Report - gsczmg5rmfxpiq.pages.dev/

Report Overview

Submitted URL
gsczmg5rmfxpiq.pages.dev/
IP
188.114.97.1
ASN
#13335 CLOUDFLARENET
Submitted
2024-03-29 05:12:00
Access
public
Website Title
コンピューターエラー02V7HGTVB
Final URL
gsczmg5rmfxpiq.pages.dev/smart89/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
140

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
gsczmg5rmfxpiq.pages.dev	unknown	unknown	No data	No data	17 kB	23 MB	188.114.96.1
ocsp.usertrust.com	899	1997-12-05	2012-05-21	2024-03-28	330 B	822 B	104.18.38.233
ipwho.is	unknown	2022-01-29	2020-06-08	2024-03-28	438 B	926 B	195.201.57.90
userstatics.com	unknown	2020-11-05	2020-11-06	2024-03-28	465 B	826 B	0.0.0.0

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-03-28	medium	gsczmg5rmfxpiq.pages.dev/	Office365
2024-03-28	medium	gsczmg5rmfxpiq.pages.dev/	Office365
2024-03-28	medium	gsczmg5rmfxpiq.pages.dev/	Office365
2024-03-28	medium	gsczmg5rmfxpiq.pages.dev/	Office365
2024-03-28	medium	gsczmg5rmfxpiq.pages.dev/	Office365
2024-03-28	medium	gsczmg5rmfxpiq.pages.dev/	Office365
2024-03-28	medium	gsczmg5rmfxpiq.pages.dev/	Office365
2024-03-28	medium	gsczmg5rmfxpiq.pages.dev/	Office365
2024-03-28	medium	gsczmg5rmfxpiq.pages.dev/	Office365
2024-03-28	medium	gsczmg5rmfxpiq.pages.dev/	Office365
2024-03-28	medium	gsczmg5rmfxpiq.pages.dev/	Office365
2024-03-28	medium	gsczmg5rmfxpiq.pages.dev/	Office365
2024-03-28	medium	gsczmg5rmfxpiq.pages.dev/	Office365
2024-03-28	medium	gsczmg5rmfxpiq.pages.dev/	Office365
2024-03-28	medium	gsczmg5rmfxpiq.pages.dev/	Office365
2024-03-28	medium	gsczmg5rmfxpiq.pages.dev/	Office365
2024-03-28	medium	gsczmg5rmfxpiq.pages.dev/	Office365
2024-03-28	medium	gsczmg5rmfxpiq.pages.dev/	Office365
2024-03-28	medium	gsczmg5rmfxpiq.pages.dev/	Office365
2024-03-28	medium	gsczmg5rmfxpiq.pages.dev/	Office365
2024-03-28	medium	gsczmg5rmfxpiq.pages.dev/	Office365
2024-03-28	medium	gsczmg5rmfxpiq.pages.dev/	Office365
2024-03-28	medium	gsczmg5rmfxpiq.pages.dev/	Office365
2024-03-28	medium	gsczmg5rmfxpiq.pages.dev/	Office365
2024-03-28	medium	gsczmg5rmfxpiq.pages.dev/	Office365
2024-03-28	medium	gsczmg5rmfxpiq.pages.dev/	Office365
2024-03-28	medium	gsczmg5rmfxpiq.pages.dev/	Office365
2024-03-28	medium	gsczmg5rmfxpiq.pages.dev/	Office365
2024-03-28	medium	gsczmg5rmfxpiq.pages.dev/	Office365
2024-03-28	medium	gsczmg5rmfxpiq.pages.dev/	Office365
2024-03-28	medium	gsczmg5rmfxpiq.pages.dev/	Office365
2024-03-28	medium	gsczmg5rmfxpiq.pages.dev/	Office365
2024-03-28	medium	gsczmg5rmfxpiq.pages.dev/	Office365
2024-03-28	medium	gsczmg5rmfxpiq.pages.dev/	Office365
2024-03-28	medium	gsczmg5rmfxpiq.pages.dev/	Office365

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-03-29	medium	gsczmg5rmfxpiq.pages.dev	Sinkholed
2024-03-29	medium	gsczmg5rmfxpiq.pages.dev	Sinkholed
2024-03-29	medium	gsczmg5rmfxpiq.pages.dev	Sinkholed
2024-03-29	medium	gsczmg5rmfxpiq.pages.dev	Sinkholed
2024-03-29	medium	gsczmg5rmfxpiq.pages.dev	Sinkholed
2024-03-29	medium	gsczmg5rmfxpiq.pages.dev	Sinkholed
2024-03-29	medium	gsczmg5rmfxpiq.pages.dev	Sinkholed
2024-03-29	medium	gsczmg5rmfxpiq.pages.dev	Sinkholed
2024-03-29	medium	gsczmg5rmfxpiq.pages.dev	Sinkholed
2024-03-29	medium	gsczmg5rmfxpiq.pages.dev	Sinkholed
2024-03-29	medium	gsczmg5rmfxpiq.pages.dev	Sinkholed
2024-03-29	medium	gsczmg5rmfxpiq.pages.dev	Sinkholed
2024-03-29	medium	gsczmg5rmfxpiq.pages.dev	Sinkholed
2024-03-29	medium	gsczmg5rmfxpiq.pages.dev	Sinkholed
2024-03-29	medium	gsczmg5rmfxpiq.pages.dev	Sinkholed
2024-03-29	medium	gsczmg5rmfxpiq.pages.dev	Sinkholed
2024-03-29	medium	gsczmg5rmfxpiq.pages.dev	Sinkholed
2024-03-29	medium	gsczmg5rmfxpiq.pages.dev	Sinkholed
2024-03-29	medium	gsczmg5rmfxpiq.pages.dev	Sinkholed
2024-03-29	medium	gsczmg5rmfxpiq.pages.dev	Sinkholed
2024-03-29	medium	gsczmg5rmfxpiq.pages.dev	Sinkholed
2024-03-29	medium	gsczmg5rmfxpiq.pages.dev	Sinkholed
2024-03-29	medium	gsczmg5rmfxpiq.pages.dev	Sinkholed
2024-03-29	medium	gsczmg5rmfxpiq.pages.dev	Sinkholed
2024-03-29	medium	gsczmg5rmfxpiq.pages.dev	Sinkholed
2024-03-29	medium	gsczmg5rmfxpiq.pages.dev	Sinkholed
2024-03-29	medium	gsczmg5rmfxpiq.pages.dev	Sinkholed
2024-03-29	medium	gsczmg5rmfxpiq.pages.dev	Sinkholed
2024-03-29	medium	gsczmg5rmfxpiq.pages.dev	Sinkholed
2024-03-29	medium	gsczmg5rmfxpiq.pages.dev	Sinkholed
2024-03-29	medium	gsczmg5rmfxpiq.pages.dev	Sinkholed
2024-03-29	medium	gsczmg5rmfxpiq.pages.dev	Sinkholed
2024-03-29	medium	gsczmg5rmfxpiq.pages.dev	Sinkholed
2024-03-29	medium	gsczmg5rmfxpiq.pages.dev	Sinkholed
2024-03-29	medium	gsczmg5rmfxpiq.pages.dev	Sinkholed

ThreatFox

No alerts detected

JavaScript (39)

	URL	Size	First Seen	Last Seen
	gsczmg5rmfxpiq.pages.dev/smart89/js/TFaWvDMBLZK.js	483 B	2023-03-07	2024-04-27
Pretty URL gsczmg5rmfxpiq.pages.dev/smart89/js/TFaWvDMBLZK.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:59 Last Seen2024-04-27 07:21:12 Times Seen359 Hash 1254046725b03e59683adbe0fde59733 68c8cdda387b198b7f28bffe39868b476654ddae 0497656a00a2f66cfd258237bfcb20ac0367bd2bbd90a01de0466e18a56a28b4 Loading...

	gsczmg5rmfxpiq.pages.dev/smart89/js/ZjJXqXplKtMI.js	2.0 kB	2024-03-09	2024-04-27
Pretty URL gsczmg5rmfxpiq.pages.dev/smart89/js/ZjJXqXplKtMI.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-09 06:25:26 Last Seen2024-04-27 07:21:13 Times Seen129 Hash df6df522989a837cdbe283b7bd655ffd 0755334588e6c7b9ab2390d6f36663557401eeda a16315d3cd6dc6a370ca065db4a1ad4c12822cd84c652133bd6123cb9750d019 Loading...

	unknown	524 kB	2024-03-15	2024-04-14
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-15 16:41:40 Last Seen2024-04-14 07:53:50 Times Seen5 Hash 01807559ec14f8624c35d88d5a094958 1a1e677361ab2b68df6f03572dd76258dc86a970 bb22b9224b03ace3542e5cb8c9a197e6e2651cdd3dd7805c9329294d38438a3d Loading...

	unknown	524 kB	2024-03-15	2024-04-14
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-15 16:41:40 Last Seen2024-04-14 07:53:49 Times Seen5 Hash e03958ccc8f85e082d5429b966615b8f 6e034a9d7fd72b4fa0cae2e8cc71477ed92f322e 2fbabb834db56ce5dbff718a30b28b3b55760d287c17bfae2f6efd1c3178c99d Loading...

	unknown	524 kB	2024-03-15	2024-04-14
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-15 16:41:44 Last Seen2024-04-14 07:53:50 Times Seen5 Hash 1f9973321e5043bc91479ad0d9ebb933 5810facda141ddb7e4534fb2b59935bacd0c08c8 cc4e462942ed028f09db7ef399a40d394dd0e6809337ff87a819df492cbb0da0 Loading...

	unknown	523 kB	2024-03-15	2024-04-14
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-15 16:41:39 Last Seen2024-04-14 07:53:49 Times Seen4 Hash 7c81a177257e125e19048915ae5bf968 8667c4a861aa28ba95398790a9b4133722434568 e5c26b4cba9101f8cae216032c26df0efe82e4eb8f93dc7390bb767c485ff39f Loading...

	unknown	524 kB	2024-03-15	2024-04-14
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-15 16:41:38 Last Seen2024-04-14 07:53:50 Times Seen5 Hash f1e9e86053d478e59a97c074cc8a5028 6ed9fd9cdec5bcb024bf6e3be396080d307fbf02 5843e7414cb7fc1b610d157e9a625f1e38db40cdc63f128766856bae0901ac83 Loading...

	gsczmg5rmfxpiq.pages.dev/smart89/js/GBrRreEdVgBn.js	2.1 kB	2023-09-18	2024-04-27
Pretty URL gsczmg5rmfxpiq.pages.dev/smart89/js/GBrRreEdVgBn.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-18 07:32:11 Last Seen2024-04-27 07:33:16 Times Seen421 Hash 2dcb8bbd4be0845b6eba41578137ef61 5c71a26c9c3cc73b15a888dbddbbe6ceb2189984 f84bea5397057e0ab07efc0dd7f7b674783df7234276dc010bb88fb84ddfd4a1 Loading...

	gsczmg5rmfxpiq.pages.dev/smart89/js/SJhLjaOZEWEg.js	257 B	2024-03-09	2024-04-27
Pretty URL gsczmg5rmfxpiq.pages.dev/smart89/js/SJhLjaOZEWEg.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-09 06:25:25 Last Seen2024-04-27 07:21:13 Times Seen131 Hash 4adaa47e00921c22b14305058edfd45d a7148536ec85b093d08a5450a802377ed3c689cc 39b9b055bb2f82c6af76e96cab3b45c0acb94a2fa824a86eeec08c398b861d9b Loading...

	gsczmg5rmfxpiq.pages.dev/smart89/js/kwVwgUClEmIkmC.js	235 B	2024-03-09	2024-04-27
Pretty URL gsczmg5rmfxpiq.pages.dev/smart89/js/kwVwgUClEmIkmC.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-09 06:25:27 Last Seen2024-04-27 07:21:12 Times Seen129 Hash 24b21e3571c6856d3ada95e5d2b70cc7 0c3c8e48ad74a3eadd673bb71641e702fbcfcef1 259191ca43a291631d2f24ec69dcd0aee6a493910d853ca61a3917dbd4317435 Loading...

	unknown	525 kB	2024-03-15	2024-04-14
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-15 16:41:38 Last Seen2024-04-14 07:53:49 Times Seen5 Hash f287df5a596321dab493ce8bf93012f0 4e3d1ea63caf25bc0af1363dfd53d2d6e13c4c71 9179af661ff25e2503ded668a334d14f8a878416aed53cb057c8d2fee2d7fb24 Loading...

	gsczmg5rmfxpiq.pages.dev/smart89/	23 MB	2024-03-15	2024-04-14
Pretty URL gsczmg5rmfxpiq.pages.dev/smart89/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-03-15 16:41:42 Last Seen2024-04-14 07:53:50 Times Seen5 Hash bd3bd600a1ff84c5951329a37c028dc8 e1dd5d5cf8c358e80f1d5ed458c124d778732a38 78da31e1f7763e51a4009b68184362d769080e45fb46071b8e6a4c809072d9d7 Loading...

	unknown	523 kB	2024-03-15	2024-04-14
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-15 16:41:44 Last Seen2024-04-14 07:53:49 Times Seen5 Hash 29b4a9030a2e8ac3781ed552bdd2eb77 ccb21e51ad7c2fff0ec8156c000e2971960d8084 670d3cb1ae7d7dbaee246cd552e13907e162ced08263d94431bd49a6d505c2a7 Loading...

	unknown	525 kB	2024-03-15	2024-04-14
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-15 16:41:44 Last Seen2024-04-14 07:53:50 Times Seen5 Hash 9bd4e84b6fd89734cfe86baa4011ca82 ae4b8e3eda8faa93bf3a9411c775df63bc888025 11c6431d04e1482c7d71a8a7381b8cc990d16766cbb3d37857f8cb54d7dc61dd Loading...

	gsczmg5rmfxpiq.pages.dev/smart89/js/wZPWylzcZTPIqh.js	79 kB	2024-02-01	2024-04-27
Pretty URL gsczmg5rmfxpiq.pages.dev/smart89/js/wZPWylzcZTPIqh.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-01 13:57:16 Last Seen2024-04-27 07:33:16 Times Seen637 Hash 2130b7ed48a1006f774734218d916dee 86d0aaf4ecb3ead31c3c2739853c089d8d1dc619 d8af41d20b1af69b8c2a8e0776d181a8224f17d314fc2479c8a389a9e79d0542 Loading...

	unknown	525 kB	2024-03-15	2024-04-14
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-15 16:41:44 Last Seen2024-04-14 07:53:49 Times Seen5 Hash 54ffab3db75e6ff5a0ce39f55a8d4ff6 d207f524b6e02c69bc6aaaae8b2e947862bab52c 397062995690b42ee8a7026336e5a23fbae3f64b87c774f8a765d3d21d8ad458 Loading...

	gsczmg5rmfxpiq.pages.dev/smart89/js/oouAunrzBK.js	85 kB	2024-01-27	2024-04-27
Pretty URL gsczmg5rmfxpiq.pages.dev/smart89/js/oouAunrzBK.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-27 15:25:22 Last Seen2024-04-27 07:33:16 Times Seen593 Hash 433b079c773ae63f4e1af2f9b92d09f1 54f6987c955ace72deb8864572be36e526029614 e6aa5558980389b32f515fbccd1c46dd127ceb9705908f2df2405c96713a5e7c Loading...

	unknown	19 B	2023-04-10	2024-04-27
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-10 16:23:44 Last Seen2024-04-27 07:33:15 Times Seen2495 Hash 57381d43f260aa3b8c47820ca38655a3 8d087b53d91f8e3ff0def7d1d94a6dada72fac79 35b90e4b54b87ed6cd2b439eac195f9eb59e731e17248c95fb1e26e15d61f943 Loading...

	gsczmg5rmfxpiq.pages.dev/smart89/js/HTRqGTMyowbL.js	84 B	2023-12-04	2024-04-27
Pretty URL gsczmg5rmfxpiq.pages.dev/smart89/js/HTRqGTMyowbL.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 18:32:54 Last Seen2024-04-27 07:21:13 Times Seen131 Hash ae3d619c3ed43290e2ccac972caa7f96 b61319feee02627613f45c116cd99fc79353d3fb c501e056cc2c402f9a1c8937f1c7b2bacf5564bb47d500d979fc76605b9fb996 Loading...

	unknown	524 kB	2024-03-15	2024-04-14
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-15 16:41:44 Last Seen2024-04-14 07:53:49 Times Seen5 Hash 8c13f059552c4cbad71e895e59289bd9 ae72d5ff01e1ebcba73dbacacf200edc39ef83dc 8b32b9eec9194b8c8e180d6a98cbbe55bc7a47a9c79eb5ecc1a37a49a3d60ea1 Loading...

	unknown	524 kB	2024-03-15	2024-04-14
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-15 16:41:40 Last Seen2024-04-14 07:53:50 Times Seen5 Hash 9e825f5c302176b00b9d1e8325529837 2261306e49754c241d1ab02bb89dc089d5691b4e b58c2c962d722692b35ab7f6561bea2caef5eaf8e07412854f4efca8c38309cd Loading...

	unknown	525 kB	2024-03-15	2024-04-14
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-15 16:41:39 Last Seen2024-04-14 07:53:49 Times Seen5 Hash 0fef77c5dbe0451f690f87c5e26d32de 2f1203c9a6282a0f65f6d871078ca79b41f6b882 4ec112ee525c1e13175e1bdad441e018e352d9613d71868a529b62aabf8e693a Loading...

	unknown	29 B	2024-03-29	2024-03-29
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-29 06:12:11 Last Seen2024-03-29 06:12:11 Times Seen1 Hash 9f6b577d6003ae2d69e7a2a2303f759f dbd0f72d82bc48048494d83a6b3ec8731d816301 217c40e345957550c27e259ae6e96a0a1c7d64f22d848f880e54e48cc34058ef Loading...

	unknown	523 kB	2024-03-15	2024-04-14
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-15 16:41:38 Last Seen2024-04-14 07:53:50 Times Seen5 Hash b3684191190c4fc27595009ff20ee336 977b59c31f0058b79fe963b16781725c9180119b 083a82dabfc35fa62cd5c566c464f30beecb8d59f2f143814a7e8ab3ac063229 Loading...

	unknown	524 kB	2024-03-15	2024-04-14
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-15 16:41:39 Last Seen2024-04-14 07:53:49 Times Seen5 Hash a96bdc6bb7d7806ba5ed503391a51dc6 b82eee80d5222b33beb4e67f5b1e32cbea34ba3e 562002abbc770b6641a35660fcd110bf74e3ff52847a56fb6420a071de8c005f Loading...

	unknown	524 kB	2024-03-15	2024-04-14
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-15 16:41:44 Last Seen2024-04-14 07:53:50 Times Seen5 Hash f6ab37399a0773f2519ef0a677b20ff3 3f3e0b510fb3b912ba07baffbb6d9f3d8c327b96 a01334f0f22a642676e8adcfb3267e8964757a9b2edb8a98b131736b2f244cda Loading...

	unknown	525 kB	2024-03-15	2024-04-14
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-15 16:41:37 Last Seen2024-04-14 07:53:49 Times Seen5 Hash 67120b0ba43e69da4542542b3001e982 e538a2a708322682a6d15620a79fd96bf6bd3aa3 1996786389c9ee8a046c5e614047d8eb999f0276ab4e9b0d9ac4062354ffa950 Loading...

	unknown	525 kB	2024-03-15	2024-04-14
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-15 16:41:38 Last Seen2024-04-14 07:53:49 Times Seen5 Hash 940bc7070ade2e12ff66f1fe2278a199 4e8b607b26a4ea6598f91fb180f452ec25e090ff 221d0a5895bc647d1127b0e0c02b231e28abd6207e4c400fd89b5b574e957fb7 Loading...

	unknown	522 kB	2024-03-15	2024-04-14
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-15 16:41:44 Last Seen2024-04-14 07:53:49 Times Seen5 Hash da2cfdcddc9a5ad0c7fe54c8b9be309b b829f943821c5311ea30e50b8ae920cafc3fed7f c885c4f169fb0b2d46134c7a5ab24328eac33af2c526a842c6b4b1d065bc531b Loading...

	unknown	522 kB	2024-03-15	2024-04-14
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-15 16:41:39 Last Seen2024-04-14 07:53:49 Times Seen5 Hash c483e8f4fc5732ec2e49db4638b4a33a 651ae137cfa345682ff18b9cc0ad2fb5a09f86e5 c1f6c3de1a56a68de96418cc2e33848670c25e216c8dd50ee11166996daf0f88 Loading...

	unknown	523 kB	2024-03-15	2024-04-14
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-15 16:41:38 Last Seen2024-04-14 07:53:49 Times Seen5 Hash 0e2701bccd416e0610ecf7800360958c 1ce3000314d35097b9221bdfcd0519d3d048e464 8b41b35826432eb1b28b1fa787f340173c081de3e45e4119d65456f845df1185 Loading...

	unknown	523 kB	2024-03-29	2024-04-14
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-29 06:12:11 Last Seen2024-04-14 07:53:50 Times Seen4 Hash aad3ad146bd97ee4f968abd726955b80 5206e5e0268ae63f642408c4f729b32bb43e3a23 e6974fb551d40940988ea0ff5b4d8cd08bbf857c86f786361a51c9e51e959d0b Loading...

	unknown	524 kB	2024-03-15	2024-04-14
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-15 16:41:38 Last Seen2024-04-14 07:53:49 Times Seen5 Hash 2f8e1afdb336d130ba438f525e76e50a 8c15db7de8f22057348a6890872a7fe0aebef249 cc187d4074fcb92da588886ceb7491aeb52a57e9cc8bd12806cb79a5b1b93675 Loading...

	gsczmg5rmfxpiq.pages.dev/smart89/js/dGnDXJWAOt.js	341 B	2024-03-09	2024-04-27
Pretty URL gsczmg5rmfxpiq.pages.dev/smart89/js/dGnDXJWAOt.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-09 06:25:27 Last Seen2024-04-27 07:21:13 Times Seen131 Hash edecd671524020292f366d2fe0850df1 3d56f2a6cba2ede71361e600306520cf9f180ee6 bc96e5384b1be8e0f3bc523cb44bb442a8c2c9412f2ea56ae316a62a8bdf952b Loading...

	unknown	524 kB	2024-03-15	2024-04-14
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-15 16:41:39 Last Seen2024-04-14 07:53:50 Times Seen5 Hash 35c9687878dac1f1eaa6c26470d64891 140215b43573a566418b1f5b1f39340672d02482 38b3db5927fa6ac28e396a84b09e2597ee034515a49ef29ca667d784cbf7236b Loading...

	userstatics.com/get/script.js?referrer=https://gsczmg5rmfxpiq.pages.dev/smart89/	133 B	2023-11-04	2024-04-27
Pretty URL userstatics.com/get/script.js?referrer=https://gsczmg5rmfxpiq.pages.dev/smart89/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-04 00:48:23 Last Seen2024-04-27 07:33:16 Times Seen788 Hash fea7fbf2c619fd4b7716fcaa64070c6c f192732937981a26f526b7c1293a2ae13bc59a22 df9690fea031319de38a437cb6d393026c4aae70642ed394c4254ed64f035b26 Loading...

		Size	First Seen	Last Seen
	#1 Write - 4558240a01e10cf4ccec24edddca60b7	520 kB	2024-03-29	2024-04-14
Pretty Observations First Seen2024-03-29 06:12:11 Last Seen2024-04-14 05:47:34 Times Seen2 Hash 4558240a01e10cf4ccec24edddca60b7 2c6fbdefb900dbe76c5294d8798745e1d4c940e7 66a752cdb60228bfa150791d307397b41c9e8989a1adc8ffab4c6f6542c910a6 Loading...

	#2 Write - 9d70245c56eedc10d9fa11e9d0fc4fdb	2.8 MB	2024-03-15	2024-04-14
Pretty Observations First Seen2024-03-15 16:41:45 Last Seen2024-04-14 07:53:50 Times Seen5 Hash 9d70245c56eedc10d9fa11e9d0fc4fdb 91a0b17edad0195fc0a8b4653600e5239a70644d ed16b1b937c8bc6a6aae7a0c60d5f75eff98cd88ce08cd888989ae45fbb6de30 Loading...

	#3 Write - 20c29fea19e52c7576530c262dee8167	18 B	2024-03-11	2024-04-25
Pretty Observations First Seen2024-03-11 04:58:59 Last Seen2024-04-25 18:55:47 Times Seen42 Hash 20c29fea19e52c7576530c262dee8167 519363a15b31febf8ec79d7034ef5e2582360e24 cba5e6ba496650cf75de88753f4912292f0717fd4a230ce07694b7d60beb1cfd Loading...

HTTP Transactions (38)

URL IP Response Size

gsczmg5rmfxpiq.pages.dev/smart89/js/wZPWylzcZTPIqh.js

188.114.96.1

200 OK

29 kB

URL GET HTTP/3
gsczmg5rmfxpiq.pages.dev/smart89/js/wZPWylzcZTPIqh.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gsczmg5rmfxpiq.pages.dev/smart89/
Certificate
IssuerGoogle Trust Services LLC
Subjectgsczmg5rmfxpiq.pages.dev
Fingerprint41:63:8C:58:C0:46:D0:D6:57:F5:D0:0E:23:CB:A6:8D:3E:81:0E:C8
ValidityThu, 07 Mar 2024 02:50:35 GMT - Wed, 05 Jun 2024 02:50:34 GMT

File type
JavaScript source, ASCII text, with very long lines (820)
Size
29 kB (28605 bytes)
Hash
2130b7ed48a1006f774734218d916dee
86d0aaf4ecb3ead31c3c2739853c089d8d1dc619
d8af41d20b1af69b8c2a8e0776d181a8224f17d314fc2479c8a389a9e79d0542

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /smart89/js/wZPWylzcZTPIqh.js HTTP/1.1
Host: gsczmg5rmfxpiq.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gsczmg5rmfxpiq.pages.dev/smart89/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:11:28 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"0e620b1668791704ec2fed2350e0857f"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3aBXbvPLOlZybRI8D5aqw0%2BzQ9oMqjB7bdx19Ml4oaeqvkukMBH4VgB0nmbD2zHUnUN6azNLbk7LdgKMpo%2FsielS3hRkFwmPEt9ttcuaoQ60V%2BweA08Eq%2FXuCPCt2lF7h%2FfN3KtcuNX6uVA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd5c05788e56aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

gsczmg5rmfxpiq.pages.dev/smart89/images/mYRklvBXfidN.png

188.114.96.1

200 OK

364 B

URL GET HTTP/3
gsczmg5rmfxpiq.pages.dev/smart89/images/mYRklvBXfidN.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gsczmg5rmfxpiq.pages.dev/smart89/
Certificate
IssuerGoogle Trust Services LLC
Subjectgsczmg5rmfxpiq.pages.dev
Fingerprint41:63:8C:58:C0:46:D0:D6:57:F5:D0:0E:23:CB:A6:8D:3E:81:0E:C8
ValidityThu, 07 Mar 2024 02:50:35 GMT - Wed, 05 Jun 2024 02:50:34 GMT

File type
PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced
Size
364 B (364 bytes)
Hash
e144c3378090087c8ce129a30cb6cb4e
59da5466551de941d0215e45c54aa2ceaf436be1
b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /smart89/images/mYRklvBXfidN.png HTTP/1.1
Host: gsczmg5rmfxpiq.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gsczmg5rmfxpiq.pages.dev/smart89/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:11:29 GMT
content-type: image/png
content-length: 364
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ee63d8b934f54cf7e606ebae2b4bfcf6"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d%2BkAVSLpDwSEysn1D7nlH%2Bkd75yRLttBVxEfauX1benvmKoeQARMJjTXHJ02tkJuUW7p8TScW1h5EWzFXtczwn%2Fc3zpx%2Fw8KJr20qh%2FPgyqZzaCZQAZXJaT4uVHkTUsXGtQJ7NTNs%2F3HjgY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd5c0618d656aa-OSL
alt-svc: h3=":443"; ma=86400

gsczmg5rmfxpiq.pages.dev/smart89/images/JGrWeJITPiyTCRE.png

188.114.96.1

200 OK

187 B

URL GET HTTP/3
gsczmg5rmfxpiq.pages.dev/smart89/images/JGrWeJITPiyTCRE.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gsczmg5rmfxpiq.pages.dev/smart89/
Certificate
IssuerGoogle Trust Services LLC
Subjectgsczmg5rmfxpiq.pages.dev
Fingerprint41:63:8C:58:C0:46:D0:D6:57:F5:D0:0E:23:CB:A6:8D:3E:81:0E:C8
ValidityThu, 07 Mar 2024 02:50:35 GMT - Wed, 05 Jun 2024 02:50:34 GMT

File type
PNG image data, 140 x 30, 1-bit colormap, non-interlaced
Size
187 B (187 bytes)
Hash
271021cfa45940978184be0489841fd3
201030af9b1bc5d3c8d453efbfdf89b68d6c1be5
c5a324f181af16879b6c4c52b731b23392f2816def159b157c4de620cff1cd41

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /smart89/images/JGrWeJITPiyTCRE.png HTTP/1.1
Host: gsczmg5rmfxpiq.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gsczmg5rmfxpiq.pages.dev/smart89/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:11:29 GMT
content-type: image/png
content-length: 187
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "653967a2ac91034b61d1ad76540b8eb4"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=82QdHH18aQuXROk2w1C8keiNLpmEptvRsRuVEPbRO%2BI7UrrXPu%2BYidCLEHf1irD8NLUwxe5qCB4L2AErYhOVH%2F5loNrZn0G1eWMPTVVYGG0mty3JR4PCjci6yYrdBQ7hVkvM43he18zO%2BuA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd5c0618d156aa-OSL
alt-svc: h3=":443"; ma=86400

gsczmg5rmfxpiq.pages.dev/smart89/images/xrSGDeGaXoY.png

188.114.96.1

200 OK

119 kB

URL GET HTTP/3
gsczmg5rmfxpiq.pages.dev/smart89/images/xrSGDeGaXoY.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gsczmg5rmfxpiq.pages.dev/smart89/
Certificate
IssuerGoogle Trust Services LLC
Subjectgsczmg5rmfxpiq.pages.dev
Fingerprint41:63:8C:58:C0:46:D0:D6:57:F5:D0:0E:23:CB:A6:8D:3E:81:0E:C8
ValidityThu, 07 Mar 2024 02:50:35 GMT - Wed, 05 Jun 2024 02:50:34 GMT

File type
PNG image data, 1056 x 908, 8-bit/color RGBA, non-interlaced
Size
119 kB (119006 bytes)
Hash
ef22913e13a0b39c209a671202ec3ff3
a38104877c60e7c9f2aed41b3f92418f8981973e
8e4039a48ffb24b4cdc57ddd4384a16af9eb7efa678577e280308bc9750a0bbc

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /smart89/images/xrSGDeGaXoY.png HTTP/1.1
Host: gsczmg5rmfxpiq.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gsczmg5rmfxpiq.pages.dev/smart89/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:11:29 GMT
content-type: image/png
content-length: 119006
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "b439c2f816d481fcd7e2eb2937f1fdbf"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cAhsbdQ18tofD7Pgb774EKlPYmT3A3hE1BVUXgc94lfKMa9Otq6EgrDNqBfRsrQ%2FXk48Uuqu6wj7SIrmDRlkQ0aPDT0G66V%2FTQKTVOgFvKGCiZzsIafDaLko6E6xsExn14TRD9OuBRpsM0s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd5c0628da56aa-OSL
alt-svc: h3=":443"; ma=86400

gsczmg5rmfxpiq.pages.dev/smart89/

188.114.96.1

200 OK

11 MB

URL User Request GET HTTP/3
gsczmg5rmfxpiq.pages.dev/smart89/
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectgsczmg5rmfxpiq.pages.dev
Fingerprint41:63:8C:58:C0:46:D0:D6:57:F5:D0:0E:23:CB:A6:8D:3E:81:0E:C8
ValidityThu, 07 Mar 2024 02:50:35 GMT - Wed, 05 Jun 2024 02:50:34 GMT

File type
HTML document, ASCII text, with very long lines (8919)
Size
11 MB (10768065 bytes)
Hash
aa92ae27e7059ee79b8c175c295ee8f9
b391452b9103d10d83097d9f88e1ac97aeb5c8dd
3acc9d9756705ca2c6d0493c8f76946f24e79e049a2eb1b0011c169ff039a0cd

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /smart89/ HTTP/1.1
Host: gsczmg5rmfxpiq.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gsczmg5rmfxpiq.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:11:23 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"61eff0a5da541272d2c129ff7607840b"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5DMPXpg%2FHtbjAoIcXKC0X3yrrZiCRPMKHG21hkQss%2FyOvZNafWVcxWzVWoGfAvcOmkVli5fSHcCKLHkLSKo2rgpAho%2FEbC9SOht5Ais%2BD4%2B6iB9uQv9Tvkvvk5jX81izdrWiBBchDcjVWlo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd5be48d4a56aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

gsczmg5rmfxpiq.pages.dev/smart89/images/MFKynONDGfYtUk.png

188.114.96.1

200 OK

332 B

URL GET HTTP/3
gsczmg5rmfxpiq.pages.dev/smart89/images/MFKynONDGfYtUk.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gsczmg5rmfxpiq.pages.dev/smart89/
Certificate
IssuerGoogle Trust Services LLC
Subjectgsczmg5rmfxpiq.pages.dev
Fingerprint41:63:8C:58:C0:46:D0:D6:57:F5:D0:0E:23:CB:A6:8D:3E:81:0E:C8
ValidityThu, 07 Mar 2024 02:50:35 GMT - Wed, 05 Jun 2024 02:50:34 GMT

File type
PNG image data, 100 x 100, 1-bit colormap, non-interlaced
Size
332 B (332 bytes)
Hash
9d8a90a63d20f05d27e5d6abb35e0cd0
5873b4007e9d55b4d891a4c427b3735ed23dbfe8
7df9f467d23ee1887edb2123cca10a1a9c4624cdcf7199c64e78a8430031f9f5

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /smart89/images/MFKynONDGfYtUk.png HTTP/1.1
Host: gsczmg5rmfxpiq.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gsczmg5rmfxpiq.pages.dev/smart89/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:11:29 GMT
content-type: image/png
content-length: 332
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "b5c69f4e5e8f959bb3eb0ad49250137b"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0QuoIhTH3gXNA3%2FFU5pxgBtw%2F5CmQPGPobDwnVshtgf3a%2Fi07%2FhcPUcuqqNpEx5PPFipxD6h8%2FtYuRo96cMZqy%2F84yceOo9mMMnRPSE6ZJZSeKwKdTsFnQw2NePpBI%2BxZ2JbdVZk%2Fab1iqE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd5c0628df56aa-OSL
alt-svc: h3=":443"; ma=86400

gsczmg5rmfxpiq.pages.dev/smart89/images/sClzlvUsWFvT.png

188.114.96.1

200 OK

1.3 kB

URL GET HTTP/3
gsczmg5rmfxpiq.pages.dev/smart89/images/sClzlvUsWFvT.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gsczmg5rmfxpiq.pages.dev/smart89/
Certificate
IssuerGoogle Trust Services LLC
Subjectgsczmg5rmfxpiq.pages.dev
Fingerprint41:63:8C:58:C0:46:D0:D6:57:F5:D0:0E:23:CB:A6:8D:3E:81:0E:C8
ValidityThu, 07 Mar 2024 02:50:35 GMT - Wed, 05 Jun 2024 02:50:34 GMT

File type
PNG image data, 166 x 92, 4-bit colormap, non-interlaced
Size
1.3 kB (1270 bytes)
Hash
05cdf1a2c2fc8f07bea0a8f4f9356637
b7bbd626d1d6c832509e820cae1d971b34f625e6
afe332157f4efe355f3181284e99f4331c4d19703ed1678b5316d2933f95e98e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /smart89/images/sClzlvUsWFvT.png HTTP/1.1
Host: gsczmg5rmfxpiq.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gsczmg5rmfxpiq.pages.dev/smart89/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:11:29 GMT
content-type: image/png
content-length: 1270
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "f526107ac63134fd87055a8d49a6e1d6"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zeUFrb0Om9vX0lCSKjswtv%2B29zhCOT40piN7O8iGmEFqPUnlTNJNNuTCkL%2BSWkB%2F4iDrxSnt24c6kxzsw4XTiOHy6NP0D8Tzfh8Wzgm%2BCSP7kFPDVnrfuMA3mLwDB7Iji%2Ba6HfqkysCR3fU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd5c0628de56aa-OSL
alt-svc: h3=":443"; ma=86400

gsczmg5rmfxpiq.pages.dev/smart89/images/SPlSrnwjFFmOURy.png

188.114.96.1

200 OK

276 B

URL GET HTTP/3
gsczmg5rmfxpiq.pages.dev/smart89/images/SPlSrnwjFFmOURy.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gsczmg5rmfxpiq.pages.dev/smart89/
Certificate
IssuerGoogle Trust Services LLC
Subjectgsczmg5rmfxpiq.pages.dev
Fingerprint41:63:8C:58:C0:46:D0:D6:57:F5:D0:0E:23:CB:A6:8D:3E:81:0E:C8
ValidityThu, 07 Mar 2024 02:50:35 GMT - Wed, 05 Jun 2024 02:50:34 GMT

File type
PNG image data, 13 x 13, 8-bit colormap, non-interlaced
Size
276 B (276 bytes)
Hash
7616d96c388301e391653647e1f5f057
b1868c8f0f46309a8e26f584ac82000d54c06ecd
4c1606563842cce5f1788329d4417ae3618b33c6365c56a7122439b6ab45c977

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /smart89/images/SPlSrnwjFFmOURy.png HTTP/1.1
Host: gsczmg5rmfxpiq.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gsczmg5rmfxpiq.pages.dev/smart89/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:11:29 GMT
content-type: image/png
content-length: 276
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "f4e0dc23fa0c9a87dc8527d52bd80a1e"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9E1b1E197b33nyH4JnNuEtSL0g%2BR4yQSJ0W8TGkCS5Nw4c9ZEByDxV6deRC1sYkv8J89GU7eyF8LHamVbNxCblyCAr4Jonfzjin65cSVVAiJWCCdSn1P315Xe5Fzj%2FedGO9LhMCwR5YsikA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd5c0628dc56aa-OSL
alt-svc: h3=":443"; ma=86400

gsczmg5rmfxpiq.pages.dev/smart89/images/luPSBbHNBJMwrVI.png

188.114.96.1

200 OK

2.7 kB

URL GET HTTP/3
gsczmg5rmfxpiq.pages.dev/smart89/images/luPSBbHNBJMwrVI.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gsczmg5rmfxpiq.pages.dev/smart89/
Certificate
IssuerGoogle Trust Services LLC
Subjectgsczmg5rmfxpiq.pages.dev
Fingerprint41:63:8C:58:C0:46:D0:D6:57:F5:D0:0E:23:CB:A6:8D:3E:81:0E:C8
ValidityThu, 07 Mar 2024 02:50:35 GMT - Wed, 05 Jun 2024 02:50:34 GMT

File type
PNG image data, 520 x 520, 8-bit colormap, non-interlaced
Size
2.7 kB (2681 bytes)
Hash
b01a30d354bfcf51edf33e0b0ea07402
c421359518d1ae258237bf501c563b7f059f8b9b
b67a7c07a045d7cb0f2e216a557aec0d99405e17c36d1a6b1ff3e2733aa35348

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /smart89/images/luPSBbHNBJMwrVI.png HTTP/1.1
Host: gsczmg5rmfxpiq.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gsczmg5rmfxpiq.pages.dev/smart89/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:11:29 GMT
content-type: image/png
content-length: 2681
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "b1ddc8bc7bef23126af012bc26318301"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dzbIbZ674E3fnepEV9cgmd6I2dtO%2FfDcAtkfgTWnzubknxtKtNjet2UodwcaabBwg7aYY4FpHckudHFUdWax1PQbrSKQl5l4hQiStLcstqULVHYxFpm3cS5hM3doeWjcikq9DLnFWcyPWIc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd5c0638e256aa-OSL
alt-svc: h3=":443"; ma=86400

gsczmg5rmfxpiq.pages.dev/smart89/images/AwoIGNacHw.gif

188.114.96.1

200 OK

15 kB

URL GET HTTP/3
gsczmg5rmfxpiq.pages.dev/smart89/images/AwoIGNacHw.gif
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gsczmg5rmfxpiq.pages.dev/smart89/
Certificate
IssuerGoogle Trust Services LLC
Subjectgsczmg5rmfxpiq.pages.dev
Fingerprint41:63:8C:58:C0:46:D0:D6:57:F5:D0:0E:23:CB:A6:8D:3E:81:0E:C8
ValidityThu, 07 Mar 2024 02:50:35 GMT - Wed, 05 Jun 2024 02:50:34 GMT

File type
GIF image data, version 89a, 193 x 71
Size
15 kB (14751 bytes)
Hash
6fcb78e0cd7933a70eea2cf071f82118
70364bffd62fe33360abe70ecc7f7c0541b3b54c
4b436b0b6a47db85c88f83dc3fe3fd9a96c0a4018b28832165df929dffe0bc86

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /smart89/images/AwoIGNacHw.gif HTTP/1.1
Host: gsczmg5rmfxpiq.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gsczmg5rmfxpiq.pages.dev/smart89/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:11:29 GMT
content-type: image/gif
content-length: 14751
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "100a9924b8b50ce024e2fa5b31934d7f"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aDFN9sjjRuEMfXcaQVqZCEwMos5k3K3G%2BXJxdYFQbIhHwrVy4b0QXjQzI33VBhRdGPPAoaU4no6%2FzLSAaA2zBJXnQ8qX%2BsXfmty2%2FrXBUbNmxe%2FSUYXqFtlIyL1eTTWGbSA0TZ9fq0ZyGu4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd5c0638e356aa-OSL
alt-svc: h3=":443"; ma=86400

ocsp.usertrust.com/

104.18.38.233

281 B

URL
ocsp.usertrust.com/
IP
104.18.38.233:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
281 B (281 bytes)
Hash
9a63451689ca1aa38804218378b25608
60f3f5383e244d3799b62e6da237ce8ff0b52adf
06283041bcc0418cc79023ff5aaa40672ec5fe04d5ca22ec0aa7eaa729401c0a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 05:11:35 GMT
Content-Type: application/ocsp-response
Content-Length: 281
Connection: keep-alive
Last-Modified: Wed, 27 Mar 2024 15:41:38 GMT
Expires: Wed, 03 Apr 2024 15:41:37 GMT
Etag: "60f3f5383e244d3799b62e6da237ce8ff0b52adf"
Cache-Control: max-age=597943,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 86bd5c2c0aa056bb-OSL

gsczmg5rmfxpiq.pages.dev/smart89/media/McEMxMpOXCsjafG.mp3

188.114.96.1

200 OK

8.4 kB

URL GET HTTP/3
gsczmg5rmfxpiq.pages.dev/smart89/media/McEMxMpOXCsjafG.mp3
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gsczmg5rmfxpiq.pages.dev/smart89/
Certificate
IssuerGoogle Trust Services LLC
Subjectgsczmg5rmfxpiq.pages.dev
Fingerprint41:63:8C:58:C0:46:D0:D6:57:F5:D0:0E:23:CB:A6:8D:3E:81:0E:C8
ValidityThu, 07 Mar 2024 02:50:35 GMT - Wed, 05 Jun 2024 02:50:34 GMT

File type
Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 56 kbps, 44.1 kHz, Monaural
Size
8.4 kB (8405 bytes)
Hash
8618fbb0911e3b8fc96725dee8bfd81f
1bbcb78922946d0cf18fbf3a9e092e36453eb767
0589be7715d2320e559eae6bd26f3528e97450c70293da2e1e8ce45f77f99ab1

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /smart89/media/McEMxMpOXCsjafG.mp3 HTTP/1.1
Host: gsczmg5rmfxpiq.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Referer: https://gsczmg5rmfxpiq.pages.dev/smart89/
Range: bytes=0-
DNT: 1
Connection: keep-alive
Cookie: PHPREFS=full
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:11:35 GMT
content-type: audio/mpeg
content-length: 8405
access-control-allow-origin: *
etag: "0825ebad9a641a19e1944426ffe4916e"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=frTUhu3xPFiL%2BmOIrFZLEIWVmKVu7Gl5KdVL5KU%2FDWogOeHcEfa0O6m2CGbN81e3nQ7pMdUBN0pK7SoIZFHWO4Lo29iZq4hG60w83Vz4dxBeof487bOmnYTmVlSmgJrlzKkllRuOmVBmpFc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd5c2bf89d56aa-OSL
alt-svc: h3=":443"; ma=86400

gsczmg5rmfxpiq.pages.dev/smart89/media/tOBpXMwkkZcHOL.mp3

188.114.96.1

200 OK

194 kB

URL GET HTTP/3
gsczmg5rmfxpiq.pages.dev/smart89/media/tOBpXMwkkZcHOL.mp3
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gsczmg5rmfxpiq.pages.dev/smart89/
Certificate
IssuerGoogle Trust Services LLC
Subjectgsczmg5rmfxpiq.pages.dev
Fingerprint41:63:8C:58:C0:46:D0:D6:57:F5:D0:0E:23:CB:A6:8D:3E:81:0E:C8
ValidityThu, 07 Mar 2024 02:50:35 GMT - Wed, 05 Jun 2024 02:50:34 GMT

File type
Audio file with ID3 version 2.4.0, contains: - MPEG ADTS, layer III, v2, 48 kbps, 22.05 kHz, Monaural
Size
194 kB (193612 bytes)
Hash
40ce7ccb1aa8b0da1f51995ebb59f4e8
ed8a51e3bae2d58202c02471e6a798bbff84dee9
8f24cf514509b9830bcb4a7204463b87fa3e6d9ce47187192130f8230b1990e3

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /smart89/media/tOBpXMwkkZcHOL.mp3 HTTP/1.1
Host: gsczmg5rmfxpiq.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Referer: https://gsczmg5rmfxpiq.pages.dev/smart89/
Range: bytes=0-
DNT: 1
Connection: keep-alive
Cookie: PHPREFS=full
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:11:35 GMT
content-type: audio/mpeg
content-length: 193612
access-control-allow-origin: *
etag: "e50621b174fd568a8eb61c2382666a7a"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=63jfA%2FxZu5Jc0kYKUMvTj5j0NTPYRg2pCwuf3NUqM7vgudimpC4IGZSxSHnCFt2w3jKzhBZkzJW3PY7QWTvQKU935o6XgtZnfnEedgyEWvz%2BuHdKhu0Fh5xBIky01%2FblWkrT8kwYmcbGHsw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd5c2bf89b56aa-OSL
alt-svc: h3=":443"; ma=86400

ipwho.is/?lang=en

195.201.57.90

200 OK

668 B

URL GET HTTP/1.1
ipwho.is/?lang=en
IP
195.201.57.90:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://gsczmg5rmfxpiq.pages.dev/smart89/
Certificate
IssuerGoGetSSL
Subjectipwho.is
Fingerprint29:9B:81:4F:C5:60:01:21:10:80:F1:58:15:89:9B:7B:05:92:49:23
ValidityWed, 13 Mar 2024 00:00:00 GMT - Thu, 13 Mar 2025 23:59:59 GMT

File type
JSON text data
Size
668 B (668 bytes)
Hash
b06425fdc8b28cfabc2dff7f011ca3c1
d31848e62c9929c8c87de20bb2e57237a5bc506c
fe3f4e5cc8dc0bddf3dcceb767f3da4085538af9ab2c2844aab41272d9604bf8

HTTP Headers

GET /?lang=en HTTP/1.1
Host: ipwho.is
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gsczmg5rmfxpiq.pages.dev/
Origin: https://gsczmg5rmfxpiq.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 05:11:35 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: ipwhois
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
X-Robots-Tag: noindex

gsczmg5rmfxpiq.pages.dev/smart89/images/CzFtlLJSeztFh.png

188.114.96.1

200 OK

168 B

URL GET HTTP/3
gsczmg5rmfxpiq.pages.dev/smart89/images/CzFtlLJSeztFh.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gsczmg5rmfxpiq.pages.dev/smart89/
Certificate
IssuerGoogle Trust Services LLC
Subjectgsczmg5rmfxpiq.pages.dev
Fingerprint41:63:8C:58:C0:46:D0:D6:57:F5:D0:0E:23:CB:A6:8D:3E:81:0E:C8
ValidityThu, 07 Mar 2024 02:50:35 GMT - Wed, 05 Jun 2024 02:50:34 GMT

File type
PNG image data, 31 x 30, 4-bit colormap, non-interlaced
Size
168 B (168 bytes)
Hash
acb05ebcd5f488fc99169cff02b6dd04
dca893a7b514503e947a57aa072482a0e0cba912
1ab5ef4e7e196cb1ff39df44e1a0a39f6880b906ef6fd6da3cfdbb92ffd33115

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /smart89/images/CzFtlLJSeztFh.png HTTP/1.1
Host: gsczmg5rmfxpiq.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gsczmg5rmfxpiq.pages.dev/smart89/
DNT: 1
Connection: keep-alive
Cookie: PHPREFS=full
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:11:35 GMT
content-type: image/png
content-length: 168
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "8ca71578100459238fb030f8dd97e8bb"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GwfiqgvDDVExRNIXP27tomGMTy6ikNU5NXlvJr%2BCOlNWFpjXrdrpJ4gLH9r%2FdH1pKcBu2ifRcDT%2FFU%2Bhg8sE1sboOTUlb3GwQVMwBxgDO95s9Hwp9xXfa3oOVR4hFmjKStIYbpexW11cmWA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd5c2cf8ef56aa-OSL
alt-svc: h3=":443"; ma=86400

gsczmg5rmfxpiq.pages.dev/smart89/ai2.mp3

188.114.96.1

200 OK

1.1 MB

URL GET HTTP/3
gsczmg5rmfxpiq.pages.dev/smart89/ai2.mp3
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gsczmg5rmfxpiq.pages.dev/smart89/
Certificate
IssuerGoogle Trust Services LLC
Subjectgsczmg5rmfxpiq.pages.dev
Fingerprint41:63:8C:58:C0:46:D0:D6:57:F5:D0:0E:23:CB:A6:8D:3E:81:0E:C8
ValidityThu, 07 Mar 2024 02:50:35 GMT - Wed, 05 Jun 2024 02:50:34 GMT

File type
HTML document, ASCII text, with very long lines (8769)
Size
1.1 MB (1050270 bytes)
Hash
04c0df2299b4ad70883a42ec4972258c
3986b483b14456cbd69082ab90aee6d959f7a82c
a2a2322bee4933729fe865acc283011e460be8f77f580f52c5d6a8a1341169ea

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /smart89/ai2.mp3 HTTP/1.1
Host: gsczmg5rmfxpiq.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Referer: https://gsczmg5rmfxpiq.pages.dev/smart89/
Range: bytes=0-
DNT: 1
Connection: keep-alive
Cookie: PHPREFS=full
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:11:35 GMT
content-type: text/html; charset=utf-8
content-length: 1050270
access-control-allow-origin: *
etag: "4b94ef820b3d56e0cdf2cfe48848ce5b"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U%2BIcQPt%2FI71Q8gLlw0J%2BRzfKpI49qHi93RN58xTPFj3stF3zqFBld8UV%2FnqrUr8Rz2Hyr6D%2BCzQPTFIwSqjGJpeVJrUb1mO4rILXlma6GV5vIgxSKOFODuQqsk8siu2Tg600jfQSPAQVnS0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd5c2d390656aa-OSL
alt-svc: h3=":443"; ma=86400

gsczmg5rmfxpiq.pages.dev/smart89/js/SJhLjaOZEWEg.js

188.114.96.1

200 OK

6.7 kB

URL GET HTTP/3
gsczmg5rmfxpiq.pages.dev/smart89/js/SJhLjaOZEWEg.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gsczmg5rmfxpiq.pages.dev/smart89/
Certificate
IssuerGoogle Trust Services LLC
Subjectgsczmg5rmfxpiq.pages.dev
Fingerprint41:63:8C:58:C0:46:D0:D6:57:F5:D0:0E:23:CB:A6:8D:3E:81:0E:C8
ValidityThu, 07 Mar 2024 02:50:35 GMT - Wed, 05 Jun 2024 02:50:34 GMT

File type
JavaScript source, Unicode text, UTF-8 text
Size
6.7 kB (6743 bytes)
Hash
4adaa47e00921c22b14305058edfd45d
a7148536ec85b093d08a5450a802377ed3c689cc
39b9b055bb2f82c6af76e96cab3b45c0acb94a2fa824a86eeec08c398b861d9b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /smart89/js/SJhLjaOZEWEg.js HTTP/1.1
Host: gsczmg5rmfxpiq.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gsczmg5rmfxpiq.pages.dev/smart89/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:11:29 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"e78ebd84a053c71d569abe1187d7b3b1"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CTmuGXX08C3liA0LmRC4O4dYG7HBuWU8Msu0z43ZiMEexP9NsUy68%2B0vu1umsKx9l6AARBB8TH%2FU5DMrFOmF%2B3P0ZZ0UAd%2FI0D6qwr8MkSGoWEc9A%2F0lcA6WbZaP1dix8QC6Qi0i5rcOy0Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd5c0638e656aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

gsczmg5rmfxpiq.pages.dev/smart89/w3.png

188.114.96.1

200 OK

1.1 MB

URL GET HTTP/3
gsczmg5rmfxpiq.pages.dev/smart89/w3.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gsczmg5rmfxpiq.pages.dev/smart89/
Certificate
IssuerGoogle Trust Services LLC
Subjectgsczmg5rmfxpiq.pages.dev
Fingerprint41:63:8C:58:C0:46:D0:D6:57:F5:D0:0E:23:CB:A6:8D:3E:81:0E:C8
ValidityThu, 07 Mar 2024 02:50:35 GMT - Wed, 05 Jun 2024 02:50:34 GMT

File type

Size
1.1 MB (1050270 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /smart89/w3.png HTTP/1.1
Host: gsczmg5rmfxpiq.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gsczmg5rmfxpiq.pages.dev/smart89/
DNT: 1
Connection: keep-alive
Cookie: PHPREFS=full
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:11:44 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"4b94ef820b3d56e0cdf2cfe48848ce5b"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BvzD39GBPSyMbqfmwlpG0KfDNfVuKdpBkoEgLQp%2BorgyZCfYJx5ZFwJd22CaXBm73PttcID%2BReDUCIHRx5wSffDlCTOvo%2FoqKuCB3%2BLEPPcY0p2Ny2KcA1OGFaDQW44LEW87Q3fHECJHKa8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd5c648df956aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

gsczmg5rmfxpiq.pages.dev/smart89/js/ZjJXqXplKtMI.js

188.114.96.1

200 OK

2.0 kB

URL GET HTTP/3
gsczmg5rmfxpiq.pages.dev/smart89/js/ZjJXqXplKtMI.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gsczmg5rmfxpiq.pages.dev/smart89/
Certificate
IssuerGoogle Trust Services LLC
Subjectgsczmg5rmfxpiq.pages.dev
Fingerprint41:63:8C:58:C0:46:D0:D6:57:F5:D0:0E:23:CB:A6:8D:3E:81:0E:C8
ValidityThu, 07 Mar 2024 02:50:35 GMT - Wed, 05 Jun 2024 02:50:34 GMT

File type
JavaScript source, ASCII text, with very long lines (2100), with no line terminators
Size
2.0 kB (2009 bytes)
Hash
7b2926d724747155dc57f9775702aaa8
1f412de6d58a3f978c9ceffbba1c04715571ae94
f73b24d7a69c29edfef8f128bd13b4e8915a3b6cb48d2a6032799d650d949fcd

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /smart89/js/ZjJXqXplKtMI.js HTTP/1.1
Host: gsczmg5rmfxpiq.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gsczmg5rmfxpiq.pages.dev/smart89/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:11:29 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"f42b9d6470e77228e75f790cc3ad3f4b"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DKaGXZukqBWx%2FfPSNpnc00ahl5Wb9NcRMAyBNMksJdnnZWuZScgCOY%2FnPBy%2F0zS5Do3wOmMZKWMpPA26G011xy51144Zw6uCeMEHfnpoNdP66%2BCaQ6W9j117rYysMYUHze%2Bb%2BnOqZ63vWcI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd5c0638e756aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

gsczmg5rmfxpiq.pages.dev/smart89/js/dGnDXJWAOt.js

188.114.96.1

200 OK

341 B

URL GET HTTP/3
gsczmg5rmfxpiq.pages.dev/smart89/js/dGnDXJWAOt.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gsczmg5rmfxpiq.pages.dev/smart89/
Certificate
IssuerGoogle Trust Services LLC
Subjectgsczmg5rmfxpiq.pages.dev
Fingerprint41:63:8C:58:C0:46:D0:D6:57:F5:D0:0E:23:CB:A6:8D:3E:81:0E:C8
ValidityThu, 07 Mar 2024 02:50:35 GMT - Wed, 05 Jun 2024 02:50:34 GMT

File type
ASCII text, with very long lines (359), with no line terminators
Size
341 B (341 bytes)
Hash
f725b4b7dc367f895298e4f497c7de01
51eacebc35b42cede2552a4f53223b22053cc2b7
662e64bdf2e1d7ef4a647f4ab52853d1d68253fe7c593f6b238fd1e4672a5728

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /smart89/js/dGnDXJWAOt.js HTTP/1.1
Host: gsczmg5rmfxpiq.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gsczmg5rmfxpiq.pages.dev/smart89/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:11:29 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"b7d19e63d8308f9d778bd8dc7f426b03"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vrEF%2BHA5eA7PvgeQpMt%2FwQDUpmUB8%2FHAN67wPglfRPESgdxpIq6iqacYEKe2DuvpbLYlN%2FnTZ7NOtJPeu0D7FUKL2K3GCnBGs1ot0ka31Y%2FhUFQpcKLVyik9FTVYmAR%2FjsTLNHPdH%2BMuVcg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd5c0638ea56aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

gsczmg5rmfxpiq.pages.dev/smart89/images/euHhNzDpEgIZmd.png

188.114.96.1

200 OK

722 B

URL GET HTTP/3
gsczmg5rmfxpiq.pages.dev/smart89/images/euHhNzDpEgIZmd.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gsczmg5rmfxpiq.pages.dev/smart89/
Certificate
IssuerGoogle Trust Services LLC
Subjectgsczmg5rmfxpiq.pages.dev
Fingerprint41:63:8C:58:C0:46:D0:D6:57:F5:D0:0E:23:CB:A6:8D:3E:81:0E:C8
ValidityThu, 07 Mar 2024 02:50:35 GMT - Wed, 05 Jun 2024 02:50:34 GMT

File type
PNG image data, 128 x 128, 1-bit colormap, non-interlaced
Size
722 B (722 bytes)
Hash
42d8f2cc1ae5759c2369f255f36ebc03
8e592162eec14e72d0a751d714a641dbece91f6b
31c6dbe9d867436244f38566adad57e3870f4c8489c6804280eb564bfac5c1bd

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /smart89/images/euHhNzDpEgIZmd.png HTTP/1.1
Host: gsczmg5rmfxpiq.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gsczmg5rmfxpiq.pages.dev/smart89/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:11:29 GMT
content-type: image/png
content-length: 722
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "da27b6888c7cff8c20811d9d856d5f9d"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LF0n8sjX6w5tyPjTGxoAmB2ekhgzJhJbrsbnusJ8NuaRvVcDo7AzTYmyBh%2F0HorFhtpYRKqoQZFRV4erAh%2BD0prAt86wFba%2FWd%2BWdqQbXBS0bAqJDCQsj7VmKt0gx5EwfuA%2FMy6%2F5xNypJ0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd5c0628d956aa-OSL
alt-svc: h3=":443"; ma=86400

gsczmg5rmfxpiq.pages.dev/smart89/w1.png

188.114.96.1

200 OK

1.1 MB

URL GET HTTP/3
gsczmg5rmfxpiq.pages.dev/smart89/w1.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gsczmg5rmfxpiq.pages.dev/smart89/
Certificate
IssuerGoogle Trust Services LLC
Subjectgsczmg5rmfxpiq.pages.dev
Fingerprint41:63:8C:58:C0:46:D0:D6:57:F5:D0:0E:23:CB:A6:8D:3E:81:0E:C8
ValidityThu, 07 Mar 2024 02:50:35 GMT - Wed, 05 Jun 2024 02:50:34 GMT

File type

Size
1.1 MB (1050270 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /smart89/w1.png HTTP/1.1
Host: gsczmg5rmfxpiq.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gsczmg5rmfxpiq.pages.dev/smart89/
DNT: 1
Connection: keep-alive
Cookie: PHPREFS=full
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:11:41 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"4b94ef820b3d56e0cdf2cfe48848ce5b"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zsp5TpvMxlOyDUDeDp2s1WBoN2RVR%2Fm8JUBgJsxtpow82OULEB3%2BW806p6ZKywMOGaPmRCm0PsYpKZP3v2yulExs9BljJNYFrv9Zg0eV4QikhntIWF54SijtNV8N%2BugUu70SfPdERaPVZYk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd5c51be3356aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

gsczmg5rmfxpiq.pages.dev/smart89/w1.png

188.114.96.1

200 OK

1.1 MB

URL GET HTTP/3
gsczmg5rmfxpiq.pages.dev/smart89/w1.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gsczmg5rmfxpiq.pages.dev/smart89/
Certificate
IssuerGoogle Trust Services LLC
Subjectgsczmg5rmfxpiq.pages.dev
Fingerprint41:63:8C:58:C0:46:D0:D6:57:F5:D0:0E:23:CB:A6:8D:3E:81:0E:C8
ValidityThu, 07 Mar 2024 02:50:35 GMT - Wed, 05 Jun 2024 02:50:34 GMT

File type

Size
1.1 MB (1050270 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /smart89/w1.png HTTP/1.1
Host: gsczmg5rmfxpiq.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gsczmg5rmfxpiq.pages.dev/smart89/
DNT: 1
Connection: keep-alive
Cookie: PHPREFS=full
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:11:43 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"4b94ef820b3d56e0cdf2cfe48848ce5b"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RzbjbqjyIOpxCe61udYWa9uHaYSLauGVpwaKyG6b1LzjgxyEJvOmZ%2FDRj7QmnMJhf%2BflAcAlcqff3osvHLElDFDxmKj4wuLO4rfbFZMvwfB11Hgr1Ki19nuifN6V%2FXWdkgdUq9w8Kg9ajBs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd5c5e3b5056aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

userstatics.com/get/script.js?referrer=https://gsczmg5rmfxpiq.pages.dev/smart89/

0.0.0.0

0 B

URL GET
userstatics.com/get/script.js?referrer=https://gsczmg5rmfxpiq.pages.dev/smart89/
IP
0.0.0.0:0
ASN
#0

Requested by
https://gsczmg5rmfxpiq.pages.dev/smart89/
Certificate
IssuerLet's Encrypt
Subjectuserstatics.com
FingerprintAB:62:24:6D:5D:BB:D9:D8:00:B7:CB:47:DD:7C:74:69:C8:48:16:49
ValidityThu, 28 Mar 2024 13:34:23 GMT - Wed, 26 Jun 2024 13:34:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /get/script.js?referrer=https://gsczmg5rmfxpiq.pages.dev/smart89/ HTTP/1.1
Host: userstatics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gsczmg5rmfxpiq.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 29 Mar 2024 05:11:35 GMT
content-type: text/html; charset=utf-8
x-powered-by: PHP/8.2.1
access-control-allow-origin: https://gsczmg5rmfxpiq.pages.dev
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X94wCyVYlhFkiKA4o9CdpCuzjS%2B4%2B1KU06wus%2BhuF0ewULzFZXkJGLOQpSa%2F7Wsk6D71sXPgXo%2FzP0JrTfxm2OYmaTorWPeKRn5AC9DKVW7i88kQXm0%2B6YNJr5FxCxOIniA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd5c2d5add0b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

gsczmg5rmfxpiq.pages.dev/smart89/w1.png

188.114.96.1

200 OK

1.1 MB

URL GET HTTP/3
gsczmg5rmfxpiq.pages.dev/smart89/w1.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gsczmg5rmfxpiq.pages.dev/smart89/
Certificate
IssuerGoogle Trust Services LLC
Subjectgsczmg5rmfxpiq.pages.dev
Fingerprint41:63:8C:58:C0:46:D0:D6:57:F5:D0:0E:23:CB:A6:8D:3E:81:0E:C8
ValidityThu, 07 Mar 2024 02:50:35 GMT - Wed, 05 Jun 2024 02:50:34 GMT

File type

Size
1.1 MB (1050270 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /smart89/w1.png HTTP/1.1
Host: gsczmg5rmfxpiq.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gsczmg5rmfxpiq.pages.dev/smart89/
DNT: 1
Connection: keep-alive
Cookie: PHPREFS=full
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:11:37 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"4b94ef820b3d56e0cdf2cfe48848ce5b"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QDZ0QjtPgMOLTMF7Ksd8cRjPFfedyv83UO6%2ByoSsKK4fPGoKYSCLkOaFJHJITZ%2BeJjPTYyjLg1zQ3HjdsXgH6tUqXAX9Sj1xWqZlHY0uitidHrAd%2BtYteWsy7wNBxExY%2FlZQoFk08Q1Y1WE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd5c38bd7b56aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

gsczmg5rmfxpiq.pages.dev/smart89/w3.png

188.114.96.1

200 OK

1.1 MB

URL GET HTTP/3
gsczmg5rmfxpiq.pages.dev/smart89/w3.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gsczmg5rmfxpiq.pages.dev/smart89/
Certificate
IssuerGoogle Trust Services LLC
Subjectgsczmg5rmfxpiq.pages.dev
Fingerprint41:63:8C:58:C0:46:D0:D6:57:F5:D0:0E:23:CB:A6:8D:3E:81:0E:C8
ValidityThu, 07 Mar 2024 02:50:35 GMT - Wed, 05 Jun 2024 02:50:34 GMT

File type

Size
1.1 MB (1050270 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /smart89/w3.png HTTP/1.1
Host: gsczmg5rmfxpiq.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gsczmg5rmfxpiq.pages.dev/smart89/
DNT: 1
Connection: keep-alive
Cookie: PHPREFS=full
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:11:38 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"4b94ef820b3d56e0cdf2cfe48848ce5b"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PxHywqet%2B%2BmeNBFL8KQwUzHGv2aymPLFgAbZpU2V%2F017BHIfvIyv9SE%2BNHIcY0g5BAWwUDYZQGv5XYgRUVA3%2FaS%2FFnJ5PFysmS2Mxu593K6XDMLkg45GYCVlqIvNmFBVS7EqgETw1G3jtAQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd5c3effd056aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

gsczmg5rmfxpiq.pages.dev/smart89/js/HTRqGTMyowbL.js

188.114.96.1

200 OK

84 B

URL GET HTTP/3
gsczmg5rmfxpiq.pages.dev/smart89/js/HTRqGTMyowbL.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gsczmg5rmfxpiq.pages.dev/smart89/
Certificate
IssuerGoogle Trust Services LLC
Subjectgsczmg5rmfxpiq.pages.dev
Fingerprint41:63:8C:58:C0:46:D0:D6:57:F5:D0:0E:23:CB:A6:8D:3E:81:0E:C8
ValidityThu, 07 Mar 2024 02:50:35 GMT - Wed, 05 Jun 2024 02:50:34 GMT

File type
ASCII text, with no line terminators
Size
84 B (84 bytes)
Hash
99af1d890c01061860819465bdc442a5
a46b54d8d570ead4226b87110184b4a529590bc9
8fe589abc8a4e14f7899951e592e20252efe6c72977eb3390fb463c7777166da

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /smart89/js/HTRqGTMyowbL.js HTTP/1.1
Host: gsczmg5rmfxpiq.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gsczmg5rmfxpiq.pages.dev/smart89/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:11:29 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"1bc7d69363ab4ad3414e26f0e42ef93b"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E8%2FHU0Gpak0kDkEwFnUvhNVeseVKKKO2ncRr7QdUjSG2GcxURpQCjblyAARZjKheRY%2FojH%2FI4PZH8V2fiWAwRQk%2B%2BN77Xve0pzCRhNGuImGDR6fhmTMgho2lSXsdyoVW3PuEDV71nhxX0n4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd5c0648ed56aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

gsczmg5rmfxpiq.pages.dev/smart89/w1.png

188.114.96.1

200 OK

1.1 MB

URL GET HTTP/3
gsczmg5rmfxpiq.pages.dev/smart89/w1.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gsczmg5rmfxpiq.pages.dev/smart89/
Certificate
IssuerGoogle Trust Services LLC
Subjectgsczmg5rmfxpiq.pages.dev
Fingerprint41:63:8C:58:C0:46:D0:D6:57:F5:D0:0E:23:CB:A6:8D:3E:81:0E:C8
ValidityThu, 07 Mar 2024 02:50:35 GMT - Wed, 05 Jun 2024 02:50:34 GMT

File type

Size
1.1 MB (1050270 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /smart89/w1.png HTTP/1.1
Host: gsczmg5rmfxpiq.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gsczmg5rmfxpiq.pages.dev/smart89/
DNT: 1
Connection: keep-alive
Cookie: PHPREFS=full
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:11:45 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"4b94ef820b3d56e0cdf2cfe48848ce5b"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=10ijrLo2%2BjnQWIiZ%2BAM4sb%2BnS32LFswWiWiIaxTRpcudlKXKVpw3o26TeFjv2qMHioNHz66U5aH8A7xH5r0yRtKCDdueeVUeyYvNtkN7JGLrPqwaAp%2BaUQLgMh2O4F3Pj2mnrmxFk8nYtr0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd5c6ab84a56aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

gsczmg5rmfxpiq.pages.dev/smart89/js/oouAunrzBK.js

188.114.96.1

200 OK

85 kB

URL GET HTTP/3
gsczmg5rmfxpiq.pages.dev/smart89/js/oouAunrzBK.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gsczmg5rmfxpiq.pages.dev/smart89/
Certificate
IssuerGoogle Trust Services LLC
Subjectgsczmg5rmfxpiq.pages.dev
Fingerprint41:63:8C:58:C0:46:D0:D6:57:F5:D0:0E:23:CB:A6:8D:3E:81:0E:C8
ValidityThu, 07 Mar 2024 02:50:35 GMT - Wed, 05 Jun 2024 02:50:34 GMT

File type
JavaScript source, ASCII text, with very long lines (32478)
Size
85 kB (84734 bytes)
Hash
433b079c773ae63f4e1af2f9b92d09f1
54f6987c955ace72deb8864572be36e526029614
e6aa5558980389b32f515fbccd1c46dd127ceb9705908f2df2405c96713a5e7c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /smart89/js/oouAunrzBK.js HTTP/1.1
Host: gsczmg5rmfxpiq.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gsczmg5rmfxpiq.pages.dev/smart89/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:11:29 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"0194b4a6ea0f5c52fb89ceca7a265a8b"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mx9LrU0iR7gqj8v1gE8CA%2F1c3LLx6ATEeW%2BAqnH7Z1kYxa%2Far9w0bBPsrwGTmyistOqcBIST8j%2BLjO%2FUZ%2BD3OvTyVcJ7Z2%2BWFWFpXsf6GWF2o1lRmRc4cRwhLSWu8HtoS6bbUN19VyeNshI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd5c0608ce56aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

gsczmg5rmfxpiq.pages.dev/smart89/js/GBrRreEdVgBn.js

188.114.96.1

200 OK

2.1 kB

URL GET HTTP/3
gsczmg5rmfxpiq.pages.dev/smart89/js/GBrRreEdVgBn.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gsczmg5rmfxpiq.pages.dev/smart89/
Certificate
IssuerGoogle Trust Services LLC
Subjectgsczmg5rmfxpiq.pages.dev
Fingerprint41:63:8C:58:C0:46:D0:D6:57:F5:D0:0E:23:CB:A6:8D:3E:81:0E:C8
ValidityThu, 07 Mar 2024 02:50:35 GMT - Wed, 05 Jun 2024 02:50:34 GMT

File type
JavaScript source, ASCII text, with very long lines (2121), with no line terminators
Size
2.1 kB (2051 bytes)
Hash
96023f18be84f9e6c243c3d79ff9d8a3
72541f369090d160c13b24fe0a3a5cc22ca135bd
5c4ac3fbd2f81a4db1ef2cf77e1c9bad67fce05f8c24832615edb65b11612efe

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /smart89/js/GBrRreEdVgBn.js HTTP/1.1
Host: gsczmg5rmfxpiq.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gsczmg5rmfxpiq.pages.dev/smart89/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:11:29 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"f423f9c7d2b9809bb9730e80eb5dcd74"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FO5gkx4GjfGhh9LLFc2Sd56DH4vavewRGGY0lF0nezhyJ130gzlAC%2BjVRUE%2BVup7%2FB4gnBPdHcsZo45WMwFryTZtpCMv203nNWP1VqFH0AiHN%2FCYB0XhXEKXsy4ENbLtoydzkHn1qDRsrf4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd5c0638e456aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

gsczmg5rmfxpiq.pages.dev/smart89/css/VeimKRyRpfwt.css

188.114.96.1

200 OK

18 kB

URL GET HTTP/3
gsczmg5rmfxpiq.pages.dev/smart89/css/VeimKRyRpfwt.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gsczmg5rmfxpiq.pages.dev/smart89/
Certificate
IssuerGoogle Trust Services LLC
Subjectgsczmg5rmfxpiq.pages.dev
Fingerprint41:63:8C:58:C0:46:D0:D6:57:F5:D0:0E:23:CB:A6:8D:3E:81:0E:C8
ValidityThu, 07 Mar 2024 02:50:35 GMT - Wed, 05 Jun 2024 02:50:34 GMT

File type
assembler source, ASCII text, with very long lines (324)
Size
18 kB (18499 bytes)
Hash
be51dec2ec4c5ef755f166ff3349e4ca
c5c54348577bb4668727b977a7269cb731b3ba22
6e568bcb7de5e28980f77f4c1fddc986c7f95d330678f81d80a81dc783869642

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /smart89/css/VeimKRyRpfwt.css HTTP/1.1
Host: gsczmg5rmfxpiq.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gsczmg5rmfxpiq.pages.dev/smart89/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:11:28 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"e587787a39964ef6510557d4e2359644"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kZuzYYdt6bQEotnmXOcnsvUKE3LndeGGfj9sBDVJZMfbPC9jQ3K1%2B8HbLTizKMuaaPZ6Ma%2B85vKfVC1keORilC%2BxWbEJYjPaBeECiVW9oWvvA5qCYYdzptHHIn0NXGVGveaRIztAKwamZ5o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd5c05788d56aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

gsczmg5rmfxpiq.pages.dev/smart89/js/TFaWvDMBLZK.js

188.114.96.1

200 OK

483 B

URL GET HTTP/3
gsczmg5rmfxpiq.pages.dev/smart89/js/TFaWvDMBLZK.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gsczmg5rmfxpiq.pages.dev/smart89/
Certificate
IssuerGoogle Trust Services LLC
Subjectgsczmg5rmfxpiq.pages.dev
Fingerprint41:63:8C:58:C0:46:D0:D6:57:F5:D0:0E:23:CB:A6:8D:3E:81:0E:C8
ValidityThu, 07 Mar 2024 02:50:35 GMT - Wed, 05 Jun 2024 02:50:34 GMT

File type
JavaScript source, ASCII text, with very long lines (505), with no line terminators
Size
483 B (483 bytes)
Hash
77646cb1158954c263c293cba84c26fa
3dde3ec8e3fb0b8589037c4c8ea2db8d88f20c62
4c0946161ef3934782c2907cd2ba4b08e1d73e2553f28d3b63093d05e1f96ad6

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /smart89/js/TFaWvDMBLZK.js HTTP/1.1
Host: gsczmg5rmfxpiq.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gsczmg5rmfxpiq.pages.dev/smart89/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:11:29 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"71dc786d2578c420d6f19c6556392814"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zGnMqIDUgotDVfSN%2BeAZ1ymQg86UDELQ5MtVM9zU4KPo2nntdDyZTtuyfi3XF7%2Bl1nvDNA%2BD%2BkImbxvbJk8yM2IPTM9lNzgX3Lt2UBLYDfWf8VCvVxx%2F9Pgna8yGKQ83%2FdHIk4oVzIAdpZg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd5c0638e556aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

gsczmg5rmfxpiq.pages.dev/smart89/js/kwVwgUClEmIkmC.js

188.114.96.1

200 OK

235 B

URL GET HTTP/3
gsczmg5rmfxpiq.pages.dev/smart89/js/kwVwgUClEmIkmC.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gsczmg5rmfxpiq.pages.dev/smart89/
Certificate
IssuerGoogle Trust Services LLC
Subjectgsczmg5rmfxpiq.pages.dev
Fingerprint41:63:8C:58:C0:46:D0:D6:57:F5:D0:0E:23:CB:A6:8D:3E:81:0E:C8
ValidityThu, 07 Mar 2024 02:50:35 GMT - Wed, 05 Jun 2024 02:50:34 GMT

File type
ASCII text, with no line terminators
Size
235 B (235 bytes)
Hash
21563f78817e5ef4c05ee728a5a3ecb0
4182d333ee4834d2e53f40dea507867a7664565c
e48abe7e6d0c2f0d62c314c0c86222a76071232320a95db7c26f346d11210930

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /smart89/js/kwVwgUClEmIkmC.js HTTP/1.1
Host: gsczmg5rmfxpiq.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gsczmg5rmfxpiq.pages.dev/smart89/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:11:29 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"7b5808093accddee8c61ce2ca8ae0470"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vv0VBCYWj%2B6tFGCqBVIO5nxnEK2E02uQBtgGWi7iqMI%2BYEqfyB9R6dRzRSjkkS1IYFWx7ub0GxskhkVl6WA584KFysZwvqWgSoJkpYp6TAN2p%2BtLMS3Kbbx%2FMSTOtF4Zpfh7iZde61DwxgA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd5c0638e956aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

gsczmg5rmfxpiq.pages.dev/smart89/images/gOwYYJJOwddw.png

188.114.96.1

200 OK

483 kB

URL GET HTTP/3
gsczmg5rmfxpiq.pages.dev/smart89/images/gOwYYJJOwddw.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gsczmg5rmfxpiq.pages.dev/smart89/
Certificate
IssuerGoogle Trust Services LLC
Subjectgsczmg5rmfxpiq.pages.dev
Fingerprint41:63:8C:58:C0:46:D0:D6:57:F5:D0:0E:23:CB:A6:8D:3E:81:0E:C8
ValidityThu, 07 Mar 2024 02:50:35 GMT - Wed, 05 Jun 2024 02:50:34 GMT

File type
PNG image data, 1920 x 4236, 8-bit colormap, non-interlaced
Size
483 kB (483167 bytes)
Hash
c3aa26411736b8f01982741dbd37b043
bad171a74fb4b5d1f433197b66bcd24db953fd90
11d4d0aa8bf0ab597bee785cd9d03301787faee4aae43d66ab53b15f0fe7d849

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /smart89/images/gOwYYJJOwddw.png HTTP/1.1
Host: gsczmg5rmfxpiq.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gsczmg5rmfxpiq.pages.dev/smart89/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:11:29 GMT
content-type: image/png
content-length: 483167
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "43870a7a4f9f16f9812e7ea40932c185"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xQN1ZkKfuggk0a2qZ3z4mS18Pt%2FhiS8%2FdR%2Fy179htR9bthZWHCFV%2B6jZmxLZuCMf2q2DS3snTJsxwtELXvfbqUfsUj3N%2BoC3mCYWR4e59a%2FBTr5aP6A7PaAUkIGfwOmtjyhQjIXkdT5BtW4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd5c0608cf56aa-OSL
alt-svc: h3=":443"; ma=86400

gsczmg5rmfxpiq.pages.dev/smart89/w1.png

188.114.96.1

200 OK

1.1 MB

URL GET HTTP/3
gsczmg5rmfxpiq.pages.dev/smart89/w1.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gsczmg5rmfxpiq.pages.dev/smart89/
Certificate
IssuerGoogle Trust Services LLC
Subjectgsczmg5rmfxpiq.pages.dev
Fingerprint41:63:8C:58:C0:46:D0:D6:57:F5:D0:0E:23:CB:A6:8D:3E:81:0E:C8
ValidityThu, 07 Mar 2024 02:50:35 GMT - Wed, 05 Jun 2024 02:50:34 GMT

File type

Size
1.1 MB (1050270 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /smart89/w1.png HTTP/1.1
Host: gsczmg5rmfxpiq.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gsczmg5rmfxpiq.pages.dev/smart89/
DNT: 1
Connection: keep-alive
Cookie: PHPREFS=full
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:11:39 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"4b94ef820b3d56e0cdf2cfe48848ce5b"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EJLa8mWLtUyhwn2MwVutIkVl2rj7ZXgltS%2FM2yqnxoseS9DW8aIWoHkTiBkBw8KknokNhzKO%2BFUus8n30C7mcTnAwfOuICzd8tbHvdNzG0m4y5eCd06y%2Fv9a6x1Viw8XSqNqRo8QgqY8Tx8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd5c453a3c56aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

gsczmg5rmfxpiq.pages.dev/smart89/w3.png

188.114.96.1

200 OK

1.1 MB

URL GET HTTP/3
gsczmg5rmfxpiq.pages.dev/smart89/w3.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gsczmg5rmfxpiq.pages.dev/smart89/
Certificate
IssuerGoogle Trust Services LLC
Subjectgsczmg5rmfxpiq.pages.dev
Fingerprint41:63:8C:58:C0:46:D0:D6:57:F5:D0:0E:23:CB:A6:8D:3E:81:0E:C8
ValidityThu, 07 Mar 2024 02:50:35 GMT - Wed, 05 Jun 2024 02:50:34 GMT

File type

Size
1.1 MB (1050270 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /smart89/w3.png HTTP/1.1
Host: gsczmg5rmfxpiq.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gsczmg5rmfxpiq.pages.dev/smart89/
DNT: 1
Connection: keep-alive
Cookie: PHPREFS=full
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:11:36 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"4b94ef820b3d56e0cdf2cfe48848ce5b"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fXsMS9A%2FGol7VeFg%2BToY7xjcVNhvxeURH9GOjqe3GtKoFfnMIrfNQs74yIS%2FV7fkr%2BEaIfizyCHtodBj7Au5%2BWCOd02OhITBNKWk7MZEKK1eBJm%2FDtFmp08TeWqOuCDogQ4MMo0049uahWk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd5c327ab156aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

gsczmg5rmfxpiq.pages.dev/smart89/w3.png

188.114.96.1

200 OK

1.1 MB

URL GET HTTP/3
gsczmg5rmfxpiq.pages.dev/smart89/w3.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gsczmg5rmfxpiq.pages.dev/smart89/
Certificate
IssuerGoogle Trust Services LLC
Subjectgsczmg5rmfxpiq.pages.dev
Fingerprint41:63:8C:58:C0:46:D0:D6:57:F5:D0:0E:23:CB:A6:8D:3E:81:0E:C8
ValidityThu, 07 Mar 2024 02:50:35 GMT - Wed, 05 Jun 2024 02:50:34 GMT

File type

Size
1.1 MB (1050270 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /smart89/w3.png HTTP/1.1
Host: gsczmg5rmfxpiq.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gsczmg5rmfxpiq.pages.dev/smart89/
DNT: 1
Connection: keep-alive
Cookie: PHPREFS=full
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:11:40 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"4b94ef820b3d56e0cdf2cfe48848ce5b"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6F9JVEokXIJKllvAnMA8XtfEszr3vGcozQxTr38mRE0uuuwKt9aZl26h9qFCPAFpnL4Tcq2GfobT1IlYuU9uvOMgW1kBSRIsGj4VBdHy4PPEEUnKSR7FFEFA6C113uzbgMZimeznHAFmHaA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd5c4b7c2a56aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

gsczmg5rmfxpiq.pages.dev/smart89/w3.png

188.114.96.1

200 OK

1.1 MB

URL GET HTTP/3
gsczmg5rmfxpiq.pages.dev/smart89/w3.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gsczmg5rmfxpiq.pages.dev/smart89/
Certificate
IssuerGoogle Trust Services LLC
Subjectgsczmg5rmfxpiq.pages.dev
Fingerprint41:63:8C:58:C0:46:D0:D6:57:F5:D0:0E:23:CB:A6:8D:3E:81:0E:C8
ValidityThu, 07 Mar 2024 02:50:35 GMT - Wed, 05 Jun 2024 02:50:34 GMT

File type

Size
1.1 MB (1050270 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /smart89/w3.png HTTP/1.1
Host: gsczmg5rmfxpiq.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gsczmg5rmfxpiq.pages.dev/smart89/
DNT: 1
Connection: keep-alive
Cookie: PHPREFS=full
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:11:42 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"4b94ef820b3d56e0cdf2cfe48848ce5b"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YF35iOGwenBFQX%2Bf%2FkevYpa3S%2FXa63qIFBshv2Cb7Qi3owdWO%2F%2BLthXPxEL1tR14ojE7ZQzCXL4ZFAPbdZm99Qkyq%2BgK%2BaeZub8WdCiIUDs8QJNf0S6ZMHONEciVJ20aPeXFLz6Fqsak%2BTQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd5c57f89b56aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (39)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations