| 17564w5ertyu33-9728635h.surge.sh/ | 188.166.132.94 | 200 OK | 7.0 kB |
URL User Request GET HTTP/1.117564w5ertyu33-9728635h.surge.sh/ IP188.166.132.94:443 ASN#14061 DIGITALOCEAN-ASN
CertificateIssuerSectigo Limited Subject*.surge.sh Fingerprint94:A8:88:4D:CE:F7:21:78:C0:1F:3A:A3:E5:B3:40:18:17:AD:A2:E6 ValiditySun, 23 Apr 2023 00:00:00 GMT - Sat, 18 May 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (27554), with CRLF line terminators Hashcb0cb7b1128eda2bed8f66dc03a6bbf5 a8a13d53aeef435e076937471099636faef770c9 3c1944e9a792126a4bf31d02f96269dcfcc7541f2042e0bb6bad4207604113e7
Analyzer | Verdict | Alert | OpenPhish | phishing | Outlook |
GET / HTTP/1.1
Host: 17564w5ertyu33-9728635h.surge.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Surge
Surge-Cache: HIT
Surge-Stamp: 11958::1706600484983-cb0cb7b1128eda2bed8f66dc03a6bbf5
Age: 5041444
Date: Thu, 28 Mar 2024 16:10:02 GMT
Cache-Control: public, max-age=0, must-revalidate
ETag: "3c1944e9a792126a4bf31d02f96269dcfcc7541f2042e0bb6bad4207604113e7"
Content-Type: text/html; charset=UTF-8
Accept-Ranges: bytes
Response-Time: 15ms
Vary: Accept-Encoding
Content-Encoding: gzip
Connection: close
Transfer-Encoding: chunked
|
|
| 17564w5ertyu33-9728635h.surge.sh/favicon.ico | 188.166.132.94 | 404 Not Found | 8.2 kB |
URL GET HTTP/1.117564w5ertyu33-9728635h.surge.sh/favicon.ico IP188.166.132.94:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://17564w5ertyu33-9728635h.surge.sh/ CertificateIssuerSectigo Limited Subject*.surge.sh Fingerprint94:A8:88:4D:CE:F7:21:78:C0:1F:3A:A3:E5:B3:40:18:17:AD:A2:E6 ValiditySun, 23 Apr 2023 00:00:00 GMT - Sat, 18 May 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (6824) Hash56d9db00543382055098e36400876fd3 069abcf2cca5e0e2cd4f0522474f22978fe537ed 5d37f9379291a60f698c2ed035bf47041f32a53251424774300f079e73d33468
Analyzer | Verdict | Alert | OpenPhish | phishing | Outlook |
GET /favicon.ico HTTP/1.1
Host: 17564w5ertyu33-9728635h.surge.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://17564w5ertyu33-9728635h.surge.sh/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: Surge
Surge-Cache: HIT
Surge-Stamp: 956::1706600484983
Content-Type: text/html; charset=utf-8
Content-Length: 8247
ETag: W/"2037-Bpq88syl4OLNTwUiR08il4/lN+0"
Date: Thu, 28 Mar 2024 16:10:03 GMT
Connection: close
|
|
| pub-78666b69974941c7bed46714f5104ca1.r2.dev/itj.html | 104.18.3.35 | | 477 kB |
URL pub-78666b69974941c7bed46714f5104ca1.r2.dev/itj.html IP104.18.3.35:0
File typeHTML document, ASCII text, with very long lines (65423), with CRLF line terminators Size477 kB (477177 bytes) Hashbe09030333de30fa85a62bfbf2139fd7 b055f6755c6e9942964cbceb7673bcf7d2c81861 1b47431c69a3b99806c2d02227da9492713d9a355fa6d794fb38b3e2bff604b5
Analyzer | Verdict | Alert | OpenPhish | phishing | Outlook | PhishTank | phishing | Other |
GET /itj.html HTTP/1.1
Host: pub-78666b69974941c7bed46714f5104ca1.r2.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://17564w5ertyu33-9728635h.surge.sh/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 16:10:04 GMT
Content-Type: text/html
Content-Length: 477177
Connection: keep-alive
Accept-Ranges: bytes
ETag: "be09030333de30fa85a62bfbf2139fd7"
Last-Modified: Tue, 30 Jan 2024 07:32:05 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 86b8e3627d9bb50f-OSL
|
|
| user--images-githubusercontent-com.translate.goog/49370837/244057690-cb865425-68e9-45cf-835a-3c66ea5a1c1c.png?nsdTMOSyuLIwKaYWdwTLMwNLcqu | 142.250.74.33 | 200 OK | 50 kB |
URL GET HTTP/2user--images-githubusercontent-com.translate.goog/49370837/244057690-cb865425-68e9-45cf-835a-3c66ea5a1c1c.png?nsdTMOSyuLIwKaYWdwTLMwNLcqu IP142.250.74.33:443
Requested byhttps://17564w5ertyu33-9728635h.surge.sh/ CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com Fingerprint45:D1:C0:2D:E8:A2:E4:6C:89:C5:B6:FE:AE:99:83:B1:CA:66:17:CF ValidityMon, 26 Feb 2024 08:17:52 GMT - Mon, 20 May 2024 08:17:51 GMT
File typePNG image data, 1427 x 351, 8-bit/color RGBA, non-interlaced Hash252b9597282ded2b3b08be70ac5c3ca5 ced964c3a90c5e002f8edb7c5500969505d971c9 f6fc942b40833293cdfb4f4e718240763f88ce736fc7b0e9d032fcaf24c55a9d
GET /49370837/244057690-cb865425-68e9-45cf-835a-3c66ea5a1c1c.png?nsdTMOSyuLIwKaYWdwTLMwNLcqu HTTP/1.1
Host: user--images-githubusercontent-com.translate.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://17564w5ertyu33-9728635h.surge.sh/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
age: 0
last-modified: Wed, 07 Jun 2023 12:26:56 GMT
x-robots-tag: none
content-security-policy: frame-ancestors *.translate.goog
content-type: image/png
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: unsafe-none
date: Thu, 28 Mar 2024 16:10:03 GMT
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_wixdbz3ubznoegxpcgkfog2.css | 13.107.213.53 | 200 OK | 20 kB |
URL GET HTTP/2aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_wixdbz3ubznoegxpcgkfog2.css IP13.107.213.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://pub-78666b69974941c7bed46714f5104ca1.r2.dev/itj.html# CertificateIssuerDigiCert Inc Subjectaadcdn.msauth.net FingerprintEB:7C:D1:4E:EF:B5:D4:72:25:0B:1A:AF:5F:10:3D:EA:13:80:5A:47 ValidityMon, 29 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT
File typeASCII text, with very long lines (61177) Hash5a25dd6f3dd40593681065e908691fa2 2f0d8a2c1c76b8b6d5354240907d353701aa11b7 a96b2b12489a80eafe62cc4bcc04cb367e2b54efc3039e484211c7deec12c0b8
GET /ests/2.1/content/cdnbundles/converged.v2.login.min_wixdbz3ubznoegxpcgkfog2.css HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pub-78666b69974941c7bed46714f5104ca1.r2.dev
DNT: 1
Connection: keep-alive
Referer: https://pub-78666b69974941c7bed46714f5104ca1.r2.dev/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 28 Mar 2024 16:10:05 GMT
content-type: text/css
content-length: 19750
cache-control: public, max-age=31536000
content-encoding: gzip
last-modified: Tue, 18 Aug 2020 21:44:27 GMT
etag: 0x8D843BFE1586E6F
x-ms-request-id: 23ace70c-d01e-0037-44c2-7e1581000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20240328T161005Z-dnsumt53rx0e1b12yf0wrpuavs000000095000000000541h
x-fd-int-roxy-purgeid: 4554691
x-cache: TCP_HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg | 13.107.213.53 | 200 OK | 673 B |
URL GET HTTP/2aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg IP13.107.213.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://pub-78666b69974941c7bed46714f5104ca1.r2.dev/itj.html# CertificateIssuerDigiCert Inc Subjectaadcdn.msauth.net FingerprintEB:7C:D1:4E:EF:B5:D4:72:25:0B:1A:AF:5F:10:3D:EA:13:80:5A:47 ValidityMon, 29 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashbc3d32a696895f78c19df6c717586a5d 9191cb156a30a3ed79c44c0a16c95159e8ff689d 0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
GET /shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-78666b69974941c7bed46714f5104ca1.r2.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 28 Mar 2024 16:10:05 GMT
content-type: image/svg+xml
content-length: 673
cache-control: public, max-age=31536000
content-encoding: gzip
last-modified: Wed, 12 Feb 2020 22:01:30 GMT
etag: 0x8D7B0071D86E386
x-ms-request-id: 24cdda0b-401e-0026-6aae-7a8ea1000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20240328T161005Z-7040kpf5dx1998yd7ge58qfqp4000000070g0000000019h5
x-fd-int-roxy-purgeid: 4554691
x-cache: TCP_HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| aadcdn.msauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico | 13.107.213.53 | 200 OK | 17 kB |
URL GET HTTP/2aadcdn.msauth.net/ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico IP13.107.213.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://pub-78666b69974941c7bed46714f5104ca1.r2.dev/itj.html# CertificateIssuerDigiCert Inc Subjectaadcdn.msauth.net FingerprintEB:7C:D1:4E:EF:B5:D4:72:25:0B:1A:AF:5F:10:3D:EA:13:80:5A:47 ValidityMon, 29 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT
File typeMS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors Hash12e3dac858061d088023b2bd48e2fa96 e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5 90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
GET /ests/2.1/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-78666b69974941c7bed46714f5104ca1.r2.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 28 Mar 2024 16:10:05 GMT
content-type: image/x-icon
content-length: 17174
cache-control: public, max-age=604800
last-modified: Fri, 02 Nov 2018 20:25:25 GMT
etag: 0x8D6410152A9D7E1
x-ms-request-id: 9a0733ce-f01e-0019-670b-7e26af000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20240328T161005Z-7040kpf5dx1998yd7ge58qfqp4000000070g0000000019h7
x-fd-int-roxy-purgeid: 4554691
x-cache: TCP_HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_wixdbz3ubznoegxpcgkfog2.css | 13.107.213.53 | 200 OK | 20 kB |
URL GET HTTP/2aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_wixdbz3ubznoegxpcgkfog2.css IP13.107.213.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://pub-78666b69974941c7bed46714f5104ca1.r2.dev/itj.html# CertificateIssuerDigiCert Inc Subjectaadcdn.msauth.net FingerprintEB:7C:D1:4E:EF:B5:D4:72:25:0B:1A:AF:5F:10:3D:EA:13:80:5A:47 ValidityMon, 29 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT
File typeASCII text, with very long lines (61177) Hash5a25dd6f3dd40593681065e908691fa2 2f0d8a2c1c76b8b6d5354240907d353701aa11b7 a96b2b12489a80eafe62cc4bcc04cb367e2b54efc3039e484211c7deec12c0b8
GET /ests/2.1/content/cdnbundles/converged.v2.login.min_wixdbz3ubznoegxpcgkfog2.css HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://pub-78666b69974941c7bed46714f5104ca1.r2.dev/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 28 Mar 2024 16:10:05 GMT
content-type: text/css
content-length: 19750
cache-control: public, max-age=31536000
content-encoding: gzip
last-modified: Tue, 18 Aug 2020 21:44:27 GMT
etag: 0x8D843BFE1586E6F
x-ms-request-id: 23ace70c-d01e-0037-44c2-7e1581000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20240328T161005Z-7040kpf5dx1998yd7ge58qfqp4000000070g0000000019h8
x-fd-int-roxy-purgeid: 4554691
x-cache-info: L1_T2
x-cache: TCP_HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_yruqtyo0qslo70l4a-_ung2.js | 13.107.213.53 | 200 OK | 11 kB |
URL GET HTTP/2aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_yruqtyo0qslo70l4a-_ung2.js IP13.107.213.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://pub-78666b69974941c7bed46714f5104ca1.r2.dev/itj.html# CertificateIssuerDigiCert Inc Subjectaadcdn.msauth.net FingerprintEB:7C:D1:4E:EF:B5:D4:72:25:0B:1A:AF:5F:10:3D:EA:13:80:5A:47 ValidityMon, 29 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (32009) Hash61152ab723b4aac94eef497803efd436 9dd07deea63389c32b6c297ea0385b0329fe8f1d fff0b1c545c2119a2855b9028567640f4145c079eff9b48da0ddf66dc8d92f6c
GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_yruqtyo0qslo70l4a-_ung2.js HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://pub-78666b69974941c7bed46714f5104ca1.r2.dev/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 28 Mar 2024 16:10:05 GMT
content-type: application/x-javascript
content-length: 11322
cache-control: public, max-age=31536000
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 03:03:49 GMT
etag: 0x8D83E6C5642CD2B
x-ms-request-id: c127190b-c01e-0012-76db-7c03b8000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20240328T161005Z-7040kpf5dx1998yd7ge58qfqp4000000070g0000000019h9
x-fd-int-roxy-purgeid: 4554691
x-cache: TCP_HIT
x-cache-info: L1_T2
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| login.live.com/Me.htm?v=3 | 20.190.177.83 | 200 OK | 1.1 kB |
URL GET HTTP/1.1login.live.com/Me.htm?v=3 IP20.190.177.83:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://pub-78666b69974941c7bed46714f5104ca1.r2.dev/itj.html# CertificateIssuerDigiCert Inc Subjectlogin.live.com Fingerprint7C:A4:1B:29:3E:A1:BF:5E:7E:96:CD:E4:E3:B6:B5:D3:02:3B:E8:6E ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 08 Feb 2025 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (2345), with CRLF line terminators Hashe86ef8b6111e5fb1d1665bcdc90888c9 994bf7651cb967cd9053056af2d69acb74db7f29 3410242720de50b090d07a23aee2dad879b31d36f2615732962ec4cfa8a9d458
GET /Me.htm?v=3 HTTP/1.1
Host: login.live.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://pub-78666b69974941c7bed46714f5104ca1.r2.dev/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=315360000
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: Sun, 26 Mar 2034 16:10:05 GMT
Vary: Accept-Encoding
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Referrer-Policy: strict-origin-when-cross-origin
x-ms-route-info: C513_BL2
x-ms-request-id: a0fee87d-419b-4b65-a158-7eb6c25636f5
PPServer: PPV: 30 H: BL02EPF0001D78D V: 0
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
Set-Cookie: uaid=6668410bd0a24e2695e80918105c9836; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
MSPRequ=id=N<=1711642205&co=1; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
Date: Thu, 28 Mar 2024 16:10:05 GMT
Content-Length: 1132
|
|
| pub-78666b69974941c7bed46714f5104ca1.r2.dev/itj.html | 104.18.3.35 | 200 OK | 477 kB |
URL User Request GET HTTP/1.1pub-78666b69974941c7bed46714f5104ca1.r2.dev/itj.html IP104.18.3.35:443
CertificateIssuerLet's Encrypt Subject*.r2.dev FingerprintA2:61:33:D7:00:1D:E7:EF:C9:C3:35:ED:8F:FC:60:86:98:85:44:3A ValidityTue, 06 Feb 2024 16:02:29 GMT - Mon, 06 May 2024 16:02:28 GMT
File typeHTML document, ASCII text, with very long lines (65423), with CRLF line terminators Size477 kB (477177 bytes) Hashbe09030333de30fa85a62bfbf2139fd7 b055f6755c6e9942964cbceb7673bcf7d2c81861 1b47431c69a3b99806c2d02227da9492713d9a355fa6d794fb38b3e2bff604b5
Analyzer | Verdict | Alert | OpenPhish | phishing | Outlook | PhishTank | phishing | Other |
GET /itj.html HTTP/1.1
Host: pub-78666b69974941c7bed46714f5104ca1.r2.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://17564w5ertyu33-9728635h.surge.sh/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 16:10:04 GMT
Content-Type: text/html
Content-Length: 477177
Connection: keep-alive
Accept-Ranges: bytes
ETag: "be09030333de30fa85a62bfbf2139fd7"
Last-Modified: Tue, 30 Jan 2024 07:32:05 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 86b8e3627d9bb50f-OSL
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js | 142.250.74.74 | 200 OK | 90 kB |
URL GET HTTP/2ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js IP142.250.74.74:443
Requested byhttps://pub-78666b69974941c7bed46714f5104ca1.r2.dev/itj.html# CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint04:B9:D9:E0:01:DB:5E:AB:5A:FF:F0:D9:ED:39:0F:C1:63:18:51:0B ValidityMon, 26 Feb 2024 08:18:27 GMT - Mon, 20 May 2024 08:18:26 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hashdc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-78666b69974941c7bed46714f5104ca1.r2.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 02:40:23 GMT
expires: Fri, 28 Mar 2025 02:40:23 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 48582
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|