| coldlookweb.pages.dev/_next/static/chunks/213-de08aef469109332.js |  172.66.44.216 | 200 OK | 85 kB |
URL GET HTTP/3coldlookweb.pages.dev/_next/static/chunks/213-de08aef469109332.js IP172.66.44.216:443
Requested byhttps://coldlookweb.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectcoldlookweb.pages.dev Fingerprint9E:A3:42:9D:8B:14:19:EB:84:5D:68:F7:A9:D7:3C:5B:26:8D:68:E1 ValidityMon, 08 Apr 2024 22:17:29 GMT - Sun, 07 Jul 2024 22:17:28 GMT
File typeJavaScript source, ASCII text, with very long lines (58838) Hash78f27085ac6607aa68d1e5d6d1be5dca 60fcf509ce0c84ce578cf17c3705e2d43e539f45 9f6a00aff4172b980a92ff68308907a3a720aad4491d7498fabc8473d80cfd37
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Microsoft | | OpenPhish | phishing | Office365 | | PhishTank | phishing | Microsoft | | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/213-de08aef469109332.js HTTP/1.1
Host: coldlookweb.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://coldlookweb.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 18:19:59 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"0925820e2aedf72c557796d30456cac9"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yoADZ48bRgr4nJdpGeyEeCqrHaEYjFXq4aSaYvNJPDxihRJrwjACsToYObgcbTZvUjSW%2BMRmPvz5nW6cl0ErpTyZO04xSVa7VYEDiSRrrzRrw%2F8tp%2BXS8Fz%2BZuU%2FY2NiFYldIJqAXMM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880338b14f5b0b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| coldlookweb.pages.dev/_next/static/Nm6Y9YRmw04uYoOk-YDTL/_buildManifest.js | 172.66.44.216 | 200 OK | 322 B |
URL GET HTTP/3coldlookweb.pages.dev/_next/static/Nm6Y9YRmw04uYoOk-YDTL/_buildManifest.js IP172.66.44.216:443
Requested byhttps://coldlookweb.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectcoldlookweb.pages.dev Fingerprint9E:A3:42:9D:8B:14:19:EB:84:5D:68:F7:A9:D7:3C:5B:26:8D:68:E1 ValidityMon, 08 Apr 2024 22:17:29 GMT - Sun, 07 Jul 2024 22:17:28 GMT
File typeASCII text, with very long lines (338), with no line terminators Hashf8c4843f7b2871852d5a153d73e217f8 d21c49a1c25b2af08e9cd8aa254642e28333063c b616fd9b07f85ebfc5942f0e9608f3e07152e8836a4d82dca6d02c7ad0cd868e
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Microsoft | | OpenPhish | phishing | Office365 | | PhishTank | phishing | Microsoft | | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/Nm6Y9YRmw04uYoOk-YDTL/_buildManifest.js HTTP/1.1
Host: coldlookweb.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://coldlookweb.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 18:19:59 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"0d8565e2d55c869c8a1253806f56ca07"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pShgmLu9nwgp6DbS9L85jAdPdUKoKcW53XQ9ni2eQ7l8dtzi9pL07YCkvWctY6uIdVi0yLxfUX8Xia87u7GF389p1S9fp3bq3OF2WzT8L%2BOuTo6uLzvaX1QfIropTnev%2Bk%2F4deJNhsw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880338b14f620b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| | 172.66.44.216 | 200 OK | 12 kB |
URL User Request GET HTTP/2IP172.66.44.216:443
CertificateIssuerGoogle Trust Services LLC Subjectcoldlookweb.pages.dev Fingerprint9E:A3:42:9D:8B:14:19:EB:84:5D:68:F7:A9:D7:3C:5B:26:8D:68:E1 ValidityMon, 08 Apr 2024 22:17:29 GMT - Sun, 07 Jul 2024 22:17:28 GMT
File typeHTML document, ASCII text, with very long lines (11560), with no line terminators Hash94d4b97a9d9212b432ea959387ab7837 1892641acf20b03877250d6ae931d9fee6245edf 6a8a7d1a858cb5ed0b09bf80e114119051bfc2735a6054d74a362da832d4a684
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Microsoft | | OpenPhish | phishing | Office365 | | PhishTank | phishing | Microsoft | | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: coldlookweb.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 18:19:59 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"be274dc249358f05466fc38b12c3e47d"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3aJJyNBrSJ%2FIE7a5P73ohN5XuTx5CaUofKZUVfzskbDEAfxUD%2BfAAMIcEEp6DeeZjSafbpDRXMIiQuqidzG%2Fqw8sqcT2pHQfmZhq5H3FecC6jUah0c4FONYwl5Upbn1KMnuoSzUtcCA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880338ad380d56cc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| coldlookweb.pages.dev/_next/static/css/facd1d71cc5c2fca.css | 172.66.44.216 | 200 OK | 14 kB |
URL GET HTTP/3coldlookweb.pages.dev/_next/static/css/facd1d71cc5c2fca.css IP172.66.44.216:443
Requested byhttps://coldlookweb.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectcoldlookweb.pages.dev Fingerprint9E:A3:42:9D:8B:14:19:EB:84:5D:68:F7:A9:D7:3C:5B:26:8D:68:E1 ValidityMon, 08 Apr 2024 22:17:29 GMT - Sun, 07 Jul 2024 22:17:28 GMT
File typeASCII text, with very long lines (14339) Hash4fcbd5549cfcd563b9bbae4bcbf2947f 73b76b867f1785bccb1884970293aea091849b23 c4c2ca93ef7a9a8309dcff96e29561e5cd726fd909ce285614e7eb92ed57dbb2
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Microsoft | | OpenPhish | phishing | Office365 | | PhishTank | phishing | Microsoft | | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/css/facd1d71cc5c2fca.css HTTP/1.1
Host: coldlookweb.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://coldlookweb.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 18:19:59 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"98769a699af74c8555b6a85aa4fec21d"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FVwXqtcOF7fUUwWPIgZ0WCyNpO3%2FfCN45RjTZbbRJALkHzOa7PCbOQLqpRnJw4RXobdfrqzhW9X2DbBhKEDAFceMih7fV%2FqCzDFhK1PTs7D4i%2FY84m%2FVDrnWLa6wrvD7%2BEN25hng0Wc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880338b13f410b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| coldlookweb.pages.dev/bg_ms.svg | 172.66.44.216 | 200 OK | 1.9 kB |
URL GET HTTP/3coldlookweb.pages.dev/bg_ms.svg IP172.66.44.216:443
Requested byhttps://coldlookweb.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectcoldlookweb.pages.dev Fingerprint9E:A3:42:9D:8B:14:19:EB:84:5D:68:F7:A9:D7:3C:5B:26:8D:68:E1 ValidityMon, 08 Apr 2024 22:17:29 GMT - Sun, 07 Jul 2024 22:17:28 GMT
File typeSVG Scalable Vector Graphics image Hash4b5c228b4faba433d06ec569ed855b2d a7d3882b93e332460e7c59510a6a811ef011983f eb19d76cd1fad39abf0f2778991883a5cf9ff560117ce8f7c64124e71471b4ed
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Microsoft | | OpenPhish | phishing | Office365 | | PhishTank | phishing | Microsoft | | Quad9 DNS | malicious | Sinkholed |
GET /bg_ms.svg HTTP/1.1
Host: coldlookweb.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://coldlookweb.pages.dev/_next/static/css/facd1d71cc5c2fca.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 18:19:59 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"80d836970ae5afdd26686cb28687fce3"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2GW%2FjbZGqgSzglie54V4TrRmpZxNq4iLL2QgVm4gq752VdRn5076%2FbTuj7SHADzRjkPeIhupJRhByC9Wp03%2B7H9%2BV2Yhn3HbK5o2oS7dP9EfQSwRPAkv4C84NC0Rs29NCxC%2B58REIdQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880338b249250b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| coldlookweb.pages.dev/_next/static/chunks/pages/index-520c701a461655f4.js | 172.66.44.216 | 200 OK | 15 kB |
URL GET HTTP/3coldlookweb.pages.dev/_next/static/chunks/pages/index-520c701a461655f4.js IP172.66.44.216:443
Requested byhttps://coldlookweb.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectcoldlookweb.pages.dev Fingerprint9E:A3:42:9D:8B:14:19:EB:84:5D:68:F7:A9:D7:3C:5B:26:8D:68:E1 ValidityMon, 08 Apr 2024 22:17:29 GMT - Sun, 07 Jul 2024 22:17:28 GMT
File typeJavaScript source, ASCII text, with very long lines (14802), with no line terminators Hashb78abf34165072567c37b441a5bacec1 655d5379e54f5606619bb89d50535e2443cd7d35 66e121247391a876fae5d32ed50ab70308d2176c6ccd74cb62065fd73a675ba2
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Microsoft | | OpenPhish | phishing | Office365 | | PhishTank | phishing | Microsoft | | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/pages/index-520c701a461655f4.js HTTP/1.1
Host: coldlookweb.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://coldlookweb.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 18:19:59 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"b1acb6f8e87b164735cf9de549f2f43b"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FZHR%2FtTHNg9t4FJlOkSPFx5kNziTv%2BXK%2FsIkifk0eofNQ2ha0SfqBz2bqJu0ZHXeaeWX0SEpEv0UlX2MqP3VRo%2BE88ML4nai1jfsGihweuC3vRhJLPeyFV92j9eQAV848gT5zOT9Cvo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880338b14f5e0b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| coldlookweb.pages.dev/_next/static/Nm6Y9YRmw04uYoOk-YDTL/_ssgManifest.js | 172.66.44.216 | 200 OK | 77 B |
URL GET HTTP/3coldlookweb.pages.dev/_next/static/Nm6Y9YRmw04uYoOk-YDTL/_ssgManifest.js IP172.66.44.216:443
Requested byhttps://coldlookweb.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectcoldlookweb.pages.dev Fingerprint9E:A3:42:9D:8B:14:19:EB:84:5D:68:F7:A9:D7:3C:5B:26:8D:68:E1 ValidityMon, 08 Apr 2024 22:17:29 GMT - Sun, 07 Jul 2024 22:17:28 GMT
File typeASCII text, with no line terminators Hashb6652df95db52feb4daf4eca35380933 65451d110137761b318c82d9071c042db80c4036 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Microsoft | | OpenPhish | phishing | Office365 | | PhishTank | phishing | Microsoft | | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/Nm6Y9YRmw04uYoOk-YDTL/_ssgManifest.js HTTP/1.1
Host: coldlookweb.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://coldlookweb.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 18:19:59 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"99dfad1d4dc538d0f87b1326c3f89efb"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g%2FcLpu2vNe3hy8fgr3Jx5yjmuiYEGYyEY7R%2BzsfCdXfrs0yQAk86RfS46%2Br4NSd1ZCm%2Fi7GnL9Sw%2F%2B5FZK6Jn4kPa667mf07P8%2BPixA05QbwPatAM1M13cz2H%2FwHxfwAaEWQumrHAIU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880338b14f660b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| coldlookweb.pages.dev/_next/static/chunks/framework-2c79e2a64abdb08b.js | 172.66.44.216 | 200 OK | 141 kB |
URL GET HTTP/3coldlookweb.pages.dev/_next/static/chunks/framework-2c79e2a64abdb08b.js IP172.66.44.216:443
Requested byhttps://coldlookweb.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectcoldlookweb.pages.dev Fingerprint9E:A3:42:9D:8B:14:19:EB:84:5D:68:F7:A9:D7:3C:5B:26:8D:68:E1 ValidityMon, 08 Apr 2024 22:17:29 GMT - Sun, 07 Jul 2024 22:17:28 GMT
File typeJavaScript source, ASCII text, with very long lines (65202) Size141 kB (141052 bytes) Hash7fc4bed6b4319c62343f0bf5db91a5bb 6e283c4ea2b12da64476af280236a8c5d85dbbbc f2ae26ff518d9519afd2a3dc277d84e098458e6b6b85fa9548cda2bed24435e7
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Microsoft | | OpenPhish | phishing | Office365 | | PhishTank | phishing | Microsoft | | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/framework-2c79e2a64abdb08b.js HTTP/1.1
Host: coldlookweb.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://coldlookweb.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 18:19:59 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"f00713b00406c2a9f171b8494f639497"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Df8TOh7ecpn6Xet2LDXzMstWILie0l08Qw9pOyDuV%2Fa7n0Lcni5u6zxokHmhveBdPyqaq18O76r9UUgSi5xDE6R8N9yoq6Hh0q2lXewJyrSSWBkeJbG5%2FMunPdNJK%2FUln2WWg9XjCs0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880338b13f520b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| coldlookweb.pages.dev/_next/static/chunks/pages/_app-dc73212b72bc3454.js | 172.66.44.216 | 200 OK | 686 B |
URL GET HTTP/3coldlookweb.pages.dev/_next/static/chunks/pages/_app-dc73212b72bc3454.js IP172.66.44.216:443
Requested byhttps://coldlookweb.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectcoldlookweb.pages.dev Fingerprint9E:A3:42:9D:8B:14:19:EB:84:5D:68:F7:A9:D7:3C:5B:26:8D:68:E1 ValidityMon, 08 Apr 2024 22:17:29 GMT - Sun, 07 Jul 2024 22:17:28 GMT
File typeASCII text, with very long lines (700), with no line terminators Hash65151263687c294c03bfa5313c3225b9 2765b0b1839cd6cfa97ef92a496613c133ecd8f3 48ef9c00aa3e770253cc9df7b4e083642b5b4d5ce373aa0538172b640b52742b
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Microsoft | | OpenPhish | phishing | Office365 | | PhishTank | phishing | Microsoft | | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/pages/_app-dc73212b72bc3454.js HTTP/1.1
Host: coldlookweb.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://coldlookweb.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 18:19:59 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"bd751305febdfe9ce12de5a464a4079b"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r3oIejeKCb4zD3SgXaTyv4sMlhxSiZ%2B9F%2F2EjsS%2BIiKZxOW4tX2WrLRyMmtOjqndYwvvZQf9A3ISItNu%2FqlvFE2QhJcXBxDRdoD7Yz8t0dnB48xr1Zw2AFn2NSoEevas2qY39De7aKA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880338b14f580b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| coldlookweb.pages.dev/android-icon-192x192.png | 172.66.44.216 | 404 Not Found | 3.9 kB |
URL GET HTTP/3coldlookweb.pages.dev/android-icon-192x192.png IP172.66.44.216:443
Requested byhttps://coldlookweb.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectcoldlookweb.pages.dev Fingerprint9E:A3:42:9D:8B:14:19:EB:84:5D:68:F7:A9:D7:3C:5B:26:8D:68:E1 ValidityMon, 08 Apr 2024 22:17:29 GMT - Sun, 07 Jul 2024 22:17:28 GMT
File typeHTML document, ASCII text, with very long lines (4073), with no line terminators Hashad4df6840fffef7dbb3882e376c1d401 5661b5cefe3a27fdad89ebbec370da4aa72036b3 83f0d7a2f19d8ad09cd3d72a72a418f36145711ff15c2b75b1b2faedbbcd071c
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Microsoft | | OpenPhish | phishing | Office365 | | PhishTank | phishing | Microsoft | | Quad9 DNS | malicious | Sinkholed |
GET /android-icon-192x192.png HTTP/1.1
Host: coldlookweb.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://coldlookweb.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Tue, 07 May 2024 18:20:00 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JTg9wBcxn%2FnSwYkZUuXrU6ghIB2aSDHRKdVbiQP%2Fe8NYFhFPp6xM4nCOPSmvdOREoAAMNyzuKE%2FZtCrVgpJdH%2BDDRhOtsvEq29IyV17%2BZjDXD3KonPyRtpJSALggPk6M5%2BPph6Lfd8s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880338b3cc180b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| coldlookweb.pages.dev/favicon-16x16.png | 172.66.44.216 | 404 Not Found | 3.9 kB |
URL GET HTTP/3coldlookweb.pages.dev/favicon-16x16.png IP172.66.44.216:443
Requested byhttps://coldlookweb.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectcoldlookweb.pages.dev Fingerprint9E:A3:42:9D:8B:14:19:EB:84:5D:68:F7:A9:D7:3C:5B:26:8D:68:E1 ValidityMon, 08 Apr 2024 22:17:29 GMT - Sun, 07 Jul 2024 22:17:28 GMT
File typeHTML document, ASCII text, with very long lines (4073), with no line terminators Hashad4df6840fffef7dbb3882e376c1d401 5661b5cefe3a27fdad89ebbec370da4aa72036b3 83f0d7a2f19d8ad09cd3d72a72a418f36145711ff15c2b75b1b2faedbbcd071c
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Microsoft | | OpenPhish | phishing | Office365 | | PhishTank | phishing | Microsoft | | Quad9 DNS | malicious | Sinkholed |
GET /favicon-16x16.png HTTP/1.1
Host: coldlookweb.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://coldlookweb.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Tue, 07 May 2024 18:20:00 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rB04H%2Byrv%2BwcyIET5epwqOOWYRvNdbGRNUN405Fpc4KszB7Qylq8tfiG15zJE5aB0dJyA4GylUsBSh7Lx0feY%2FS3%2BvNBSS3KhDcvAs81KK5UAoczxHusgZVcAZf%2Frutuorp4sy23h9M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880338b3cc1e0b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| coldlookweb.pages.dev/_next/static/chunks/webpack-8fa1640cc84ba8fe.js | 172.66.44.216 | 200 OK | 1.4 kB |
URL GET HTTP/3coldlookweb.pages.dev/_next/static/chunks/webpack-8fa1640cc84ba8fe.js IP172.66.44.216:443
Requested byhttps://coldlookweb.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectcoldlookweb.pages.dev Fingerprint9E:A3:42:9D:8B:14:19:EB:84:5D:68:F7:A9:D7:3C:5B:26:8D:68:E1 ValidityMon, 08 Apr 2024 22:17:29 GMT - Sun, 07 Jul 2024 22:17:28 GMT
File typeJavaScript source, ASCII text, with very long lines (1440), with no line terminators Hash633d1c88684d35aa28fe8a444e399828 7a1d189e1f13fca40bbb631472decd4ffebba4fa 376fa435e978f838911059bcd04e7f9635e970983bc8423e8e054091139bb4bf
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Microsoft | | OpenPhish | phishing | Office365 | | PhishTank | phishing | Microsoft | | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/webpack-8fa1640cc84ba8fe.js HTTP/1.1
Host: coldlookweb.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://coldlookweb.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 18:19:59 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"44c67d4040ab62a0df6e4cc5f8960208"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LJ4UmvysFJu7%2B4DpVnjwg9MfSVDfMAf8bYdJEnzhkylWVe4tNwR14n3h08kZDsEsUAxnLQOZRASl3xfq3Q3MfpWdPc8cRUhmcxWfUS7mu4%2BwjeQJE6TwD8lsnnxwup7sFEpv8d1oQhU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880338b13f4f0b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| coldlookweb.pages.dev/_next/static/chunks/main-ff44f97138765e5a.js | 172.66.44.216 | 200 OK | 89 kB |
URL GET HTTP/3coldlookweb.pages.dev/_next/static/chunks/main-ff44f97138765e5a.js IP172.66.44.216:443
Requested byhttps://coldlookweb.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectcoldlookweb.pages.dev Fingerprint9E:A3:42:9D:8B:14:19:EB:84:5D:68:F7:A9:D7:3C:5B:26:8D:68:E1 ValidityMon, 08 Apr 2024 22:17:29 GMT - Sun, 07 Jul 2024 22:17:28 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashccfe48385b3ffbcb1ccbfb6c3677b748 330006e5edd6a0fea156e1d2a897e5861035f12a a3e1e9514e08dbc0f83ad899d6950b467bd1adb81a161ab856a68283c98e9d5a
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Microsoft | | OpenPhish | phishing | Office365 | | PhishTank | phishing | Microsoft | | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/main-ff44f97138765e5a.js HTTP/1.1
Host: coldlookweb.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://coldlookweb.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 18:19:59 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"89c043327fb4733734a7298aeb62e8d6"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mf2%2B9UDzaSqu0Sx6SRy%2Fsb6YeQp1zAoDOrJklr1kyWrcwoG%2FW4E50%2Bbh5m3o9%2BuFf7y99JkUaxzth20Wy3kTOkQSF02JqdEzvxTi5Roa5pz4NW7pJ1tnAwi3h9jlui2FMxG0%2FN%2Fns6I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880338b13f540b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|