Report - projecty2kbnsjhiu2yuy4pnbbnxjknhvbd.pages.dev/?user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/86.0.4240.75%20Safari/537.36

Report Overview

Submitted URL
projecty2kbnsjhiu2yuy4pnbbnxjknhvbd.pages.dev/?user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/86.0.4240.75%20Safari/537.36
IP
172.66.47.175
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-26 14:58:51
Access
public
Website Title
Share Point Online
Final URL
projecty2kbnsjhiu2yuy4pnbbnxjknhvbd.pages.dev/?user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/86.0.4240.75%20Safari/537.36
Tags
suspicious
urlquery detections
Suspicious - Suspicious Javascript code

Detections

urlquery
3
Network Intrusion Detection
0
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
api.ipify.org	3267	2014-01-05	2014-10-06	2024-04-25	532 B	267 B	104.26.13.205
i.ibb.co	13485	2010-07-20	2018-11-25	2024-04-26	1.4 kB	189 kB	162.19.58.157
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-04-26	934 B	64 kB	172.217.21.170
projecty2kbnsjhiu2yuy4pnbbnxjknhvbd.pages.dev	unknown	unknown	No data	No data	1.3 kB	51 kB	172.66.47.175

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-25	medium	projecty2kbnsjhiu2yuy4pnbbnxjknhvbd.pages.dev/	Office365
2024-04-25	medium	projecty2kbnsjhiu2yuy4pnbbnxjknhvbd.pages.dev/	Office365

PhishTank

Scan Date	Severity	Indicator	Alert
2024-04-07	medium	projecty2kbnsjhiu2yuy4pnbbnxjknhvbd.pages.dev/?user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/86.0.4240.75%20Safari/537.36	Other
2024-04-07	medium	projecty2kbnsjhiu2yuy4pnbbnxjknhvbd.pages.dev/favicon.ico	Other

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-26	medium	projecty2kbnsjhiu2yuy4pnbbnxjknhvbd.pages.dev	Sinkholed
2024-04-26	medium	projecty2kbnsjhiu2yuy4pnbbnxjknhvbd.pages.dev	Sinkholed

ThreatFox

No alerts detected

JavaScript (5)

	URL	Size	First Seen	Last Seen
	projecty2kbnsjhiu2yuy4pnbbnxjknhvbd.pages.dev/?user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/86.0.4240.75%20Safari/537.36	115 B	2024-04-06	2024-04-26
Pretty URL projecty2kbnsjhiu2yuy4pnbbnxjknhvbd.pages.dev/?user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/86.0.4240.75%20Safari/537.36 IP 172.66.47.175 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-06 23:12:47 Last Seen2024-04-26 16:58:57 Times Seen14 Hash a022923ba561bc84173b06ca1266a0ef 1074395a80f212d0ce117cc9472b51c4eb9d8083 bbefd223d97f722d704191fb59178b7e4cfb54a1d97ae2010340891ebf2424ec Loading...

	projecty2kbnsjhiu2yuy4pnbbnxjknhvbd.pages.dev/?user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/86.0.4240.75%20Safari/537.36	190 B	2023-03-10	2024-05-01
Pretty URL projecty2kbnsjhiu2yuy4pnbbnxjknhvbd.pages.dev/?user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/86.0.4240.75%20Safari/537.36 IP 172.66.47.175 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-10 19:32:40 Last Seen2024-05-01 14:58:49 Times Seen336 Hash 3021310d1ac3ec41922ce6922d6c57d2 25d479d536176ca6d2b96d14d94269eef66b2a95 dc5aff77c2cf89051a17f80e0abe75c81afa0f3e6d8bab84108bfffc5fb92bdc Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js	88 kB	2023-03-07	2024-05-08
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js IP 172.217.21.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-05-08 00:47:15 Times Seen97340 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	projecty2kbnsjhiu2yuy4pnbbnxjknhvbd.pages.dev/?user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/86.0.4240.75%20Safari/537.36	3.9 kB	2024-04-06	2024-04-26
Pretty URL projecty2kbnsjhiu2yuy4pnbbnxjknhvbd.pages.dev/?user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/86.0.4240.75%20Safari/537.36 IP 172.66.47.175 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-06 23:12:47 Last Seen2024-04-26 16:58:57 Times Seen14 Hash b04e5aca66020c9bc9ef0c73c39ee94a 137ddd6c51d0848b2ad6df8eb97e4ab659ffc3b7 0c273fc666c03b59e283dd02dc6f0a902bba26059566de1f91b9a822843448be Loading...

	projecty2kbnsjhiu2yuy4pnbbnxjknhvbd.pages.dev/?user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/86.0.4240.75%20Safari/537.36	2.2 kB	2024-04-06	2024-04-26
Pretty URL projecty2kbnsjhiu2yuy4pnbbnxjknhvbd.pages.dev/?user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/86.0.4240.75%20Safari/537.36 IP 172.66.47.175 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-06 23:12:47 Last Seen2024-04-26 16:58:57 Times Seen14 Hash 20392fcdf0cffb3dbc2611365250feed 4e2d86ee42de2680deddb25141beb5d3dd4ef3e2 ccf45aa9476182d89b4735d390cb5fbade33270ad3711a74e29270ddbe107dbf Loading...

HTTP Transactions (8)

URL IP Response Size

i.ibb.co/42sVSPG/b.png

162.19.58.157

200 OK

3.5 kB

URL GET HTTP/2
i.ibb.co/42sVSPG/b.png
IP
162.19.58.157:443
ASN
#16276 OVH SAS

Requested by
https://projecty2kbnsjhiu2yuy4pnbbnxjknhvbd.pages.dev/?user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/86.0.4240.75%20Safari/537.36
Certificate
IssuerLet's Encrypt
Subjectibb.co
Fingerprint0C:8B:6F:2F:B8:9F:91:1E:3A:DD:B1:1B:45:47:B4:65:FD:56:73:3D
ValidityMon, 22 Apr 2024 06:29:44 GMT - Sun, 21 Jul 2024 06:29:43 GMT

File type
PNG image data, 360 x 360, 4-bit colormap, non-interlaced
Size
3.5 kB (3524 bytes)
Hash
de9283eb67092f1ccce88ecffcbc67a5
86a84377c9345b9816f4bbc17af7c181e0bc1b23
b3913a9196807f7f9e5e5d8c0a1d5f2a8f5dde5b3c42a7b489657962819ae596

HTTP Headers

GET /42sVSPG/b.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://projecty2kbnsjhiu2yuy4pnbbnxjknhvbd.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 14:58:25 GMT
content-type: image/png
content-length: 3524
last-modified: Thu, 26 Oct 2023 23:17:53 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

172.217.21.170

200 OK

31 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP
172.217.21.170:443
ASN
#15169 GOOGLE

Requested by
https://projecty2kbnsjhiu2yuy4pnbbnxjknhvbd.pages.dev/?user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/86.0.4240.75%20Safari/537.36
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50
ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
31 kB (30774 bytes)
Hash
220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

HTTP Headers

GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://projecty2kbnsjhiu2yuy4pnbbnxjknhvbd.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 05:53:12 GMT
expires: Sat, 26 Apr 2025 05:53:12 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Mon, 13 May 2019 14:37:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 32713
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

projecty2kbnsjhiu2yuy4pnbbnxjknhvbd.pages.dev/?user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/86.0.4240.75%20Safari/537.36

172.66.47.175

200 OK

32 kB

URL User Request GET HTTP/2
projecty2kbnsjhiu2yuy4pnbbnxjknhvbd.pages.dev/?user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/86.0.4240.75%20Safari/537.36
IP
172.66.47.175:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectprojecty2kbnsjhiu2yuy4pnbbnxjknhvbd.pages.dev
Fingerprint33:13:E0:D9:BA:6C:44:89:9B:CD:06:09:5F:BE:4D:18:AF:C5:20:48
ValiditySat, 06 Apr 2024 12:15:14 GMT - Fri, 05 Jul 2024 12:15:13 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (3892), with CRLF line terminators
Size
32 kB (32484 bytes)
Hash
11be5979a6dbb097bba8a8ae0eccf68e
20a4648f493bb04244547d01066033d28c0ff0bb
7aec0f948db0275127731a0b6db4e1c0bb936f32a99ea4a9b49638f966edb163

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - Suspicious Javascript code
OpenPhish	phishing	Office365
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/86.0.4240.75%20Safari/537.36 HTTP/1.1
Host: projecty2kbnsjhiu2yuy4pnbbnxjknhvbd.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 14:58:25 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"9fc0133cd4099715b7a591d5db722544"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NUpCoW05iXgPbB0PHjKEJUBgreoIfNB4HuPpBCyV6xrrL%2BpLYjeoEAajuxR5nOVh2BOlMsTZpBCi1GTKsGf2BOeynyvOneCLqiFcN1sAWR8pBPYjqpVUpiDEFOOr9lkUG%2FzFwvT9BbZd%2FgA92h%2FWDfAGmqSmOlofoPX%2FbT6%2Bxiw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a76e4a289a56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

172.217.21.170

200 OK

31 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP
172.217.21.170:443
ASN
#15169 GOOGLE

Requested by
https://projecty2kbnsjhiu2yuy4pnbbnxjknhvbd.pages.dev/?user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/86.0.4240.75%20Safari/537.36
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50
ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
31 kB (30774 bytes)
Hash
220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

HTTP Headers

GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://projecty2kbnsjhiu2yuy4pnbbnxjknhvbd.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 05:53:12 GMT
expires: Sat, 26 Apr 2025 05:53:12 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Mon, 13 May 2019 14:37:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 32713
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

i.ibb.co/GkzpGyh/bg.jpg

162.19.58.157

200 OK

161 kB

URL GET HTTP/2
i.ibb.co/GkzpGyh/bg.jpg
IP
162.19.58.157:443
ASN
#16276 OVH SAS

Requested by
https://projecty2kbnsjhiu2yuy4pnbbnxjknhvbd.pages.dev/?user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/86.0.4240.75%20Safari/537.36
Certificate
IssuerLet's Encrypt
Subjectibb.co
Fingerprint0C:8B:6F:2F:B8:9F:91:1E:3A:DD:B1:1B:45:47:B4:65:FD:56:73:3D
ValidityMon, 22 Apr 2024 06:29:44 GMT - Sun, 21 Jul 2024 06:29:43 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=709, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=1200], baseline, precision 8, 1200x646, components 3
Size
161 kB (161114 bytes)
Hash
25dcc9fe53908dc5da260bc3d559f5fb
9e0c3c6b5ad1407d29f7e217da17adcb3ba779c4
cde17c3894eab1101c02f3fe7980a11a2ce80d4380513ca3443e766852f4df1e

HTTP Headers

GET /GkzpGyh/bg.jpg HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://projecty2kbnsjhiu2yuy4pnbbnxjknhvbd.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 14:58:25 GMT
content-type: image/jpeg
content-length: 161114
last-modified: Thu, 26 Oct 2023 23:17:54 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

api.ipify.org/?format=json

104.26.13.205

200 OK

21 B

URL GET HTTP/2
api.ipify.org/?format=json
IP
104.26.13.205:443
ASN
#13335 CLOUDFLARENET

Requested by
https://projecty2kbnsjhiu2yuy4pnbbnxjknhvbd.pages.dev/?user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/86.0.4240.75%20Safari/537.36
Certificate
IssuerGoogle Trust Services LLC
Subjectipify.org
FingerprintC8:1A:05:47:C5:73:C6:CE:DF:1D:A6:DE:00:11:A9:9A:8C:DB:EF:A7
ValidityThu, 21 Mar 2024 19:56:02 GMT - Wed, 19 Jun 2024 19:56:01 GMT

File type
JSON text data
Size
21 B (21 bytes)
Hash
7d69c71af0f191e9a72db6153f8018d1
f67c5f2887bc05654b47f76e9621e53a4091aed1
5bac6e06cf0e1ad38c55f9f9d12122272bf4b8157877629fe68cd33fe2133c65

HTTP Headers

GET /?format=json HTTP/1.1
Host: api.ipify.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://projecty2kbnsjhiu2yuy4pnbbnxjknhvbd.pages.dev/
Origin: https://projecty2kbnsjhiu2yuy4pnbbnxjknhvbd.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 14:58:25 GMT
content-type: application/json
content-length: 21
access-control-allow-origin: *
vary: Origin
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 87a76e4efa7856a8-OSL
X-Firefox-Spdy: h2

projecty2kbnsjhiu2yuy4pnbbnxjknhvbd.pages.dev/favicon.ico

172.66.47.175

200 OK

17 kB

URL GET HTTP/3
projecty2kbnsjhiu2yuy4pnbbnxjknhvbd.pages.dev/favicon.ico
IP
172.66.47.175:443
ASN
#13335 CLOUDFLARENET

Requested by
https://projecty2kbnsjhiu2yuy4pnbbnxjknhvbd.pages.dev/?user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/86.0.4240.75%20Safari/537.36
Certificate
IssuerGoogle Trust Services LLC
Subjectprojecty2kbnsjhiu2yuy4pnbbnxjknhvbd.pages.dev
Fingerprint33:13:E0:D9:BA:6C:44:89:9B:CD:06:09:5F:BE:4D:18:AF:C5:20:48
ValiditySat, 06 Apr 2024 12:15:14 GMT - Fri, 05 Jul 2024 12:15:13 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (3892), with CRLF line terminators
Size
17 kB (16843 bytes)
Hash
11be5979a6dbb097bba8a8ae0eccf68e
20a4648f493bb04244547d01066033d28c0ff0bb
7aec0f948db0275127731a0b6db4e1c0bb936f32a99ea4a9b49638f966edb163

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: projecty2kbnsjhiu2yuy4pnbbnxjknhvbd.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://projecty2kbnsjhiu2yuy4pnbbnxjknhvbd.pages.dev/?user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/86.0.4240.75%20Safari/537.36
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 14:58:25 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"9fc0133cd4099715b7a591d5db722544"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jrvHADYes%2FFKHePcHnIjzofl0ez2DDec887X8Iv1i4aojuNzIUNam8Cokoyq6o0T2CnKCRyJxKARHmWc1C0ltYy0KOtUPeeZiRdJBT0iQ9DOdQFuoppn7EiXr4K%2FTXH4UocTWUYsSc8QZHRigJgFfxfyb2iTbfuhaNc4U8W6V%2FQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a76e4eca0356c1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

i.ibb.co/n8173vc/a.png

162.19.58.157

200 OK

23 kB

URL GET HTTP/2
i.ibb.co/n8173vc/a.png
IP
162.19.58.157:443
ASN
#16276 OVH SAS

Requested by
https://projecty2kbnsjhiu2yuy4pnbbnxjknhvbd.pages.dev/?user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/86.0.4240.75%20Safari/537.36
Certificate
IssuerLet's Encrypt
Subjectibb.co
Fingerprint0C:8B:6F:2F:B8:9F:91:1E:3A:DD:B1:1B:45:47:B4:65:FD:56:73:3D
ValidityMon, 22 Apr 2024 06:29:44 GMT - Sun, 21 Jul 2024 06:29:43 GMT

File type
PNG image data, 211 x 205, 8-bit/color RGBA, non-interlaced
Size
23 kB (22977 bytes)
Hash
e49b2593c2a0258181d48032153b0504
e245304f36b1a36665b57cf3d6586e8d32e3a850
77c6120e01217e7c4b88dfcea9991c357dfbcea6efab9fdff29e03f465dcdcb4

HTTP Headers

GET /n8173vc/a.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://projecty2kbnsjhiu2yuy4pnbbnxjknhvbd.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 14:58:25 GMT
content-type: image/png
content-length: 22977
last-modified: Thu, 26 Oct 2023 23:17:53 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (8)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers