| dfsvgd.pages.dev/img/logo-2.jpg | 172.66.44.247 | 200 OK | 142 kB |
URL GET HTTP/3dfsvgd.pages.dev/img/logo-2.jpg IP172.66.44.247:443
Requested byhttps://dfsvgd.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectdfsvgd.pages.dev FingerprintBE:15:6F:B4:DA:F1:2C:4F:1A:7C:49:0C:1B:29:1F:DC:52:0A:20:9F ValidityMon, 15 Apr 2024 00:08:02 GMT - Sun, 14 Jul 2024 00:08:01 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1080, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=720], baseline, precision 8, 720x1080, components 3 Size142 kB (141454 bytes) Hashbcd43a6fbb58b7e87785f0d95e8d5e36 51dfda212afdc544a32c47e1cc31698bbbceff45 f8ef2d1f4507b16731994895cb684fc0200176e647516a501ea93287aade4d47
Analyzer | Verdict | Alert | OpenPhish | phishing | WhatsApp |
GET /img/logo-2.jpg HTTP/1.1
Host: dfsvgd.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfsvgd.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:02:45 GMT
content-type: image/jpeg
content-length: 141454
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "e1a0634a88ed82c8b27af2e8d0c38b63"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=87tZCIvCtpG2Ax5rcmtCXoarxVLJtaZqruWtyPucRHjIj44XWobe4FdSxYKYaRplbgXa%2FLpU%2FWfStB9UsjXJFb9yBGKgWf0iYIhELbZKDNwy6CDsj2LD4wc8CyRE22qH7vE6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3add7ee71b511-OSL
alt-svc: h3=":443"; ma=86400
|
|
| dfsvgd.pages.dev/img/wa-logo.svg | 172.66.44.247 | 200 OK | 104 kB |
URL GET HTTP/3dfsvgd.pages.dev/img/wa-logo.svg IP172.66.44.247:443
Requested byhttps://dfsvgd.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectdfsvgd.pages.dev FingerprintBE:15:6F:B4:DA:F1:2C:4F:1A:7C:49:0C:1B:29:1F:DC:52:0A:20:9F ValidityMon, 15 Apr 2024 00:08:02 GMT - Sun, 14 Jul 2024 00:08:01 GMT
File typeSVG Scalable Vector Graphics image Size104 kB (103736 bytes) Hash6b3ee5e3877cc19d1154cbe98eea6f66 56d4b7556cebad6129ebb61a980d5964be476b4a 533ef6670e3d9c0e44718d0afa43f2edda11b58586e9da4e8f621145cf84d4d2
Analyzer | Verdict | Alert | OpenPhish | phishing | WhatsApp |
GET /img/wa-logo.svg HTTP/1.1
Host: dfsvgd.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfsvgd.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:02:45 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"25c86fe408000f9d7d23dd184c483eb2"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SzVeyqLodoaKHHxQY6RWm0%2FmBc1aclxkZkfDkaXg%2BGPLxpxOgrtXnox1AYuW5SzPyQkUoYXWsBSa%2FRroNVlAJrP9BZg7YJrQSEvftXX7ESJbf5liWjOz8WPN6R7K%2F%2BeoNf4v"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3add7ee70b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| dfsvgd.pages.dev/npm/bootstrap-5.1.3/dist/css/bootstrap.min.css | 172.66.44.247 | 200 OK | 37 kB |
URL GET HTTP/3dfsvgd.pages.dev/npm/bootstrap-5.1.3/dist/css/bootstrap.min.css IP172.66.44.247:443
Requested byhttps://dfsvgd.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectdfsvgd.pages.dev FingerprintBE:15:6F:B4:DA:F1:2C:4F:1A:7C:49:0C:1B:29:1F:DC:52:0A:20:9F ValidityMon, 15 Apr 2024 00:08:02 GMT - Sun, 14 Jul 2024 00:08:01 GMT
File typeUnicode text, UTF-8 text, with very long lines (61349), with CRLF line terminators Hasheb323eab70d4fa2878e9d540f89d65b1 38916a97a9a8d575558ba89600c49279b57809c1 fcae4b9595f3a6e396c66760e473dfccb037db9d8d2419c24ff548cbbc65d8a7
Analyzer | Verdict | Alert | OpenPhish | phishing | WhatsApp |
GET /npm/bootstrap-5.1.3/dist/css/bootstrap.min.css HTTP/1.1
Host: dfsvgd.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfsvgd.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:02:45 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"77074764c111b28d243f7e446ef99209"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8hb5rHEHE8o4607Ly%2BrF49VpxQTnoWQ1kbKid%2FFWxcTYZ9eP80phgETyfDrsvWoIxnnjasf71pED%2BMXBsSn6SUkJha6uhs7taSLIH4yJzENT857EsCZ0oEcuu%2Byw6200Vpyg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3add7de6db511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| proftrafficcounter.com/stats | 18.185.247.192 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP18.185.247.192:443
Requested byhttps://dfsvgd.pages.dev/ CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hashac23e923abd1dcf1805d83233d85e3c1 3a1ea0bac15abd19c88dc24d24cd0703bafa3c5d c441565ba75a2151e96f8581bde645aeb4d5c5a8f99f36f4e06829879ac2ae4c
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfsvgd.pages.dev/
Origin: https://dfsvgd.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 04:02:46 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://dfsvgd.pages.dev
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=aeb64e29-5854-4be4-9f24-b7a3d637cddc:2:1; expires=Mon, 24 Apr 2034 04:02:46 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| dfsvgd.pages.dev/npm/backoffer.js | 172.66.44.247 | 200 OK | 732 B |
URL GET HTTP/3dfsvgd.pages.dev/npm/backoffer.js IP172.66.44.247:443
Requested byhttps://dfsvgd.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectdfsvgd.pages.dev FingerprintBE:15:6F:B4:DA:F1:2C:4F:1A:7C:49:0C:1B:29:1F:DC:52:0A:20:9F ValidityMon, 15 Apr 2024 00:08:02 GMT - Sun, 14 Jul 2024 00:08:01 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hash4e39716b4d4469996fc6e68265fa8830 c8b24994e71f4e58170e639124107fd25757f755 3cc4cdc7b3421264503656474f5b10db20bc711493bfe2df0680da0b7c81a72c
Analyzer | Verdict | Alert | OpenPhish | phishing | WhatsApp |
GET /npm/backoffer.js HTTP/1.1
Host: dfsvgd.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfsvgd.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:02:45 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"09641025415c02def83d21149b6a7f1d"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ts1CDjhfqfbxQNj0Tceha6Xrt0q41fkI%2Bls0kyBuPRZZ91WuvzHQV8Jux%2BQCWRmz0jDCiKOhrDk492nlpIX7LNZamRklrON3xftrIVweQeO5DccD%2FOb4nl2B22ia49Nm9SEq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3add7ee6eb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| acknowledgecalculated.com/cd/ad/48/cdad48e428afe48d78642d3476d5432e.js | 192.243.61.225 | 200 OK | 31 kB |
URL GET HTTP/1.1acknowledgecalculated.com/cd/ad/48/cdad48e428afe48d78642d3476d5432e.js IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfsvgd.pages.dev/ CertificateIssuerLet's Encrypt Subjectacknowledgecalculated.com Fingerprint20:65:3B:35:64:3E:0C:63:EF:0A:BC:38:43:BE:15:6A:66:00:8B:61 ValidityTue, 23 Apr 2024 10:59:22 GMT - Mon, 22 Jul 2024 10:59:21 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashee6994081b9a3c541e6fea3287fe1c8c a2fe035884827c8dc2c6c39166c8ebd782781751 756b4497371bc17060c633f8ee69c68cdec9c5f095fc0d639fa3c89cbd5db510
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cd/ad/48/cdad48e428afe48d78642d3476d5432e.js HTTP/1.1
Host: acknowledgecalculated.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfsvgd.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 04:02:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3df7e1d668bf223c5b0333479d7452a9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| acknowledgecalculated.com/watch.1529322067987.js?key=7e89a56fa66ca3796726cd5fa0f1906e&kw=%5B%22whatsapp%22%2C%22group%22%2C%22invite%22%5D&refer=https%3A%2F%2Fdfsvgd.pages.dev%2F&tz=0&dev=e&res=14.2071&uuid=aeb64e29-5854-4be4-9f24-b7a3d637cddc%3A2%3A1 | 172.240.108.76 | 307 Temporary Redirect | 0 B |
URL GET HTTP/1.1acknowledgecalculated.com/watch.1529322067987.js?key=7e89a56fa66ca3796726cd5fa0f1906e&kw=%5B%22whatsapp%22%2C%22group%22%2C%22invite%22%5D&refer=https%3A%2F%2Fdfsvgd.pages.dev%2F&tz=0&dev=e&res=14.2071&uuid=aeb64e29-5854-4be4-9f24-b7a3d637cddc%3A2%3A1 IP172.240.108.76:443
Requested byhttps://dfsvgd.pages.dev/ CertificateIssuerLet's Encrypt Subjectacknowledgecalculated.com Fingerprint20:65:3B:35:64:3E:0C:63:EF:0A:BC:38:43:BE:15:6A:66:00:8B:61 ValidityTue, 23 Apr 2024 10:59:22 GMT - Mon, 22 Jul 2024 10:59:21 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.1529322067987.js?key=7e89a56fa66ca3796726cd5fa0f1906e&kw=%5B%22whatsapp%22%2C%22group%22%2C%22invite%22%5D&refer=https%3A%2F%2Fdfsvgd.pages.dev%2F&tz=0&dev=e&res=14.2071&uuid=aeb64e29-5854-4be4-9f24-b7a3d637cddc%3A2%3A1 HTTP/1.1
Host: acknowledgecalculated.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfsvgd.pages.dev/
Origin: https://dfsvgd.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 04:02:46 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://dfsvgd.pages.dev
Access-Control-Allow-Origin: https://dfsvgd.pages.dev
Access-Control-Allow-Credentials: true
Location: https://acknowledgecalculated.com/watch.1529322067987.js?dev=e&key=7e89a56fa66ca3796726cd5fa0f1906e&kw=%5B%22whatsapp%22%2C%22group%22%2C%22invite%22%5D&pst=1714104226&refer=https%3A%2F%2Fdfsvgd.pages.dev%2F&res=14.2071&rmtc=t&shu=49fdc89091015794878b1215c48d9cdf4dee9ec742942d47c2797f820390082720ed0a8cf87a7a4311e34973646a052ff79eaf9f65ff4a3b51d133915f4a263b5baa49f1febf180cc762965169ad300226da266e4a6b8cfc3e848c2053d95873e31694&tz=0&uuid=aeb64e29-5854-4be4-9f24-b7a3d637cddc%3A2%3A1
Set-Cookie: u_pl=19433974; expires=Sat, 27 Apr 2024 04:02:46 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTQzMzk3NCwiayI6IjdlODlhNTZmYTY2Y2EzNzk2NzI2Y2Q1ZmEwZjE5MDZlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNTcyNDE4LCJwaWQiOjg5MzkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE2LCJhaWQiOjMyLCJwdCI6NCwicGsiOiJyNjl3NXp2cCIsImNwa3MiOnsiMjgiOiJjZGFkNDhlNDI4YWZlNDhkNzg2NDJkMzQ3NmQ1NDMyZSJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9kZnN2Z2QucGFnZXMuZGV2LyIsImFyIjpbXX19.lNf9qP0Ng_sAnbcpiK3jzSQJTBr6mF2NJj5T1j0ICu0; expires=Fri, 26 Apr 2024 04:03:46 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1af9a5f135e15d75f70efcafaede1f7e
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| acknowledgecalculated.com/watch.1529322067987.js?dev=e&key=7e89a56fa66ca3796726cd5fa0f1906e&kw=%5B%22whatsapp%22%2C%22group%22%2C%22invite%22%5D&pst=1714104226&refer=https%3A%2F%2Fdfsvgd.pages.dev%2F&res=14.2071&rmtc=t&shu=49fdc89091015794878b1215c48d9cdf4dee9ec742942d47c2797f820390082720ed0a8cf87a7a4311e34973646a052ff79eaf9f65ff4a3b51d133915f4a263b5baa49f1febf180cc762965169ad300226da266e4a6b8cfc3e848c2053d95873e31694&tz=0&uuid=aeb64e29-5854-4be4-9f24-b7a3d637cddc%3A2%3A1 | 192.243.61.225 | 200 OK | 2.5 kB |
URL GET HTTP/1.1acknowledgecalculated.com/watch.1529322067987.js?dev=e&key=7e89a56fa66ca3796726cd5fa0f1906e&kw=%5B%22whatsapp%22%2C%22group%22%2C%22invite%22%5D&pst=1714104226&refer=https%3A%2F%2Fdfsvgd.pages.dev%2F&res=14.2071&rmtc=t&shu=49fdc89091015794878b1215c48d9cdf4dee9ec742942d47c2797f820390082720ed0a8cf87a7a4311e34973646a052ff79eaf9f65ff4a3b51d133915f4a263b5baa49f1febf180cc762965169ad300226da266e4a6b8cfc3e848c2053d95873e31694&tz=0&uuid=aeb64e29-5854-4be4-9f24-b7a3d637cddc%3A2%3A1 IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfsvgd.pages.dev/ CertificateIssuerLet's Encrypt Subjectacknowledgecalculated.com Fingerprint20:65:3B:35:64:3E:0C:63:EF:0A:BC:38:43:BE:15:6A:66:00:8B:61 ValidityTue, 23 Apr 2024 10:59:22 GMT - Mon, 22 Jul 2024 10:59:21 GMT
File typeJavaScript source, ASCII text, with very long lines (3153) Hashdf2dd11b621f849a564daff1f04233d0 b82b74f7a308fd958eafa52eb1a7cef1108c8397 fef72fdcc64875394a096d1bc094ee9e8e0f77985b059fb8abe7b0b0c63e4904
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.1529322067987.js?dev=e&key=7e89a56fa66ca3796726cd5fa0f1906e&kw=%5B%22whatsapp%22%2C%22group%22%2C%22invite%22%5D&pst=1714104226&refer=https%3A%2F%2Fdfsvgd.pages.dev%2F&res=14.2071&rmtc=t&shu=49fdc89091015794878b1215c48d9cdf4dee9ec742942d47c2797f820390082720ed0a8cf87a7a4311e34973646a052ff79eaf9f65ff4a3b51d133915f4a263b5baa49f1febf180cc762965169ad300226da266e4a6b8cfc3e848c2053d95873e31694&tz=0&uuid=aeb64e29-5854-4be4-9f24-b7a3d637cddc%3A2%3A1 HTTP/1.1
Host: acknowledgecalculated.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dfsvgd.pages.dev
Referer: https://dfsvgd.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: u_pl=19433974; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTQzMzk3NCwiayI6IjdlODlhNTZmYTY2Y2EzNzk2NzI2Y2Q1ZmEwZjE5MDZlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNTcyNDE4LCJwaWQiOjg5MzkyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjE2LCJhaWQiOjMyLCJwdCI6NCwicGsiOiJyNjl3NXp2cCIsImNwa3MiOnsiMjgiOiJjZGFkNDhlNDI4YWZlNDhkNzg2NDJkMzQ3NmQ1NDMyZSJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9kZnN2Z2QucGFnZXMuZGV2LyIsImFyIjpbXX19.lNf9qP0Ng_sAnbcpiK3jzSQJTBr6mF2NJj5T1j0ICu0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 04:02:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://dfsvgd.pages.dev
Access-Control-Allow-Origin: https://dfsvgd.pages.dev
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=aeb64e29-5854-4be4-9f24-b7a3d637cddc:2:1; expires=Fri, 03 May 2024 04:02:46 GMT; secure; SameSite=None
iprc4743b42075275959b0d80ecc28ef8266=3569682; expires=Fri, 26 Apr 2024 08:02:46 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 27 Apr 2024 04:02:46 GMT; secure; SameSite=None
uncs=1; expires=Sat, 27 Apr 2024 04:02:46 GMT; secure; SameSite=None
pdhtkv32=true; expires=Sat, 27 Apr 2024 04:02:46 GMT; secure; SameSite=None
uncs32=1; expires=Sat, 27 Apr 2024 04:02:46 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 97f8976fb05238cd1fc8a992df017c40
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| dfsvgd.pages.dev/favicon.ico | 172.66.44.247 | 200 OK | 36 kB |
URL GET HTTP/3dfsvgd.pages.dev/favicon.ico IP172.66.44.247:443
Requested byhttps://dfsvgd.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectdfsvgd.pages.dev FingerprintBE:15:6F:B4:DA:F1:2C:4F:1A:7C:49:0C:1B:29:1F:DC:52:0A:20:9F ValidityMon, 15 Apr 2024 00:08:02 GMT - Sun, 14 Jul 2024 00:08:01 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (5229), with CRLF line terminators Hash4c60349b6c4903a63efce07108ab3157 ecb810800efd9d9391b8740567b4ecf4479321b3 1de1b9395457e51cebc27c059851e33b89050c0ddbb7a4d2b10215263c4c2a3c
Analyzer | Verdict | Alert | OpenPhish | phishing | WhatsApp |
GET /favicon.ico HTTP/1.1
Host: dfsvgd.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfsvgd.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=aeb64e29-5854-4be4-9f24-b7a3d637cddc%3A2%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:02:46 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"faf1213fdd988a55135f05bdb5fbfe49"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FfmFuLbVik3ECkPZNvjDrbNyXBXrDpwf7fUyp3DrDnHwDU22ljSROoa4N%2FberPtSUf8kz9vNezo0c7Uq3u1r3gYXH4jRfTiGXtHGMJB9uF%2F4FE6ezuUP6j9RM9PofmBhlXmJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3ade00a8db511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ideapassage.com/pixel/purst?dl=0&th=0&sc=0&rs=2010&rd=2010&fd=593&bv=24.4.3467&tmpl=70 | 172.240.108.76 | 200 OK | 0 B |
URL GET HTTP/1.1ideapassage.com/pixel/purst?dl=0&th=0&sc=0&rs=2010&rd=2010&fd=593&bv=24.4.3467&tmpl=70 IP172.240.108.76:443
Requested byhttps://dfsvgd.pages.dev/ CertificateIssuerLet's Encrypt Subjectideapassage.com Fingerprint64:11:23:80:71:A6:A3:04:37:8D:EE:B8:20:2C:DF:B8:C7:8B:49:FD ValidityWed, 24 Apr 2024 15:11:11 GMT - Tue, 23 Jul 2024 15:11:10 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/purst?dl=0&th=0&sc=0&rs=2010&rd=2010&fd=593&bv=24.4.3467&tmpl=70 HTTP/1.1
Host: ideapassage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfsvgd.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 04:02:47 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| unseenreport.com/pxf.gif?uuid=aeb64e29-5854-4be4-9f24-b7a3d637cddc&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=cdad48e428afe48d78642d3476d5432e&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=4 | 192.243.59.13 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=aeb64e29-5854-4be4-9f24-b7a3d637cddc&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=cdad48e428afe48d78642d3476d5432e&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=4 IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfsvgd.pages.dev/ CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=aeb64e29-5854-4be4-9f24-b7a3d637cddc&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=cdad48e428afe48d78642d3476d5432e&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=4 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfsvgd.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 26 Apr 2024 04:02:47 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 71d5e24c7de0a8f8172b965c98aaf0d1
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| hzr0dm28m17c.com/7e89a56fa66ca3796726cd5fa0f1906e/invoke.js | 172.240.108.68 | 200 OK | 31 kB |
URL GET HTTP/1.1hzr0dm28m17c.com/7e89a56fa66ca3796726cd5fa0f1906e/invoke.js IP172.240.108.68:443
Requested byhttps://dfsvgd.pages.dev/ CertificateIssuerLet's Encrypt Subjecthzr0dm28m17c.com Fingerprint9F:89:99:65:B2:6A:E8:8C:A8:61:55:B2:AC:E5:74:D2:72:2E:0F:F4 ValidityWed, 10 Apr 2024 07:04:16 GMT - Tue, 09 Jul 2024 07:04:15 GMT
File typeJavaScript source, ASCII text, with very long lines (31308), with no line terminators Hashf33677fdebc496be22597c6525b67db8 a82053b234f13243ec426a86c90124636340b2bf 5512dfc494d042c55573c9857fa9d8359da57c9e0fc681b8b778fc53e6ef9522
GET /7e89a56fa66ca3796726cd5fa0f1906e/invoke.js HTTP/1.1
Host: hzr0dm28m17c.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfsvgd.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 04:02:45 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7f5d2aba40015b5358c148c63a4dbfd7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| dfsvgd.pages.dev/npm/bootstrap-icons-1.8.1/font/fonts/bootstrap-icons.woff | 172.66.44.247 | 200 OK | 102 kB |
URL GET HTTP/3dfsvgd.pages.dev/npm/bootstrap-icons-1.8.1/font/fonts/bootstrap-icons.woff IP172.66.44.247:443
Requested byhttps://dfsvgd.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectdfsvgd.pages.dev FingerprintBE:15:6F:B4:DA:F1:2C:4F:1A:7C:49:0C:1B:29:1F:DC:52:0A:20:9F ValidityMon, 15 Apr 2024 00:08:02 GMT - Sun, 14 Jul 2024 00:08:01 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 102536, version 1.0 Size102 kB (102536 bytes) Hash1ed478a6b265d4b4f5c26bb063203588 1ca5e8c7d2fb8e9d60ad1a1feb2a46e98c248a3d c874e14c63db86c4c5318c77cb557fce7036645edc7d690dcc1d23b389631b13
Analyzer | Verdict | Alert | OpenPhish | phishing | WhatsApp |
GET /npm/bootstrap-icons-1.8.1/font/fonts/bootstrap-icons.woff HTTP/1.1
Host: dfsvgd.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://dfsvgd.pages.dev/npm/bootstrap-icons-1.8.1/font/bootstrap-icons.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:02:45 GMT
content-type: application/font-woff
content-length: 102536
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "5be77896cfc73472a4e6d8b7fcbbb306"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VVDjfE3ve3ishjwpujfcL1jHDuP1OANa%2FN1%2FjSY11qBJh16kP4tXiRZkRumx4GZEB%2FJibGH%2Fe0D2SKRQcWwKKW24%2FjHs2qmk2gc0gBzF7motsLoE2Zb66JofeQh%2FcwSIfvUf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3add92f0eb511-OSL
alt-svc: h3=":443"; ma=86400
|
|
| | 172.66.44.247 | 200 OK | 9.7 kB |
URL User Request GET HTTP/2IP172.66.44.247:443
CertificateIssuerGoogle Trust Services LLC Subjectdfsvgd.pages.dev FingerprintBE:15:6F:B4:DA:F1:2C:4F:1A:7C:49:0C:1B:29:1F:DC:52:0A:20:9F ValidityMon, 15 Apr 2024 00:08:02 GMT - Sun, 14 Jul 2024 00:08:01 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (9994), with no line terminators Hash44320a20bb46d516b58b7b29bb77ab9d 09b8221866d6e2bc54805266e7ad3616a55614c3 c5c9fd4de64655501ef2930c8e32e63834225cc9c04d656eeb8e009f011faf96
Analyzer | Verdict | Alert | OpenPhish | phishing | WhatsApp |
GET / HTTP/1.1
Host: dfsvgd.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 04:02:44 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"faf1213fdd988a55135f05bdb5fbfe49"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QMQgU0RgLmqe47N67rI7gJbHOSw23osV20xk6P64yif3NaYUxT48bavskRIAIvR8xCBkVjFW8MQuOgDuMW6ungdzuJhb%2BVyofSJEoxrapt9yN2AzHD3TKkkzXu1kU72igOgv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3add5a9adb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| dfsvgd.pages.dev/npm/bootstrap-icons-1.8.1/font/bootstrap-icons.css | 172.66.44.247 | 200 OK | 80 kB |
URL GET HTTP/3dfsvgd.pages.dev/npm/bootstrap-icons-1.8.1/font/bootstrap-icons.css IP172.66.44.247:443
Requested byhttps://dfsvgd.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectdfsvgd.pages.dev FingerprintBE:15:6F:B4:DA:F1:2C:4F:1A:7C:49:0C:1B:29:1F:DC:52:0A:20:9F ValidityMon, 15 Apr 2024 00:08:02 GMT - Sun, 14 Jul 2024 00:08:01 GMT
Hashf483f87a3c57f292bd5eb4c343003b01 5f2b1fa8de5b4d52ea2b04941aa508529e6994c9 f93ce1072054f40abfa1889d47d29d227a8af86231a073ccf678f7ab8841d6f3
Analyzer | Verdict | Alert | OpenPhish | phishing | WhatsApp |
GET /npm/bootstrap-icons-1.8.1/font/bootstrap-icons.css HTTP/1.1
Host: dfsvgd.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfsvgd.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 04:02:45 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"e923e3e66559c9a0e65917c26a484c62"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=togjNHIgqqUckonXVokSv08XXxD%2FsUd0NNz3nodas58DkFAKbs6%2FwyHG%2BeUZ3yg%2BYQEN9buYtD4D1CLqEQnWThSfVWJdYa9nZ8O94%2FVlcCaVFe8dxrs6t3MiWPm%2F%2FrbYhRWu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3add7de6cb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| downstairsnegotiatebarren.com/sfp.js | 188.114.96.1 | 200 OK | 86 kB |
URL GET HTTP/2downstairsnegotiatebarren.com/sfp.js IP188.114.96.1:443
Requested byhttps://dfsvgd.pages.dev/ CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint2C:6A:E1:8E:26:5B:1D:8B:86:CB:C1:72:4E:52:4B:8B:67:3A:D2:44 ValidityMon, 04 Mar 2024 21:53:07 GMT - Sun, 02 Jun 2024 21:53:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dfsvgd.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 04:02:46 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: ab15b23515ecfd67ec81189a52c58f42
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: STALE
age: 0
last-modified: Fri, 26 Apr 2024 04:02:46 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OwO4LLvc9p255Y8Lx6hgNndcycA7i3v%2F8ypP6uDeryZpAScp%2F6cqzHw%2BDzUNJDCNB0khPwwddmobqxg5ONeJgzcPe2MrPoNaBrxMaERhCQagERA2bZjzW35ABI3o6KB2tSEtz8u3fkt8tXOSCqpFMA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a3ade22d717129-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.cloudimagesb.com/cti/e7/7f/66/e77f66a1bf85e2e04ab5cc04da0f3a33/1658915540.gif | 45.133.44.9 | 200 OK | 5.8 kB |
URL GET HTTP/2cdn.cloudimagesb.com/cti/e7/7f/66/e77f66a1bf85e2e04ab5cc04da0f3a33/1658915540.gif IP45.133.44.9:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://dfsvgd.pages.dev/ CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typeGIF image data, version 89a, 320 x 50 Hash9435690825affab0d3786533519f2e39 20e7701821ca04cce18bb07b53f5b80bf4d9ff8c 42f117a4284f3aafdf140b07a569992be9f36b2d84257697bcf940fdab35245f
GET /cti/e7/7f/66/e77f66a1bf85e2e04ab5cc04da0f3a33/1658915540.gif HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 04:02:47 GMT
content-type: image/gif
content-length: 5817
server: nginx/1.21.6
last-modified: Wed, 27 Jul 2022 09:52:28 GMT
etag: "62e10adc-16b9"
expires: Sun, 28 Apr 2024 04:02:47 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|