| aadcdn.msauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg | 13.107.213.53 | 200 OK | 621 B |
URL GET HTTP/2aadcdn.msauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg IP13.107.213.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://mail2.goggle.workers.dev/ CertificateIssuerDigiCert Inc Subjectaadcdn.msauth.net FingerprintEB:7C:D1:4E:EF:B5:D4:72:25:0B:1A:AF:5F:10:3D:EA:13:80:5A:47 ValidityMon, 29 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash4e48046ce74f4b89d45037c90576bfac 4a41b3b51ed787f7b33294202da72220c7cd2c32 8e6db1634f1812d42516778fc890010aa57f3e39914fb4803df2c38abbf56d93
GET /shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg HTTP/1.1
Host: aadcdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail2.goggle.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:42:34 GMT
content-type: image/svg+xml
content-length: 621
cache-control: public, max-age=31536000
content-encoding: gzip
last-modified: Tue, 10 Nov 2020 03:41:24 GMT
etag: 0x8D8852A7FA6B761
x-ms-request-id: 1a991770-f01e-0061-2381-928cbe000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref: 20240424T174234Z-16c4f695cc5w955zqcuzdz90ms00000001xg000000000h4f
x-fd-int-roxy-purgeid: 4554691
x-cache: TCP_HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcSuRNOJpRlrJrANUho9eSgJ9ezRcQW_6Wj2aw&usqp=CAU | 142.250.74.174 | 200 OK | 4.3 kB |
URL GET HTTP/2encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcSuRNOJpRlrJrANUho9eSgJ9ezRcQW_6Wj2aw&usqp=CAU IP142.250.74.174:443
Requested byhttps://mail2.goggle.workers.dev/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typePNG image data, 300 x 168, 8-bit colormap, non-interlaced Hashfb3019c66f73c17d27760ad81cefaf78 c26e1686ad6c9fe01e7876ca3c1cc274b0cbbb01 e76033161f558809dd7456a4d83b58cc767805a4d1086a6dad52058588e955ff
GET /images?q=tbn:ANd9GcSuRNOJpRlrJrANUho9eSgJ9ezRcQW_6Wj2aw&usqp=CAU HTTP/1.1
Host: encrypted-tbn0.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail2.goggle.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-length: 4314
date: Wed, 24 Apr 2024 17:42:34 GMT
expires: Thu, 24 Apr 2025 17:42:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 20 Apr 2020 16:30:18 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.linkpicture.com/q/Screen-Shot-2022-01-30-at-10.27.21-PM.png | 104.21.235.182 | 404 Not Found | 14 kB |
URL GET HTTP/2www.linkpicture.com/q/Screen-Shot-2022-01-30-at-10.27.21-PM.png IP104.21.235.182:443
Requested byhttps://mail2.goggle.workers.dev/ CertificateIssuerLet's Encrypt Subjectlinkpicture.com Fingerprint62:4F:48:67:0C:99:84:78:DC:20:04:F2:01:27:01:D2:59:AB:35:94 ValidityFri, 05 Apr 2024 08:24:47 GMT - Thu, 04 Jul 2024 08:24:46 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (4070) Hash6975f812303998923f699349caa17644 190f243b5bd4cf1b4c88dcffdef3eea665d66cfe 0868363e47317d88b4c1be6dcefe531e74f60d191bf3d4cec6787825dd99faba
GET /q/Screen-Shot-2022-01-30-at-10.27.21-PM.png HTTP/1.1
Host: www.linkpicture.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail2.goggle.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Wed, 24 Apr 2024 17:42:34 GMT
content-type: text/html
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cache-control: max-age=31536000
cf-cache-status: HIT
age: 57709
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wlm37pAFq4uuxXiybY1IKw6YGSym%2FxROEJ5MAxxcM0lAQ6uoSyv4nJDLxmRm8rSNiNqpamIFGok9YIdPWzyaHa5j9R%2FD%2Fnb1bKajNG7y0Zl%2FnL%2BVRDHTHN3YKHksI6n4T8X6IQEN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8797e3fead52dd7a-LHR
content-encoding: br
X-Firefox-Spdy: h2
|
|
| mail2.goggle.workers.dev/favicon.ico | 104.21.39.44 | 200 OK | 10 kB |
URL GET HTTP/3mail2.goggle.workers.dev/favicon.ico IP104.21.39.44:443
Requested byhttps://mail2.goggle.workers.dev/ CertificateIssuerGoogle Trust Services LLC Subjectgoggle.workers.dev FingerprintE3:78:19:1E:EC:E9:9E:C2:32:5C:0D:0D:02:BE:BB:3A:AF:6D:59:75 ValiditySun, 31 Mar 2024 00:46:10 GMT - Sat, 29 Jun 2024 00:46:09 GMT
File typeHTML document, ASCII text, with very long lines (9977), with no line terminators Hashef450d561cc0f48d2f01627e0636ab24 a484867e3ad2441c3340bd7bb30d3034b2ec4a7a 6627fbc742713d14064dd329fe3e4e7c837345d005af54bf13c546bad3251f63
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft | OpenPhish | phishing | Office365 | PhishTank | phishing | Other |
GET /favicon.ico HTTP/1.1
Host: mail2.goggle.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail2.goggle.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:42:34 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1wrhmvUN%2FufWVhyObPVvlrb6nXDxxEd1ozIqi7pAZ1TwPMPMmPQVt9VrbYWys%2BrCw4xGRPbNXMunMqB2nY4avoGHyjkpQFbws%2FgsO8nLi1K6OWX4bde7RWAEHljz%2FEO0fMzUKqvBhFHJV%2B0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797e3ff8a4656cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| mail2.goggle.workers.dev/ | 104.21.39.44 | 200 OK | 10 kB |
URL User Request GET HTTP/2mail2.goggle.workers.dev/ IP104.21.39.44:443
CertificateIssuerGoogle Trust Services LLC Subjectgoggle.workers.dev FingerprintE3:78:19:1E:EC:E9:9E:C2:32:5C:0D:0D:02:BE:BB:3A:AF:6D:59:75 ValiditySun, 31 Mar 2024 00:46:10 GMT - Sat, 29 Jun 2024 00:46:09 GMT
File typeHTML document, ASCII text, with very long lines (9977), with no line terminators Hashef450d561cc0f48d2f01627e0636ab24 a484867e3ad2441c3340bd7bb30d3034b2ec4a7a 6627fbc742713d14064dd329fe3e4e7c837345d005af54bf13c546bad3251f63
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft | OpenPhish | phishing | Office365 | PhishTank | phishing | Other |
GET / HTTP/1.1
Host: mail2.goggle.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 17:42:33 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i5RwcFVyuKryhh7fQpnfUK4E0W5sSb3YAgQZJqJnnruQcIQaARg20vAFqscwms13dpYwQu7ZL0lwWm3%2BenYG9YWnwpDGcucKiaTrxDPhq%2BTyauBPDuaRWSOAmmeqyc48yZeKTN4aoFfHTAI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797e3fbc836b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| mail2.goggle.workers.dev/style.css | 104.21.39.44 | 200 OK | 10 kB |
URL GET HTTP/3mail2.goggle.workers.dev/style.css IP104.21.39.44:443
Requested byhttps://mail2.goggle.workers.dev/ CertificateIssuerGoogle Trust Services LLC Subjectgoggle.workers.dev FingerprintE3:78:19:1E:EC:E9:9E:C2:32:5C:0D:0D:02:BE:BB:3A:AF:6D:59:75 ValiditySun, 31 Mar 2024 00:46:10 GMT - Sat, 29 Jun 2024 00:46:09 GMT
File typeHTML document, ASCII text, with very long lines (9977), with no line terminators Hashef450d561cc0f48d2f01627e0636ab24 a484867e3ad2441c3340bd7bb30d3034b2ec4a7a 6627fbc742713d14064dd329fe3e4e7c837345d005af54bf13c546bad3251f63
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft | OpenPhish | phishing | Office365 | PhishTank | phishing | Other |
GET /style.css HTTP/1.1
Host: mail2.goggle.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mail2.goggle.workers.dev/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 17:42:33 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gxILwctFcYXD%2BSmYvEBEccuEJPbYzCwTbV%2BXD%2Fe9DPD9LUw6%2BIURoomW2ZJ1HWoDPMqpZhtIgYJNiN6vCBxcIjeqmBQXeEpkdOSqKZEWV33MQceaYVAE9VH%2Bw%2FZmlgAQufbwxtTgWbJpp64%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8797e3fe2fea56cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|