUjg96eOZZlVIRLI03aFlQ==
content-length: 50193
date: Thu, 18 Apr 2024 19:04:02 GMT
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=8, rtx=0, c=74, mss=1232, tbw=209988, tp=187, tpl=0, uplat=0, ullat=-1
alt-svc: h3=":443"; ma=86400
priority: u=3,i

static.cdninstagram.com/rsrc.php/v3iMJM4/y5/l/en_US/ZRYRx_6_N9CSzy3QSKi4t79zIjLwYPNHzLMPgvTOCkXN5ohB264gslu_YrvEw8S_cL6FX6W_V-V5G.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.53

200 OK

36 kB

URL GET HTTP/3
static.cdninstagram.com/rsrc.php/v3iMJM4/y5/l/en_US/ZRYRx_6_N9CSzy3QSKi4t79zIjLwYPNHzLMPgvTOCkXN5ohB264gslu_YrvEw8S_cL6FX6W_V-V5G.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.53:443
ASN
#32934 FACEBOOK

Requested by
https://patient-wind.dentclinic.workers.dev/
Certificate
IssuerDigiCert Inc
Subject*.instagram.com
Fingerprint43:D7:47:48:5F:BB:4A:38:B5:E0:47:51:88:9B:B7:38:7C:8E:A9:47
ValiditySat, 27 Jan 2024 00:00:00 GMT - Fri, 26 Apr 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (7558)
Size
36 kB (36543 bytes)
Hash
c2359b05edc2be7af36ecd1cba837a2f
df714cb31c9dff53bb9833820974cc5015a1cc60
a03ea25a116bd936a0fdae34bfbec637ed76b665f8fb6f39d84edf66e1794e10

HTTP Headers

GET /rsrc.php/v3iMJM4/y5/l/en_US/ZRYRx_6_N9CSzy3QSKi4t79zIjLwYPNHzLMPgvTOCkXN5ohB264gslu_YrvEw8S_cL6FX6W_V-V5G.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://patient-wind.dentclinic.workers.dev
DNT: 1
Connection: keep-alive
Referer: https://patient-wind.dentclinic.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 17 Apr 2025 18:19:29 GMT
cache-control: public,max-age=31536000,immutable
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
reporting-endpoints: permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
origin-agent-cluster: ?0
content-md5: GGikgSNbQz89QOq06NDcXQ==
x-fb-debug: OQEj+62qFtirqcp9MC6gMLVv69mjDkkXOJzxiywk3f7zf1gLFD98pBKA6OKIEb3WOFpjLv/3IQCtuH9rzyBI8g==
content-length: 36543
date: Thu, 18 Apr 2024 19:04:02 GMT
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=8, rtx=0, c=74, mss=1232, tbw=180420, tp=163, tpl=0, uplat=1, ullat=-1
alt-svc: h3=":443"; ma=86400
priority: u=3,i

patient-wind.dentclinic.workers.dev/images/instagram/xig/homepage/screenshots/screenshot4.png?__d=www

104.21.50.177

225 kB

URL GET
patient-wind.dentclinic.workers.dev/images/instagram/xig/homepage/screenshots/screenshot4.png?__d=www
IP
104.21.50.177:0
ASN
#13335 CLOUDFLARENET

Requested by
https://patient-wind.dentclinic.workers.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectdentclinic.workers.dev
Fingerprint42:01:8F:C2:40:89:0D:84:FB:DE:0E:3B:CC:D2:E1:1A:B3:DD:15:89
ValidityMon, 18 Mar 2024 00:44:58 GMT - Sun, 16 Jun 2024 00:44:57 GMT

File type
PNG image data, 250 x 541, 8-bit/color RGBA, non-interlaced
Size
225 kB (224707 bytes)
Hash
0e729fc097a960b8f6bf3135fe5d2374
107bf2dadb7af1d1bfd1f3804c8f567ac369f1be
dcb2003d503eec26e3b6bf40bcb83c6d23f6dbc8f1321a23f0277176e4473dfe

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Instagram
OpenPhish	phishing	Instagram

HTTP Headers

GET /images/instagram/xig/homepage/screenshots/screenshot4.png?__d=www HTTP/1.1
Host: patient-wind.dentclinic.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://patient-wind.dentclinic.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:04:02 GMT
content-type: image/png
content-length: 224707
cf-ray: 8766eb18eb2bb50f-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 0
cache-control: public,max-age=86400
expires: Fri, 19 Apr 2024 19:04:02 GMT
last-modified: Thu, 18 Apr 2024 19:04:02 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
vary: Accept-Encoding
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=86400
content-md5: DnKfwJepYLj2vzE1/l0jdA==
content-security-policy: frame-ancestors 'self' https://*.dentclinic.site;
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
cross-origin-resource-policy: cross-origin
document-policy: force-load-at-top
edge-control: cache-maxage=86400s
permissions-policy: accelerometer=(self), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(self), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(self), gyroscope=(self), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown", permissions_policy="https://www.instagram.com/error/ig_web_error_reports/"
timing-allow-origin: *
x-content-type-options: nosniff
x-fb-debug: 0e0gBELocp9ucH41vjQS3eEXqOrHEV6Df97uFrAq0LIfNhkvtaLW8djeOBT/10/wT1ngGL8I8HiVhJ3kJ084fQ==
x-frame-options: ALLOW FROM https://*.dentclinic.site
x-stack: www
server: cloudflare

static.cdninstagram.com/rsrc.php/v3i_Lz4/yS/l/en_US/fWCc079o0ph.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.53

200 OK

96 kB

URL GET HTTP/3
static.cdninstagram.com/rsrc.php/v3i_Lz4/yS/l/en_US/fWCc079o0ph.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.53:443
ASN
#32934 FACEBOOK

Requested by
https://patient-wind.dentclinic.workers.dev/
Certificate
IssuerDigiCert Inc
Subject*.instagram.com
Fingerprint43:D7:47:48:5F:BB:4A:38:B5:E0:47:51:88:9B:B7:38:7C:8E:A9:47
ValiditySat, 27 Jan 2024 00:00:00 GMT - Fri, 26 Apr 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (6543)
Size
96 kB (95501 bytes)
Hash
aaf8221b8b1bdd1e0d6ec50001945e2b
c26d5addb85f93511b7100daa43a8e8fa3a7fd56
2aaad1998c803d6c7d56c01cd65c49ee6a8ad9be7bb96944c8cc4dd8a4f34662

HTTP Headers

GET /rsrc.php/v3i_Lz4/yS/l/en_US/fWCc079o0ph.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://patient-wind.dentclinic.workers.dev
DNT: 1
Connection: keep-alive
Referer: https://patient-wind.dentclinic.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 18 Apr 2025 03:06:21 GMT
cache-control: public,max-age=31536000,immutable
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
reporting-endpoints: permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-md5: GTcjo42IW+23AQ5g5hDcXw==
x-fb-debug: M8PuduU+W8BUoGG5brnAmNa1WmV54XXCBuweTlaBgkla6fmiQBDSowiWJgivQ1V1PoWAkDg13GGrjSHweWzT/A==
content-length: 95501
date: Thu, 18 Apr 2024 19:04:02 GMT
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=8, rtx=0, c=74, mss=1232, tbw=214916, tp=191, tpl=0, uplat=0, ullat=-1
alt-svc: h3=":443"; ma=86400
priority: u=3,i

static.cdninstagram.com/rsrc.php/v3ifvW4/yP/l/en_US/Nzkp7SjN2xI.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.53

200 OK

158 kB

URL GET HTTP/3
static.cdninstagram.com/rsrc.php/v3ifvW4/yP/l/en_US/Nzkp7SjN2xI.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.53:443
ASN
#32934 FACEBOOK

Requested by
https://patient-wind.dentclinic.workers.dev/
Certificate
IssuerDigiCert Inc
Subject*.instagram.com
Fingerprint43:D7:47:48:5F:BB:4A:38:B5:E0:47:51:88:9B:B7:38:7C:8E:A9:47
ValiditySat, 27 Jan 2024 00:00:00 GMT - Fri, 26 Apr 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (51011)
Size
158 kB (157521 bytes)
Hash
04442214ef6636eeb5d0d189a5f62f1d
5dbf75812d504c050505b695e8cb82701f3f5831
847d7b7aa66a63c25b5943986e1188f609dd1aff12560bbe7abfb1c88cfd39c3

HTTP Headers

GET /rsrc.php/v3ifvW4/yP/l/en_US/Nzkp7SjN2xI.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://patient-wind.dentclinic.workers.dev
DNT: 1
Connection: keep-alive
Referer: https://patient-wind.dentclinic.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 12 Apr 2025 19:29:47 GMT
cache-control: public,max-age=31536000,immutable
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
reporting-endpoints: permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-md5: olUa0uSVcHCM711PyI2aQg==
x-fb-debug: L95Bx1rFDLcqGlEz3RQlbDbpBgcP4dxgFAlxpPxvhFUBxuFvp3Jfu7AI8tXPrVPWMpx8XYsAYq2sOBCRE6+V4Q==
content-length: 157521
date: Thu, 18 Apr 2024 19:04:02 GMT
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=8, rtx=0, c=74, mss=1232, tbw=143156, tp=132, tpl=0, uplat=1, ullat=-1
alt-svc: h3=":443"; ma=86400
priority: u=3,i

static.cdninstagram.com/rsrc.php/v3/yt/r/Yfc020c87j0.png

31.13.72.53

200 OK

3.8 kB

URL GET HTTP/3
static.cdninstagram.com/rsrc.php/v3/yt/r/Yfc020c87j0.png
IP
31.13.72.53:443
ASN
#32934 FACEBOOK

Requested by
https://patient-wind.dentclinic.workers.dev/
Certificate
IssuerDigiCert Inc
Subject*.instagram.com
Fingerprint43:D7:47:48:5F:BB:4A:38:B5:E0:47:51:88:9B:B7:38:7C:8E:A9:47
ValiditySat, 27 Jan 2024 00:00:00 GMT - Fri, 26 Apr 2024 23:59:59 GMT

File type
PNG image data, 306 x 90, 8-bit colormap, non-interlaced
Size
3.8 kB (3754 bytes)
Hash
4b70f6fae44727678540b68e876908b1
d5a23520acdf18636380e1a88d3de2a1efbf6ce1
14c09561486ba385a8a62bc0a8b41e03638a6334648113a7f28be47271eccb5e

HTTP Headers

GET /rsrc.php/v3/yt/r/Yfc020c87j0.png HTTP/1.1
Host: static.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://patient-wind.dentclinic.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: S3D2+uRHJ2eFQLaOh2kIsQ==
expires: Thu, 17 Apr 2025 04:21:55 GMT
cache-control: public,max-age=31536000,immutable
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
reporting-endpoints: permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-debug: FZw6wmcWz9ltidGaflOnOgdhGpSA5xD9K0ViUPw6Ewwdg9kYfArbygTDkoff2YXnoT7WrzHF2x+a2YdyuDreew==
content-length: 3754
date: Thu, 18 Apr 2024 19:04:02 GMT
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=8, rtx=0, c=319, mss=1232, tbw=534284, tp=452, tpl=0, uplat=0, ullat=-1
alt-svc: h3=":443"; ma=86400
priority: u=4

static.cdninstagram.com/rsrc.php/v3/yz/r/c5Rp7Ym-Klz.png

31.13.72.53

200 OK

6.0 kB

URL GET HTTP/3
static.cdninstagram.com/rsrc.php/v3/yz/r/c5Rp7Ym-Klz.png
IP
31.13.72.53:443
ASN
#32934 FACEBOOK

Requested by
https://patient-wind.dentclinic.workers.dev/
Certificate
IssuerDigiCert Inc
Subject*.instagram.com
Fingerprint43:D7:47:48:5F:BB:4A:38:B5:E0:47:51:88:9B:B7:38:7C:8E:A9:47
ValiditySat, 27 Jan 2024 00:00:00 GMT - Fri, 26 Apr 2024 23:59:59 GMT

File type
PNG image data, 564 x 168, 8-bit colormap, non-interlaced
Size
6.0 kB (5975 bytes)
Hash
ffc0fc3cc70c7e7775a833dc8176cdbb
08f561d3c63f15c31132c5ba7bba7f6c41e51e44
923d80c7ae9a06d102f46b3e47564fa6fadd9a2f3dd3633cc19ac5eeb25bd4ad

HTTP Headers

GET /rsrc.php/v3/yz/r/c5Rp7Ym-Klz.png HTTP/1.1
Host: static.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://patient-wind.dentclinic.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: /8D8PMcMfnd1qDPcgXbNuw==
expires: Sat, 05 Apr 2025 02:15:50 GMT
cache-control: public,max-age=31536000,immutable
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
reporting-endpoints: permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
origin-agent-cluster: ?0
x-fb-debug: YiCFMaM/7CPd0RhJeg2Rap0dy8XBQcCEpiHE+tQd9QS3gM4AP27gZuwZDtnhT+A8++ICOJFR3VIlxZTjNUV8JA==
content-length: 5975
date: Thu, 18 Apr 2024 19:04:02 GMT
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=8, rtx=0, c=319, mss=1232, tbw=534284, tp=452, tpl=0, uplat=0, ullat=-1
alt-svc: h3=":443"; ma=86400
priority: u=4

static.cdninstagram.com/rsrc.php/v3/ys/r/7KFSuqiN3rP.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.53

200 OK

241 B

URL GET HTTP/3
static.cdninstagram.com/rsrc.php/v3/ys/r/7KFSuqiN3rP.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.53:443
ASN
#32934 FACEBOOK

Requested by
https://patient-wind.dentclinic.workers.dev/
Certificate
IssuerDigiCert Inc
Subject*.instagram.com
Fingerprint43:D7:47:48:5F:BB:4A:38:B5:E0:47:51:88:9B:B7:38:7C:8E:A9:47
ValiditySat, 27 Jan 2024 00:00:00 GMT - Fri, 26 Apr 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (344)
Size
241 B (241 bytes)
Hash
ac442c71b8ad509620547f552be4c00a
7c83c6d95e16b435f331c77e7620f26b9aee4e9a
17be4317664330f160a5ef2f045d07ff8cde6bde12441aa47256a747e65374fe

HTTP Headers

GET /rsrc.php/v3/ys/r/7KFSuqiN3rP.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://patient-wind.dentclinic.workers.dev
DNT: 1
Connection: keep-alive
Referer: https://patient-wind.dentclinic.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 05 Apr 2025 04:12:15 GMT
cache-control: public,max-age=31536000,immutable
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
reporting-endpoints: permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-md5: hhZFDKMvFVBHCiOyo9t0+Q==
x-fb-debug: rrl4mhF13E4mVPenfJiMa0gZxAkMQIxCmPU5mjrm88VrkrOzQA2CB2ojKZzh5owUJCyseX392YQT43np14fONQ==
content-length: 241
date: Thu, 18 Apr 2024 19:04:03 GMT
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=0, c=385, mss=1232, tbw=547300, tp=466, tpl=0, uplat=0, ullat=-1
alt-svc: h3=":443"; ma=86400
priority: u=3,i

patient-wind.dentclinic.workers.dev/ajax/bz?__a=1&__ccg=UNKNOWN&__comet_req=7&__d=www&__hs=19831.HYP%3Ainstagram_web_pkg.2.1..0.0&__hsi=7359284874085772997&__req=5&__rev=1012876217&__s=%3A%3Am4ou8j&__spin_b=trunk&__spin_r=1012876217&__spin_t=1713467034&__user=0&dpr=1&jazoest=21030&lsd=AVrhoYJsq8g&ph=C3

104.21.50.177

200 OK

0 B

URL POST HTTP/3
patient-wind.dentclinic.workers.dev/ajax/bz?__a=1&__ccg=UNKNOWN&__comet_req=7&__d=www&__hs=19831.HYP%3Ainstagram_web_pkg.2.1..0.0&__hsi=7359284874085772997&__req=5&__rev=1012876217&__s=%3A%3Am4ou8j&__spin_b=trunk&__spin_r=1012876217&__spin_t=1713467034&__user=0&dpr=1&jazoest=21030&lsd=AVrhoYJsq8g&ph=C3
IP
104.21.50.177:443
ASN
#13335 CLOUDFLARENET

Requested by
https://patient-wind.dentclinic.workers.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectdentclinic.workers.dev
Fingerprint42:01:8F:C2:40:89:0D:84:FB:DE:0E:3B:CC:D2:E1:1A:B3:DD:15:89
ValidityMon, 18 Mar 2024 00:44:58 GMT - Sun, 16 Jun 2024 00:44:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Instagram
OpenPhish	phishing	Instagram

HTTP Headers

POST /ajax/bz?__a=1&__ccg=UNKNOWN&__comet_req=7&__d=www&__hs=19831.HYP%3Ainstagram_web_pkg.2.1..0.0&__hsi=7359284874085772997&__req=5&__rev=1012876217&__s=%3A%3Am4ou8j&__spin_b=trunk&__spin_r=1012876217&__spin_t=1713467034&__user=0&dpr=1&jazoest=21030&lsd=AVrhoYJsq8g&ph=C3 HTTP/1.1
Host: patient-wind.dentclinic.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------126715294010260050992844458309
Content-Length: 938
Origin: https://patient-wind.dentclinic.workers.dev
DNT: 1
Connection: keep-alive
Referer: https://patient-wind.dentclinic.workers.dev/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:04:03 GMT
content-type: text/html; charset="utf-8"
content-length: 0
cf-ray: 8766eb1b1d98b50f-OSL
cf-cache-status: DYNAMIC
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=86400
content-security-policy: frame-ancestors 'self' https://*.dentclinic.site;
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
cross-origin-resource-policy: cross-origin
document-policy: force-load-at-top
permissions-policy: accelerometer=(self), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(self), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(self), gyroscope=(self), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown", permissions_policy="https://www.instagram.com/error/ig_web_error_reports/"
x-content-type-options: nosniff
x-fb-debug: OFZSVjBEIFe588sAf2Ya3L19XJyrhB4SM9BQdAmCOn/vObNMrcN+j54rZSVmOobVQTV+/yfvpaIwRDsOtSC1og==
x-frame-options: ALLOW FROM https://*.dentclinic.site
x-stack: www
x-xss-protection: 0
vary: Accept-Encoding
server: cloudflare

patient-wind.dentclinic.workers.dev/ajax/bulk-route-definitions/

104.21.50.177

200 OK

2.4 kB

URL POST HTTP/3
patient-wind.dentclinic.workers.dev/ajax/bulk-route-definitions/
IP
104.21.50.177:443
ASN
#13335 CLOUDFLARENET

Requested by
https://patient-wind.dentclinic.workers.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectdentclinic.workers.dev
Fingerprint42:01:8F:C2:40:89:0D:84:FB:DE:0E:3B:CC:D2:E1:1A:B3:DD:15:89
ValidityMon, 18 Mar 2024 00:44:58 GMT - Sun, 16 Jun 2024 00:44:57 GMT

File type
ASCII text, with very long lines (9977), with no line terminators
Size
2.4 kB (2354 bytes)
Hash
b4490c6b9849bd774abc741d179e370a
8d8d5aa25fdbf75cdbd88b1e48e270de1cc2ae76
f8293b3bff30dd1ba0009980f45cbec0ae50376810128ddafc939940d64d7d9f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Instagram
OpenPhish	phishing	Instagram

HTTP Headers

POST /ajax/bulk-route-definitions/ HTTP/1.1
Host: patient-wind.dentclinic.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-IG-D: www
Content-Type: application/x-www-form-urlencoded
X-FB-LSD: AVrhoYJsq8g
X-ASBD-ID: 129477
Content-Length: 825
Origin: https://patient-wind.dentclinic.workers.dev
DNT: 1
Connection: keep-alive
Referer: https://patient-wind.dentclinic.workers.dev/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:04:03 GMT
content-type: text/javascript; charset=utf-8
cf-ray: 8766eb1a6cbeb50f-OSL
cf-cache-status: DYNAMIC
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
vary: Accept-Encoding
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=86400
content-security-policy: frame-ancestors 'self' https://*.dentclinic.site;
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
cross-origin-resource-policy: same-site
document-policy: force-load-at-top
permissions-policy: accelerometer=(self), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(self), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(self), gyroscope=(self), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown", permissions_policy="https://www.instagram.com/error/ig_web_error_reports/"
x-content-type-options: nosniff
x-fb-debug: /am6Tvs7zvlbVUInBzlJvcEFgGEamOMeZWXNDG2tELlaVwaByeREf24pmX0IgmlF7mcJrynKfCOrgSiOQn8AhQ==
x-frame-options: ALLOW FROM https://*.dentclinic.site
x-stack: www
x-xss-protection: 0
server: cloudflare
content-encoding: br

patient-wind.dentclinic.workers.dev/ajax/bz?__a=1&__ccg=UNKNOWN&__comet_req=7&__d=www&__hs=19831.HYP%3Ainstagram_web_pkg.2.1..0.0&__hsi=7359284874085772997&__req=6&__rev=1012876217&__s=%3A%3Am4ou8j&__spin_b=trunk&__spin_r=1012876217&__spin_t=1713467034&__user=0&dpr=1&jazoest=21030&lsd=AVrhoYJsq8g&ph=C3

104.21.50.177

200 OK

0 B

URL POST HTTP/3
patient-wind.dentclinic.workers.dev/ajax/bz?__a=1&__ccg=UNKNOWN&__comet_req=7&__d=www&__hs=19831.HYP%3Ainstagram_web_pkg.2.1..0.0&__hsi=7359284874085772997&__req=6&__rev=1012876217&__s=%3A%3Am4ou8j&__spin_b=trunk&__spin_r=1012876217&__spin_t=1713467034&__user=0&dpr=1&jazoest=21030&lsd=AVrhoYJsq8g&ph=C3
IP
104.21.50.177:443
ASN
#13335 CLOUDFLARENET

Requested by
https://patient-wind.dentclinic.workers.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectdentclinic.workers.dev
Fingerprint42:01:8F:C2:40:89:0D:84:FB:DE:0E:3B:CC:D2:E1:1A:B3:DD:15:89
ValidityMon, 18 Mar 2024 00:44:58 GMT - Sun, 16 Jun 2024 00:44:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Instagram
OpenPhish	phishing	Instagram

HTTP Headers

POST /ajax/bz?__a=1&__ccg=UNKNOWN&__comet_req=7&__d=www&__hs=19831.HYP%3Ainstagram_web_pkg.2.1..0.0&__hsi=7359284874085772997&__req=6&__rev=1012876217&__s=%3A%3Am4ou8j&__spin_b=trunk&__spin_r=1012876217&__spin_t=1713467034&__user=0&dpr=1&jazoest=21030&lsd=AVrhoYJsq8g&ph=C3 HTTP/1.1
Host: patient-wind.dentclinic.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------94526511218813078643799023978
Content-Length: 8092
Origin: https://patient-wind.dentclinic.workers.dev
DNT: 1
Connection: keep-alive
Referer: https://patient-wind.dentclinic.workers.dev/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:04:03 GMT
content-type: text/html; charset="utf-8"
content-length: 0
cf-ray: 8766eb1db8cdb50f-OSL
cf-cache-status: DYNAMIC
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=86400
content-security-policy: frame-ancestors 'self' https://*.dentclinic.site;
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
cross-origin-resource-policy: cross-origin
document-policy: force-load-at-top
permissions-policy: accelerometer=(self), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(self), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(self), gyroscope=(self), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown", permissions_policy="https://www.instagram.com/error/ig_web_error_reports/"
x-content-type-options: nosniff
x-fb-debug: CRN+miOaLIaCjs6L6qkH5/9k2mXtAdEzAKxtgW0PvbSUf0Lu0tDYjtLfWZTP2x8fusVA/tm4x9/BjQMOncofAQ==
x-frame-options: ALLOW FROM https://*.dentclinic.site
x-stack: www
x-xss-protection: 0
vary: Accept-Encoding
server: cloudflare

patient-wind.dentclinic.workers.dev/ajax/bz?__a=1&__ccg=UNKNOWN&__comet_req=7&__d=www&__hs=19831.HYP%3Ainstagram_web_pkg.2.1..0.0&__hsi=7359284874085772997&__req=7&__rev=1012876217&__s=%3A%3Am4ou8j&__spin_b=trunk&__spin_r=1012876217&__spin_t=1713467034&__user=0&dpr=1&jazoest=21030&lsd=AVrhoYJsq8g&ph=C3

104.21.50.177

200 OK

0 B

URL POST HTTP/3
patient-wind.dentclinic.workers.dev/ajax/bz?__a=1&__ccg=UNKNOWN&__comet_req=7&__d=www&__hs=19831.HYP%3Ainstagram_web_pkg.2.1..0.0&__hsi=7359284874085772997&__req=7&__rev=1012876217&__s=%3A%3Am4ou8j&__spin_b=trunk&__spin_r=1012876217&__spin_t=1713467034&__user=0&dpr=1&jazoest=21030&lsd=AVrhoYJsq8g&ph=C3
IP
104.21.50.177:443
ASN
#13335 CLOUDFLARENET

Requested by
https://patient-wind.dentclinic.workers.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectdentclinic.workers.dev
Fingerprint42:01:8F:C2:40:89:0D:84:FB:DE:0E:3B:CC:D2:E1:1A:B3:DD:15:89
ValidityMon, 18 Mar 2024 00:44:58 GMT - Sun, 16 Jun 2024 00:44:57 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Instagram
OpenPhish	phishing	Instagram

HTTP Headers

POST /ajax/bz?__a=1&__ccg=UNKNOWN&__comet_req=7&__d=www&__hs=19831.HYP%3Ainstagram_web_pkg.2.1..0.0&__hsi=7359284874085772997&__req=7&__rev=1012876217&__s=%3A%3Am4ou8j&__spin_b=trunk&__spin_r=1012876217&__spin_t=1713467034&__user=0&dpr=1&jazoest=21030&lsd=AVrhoYJsq8g&ph=C3 HTTP/1.1
Host: patient-wind.dentclinic.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------370357338442337955953190044414
Content-Length: 1649
Origin: https://patient-wind.dentclinic.workers.dev
DNT: 1
Connection: keep-alive
Referer: https://patient-wind.dentclinic.workers.dev/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:04:11 GMT
content-type: text/html; charset="utf-8"
content-length: 0
cf-ray: 8766eb4c3d53b50f-OSL
cf-cache-status: DYNAMIC
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=86400
content-security-policy: frame-ancestors 'self' https://*.dentclinic.site;
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
cross-origin-resource-policy: cross-origin
document-policy: force-load-at-top
permissions-policy: accelerometer=(self), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(self), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(self), gyroscope=(self), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown", permissions_policy="https://www.instagram.com/error/ig_web_error_reports/"
x-content-type-options: nosniff
x-fb-debug: jTmTd9YprJ10rRlAePqA4I0JFXn6vN/JudFgQiN9BXwJowS0GuK8oKzxD/59+Jdm/Xh5LT4dWLabp3yDtVqlNg==
x-frame-options: ALLOW FROM https://*.dentclinic.site
x-stack: www
x-xss-protection: 0
vary: Accept-Encoding
server: cloudflare

static.cdninstagram.com/rsrc.php/v3iVjB4/yf/l/en_US/dKLN1lW3HaB.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.53

200 OK

916 kB

URL GET HTTP/2
static.cdninstagram.com/rsrc.php/v3iVjB4/yf/l/en_US/dKLN1lW3HaB.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.53:443
ASN
#32934 FACEBOOK

Requested by
https://patient-wind.dentclinic.workers.dev/
Certificate
IssuerDigiCert Inc
Subject*.instagram.com
Fingerprint43:D7:47:48:5F:BB:4A:38:B5:E0:47:51:88:9B:B7:38:7C:8E:A9:47
ValiditySat, 27 Jan 2024 00:00:00 GMT - Fri, 26 Apr 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (8707)
Size
916 kB (916036 bytes)
Hash
727f7fb3af54242bd429060a993a2756
26f6957ec2782bfa438f10a2be0ee16d164d64af
b16c6371070d6d49fa444bba02d0f38d3c0fef0c7e6af3c41ceb73a51a5ec712

HTTP Headers

GET /rsrc.php/v3iVjB4/yf/l/en_US/dKLN1lW3HaB.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://patient-wind.dentclinic.workers.dev
DNT: 1
Connection: keep-alive
Referer: https://patient-wind.dentclinic.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 18 Apr 2025 03:05:59 GMT
cache-control: public,max-age=31536000,immutable
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
reporting-endpoints: permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-md5: MuTaO3xeUnEO7nPhMuwh4g==
x-fb-debug: rZT6QL3YZ7983XtUEUu8mO2vLkk9Us+4JRKf3zlEX0tgg6NCoc/t0gGIkfZ/FSouqw7Zt8HJUT+vq6X/k5ZjjQ==
content-length: 210170
date: Thu, 18 Apr 2024 19:03:55 GMT
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=14, mss=1380, tbw=99899, tp=-1, tpl=-1, uplat=1, ullat=-1
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

patient-wind.dentclinic.workers.dev/api/graphql

104.21.50.177

200 OK

135 B

URL POST HTTP/3
patient-wind.dentclinic.workers.dev/api/graphql
IP
104.21.50.177:443
ASN
#13335 CLOUDFLARENET

Requested by
https://patient-wind.dentclinic.workers.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectdentclinic.workers.dev
Fingerprint42:01:8F:C2:40:89:0D:84:FB:DE:0E:3B:CC:D2:E1:1A:B3:DD:15:89
ValidityMon, 18 Mar 2024 00:44:58 GMT - Sun, 16 Jun 2024 00:44:57 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
135 B (135 bytes)
Hash
5efbdc96a0ce73cc4fe120aea7be5674
4dbf5e541c07de9bb80644e24e566c1f07f2ff41
58740cedd1a82b0c19c49de1aacd0e93b853b060daac96d055ccc26f42bcdee6

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Instagram
OpenPhish	phishing	Instagram

HTTP Headers

POST /api/graphql HTTP/1.1
Host: patient-wind.dentclinic.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
X-FB-Friendly-Name: PolarisAPIFetchBatchQuickPromotionsQuery
X-CSRFToken: QzgfJIDAbDqg8e-k7s4QPu
X-IG-App-ID: 936619743392459
X-FB-LSD: AVrhoYJsq8g
X-ASBD-ID: 129477
Content-Length: 13059
Origin: https://patient-wind.dentclinic.workers.dev
DNT: 1
Connection: keep-alive
Referer: https://patient-wind.dentclinic.workers.dev/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:04:02 GMT
content-type: text/javascript; charset=utf-8
cf-ray: 8766eb18cb02b50f-OSL
cf-cache-status: DYNAMIC
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
vary: Accept-Encoding
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=86400
content-security-policy: frame-ancestors 'self' https://*.dentclinic.site;
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
cross-origin-resource-policy: same-site
document-policy: force-load-at-top
permissions-policy: accelerometer=(self), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(self), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(self), gyroscope=(self), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown", permissions_policy="https://www.instagram.com/error/ig_web_error_reports/"
x-content-type-options: nosniff
x-fb-debug: MiL7wfQlR79xkSZ7r6KnJXJtdPNB5WC/71F7AZ7/L8H/EnhSwmD9bEsbPqZdm5ESmKHcOp9/fQ5mGtnUMs6oBQ==
x-frame-options: ALLOW FROM https://*.dentclinic.site
x-stack: www
x-xss-protection: 0
server: cloudflare
content-encoding: br

static.cdninstagram.com/rsrc.php/v3/yc/r/E2a9WfQDMxE.js?_nc_x=Ij3Wp8lg5Kz

31.13.72.53

200 OK

1.6 kB

URL GET HTTP/3
static.cdninstagram.com/rsrc.php/v3/yc/r/E2a9WfQDMxE.js?_nc_x=Ij3Wp8lg5Kz
IP
31.13.72.53:443
ASN
#32934 FACEBOOK

Requested by
https://patient-wind.dentclinic.workers.dev/
Certificate
IssuerDigiCert Inc
Subject*.instagram.com
Fingerprint43:D7:47:48:5F:BB:4A:38:B5:E0:47:51:88:9B:B7:38:7C:8E:A9:47
ValiditySat, 27 Jan 2024 00:00:00 GMT - Fri, 26 Apr 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (1653), with no line terminators
Size
1.6 kB (1577 bytes)
Hash
9fddfed037fc1b6aaa62020be9396152
666f1193954c466c2fd2c52723d923fe798b1086
14aa6fe131d7347bd8f116381fde4d00ad9ffd65a35183bbc72bc8e73909df30

HTTP Headers

GET /rsrc.php/v3/yc/r/E2a9WfQDMxE.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://patient-wind.dentclinic.workers.dev
DNT: 1
Connection: keep-alive
Referer: https://patient-wind.dentclinic.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 05 Apr 2025 04:32:03 GMT
cache-control: public,max-age=31536000,immutable
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
timing-allow-origin: *
document-policy: force-load-at-top
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
reporting-endpoints: permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-md5: UXX3MNyG+M4Dre3ixFh72w==
x-fb-debug: ETi8UY53zy/aAGiirwNZcI24tJk2tXQGHe+mDG72aX9uSI5OSApRS3lCHYqpe2ERw9zh/+sFue78l0jhdv+4yA==
content-length: 281
date: Thu, 18 Apr 2024 19:04:03 GMT
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=0, c=385, mss=1232, tbw=548004, tp=470, tpl=0, uplat=0, ullat=-1
alt-svc: h3=":443"; ma=86400
priority: u=3,i

patient-wind.dentclinic.workers.dev/ajax/qm/?__a=1&__user=0&__comet_req=7&jazoest=21030

104.21.50.177

200 OK

62 B

URL POST HTTP/3
patient-wind.dentclinic.workers.dev/ajax/qm/?__a=1&__user=0&__comet_req=7&jazoest=21030
IP
104.21.50.177:443
ASN
#13335 CLOUDFLARENET

Requested by
https://patient-wind.dentclinic.workers.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectdentclinic.workers.dev
Fingerprint42:01:8F:C2:40:89:0D:84:FB:DE:0E:3B:CC:D2:E1:1A:B3:DD:15:89
ValidityMon, 18 Mar 2024 00:44:58 GMT - Sun, 16 Jun 2024 00:44:57 GMT

File type
ASCII text, with no line terminators
Size
62 B (62 bytes)
Hash
848a548c55792b91c144a276302f8121
168b76969dc299d92fd065280c4f0487d1e8cb86
c2dd8acb890bb86d6b53a2bc0dcf13ec69dd145881aa2607da98048d235f96dc

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Instagram

HTTP Headers

POST /ajax/qm/?__a=1&__user=0&__comet_req=7&jazoest=21030 HTTP/1.1
Host: patient-wind.dentclinic.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 105
Origin: https://patient-wind.dentclinic.workers.dev
DNT: 1
Connection: keep-alive
Referer: https://patient-wind.dentclinic.workers.dev/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:03:55 GMT
content-type: application/x-javascript; charset=utf-8
cf-ray: 8766eaecc88db50f-OSL
cf-cache-status: DYNAMIC
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
vary: Accept-Encoding
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=86400
content-security-policy: frame-ancestors 'self' https://*.dentclinic.site;
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
cross-origin-resource-policy: cross-origin
document-policy: force-load-at-top
permissions-policy: accelerometer=(self), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(self), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(self), gyroscope=(self), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown", permissions_policy="https://www.instagram.com/error/ig_web_error_reports/"
x-content-type-options: nosniff
x-fb-debug: H7GLtUPJ7kebThhP1gCQpXYtow3RxHX8g1c2i3MHi3AlyJtyLGMJvePcM8nNg+IUyZiLXKI+TNCjDHdYmEsXDQ==
x-frame-options: ALLOW FROM https://*.dentclinic.site
x-stack: www
server: cloudflare
content-encoding: br

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (20)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML