| mrsolvento.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js | 104.18.245.24 | | 32 kB |
URL mrsolvento.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js IP104.18.245.24:0
File typeJavaScript source, ASCII text, with very long lines (65447) Hash641dd14370106e992d352166f5a07e99 eda46747c71d38a880bee44f9a439c3858bb8f99 a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
GET /package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js HTTP/1.1
Host: mrsolvento.bubbleapps.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mrsolvento.bubbleapps.io/
DNT: 1
Connection: keep-alive
Cookie: mrsolvento_test_u2main=bus|1715143859693x494201655168448500|1715143859716x527923586352503400; mrsolvento_test_u2main.sig=kUvVwUcVJE-vnWKZ3Cfb5Lr-sZs; mrsolvento_u1_testmain=1715143859693x494201655168448500
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 04:51:00 GMT
content-type: application/javascript
x-powered-by: Express
cache-control: public, max-age=31536000
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
x-bubble-perf: {"total":23.9,"percents":{"top":{"bubble_cpu":10.4,"block":84.3,"capacity_rl":0,"other_pause":0,"pre_fiber":3.1},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":60.1,"appserver_cache_misses_time":0,"redis":59.1,"fiber_queue":3.9,"capacity_wait":15.7}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":11,"fiber_queue":12,"blocks":11},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":373869}}
x-bubble-capacity-used: 0.006 unit-seconds used
x-bubble-capacity-limit: 0 ms slower
cf-cache-status: HIT
server: cloudflare
cf-ray: 8806d5052c7db517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| mrsolvento.bubbleapps.io/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/early.js | 104.18.245.24 | | 11 kB |
URL mrsolvento.bubbleapps.io/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/early.js IP104.18.245.24:0
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (1366) Hash5dbf806421d5dd97b86016ab9fd1b9a1 82504056bb4e5b9cae17ff042c1562d75ba04bc5 450e62180e870526d437f065fa76a5d4e31517905e37a98184ef79b0fc2abd5b
GET /package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/early.js HTTP/1.1
Host: mrsolvento.bubbleapps.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mrsolvento.bubbleapps.io/
DNT: 1
Connection: keep-alive
Cookie: mrsolvento_test_u2main=bus|1715143859693x494201655168448500|1715143859716x527923586352503400; mrsolvento_test_u2main.sig=kUvVwUcVJE-vnWKZ3Cfb5Lr-sZs; mrsolvento_u1_testmain=1715143859693x494201655168448500
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 04:51:00 GMT
content-type: application/javascript
x-powered-by: Express
cache-control: public, max-age=31536000
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
x-bubble-perf: {"total":34.6,"percents":{"top":{"bubble_cpu":8.5,"block":69.5,"capacity_rl":0,"other_pause":0,"pre_fiber":21.4},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":13.2,"appserver_cache_misses_time":0,"redis":44.6,"fiber_queue":16.6,"capacity_wait":8.7}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":8,"fiber_queue":11,"blocks":10},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":443007}}
x-bubble-capacity-used: 0.007 unit-seconds used
x-bubble-capacity-limit: 0 ms slower
cf-cache-status: HIT
server: cloudflare
cf-ray: 8806d5052c7bb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| mrsolvento.bubbleapps.io/package/run_css/fa656905900f64d67e9a6fbf878789880d2a5bb30cbe87fac41ba69889ea8377/mrsolvento/test/index/xfalse/xfalse/run.css | 104.18.245.24 | | 55 kB |
URL mrsolvento.bubbleapps.io/package/run_css/fa656905900f64d67e9a6fbf878789880d2a5bb30cbe87fac41ba69889ea8377/mrsolvento/test/index/xfalse/xfalse/run.css IP104.18.245.24:0
File typeUnicode text, UTF-8 text, with very long lines (44850), with no line terminators Hash2bc9a97bdb2818de492302f3d4e82471 03d99169c8e0a3c38b0ea7d76d377628716a787b d08e3aaac435d3b3f4854aa755bce3178baa4adac9ecd717f7833d99293bb526
GET /package/run_css/fa656905900f64d67e9a6fbf878789880d2a5bb30cbe87fac41ba69889ea8377/mrsolvento/test/index/xfalse/xfalse/run.css HTTP/1.1
Host: mrsolvento.bubbleapps.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mrsolvento.bubbleapps.io/
DNT: 1
Connection: keep-alive
Cookie: mrsolvento_test_u2main=bus|1715143859693x494201655168448500|1715143859716x527923586352503400; mrsolvento_test_u2main.sig=kUvVwUcVJE-vnWKZ3Cfb5Lr-sZs; mrsolvento_u1_testmain=1715143859693x494201655168448500
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 04:51:00 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=58654
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
vary: Accept-Encoding
x-bubble-capacity-limit: 0 ms slower
x-bubble-capacity-used: 0.037 unit-seconds used
x-bubble-perf: {"total":101.3,"percents":{"top":{"bubble_cpu":15.7,"block":82.1,"capacity_rl":0,"other_pause":0,"pre_fiber":1.1},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":9.3,"appserver_cache_misses_time":0,"redis":41.9,"fiber_queue":2.3,"capacity_wait":1.7}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":2,"derived_cache_memory_misses":2,"serverjson":15,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":24,"fiber_queue":27,"blocks":26},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":2383318}}
x-powered-by: Express
cf-cache-status: HIT
server: cloudflare
cf-ray: 8806d5052c7cb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | | 48 kB |
URL fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:0
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mrsolvento.bubbleapps.io
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:35:00 GMT
expires: Fri, 02 May 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 526561
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | | 48 kB |
URL fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:0
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mrsolvento.bubbleapps.io
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:35:00 GMT
expires: Fri, 02 May 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 526561
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| pub-288f7cbe2df4494985bd2a37a881cc26.r2.dev/owaaa.html | 104.18.3.35 | | 42 kB |
URL pub-288f7cbe2df4494985bd2a37a881cc26.r2.dev/owaaa.html IP104.18.3.35:0
File typeHTML document, ASCII text, with very long lines (27250), with CRLF line terminators Hashaf05dcbcda1d9a26bc008e114ed6d4cd 7e2a59df39b0b996f70cb3847183985304410639 6d73f232473f1b884e62546ddec747568f250c83fd75ddf697a8137580fb59b2
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /owaaa.html HTTP/1.1
Host: pub-288f7cbe2df4494985bd2a37a881cc26.r2.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mrsolvento.bubbleapps.io/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 04:51:02 GMT
Content-Type: text/html
Content-Length: 41803
Connection: keep-alive
Accept-Ranges: bytes
ETag: "af05dcbcda1d9a26bc008e114ed6d4cd"
Last-Modified: Tue, 07 May 2024 22:14:49 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8806d5106d1356b5-OSL
|
|
| notify.bubble.io/ | 104.17.123.183 | | 0 B |
IP104.17.123.183:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: notify.bubble.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://mrsolvento.bubbleapps.io
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: F5/PM7xuFnFih7RlJVMYcQ==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Wed, 08 May 2024 04:51:02 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: z6g7C048Pgb2OWv/IjGq8Uw+4aI=
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 8806d5100f250b02-OSL
alt-svc: h3=":443"; ma=86400
|
|
| notify.bubble.io/ | 104.17.123.183 | | 0 B |
IP104.17.123.183:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: notify.bubble.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://mrsolvento.bubbleapps.io
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ob4XtCkHt5a+GWCtICXNyQ==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Wed, 08 May 2024 04:51:02 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: oAj5ST9wlecLWdWqB+93gwusF3g=
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 8806d5106b6556a8-OSL
alt-svc: h3=":443"; ma=86400
|
|
| pub-288f7cbe2df4494985bd2a37a881cc26.r2.dev/owaaa.html | 104.18.3.35 | 200 OK | 42 kB |
URL User Request GET HTTP/1.1pub-288f7cbe2df4494985bd2a37a881cc26.r2.dev/owaaa.html IP104.18.3.35:443
CertificateIssuerLet's Encrypt Subject*.r2.dev Fingerprint48:74:F0:98:E0:A1:57:3E:86:18:BF:B3:DC:C9:7A:5B:53:50:FE:E0 ValidityFri, 05 Apr 2024 15:25:24 GMT - Thu, 04 Jul 2024 15:25:23 GMT
File typeHTML document, ASCII text, with very long lines (27250), with CRLF line terminators Hashaf05dcbcda1d9a26bc008e114ed6d4cd 7e2a59df39b0b996f70cb3847183985304410639 6d73f232473f1b884e62546ddec747568f250c83fd75ddf697a8137580fb59b2
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft |
GET /owaaa.html HTTP/1.1
Host: pub-288f7cbe2df4494985bd2a37a881cc26.r2.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mrsolvento.bubbleapps.io/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 04:51:02 GMT
Content-Type: text/html
Content-Length: 41803
Connection: keep-alive
Accept-Ranges: bytes
ETag: "af05dcbcda1d9a26bc008e114ed6d4cd"
Last-Modified: Tue, 07 May 2024 22:14:49 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8806d5106d1356b5-OSL
|
|