Report - 59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz

Report Overview

Submitted URL
59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz
IP
35.158.16.2
ASN
#16509 AMAZON-02
Submitted
2024-05-10 10:00:11
Access
public
Website Title
59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/
Final URL
59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
26

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-10	1.8 kB	142 kB	216.58.207.227
cdn.permar.xyz	unknown	2022-09-12	2023-05-19	2023-05-19	1.7 kB	275 kB	54.230.111.29
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-10	1.0 kB	1.6 kB	142.250.74.74
59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz	unknown	unknown	No data	No data	6.9 kB	926 kB	35.158.16.2
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-05-09	460 B	105 kB	142.250.74.168
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21	2024-05-09	1.0 kB	2.6 kB	54.230.218.11

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-05-06	medium	59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/	Microsoft OneDrive
2024-05-06	medium	59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/	Microsoft OneDrive
2024-05-06	medium	59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/	Microsoft OneDrive
2024-05-06	medium	59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/	Microsoft OneDrive
2024-05-06	medium	59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/	Microsoft OneDrive
2024-05-06	medium	59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/	Microsoft OneDrive
2024-05-06	medium	59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/	Microsoft OneDrive
2024-05-06	medium	59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/	Microsoft OneDrive
2024-05-06	medium	59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/	Microsoft OneDrive
2024-05-06	medium	59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/	Microsoft OneDrive
2024-05-06	medium	59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/	Microsoft OneDrive
2024-05-06	medium	59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/	Microsoft OneDrive
2024-05-06	medium	59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/	Microsoft OneDrive

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (10)

	URL	Size	First Seen	Last Seen
	59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/_next/static/chunks/pages/_app-f5d13640ceca7792.js	1.5 MB	2024-05-02	2024-05-10
Pretty URL 59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/_next/static/chunks/pages/_app-f5d13640ceca7792.js IP 35.158.16.2 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 19:51:29 Last Seen2024-05-10 12:00:18 Times Seen2 Hash fc6917b9599ba7152fff10defdadc483 ec0bbc940f02b454efd348f4a5d1ec96247f4d70 3fa614dcad116c564d8b3ec9fe322173bdba1a87e1fc6d5d6ecce50981d7e2ed Loading...

	59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/_next/static/chunks/pages/index-5ec24b2f46cf48bb.js	9.1 kB	2024-03-04	2024-05-10
Pretty URL 59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/_next/static/chunks/pages/index-5ec24b2f46cf48bb.js IP 35.158.16.2 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-04 06:46:23 Last Seen2024-05-10 12:00:18 Times Seen3 Hash 669594d7aaaf24e0324336a6e6a1cdd0 d56c043e0265f0b63be31c5e663a8dcb465fc7f3 7d6a75c6e9e05c8d01e04f164d2e25ea57c4f66646160fb9771b4415479f875c Loading...

	59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/_next/static/7UDEsKnBwI1sQY1JkkNg0/_ssgManifest.js	77 B	2023-03-07	2024-05-20
Pretty URL 59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/_next/static/7UDEsKnBwI1sQY1JkkNg0/_ssgManifest.js IP 35.158.16.2 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:02 Last Seen2024-05-20 19:33:56 Times Seen87727 Hash b6652df95db52feb4daf4eca35380933 65451d110137761b318c82d9071c042db80c4036 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e Loading...

	59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/	344 B	2024-03-04	2024-05-10
Pretty URL 59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/ IP 35.158.16.2 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-03-04 06:46:23 Last Seen2024-05-10 12:00:18 Times Seen3 Hash d1990a4d3e4fd7ba67adcc5596e304c7 a9c5ee3b7ce9c122a27fbe42716de08ad24297af 6ceb0be83c9d833d31586e2ba2e4f2c5fcf61834791c5e410efaccae9492dabb Loading...

	59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/_next/static/chunks/main-7833010d21246986.js	130 kB	2024-03-04	2024-05-10
Pretty URL 59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/_next/static/chunks/main-7833010d21246986.js IP 35.158.16.2 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-04 06:46:23 Last Seen2024-05-10 12:00:19 Times Seen5 Hash bdce6d9f5ae8bdbee2da0666fb3fe67a 7834b7bb556b615d3a7bd70c5ddb7b0d66a6605e c67095208f9f13087bc133039158179fede44763cd14616c8bfa57b2cf6e1eea Loading...

	59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/_next/static/chunks/791-ed37c703f41c217b.js	65 kB	2024-05-02	2024-05-10
Pretty URL 59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/_next/static/chunks/791-ed37c703f41c217b.js IP 35.158.16.2 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 19:51:29 Last Seen2024-05-10 12:00:19 Times Seen4 Hash ae143bf435d95e114433de68b8951bbc 262eca23449cb0a9fa23cfc732c80c7f6b68d0ef d359f3bbd6b6c6a56095f77c28640f914b1d69e3aebcc6f938aa391dfab35c69 Loading...

	59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/_next/static/7UDEsKnBwI1sQY1JkkNg0/_buildManifest.js	466 B	2024-05-02	2024-05-10
Pretty URL 59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/_next/static/7UDEsKnBwI1sQY1JkkNg0/_buildManifest.js IP 35.158.16.2 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 19:51:29 Last Seen2024-05-10 12:00:18 Times Seen4 Hash 41a57029536873fafdb83c8fdadfffe5 d3b747fffd299a21f91373e36788d05b66a54b8b 8311c38cfa6dd33bf6e95ddbea5d1b090f4e484e13096f3aacee4baf03a9edd7 Loading...

	59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/_next/static/chunks/webpack-dee7c27080a831b4.js	3.9 kB	2024-05-02	2024-05-10
Pretty URL 59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/_next/static/chunks/webpack-dee7c27080a831b4.js IP 35.158.16.2 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 19:51:29 Last Seen2024-05-10 12:00:18 Times Seen2 Hash 415f2bc48bc33f72ab5285bc8f3fa854 14fba53a6ac9d8ac66581a5f985706d9f338b449 d5cd349f89fb09fea3d5e6928d7204654712e04e46a281cd426ad2157f964198 Loading...

	59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/_next/static/chunks/framework-24e1df4a6bb7957d.js	211 kB	2024-03-04	2024-05-10
Pretty URL 59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/_next/static/chunks/framework-24e1df4a6bb7957d.js IP 35.158.16.2 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-04 06:46:23 Last Seen2024-05-10 12:00:19 Times Seen6 Hash dfa717727ef60f4d2ec6c2530857320c ef360a8ff10d494d50d2f2e6761149ffc1f60e2a faead5cce522e126abf940acb48dedf91430693a9a7cb804a43a447ec55d1129 Loading...

	www.googletagmanager.com/gtag/js?id=G-HBFZHKDNHE	321 kB	2024-05-10	2024-05-10
Pretty URL www.googletagmanager.com/gtag/js?id=G-HBFZHKDNHE IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 12:00:18 Last Seen2024-05-10 12:00:18 Times Seen2 Hash 0f2d1e87390071bd971a77cf1649bd22 1244afc9f075abdcbb74c3baa05380a2d6acf754 1cd65673984b39067c6a4bc32a257693ac892ac857a6cbb547e3c8df932fd597 Loading...

HTTP Transactions (25)

URL IP Response Size

59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/_next/static/7UDEsKnBwI1sQY1JkkNg0/_buildManifest.js

35.158.16.2

200 OK

466 B

URL GET HTTP/2
59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/_next/static/7UDEsKnBwI1sQY1JkkNg0/_buildManifest.js
IP
35.158.16.2:443
ASN
#16509 AMAZON-02

Requested by
https://59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/
Certificate
IssuerLet's Encrypt
Subject*.pages.permar.xyz
Fingerprint3C:A7:78:42:77:DB:CB:61:40:F2:DE:B4:B0:16:E7:D0:B9:49:CE:19
ValiditySun, 14 Apr 2024 23:14:26 GMT - Sat, 13 Jul 2024 23:14:25 GMT

File type
ASCII text, with very long lines (466), with no line terminators
Size
466 B (466 bytes)
Hash
41a57029536873fafdb83c8fdadfffe5
d3b747fffd299a21f91373e36788d05b66a54b8b
8311c38cfa6dd33bf6e95ddbea5d1b090f4e484e13096f3aacee4baf03a9edd7

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Microsoft OneDrive

HTTP Headers

GET /_next/static/7UDEsKnBwI1sQY1JkkNg0/_buildManifest.js HTTP/1.1
Host: 59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 10 May 2024 09:59:45 GMT
content-type: application/javascript; charset=UTF-8
content-length: 466
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Tue, 16 Apr 2024 10:59:39 GMT
etag: W/"1d2-18ee68ff978"
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/_next/static/7UDEsKnBwI1sQY1JkkNg0/_ssgManifest.js

35.158.16.2

200 OK

77 B

URL GET HTTP/2
59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/_next/static/7UDEsKnBwI1sQY1JkkNg0/_ssgManifest.js
IP
35.158.16.2:443
ASN
#16509 AMAZON-02

Requested by
https://59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/
Certificate
IssuerLet's Encrypt
Subject*.pages.permar.xyz
Fingerprint3C:A7:78:42:77:DB:CB:61:40:F2:DE:B4:B0:16:E7:D0:B9:49:CE:19
ValiditySun, 14 Apr 2024 23:14:26 GMT - Sat, 13 Jul 2024 23:14:25 GMT

File type
ASCII text, with no line terminators
Size
77 B (77 bytes)
Hash
b6652df95db52feb4daf4eca35380933
65451d110137761b318c82d9071c042db80c4036
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Microsoft OneDrive

HTTP Headers

GET /_next/static/7UDEsKnBwI1sQY1JkkNg0/_ssgManifest.js HTTP/1.1
Host: 59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 10 May 2024 09:59:45 GMT
content-type: application/javascript; charset=UTF-8
content-length: 77
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Tue, 16 Apr 2024 10:59:39 GMT
etag: W/"4d-18ee68ff978"
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-HBFZHKDNHE

142.250.74.168

200 OK

105 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-HBFZHKDNHE
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (7711)
Size
105 kB (104833 bytes)
Hash
0f2d1e87390071bd971a77cf1649bd22
1244afc9f075abdcbb74c3baa05380a2d6acf754
1cd65673984b39067c6a4bc32a257693ac892ac857a6cbb547e3c8df932fd597

HTTP Headers

GET /gtag/js?id=G-HBFZHKDNHE HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 10 May 2024 09:59:45 GMT
expires: Fri, 10 May 2024 09:59:45 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 104833
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/_next/static/chunks/pages/_app-f5d13640ceca7792.js

35.158.16.2

200 OK

237 kB

URL GET HTTP/2
59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/_next/static/chunks/pages/_app-f5d13640ceca7792.js
IP
35.158.16.2:443
ASN
#16509 AMAZON-02

Requested by
https://59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/
Certificate
IssuerLet's Encrypt
Subject*.pages.permar.xyz
Fingerprint3C:A7:78:42:77:DB:CB:61:40:F2:DE:B4:B0:16:E7:D0:B9:49:CE:19
ValiditySun, 14 Apr 2024 23:14:26 GMT - Sat, 13 Jul 2024 23:14:25 GMT

File type
gzip compressed data, from Unix
Size
237 kB (237331 bytes)
Hash
b55b5e9da4ec25b409790e66c54df4ab
7d398832d97d4a2f77aab2f58e4a5866c539c868
ad74af08fd55da69910c521b196a2e377712bc1521e12f1f01e4bbb122a0fd7b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Microsoft OneDrive

HTTP Headers

GET /_next/static/chunks/pages/_app-f5d13640ceca7792.js HTTP/1.1
Host: 59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 10 May 2024 09:59:45 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Tue, 16 Apr 2024 10:59:39 GMT
etag: W/"16fff8-18ee68ff978"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

ocsp.r2m03.amazontrust.com/

54.230.218.11

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
54.230.218.11:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
3dacd996e1f0ffee94c43aeb6da882c6
407ca7b7775a6d2bea636ed4ac54d6d86e4e0195
36a7cc620989d7b33bc1df2dfab9b1615159a9deb58d0c2d7bb9fbf515daab62

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: max-age=7200
Date: Fri, 10 May 2024 09:59:45 GMT
Server: ECAcc (amb/6B67)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: CSFbqjsQ_Zz896jUAxISzL-HZzBSBrmRimB-YvLq1V_exwFjsdXMvQ==

fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2

216.58.207.227

200 OK

47 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 46552, version 1.0
Size
47 kB (46552 bytes)
Hash
74c3556b9dad12fb76f84af53ba69410
342edef074482299f72f8f7a8862e6f908bd4137
3bcf04ca301e44f13f404c8a04aa4ae707f67a950e12ef30c238f96e784266a1

HTTP Headers

GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz
DNT: 1
Connection: keep-alive
Referer: https://59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 02:10:57 GMT
expires: Fri, 09 May 2025 02:10:57 GMT
cache-control: public, max-age=31536000
age: 114528
last-modified: Thu, 14 Sep 2023 00:46:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2

216.58.207.227

200 OK

47 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 46552, version 1.0
Size
47 kB (46552 bytes)
Hash
74c3556b9dad12fb76f84af53ba69410
342edef074482299f72f8f7a8862e6f908bd4137
3bcf04ca301e44f13f404c8a04aa4ae707f67a950e12ef30c238f96e784266a1

HTTP Headers

GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz
DNT: 1
Connection: keep-alive
Referer: https://59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 02:10:57 GMT
expires: Fri, 09 May 2025 02:10:57 GMT
cache-control: public, max-age=31536000
age: 114528
last-modified: Thu, 14 Sep 2023 00:46:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2

216.58.207.227

200 OK

47 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 46552, version 1.0
Size
47 kB (46552 bytes)
Hash
74c3556b9dad12fb76f84af53ba69410
342edef074482299f72f8f7a8862e6f908bd4137
3bcf04ca301e44f13f404c8a04aa4ae707f67a950e12ef30c238f96e784266a1

HTTP Headers

GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz
DNT: 1
Connection: keep-alive
Referer: https://59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 02:10:57 GMT
expires: Fri, 09 May 2025 02:10:57 GMT
cache-control: public, max-age=31536000
age: 114528
last-modified: Thu, 14 Sep 2023 00:46:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.r2m03.amazontrust.com/

54.230.218.11

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
54.230.218.11:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
3dacd996e1f0ffee94c43aeb6da882c6
407ca7b7775a6d2bea636ed4ac54d6d86e4e0195
36a7cc620989d7b33bc1df2dfab9b1615159a9deb58d0c2d7bb9fbf515daab62

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: max-age=7200
Date: Fri, 10 May 2024 09:59:45 GMT
Server: ECAcc (amb/6B42)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: BWtYJqhQWT9yjrCpkyqT49kD7shCmWyGzGwkrFGzzpMQ4ogs7ayWLg==

ocsp.r2m03.amazontrust.com/

54.230.218.11

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
54.230.218.11:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
3dacd996e1f0ffee94c43aeb6da882c6
407ca7b7775a6d2bea636ed4ac54d6d86e4e0195
36a7cc620989d7b33bc1df2dfab9b1615159a9deb58d0c2d7bb9fbf515daab62

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: max-age=7200
Date: Fri, 10 May 2024 09:59:45 GMT
Server: ECAcc (amb/6ACD)
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ZKtMnuzWdjg4tXkcPq6CxEc0ZmWak0viR14NJ3LkdQGyw64MVVkZuQ==

cdn.permar.xyz/orgs/5bbd0a86-8023-4c45-bc99-cf7c2f1d3cdc/9d2f6356a4abe6a3c0f491f379536265f272b15b370394f5f76916ca804dbe2c.jpg

54.230.111.29

200 OK

54 kB

URL GET HTTP/2
cdn.permar.xyz/orgs/5bbd0a86-8023-4c45-bc99-cf7c2f1d3cdc/9d2f6356a4abe6a3c0f491f379536265f272b15b370394f5f76916ca804dbe2c.jpg
IP
54.230.111.29:443
ASN
#16509 AMAZON-02

Requested by
https://59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/
Certificate
IssuerAmazon
Subjectcdn.permar.xyz
FingerprintB8:4D:77:78:96:93:63:48:46:73:F7:72:73:7D:72:6E:D3:21:69:5E
ValidityThu, 18 Apr 2024 00:00:00 GMT - Sat, 17 May 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 640x959, components 3
Size
54 kB (54115 bytes)
Hash
8816e9f1d53a435796c3e5dad1d744df
33b8539435af1b939e11f8877aacb1f6839d39f3
9d2f6356a4abe6a3c0f491f379536265f272b15b370394f5f76916ca804dbe2c

HTTP Headers

GET /orgs/5bbd0a86-8023-4c45-bc99-cf7c2f1d3cdc/9d2f6356a4abe6a3c0f491f379536265f272b15b370394f5f76916ca804dbe2c.jpg HTTP/1.1
Host: cdn.permar.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 54115
date: Fri, 10 May 2024 09:59:46 GMT
last-modified: Fri, 03 May 2024 11:03:09 GMT
etag: "8816e9f1d53a435796c3e5dad1d744df"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DWJSYPXCQZhP8N_0KodD58cz8VR2ucXJuo_vySIDJ9SrVQhqpsKWwg==
X-Firefox-Spdy: h2

cdn.permar.xyz/orgs/5bbd0a86-8023-4c45-bc99-cf7c2f1d3cdc/e4587a1a012f8a39ea289dad8016b2397558b6b15f11f31732c809413dac7a1a.jpg

54.230.111.29

200 OK

34 kB

URL GET HTTP/2
cdn.permar.xyz/orgs/5bbd0a86-8023-4c45-bc99-cf7c2f1d3cdc/e4587a1a012f8a39ea289dad8016b2397558b6b15f11f31732c809413dac7a1a.jpg
IP
54.230.111.29:443
ASN
#16509 AMAZON-02

Requested by
https://59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/
Certificate
IssuerAmazon
Subjectcdn.permar.xyz
FingerprintB8:4D:77:78:96:93:63:48:46:73:F7:72:73:7D:72:6E:D3:21:69:5E
ValidityThu, 18 Apr 2024 00:00:00 GMT - Sat, 17 May 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 640x427, components 3
Size
34 kB (33589 bytes)
Hash
8bc2528c6352e1141d0ccb7255fb4688
de86c1f88b966b55c1e4caa08432f4c4097fbb00
e4587a1a012f8a39ea289dad8016b2397558b6b15f11f31732c809413dac7a1a

HTTP Headers

GET /orgs/5bbd0a86-8023-4c45-bc99-cf7c2f1d3cdc/e4587a1a012f8a39ea289dad8016b2397558b6b15f11f31732c809413dac7a1a.jpg HTTP/1.1
Host: cdn.permar.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 33589
date: Fri, 10 May 2024 09:59:46 GMT
last-modified: Fri, 03 May 2024 11:03:25 GMT
etag: "8bc2528c6352e1141d0ccb7255fb4688"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ajnar0iK8WF1fpUFFcshuLMOFXaL7J9w90VPIEBDuJCIxVIhRkBHaw==
X-Firefox-Spdy: h2

cdn.permar.xyz/orgs/b1f9949e-9d13-4b47-a42b-8b69e705e82f/16c9d3c1f81f093d86cda83c9a449668459bdc6c4e1c311e9dd21aae9caf8e3c.jpg

54.230.111.29

200 OK

186 kB

URL GET HTTP/2
cdn.permar.xyz/orgs/b1f9949e-9d13-4b47-a42b-8b69e705e82f/16c9d3c1f81f093d86cda83c9a449668459bdc6c4e1c311e9dd21aae9caf8e3c.jpg
IP
54.230.111.29:443
ASN
#16509 AMAZON-02

Requested by
https://59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/
Certificate
IssuerAmazon
Subjectcdn.permar.xyz
FingerprintB8:4D:77:78:96:93:63:48:46:73:F7:72:73:7D:72:6E:D3:21:69:5E
ValidityThu, 18 Apr 2024 00:00:00 GMT - Sat, 17 May 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2880x1688, components 3
Size
186 kB (185700 bytes)
Hash
9c7bd08973cc4c2600b8d6094e2abcb4
f6a7cdee56176b68c6d21a7ba53ae34397930d7b
16c9d3c1f81f093d86cda83c9a449668459bdc6c4e1c311e9dd21aae9caf8e3c

HTTP Headers

GET /orgs/b1f9949e-9d13-4b47-a42b-8b69e705e82f/16c9d3c1f81f093d86cda83c9a449668459bdc6c4e1c311e9dd21aae9caf8e3c.jpg HTTP/1.1
Host: cdn.permar.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 185700
date: Fri, 10 May 2024 09:59:46 GMT
last-modified: Thu, 01 Feb 2024 02:45:57 GMT
etag: "9c7bd08973cc4c2600b8d6094e2abcb4"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: H8jGIni3RZ8_i6iBI_d8WYyJw-OKPLUbp7lkq_Qbp4x_uGh_MGLtBg==
X-Firefox-Spdy: h2

59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/null

35.158.16.2

200 OK

8.0 kB

URL GET HTTP/2
59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/null
IP
35.158.16.2:443
ASN
#16509 AMAZON-02

Requested by
https://59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/
Certificate
IssuerLet's Encrypt
Subject*.pages.permar.xyz
Fingerprint3C:A7:78:42:77:DB:CB:61:40:F2:DE:B4:B0:16:E7:D0:B9:49:CE:19
ValiditySun, 14 Apr 2024 23:14:26 GMT - Sat, 13 Jul 2024 23:14:25 GMT

File type
gzip compressed data, from Unix
Size
8.0 kB (7964 bytes)
Hash
1386ad1a477612d42eecaff763c2af1a
6795d5a1aa954a4baef6441c6fc23be3d8e76578
5a975418605f2b83a353d3d3a39b7592e613298f3125ae7ad85ffa574d89988d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Microsoft OneDrive

HTTP Headers

GET /null HTTP/1.1
Host: 59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/
Cookie: _ga_HBFZHKDNHE=GS1.1.1715335185.1.0.1715335185.0.0.0; _ga=GA1.1.1805266428.1715335186
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 10 May 2024 09:59:46 GMT
content-type: text/html; charset=utf-8
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
etag: "4xgfvv5echcei"
x-powered-by: Next.js
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Share+Tech+Mono&display=swap

142.250.74.74

200 OK

436 B

URL GET HTTP/2
fonts.googleapis.com/css2?family=Share+Tech+Mono&display=swap
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (445), with no line terminators
Size
436 B (436 bytes)
Hash
89bef0c1c7512ba709c332a58a350444
2ec2a9f513d2e0339b0aca811852ab04a5e383ed
273987e8b36ffa96ac61c8ab0c1c64002dd0d5d842b4e74b43999f05108fd4c8

HTTP Headers

GET /css2?family=Share+Tech+Mono&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 09:59:45 GMT
date: Fri, 10 May 2024 09:59:45 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/favicon.ico

0.0.0.0

0 B

URL GET
59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/favicon.ico
IP
0.0.0.0:0
ASN
#0

Requested by
https://59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/
Certificate
IssuerLet's Encrypt
Subject*.pages.permar.xyz
Fingerprint3C:A7:78:42:77:DB:CB:61:40:F2:DE:B4:B0:16:E7:D0:B9:49:CE:19
ValiditySun, 14 Apr 2024 23:14:26 GMT - Sat, 13 Jul 2024 23:14:25 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Microsoft OneDrive

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/
Cookie: _ga_HBFZHKDNHE=GS1.1.1715335185.1.0.1715335185.0.0.0; _ga=GA1.1.1805266428.1715335186
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/

35.158.16.2

200 OK

36 kB

URL User Request GET HTTP/2
59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/
IP
35.158.16.2:443
ASN
#16509 AMAZON-02

Certificate
IssuerLet's Encrypt
Subject*.pages.permar.xyz
Fingerprint3C:A7:78:42:77:DB:CB:61:40:F2:DE:B4:B0:16:E7:D0:B9:49:CE:19
ValiditySun, 14 Apr 2024 23:14:26 GMT - Sat, 13 Jul 2024 23:14:25 GMT

File type
HTML document, ASCII text, with very long lines (14589)
Size
36 kB (36510 bytes)
Hash
8ab563e06cae74c803be196967400747
575901da59045292d84e4897a4e768158b8aa771
703b01b402bba19c354b25348b9ead53c310b35759e899691ab709ad0973d549

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Microsoft OneDrive

HTTP Headers

GET / HTTP/1.1
Host: 59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 09:59:44 GMT
content-type: text/html; charset=utf-8
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
etag: "b88xg9bg2rs66"
x-powered-by: Next.js
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/_next/static/css/edaefaaf8a78fce1.css

35.158.16.2

200 OK

2.5 kB

URL GET HTTP/2
59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/_next/static/css/edaefaaf8a78fce1.css
IP
35.158.16.2:443
ASN
#16509 AMAZON-02

Requested by
https://59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/
Certificate
IssuerLet's Encrypt
Subject*.pages.permar.xyz
Fingerprint3C:A7:78:42:77:DB:CB:61:40:F2:DE:B4:B0:16:E7:D0:B9:49:CE:19
ValiditySun, 14 Apr 2024 23:14:26 GMT - Sat, 13 Jul 2024 23:14:25 GMT

File type
ASCII text, with very long lines (2533), with no line terminators
Size
2.5 kB (2533 bytes)
Hash
bed725b969aa4af8f89e7f7e0b581c4c
6cec4c68eaa9dc2da55a1d2e47ea14f195d92468
614259ec2b4c87478511c7dcb1e15dd67edd4c8a717c3b3e9d04a5d1f7548143

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Microsoft OneDrive

HTTP Headers

GET /_next/static/css/edaefaaf8a78fce1.css HTTP/1.1
Host: 59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 09:59:45 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Tue, 16 Apr 2024 10:59:39 GMT
etag: W/"9e5-18ee68ff978"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/_next/static/chunks/framework-24e1df4a6bb7957d.js

35.158.16.2

200 OK

211 kB

URL GET HTTP/2
59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/_next/static/chunks/framework-24e1df4a6bb7957d.js
IP
35.158.16.2:443
ASN
#16509 AMAZON-02

Requested by
https://59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/
Certificate
IssuerLet's Encrypt
Subject*.pages.permar.xyz
Fingerprint3C:A7:78:42:77:DB:CB:61:40:F2:DE:B4:B0:16:E7:D0:B9:49:CE:19
ValiditySun, 14 Apr 2024 23:14:26 GMT - Sat, 13 Jul 2024 23:14:25 GMT

File type
JavaScript source, ASCII text, with very long lines (34099)
Size
211 kB (210630 bytes)
Hash
dfa717727ef60f4d2ec6c2530857320c
ef360a8ff10d494d50d2f2e6761149ffc1f60e2a
faead5cce522e126abf940acb48dedf91430693a9a7cb804a43a447ec55d1129

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Microsoft OneDrive

HTTP Headers

GET /_next/static/chunks/framework-24e1df4a6bb7957d.js HTTP/1.1
Host: 59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 09:59:45 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Tue, 16 Apr 2024 10:59:39 GMT
etag: W/"336c6-18ee68ff978"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/_next/static/chunks/main-7833010d21246986.js

35.158.16.2

200 OK

130 kB

URL GET HTTP/2
59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/_next/static/chunks/main-7833010d21246986.js
IP
35.158.16.2:443
ASN
#16509 AMAZON-02

Requested by
https://59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/
Certificate
IssuerLet's Encrypt
Subject*.pages.permar.xyz
Fingerprint3C:A7:78:42:77:DB:CB:61:40:F2:DE:B4:B0:16:E7:D0:B9:49:CE:19
ValiditySun, 14 Apr 2024 23:14:26 GMT - Sat, 13 Jul 2024 23:14:25 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
130 kB (130225 bytes)
Hash
bdce6d9f5ae8bdbee2da0666fb3fe67a
7834b7bb556b615d3a7bd70c5ddb7b0d66a6605e
c67095208f9f13087bc133039158179fede44763cd14616c8bfa57b2cf6e1eea

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Microsoft OneDrive

HTTP Headers

GET /_next/static/chunks/main-7833010d21246986.js HTTP/1.1
Host: 59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 09:59:45 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Tue, 16 Apr 2024 10:59:39 GMT
etag: W/"1fcb1-18ee68ff978"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=undefined:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,500;1,700;800

142.250.74.74

400 Bad Request

0 B

URL GET HTTP/3
fonts.googleapis.com/css?family=undefined:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,500;1,700;800
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /css?family=undefined:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,500;1,700;800 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 400 Bad Request
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 10 May 2024 09:59:45 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/_next/static/chunks/791-ed37c703f41c217b.js

35.158.16.2

200 OK

65 kB

URL GET HTTP/2
59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/_next/static/chunks/791-ed37c703f41c217b.js
IP
35.158.16.2:443
ASN
#16509 AMAZON-02

Requested by
https://59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/
Certificate
IssuerLet's Encrypt
Subject*.pages.permar.xyz
Fingerprint3C:A7:78:42:77:DB:CB:61:40:F2:DE:B4:B0:16:E7:D0:B9:49:CE:19
ValiditySun, 14 Apr 2024 23:14:26 GMT - Sat, 13 Jul 2024 23:14:25 GMT

File type
JavaScript source, ASCII text, with very long lines (65405), with no line terminators
Size
65 kB (65405 bytes)
Hash
ae143bf435d95e114433de68b8951bbc
262eca23449cb0a9fa23cfc732c80c7f6b68d0ef
d359f3bbd6b6c6a56095f77c28640f914b1d69e3aebcc6f938aa391dfab35c69

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Microsoft OneDrive

HTTP Headers

GET /_next/static/chunks/791-ed37c703f41c217b.js HTTP/1.1
Host: 59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 09:59:45 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Tue, 16 Apr 2024 10:59:39 GMT
etag: W/"ff7d-18ee68ff978"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/_next/static/css/cd22ea8f06533475.css

35.158.16.2

200 OK

217 kB

URL GET HTTP/2
59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/_next/static/css/cd22ea8f06533475.css
IP
35.158.16.2:443
ASN
#16509 AMAZON-02

Requested by
https://59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/
Certificate
IssuerLet's Encrypt
Subject*.pages.permar.xyz
Fingerprint3C:A7:78:42:77:DB:CB:61:40:F2:DE:B4:B0:16:E7:D0:B9:49:CE:19
ValiditySun, 14 Apr 2024 23:14:26 GMT - Sat, 13 Jul 2024 23:14:25 GMT

File type

Size
217 kB (217429 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Microsoft OneDrive

HTTP Headers

GET /_next/static/css/cd22ea8f06533475.css HTTP/1.1
Host: 59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 09:59:45 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Tue, 16 Apr 2024 10:59:39 GMT
etag: W/"35155-18ee68ff978"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/_next/static/chunks/webpack-dee7c27080a831b4.js

35.158.16.2

200 OK

3.9 kB

URL GET HTTP/2
59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/_next/static/chunks/webpack-dee7c27080a831b4.js
IP
35.158.16.2:443
ASN
#16509 AMAZON-02

Requested by
https://59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/
Certificate
IssuerLet's Encrypt
Subject*.pages.permar.xyz
Fingerprint3C:A7:78:42:77:DB:CB:61:40:F2:DE:B4:B0:16:E7:D0:B9:49:CE:19
ValiditySun, 14 Apr 2024 23:14:26 GMT - Sat, 13 Jul 2024 23:14:25 GMT

File type
JavaScript source, ASCII text, with very long lines (4004), with no line terminators
Size
3.9 kB (3923 bytes)
Hash
a338261ab2d96a6c2fdf3ac844e72b11
34c8bf0e3e2ff9c09b77448ba01fadd47864fbcc
ee0a808a4d2e91f81faad1e19571150483207509a06a65cb12857c9ca6eb3a75

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Microsoft OneDrive

HTTP Headers

GET /_next/static/chunks/webpack-dee7c27080a831b4.js HTTP/1.1
Host: 59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 09:59:45 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Tue, 16 Apr 2024 10:59:39 GMT
etag: W/"f53-18ee68ff978"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/_next/static/chunks/pages/index-5ec24b2f46cf48bb.js

35.158.16.2

200 OK

9.1 kB

URL GET HTTP/2
59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/_next/static/chunks/pages/index-5ec24b2f46cf48bb.js
IP
35.158.16.2:443
ASN
#16509 AMAZON-02

Requested by
https://59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/
Certificate
IssuerLet's Encrypt
Subject*.pages.permar.xyz
Fingerprint3C:A7:78:42:77:DB:CB:61:40:F2:DE:B4:B0:16:E7:D0:B9:49:CE:19
ValiditySun, 14 Apr 2024 23:14:26 GMT - Sat, 13 Jul 2024 23:14:25 GMT

File type
JavaScript source, ASCII text, with very long lines (9326), with no line terminators
Size
9.1 kB (9056 bytes)
Hash
16ac4114a380078074eedebbc4f55edf
f76f15135bb397d36700377c2d42f61681e94915
bcba62a095f5288d7c7ae9f5d39101471fe2a71be337da4b868ffd8135a1f780

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Microsoft OneDrive

HTTP Headers

GET /_next/static/chunks/pages/index-5ec24b2f46cf48bb.js HTTP/1.1
Host: 59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://59ca752e-2f81-4eff-ad66-b3bdfaae8a1b.pages.permar.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 09:59:45 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Tue, 16 Apr 2024 10:59:39 GMT
etag: W/"2360-18ee68ff978"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML