Report - secure-login-keeslerfuc.pages.dev/robots.txt

Report Overview

Submitted URL
secure-login-keeslerfuc.pages.dev/robots.txt
IP
172.66.47.129
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-10 07:07:35
Access
public
Website Title
Keesler Federal
Final URL
secure-login-keeslerfuc.pages.dev/robots.txt
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
28

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
secure-login-keeslerfuc.pages.dev	unknown	2020-09-02	2024-03-10	2024-04-13	6.8 kB	637 kB	172.66.47.129
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-10	551 B	17 kB	216.58.207.227

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-10	medium	secure-login-keeslerfuc.pages.dev	Sinkholed
2024-05-10	medium	secure-login-keeslerfuc.pages.dev	Sinkholed
2024-05-10	medium	secure-login-keeslerfuc.pages.dev	Sinkholed
2024-05-10	medium	secure-login-keeslerfuc.pages.dev	Sinkholed
2024-05-10	medium	secure-login-keeslerfuc.pages.dev	Sinkholed
2024-05-10	medium	secure-login-keeslerfuc.pages.dev	Sinkholed
2024-05-10	medium	secure-login-keeslerfuc.pages.dev	Sinkholed
2024-05-10	medium	secure-login-keeslerfuc.pages.dev	Sinkholed
2024-05-10	medium	secure-login-keeslerfuc.pages.dev	Sinkholed
2024-05-10	medium	secure-login-keeslerfuc.pages.dev	Sinkholed
2024-05-10	medium	secure-login-keeslerfuc.pages.dev	Sinkholed
2024-05-10	medium	secure-login-keeslerfuc.pages.dev	Sinkholed
2024-05-10	medium	secure-login-keeslerfuc.pages.dev	Sinkholed
2024-05-10	medium	secure-login-keeslerfuc.pages.dev	Sinkholed

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (15)

URL IP Response Size

secure-login-keeslerfuc.pages.dev/Isotope/Images/google-play-badge.svg

172.66.47.129

46 kB

URL
secure-login-keeslerfuc.pages.dev/Isotope/Images/google-play-badge.svg
IP
172.66.47.129:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, Unicode text, UTF-8 text, with very long lines (6171), with CRLF line terminators
Size
46 kB (46524 bytes)
Hash
3c6f9fd04627e773144da19569b7af05
e617ecbaadc9aa2d759a14c6ffd47382744df01d
ccf7eb068fa86d7819ac1e091e1ae40a6822ad3888da9bf639534a0f57cc4467

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /Isotope/Images/google-play-badge.svg HTTP/1.1
Host: secure-login-keeslerfuc.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://secure-login-keeslerfuc.pages.dev/robots.txt
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 07:07:10 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"10eec588f43dcdb5e918762d18eefadd"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B39IEYDBuqY%2FHaVAvpmq%2B0buX7eKMzbQ%2FKAmVvAxjklFk%2Fmal95%2B7gGjzE03gJiZ6YRy%2BH02%2B9cdONfb%2Fou2hB0KlR%2BAF8MoH4iGH4zGmlP42%2BISxVJW3Cmo7hZIseXxdJ4aCyvauq0W8PbJf6CN2kcsa%2Fs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881817402c920b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

secure-login-keeslerfuc.pages.dev/MobileLogo.png

172.66.47.129

200 OK

35 kB

URL GET HTTP/3
secure-login-keeslerfuc.pages.dev/MobileLogo.png
IP
172.66.47.129:443
ASN
#13335 CLOUDFLARENET

Requested by
https://secure-login-keeslerfuc.pages.dev/robots.txt
Certificate
IssuerLet's Encrypt
Subjectsecure-login-keeslerfuc.pages.dev
Fingerprint2D:3A:7C:FB:45:5F:39:39:AE:24:D0:3A:72:B2:7E:FF:8E:F7:B9:D0
ValidityWed, 08 May 2024 15:39:07 GMT - Tue, 06 Aug 2024 15:39:06 GMT

File type
PNG image data, 945 x 345, 8-bit/color RGBA, non-interlaced
Size
35 kB (34846 bytes)
Hash
67277511e17ba0c06c0ccbde73a57e6e
98fd2d653ced9bcd26b1c045ca0eb74b4fe09c00
0bb7e66ec13cdc10cf254866c9aa07fa02a1deacd01a63a92802718df2d25bd0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /MobileLogo.png HTTP/1.1
Host: secure-login-keeslerfuc.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://secure-login-keeslerfuc.pages.dev/isotope.min.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 07:07:11 GMT
content-type: image/png
content-length: 34846
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "70fa92d3ab73cd8e6776002eef95760f"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5zleRQCfqKOwXy3syOM1MQM2ZPMUjAapvk7%2BFHLDKsr43NHekXdKTSqCX0AUcb59BKg8DwQTw%2F7pux%2BYXkEjcy2raMdO6ULq%2FBxEFDBxyIy1pUKbwhp1vc4fBwY%2FX4QXVgzWCPHvQf0dTky0eJQiNEvoYTU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881817416e550b41-OSL
alt-svc: h3=":443"; ma=86400

secure-login-keeslerfuc.pages.dev/css/iris-foundation.min1.css

172.66.47.129

200 OK

23 kB

URL GET HTTP/3
secure-login-keeslerfuc.pages.dev/css/iris-foundation.min1.css
IP
172.66.47.129:443
ASN
#13335 CLOUDFLARENET

Requested by
https://secure-login-keeslerfuc.pages.dev/robots.txt
Certificate
IssuerLet's Encrypt
Subjectsecure-login-keeslerfuc.pages.dev
Fingerprint2D:3A:7C:FB:45:5F:39:39:AE:24:D0:3A:72:B2:7E:FF:8E:F7:B9:D0
ValidityWed, 08 May 2024 15:39:07 GMT - Tue, 06 Aug 2024 15:39:06 GMT

File type
ASCII text, with very long lines (50964)
Size
23 kB (22791 bytes)
Hash
0160c354e11f9e1f2ffcd720f880dc2e
7c3b5681a9483a0f37110476e04375e7e88d8fcc
037e5f8a4d2ef765d97f6c14e087cab4f8f27a1ac2a6a7584793b1a76a08fb8f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/iris-foundation.min1.css HTTP/1.1
Host: secure-login-keeslerfuc.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://secure-login-keeslerfuc.pages.dev/robots.txt
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 07:07:10 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"3381a46cd5614c6fc0907e933c2d8e1a"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1zY8ZeCxVkAVschgtEfaUrbJkhl5w91c2GLg0Yvo6isf%2Fh9Jrf8u1J3VTlAYm4C0dqqRfFGB7nA3CiAlq4A8DgTJ%2Bxzp%2FcvAJrOpEKlhWflCiBosa4xm8pYt1yNBxN3mZmfiiBFoOirm%2F4aBF0m7ZqHFq1A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881817401c830b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

secure-login-keeslerfuc.pages.dev/css/theme.mobile.min.css

172.66.47.129

200 OK

29 kB

URL GET HTTP/3
secure-login-keeslerfuc.pages.dev/css/theme.mobile.min.css
IP
172.66.47.129:443
ASN
#13335 CLOUDFLARENET

Requested by
https://secure-login-keeslerfuc.pages.dev/robots.txt
Certificate
IssuerLet's Encrypt
Subjectsecure-login-keeslerfuc.pages.dev
Fingerprint2D:3A:7C:FB:45:5F:39:39:AE:24:D0:3A:72:B2:7E:FF:8E:F7:B9:D0
ValidityWed, 08 May 2024 15:39:07 GMT - Tue, 06 Aug 2024 15:39:06 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
29 kB (29349 bytes)
Hash
c8821e4017de2c0400a7f724976edbc5
53cdc80ffff4f7a9141695ef3b3315934c58e7ad
e68a4eec77e984e73b04c021c1296f12def2d00262265f37a5f2e20a44878582

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/theme.mobile.min.css HTTP/1.1
Host: secure-login-keeslerfuc.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://secure-login-keeslerfuc.pages.dev/robots.txt
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 07:07:10 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"b53e42364edae65eaf6d408f926a61ac"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KjeM7qNMVd0kwXmQ7bImcqlo5GjwRHIgJfSRUvccv45MOgQYYumpB9ClxNEcKeKnE%2FyYblDtsSf9AUm5gqF9o3cFo7ads9imE%2FZVe8IvFtn4AtIBZw%2FkDl34ICpcBBaq0IZ05pqAvsgzafApxU%2BBGSBUJ3E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881817401c7d0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

secure-login-keeslerfuc.pages.dev/css/jquery-ui.min.css

172.66.47.129

19 kB

URL
secure-login-keeslerfuc.pages.dev/css/jquery-ui.min.css
IP
172.66.47.129:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (29486)
Size
19 kB (18833 bytes)
Hash
0ba6b64b2cc5a2e2a1f0866d8e4f141f
575fc9181fbacd2bdd8953554171c89dc57d4e20
5bed9d2f4811025c2bde2c4747db5f3cacc9e4547ea594a0468b1e4f00965df9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/jquery-ui.min.css HTTP/1.1
Host: secure-login-keeslerfuc.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://secure-login-keeslerfuc.pages.dev/robots.txt
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 07:07:10 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"6e5f9fa17f963977d636f6fe28e0545e"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tJOaHk6Ak%2FuZmgzjzdI6baAzaCdqvXHQzHA9a1t%2FvfSYomrAG2t0NQs4kDnmn%2FqveaqXFatmpYpXOJcB9ZzZks3UmiOQwn4KEZjiuX3kbBuOicy1NRWaeQrGoYNBM5sv3pEZYOid0pwAdJGTKc6uwuFjsF0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881817400c6c0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

secure-login-keeslerfuc.pages.dev/css/base.min.css

172.66.47.129

200 OK

2.2 kB

URL GET HTTP/3
secure-login-keeslerfuc.pages.dev/css/base.min.css
IP
172.66.47.129:443
ASN
#13335 CLOUDFLARENET

Requested by
https://secure-login-keeslerfuc.pages.dev/robots.txt
Certificate
IssuerLet's Encrypt
Subjectsecure-login-keeslerfuc.pages.dev
Fingerprint2D:3A:7C:FB:45:5F:39:39:AE:24:D0:3A:72:B2:7E:FF:8E:F7:B9:D0
ValidityWed, 08 May 2024 15:39:07 GMT - Tue, 06 Aug 2024 15:39:06 GMT

File type
ASCII text, with very long lines (2259), with no line terminators
Size
2.2 kB (2247 bytes)
Hash
99b7f8952d3577bc6963d97c37e3f773
25c02ba04444c137c84644e48ef91eec673fec4b
ec94cbaaf42c4b4420ab287fdbca16345adec2d9ee4f380c6355d4dc9621797e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/base.min.css HTTP/1.1
Host: secure-login-keeslerfuc.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://secure-login-keeslerfuc.pages.dev/robots.txt
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 07:07:10 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"fd88b89d36d594e84ca0e637c74283a7"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SFdwgQn622VhChqc8KcLEWEj8yI1cj9slVEPPZwvAvU6Ww%2FmEf0V9kRJwhyUZS6KF3q4cK%2BO0hDhP5Ier757hT5seKYZUERryChZzpQFkPRUkjRMEX%2FzfmUOsLTAR6W%2BvvIHqHpa1rFOa%2Bm6sx7cwxAJojI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881817400c6e0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

secure-login-keeslerfuc.pages.dev/css/iris-components.min.css

172.66.47.129

200 OK

192 kB

URL GET HTTP/3
secure-login-keeslerfuc.pages.dev/css/iris-components.min.css
IP
172.66.47.129:443
ASN
#13335 CLOUDFLARENET

Requested by
https://secure-login-keeslerfuc.pages.dev/robots.txt
Certificate
IssuerLet's Encrypt
Subjectsecure-login-keeslerfuc.pages.dev
Fingerprint2D:3A:7C:FB:45:5F:39:39:AE:24:D0:3A:72:B2:7E:FF:8E:F7:B9:D0
ValidityWed, 08 May 2024 15:39:07 GMT - Tue, 06 Aug 2024 15:39:06 GMT

File type
ASCII text, with very long lines (65309)
Size
192 kB (191750 bytes)
Hash
3f422952c888b7d59b49fa322dff0b45
e0f6c5e1ae3834a01aa40d33d17ec3f4e46e7e78
85392c1de142face2c43f99a314465b26754b0c3b84a66c744802e4268fee931

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/iris-components.min.css HTTP/1.1
Host: secure-login-keeslerfuc.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://secure-login-keeslerfuc.pages.dev/robots.txt
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 07:07:10 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"c98a8914a0ed5385367565f4a0fa73fc"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WTHSj%2BAX7u6ccgNDRZWfiFtDIvfB72uv47GHZjrxuOpmTmQmuu4xA45DodHEHNNLdkOVoE0PgZwlmqWHDfNOF4XeuENUcTAhSJV8osWzsaaT4CpHk7Pc7w030vU%2FxEiampzElmMyC4C1iQcIk9yRzv8JcyI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881817401c860b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

secure-login-keeslerfuc.pages.dev/Alkami.woff2

172.66.47.129

200 OK

42 kB

URL GET HTTP/3
secure-login-keeslerfuc.pages.dev/Alkami.woff2
IP
172.66.47.129:443
ASN
#13335 CLOUDFLARENET

Requested by
https://secure-login-keeslerfuc.pages.dev/robots.txt
Certificate
IssuerLet's Encrypt
Subjectsecure-login-keeslerfuc.pages.dev
Fingerprint2D:3A:7C:FB:45:5F:39:39:AE:24:D0:3A:72:B2:7E:FF:8E:F7:B9:D0
ValidityWed, 08 May 2024 15:39:07 GMT - Tue, 06 Aug 2024 15:39:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 41960, version 1.0
Size
42 kB (41960 bytes)
Hash
52cad9764bad2f9d90208c91a7c5e847
6179e764e760b16d8b8ac30b9251ce2311b83dd1
4e2bcd3f2e35e841bece706f0426cc746ac77cfd2148ea365ce05eebd5124a45

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /Alkami.woff2 HTTP/1.1
Host: secure-login-keeslerfuc.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://secure-login-keeslerfuc.pages.dev/css/font-icons.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 07:07:10 GMT
content-length: 41960
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "5783a176049ca972e916d2afb31f85dd"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iVzy9TyMvrlm0VWDgPi5kYg4Q4ishRS0BxAF33aWuSzLcnJWL%2BCDrDgWkNQkLulAYasFiCvEbnDPPR3oUC16x%2BfMeo2gZb8w270XzEKeqxVYxWRlxEkYeRnIv3UIrxxXi75F8T%2F5KGxN%2BvnRZZ1LeAkE4Co%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881817416e6b0b41-OSL
alt-svc: h3=":443"; ma=86400

secure-login-keeslerfuc.pages.dev/css/font-icons.css

172.66.47.129

200 OK

116 kB

URL GET HTTP/3
secure-login-keeslerfuc.pages.dev/css/font-icons.css
IP
172.66.47.129:443
ASN
#13335 CLOUDFLARENET

Requested by
https://secure-login-keeslerfuc.pages.dev/robots.txt
Certificate
IssuerLet's Encrypt
Subjectsecure-login-keeslerfuc.pages.dev
Fingerprint2D:3A:7C:FB:45:5F:39:39:AE:24:D0:3A:72:B2:7E:FF:8E:F7:B9:D0
ValidityWed, 08 May 2024 15:39:07 GMT - Tue, 06 Aug 2024 15:39:06 GMT

File type
ASCII text
Size
116 kB (116136 bytes)
Hash
1a5d68c1034b27069a47f79e90c35775
b05f852596b06fc19de48adff0cd977f0324c5d0
b732cce907baa80850c8857d858358284883f9ea9b7239fc6a5ed6e7eaa9b5b1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/font-icons.css HTTP/1.1
Host: secure-login-keeslerfuc.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://secure-login-keeslerfuc.pages.dev/robots.txt
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 07:07:10 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"d8b2af67a6988296423039e29e7fb2e5"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L1sNGw%2BQWYGZrUmya%2FUdV7nUmx%2F0nifcYPgjxlRy9ox7N%2FsE3SW9hVtwRPbAfJX53ozKqEimZbiZyP%2BIzoXwkKd0EUw1b9cFhbFVXvIFOVzQvPNYaKSXCgo0mJp86x33P0NR9%2BAlNyrdNZqGyXPioLNYdcs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881817400c610b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

secure-login-keeslerfuc.pages.dev/css/iris.shim.mobile.min.css

172.66.47.129

200 OK

611 B

URL GET HTTP/3
secure-login-keeslerfuc.pages.dev/css/iris.shim.mobile.min.css
IP
172.66.47.129:443
ASN
#13335 CLOUDFLARENET

Requested by
https://secure-login-keeslerfuc.pages.dev/robots.txt
Certificate
IssuerLet's Encrypt
Subjectsecure-login-keeslerfuc.pages.dev
Fingerprint2D:3A:7C:FB:45:5F:39:39:AE:24:D0:3A:72:B2:7E:FF:8E:F7:B9:D0
ValidityWed, 08 May 2024 15:39:07 GMT - Tue, 06 Aug 2024 15:39:06 GMT

File type
ASCII text, with very long lines (613), with no line terminators
Size
611 B (611 bytes)
Hash
0e58ec0e8dff4b14baa0cdfee69a5a37
752c8f2412e2e397003e2117f47110b42e79dc0c
a60ad08630920bff4df80d55f830968648a6847632d21e98c2024c25b2a76355

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/iris.shim.mobile.min.css HTTP/1.1
Host: secure-login-keeslerfuc.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://secure-login-keeslerfuc.pages.dev/robots.txt
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 07:07:10 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"5ce5269d454ada57aaf907d09110fd78"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7dE%2F5rqXxRgmZEboHi1ErnpEsfmirXJmw6TCGCfAJz84UoUbHwaZdav5v2N37IgYETPDPlWTIEWwkrP0R3qFsU3c%2FBji0LvSKHIcc67e3OZzPhQKNX9nHyLIu1OLwQtbRVIUcTdTG0jSMzKPOqMgEXMtDfk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881817400c700b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

secure-login-keeslerfuc.pages.dev/css/iris.android.min.css

172.66.47.129

200 OK

98 kB

URL GET HTTP/3
secure-login-keeslerfuc.pages.dev/css/iris.android.min.css
IP
172.66.47.129:443
ASN
#13335 CLOUDFLARENET

Requested by
https://secure-login-keeslerfuc.pages.dev/robots.txt
Certificate
IssuerLet's Encrypt
Subjectsecure-login-keeslerfuc.pages.dev
Fingerprint2D:3A:7C:FB:45:5F:39:39:AE:24:D0:3A:72:B2:7E:FF:8E:F7:B9:D0
ValidityWed, 08 May 2024 15:39:07 GMT - Tue, 06 Aug 2024 15:39:06 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
98 kB (98295 bytes)
Hash
be81b5e26048fc742fb16310834da4ad
03112d4ed94d9ee41cf5012c1f594fb4f8b5c1c8
65c12121b00f8425f4bd66383649d717e0b381b0336eaf39c732e6d5bb1109e5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/iris.android.min.css HTTP/1.1
Host: secure-login-keeslerfuc.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://secure-login-keeslerfuc.pages.dev/robots.txt
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 07:07:10 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"9dcbf1b9640084e0724ad5e25164d442"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gAvqYXbWVhAkURgwRguRQrvId5ZZVI5ahOqrp67qcwEnCeWbLoTxmZRtu%2B9zHD%2F9Il8idT94uDAnEFAC%2F1kBYK4TCYIaXiBVB1RwjVIgiB6FKQpTm%2B13BupLIMdO2f6NVxo%2FT4knYbv7IOoTJALj6obHMB4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881817400c740b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

secure-login-keeslerfuc.pages.dev/css/iris-components.shim.mobile.min.css

172.66.47.129

200 OK

915 B

URL GET HTTP/3
secure-login-keeslerfuc.pages.dev/css/iris-components.shim.mobile.min.css
IP
172.66.47.129:443
ASN
#13335 CLOUDFLARENET

Requested by
https://secure-login-keeslerfuc.pages.dev/robots.txt
Certificate
IssuerLet's Encrypt
Subjectsecure-login-keeslerfuc.pages.dev
Fingerprint2D:3A:7C:FB:45:5F:39:39:AE:24:D0:3A:72:B2:7E:FF:8E:F7:B9:D0
ValidityWed, 08 May 2024 15:39:07 GMT - Tue, 06 Aug 2024 15:39:06 GMT

File type
ASCII text, with very long lines (931), with no line terminators
Size
915 B (915 bytes)
Hash
59daef41571d265bc29745ff757acb5e
76b12c0fc5908789f3bb3d8d2f4f8aecd44c41e8
e026358143803e91822b7951086298c7250db05ab90b6cea0a84df537a50e132

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/iris-components.shim.mobile.min.css HTTP/1.1
Host: secure-login-keeslerfuc.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://secure-login-keeslerfuc.pages.dev/robots.txt
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 07:07:10 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"cb8dcecaf349a854f35f350196a1bcc5"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vdTpqL8Y2MBtesbGauqocljCGbF45DpN29zvaJwfe3SHkl9YwOhVgZ0ulD5Eozx%2FE%2Fmfqa872xR3V%2BuC1qKKBLJs7aZjHwrhmhROsZwskPe2DQyZnOZ1c9oy187ONdUxql2zlVCB8U4ZrN9Ai0jsbAFeKPo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881817401c7e0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

secure-login-keeslerfuc.pages.dev/isotope.min.css

172.66.47.129

200 OK

15 kB

URL GET HTTP/3
secure-login-keeslerfuc.pages.dev/isotope.min.css
IP
172.66.47.129:443
ASN
#13335 CLOUDFLARENET

Requested by
https://secure-login-keeslerfuc.pages.dev/robots.txt
Certificate
IssuerLet's Encrypt
Subjectsecure-login-keeslerfuc.pages.dev
Fingerprint2D:3A:7C:FB:45:5F:39:39:AE:24:D0:3A:72:B2:7E:FF:8E:F7:B9:D0
ValidityWed, 08 May 2024 15:39:07 GMT - Tue, 06 Aug 2024 15:39:06 GMT

File type
ASCII text, with very long lines (5626)
Size
15 kB (14601 bytes)
Hash
709d01e56ec1c87ebac53ddc1a294eeb
e4049e62eecd6b499a4d12a2965aa68d016c3e50
8a46fcf51f11418130adafc88cf7833f90f9d1e5cb000cf9d7554ecf463978f6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /isotope.min.css HTTP/1.1
Host: secure-login-keeslerfuc.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://secure-login-keeslerfuc.pages.dev/robots.txt
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 07:07:10 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"552897eb38e845c5b43f5a6b90e3d242"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6z2MZxcD8gRTgZmsWK36qS%2Fpyw9O%2FZRcZfDgFSssYxOYKQJLrscS3YwjNDjh%2FVLJSDUCs0zgHy8PX%2FDolpqFhOri4834QdqqzD9yqqSji5pFPP%2FIun4sbDWlbtInzfuAXyE1ew5msVtO1%2BZcaNQ2nipbBME%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881817401c870b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

secure-login-keeslerfuc.pages.dev/favicon.ico

172.66.47.129

200 OK

7.4 kB

URL GET HTTP/3
secure-login-keeslerfuc.pages.dev/favicon.ico
IP
172.66.47.129:443
ASN
#13335 CLOUDFLARENET

Requested by
https://secure-login-keeslerfuc.pages.dev/robots.txt
Certificate
IssuerLet's Encrypt
Subjectsecure-login-keeslerfuc.pages.dev
Fingerprint2D:3A:7C:FB:45:5F:39:39:AE:24:D0:3A:72:B2:7E:FF:8E:F7:B9:D0
ValidityWed, 08 May 2024 15:39:07 GMT - Tue, 06 Aug 2024 15:39:06 GMT

File type
MS Windows icon resource - 3 icons, 48x48, 8 bits/pixel, 32x32, 8 bits/pixel
Size
7.4 kB (7406 bytes)
Hash
681d7c17deb6699aaaf8527958220836
7c5e1743d23805882eb3ea385086169d3c9b26a8
de1f10007a2f218cc207c1a1d35a33baec9b5899f816d689dcdaf38df868c235

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: secure-login-keeslerfuc.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://secure-login-keeslerfuc.pages.dev/robots.txt
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 07:07:10 GMT
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"0b43f0111e884e45b6f22576f3357d05"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6JAnptT%2BxO4JbgBtJ3VACJhQyMu9PyUAXMKCHCHIAca0f2R%2BPWUZ2Wr1wfXZ7mn3p7ITZkE8%2B%2FXu4TgyMeZKNEhR4pWZlsYu9tUj9eJTc6oq5oLuVUqwkiiB9hRL%2Fv634%2BzR2Ybk1i9gooo5fwL3fk3XvJY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88181740dd940b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://secure-login-keeslerfuc.pages.dev/robots.txt
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://secure-login-keeslerfuc.pages.dev/
Origin: https://secure-login-keeslerfuc.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 09:28:37 GMT
expires: Sun, 04 May 2025 09:28:37 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 509914
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (15)

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size