| cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js | 104.17.24.14 | 200 OK | 28 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js IP104.17.24.14:443
Requested byhttps://lord2jbpages.pages.dev/'+url+' CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lord2jbpages.pages.dev/
Origin: https://lord2jbpages.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:08:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 27938
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-15d9d"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3504022
expires: Mon, 14 Apr 2025 17:08:35 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tj1Q4%2Fc%2B84Pb4GbE3tM%2ByJPmXEpZ%2FGUjdR7KKzpoJi8zhYZgD5KuH9hDMn7sH5xUmYWDcO4cl3zowGAwlpV82SjNXiHX63EqFMr1r8EMRaDXhTHD3B569XC9ty5JxJLEehlIIMOz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8797b23b3a54b52d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| i.ibb.co/7bZyt2S/image.png | 162.19.58.157 | 404 Not Found | 1.0 kB |
URL GET HTTP/2i.ibb.co/7bZyt2S/image.png IP162.19.58.157:443
Requested byhttps://lord2jbpages.pages.dev/'+url+' CertificateIssuerLet's Encrypt Subjectibb.co Fingerprint0C:8B:6F:2F:B8:9F:91:1E:3A:DD:B1:1B:45:47:B4:65:FD:56:73:3D ValidityMon, 22 Apr 2024 06:29:44 GMT - Sun, 21 Jul 2024 06:29:43 GMT
File typePNG image data, 180 x 180, 4-bit colormap, non-interlaced Hash7325e2012a6cf941a6ea14f0061ff764 0d2ba63e280b979a98bc431bec8a7af985578769 63e3696c5e5e8b037e28e8fbef871184b0d1d60a7314c965b1426d9cce84dd69
GET /7bZyt2S/image.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lord2jbpages.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
server: nginx
date: Wed, 24 Apr 2024 17:08:35 GMT
content-type: image/png
content-length: 1031
X-Firefox-Spdy: h2
|
|
| lord2jbpages.pages.dev/'+url+' | 188.114.97.1 | 200 OK | 233 kB |
URL User Request GET HTTP/2lord2jbpages.pages.dev/'+url+' IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectlord2jbpages.pages.dev Fingerprint11:D3:E0:91:71:02:3C:10:99:A3:F0:8F:FF:56:92:74:0A:EE:F3:FF ValidityWed, 24 Apr 2024 04:10:32 GMT - Tue, 23 Jul 2024 04:10:31 GMT
File typeHTML document, ASCII text, with very long lines (22959), with CRLF line terminators Size233 kB (233146 bytes) Hash715dc1087007b79f12d506331812043f 949a2a77b37322845d3f96f47a26143d13bef5d0 754217ebe1241f6bc4eb8c76074798ba35241cc1b09fa35be0997b8bfc2fb817
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft | OpenPhish | phishing | Office365 |
GET /'+url+' HTTP/1.1
Host: lord2jbpages.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:08:35 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"e05210049f2f7abcdf549b8bc03ba21c"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xMTN4nOCLfpvllHZtmxDGUBl17wBJKnF2tnXrk1NaxPkeSqk0cqKQgQ7erNDouqMhuWK0iBL76UaD9N2%2BAYSYIprHFgG2P5f9Q6CwrPxGYkauglnBN7X7ChwDcGOgiaD0EsHccWuBbf8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797b23979b0b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| psw-trade.com/capital/stream/call.php?u=null | 0.0.0.0 | | 0 B |
URL GET psw-trade.com/capital/stream/call.php?u=null IP0.0.0.0:0
Requested byhttps://lord2jbpages.pages.dev/'+url+'
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /capital/stream/call.php?u=null HTTP/1.1
Host: psw-trade.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lord2jbpages.pages.dev/
Origin: https://lord2jbpages.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| lord2jbpages.pages.dev/favicon.ico | 188.114.97.1 | 200 OK | 233 kB |
URL GET HTTP/3lord2jbpages.pages.dev/favicon.ico IP188.114.97.1:443
Requested byhttps://lord2jbpages.pages.dev/'+url+' CertificateIssuerGoogle Trust Services LLC Subjectlord2jbpages.pages.dev Fingerprint11:D3:E0:91:71:02:3C:10:99:A3:F0:8F:FF:56:92:74:0A:EE:F3:FF ValidityWed, 24 Apr 2024 04:10:32 GMT - Tue, 23 Jul 2024 04:10:31 GMT
File typeHTML document, ASCII text, with very long lines (22959), with CRLF line terminators Size233 kB (233146 bytes) Hash715dc1087007b79f12d506331812043f 949a2a77b37322845d3f96f47a26143d13bef5d0 754217ebe1241f6bc4eb8c76074798ba35241cc1b09fa35be0997b8bfc2fb817
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft | OpenPhish | phishing | Office365 |
GET /favicon.ico HTTP/1.1
Host: lord2jbpages.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lord2jbpages.pages.dev/'+url+'
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:08:36 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"e05210049f2f7abcdf549b8bc03ba21c"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z2jNFosS4WxuNNQERelec9YZATNX362E6RzCSuVEPpnmLD9heYNlI7bPDVjdI1o%2BpTduesUAc7WKuBshjgZc3eIHgHLf7wVNFVQdE86jsOmL06wm9X%2Bq%2B5umxfXoYBjK%2BfmH0rHEDl77"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797b23ceea056a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|