Report - lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt

Report Overview

Submitted URL
lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt
IP
104.21.83.117
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-17 23:57:36
Access
public
Website Title
WeTransfer
Final URL
lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt
Tags
wetransfer phishing financial suspicious
urlquery detections
Phishing - WeTransfer
Phishing - Generic phishing
Suspicious - Anti-debugging code

Detections

urlquery
22
Network Intrusion Detection
1
Threat Detection Systems
60

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
prod-cdn.wetransfer.net	25787	2009-02-02	2018-10-23	2024-04-10	2.9 kB	167 kB	54.230.111.83
code.jquery.com	634	2005-12-10	2012-05-21	2024-04-17	514 B	24 kB	151.101.130.137
lingering-thunder-0229.nguyenchong9455.workers.dev	unknown	unknown	No data	No data	7.6 kB	30 MB	104.21.83.117
stackpath.bootstrapcdn.com	2467	2012-05-25	2018-06-15	2024-04-17	485 B	32 kB	104.18.10.207
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-04-17	539 B	7.2 kB	104.17.24.14
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2024-04-17	472 B	1.8 kB	151.101.1.229
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-04-17	465 B	31 kB	142.250.74.106
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18	2024-04-17	533 B	2.0 MB	104.18.10.207
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-04-17	455 B	67 kB	142.250.74.168
d19ptbnuzhibkh.cloudfront.net	unknown	unknown	2021-06-29	2023-04-01	451 B	30 kB	54.230.241.28

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-04-17 23:57:08	low	Client IP	104.21.83.117	ET INFO Observed Cloudflare workers.dev Domain in TLS SNI

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-11	medium	lingering-thunder-0229.nguyenchong9455.workers.dev/	WeTransfer
2024-04-11	medium	lingering-thunder-0229.nguyenchong9455.workers.dev/	WeTransfer
2024-04-11	medium	lingering-thunder-0229.nguyenchong9455.workers.dev/	WeTransfer
2024-04-11	medium	lingering-thunder-0229.nguyenchong9455.workers.dev/	WeTransfer
2024-04-11	medium	lingering-thunder-0229.nguyenchong9455.workers.dev/	WeTransfer
2024-04-11	medium	lingering-thunder-0229.nguyenchong9455.workers.dev/	WeTransfer
2024-04-11	medium	lingering-thunder-0229.nguyenchong9455.workers.dev/	WeTransfer
2024-04-11	medium	lingering-thunder-0229.nguyenchong9455.workers.dev/	WeTransfer
2024-04-11	medium	lingering-thunder-0229.nguyenchong9455.workers.dev/	WeTransfer
2024-04-11	medium	lingering-thunder-0229.nguyenchong9455.workers.dev/	WeTransfer
2024-04-11	medium	lingering-thunder-0229.nguyenchong9455.workers.dev/	WeTransfer
2024-04-11	medium	lingering-thunder-0229.nguyenchong9455.workers.dev/	WeTransfer
2024-04-11	medium	lingering-thunder-0229.nguyenchong9455.workers.dev/	WeTransfer
2024-04-11	medium	lingering-thunder-0229.nguyenchong9455.workers.dev/	WeTransfer
2024-04-11	medium	lingering-thunder-0229.nguyenchong9455.workers.dev/	WeTransfer

PhishTank

Scan Date	Severity	Indicator	Alert
2024-04-12	medium	lingering-thunder-0229.nguyenchong9455.workers.dev/packs/media/actiefgrotesque/ActiefGrotesque_W_Bd-1bdd99f9.woff	WeTransfer
2024-04-12	medium	lingering-thunder-0229.nguyenchong9455.workers.dev/packs/media/actiefgrotesque/ActiefGrotesque_W_Medium-293e86f0.woff	WeTransfer
2024-04-12	medium	lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/en-de295c39cb769807d9fa.js	WeTransfer
2024-04-12	medium	lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/0.txt	WeTransfer
2024-04-12	medium	lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/vendor-ef8fd9ca3a0295622111.js	WeTransfer
2024-04-12	medium	lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/en-0d65947306b8b68f172b.js	WeTransfer
2024-04-12	medium	lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/bat.js	WeTransfer
2024-04-12	medium	lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/gtm_002.js	WeTransfer
2024-04-12	medium	lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/advertising-4aee5180207621f94abeb04df0d9e7e52f4496bf16a55f712.js	WeTransfer
2024-04-12	medium	lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/0.txt	WeTransfer
2024-04-12	medium	lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/wallpaper-59e18dcf37d4cc5f163b.js	WeTransfer
2024-04-12	medium	lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/sp.js	WeTransfer
2024-04-12	medium	lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/gtm.js	WeTransfer
2024-04-12	medium	lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/runtimeapplication-bafdd8b86fd88bb4273d.js	WeTransfer
2024-04-12	medium	lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/17116643.js	WeTransfer

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (30)

	URL	Size	First Seen	Last Seen
	unknown	9.8 kB	2024-04-14	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-14 19:22:36 Last Seen2024-04-26 19:48:30 Times Seen7 Hash 1332cf4694e19249189a53d2763b76e6 91c11039912cba828f9e48c9c8827afb4593e36e a6a1e313fbb141ffe86cb2126197e220f5c94b5ab5f73b5ec4874c0d2ac11ddd Loading...

	maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js	49 kB	2023-03-07	2024-05-01
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js IP 104.18.10.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-05-01 08:30:39 Times Seen138079 Hash 14d449eb8876fa55e1ef3c2cc52b0c17 a9545831803b1359cfeed47e3b4d6bae68e40e99 e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b Loading...

	cdn.jsdelivr.net/npm/jquery.session@1.0.0/jquery.session.min.js	2.3 kB	2023-03-07	2024-05-01
Pretty URL cdn.jsdelivr.net/npm/jquery.session@1.0.0/jquery.session.min.js IP 151.101.1.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28:17 Last Seen2024-05-01 08:11:42 Times Seen3884 Hash c0ac9c9487d60de96dc68dbb25bd8dd6 99419b0be4b85422ff84870e54dbd8a52dc6dab1 76ad6584ac5bdd459939dc7532fae7c2bdd8e22d773ff16d2306f42a1ffc569c Loading...

	stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js	51 kB	2023-03-07	2024-05-01
Pretty URL stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js IP 104.18.10.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-05-01 08:30:39 Times Seen245904 Hash 67176c242e1bdc20603c878dee836df3 27a71b00383d61ef3c489326b3564d698fc1227c 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4 Loading...

	unknown	140 B	2024-04-14	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-14 19:22:36 Last Seen2024-04-26 19:48:30 Times Seen7 Hash 987e5791a36a9beb80c008242cb2bbd4 86427cf79adb28c575f9138354509bc2025262d0 3d76290b79d3b16c6335573aaca4367bcd5a614597d12f621cbdff9415aefaf9 Loading...

	unknown	228 B	2024-04-14	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-14 19:22:36 Last Seen2024-04-26 19:48:30 Times Seen7 Hash b206f5e107171ad2af853908efdc1088 19e9d84e3aa2a9d635330a3637cedf1dbe7bf279 541015826ea5c0ef3c815bce4cd874652381b007acbc168b62fb22d34af88d13 Loading...

	unknown	635 B	2024-04-14	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-14 19:22:36 Last Seen2024-04-26 19:48:30 Times Seen7 Hash cf941fa68ed537e0bdc3af780dc5d658 b920d525f8abf4df6d537c1cf98daee5fceb2b9c 0482790697659a916819ee6969b213aababa5a1aaf739c1beb52a4631ce6eba6 Loading...

	unknown	423 B	2024-04-14	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-14 19:22:36 Last Seen2024-04-26 19:48:30 Times Seen7 Hash 7309c6854a25f6c387561a3a34c38777 5a7a23043bc4b3763dc54c539b3c4177337b48de 68c6c53f6cdfac7512126bdc8d584f1ca12b537f25941c82155c1e56da6a74b1 Loading...

	unknown	336 B	2024-04-14	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-14 19:22:36 Last Seen2024-04-26 19:48:30 Times Seen7 Hash ac54e11fd13d37c441e85c17a445a8e5 e9353c19ddc36807075e0665afea3503def6cae0 969cf549e4b246fa857650c40be5dd8d2823ff451dd95348d15f9e96935797ce Loading...

	unknown	319 B	2024-04-14	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-14 19:22:36 Last Seen2024-04-26 19:48:31 Times Seen7 Hash b58dae9032474b4c31c6bb85f140578f 1bcac89f5d3c9fb04b4171e84d7adf56e435f93f 5e98948455ea3b01a870e69c9036c8e8ebd3804d126fd174a56de33ebd5a4d5a Loading...

	unknown	972 B	2024-04-14	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-14 19:22:36 Last Seen2024-04-26 19:48:30 Times Seen7 Hash 1b6504a225dd164e0d1fd387ee41151d d45d0e8fb4aed1b8c089c7a64e88ba3da0e3cdde 40566b55e938363aa57dfa75fd82cda7688a62b059bd4b15f0d7b6c80e12e59b Loading...

	code.jquery.com/jquery-3.2.1.slim.min.js	70 kB	2023-03-07	2024-05-01
Pretty URL code.jquery.com/jquery-3.2.1.slim.min.js IP 151.101.130.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:43 Last Seen2024-05-01 08:30:39 Times Seen107150 Hash 5f48fc77cac90c4778fa24ec9c57f37d 9e89d1515bc4c371b86f4cb1002fd8e377c1829f 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398 Loading...

	unknown	1.2 kB	2024-04-14	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-14 19:22:36 Last Seen2024-04-26 19:48:30 Times Seen7 Hash 6604a9e07c15d0fe73b3f18d4c4e5b96 58b9d50f3aa82186b971c5c0dae64b156ee5b844 92f219bc8572e502e1c001e19e2e95c2e057e75760de6201a246760c4322f89b Loading...

	unknown	388 B	2024-04-14	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-14 19:22:36 Last Seen2024-04-26 19:48:31 Times Seen7 Hash f542760c6a208c00c1446b0a443bdc89 00e2f69524acd1ee8aaf000d8e08c4dc0250d725 045223a9c25747c577e4d7c25b775d9552dc63848e91731a5ad787ff004febb2 Loading...

	unknown	383 B	2024-04-14	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-14 19:22:36 Last Seen2024-04-26 19:48:31 Times Seen7 Hash 40c8a0f436056ee00831310a8e7a601d 63ba52f63932eb98ce4fc9a13c9a95f885d3cc6a 6b67bb36bc550314c43025792268b9a9bea8255d109ef442090ba62343a83336 Loading...

	ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js	86 kB	2023-03-07	2024-05-01
Pretty URL ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-01 08:36:36 Times Seen386850 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

	unknown	575 B	2024-04-14	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-14 19:22:36 Last Seen2024-04-26 19:48:30 Times Seen7 Hash 407ea273813afdfda8cbf4b364d4fbcc dd4fd20b7c218fd02dab69e8e5faac00714b8d9c 2132ca2a64dfc1e68f980bbeda629c5d4e69b60948ff19f48c39277f094fda93 Loading...

	unknown	580 B	2024-04-14	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-14 19:22:36 Last Seen2024-04-26 19:48:30 Times Seen7 Hash 2c9ded492a0d44fb2cfa3f1d6602a0a0 0f0552f1bcbc84a974dd60a7aa471f787f6e22e5 f87c45f2ad57a605bde29b954c8141ce5462140ad9b7c5d0bb1a5da612eab108 Loading...

	unknown	357 B	2024-04-14	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-14 19:22:36 Last Seen2024-04-26 19:48:30 Times Seen7 Hash 85161efde226f9b17b36715b621a347f 4b79828b71bb5554540634d76d71634371bd7524 4af9d2ea642d04e094cb4eadb3e5a4d368ae8f6ae6d65fcfabb15b1beea1f858 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-5WF5RH4	221 kB	2024-04-18	2024-04-18
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-5WF5RH4 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 01:57:44 Last Seen2024-04-18 01:57:44 Times Seen2 Hash 0ec5eb10544d863c1d857df5180b6341 57ea0ce4a381a809e42d3a5e28aabdf5475ed815 21c2496042b6e84bd173023350d5ed8a2fe166e4ecea9a0fd59d1b512a1b48f0 Loading...

	lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt	2.0 MB	2024-04-14	2024-04-26
Pretty URL lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-14 19:22:36 Last Seen2024-04-26 19:48:30 Times Seen7 Hash 78ef5bc49daa0711a9aa01ef1b9b3789 a17ebe1f6dc5133429f82eb478b910bdd7429d2d 6fd21f41563ac5605deea69f239f1af4ea7dd9bbabcbf030249fff21df9b2ac6 Loading...

	unknown	279 B	2024-04-14	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-14 19:22:36 Last Seen2024-04-26 19:48:30 Times Seen7 Hash 1d856f636dfe9b693cf98ae73ac6b773 094bfaa65860bd8088f19f8ce8ca9ce60c43618b 7b1d5f7257a00d7a29c95937a0a6097f8358d2a059d9ab49fff7b12d26d2ca58 Loading...

	unknown	720 B	2024-04-14	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-14 19:22:36 Last Seen2024-04-26 19:48:30 Times Seen7 Hash 2998039c995c8fd66f3abb25021ed5bb c8c52d13f1cc1e9d4f43ac1b2081d81f6e9d6ae8 e2a401e66c3933fcfa28268c2af3007264a295ae339fa75b6c0c0029b33998e4 Loading...

	unknown	487 B	2024-04-14	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-14 19:22:36 Last Seen2024-04-26 19:48:31 Times Seen7 Hash 90c3d95bd5f80ce8fe1b8796b1b735dd 25975e85c4e989697750a081d31bdcef194f4c89 15788edbbd28537cd32075e12a31f1235f81072673f969793be6e9cf7787e763 Loading...

	cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js	19 kB	2023-03-07	2024-05-01
Pretty URL cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-05-01 08:30:39 Times Seen112841 Hash 70d3fda195602fe8b75e0097eed74dde c3b977aa4b8dfb69d651e07015031d385ded964b a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66 Loading...

	unknown	410 B	2024-04-14	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-14 19:22:36 Last Seen2024-04-26 19:48:30 Times Seen7 Hash 33af995033f0c34aca3b6bee9b9343a5 3c710e6c572fee65a616f0793ad8ba85a6c01543 5448991d10d4f7c65a849d4e6566330338afe06e7cea4c244dac6b06a4297734 Loading...

	unknown	3.3 kB	2024-04-14	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-14 19:22:36 Last Seen2024-04-26 19:48:31 Times Seen7 Hash 4b35045c761b8f9b94bbadc47bf0b9d6 123de922bccf2f36c8b1f1a4347ecdc0fc260518 dd0288f71df922b3934ca7c130e49f2f7000b44640b4c7a6b6aee560086085f2 Loading...

	d19ptbnuzhibkh.cloudfront.net/2.10.2/sp.js	98 kB	2023-03-07	2024-04-26
Pretty URL d19ptbnuzhibkh.cloudfront.net/2.10.2/sp.js IP 54.230.241.28 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:44:05 Last Seen2024-04-26 19:48:31 Times Seen99 Hash 69c0026af7f2b8f2eed23f2f5fc5c68f a0e872c89db6991d03932756d43480e40eb38628 d9a9b2a15666ace13ce304e0a34baaa8a82ce5bc9d01480872869c9871dc552c Loading...

		Size	First Seen	Last Seen
	#1 Write - feb50a7ffb57d45e2bffd582f5242c31	671 kB	2024-04-14	2024-04-26
Pretty Observations First Seen2024-04-14 19:22:37 Last Seen2024-04-26 19:48:31 Times Seen7 Hash feb50a7ffb57d45e2bffd582f5242c31 9a1b4fe71fcd26738aa56a57db9a74ae0468acb6 105298c1b431a633ad0083852b9141dbe7a329d0c439c305f3269baeb26fc096 Loading...

	#2 Write - d41d8cd98f00b204e9800998ecf8427e	0 B	2023-03-07	2024-05-01
Pretty Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-01 08:37:57 Times Seen37239953 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (28)

URL IP Response Size

prod-cdn.wetransfer.net/packs/media/gt-super-wt/GT-Super-WT-Super-1b214df1.woff

54.230.111.83

200 OK

43 kB

URL GET HTTP/2
prod-cdn.wetransfer.net/packs/media/gt-super-wt/GT-Super-WT-Super-1b214df1.woff
IP
54.230.111.83:443
ASN
#16509 AMAZON-02

Requested by
https://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt
Certificate
IssuerAmazon
Subjectwetransfer.net
Fingerprint0B:0D:65:82:74:97:1B:AD:60:D8:48:2B:7D:A7:00:EA:34:08:86:48
ValiditySun, 30 Jul 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT

File type
Web Open Font Format, TrueType, length 43188, version 0.0
Size
43 kB (43188 bytes)
Hash
55576599a2d772f9297c5036d355b1fb
c52e4f9a59137105deb12a3de25ee7d5a15fd286
1e3d5d86432b9bfcdf25ce0e35fd23667cea86f6fa71fa920cd84abb70258f73

HTTP Headers

GET /packs/media/gt-super-wt/GT-Super-WT-Super-1b214df1.woff HTTP/1.1
Host: prod-cdn.wetransfer.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
Origin: https://lingering-thunder-0229.nguyenchong9455.workers.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: font/woff
content-length: 43188
date: Thu, 11 Apr 2024 18:24:22 GMT
last-modified: Thu, 21 Dec 2023 14:25:55 GMT
etag: "55576599a2d772f9297c5036d355b1fb"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lg1pI4XcM_VwytGB5_KC2E4U1eM0ndsTiMP8JX6_wRv2YADurnwCtQ==
age: 538368
X-Firefox-Spdy: h2

prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ActiefGrotesque_W_Regular-1f437876.woff

54.230.111.83

31 kB

URL
prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ActiefGrotesque_W_Regular-1f437876.woff
IP
54.230.111.83:0
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subjectwetransfer.net
Fingerprint0B:0D:65:82:74:97:1B:AD:60:D8:48:2B:7D:A7:00:EA:34:08:86:48
ValiditySun, 30 Jul 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT

File type
Web Open Font Format, TrueType, length 31120, version 1.6554
Size
31 kB (31120 bytes)
Hash
57cbbfdafc43e0deecc75a309dd042c6
b9cc2ff331b8520706de175f5b3fdba6731a9bfc
a9117f16bdaa64c953b303bef951dfca6316ef59f1b7ca72d5b946b1d815f6a6

HTTP Headers

GET /packs/media/actiefgrotesque/ActiefGrotesque_W_Regular-1f437876.woff HTTP/1.1
Host: prod-cdn.wetransfer.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
Origin: https://lingering-thunder-0229.nguyenchong9455.workers.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: font/woff
content-length: 31120
date: Wed, 10 Apr 2024 21:58:06 GMT
last-modified: Thu, 21 Dec 2023 14:25:54 GMT
etag: "57cbbfdafc43e0deecc75a309dd042c6"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Uu2ZFqcD_Tre_w4W9FNcMyptY0Qnjx2IcLf0-hPXMo_2rBr5AJ84xA==
age: 611944
X-Firefox-Spdy: h2

prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ActiefGrotesque_W_Medium-293e86f0.woff

54.230.111.83

200 OK

32 kB

URL GET HTTP/2
prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ActiefGrotesque_W_Medium-293e86f0.woff
IP
54.230.111.83:443
ASN
#16509 AMAZON-02

Requested by
https://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt
Certificate
IssuerAmazon
Subjectwetransfer.net
Fingerprint0B:0D:65:82:74:97:1B:AD:60:D8:48:2B:7D:A7:00:EA:34:08:86:48
ValiditySun, 30 Jul 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT

File type
Web Open Font Format, TrueType, length 32124, version 1.6554
Size
32 kB (32124 bytes)
Hash
868aedeefe7669e8a4f7196f7df5d058
45bd20ef2c6b717a2526efd98a01207979b2a623
d8700b022ef56752cd12ff224b3f409e84aeb8a43ac68ba052167096baf46555

HTTP Headers

GET /packs/media/actiefgrotesque/ActiefGrotesque_W_Medium-293e86f0.woff HTTP/1.1
Host: prod-cdn.wetransfer.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
Origin: https://lingering-thunder-0229.nguyenchong9455.workers.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: font/woff
content-length: 32124
date: Thu, 11 Apr 2024 11:43:40 GMT
last-modified: Thu, 21 Dec 2023 14:25:54 GMT
etag: "868aedeefe7669e8a4f7196f7df5d058"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Cr4tGgWplJvWbZNt4TKlryyU3XRhb6lH3S2N7pXrA7TTV4uWbEGciA==
age: 562410
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js

104.17.24.14

6.2 kB

URL
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (19015)
Size
6.2 kB (6157 bytes)
Hash
70d3fda195602fe8b75e0097eed74dde
c3b977aa4b8dfb69d651e07015031d385ded964b
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

HTTP Headers

GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
Origin: https://lingering-thunder-0229.nguyenchong9455.workers.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 17 Apr 2024 23:57:09 GMT
content-type: application/javascript; charset=utf-8
content-length: 6157
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-4af4"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2843113
expires: Mon, 07 Apr 2025 23:57:09 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4svip6qIMylXd3%2FSuFanwc1ilkCLMM%2BwKcRmM6s3NG1%2F7xAoMxhMmWqUC3he%2BsF5hQuPc5N%2B9mm9jByf7o82u4Ad5ZjAF8vp5zMmDxDuHv5bOcfIViZe8mhhVnH5B%2B1oMKRuEKeq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87605b15cdccb524-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/jquery.session@1.0.0/jquery.session.min.js

151.101.1.229

983 B

URL
cdn.jsdelivr.net/npm/jquery.session@1.0.0/jquery.session.min.js
IP
151.101.1.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (1993)
Size
983 B (983 bytes)
Hash
c0ac9c9487d60de96dc68dbb25bd8dd6
99419b0be4b85422ff84870e54dbd8a52dc6dab1
76ad6584ac5bdd459939dc7532fae7c2bdd8e22d773ff16d2306f42a1ffc569c

HTTP Headers

GET /npm/jquery.session@1.0.0/jquery.session.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.0.0
x-jsd-version-type: version
etag: W/"91d-mUGbC+S4VCL/hIcOVNvYpS3G2rE"
content-encoding: br
accept-ranges: bytes
date: Wed, 17 Apr 2024 23:57:09 GMT
age: 3791932
x-served-by: cache-fra-eddf8230025-FRA, cache-hel1410032-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 983
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.2.1.slim.min.js

151.101.130.137

24 kB

URL
code.jquery.com/jquery-3.2.1.slim.min.js
IP
151.101.130.137:0
ASN
#54113 FASTLY

File type
JavaScript source, ASCII text, with very long lines (32012)
Size
24 kB (23856 bytes)
Hash
5f48fc77cac90c4778fa24ec9c57f37d
9e89d1515bc4c371b86f4cb1002fd8e377c1829f
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

HTTP Headers

GET /jquery-3.2.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
Origin: https://lingering-thunder-0229.nguyenchong9455.workers.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-10fdd"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 17 Apr 2024 23:57:09 GMT
age: 868362
x-served-by: cache-lga21963-LGA, cache-hel1410029-HEL
x-cache: HIT, HIT
x-cache-hits: 40, 86494
x-timer: S1713398229.412004,VS0,VE0
vary: Accept-Encoding
content-length: 23856
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

142.250.74.106

30 kB

URL
ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
JavaScript source, ASCII text, with very long lines (32065)
Size
30 kB (30028 bytes)
Hash
2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

HTTP Headers

GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 17:38:23 GMT
expires: Fri, 11 Apr 2025 17:38:23 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 541126
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

lingering-thunder-0229.nguyenchong9455.workers.dev/packs/media/actiefgrotesque/ActiefGrotesque_W_Bd-1bdd99f9.woff

104.21.83.117

200 OK

2.0 MB

URL GET HTTP/3
lingering-thunder-0229.nguyenchong9455.workers.dev/packs/media/actiefgrotesque/ActiefGrotesque_W_Bd-1bdd99f9.woff
IP
104.21.83.117:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt
Certificate
IssuerGoogle Trust Services LLC
Subjectnguyenchong9455.workers.dev
Fingerprint4F:AF:F2:54:B4:8B:77:6C:2B:9C:3B:7E:1C:3B:60:8B:5A:24:A2:CD
ValiditySat, 13 Apr 2024 20:58:01 GMT - Fri, 12 Jul 2024 20:58:00 GMT

File type
HTML document, ASCII text, with very long lines (65527)
Size
2.0 MB (2013081 bytes)
Hash
557d3772c4c1e1564e8c734160d81602
d7f03f917d23363e7f5de2724abc43c9c054fea5
a0774701220e259dc394ed31b92bea4b60275ccf8cc1747145e72ef8d46b1623

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - WeTransfer
OpenPhish	phishing	WeTransfer
PhishTank	phishing	WeTransfer

HTTP Headers

GET /packs/media/actiefgrotesque/ActiefGrotesque_W_Bd-1bdd99f9.woff HTTP/1.1
Host: lingering-thunder-0229.nguyenchong9455.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 23:57:10 GMT
content-type: text/html;charset=UTF-8
content-length: 2013081
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nJhTX%2B2QyZ%2FR4WT%2BRP1ei8nHB0jIhHNUIkItesiG7IAz1Gsq6X8tKjJTf9cRpWU%2Fpbr9wZwG9AA2kEuzZmQmtL3UCDVDmV8IzHEvUxpwyD%2FG8y%2BOkDV6X9bsPL1Dn5Dm4OFVZUYM416HsoBQ%2F3yII3%2F22WGd9ndpdntOO2jL8opZy3ZG5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87605b19eed656c4-OSL
alt-svc: h3=":443"; ma=86400

maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

104.18.10.207

200 OK

2.0 MB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
JavaScript source, ASCII text, with very long lines (48664)
Size
2.0 MB (2027507 bytes)
Hash
14d449eb8876fa55e1ef3c2cc52b0c17
a9545831803b1359cfeed47e3b4d6bae68e40e99
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

HTTP Headers

GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
Origin: https://lingering-thunder-0229.nguyenchong9455.workers.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 17 Apr 2024 23:57:09 GMT
content-type: application/javascript; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 03/18/2024 12:46:36
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1048
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: f79feda6c4e9612994404e3f59b85cc4
cdn-cache: HIT
cf-cache-status: HIT
age: 282912
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87605b15cc5856c4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

lingering-thunder-0229.nguyenchong9455.workers.dev/packs/media/actiefgrotesque/ActiefGrotesque_W_Medium-293e86f0.woff

104.21.83.117

200 OK

2.0 MB

URL GET HTTP/3
lingering-thunder-0229.nguyenchong9455.workers.dev/packs/media/actiefgrotesque/ActiefGrotesque_W_Medium-293e86f0.woff
IP
104.21.83.117:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt
Certificate
IssuerGoogle Trust Services LLC
Subjectnguyenchong9455.workers.dev
Fingerprint4F:AF:F2:54:B4:8B:77:6C:2B:9C:3B:7E:1C:3B:60:8B:5A:24:A2:CD
ValiditySat, 13 Apr 2024 20:58:01 GMT - Fri, 12 Jul 2024 20:58:00 GMT

File type
HTML document, ASCII text, with very long lines (65527)
Size
2.0 MB (2013081 bytes)
Hash
557d3772c4c1e1564e8c734160d81602
d7f03f917d23363e7f5de2724abc43c9c054fea5
a0774701220e259dc394ed31b92bea4b60275ccf8cc1747145e72ef8d46b1623

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - WeTransfer
OpenPhish	phishing	WeTransfer
PhishTank	phishing	WeTransfer

HTTP Headers

GET /packs/media/actiefgrotesque/ActiefGrotesque_W_Medium-293e86f0.woff HTTP/1.1
Host: lingering-thunder-0229.nguyenchong9455.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 23:57:10 GMT
content-type: text/html;charset=UTF-8
content-length: 2013081
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ixNnll0wvNT4%2BMZ1s5AyPE4fPwss2GzT3dUCAjZcW%2FKPS8VMnY03o1U83m6IdyaepTKLhVuASntf2PoBbk6IJnf0CriwXgVkz4Kkm5fUzU%2FxC8AUBMCDda%2BD5j3pQQmL%2F3ecgy2lKODqY17soiWr8NQ2ju4P8IleTWBoEJ17HwJ1LvYuLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87605b1a1ee156c4-OSL
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtm.js?id=GTM-5WF5RH4

142.250.74.168

200 OK

66 kB

URL GET HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-5WF5RH4
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type
JavaScript source, ASCII text, with very long lines (44393)
Size
66 kB (65972 bytes)
Hash
0ec5eb10544d863c1d857df5180b6341
57ea0ce4a381a809e42d3a5e28aabdf5475ed815
21c2496042b6e84bd173023350d5ed8a2fe166e4ecea9a0fd59d1b512a1b48f0

HTTP Headers

GET /gtm.js?id=GTM-5WF5RH4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 17 Apr 2024 23:57:10 GMT
expires: Wed, 17 Apr 2024 23:57:10 GMT
cache-control: private, max-age=900
last-modified: Wed, 17 Apr 2024 23:11:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 65972
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

104.18.10.207

31 kB

URL
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (50758)
Size
31 kB (30672 bytes)
Hash
67176c242e1bdc20603c878dee836df3
27a71b00383d61ef3c489326b3564d698fc1227c
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

HTTP Headers

GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 23:57:10 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-cachedat: 11/15/2021 23:30:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: a35b0179a28ed953258d0fb41376a09c
cdn-cache: HIT
cf-cache-status: HIT
age: 1312831
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87605b1afb3d1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

prod-cdn.wetransfer.net/packs/media/images/favicon-a34a7465.ico

54.230.111.83

200 OK

42 kB

URL GET HTTP/2
prod-cdn.wetransfer.net/packs/media/images/favicon-a34a7465.ico
IP
54.230.111.83:443
ASN
#16509 AMAZON-02

Requested by
https://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt
Certificate
IssuerAmazon
Subjectwetransfer.net
Fingerprint0B:0D:65:82:74:97:1B:AD:60:D8:48:2B:7D:A7:00:EA:34:08:86:48
ValiditySun, 30 Jul 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT

File type
MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel
Size
42 kB (41566 bytes)
Hash
692e1c7339c359b6412f059c9c9a0474
e7c1a53dca16b7664880e5b8a92524cf9a47fb62
d12161435ace47c6883360e08466508593325f134c1852b1d0e6e75d5f76adda

HTTP Headers

GET /packs/media/images/favicon-a34a7465.ico HTTP/1.1
Host: prod-cdn.wetransfer.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/vnd.microsoft.icon
content-length: 41566
date: Wed, 27 Mar 2024 01:09:01 GMT
last-modified: Thu, 21 Dec 2023 14:25:56 GMT
etag: "692e1c7339c359b6412f059c9c9a0474"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: r31GpuM103w_OW8a1zxwxeihM_Va2VDLPXhZukPS2DqR-mY1hmggzA==
age: 1896491
X-Firefox-Spdy: h2

d19ptbnuzhibkh.cloudfront.net/2.10.2/sp.js

54.230.241.28

200 OK

30 kB

URL GET HTTP/2
d19ptbnuzhibkh.cloudfront.net/2.10.2/sp.js
IP
54.230.241.28:443
ASN
#16509 AMAZON-02

Requested by
https://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (64917)
Size
30 kB (29895 bytes)
Hash
69c0026af7f2b8f2eed23f2f5fc5c68f
a0e872c89db6991d03932756d43480e40eb38628
d9a9b2a15666ace13ce304e0a34baaa8a82ce5bc9d01480872869c9871dc552c

HTTP Headers

GET /2.10.2/sp.js HTTP/1.1
Host: d19ptbnuzhibkh.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
content-length: 29895
date: Sun, 07 Apr 2024 09:53:15 GMT
last-modified: Tue, 30 Apr 2019 15:14:08 GMT
etag: "c7b65b3f4e8761897af9a3ca5d76682e"
cache-control: max-age=315360000
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: U5zstbb6vb1HUlcEAZ3vdsIWnJWmK-Z8Q-qxJ4mHmg1R_qT2nmXluw==
age: 914636
X-Firefox-Spdy: h2

lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/en-de295c39cb769807d9fa.js

104.21.83.117

200 OK

2.0 MB

URL GET HTTP/3
lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/en-de295c39cb769807d9fa.js
IP
104.21.83.117:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt
Certificate
IssuerGoogle Trust Services LLC
Subjectnguyenchong9455.workers.dev
Fingerprint4F:AF:F2:54:B4:8B:77:6C:2B:9C:3B:7E:1C:3B:60:8B:5A:24:A2:CD
ValiditySat, 13 Apr 2024 20:58:01 GMT - Fri, 12 Jul 2024 20:58:00 GMT

File type

Size
2.0 MB (2013081 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - WeTransfer
OpenPhish	phishing	WeTransfer
PhishTank	phishing	WeTransfer

HTTP Headers

GET /css/css/en-de295c39cb769807d9fa.js HTTP/1.1
Host: lingering-thunder-0229.nguyenchong9455.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 23:57:09 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VbRKTZvPPzODO56Rqf7pcF2HB4dMeFgtnmTor4Cg0jGceHsbd6CghCKrjF2l4%2FNGX4rd2Mb1coeb05FZ7Tyin0AOVzrft8rz8sLbnwdfcdg0T9t201rncvhZnVrAGI5bT58obS6yGmSEOyQQtf4y2d5D8aJttxI30SZRsgXGmLqAW3XQPg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87605b14bb9c56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/0.txt

104.21.83.117

200 OK

2.0 MB

URL GET HTTP/3
lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/0.txt
IP
104.21.83.117:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt
Certificate
IssuerGoogle Trust Services LLC
Subjectnguyenchong9455.workers.dev
Fingerprint4F:AF:F2:54:B4:8B:77:6C:2B:9C:3B:7E:1C:3B:60:8B:5A:24:A2:CD
ValiditySat, 13 Apr 2024 20:58:01 GMT - Fri, 12 Jul 2024 20:58:00 GMT

File type

Size
2.0 MB (2013081 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - WeTransfer
OpenPhish	phishing	WeTransfer
PhishTank	phishing	WeTransfer

HTTP Headers

GET /css/css/0.txt HTTP/1.1
Host: lingering-thunder-0229.nguyenchong9455.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 23:57:10 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JgjrXZzEHIdRYPpXx2AXyvw1OhZU4OD5uxWR%2FOkVBtgAc0BaJlHnUqj4pZB%2BFlIr7VG5MN6k9htVxCfEpH4xJfGLS9PpozvGNav1jLp4LN4s6EfVA0x7SBBLbQ1d3l6fpiZ1z4k8J2TWprpaXx4sA1dI9o7tdvnTUYDgQNh4jduWKsdIAg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87605b1aff1956c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/vendor-ef8fd9ca3a0295622111.js

104.21.83.117

200 OK

2.0 MB

URL GET HTTP/3
lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/vendor-ef8fd9ca3a0295622111.js
IP
104.21.83.117:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt
Certificate
IssuerGoogle Trust Services LLC
Subjectnguyenchong9455.workers.dev
Fingerprint4F:AF:F2:54:B4:8B:77:6C:2B:9C:3B:7E:1C:3B:60:8B:5A:24:A2:CD
ValiditySat, 13 Apr 2024 20:58:01 GMT - Fri, 12 Jul 2024 20:58:00 GMT

File type

Size
2.0 MB (2013081 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - WeTransfer
OpenPhish	phishing	WeTransfer
PhishTank	phishing	WeTransfer

HTTP Headers

GET /css/css/vendor-ef8fd9ca3a0295622111.js HTTP/1.1
Host: lingering-thunder-0229.nguyenchong9455.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 23:57:09 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kUb0XX6OdpBNq0SqQMdlNOnftZBYMi%2BnZ7jsZnAlucXMT1dbU96AnHyruH5EXr2RCdZkjX9eu0ff5zlj5mtuFP5dcAo%2F0URHjGm2pySX4oxhCFg5BnpoXlW%2Fou66qwdC4EoBv1iz9qEqpAT4RczAdDLHd4ROLbMzkkUsemQN%2FNX0N2Bj5w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87605b149b8c56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/en-0d65947306b8b68f172b.js

104.21.83.117

200 OK

2.0 MB

URL GET HTTP/3
lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/en-0d65947306b8b68f172b.js
IP
104.21.83.117:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt
Certificate
IssuerGoogle Trust Services LLC
Subjectnguyenchong9455.workers.dev
Fingerprint4F:AF:F2:54:B4:8B:77:6C:2B:9C:3B:7E:1C:3B:60:8B:5A:24:A2:CD
ValiditySat, 13 Apr 2024 20:58:01 GMT - Fri, 12 Jul 2024 20:58:00 GMT

File type

Size
2.0 MB (2013081 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - WeTransfer
OpenPhish	phishing	WeTransfer
PhishTank	phishing	WeTransfer

HTTP Headers

GET /css/css/en-0d65947306b8b68f172b.js HTTP/1.1
Host: lingering-thunder-0229.nguyenchong9455.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 23:57:09 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6N6L7Vc4%2BkzlIukwmXAg899iaO1ZpubvUY9Da9lCrs9fv%2FZMLmTDZtHVww8L24Ea2jbKmVooHWxgjtRRYvRo9RJUKsr2xb0LpYf1VN76tSsokzer4YkgHGQRYX99%2F7EPxd4Ui4RORlTY5NDM9B5A0QmYvr1gs%2Bdq%2FKKg7LaC%2BQTe%2FzOEyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87605b14bb9b56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/bat.js

104.21.83.117

200 OK

2.0 MB

URL GET HTTP/3
lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/bat.js
IP
104.21.83.117:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt
Certificate
IssuerGoogle Trust Services LLC
Subjectnguyenchong9455.workers.dev
Fingerprint4F:AF:F2:54:B4:8B:77:6C:2B:9C:3B:7E:1C:3B:60:8B:5A:24:A2:CD
ValiditySat, 13 Apr 2024 20:58:01 GMT - Fri, 12 Jul 2024 20:58:00 GMT

File type

Size
2.0 MB (2013081 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - WeTransfer
OpenPhish	phishing	WeTransfer
PhishTank	phishing	WeTransfer

HTTP Headers

GET /css/css/bat.js HTTP/1.1
Host: lingering-thunder-0229.nguyenchong9455.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 23:57:09 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y108hRxnJ1IsluMnaYr%2B4awzMURp5umPpEURKaAi0sRRl%2BQGw72f9P0V0pTZaM3dVa56TTujdDI0olDeq5Nx3TPjVfWxkY%2Fh4alTllFbeC%2F9CYQwYTzMHEm9lkxRs3ppcJ0Laj2CL%2BNMWa4z7a%2FlwUQZ9%2BmAHuWdfVEKARASpjYXvvnj9g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87605b14ab8f56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/gtm_002.js

104.21.83.117

200 OK

2.0 MB

URL GET HTTP/3
lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/gtm_002.js
IP
104.21.83.117:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt
Certificate
IssuerGoogle Trust Services LLC
Subjectnguyenchong9455.workers.dev
Fingerprint4F:AF:F2:54:B4:8B:77:6C:2B:9C:3B:7E:1C:3B:60:8B:5A:24:A2:CD
ValiditySat, 13 Apr 2024 20:58:01 GMT - Fri, 12 Jul 2024 20:58:00 GMT

File type

Size
2.0 MB (2013081 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - WeTransfer
OpenPhish	phishing	WeTransfer
PhishTank	phishing	WeTransfer

HTTP Headers

GET /css/css/gtm_002.js HTTP/1.1
Host: lingering-thunder-0229.nguyenchong9455.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 23:57:09 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4Xyas%2BfeMZBlxXvfKZsk9%2FjERovgvMfVi3m0XB2fAWVe5vO0287tVz9%2BRskCueqCRzbrD8PKTbrpwdsQSY4XuMPUt2cExmx79Zj7rMXuf4YRppCwe2seCW8b0JHMYAKEgzTAAKAb%2FsX3ooHiJFDCbDzJjzMoQ4%2Ba1GleBUK1xHnhyE21eg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87605b14ab9456c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/advertising-4aee5180207621f94abeb04df0d9e7e52f4496bf16a55f712.js

104.21.83.117

200 OK

2.0 MB

URL GET HTTP/3
lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/advertising-4aee5180207621f94abeb04df0d9e7e52f4496bf16a55f712.js
IP
104.21.83.117:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt
Certificate
IssuerGoogle Trust Services LLC
Subjectnguyenchong9455.workers.dev
Fingerprint4F:AF:F2:54:B4:8B:77:6C:2B:9C:3B:7E:1C:3B:60:8B:5A:24:A2:CD
ValiditySat, 13 Apr 2024 20:58:01 GMT - Fri, 12 Jul 2024 20:58:00 GMT

File type

Size
2.0 MB (2013081 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - WeTransfer
OpenPhish	phishing	WeTransfer
PhishTank	phishing	WeTransfer

HTTP Headers

GET /css/css/advertising-4aee5180207621f94abeb04df0d9e7e52f4496bf16a55f712.js HTTP/1.1
Host: lingering-thunder-0229.nguyenchong9455.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 23:57:09 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X%2BVMPA3vck4eWCa%2FeBAPoRrMBIiEr0Ze7Q9uS9ZKvyLtfmE9Wkit7wyZ2G7Il0OGPUcmMEQUbwuewdrQRJTlt1tC5tmZWdVTN4002kgRAhAJDXkccACHZSif3jjVbR%2FgS%2Bra18jiFtE2Ym4gt1hUkKGiMdD37Nmd1EIB%2BwLeaOA3BvvMWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87605b14cba456c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/0.txt

104.21.83.117

200 OK

2.0 MB

URL GET HTTP/3
lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/0.txt
IP
104.21.83.117:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt
Certificate
IssuerGoogle Trust Services LLC
Subjectnguyenchong9455.workers.dev
Fingerprint4F:AF:F2:54:B4:8B:77:6C:2B:9C:3B:7E:1C:3B:60:8B:5A:24:A2:CD
ValiditySat, 13 Apr 2024 20:58:01 GMT - Fri, 12 Jul 2024 20:58:00 GMT

File type

Size
2.0 MB (2013081 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - WeTransfer
OpenPhish	phishing	WeTransfer
PhishTank	phishing	WeTransfer

HTTP Headers

GET /css/css/0.txt HTTP/1.1
Host: lingering-thunder-0229.nguyenchong9455.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 23:57:09 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F3zNKPyaMSbnr7yz4gyOXJoYbssif4HgwMUSv69qTuN5dh6%2FRVnLzikTOb44BSSFBoyQDYkGeWw9sOChu%2FN5B6FUGgY5iO%2FKQ7qXdcG4%2Byn%2FIlU01B73HnwLcCS%2FDU7AkPyxz4mRd8HCVsdknC3olSnL%2B4DF2Buuhjo0f2kMEijZ2YB21Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87605b14dba656c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

prod-cdn.wetransfer.net/packs/media/images/apple-touch-icon-180x180-precomposed-fd272b89.png

54.230.111.83

200 OK

16 kB

URL GET HTTP/2
prod-cdn.wetransfer.net/packs/media/images/apple-touch-icon-180x180-precomposed-fd272b89.png
IP
54.230.111.83:443
ASN
#16509 AMAZON-02

Requested by
https://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt
Certificate
IssuerAmazon
Subjectwetransfer.net
Fingerprint0B:0D:65:82:74:97:1B:AD:60:D8:48:2B:7D:A7:00:EA:34:08:86:48
ValiditySun, 30 Jul 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced
Size
16 kB (16208 bytes)
Hash
bc5b180f2d0001298a5ea3691e3fc623
edf2c67a5cef4efd081e5e6e4bc027e72be45593
b8c5bf2f80790d4abbe7fd5dca0bcf5c3eeaa4e23b1b35c8854a3fdb5c26b1e9

HTTP Headers

GET /packs/media/images/apple-touch-icon-180x180-precomposed-fd272b89.png HTTP/1.1
Host: prod-cdn.wetransfer.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
content-length: 16208
date: Fri, 22 Dec 2023 22:58:57 GMT
last-modified: Thu, 21 Dec 2023 14:25:55 GMT
etag: "bc5b180f2d0001298a5ea3691e3fc623"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lCcQph7rxADn1DI62S2FYvhmU4IC3QBE3lHkJEpuctlyAl3QZvFcXg==
age: 10112295
X-Firefox-Spdy: h2

lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/wallpaper-59e18dcf37d4cc5f163b.js

104.21.83.117

200 OK

2.0 MB

URL GET HTTP/3
lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/wallpaper-59e18dcf37d4cc5f163b.js
IP
104.21.83.117:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt
Certificate
IssuerGoogle Trust Services LLC
Subjectnguyenchong9455.workers.dev
Fingerprint4F:AF:F2:54:B4:8B:77:6C:2B:9C:3B:7E:1C:3B:60:8B:5A:24:A2:CD
ValiditySat, 13 Apr 2024 20:58:01 GMT - Fri, 12 Jul 2024 20:58:00 GMT

File type

Size
2.0 MB (2013081 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - WeTransfer
OpenPhish	phishing	WeTransfer
PhishTank	phishing	WeTransfer

HTTP Headers

GET /css/css/wallpaper-59e18dcf37d4cc5f163b.js HTTP/1.1
Host: lingering-thunder-0229.nguyenchong9455.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 23:57:09 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TI0x1H9TPd1tlOBfOv0mKu42gh7pqFmuj3YYgrI1Cq03b%2BlEv%2BPztXlF9MBH7qLCveuIlPDlakT7tC88hlff1xhSjexfF3pNedexDxs79PUo9C6ypvlWuCX8NAQ%2B85AxZieKv4%2BQhapG97W0v72Szw9tYo3xUuT2hvFuAVSnmLBvLcMOdg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87605b14ab9556c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/sp.js

104.21.83.117

200 OK

2.0 MB

URL GET HTTP/3
lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/sp.js
IP
104.21.83.117:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt
Certificate
IssuerGoogle Trust Services LLC
Subjectnguyenchong9455.workers.dev
Fingerprint4F:AF:F2:54:B4:8B:77:6C:2B:9C:3B:7E:1C:3B:60:8B:5A:24:A2:CD
ValiditySat, 13 Apr 2024 20:58:01 GMT - Fri, 12 Jul 2024 20:58:00 GMT

File type

Size
2.0 MB (2013081 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - WeTransfer
OpenPhish	phishing	WeTransfer
PhishTank	phishing	WeTransfer

HTTP Headers

GET /css/css/sp.js HTTP/1.1
Host: lingering-thunder-0229.nguyenchong9455.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 23:57:09 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZqQA09qFMP9yArqwASu0oC5MeykbwIxqUqoRMsBCtL9DZpaN2e8PGDYxUASSXMN0RCu6Vw%2Bppq9wbDyYBioDxIt%2Fth9uuqt3dWZ8%2BpOPUdLkQdTqN8MvsJOyAjJao9p%2BMpRJuyE6UXqXmfCIAxxqy706RUT7Rco8DfXEjK%2Bx3UpB1TVKBw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87605b14bb9956c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/gtm.js

104.21.83.117

200 OK

2.0 MB

URL GET HTTP/3
lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/gtm.js
IP
104.21.83.117:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt
Certificate
IssuerGoogle Trust Services LLC
Subjectnguyenchong9455.workers.dev
Fingerprint4F:AF:F2:54:B4:8B:77:6C:2B:9C:3B:7E:1C:3B:60:8B:5A:24:A2:CD
ValiditySat, 13 Apr 2024 20:58:01 GMT - Fri, 12 Jul 2024 20:58:00 GMT

File type

Size
2.0 MB (2013081 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - WeTransfer
OpenPhish	phishing	WeTransfer
PhishTank	phishing	WeTransfer

HTTP Headers

GET /css/css/gtm.js HTTP/1.1
Host: lingering-thunder-0229.nguyenchong9455.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 23:57:09 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GLjiyCRkvk%2Bu%2FAmN833cHcqgOvr%2BW6w%2F%2Bf5evaWBuYBPsPLxyAm3VMAd7MczBa4SiA%2FUeHW8peMFrWtVAN6q0jhCK2rNr4aoQQiPLBdq%2Fy0hkBMVXgl5XFaRGt40gOZg9dbqVCtC6ltyU6PxYJ%2Bzhs8E%2FUeIeW70coMypQ%2BqlvxLFFJOYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87605b14bb9756c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/runtimeapplication-bafdd8b86fd88bb4273d.js

104.21.83.117

200 OK

2.0 MB

URL GET HTTP/3
lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/runtimeapplication-bafdd8b86fd88bb4273d.js
IP
104.21.83.117:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt
Certificate
IssuerGoogle Trust Services LLC
Subjectnguyenchong9455.workers.dev
Fingerprint4F:AF:F2:54:B4:8B:77:6C:2B:9C:3B:7E:1C:3B:60:8B:5A:24:A2:CD
ValiditySat, 13 Apr 2024 20:58:01 GMT - Fri, 12 Jul 2024 20:58:00 GMT

File type

Size
2.0 MB (2013081 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - WeTransfer
OpenPhish	phishing	WeTransfer
PhishTank	phishing	WeTransfer

HTTP Headers

GET /css/css/runtimeapplication-bafdd8b86fd88bb4273d.js HTTP/1.1
Host: lingering-thunder-0229.nguyenchong9455.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 23:57:10 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X4vnUIdNmCJPItDoWCeJO8P8Pkc4Yw1pUgXQ8ixlZVpAvHvdiCseR67pLd1APjr%2BEA9Bf4AlDcORspcGLlj60wJTWZCTkwPfUHZIoodonM5soiduCOUViT6G0ZAUAavYEw3UkcuzMpRPNfBOTLOWXIB%2BjH469heC95%2FkDYDCo4TMhaswVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87605b1aff1656c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/17116643.js

104.21.83.117

200 OK

2.0 MB

URL GET HTTP/3
lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/17116643.js
IP
104.21.83.117:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt
Certificate
IssuerGoogle Trust Services LLC
Subjectnguyenchong9455.workers.dev
Fingerprint4F:AF:F2:54:B4:8B:77:6C:2B:9C:3B:7E:1C:3B:60:8B:5A:24:A2:CD
ValiditySat, 13 Apr 2024 20:58:01 GMT - Fri, 12 Jul 2024 20:58:00 GMT

File type

Size
2.0 MB (2013081 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - WeTransfer
OpenPhish	phishing	WeTransfer
PhishTank	phishing	WeTransfer

HTTP Headers

GET /css/css/17116643.js HTTP/1.1
Host: lingering-thunder-0229.nguyenchong9455.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 23:57:09 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eg8DVIh25WSXF11SmGLmMxoUO%2FpITn4QLLApfPWbrG42k8tgL6FMCnlYwXGMrx30qO4gXAOSpgKvyDXFeK0gkPL%2BCV%2Ff8UILG%2BtOBZ0Z%2BrBvlIG7SSf%2BnxiDWqvoBx7ASmrnscu7vElTDF%2Fka74g43xnQJovZ7iO4c3FoBvd2lzaVW%2FLZw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87605b14ab9656c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (30)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL