| xsecures214579523147645cdnjcnjvfjfj.pages.dev/ | 188.114.97.1 | | 11 kB |
URL xsecures214579523147645cdnjcnjvfjfj.pages.dev/ IP188.114.97.1:0
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (688), with CRLF line terminators Hash512e81d9f168def1ddc98f3a4a30ae97 8c527554fc86a343ec0e9d65a7c91a3415b6010c 49292223685acb48f832c633123434488ab6acbc1239612cc804f8b028e12f7a
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET / HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 03:59:46 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"ab33d055a320f2ae605df7b9d4967753"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ula5LPvenJgQiHDwDbZLwia%2BCw5U5QBeQ8m3Q8La3fxpmnYoCV8GjSWeF6Hv3ni7FNPPEzoPHNQNHkuQnb5IS5ovq2uXx8g5o0gzRgHIRR6B7%2B9uJzhE6ZjCD8uLFqvOMWd4Q%2FLIM0on2t98ts3kVUxDnAY9dzGwhAarlaCzKa0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6c17dff8b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js | 104.17.25.14 | | 27 kB |
URL cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js IP104.17.25.14:0
File typeJavaScript source, ASCII text, with very long lines (32180) Hash7f9fb969ce353c5d77707836391eb28d 62c4042e9ebc691a5372d653b424512a561d1670 2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 03:59:46 GMT
content-type: application/javascript; charset=utf-8
content-length: 26660
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-14983"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 818886
expires: Tue, 15 Apr 2025 03:59:46 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RbJTiElmdUS0q1lYen7VUpipzqaDTFqjS3lXbBcQP1qFbK76EtT6UYNtQa8cvGH9dQWvw7jjsdMZPkBVZilPW31m77tH6aj0jjNo4mLa%2FPBmR16XgbZHMAaLLbBkIvjUEwWHGh1p"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 879b6c1b386db4fd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bb63ccd2_v.css | 188.114.97.1 | 200 OK | 0 B |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bb63ccd2_v.css IP188.114.97.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /5f205bb63ccd2_v.css HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:59:46 GMT
content-type: text/css; charset=utf-8
content-length: 0
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "9e7a27539226d700e116522ee435029d"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FJctrwxxS6hiIEkv3HXvcQ%2BkapwtfAPuC1sRPfuiPVDZV7QE64XhiiHjhq1DaZIzzA3wwnPfpw6fAfin8%2FpDKkNfiSfREsk6jgQsnWSVRppE23T9o1E%2BwrvZMDW0nMWmbIsVtqFDG07uy5cflvu4cgY%2Fsudm5ID0YWoqB4z3b%2Fw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6c1af9a7569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/microsoft.png | 188.114.97.1 | 200 OK | 1.0 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/microsoft.png IP188.114.97.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePNG image data, 47 x 46, 8-bit/color RGBA, non-interlaced Hashbf2b460590fbb9d8e9611a6e9006b816 561e1dab259d61e798b3ce380527b71b61074ff3 ee4bc5fe81fa7c1e8497d79c9c8a96485df217092d334e9b48fa8840fed11d03
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /microsoft.png HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:59:46 GMT
content-type: image/png
content-length: 1045
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "784ab5e987249ef1422816edc26a250f"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZSiBugaXaLuLHRNlmsZIUfcEK67AK8JKnyau%2BKSODRIWNiQxeckun6pU9o9xDNXH4zX%2Fk%2Fk6nTDW03QI5qZSazFTmmMNozsLHAhcYTpj2XJoAQFGCXii89E261fq7BOjRnW8uXAK%2FbWdCfQQULKvfmRNBrz4zR4lV6hevqRV2Wg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6c1b09b4569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/cut.png | 188.114.97.1 | 200 OK | 1.2 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/cut.png IP188.114.97.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced Hashe526e4ff50594a6c4a5d05c18474d6e7 705609a2bd21c1e3e13666451c75d2c51436c83e d25cf2403704d5208d662af4ef703d424cedeac253a43a1aec6e60e0db43837f
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /cut.png HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:59:46 GMT
content-type: image/png
content-length: 1192
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "0d27498074b71cae952cc8068bce9007"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9dzzkT5Q70PfKzpoyA0QCbfbt7QdSlBYIrvMsnpaoTUAU6QAaSsijaChPNXtXIHg3jjMLs86rV9HS%2FlhD%2FYpysUOn0eqVHoNiHGPepv8nFKnOcSjjLkz9nCOQpZNyLJNZrjOk34CBtR2nLP5QLCwHRuoeEZAFu5Qvr9Una3BjC8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6c1af9b0569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/microsoft.jpg | 188.114.97.1 | | 2.0 kB |
URL xsecures214579523147645cdnjcnjvfjfj.pages.dev/microsoft.jpg IP188.114.97.1:0
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 47x46, components 3 Hash513307d24832cc64115e69c57dd4f69a ba2e4718f5dec696d5e1e9ab95361f5dfb337f23 f70249b342aecd9e3d2367aea39df606e92562f9d7945ad8849b36cd3e3a85a1
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /microsoft.jpg HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:59:46 GMT
content-type: image/jpeg
content-length: 2004
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "2fb10ecfbac7eb44dcf7cd10a0e04aff"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KvQ2tRGpLc1nzLDIr1ijqilSmw%2FoDAbkF6elUihU3IaXHmvpPnEl9fqmdWG%2FOGG%2BFTcTuZQfk5ouYX%2Fjuuv3miHoZkVnjR7dq5CNYr8E3ePWSLCRLKaiagbPgAb9FGNw%2FZq5V7cRAKYfvBg5B0%2BR5y4BJOEKTBqWSwi8aEiloek%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6c1af9af569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/minus.png | 188.114.97.1 | 200 OK | 945 B |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/minus.png IP188.114.97.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced Hashe6eb3d938f3ebebd85c71307b38a3bf3 387223165f8e86f861a09adb1e3c10a8f2ec7006 2b6c8e23b2a2c49ac71393cb3e1740b7e2fccaa310ee06b68ca27b693d133f8e
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /minus.png HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:59:46 GMT
content-type: image/png
content-length: 945
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "715a3a123fc024df0a9f0d171386bebc"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x46%2BgEEanyri4lerE0uibZMFm%2BPeWsRfaVhEGPDACgaledrni3kTfOMVif4QUYbgzByRfZwP8N3fggkF%2FFdZbNp%2BL282kEL40WIkysSDKAMKK7IBVkIpq8cVEX4KGdAHGofyxZTVlNo1CmEwsY6y91cPF4aBca1ONKZDyR7vH2o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6c1af9b1569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| code.jquery.com/jquery-3.2.1.min.js | 151.101.130.137 | | 87 kB |
URL code.jquery.com/jquery-3.2.1.min.js IP151.101.130.137:0
File typeJavaScript source, ASCII text, with very long lines (32058) Hashc9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
GET /jquery-3.2.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: "28feccc0-15283"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 25 Apr 2024 03:59:46 GMT
age: 1458850
x-served-by: cache-lga21971-LGA, cache-hel1410033-HEL
x-cache: HIT, HIT
x-cache-hits: 313, 294
x-timer: S1714017586.472978,VS0,VE0
vary: Accept-Encoding
content-length: 86659
X-Firefox-Spdy: h2
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/background-2.png | 188.114.97.1 | 200 OK | 588 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/background-2.png IP188.114.97.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePNG image data, 3024 x 1964, 8-bit colormap, non-interlaced Size588 kB (587475 bytes) Hashd25c772bd50627bb5ccb5382a6b1a572 79fe73d3cbb6ff86c2168d7e306a92d7bb75f5b5 d7938fe9f0a1db964cddece748c293f441c00f08aa125cebc2f2734c379d9ad0
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /background-2.png HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:59:46 GMT
content-type: image/png
content-length: 587475
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "09e89a2c1f26b1b948ebfd8555e37625"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MYDoIWvPcb1%2F5ClcxjaGJzvH%2BxRDsy3KvkTZm2EcGnqljJZ8Bg5E%2B6kcOsHb%2Bx8%2F9lpVoKTYM6cwGRpXp5QzExQwAiDu%2F6iUgtE9Xfmxptt%2BWy6uCuo5iHSDBc21L1g%2Fne5L4IU89JGyfPypoVgJ26CY4HMxYCyC%2BPa6U5OoH7Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6c1b09b3569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bbdae210_v.png | 188.114.97.1 | | 364 B |
URL xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bbdae210_v.png IP188.114.97.1:0
File typePNG image data, 12 x 12, 8-bit/color RGB, non-interlaced Hashe144c3378090087c8ce129a30cb6cb4e 59da5466551de941d0215e45c54aa2ceaf436be1 b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /5f205bbdae210_v.png HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:59:46 GMT
content-type: image/png
content-length: 364
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ee63d8b934f54cf7e606ebae2b4bfcf6"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PCK4qjrWZfh1xQ1%2BIggKPBd6AjSo%2BYOkrkspU%2FHgwfz%2FHhOmaS%2BUrFwnB5HVEvQgOuCjHAZ1yvkK%2FiHC45Wc0LqzdC9uinJUsmppUPh%2Bb6Bqslfg8IMbU9GoSqxbTARAce4qb1ADBRfCCa5lD%2FStCm9Jw79a4P7s1%2BlASclgSqQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6c1b19ba569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bba58587_v.png | 188.114.97.1 | 200 OK | 128 B |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bba58587_v.png IP188.114.97.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePNG image data, 12 x 12, 8-bit/color RGB, non-interlaced Hash0bb86caf792dd7d24731c18cd37bb68e dda1e433a0eaf785b2aa2c6214d5e48cb82a3a25 2ac27821ba64d645f36e2ad197492d30c11b10a032cc474554679555f4604622
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /5f205bba58587_v.png HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:59:46 GMT
content-type: image/png
content-length: 128
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "716018fe568eb003c2e5c767a6744f01"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gxkQn%2FpuWeO2sVySm97BweuH0%2BDhDZ4r0ws1t8DeMIfRV3WA6yIqqo61SyR31CgxbY4%2BAwdKjD6DNeT6GMk7LD34qC35ibHdhpjUnD4Q4aGCzCLwgBaJVHouuyHd0ejq41%2FsxYwogfDPHB6O6S2COTTaQ82Q%2FZnsn0IUWhabb1Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6c1b19b8569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bbb6fc7d_v.gif | 188.114.97.1 | 200 OK | 102 B |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bbb6fc7d_v.gif IP188.114.97.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typeGIF image data, version 89a, 24 x 9 Hashef14d57c065fdbd3c66d017a729ca91f 2e7b72d674361a9c2b41767ccfbed2486e6695dd 6fcbfcda8a36536a0f9b0bc8c4a6ca451d9bafd4a879d56697e48e209691ba36
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /5f205bbb6fc7d_v.gif HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:59:46 GMT
content-type: image/gif
content-length: 102
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "40e933c6110bf926e3aed6bfee33acd0"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nWa59D6XW6tcLkNtnDqb7d%2B37eETlQDjng0ZMroL%2F5%2BkoWQCOlu13HNrgQVXyZwUvFYRkzZh%2BQWxy161EqdqhWABD7BjsIrzEL8ao5y5eC0vGXq9f5WdbtryRQ8EK487p2ndFwm90X5Vb8%2BlojaoUrQiBF601snxZE2kOt%2BD1uE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6c1b19be569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bbbf25aa_v.gif | 188.114.97.1 | 200 OK | 1.5 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bbbf25aa_v.gif IP188.114.97.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typeGIF image data, version 89a, 80 x 65 Hash0d3c4efabb6072ec3312574009be3ef8 02d319a4e46538bcadcc5122883e1a0c3e94c123 45a676a0eb476e7706e0187d975b612f51f3bb4c26596f991d55f5e68fbef3e3
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /5f205bbbf25aa_v.gif HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:59:46 GMT
content-type: image/gif
content-length: 1506
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "b79fc93a137bdb4771a1c52124efac77"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KjU7qYCyzxboXdqF5oQPJ2sXF9CfD3%2BUIONM%2FduSOKxxE9ecpMKdja4mWxT9%2FylfS5XtujwznEjXaoR5Z33ubLkUYdQNd%2BCGtt5eEUp7mN8k9WuE%2FzZ5fGOVdojkrSgigS3dVSblN9%2F3oDTnOtYaF9w%2FYJygTzFH8A%2BVP1C7niw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6c1b19bf569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bbe46967_v.png | 188.114.97.1 | 200 OK | 293 B |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bbe46967_v.png IP188.114.97.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePNG image data, 12 x 12, 8-bit/color RGB, non-interlaced Hash9eb68d2ce05c151bda542a7a6356e22c baeeefe4a7ac657c10a5f081841015de1bcf90dd 2d2b7040bc32b397c3c60d800de9aa7d86404f1874862eba61bdaa21f1523eb7
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /5f205bbe46967_v.png HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:59:46 GMT
content-type: image/png
content-length: 293
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "50d567cbc4ca65349c78e08b48e4ce01"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VJ9dL20R0lvVnYzTbRAc0eJPnKktFzy%2BEszDrd1depagA1EFzzy92O7q69Cfbu5vN9uY9hixTXoCV%2BpHwy4inrjbHV96Vp4ZipBqrbHAdqMJGDbBxh2wpa79TFs%2BwNgDNpTrPDbqDjbpsMEfg4bapJWpvOUEJDlZeBgvgJ%2Bn%2BZQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6c1b19b9569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bc1a74d5_v.gif | 188.114.97.1 | | 69 B |
URL xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bc1a74d5_v.gif IP188.114.97.1:0
File typeGIF image data, version 89a, 16 x 16 Hash3ae573d079dcd1d2da4086f2c0c72c45 e7c9dabec81379373476ed23168dcecb9b8c56aa 9cce08ab28e94790cf78c87e37f8690acbc6c535e4b43ae7b38506b94538e107
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /5f205bc1a74d5_v.gif HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:59:46 GMT
content-type: image/gif
content-length: 69
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "aaf6c5e1ac9ac320bede916158ed5d07"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cjCAZNj8TnrSNCLb8m6DPcLfQyk2CW6ZzQJ6BnIqjq%2BsnL82wJMQ7n8tlEsM6vhRO3Qi5Gn99BuqSFRdugJDrI1eNwIgLVFYDIi175GBFPQGIrI4vZ760dcC1ubssSue%2BJekPc8Df0Hpe2HOnKGRhRNLBZzMWKaWoQtAkKoiWlY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6c1b19c4569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bbae3ed9_v.png | 188.114.97.1 | | 349 B |
URL xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bbae3ed9_v.png IP188.114.97.1:0
File typePNG image data, 13 x 13, 8-bit/color RGB, non-interlaced Hash7454c652e0733d92de6c920c2d646ae0 34a5bd8c7401f95e346895b0e5ccffbf0e9ad638 44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /5f205bbae3ed9_v.png HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:59:46 GMT
content-type: image/png
content-length: 349
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "0d6dd742fc1124fe244e6f4f212155f3"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dfTF4Km73pWgd%2BMmhjE2VjZDpUiYjYbIyyNWSaYBPdyRFxkwn3Kv91DegtvwGXuWDEuGRTidwYDgmk%2BrxCxr27upryq2BdqaZU68jAPIfMxoXvwzr8Vo1LliFq8fOuHo1CTuZ%2FGKWHRBbsKUI1s%2BBYjyDxwj9pQ5P7qkKwTXBK0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6c1b19bb569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bc2379ac_v.gif | 188.114.97.1 | | 377 B |
URL xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bc2379ac_v.gif IP188.114.97.1:0
File typeGIF image data, version 89a, 16 x 16 Hashc10bdec858cb0cf9e6cc5865d5925746 697c095ed5509e5a5af0c5ebf2380662aeffc531 b65b47a79e32335d9ca35ff59c6975d2b5808f84da0db88d11ce777b33e72ad9
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /5f205bc2379ac_v.gif HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:59:46 GMT
content-type: image/gif
content-length: 377
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "9f6c72ab1272f4bbadf6b026cfcf0490"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hoBzgfGV%2BqElGUYXrxnsbmYfdG3Vsm%2FoIXoCkb9j9gCIXIDDDAJwmYgf3DrfEuLyfpz6B%2BFzXtfc3BYWF0NKDX1eQlNIVt3G7av9JVtYMc3hiOoUm4ZrCY1pxS3ZojIepFIUFz4ykU3Lizh7TNumSUTxJy02HspDeBfBpkYQxPA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6c1b19c5569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bc2c1b4b_v.gif | 188.114.97.1 | | 234 B |
URL xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bc2c1b4b_v.gif IP188.114.97.1:0
File typeGIF image data, version 89a, 16 x 16 Hash9ce99ec458daf212f9812a90f3fadd13 9e3041bc91b79a17b52e0fbb6c2d0e2f905d98a1 b0d335401c9fd5fac9991ec92edaf7865ff3a491ebe390120936c69796c3b753
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /5f205bc2c1b4b_v.gif HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:59:46 GMT
content-type: image/gif
content-length: 234
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "77658f49c3237c43feb1f812a11dc45b"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0SlE2PvGvLqHAzKZZW7CU0t8Si6j%2BM6C9aOsO%2F56R7YYUHaWOZ4iPcTA%2FQRK00smBocVKapDi5%2FUYQEQAB5aplhxodqRjkC555tA5EBfxSzRJfbf35agOQZotiJgbqELIcnimhCpSy5t%2BEHL2hpuqHQLIDozvOCETMKM7FvdYL4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6c1b19c6569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bbc8a6e3_v.gif | 188.114.97.1 | 200 OK | 1.5 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bbc8a6e3_v.gif IP188.114.97.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typeGIF image data, version 89a, 65 x 80 Hashaf52e51f42fd0c55bc3cf2c8ece71492 016f83da68ff461a5c6aebcc2a45668317b2f24c e91f304cf7409723968740e6363dda01b50acb8e94b5ca05b4a4617666ff095c
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /5f205bbc8a6e3_v.gif HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:59:46 GMT
content-type: image/gif
content-length: 1547
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "e07c4b56e0330a7ab00e21f12e7b8fef"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tlmCQxelNSy9b2CXM%2FYsZpA%2B3WmLdLBufTYyM97JpeGaU17thQXPYEXHQWCMtyslqynsFa%2BpdtV22S6a4EFIO0%2B3cLlSwdK1cKgHOCxsWcPtruBxU8ZvwJhGKbp1EMQZz0RviIYWnQU3IH22xW%2BwEbIwndctn67jWwFKTNtg9EY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6c1b19c0569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtag/js?id=UA-xxx-x | 142.250.74.168 | 200 OK | 69 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=UA-xxx-x IP142.250.74.168:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (1763) Hash866d2289ca8bfb4dcb7b969bc206e862 c966722fcb54c65e56bb88cd4a71727ea08c6529 fbf4627312a802ae436f40102f87e574015014a6402a219c15c643b86a87ca01
GET /gtag/js?id=UA-xxx-x HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 25 Apr 2024 03:59:46 GMT
expires: Thu, 25 Apr 2024 03:59:46 GMT
cache-control: private, max-age=900
last-modified: Thu, 25 Apr 2024 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 69207
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bbf6a050_v.gif | 188.114.97.1 | 200 OK | 1.2 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bbf6a050_v.gif IP188.114.97.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typeGIF image data, version 89a, 29 x 29 Hash6d0c71ad95c413318e0946960a597318 297fa9d7797afcb90cb49adb045b673672b360ec f2b1758e4d68018096355641f5e7163b0df07efc85e9c3513e51949a75c0446d
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /5f205bbf6a050_v.gif HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:59:46 GMT
content-type: image/gif
content-length: 1245
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "e4530ea5a667f71ac649973679e32073"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=70WRLn5i2c30vD9bESjL%2ByDNcs%2BqT3oZuS02njbYdwan4q4rGT5BpKuByTOjOtkll8uBZViAfVraK3gYoIKH12gBmy58NKdAAYMx6ivAOE4OH3Rfj7XpgyMt7Bbzh9DWC6sslolZfxI4TCBlUrsE2x9GaL6ihGGmXxhoVasYJL0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6c1b19c3569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bc00090f_v.gif | 188.114.97.1 | 200 OK | 949 B |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bc00090f_v.gif IP188.114.97.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typeGIF image data, version 89a, 78 x 68 Hashda9d153375da51a616a7663f1504e3a5 bd81fe60fe017bfe79be8c1afed88b659ff166d9 9bb88049c3d3f3c172d97246fa148bb725e727847c37e28c3be156be240a0c04
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /5f205bc00090f_v.gif HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:59:46 GMT
content-type: image/gif
content-length: 949
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "f783fbbf25820b1a0be467bd6ce995fe"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1iZrVHSAxh9iUQgviGlI4djy7H6a8VCKOBnttb1wCuS%2FxzDWZ9J%2FGzPrvnYPgkvnhf6L1IfZJKFcnBL8qTZu5e7jKyLJC47TXJi9wbc4FtwSAzLaDGedefeUmrZvgHV1%2BWFYWp%2Bh5%2Bh9Xr73Is1s6shD%2BzU4vrepozNSf3QIiCM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6c1b19c1569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bb9bf55a_v.gif | 188.114.97.1 | | 1.8 kB |
URL xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bb9bf55a_v.gif IP188.114.97.1:0
File typeGIF image data, version 89a, 120 x 97 Hash8806694db55d271b6c836433d103afcd a532ae846499ffa93bd6ed8baafcbdabb2cc8da1 989f955c24583be00defab08c4cf80b17fe4c12756686359367144f0506eb8b8
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /5f205bb9bf55a_v.gif HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:59:46 GMT
content-type: image/gif
content-length: 1776
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "e6f4b8a850008864fc4699371ab48e7a"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l1lY6F%2BV0xIZP%2FNRo4cu6hQdEKwl5DC5TVPnHBxHItSV9nFcE9KgMEcimuzMNpuRm10G1cwBIwQ636gQPzsSvMa2iFiMbCMDrcDvSklhWLouDX5bI%2B9s56TCZGuDTEcSCJWkQY80XHx5VGaI1%2BZ2laf80ws4QoW8p91KNmEfUhE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6c1b19bc569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bbece31e_v.gif | 188.114.97.1 | | 1.5 kB |
URL xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bbece31e_v.gif IP188.114.97.1:0
File typeGIF image data, version 89a, 30 x 29 Hash1834c112f6e54f620d2ef8f8c037d450 b911b12717fc708c9418b4a2a0d72f79c5c53be3 81a5f62c155d307316d16a11e5a907a99fcfa3f70dce41d01d9f65518206734e
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /5f205bbece31e_v.gif HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:59:46 GMT
content-type: image/gif
content-length: 1509
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "c0bc1a0dbe7f469d69d4170c9fa8e4f9"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G%2B9JEyJ8zbbLnlXLDLTIDW0MxtwJ0DKUDd23mTrhEVjZS7e%2FumObTo4vPo94BJ%2FQRzONubYco1glirVagFNTESCGvfXeWt06b9xm80LLChZh%2BNBnRDOS7J6ZR2ZhsVE5KqOI48LlU1apQrTttfeLTf0xCymyLyYF%2FqTjQwcrKao%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6c1b19c2569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap | 142.250.74.106 | 200 OK | 8.5 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap IP142.250.74.106:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typegzip compressed data, max compression Hash6b82b82f1b75b6d28368ba40ae7ddfd8 6546af301f1bad3054929b6843b78ebb853bb7d6 aadcffd772d393a10e8539e615a4de009982f86494f12569aabcf561ed073c62
GET /css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 25 Apr 2024 03:59:46 GMT
date: Thu, 25 Apr 2024 03:59:46 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 | 216.58.207.227 | 200 OK | 7.9 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 IP216.58.207.227:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7884, version 1.0 Hash9212f6f9860f9fc6c69b02fedf6db8c3 ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 03:21:03 GMT
expires: Wed, 23 Apr 2025 03:21:03 GMT
cache-control: public, max-age=31536000
age: 175124
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/warning.mp3 | 188.114.97.1 | | 600 kB |
URL xsecures214579523147645cdnjcnjvfjfj.pages.dev/warning.mp3 IP188.114.97.1:0
File typeAudio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 160 kbps, 44.1 kHz, Stereo Size600 kB (599923 bytes) Hashf3d32764e7a865c600257dd427f632aa 99a63e5585b7a749d313857364892c37fae3992b ab536cbd2f47380112a48bd939ab21c024fcd41ad82dd665c13fa49b17fcb5e7
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /warning.mp3 HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Range: bytes=0-
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:59:47 GMT
content-type: audio/mpeg
content-length: 599923
access-control-allow-origin: *
etag: "bb6e4064f308359635ad0b6b8710d0e5"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CPQHDL9pOh63PlUTVmHA5i5MPQ%2Beyfit3f6pUDB1AVTKq3ZpKQMuFrvbTHfPLULJeZ2F17YRDo81xbzjtj5fhx2YGcFsvRHAWFTv6vlA3bqZGPZtxU6k7OATiqWfBII%2BB%2F6RYfpIUoxhQGQcv%2BqOU%2FLhgtktbGCmS3YDBV9%2B93I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6c1efb18569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/alertms.mp3 | 188.114.97.1 | | 8.4 kB |
URL xsecures214579523147645cdnjcnjvfjfj.pages.dev/alertms.mp3 IP188.114.97.1:0
File typeAudio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 56 kbps, 44.1 kHz, Monaural Hash8618fbb0911e3b8fc96725dee8bfd81f 1bbcb78922946d0cf18fbf3a9e092e36453eb767 0589be7715d2320e559eae6bd26f3528e97450c70293da2e1e8ce45f77f99ab1
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /alertms.mp3 HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Range: bytes=0-
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:59:47 GMT
content-type: audio/mpeg
content-length: 8405
access-control-allow-origin: *
etag: "0825ebad9a641a19e1944426ffe4916e"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n%2Bh2KxPKQY2fRjVh8dGegd7HkpiFe6rOwyId3tN0w4QpMTGQVpZjn9QUxcEKWTqlnDB0y7LqzoXeUbgTvhIZHvOIdc0NSv%2B9yT8WKa3m%2FyRWitVqYCRhlBFOJQXkbzGD8sNpH%2FzuD%2FUpc7JEkldhaoD4X2sDAYMSnDXobGkwdMU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6c1f1b23569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 | 216.58.207.227 | 200 OK | 8.0 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 IP216.58.207.227:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 8000, version 1.0 Hash72993dddf88a63e8f226656f7de88e57 179f97ec0275f09603a8db94d4380eb584d81cd5 f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 Apr 2024 22:05:29 GMT
expires: Sun, 20 Apr 2025 22:05:29 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:00:59 GMT
content-type: font/woff2
age: 366858
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/favicon.ico | 188.114.97.1 | 200 OK | 14 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/favicon.ico IP188.114.97.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (688), with CRLF line terminators Hash512e81d9f168def1ddc98f3a4a30ae97 8c527554fc86a343ec0e9d65a7c91a3415b6010c 49292223685acb48f832c633123434488ab6acbc1239612cc804f8b028e12f7a
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /favicon.ico HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:59:47 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"ab33d055a320f2ae605df7b9d4967753"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kqU8vvo9gwy8hvI72MrEEy7we%2FqcvqynN57MXlWJaI%2FvFN90%2FvLZE6vkEqvAWNddGglKZa9cUNzuIMq6gF8PcZlrda7U0n4Z8OQJHZB4HugXUcMtzZTITsQtpjfuT7pbmGpBEgB9zMkU2fSl00vKs%2Bci4nEN9JfHPPiZIZwtRr8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6c201bb2569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php | 188.114.97.1 | 200 OK | 1.0 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php IP188.114.97.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePHP script, Unicode text, UTF-8 text Hashc1c79a3dbf20179512517a949e3d0c80 897c904d8a119287a52cb8d3abcaf2c086f8c7dc f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:59:48 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wYhT2F3IDYbVdeltYloOAyABgwEru2%2FWHORqnveFV0kThutzlxzT4%2FrqIkRqO6wbITehV1hQ05mcwdo7i0xmw2jOtMIBUVI1sKYn0bzHL0nqPjeIui4szb06WRFs3zvM29wCFJ0Opr0Bbv8BXoV5GPjJ%2BkUB9b1WODqdjEKDh1Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6c25ddcb569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 | 216.58.207.227 | | 7.7 kB |
URL fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 IP216.58.207.227:0
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7748, version 1.0 Hasha09f2fccfee35b7247b08a1a266f0328 0da2d17e738f46d2a09e6fb7969da451719a9820 cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 03:25:26 GMT
expires: Wed, 23 Apr 2025 03:25:26 GMT
cache-control: public, max-age=31536000
age: 174863
last-modified: Fri, 22 Mar 2024 00:01:14 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php | 188.114.97.1 | 200 OK | 1.0 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php IP188.114.97.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePHP script, Unicode text, UTF-8 text Hashc1c79a3dbf20179512517a949e3d0c80 897c904d8a119287a52cb8d3abcaf2c086f8c7dc f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:59:49 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=35u7VUBjeNuKnyoE4JEd9Srbke2uNVQDTN%2FjUom96DUpPraEQPJRGII%2FGvmIQkTu7wIS5rXqRmgUCX4gqAnjzbynH1ViatGLDU%2BX09mfW%2Bvs7wEmHKEFFXrVNAENCIYbP5p38fpabi4DSWUaPeuICxutrqoz5FHSg1CAwkHi4ro%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6c2cb875569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php | 188.114.97.1 | 200 OK | 1.0 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php IP188.114.97.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePHP script, Unicode text, UTF-8 text Hashc1c79a3dbf20179512517a949e3d0c80 897c904d8a119287a52cb8d3abcaf2c086f8c7dc f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:59:50 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vgHSYjspSzCd25BimKv%2FjMSXeldU1ChT4uWlXZdRZHn9obHHIQZX%2FcksEkwvZxX2xr5JOByN3TFN9OyJFJEfl%2FldF8CYE58UM%2FB07KMwvnK4tDVoGj2N6cJMayAP7OB54KLlDIPwkZZj0ZX5oM2Yefoxx%2B0TJv5%2BGp96GMNfNIA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6c339b11569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php | 188.114.97.1 | 200 OK | 1.0 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php IP188.114.97.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePHP script, Unicode text, UTF-8 text Hashc1c79a3dbf20179512517a949e3d0c80 897c904d8a119287a52cb8d3abcaf2c086f8c7dc f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:59:51 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6MjS84SEVRR4K2mwktTPCswDeEiFJ67tFW7QSyBxLLLLjWkeWHwSAGgWbUIo1OgDsxSQE5u%2BS9DDJiaco0XHlFPVr2mzjHDgsVrXAImUEAib9AvGGTy1Hu5xU0a493YpMstuEdqToxOG1mTX4ddor3CXhPgK9zvdVsk4qagSgWc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6c3a7dda569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/img/anim_red.gif | 188.114.97.1 | | 11 kB |
URL xsecures214579523147645cdnjcnjvfjfj.pages.dev/img/anim_red.gif IP188.114.97.1:0
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (688), with CRLF line terminators Hash512e81d9f168def1ddc98f3a4a30ae97 8c527554fc86a343ec0e9d65a7c91a3415b6010c 49292223685acb48f832c633123434488ab6acbc1239612cc804f8b028e12f7a
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /img/anim_red.gif HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:59:52 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"ab33d055a320f2ae605df7b9d4967753"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6dCUmXS1UaSn4i49kUluq6jVa2RYnWrs%2B%2Bf7SgVAtqIYSyCRj6en%2Fdqhl66NDVlXqW0PX0BrJstos4IIWjIuk2edMMmOrRk%2FO2RMJ5HLhbUouSz%2F6C3N%2F2uWFU3VawDPvY8n3MG8VykwqAoe%2B3Pp1XEsgR5%2Bt6hQOKbpKz7DZUw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6c3e0f29569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php | 188.114.97.1 | 200 OK | 1.0 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php IP188.114.97.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePHP script, Unicode text, UTF-8 text Hashc1c79a3dbf20179512517a949e3d0c80 897c904d8a119287a52cb8d3abcaf2c086f8c7dc f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:59:53 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P5KfjSA3a3iMy9qO0W25XeS0698ADAaKTGCC2LiVUhMuT9477C0wJLGGxEkAs8Zu113EQPXuj36B0FgLpkzg2YpNPLbFvPZEcqb0Cwgvgi5NQvdau39xjx0IbI3OheZailgobifFteP57wvU0LZsMFb3XkWBXPUrgDe%2BSdyyQm0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6c483a69569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php | 188.114.97.1 | 200 OK | 1.0 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php IP188.114.97.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePHP script, Unicode text, UTF-8 text Hashc1c79a3dbf20179512517a949e3d0c80 897c904d8a119287a52cb8d3abcaf2c086f8c7dc f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:59:54 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oq9vAjfOwhofP0xVQyidam0zEM47o4S5AFbvmtaIod7evJvh9MvsrykGJY1mPKRvR7XM8aRr7f8ibpGU%2FQJ6KVv4bA%2F%2FZOSYgHbFR7ZLLQ8ZfUdnrz%2Be565tGcy3R6Ux9UZ%2F0yoXOMdy1JEDq56vYkX8BsWyAYH%2BZlfOg0dnCkc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6c4f1cdb569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php | 188.114.97.1 | 200 OK | 1.0 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php IP188.114.97.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePHP script, Unicode text, UTF-8 text Hashc1c79a3dbf20179512517a949e3d0c80 897c904d8a119287a52cb8d3abcaf2c086f8c7dc f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:59:55 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fZO2CyW7mE92UTdby6TifWuWQQkOgdA4p0mfhJ7Qs0Ac7PpAtTfXMEGm04BymO8o8n8BKQykULWMXNWd2bimwEbrcoCsqmDiF1KUa%2BgTwFBD9nooay1kEkYnoalSs4tOBVM%2Fc%2BYwPuDxebh5Uuf0l4zuloj2jHpVzuuKb5zen68%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6c560fbc569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php | 188.114.97.1 | 200 OK | 1.0 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php IP188.114.97.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePHP script, Unicode text, UTF-8 text Hashc1c79a3dbf20179512517a949e3d0c80 897c904d8a119287a52cb8d3abcaf2c086f8c7dc f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:59:56 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kPW6b2Ejs%2F0R4HOZ2LkJet30ReEtXqHAUDRl8Udz5Ki%2BvAT8NDKYeyvg%2ByFAFsHf%2BRd8WcGrmrXky%2BCTLH3%2BiGfFP0J8gWAkfEQEyL7P%2BOWL89elQ1zKEuWefZuGOJ%2BA4HCn9DxMmkJeHiPBo4n%2FFbDYnpPVODbK1%2Fl%2FLD%2F3bXI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6c5ce9fb569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php | 188.114.97.1 | 200 OK | 1.0 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php IP188.114.97.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePHP script, Unicode text, UTF-8 text Hashc1c79a3dbf20179512517a949e3d0c80 897c904d8a119287a52cb8d3abcaf2c086f8c7dc f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:59:58 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DzAULGBYpYM0UBXiY6zi3v9XZ8xVZNxLLMc63VJBedPqKy3o4c%2FvC8Io2VvIOdtgNCRvNGAKHYGaLujkjt%2B%2FVC1VHl1d4mWetZ06BU3NvEoWBoFu31rWcPAWEXvYUD1Pioxwaxk0C1a2Sz7N5bkT%2FPK20LDHr1BgK7gzVPBmgi0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6c63ccba569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php | 188.114.97.1 | 200 OK | 1.0 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php IP188.114.97.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePHP script, Unicode text, UTF-8 text Hashc1c79a3dbf20179512517a949e3d0c80 897c904d8a119287a52cb8d3abcaf2c086f8c7dc f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:59:59 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tVzDezR%2B79qLRY6fyssZ%2BneoECrHIdk8XcCc4GFMEkRKqWE27OHtkgqr1mdWukXXIkLuxL%2F5sx1nn7LcVETDpXSi%2BKmjJzVlxJcW%2Bv8%2FEGcbGkR%2BvJd7Sr2scYmodqaGsk2hoT2aeyNZdn%2FBwYYgHSt7NWQ7ASE5v7AbwUHAQ20%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6c6aaf1b569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php | 188.114.97.1 | 200 OK | 1.0 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php IP188.114.97.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePHP script, Unicode text, UTF-8 text Hashc1c79a3dbf20179512517a949e3d0c80 897c904d8a119287a52cb8d3abcaf2c086f8c7dc f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 04:00:00 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EccECxsJn%2B%2FC6cvbV%2FjuclAsyDH0wbTVDr1%2BHnzs6SvFwgI5h6anbLeIolQA1UNJXJTtNWgJYqED17kunErybqrZSHLK6mWGFapWZUsP0KqEN7BPKfjnk5OMaXscapyt23arVljtMiVDOyUf9Fk9t6XXSQeP3SAq%2FEAK8MqpzqA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6c718aa1569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php | 188.114.97.1 | 200 OK | 1.0 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php IP188.114.97.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePHP script, Unicode text, UTF-8 text Hashc1c79a3dbf20179512517a949e3d0c80 897c904d8a119287a52cb8d3abcaf2c086f8c7dc f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 04:00:01 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8ww1HqQiNLXAxsm%2ByneYBLt%2BhnKSzYxBV4qQUDKGp%2F8RZRnEAZnHOWuFdXL08TzuPKMfpj5de3WTwchGs8PG5f7ERR6L2QoNbfAyHm96lvn4gB25Nt3cJFmU27gvRqM77X6mqgy37h3%2FHjwz07mPJRdFke30kY5lTdNpEnM9wH4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6c786f90569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php | 188.114.97.1 | 200 OK | 1.0 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php IP188.114.97.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePHP script, Unicode text, UTF-8 text Hashc1c79a3dbf20179512517a949e3d0c80 897c904d8a119287a52cb8d3abcaf2c086f8c7dc f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 04:00:02 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p9g1gfvSvEeZ2%2Bf%2Fg%2B8gyt2pKZSMrbq1Yx0jFOLGkFrkj1o3G3BRRmFezbVlgxAs8fBkQkXg4isqPh%2BJ4vVc7t%2B%2FKeoMp2kVttHBgmIe%2BME7sALn075ae6bEYiPzKJhJWOcs1l0v7z%2B%2B81l3cIcOBRylTPKjE1Ew4%2FvbSPoDCOI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6c7f4bab569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0 | 104.18.10.207 | | 67 kB |
URL maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0 IP104.18.10.207:0
File typeWeb Open Font Format (Version 2), TrueType, length 66624, version 4.262 Hashdb812d8a70a4e88e888744c1c9a27e89 638c652d623280a58144f93e7b552c66d1667a11 ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
GET /font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 25 Apr 2024 04:00:03 GMT
content-type: font/woff2
content-length: 66624
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "db812d8a70a4e88e888744c1c9a27e89"
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 10/31/2023 18:48:08
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 5997e73599297712dc3b7d132e139a11
cdn-cache: HIT
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 879b6c832f015693-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php | 188.114.97.1 | 200 OK | 1.0 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php IP188.114.97.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePHP script, Unicode text, UTF-8 text Hashc1c79a3dbf20179512517a949e3d0c80 897c904d8a119287a52cb8d3abcaf2c086f8c7dc f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 04:00:03 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JSb52cEXV4UFuJLMK4HSlplXPAv9KMnUGPzMk1hgbgSfVpTjKZBXzNGpIotu6SwydmyGJkeshHzgO4oEe4t9BNpx908FDJcAPSIaSJPVg7Fat4ACdqB0NZt4%2Fs3l3ygWQqNcGSKWk1Am4R55w74%2Brn%2BMLp%2FssZtW4C%2F7gUrT074%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6c863ef5569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php | 188.114.97.1 | 200 OK | 1.0 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php IP188.114.97.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePHP script, Unicode text, UTF-8 text Hashc1c79a3dbf20179512517a949e3d0c80 897c904d8a119287a52cb8d3abcaf2c086f8c7dc f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 04:00:04 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=beUro3h3Ha6fKbFSz%2BbdiPMdtH7WhfpKbplXdFuEQzZZDIExjgeSKemrUnxB4NTIF6zqNqI9ZpJ%2FDsOrCNCmIH3AUZUWY2ouY3B70jaKk%2Fo7NKmOhD5%2Bx7KtoyUr2C5VkptfqCZy%2BxhIYqEnVEJrSrkrns75E9YJgFZ8tK3O5UQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6c8d1a83569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php | 188.114.97.1 | 200 OK | 1.0 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php IP188.114.97.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePHP script, Unicode text, UTF-8 text Hashc1c79a3dbf20179512517a949e3d0c80 897c904d8a119287a52cb8d3abcaf2c086f8c7dc f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 04:00:05 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uW4Bvjo4WZn%2F3OAXwYl5IGyRz4M%2F0S0SVounJdJWU8s8DtwCAXpo%2BILOgVYjWOh3ATHjkz15PfMiritUAo1F0ZbrOq8pFV8HeeJDxF6MOaeEHo60ZTYhuyeC4RGnvu6khfemEXk4NWtZA9%2Bb4r8uc4xXeuOAobASW4KjQWRdM5A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6c93eddd569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php | 188.114.97.1 | 200 OK | 1.0 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php IP188.114.97.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePHP script, Unicode text, UTF-8 text Hashc1c79a3dbf20179512517a949e3d0c80 897c904d8a119287a52cb8d3abcaf2c086f8c7dc f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 04:00:06 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=93LyVv1vQ35C1TLU4VbwYxaVM5gpfH1pa0TH0G4cT0seXw8V8H1CLXLoa9sFZJsOpEEXukdI7CZu1xRWsslBKwrbmxjCSABg0Vc0fqq181cDqCBgqIxDKJV0ExofQV2R97YxIDIWjmZxZwcA6anbF87yf0pxybB4%2BLcW8SIppX0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6c9ae933569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css | 104.18.10.207 | | 29 kB |
URL stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css IP104.18.10.207:0
File typeASCII text, with very long lines (65326) Hash816af0eddd3b4822c2756227c7e7b7ee c470239d4c7db36d56dc3a74a080c62218c6edc4 5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
GET /bootstrap/4.5.2/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Origin: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 03:59:46 GMT
content-type: text/css; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"816af0eddd3b4822c2756227c7e7b7ee"
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
cdn-cachedat: 03/18/2024 12:45:42
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 865
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 9878ddfbddeed5b02fff2ac114ddbf5a
cdn-cache: HIT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 879b6c1b3d0f5693-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php | 188.114.97.1 | 200 OK | 1.0 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php IP188.114.97.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePHP script, Unicode text, UTF-8 text Hashc1c79a3dbf20179512517a949e3d0c80 897c904d8a119287a52cb8d3abcaf2c086f8c7dc f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 04:00:09 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7cDLeP0coRU%2F7LKyXcf3vpvH29erPugL2DS3tO0%2BlK0DNIZ1tF52hHdLqGwyqwyBZkOsK2awhKjTTBXqN2%2BSyY8Yx2%2B5gLgJ0E0c4PR4tWFFd2H1Gj%2BC6yG%2FxMS8%2BqtthMOhoYWHMtrbfmGWBsjBAfqhHQNyoaIfDSU4qR%2B%2F2jk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6ca89fb5569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php | 188.114.97.1 | 200 OK | 1.0 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php IP188.114.97.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePHP script, Unicode text, UTF-8 text Hashc1c79a3dbf20179512517a949e3d0c80 897c904d8a119287a52cb8d3abcaf2c086f8c7dc f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 04:00:10 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=25%2F3CN0jieK1CWA5cZTwznf0IurIg9X0gy86j74HLJTP7zU8SYHU%2BepuwbyMghBYII3I0BusyZMdfITKq6Q9mOThy6d4I%2Fx0ChN%2FnEivbpsLz4M%2FTPZcG2PNpsCNgCB2ZjRQvYAOgMTzaI%2FHtXchLwPTNuPxgRQZdYCRyKe5bmY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6caf7b2a569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php | 188.114.97.1 | 200 OK | 1.0 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/0ErFR0_0D8.php IP188.114.97.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typePHP script, Unicode text, UTF-8 text Hashc1c79a3dbf20179512517a949e3d0c80 897c904d8a119287a52cb8d3abcaf2c086f8c7dc f6162f3cacffbafd29c477c410db6642d591edfe76e5ea0c09ec9fc9c754361c
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /0ErFR0_0D8.php HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 04:00:11 GMT
content-length: 1000
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ad0aa3833e8ca1a8a181d7d3289bcd33"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NDvuU1mnMqZZp8NSWtY7mEdBFEqgXcqLVVkOzyyCCqYV0FyqLJ%2BFvtPZbZiFlHLaJWA8IMHivqfvjdSYe%2FO4WVqb33MHP6shDt6eftZVOBBramWIYAwyTF%2FYzuTpeLSXkZ7PrjtdeoAtcauYIEjwbVG4agB5jlSpuNmIGhPMHhA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6cb65dc9569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js | 104.18.10.207 | 200 OK | 60 kB |
URL GET HTTP/2stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js IP104.18.10.207:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeJavaScript source, ASCII text, with very long lines (59765) Hash02d223393e00c273efdcb1ade8f4f8b1 0cc93b8421d89c24a889642428b363cb831de78a 79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
GET /bootstrap/4.5.2/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
Origin: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 03:59:46 GMT
content-type: application/javascript; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"02d223393e00c273efdcb1ade8f4f8b1"
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
cdn-cachedat: 03/25/2024 22:48:44
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1053
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: dac2447bf5b463022402e5540e021878
cdn-cache: HIT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 879b6c1b3d115693-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bb74a5eb_v.css | 188.114.97.1 | 200 OK | 25 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/5f205bb74a5eb_v.css IP188.114.97.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
File typeASCII text, with CRLF line terminators Hashf91306edf4659f5a06180f788431c6ad 9742c6e636f9a339704598142088b22cfa399841 d7f23adb7bc2ab9f580a1717f97c8f8b89cdec79e0bba2bed4ce2a44d35174e3
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /5f205bb74a5eb_v.css HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:59:46 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"b91213050e39416ad014cdfbe5565958"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=InILi%2FtmJS0F2uTLHOY7xyiRvfKIqp3%2B5753J%2B36mdkCvci5fbX6LzcgVACvpSAf%2F2hqjf0jbe6BR3HMeZSI%2FlOGzYbGJKsZaDWfNSh7vBzYhZeyEgA6WpfTVe9Y%2BS8HZsxjq%2B90y0jkRWpqHEYlhblapKeOxAqpNr87FF6C%2FFA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6c1af9a6569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 | 216.58.207.227 | 200 OK | 7.8 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 IP216.58.207.227:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7816, version 1.0 Hash25b0e113ca7cce3770d542736db26368 cb726212d5d525021752a1d8470a0fb593e0c49e 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 Apr 2024 16:23:47 GMT
expires: Tue, 22 Apr 2025 16:23:47 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:00:32 GMT
content-type: font/woff2
age: 214560
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| xsecures214579523147645cdnjcnjvfjfj.pages.dev/img/anim_orange.gif | 188.114.97.1 | 200 OK | 43 kB |
URL GET HTTP/3xsecures214579523147645cdnjcnjvfjfj.pages.dev/img/anim_orange.gif IP188.114.97.1:443
Requested byhttps://xsecures214579523147645cdnjcnjvfjfj.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectxsecures214579523147645cdnjcnjvfjfj.pages.dev FingerprintEA:49:38:8A:1A:2F:30:A0:03:6B:CC:DB:F0:5F:5A:6D:83:12:0A:DB ValiditySat, 06 Apr 2024 03:22:28 GMT - Fri, 05 Jul 2024 03:22:27 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Office365 |
GET /img/anim_orange.gif HTTP/1.1
Host: xsecures214579523147645cdnjcnjvfjfj.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xsecures214579523147645cdnjcnjvfjfj.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:59:49 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"ab33d055a320f2ae605df7b9d4967753"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vV4SFWNo6rYbkFKFl9WuMqv4PtTXFxJNoxWyY4gXsCsY16sJ2DHcgzv79tDan9YUJKcIb5bo7iBqTg%2Fzcdb0OI35pzBIwQIOSpxTMpJnovFn6bXQROwnZaSyRy2puRvCO%2BXA28pjKvtDzM2Wrodm%2BNprPp5BZ%2BTtHsDAbHMxRsg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b6c2b4fd2569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|