Report - mass.gov-zxz.life/pay/

Report Overview

Visited public
2025-06-12 17:12:58
Tags
phishing
Submit Tags
URL
mass.gov-zxz.life/pay/
Finishing URL
mass.gov-zxz.life/pay/
IP / ASN
104.21.69.214
#13335 CLOUDFLARENET
Title
E-ZPass
Phishing - Generic phishing
Phishing - Generic Phishing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
mass.gov-zxz.life	unknown	2025-06-12	2025-06-12	2025-06-12	4.3 kB	1.9 MB	188.114.96.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (4)

	URL	From	Size	First Seen	Last Seen
	mass.gov-zxz.life/pay/assets/C48TGtPo.js	ScriptElement	803 kB	2025-04-10	2025-06-22
Pretty URL mass.gov-zxz.life/pay/assets/C48TGtPo.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-10 13:03 Last Seen2025-06-22 12:06 Times Seen68 Hash 78e323b9cb1151d155c929d848c126d8 1473fda2a7d935c2b3990074e269df4f10da31cb e72604bd954a75433f449718e00f6dca03d2501a21aafde244cb7a829f2b7227 Loading...

	mass.gov-zxz.life/pay/assets/fliceXIj.js	ScriptElement	36 kB	2025-04-10	2025-06-22
Pretty URL mass.gov-zxz.life/pay/assets/fliceXIj.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-10 13:03 Last Seen2025-06-22 12:06 Times Seen68 Hash cf5fcccfa5b431806ae87c5cf2467544 8af6e9373f6dea89e1a61a0cb7709222083acbf6 beb6348399c908821feb46cf80fc0ee8d06605c6a693fc5ad9442cefb679827b Loading...

	mass.gov-zxz.life/pay/	ScriptElement	314 B	2023-03-11	2025-07-16
Pretty URL mass.gov-zxz.life/pay/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-11 11:23 Last Seen2025-07-16 07:15 Times Seen7944 Hash cd7a34e714de94d5c29b8ac5acdde24b b722bccb435490630d97ef88cafeb02d92f70fd0 312ebfdc50a0e168cff60c206811b02e944263a7d9060c2685509dacfacd7f71 Loading...

	mass.gov-zxz.life/pay/	ScriptElement	84 B	2023-04-07	2025-07-16
Pretty URL mass.gov-zxz.life/pay/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-07 06:55 Last Seen2025-07-16 07:15 Times Seen16455 Hash 528dd01eb509d1fc3c68b48e165c9d77 8d702f33d869eb8c53cf75c17014f96385322395 b508dff20bdbd9138e31aa48c45bc501805e509d2fd4709b39c4a60cd5c6b43a Loading...

HTTP Transactions (9)

URL IP Response Size

GET mass.gov-zxz.life/pay/

188.114.96.1

200 OK

2.7 kB

URL User Request GET
mass.gov-zxz.life/pay/
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectgov-zxz.life
FingerprintB0:95:4A:A2:15:00:D6:E8:96:B0:07:02:B1:00:DD:51:BE:FE:E0:47
ValidityThu, 12 Jun 2025 12:24:27 GMT - Wed, 10 Sep 2025 13:22:49 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (433)
Size
2.7 kB (2733 bytes)
Hash
8f5c30bf3061c6b7fa0274d31d13b28e
71da68631ce4257593431f0a9fb1a44ee70503cd
845f3ed0434c7e65b0023ddfe914d989fa611674f91d751fee894196993d5a43

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Phishing

HTTP Headers

GET /pay/ HTTP/1.1
Host: mass.gov-zxz.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 12 Jun 2025 17:12:26 GMT
content-type: text/html
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=OYF5%2FHkxXCBymh559k4wYi49GaOCOrr3GHVx6LkZEAHqrSOMOZavOQV8zOEq83xZojNquGXJ3OP5UpN6qOiWkxKPRIlQTq1hsX09jr9GaA%3D%3D"}]}
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 94eaf9177dac5684-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET mass.gov-zxz.life/pay/favicon.ico

188.114.96.1

200 OK

515 B

URL GET
mass.gov-zxz.life/pay/favicon.ico
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mass.gov-zxz.life/pay/
Certificate
IssuerGoogle Trust Services
Subjectgov-zxz.life
FingerprintB0:95:4A:A2:15:00:D6:E8:96:B0:07:02:B1:00:DD:51:BE:FE:E0:47
ValidityThu, 12 Jun 2025 12:24:27 GMT - Wed, 10 Sep 2025 13:22:49 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
515 B (515 bytes)
Hash
3e16cdc8a526f98078f67177641f707a
2d00c86557e36bab3dfa715fac2ec0c41bf4c914
285bf3f460102421d4ceab8f1fa2702a8ff03808f07515c4033a193273c9e09e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Phishing

HTTP Headers

GET /pay/favicon.ico HTTP/1.1
Host: mass.gov-zxz.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mass.gov-zxz.life/pay/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 12 Jun 2025 17:12:28 GMT
content-type: image/vnd.microsoft.icon
server: cloudflare
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 12 Jun 2025 17:12:28 GMT
priority: u=6,i=?0
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=%2BChNHU9O5BQmcd0kq%2FUmC39%2F7nwAUB4VmJFSYpZw4N%2FoqQVx2FryKp3NoJWCXlzfYjBXlKHwTzqyn9QpfXFzWzPSxG27264SMLQ3mOZhIg%3D%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding: br
cf-ray: 94eaf9277d4256aa-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET mass.gov-zxz.life/pay/assets/fliceXIj.js

188.114.96.1

200 OK

36 kB

URL GET
mass.gov-zxz.life/pay/assets/fliceXIj.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mass.gov-zxz.life/pay/
Certificate
IssuerGoogle Trust Services
Subjectgov-zxz.life
FingerprintB0:95:4A:A2:15:00:D6:E8:96:B0:07:02:B1:00:DD:51:BE:FE:E0:47
ValidityThu, 12 Jun 2025 12:24:27 GMT - Wed, 10 Sep 2025 13:22:49 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (35906), with no line terminators
Size
36 kB (35907 bytes)
Hash
cf5fcccfa5b431806ae87c5cf2467544
8af6e9373f6dea89e1a61a0cb7709222083acbf6
beb6348399c908821feb46cf80fc0ee8d06605c6a693fc5ad9442cefb679827b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Phishing

HTTP Headers

GET /pay/assets/fliceXIj.js HTTP/1.1
Host: mass.gov-zxz.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mass.gov-zxz.life/pay/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 12 Jun 2025 17:12:26 GMT
content-type: application/javascript
server: cloudflare
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 12 Jun 2025 17:12:26 GMT
priority: u=3,i=?0
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=74JF5y2r%2B5a9nUaJhQu2LMWZ37kkM%2FOMPDBPHNt%2BEFj7ufD6r2%2BjZddAcRTCupoRwF0ChxsBO1Oehac7xK6GEIv2KZuLo9IOW9yOSc2PBw%3D%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 94eaf91c1e9656aa-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET mass.gov-zxz.life/pay/assets/C48TGtPo.js

188.114.96.1

200 OK

803 kB

URL GET
mass.gov-zxz.life/pay/assets/C48TGtPo.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mass.gov-zxz.life/pay/
Certificate
IssuerGoogle Trust Services
Subjectgov-zxz.life
FingerprintB0:95:4A:A2:15:00:D6:E8:96:B0:07:02:B1:00:DD:51:BE:FE:E0:47
ValidityThu, 12 Jun 2025 12:24:27 GMT - Wed, 10 Sep 2025 13:22:49 GMT

File type
JavaScript source, ASCII text, with very long lines (30677)
Size
803 kB (803037 bytes)
Hash
c49ea66bff685a7d9d0cef70fce3d549
0cecf5f6c79273b407aead67c98093763a192dd1
7b560ef0ed99389a4044443c19d600978dd636b06278d26cbe8aa121cd277e3c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic phishing
urlquery	phishing	Phishing - Generic Phishing

HTTP Headers

GET /pay/assets/C48TGtPo.js HTTP/1.1
Host: mass.gov-zxz.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mass.gov-zxz.life/pay/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 12 Jun 2025 17:12:26 GMT
content-type: application/javascript
server: cloudflare
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 12 Jun 2025 17:12:26 GMT
priority: u=3,i=?0
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=430Vz%2FyU2GPLYnaKPPUp2FUFqryxe13cOob2EKvZYw%2FosdaEzwTORd0O4vMdsqXoriGquPg6MfVzJ%2FiFPkqAcvH%2F4ZDI6EKXuovF05B1Fg%3D%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 94eaf91c1ea656aa-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET mass.gov-zxz.life/pay/assets/Dn46IsNz.css

188.114.96.1

200 OK

388 kB

URL GET
mass.gov-zxz.life/pay/assets/Dn46IsNz.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mass.gov-zxz.life/pay/
Certificate
IssuerGoogle Trust Services
Subjectgov-zxz.life
FingerprintB0:95:4A:A2:15:00:D6:E8:96:B0:07:02:B1:00:DD:51:BE:FE:E0:47
ValidityThu, 12 Jun 2025 12:24:27 GMT - Wed, 10 Sep 2025 13:22:49 GMT

File type
ASCII text, with very long lines (64584)
Size
388 kB (387669 bytes)
Hash
db5ca2da322bca079f99291e90ed8438
1afe796ddb282b27b854aae83793a9623f7ad97c
a838f4c461df1311b848c75c0cb01b816f7a4bf04df9982ec3cdde7fa0a5d949

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Phishing

HTTP Headers

GET /pay/assets/Dn46IsNz.css HTTP/1.1
Host: mass.gov-zxz.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mass.gov-zxz.life/pay/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 12 Jun 2025 17:12:26 GMT
content-type: text/css
server: cloudflare
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 12 Jun 2025 17:12:26 GMT
priority: u=2,i=?0
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=yiBHviRFhS8ylAo4X0XwQWjFy8pCPEQUDwOHMk%2Fp5%2BQHTrFCyWCgqY2Q%2BMWFhTfFIx4YnroYSYntiucQnsTNhT2GMgcBVC7o9jwB9J7xBw%3D%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 94eaf91c1eab56aa-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET mass.gov-zxz.life/pay/assets/BHcjXi3x.gif

188.114.96.1

200 OK

60 kB

URL GET
mass.gov-zxz.life/pay/assets/BHcjXi3x.gif
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mass.gov-zxz.life/pay/
Certificate
IssuerGoogle Trust Services
Subjectgov-zxz.life
FingerprintB0:95:4A:A2:15:00:D6:E8:96:B0:07:02:B1:00:DD:51:BE:FE:E0:47
ValidityThu, 12 Jun 2025 12:24:27 GMT - Wed, 10 Sep 2025 13:22:49 GMT

File type
GIF image data, version 89a, 256 x 256
Size
60 kB (59994 bytes)
Hash
fadd89694f57f3d6143989b62b09b288
1c6d340af3c4b392538a96c9313136fb23087aa0
7515437df23c4af47700948c1650f0f9460da07e86a9447d33cfda1f36c91052

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Phishing

HTTP Headers

GET /pay/assets/BHcjXi3x.gif HTTP/1.1
Host: mass.gov-zxz.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mass.gov-zxz.life/pay/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 12 Jun 2025 17:12:26 GMT
content-type: image/gif
server: cloudflare
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 12 Jun 2025 17:12:26 GMT
priority: u=4,i=?0
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=%2B9ClsfxAU5wdizmqdc75Sz%2FvJzfzU1Di7sqQ9UPTk6LG3BCOVfWHPD0T9OtMQnuMRDCmVqON9lY1xdCHn%2FEjkVthUyFsxqmoLO7zgpBiTA%3D%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 94eaf91c1eb056aa-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET mass.gov-zxz.life/front/checkIp?token=123

188.114.96.1

200 OK

225 B

URL GET
mass.gov-zxz.life/front/checkIp?token=123
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mass.gov-zxz.life/pay/
Certificate
IssuerGoogle Trust Services
Subjectgov-zxz.life
FingerprintB0:95:4A:A2:15:00:D6:E8:96:B0:07:02:B1:00:DD:51:BE:FE:E0:47
ValidityThu, 12 Jun 2025 12:24:27 GMT - Wed, 10 Sep 2025 13:22:49 GMT

File type
JSON text data
Size
225 B (225 bytes)
Hash
d18baa476cc0566905ac4588f8096ff0
8fbbd706418526a66a5e3e61d24277346f4fb71c
7105065fbd30eb48e8c17ca597f99db99864acd52d3ebb8e5f29d1ac31d08a9d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Phishing

HTTP Headers

GET /front/checkIp?token=123 HTTP/1.1
Host: mass.gov-zxz.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mass.gov-zxz.life/pay/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 12 Jun 2025 17:12:27 GMT
content-type: text/plain;charset=UTF-8
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=A0npx40PWVZsNHbY1nN1YFXfZS59LM8MDphog7Ya0qWkrYVKjr7qJ8qUHWvqhAszOZViJSsLTYV%2BRqnDlcN%2FRMAsDxcpEr2%2BYl07852uoQ%3D%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding: br
cf-ray: 94eaf92438a556aa-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET mass.gov-zxz.life/pay/assets/JFy5M3ci.jpg

188.114.96.1

200 OK

562 kB

URL GET
mass.gov-zxz.life/pay/assets/JFy5M3ci.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mass.gov-zxz.life/pay/
Certificate
IssuerGoogle Trust Services
Subjectgov-zxz.life
FingerprintB0:95:4A:A2:15:00:D6:E8:96:B0:07:02:B1:00:DD:51:BE:FE:E0:47
ValidityThu, 12 Jun 2025 12:24:27 GMT - Wed, 10 Sep 2025 13:22:49 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], progressive, precision 8, 2560x1302, components 3
Size
562 kB (561552 bytes)
Hash
d156a5892f8a385e687a4152b96101f6
f3c8961c505023964993f9f0d7be0cd32945dd66
f14d4df87ba5d55d59b532ea1290f9d410ba95a158ce28988f075ed84f70ddd5

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Phishing

HTTP Headers

GET /pay/assets/JFy5M3ci.jpg HTTP/1.1
Host: mass.gov-zxz.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mass.gov-zxz.life/pay/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 12 Jun 2025 17:12:28 GMT
content-type: image/jpeg
server: cloudflare
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 12 Jun 2025 17:12:28 GMT
priority: u=4,i=?0
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=N6owmxay7ylJYL7PCRMKdfVJ%2BRLQ09jO698mhexpdGUWVTtSylu9XOP5%2FpJHox%2BLz9dH%2BjezLLp8Y4RuYKo0LBoBB30n8eJRbYI7iUkFAg%3D%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 94eaf925da8b56aa-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET wss://mass.gov-zxz.life/front/im/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpZCI6NDY1NX0.JQir7a0fFToLu8EKdJwqleuvdA5tgVR2V5X635z19os

188.114.96.1

101

0 B

URL GET
wss://mass.gov-zxz.life/front/im/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpZCI6NDY1NX0.JQir7a0fFToLu8EKdJwqleuvdA5tgVR2V5X635z19os
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mass.gov-zxz.life/pay/
Certificate
IssuerGoogle Trust Services
Subjectgov-zxz.life
FingerprintB0:95:4A:A2:15:00:D6:E8:96:B0:07:02:B1:00:DD:51:BE:FE:E0:47
ValidityThu, 12 Jun 2025 12:24:27 GMT - Wed, 10 Sep 2025 13:22:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Phishing

HTTP Headers

GET /front/im/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpZCI6NDY1NX0.JQir7a0fFToLu8EKdJwqleuvdA5tgVR2V5X635z19os HTTP/1.1
Host: mass.gov-zxz.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://mass.gov-zxz.life
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ggtbGA2a/rfGxQPUDvktzA==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 
Date: Thu, 12 Jun 2025 17:12:28 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0HBi+3i5phIWZGACVVlj0XTLGJ0=
Sec-WebSocket-Extensions: permessage-deflate
cf-cache-status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rQER4Fh2DGgKgGLY%2Basvp%2F2sJHpLIBN1PgpzFXMssqMSNuu3hTpKzvt5VLXXWnSjMQzG0E9kkQPmpK4WfKM%2Bpzelx68ZV6t3xNhIP66UOGFyqp0mr4WDqMh9blWKrawKVsW2CA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 94eaf9276e705687-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=549&min_rtt=531&rtt_var=140&sent=5&recv=8&lost=0&retrans=0&sent_bytes=3111&recv_bytes=1267&delivery_rate=7350253&cwnd=252&unsent_bytes=0&cid=24ed65483d4f7d8e&ts=405&x=0"

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (9)

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers