Report - open-3mg.pages.dev/

Report Overview

Visited public
2023-10-24 12:16:26
Tags
URL
open-3mg.pages.dev/
Finishing URL
open-3mg.pages.dev/#
IP / ASN
188.114.96.1
#13335 CLOUDFLARENET
Title
Security Center

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-10-24 01:55:35	2.7 kB	43 kB	216.58.207.227
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18 02:37:31	2023-10-23 22:23:22	1.0 kB	75 kB	104.18.11.207
stackpath.bootstrapcdn.com	2467	2012-05-25	2018-06-15 22:36:43	2023-10-23 18:12:54	968 B	222 kB	104.18.11.207
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-10-24 02:02:39	570 B	20 kB	142.250.74.138
open-3mg.pages.dev	unknown	2020-09-02	2023-08-25 00:33:08	2023-10-12 23:07:31	13 kB	1.1 MB	188.114.96.1
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2023-10-23 19:06:24	468 B	2.4 kB	104.17.25.14
ocsp.pki.goog	175	2016-06-13	2018-07-01 08:43:07	2023-10-23 18:12:02	2.0 kB	4.2 kB	142.250.74.131
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-10-24 01:22:57	887 B	149 kB	142.250.74.168

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-10-12	medium	open-3mg.pages.dev/	Office365
2023-10-12	medium	open-3mg.pages.dev/	Office365
2023-10-12	medium	open-3mg.pages.dev/	Office365
2023-10-12	medium	open-3mg.pages.dev/	Office365
2023-10-12	medium	open-3mg.pages.dev/	Office365
2023-10-12	medium	open-3mg.pages.dev/	Office365
2023-10-12	medium	open-3mg.pages.dev/	Office365
2023-10-12	medium	open-3mg.pages.dev/	Office365
2023-10-12	medium	open-3mg.pages.dev/	Office365
2023-10-12	medium	open-3mg.pages.dev/	Office365
2023-10-12	medium	open-3mg.pages.dev/	Office365
2023-10-12	medium	open-3mg.pages.dev/	Office365
2023-10-12	medium	open-3mg.pages.dev/	Office365
2023-10-12	medium	open-3mg.pages.dev/	Office365
2023-10-12	medium	open-3mg.pages.dev/	Office365
2023-10-12	medium	open-3mg.pages.dev/	Office365
2023-10-12	medium	open-3mg.pages.dev/	Office365
2023-10-12	medium	open-3mg.pages.dev/	Office365
2023-10-12	medium	open-3mg.pages.dev/	Office365
2023-10-12	medium	open-3mg.pages.dev/	Office365
2023-10-12	medium	open-3mg.pages.dev/	Office365
2023-10-12	medium	open-3mg.pages.dev/	Office365
2023-10-12	medium	open-3mg.pages.dev/	Office365
2023-10-12	medium	open-3mg.pages.dev/	Office365
2023-10-12	medium	open-3mg.pages.dev/	Office365
2023-10-12	medium	open-3mg.pages.dev/	Office365
2023-10-12	medium	open-3mg.pages.dev/	Office365
2023-10-12	medium	open-3mg.pages.dev/	Office365
2023-10-12	medium	open-3mg.pages.dev/	Office365

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (33)

	URL	From	Size	First Seen	Last Seen
	open-3mg.pages.dev/	ScriptElement	155 B	2023-08-26	2024-09-19
Pretty URL open-3mg.pages.dev/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 00:50 Last Seen2024-09-19 21:51 Times Seen25 Hash 17f4b98830c654179e9d759fbd7d6081 8ca17d7f50c06045a4ba3d8d1d31d7007e77824e 335f0575c79f16db82cc30a9c97438a3c8abf7e5e12e56c7b4968be1d420cbfd Loading...

	open-3mg.pages.dev/#	ScriptElement	537 B	2023-08-26	2024-09-19
Pretty URL open-3mg.pages.dev/# IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-26 00:50 Last Seen2024-09-19 21:51 Times Seen25 Hash 4ac012955f8e4339e5619ddcba9d553e aa5501cf3943fc4f06ca1c6fd6e86fc308b84f91 484b02324a3b76b311c8f68769b23daa02b2277ed2e2f1a61f4b75919858241e Loading...

	www.googletagmanager.com/gtag/js?id=G-615GFK45L8&l=dataLayer&cx=c	ScriptElement	221 kB	2023-10-24	2023-10-24
Pretty URL www.googletagmanager.com/gtag/js?id=G-615GFK45L8&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-24 14:16 Last Seen2023-10-24 14:16 Times Seen1 Hash 0ff0b6872f293ee31de91eb60e945148 861d967535bdfa801f71556441a10bb2eb6fadbd 357bdae2eef637900f13833f8eadc96ac6c1436ecddb157bbbd599654bdc490a Loading...

	open-3mg.pages.dev/#	ScriptElement	249 B	2023-03-08	2025-04-26
Pretty URL open-3mg.pages.dev/# IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 20:59 Last Seen2025-04-26 11:40 Times Seen146 Hash 8f24ff841d3a879fefee1b6fd8f5cf4e d78b4f83d8209b03b5577d845d588fc6b3dba87d 1160955397b9729b1aa1705233b2dca5074e6b423bf03f674365b9c96a29ead2 Loading...

	open-3mg.pages.dev/#	ScriptElement	411 B	2023-03-08	2025-04-26
Pretty URL open-3mg.pages.dev/# IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 20:59 Last Seen2025-04-26 11:40 Times Seen147 Hash 47b0adb088231dfe83a94d70b2a0fac9 40b58995fd5f78bc4b9ddc3115500bb26d7d69ee 9124a5a0c8750b2814b4210836d0cef74582b32da209a5ce08477d87f632d912 Loading...

	open-3mg.pages.dev/#	ScriptElement	343 B	2023-03-08	2025-04-26
Pretty URL open-3mg.pages.dev/# IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 20:59 Last Seen2025-04-26 11:40 Times Seen147 Hash 5eb0001be899b0162b07503014158bae dd3f417309625631f1ad5619e26ef4c1f5f574f3 4a6d8f6c270fc7b0da1f2716e4816584b46d7ec4a0b36ca17e68ea62800b89dd Loading...

	open-3mg.pages.dev/#	ScriptElement	77 B	2023-03-08	2025-04-26
Pretty URL open-3mg.pages.dev/# IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 20:59 Last Seen2025-04-26 11:40 Times Seen147 Hash b00837539d223ad30b4e0bb1e2274454 bcbd3dede4be30dce36c0c690d74af4c14569185 c1d059fe7cbca381ad73bdb997512ab8ecdcbc6cea27df38bcb1f8e88947a9b9 Loading...

	open-3mg.pages.dev/sandbox%20eval%20code		147 B	2023-04-11	2025-05-11
Pretty URL open-3mg.pages.dev/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-11 18:43 Times Seen341987 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-11
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-11 18:43 Times Seen341185 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	open-3mg.pages.dev/#	ScriptElement	104 B	2023-03-08	2025-04-26
Pretty URL open-3mg.pages.dev/# IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 20:59 Last Seen2025-04-26 11:40 Times Seen146 Hash e57cef754253da4b90d64c13d4d76c65 f26cf6dcc35c22427428aed728afefe6249e507b 96c49979c51468d35d634164023b2e667a5d55570df057ab88ed9051dae2544e Loading...

	open-3mg.pages.dev/#	ScriptElement	420 B	2023-03-08	2025-04-26
Pretty URL open-3mg.pages.dev/# IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 20:59 Last Seen2025-04-26 11:40 Times Seen150 Hash 7df71ac4befa0a21f574c8685b7d8e48 9246fef31723fb86cf6739bd342e14c27f84aa4c 1e3054654d6ed85b44e2755100c481b74dcb89982506cb43a01d03b8a725f3c5 Loading...

	open-3mg.pages.dev/#	ScriptElement	410 B	2023-03-08	2025-04-26
Pretty URL open-3mg.pages.dev/# IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 20:59 Last Seen2025-04-26 11:40 Times Seen133 Hash dac317339aaa24af40de382bf81b35e6 3d4d93bc9d7d676f1b46c0a0254f18d60b44433b 281facea01bc7a4b501fd9855cd1043091a49684132ab4cc909f1ccd0475bf1d Loading...

	open-3mg.pages.dev/#	ScriptElement	1.3 kB	2023-03-08	2025-04-26
Pretty URL open-3mg.pages.dev/# IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 20:59 Last Seen2025-04-26 11:40 Times Seen154 Hash dda9c4744d15cb41d823452f0e794354 ea4260a55a4b50d0f85d5684f619688ff07abeb9 c45e1051e96121fac580c084018adefd8f6f368a69673020902ce5a4e87a8da8 Loading...

	stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js	ScriptElement	60 kB	2023-03-07	2025-05-11
Pretty URL stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js IP 104.18.11.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06 Last Seen2025-05-11 16:30 Times Seen6126 Hash 02d223393e00c273efdcb1ade8f4f8b1 0cc93b8421d89c24a889642428b363cb831de78a 79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582 Loading...

	open-3mg.pages.dev/#	ScriptElement	29 B	2023-03-07	2025-05-10
Pretty URL open-3mg.pages.dev/# IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:14 Last Seen2025-05-10 22:11 Times Seen438 Hash b1cb68711eabf10521a5607b934cc2d4 fb5622af852db2dbb77450007d03974ca5425938 191f23c8b39228dd6066811d0f4d97adc6cbf38bb7a4bc25f398e6d0bb0f8286 Loading...

	open-3mg.pages.dev/#	ScriptElement	30 B	2023-03-07	2025-04-28
Pretty URL open-3mg.pages.dev/# IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:14 Last Seen2025-04-28 10:31 Times Seen243 Hash 9734c5652d82a524c3fbd3938eaf214d 982c19a953702dd048da577d87f9480da89e36ba b37c7da95920676d3cd924e9069ea23c910f3ef4fabc316f666ba38eae24c86f Loading...

	open-3mg.pages.dev/#	ScriptElement	32 kB	2023-04-18	2025-04-26
Pretty URL open-3mg.pages.dev/# IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-18 00:42 Last Seen2025-04-26 11:40 Times Seen129 Hash c589fc8bd1a3f6f55120876453cb80a2 9c8ce141fa96667e7dec2f610c6ae2cff7477e4a a19e03bef604e89e2095a750657b27f01e00adc7bbf14cd5df366f09d048b5f4 Loading...

	open-3mg.pages.dev/#	ScriptElement	6.4 kB	2023-04-18	2025-04-26
Pretty URL open-3mg.pages.dev/# IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-18 00:42 Last Seen2025-04-26 11:40 Times Seen130 Hash 30c7d4844c6458683e6323b6d83f29a0 15f45b43ae0f782f6462ea24e2d3eeaa969cc1f3 8997d4bd1aba54de7b42777e33217a979225c5e40d8d2957b3e8d5d83be1c48f Loading...

	open-3mg.pages.dev/jquery.min.js	ScriptElement	84 kB	2023-03-09	2025-04-28
Pretty URL open-3mg.pages.dev/jquery.min.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 09:58 Last Seen2025-04-28 10:31 Times Seen119 Hash 5ef8f94927c4b93db369713bbcb3d497 5ef934231388f13dd7874575e90101d023615ca1 6806c88afe0840c35208894c4ceba911154f696b624614b30b884298c2c3e00d Loading...

	www.googletagmanager.com/gtag/js?id=UA-233119464-1	ScriptElement	190 kB	2023-10-24	2023-10-24
Pretty URL www.googletagmanager.com/gtag/js?id=UA-233119464-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-24 14:16 Last Seen2023-10-24 14:16 Times Seen1 Hash 89aabddb71310a4e2ba8b1b2b9f9018e 970af8e8267e32c8837c6076a22b4dc1a4f9c780 49ae6daedc485ef722a3c0b4d6ed947b276450c5a8a044047a12f16c77ad991e Loading...

	open-3mg.pages.dev/#	ScriptElement	117 B	2023-03-08	2025-04-26
Pretty URL open-3mg.pages.dev/# IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 20:59 Last Seen2025-04-26 11:40 Times Seen149 Hash dde39129e3e36c80fe310a411e454a05 d0bca43e610ce3a3f3cf30c2a5e1c2e1e16edcd0 9d0c58495e5698ae56722ff443c316546e9b413204490d89d0453d974c41b63b Loading...

	unknown	EventHandler	19 B	2023-04-10	2025-05-10
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-10 16:23 Last Seen2025-05-10 22:27 Times Seen7895 Hash 57381d43f260aa3b8c47820ca38655a3 8d087b53d91f8e3ff0def7d1d94a6dada72fac79 35b90e4b54b87ed6cd2b439eac195f9eb59e731e17248c95fb1e26e15d61f943 Loading...

	open-3mg.pages.dev/#	ScriptElement	284 B	2023-03-08	2025-04-26
Pretty URL open-3mg.pages.dev/# IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 20:59 Last Seen2025-04-26 11:40 Times Seen149 Hash 6793c47ecf90c42e1167ef2ba7d5fd58 31941e34f4878bf94dab7ea6ffe35085667381e8 737e4f7d0030f1fdbe0a93088bb090a0039d0226d270774306624ea505c6703c Loading...

	open-3mg.pages.dev/#	ScriptElement	162 B	2023-03-08	2025-04-26
Pretty URL open-3mg.pages.dev/# IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 20:59 Last Seen2025-04-26 11:40 Times Seen149 Hash 6102079a428a92fdef3de76919210fe2 27f0de724ec1332e9463f483b9fcf3f9d664962f e473074e0d7d08aeb60700c9f55982a10ad142803db3f49e88c7f8ecdbda5d55 Loading...

	open-3mg.pages.dev/#	ScriptElement	3.3 kB	2023-03-08	2025-04-26
Pretty URL open-3mg.pages.dev/# IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 20:59 Last Seen2025-04-26 11:40 Times Seen149 Hash 34379c1c6975d2de97babfaa76a921f5 4e10f11e61a8013b99db590245729fc05becc31e 8e3a7c30cebf1748db4903b0202c91c9878aa111aa3dc2ed6c82163fcfcf1936 Loading...

	open-3mg.pages.dev/#	ScriptElement	19 kB	2023-03-08	2025-04-26
Pretty URL open-3mg.pages.dev/# IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 20:59 Last Seen2025-04-26 11:40 Times Seen149 Hash f66b1da17f340aefb66dc4cf04f37aae f95082a3dad6f5265584c5479b3a7bebefc15698 a34497dde55aa85ca561c0dcab9f95ae59130b97345f39f15d331acbaaa259da Loading...

	open-3mg.pages.dev/#	ScriptElement	99 B	2023-03-08	2025-04-26
Pretty URL open-3mg.pages.dev/# IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 20:59 Last Seen2025-04-26 11:40 Times Seen149 Hash bc6fc1a8786058e84884abcc63d76dd0 fee5f91433674b9a982024637a8ca6228d118150 b51a11d11dfec588f9495afbbbef63879a17156d1478108b15db508a3125ad41 Loading...

	open-3mg.pages.dev/#	ScriptElement	167 B	2023-03-08	2025-04-26
Pretty URL open-3mg.pages.dev/# IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 20:59 Last Seen2025-04-26 11:40 Times Seen149 Hash 65fe908e4723af3f878c7873b0d7c643 b1142826070fc697d07461f0280c8080b67069c5 e4b4f92361e9677a8fa570e393c2eb6399a8582ef6ec21ed2695b6917f7a4332 Loading...

	open-3mg.pages.dev/#	ScriptElement	154 B	2023-03-08	2025-04-26
Pretty URL open-3mg.pages.dev/# IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 20:59 Last Seen2025-04-26 11:40 Times Seen149 Hash 7e6c6ff74cf5094cf8530866270d5870 1a90a609decbe6d10ee7ade02699035e0b80799e e0e5ace9c85c76d14cded255d79d666ed13dc85ed55d5ed9a85110700976104c Loading...

	open-3mg.pages.dev/#	ScriptElement	153 B	2023-03-08	2025-04-26
Pretty URL open-3mg.pages.dev/# IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 20:59 Last Seen2025-04-26 11:40 Times Seen124 Hash 69960977eb629b2849d1227a440e0441 fdf156fdce7a426a9f00008baec4716536c9af42 cfb94804ccd9bacbcd74c8ffa08eff8811ecb21c130f299772db67594cc8ff23 Loading...

	open-3mg.pages.dev/#	ScriptElement	153 B	2023-03-08	2025-04-26
Pretty URL open-3mg.pages.dev/# IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 20:59 Last Seen2025-04-26 11:40 Times Seen81 Hash 02988a31ab6354efcef5d42349662058 81c16a67a0a0570aaa19a2f835d572863a9f0f13 9d965244cc0e200da86d12af8ba2a0676d50499e6150b2e3d454aea2ffa7b775 Loading...

		Size	First Seen	Last Seen
	#1 Write - b9de6416d16769880fe4a91a5f1f67ce	30 B	2023-08-26 00:50	2024-09-19 21:51
Pretty Observations First Seen2023-08-26 00:50 Last Seen2024-09-19 21:51 Times Seen25 Hash b9de6416d16769880fe4a91a5f1f67ce a82418675686c64772d7412df964324642f80dd2 325fe462355c5db021d30b8a5acbb04613a305ecbe1259f59c5eb8533a520ff6 Loading...

	#2 Write - b0dbea13c5bf1c45782f4b8a81d68700	14 B	2023-08-26 00:50	2024-09-19 21:51
Pretty Observations First Seen2023-08-26 00:50 Last Seen2024-09-19 21:51 Times Seen25 Hash b0dbea13c5bf1c45782f4b8a81d68700 09a653d541ff98c5c3c4db1f9eaa4c34e6b87a2e 9c3778ee7560bc4e8ba8c4882e9066359a6af69511c1e25b0f2a7326b572a184 Loading...

HTTP Transactions (48)

URL IP Response Size

open-3mg.pages.dev/5f205bb63ccd2_v.css

188.114.96.1

200 OK

0 B

URL GET HTTP/3
open-3mg.pages.dev/5f205bb63ccd2_v.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://open-3mg.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectopen-3mg.pages.dev
FingerprintA2:E8:46:4E:48:D9:62:8F:3B:37:16:5A:A9:13:EC:A9:58:B4:E0:A3
ValiditySun, 22 Oct 2023 23:25:09 GMT - Sat, 20 Jan 2024 23:25:08 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /5f205bb63ccd2_v.css HTTP/1.1
Host: open-3mg.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open-3mg.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 24 Oct 2023 12:16:06 GMT
content-type: text/css; charset=utf-8
content-length: 0
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "9e7a27539226d700e116522ee435029d"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DiImtL0YUn3OibO8GN0%2FubEiYBSwEz5azTUvUzCnfjezd8CXpLkg2XBInUpiVUR8cR2%2F10Tg5AOOu2YYTx4WkWjI2uaIxEVbn0gaWIH5kIo0FzCdH0pilePQYO0Zb23VmBHagpQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81b226261f541c0e-OSL
alt-svc: h3=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/froala-editor/2.8.5/css/froala_style.min.css

104.17.25.14

200 OK

1.4 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/froala-editor/2.8.5/css/froala_style.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://open-3mg.pages.dev/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (7048)
Size
1.4 kB (1381 bytes)
Hash
8d4fba5186f02a0c4458986b0cf91667
785579011ecdda9e4754ca41649fa2fc06453b52
1cfc73a6db9523c12b6b7f5d009bed19c8799eed001f607bd891a1fd838b7739

HTTP Headers

GET /ajax/libs/froala-editor/2.8.5/css/froala_style.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open-3mg.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 24 Oct 2023 12:16:06 GMT
content-type: text/css; charset=utf-8
content-length: 1381
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "64942a50-565"
last-modified: Thu, 22 Jun 2023 11:02:40 GMT
cf-cdnjs-via: cfworker/r2
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 5943564
expires: Sun, 13 Oct 2024 12:16:06 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iNfb8ENeD5FaAER%2F7nSw8ybEydcc%2BCalgIlX0iXfHBJnrBdOozArdY%2F9pP%2Bfk2bff0y%2Bc7y%2BGxi0cQ6E7AltbirGGIGCRH%2BSI3guCYTNuy7wZTb90%2FOgoo2e4gJ1fkbs9RwGNInS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 81b226268ab8b4f7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

open-3mg.pages.dev/microsoft.jpg

188.114.96.1

200 OK

2.0 kB

URL GET HTTP/3
open-3mg.pages.dev/microsoft.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://open-3mg.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectopen-3mg.pages.dev
FingerprintA2:E8:46:4E:48:D9:62:8F:3B:37:16:5A:A9:13:EC:A9:58:B4:E0:A3
ValiditySun, 22 Oct 2023 23:25:09 GMT - Sat, 20 Jan 2024 23:25:08 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 47x46, components 3\012- data
Size
2.0 kB (2004 bytes)
Hash
513307d24832cc64115e69c57dd4f69a
ba2e4718f5dec696d5e1e9ab95361f5dfb337f23
f70249b342aecd9e3d2367aea39df606e92562f9d7945ad8849b36cd3e3a85a1

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /microsoft.jpg HTTP/1.1
Host: open-3mg.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open-3mg.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 24 Oct 2023 12:16:06 GMT
content-type: image/jpeg
content-length: 2004
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "2fb10ecfbac7eb44dcf7cd10a0e04aff"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bU8%2BoZ7LW5fErhJzsRkprE8ST6H1aSrzCaxltY83JXmtAkIqcVTxGO%2BbwpUZG7mW7ZdTZAVL6fYvIJxFGCrg5jA6GglpLFtweyZSnAufi61XCYvY6Hi17jxuGpcFbWcJ%2Bvk5VRs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81b226263f651c0e-OSL
alt-svc: h3=":443"; ma=86400

open-3mg.pages.dev/cut.png

188.114.96.1

200 OK

1.2 kB

URL GET HTTP/3
open-3mg.pages.dev/cut.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://open-3mg.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectopen-3mg.pages.dev
FingerprintA2:E8:46:4E:48:D9:62:8F:3B:37:16:5A:A9:13:EC:A9:58:B4:E0:A3
ValiditySun, 22 Oct 2023 23:25:09 GMT - Sat, 20 Jan 2024 23:25:08 GMT

File type
PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced\012- data
Size
1.2 kB (1192 bytes)
Hash
e526e4ff50594a6c4a5d05c18474d6e7
705609a2bd21c1e3e13666451c75d2c51436c83e
d25cf2403704d5208d662af4ef703d424cedeac253a43a1aec6e60e0db43837f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /cut.png HTTP/1.1
Host: open-3mg.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open-3mg.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 24 Oct 2023 12:16:06 GMT
content-type: image/png
content-length: 1192
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "0d27498074b71cae952cc8068bce9007"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rBxiSBwfKV%2FaeTDBCcS6qixX%2FIHYZGYYLWpe1yq3qnFfSFSVA1K0JSUhS3LCHfUp57Q7lzBL3hP400hasEQrFgyURcHnER0Y7x9D2BKBFvTKQ8CHKponIjs6Z%2BWUhqtas0NGPro%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81b226263f671c0e-OSL
alt-svc: h3=":443"; ma=86400

open-3mg.pages.dev/5f205bb9bf55a_v.gif

188.114.96.1

200 OK

1.8 kB

URL GET HTTP/3
open-3mg.pages.dev/5f205bb9bf55a_v.gif
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://open-3mg.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectopen-3mg.pages.dev
FingerprintA2:E8:46:4E:48:D9:62:8F:3B:37:16:5A:A9:13:EC:A9:58:B4:E0:A3
ValiditySun, 22 Oct 2023 23:25:09 GMT - Sat, 20 Jan 2024 23:25:08 GMT

File type
GIF image data, version 89a, 120 x 97\012- data
Size
1.8 kB (1776 bytes)
Hash
8806694db55d271b6c836433d103afcd
a532ae846499ffa93bd6ed8baafcbdabb2cc8da1
989f955c24583be00defab08c4cf80b17fe4c12756686359367144f0506eb8b8

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /5f205bb9bf55a_v.gif HTTP/1.1
Host: open-3mg.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open-3mg.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 24 Oct 2023 12:16:06 GMT
content-type: image/gif
content-length: 1776
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "e6f4b8a850008864fc4699371ab48e7a"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2FQPtf7pW3NUH0nvuTe8tuEMAwPvFFbxO9BQHUx982yNBPnxOqjL3XN1GpFYietSK2sXGboHToMnkZeprgNKyzCoUdVwF764%2BH5Cl9SQNAW6CcsiE19q9coFOp5SD%2BbNDSXe2nk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81b226264f711c0e-OSL
alt-svc: h3=":443"; ma=86400

open-3mg.pages.dev/5f205bbae3ed9_v.png

188.114.96.1

200 OK

349 B

URL GET HTTP/3
open-3mg.pages.dev/5f205bbae3ed9_v.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://open-3mg.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectopen-3mg.pages.dev
FingerprintA2:E8:46:4E:48:D9:62:8F:3B:37:16:5A:A9:13:EC:A9:58:B4:E0:A3
ValiditySun, 22 Oct 2023 23:25:09 GMT - Sat, 20 Jan 2024 23:25:08 GMT

File type
PNG image data, 13 x 13, 8-bit/color RGB, non-interlaced\012- data
Size
349 B (349 bytes)
Hash
7454c652e0733d92de6c920c2d646ae0
34a5bd8c7401f95e346895b0e5ccffbf0e9ad638
44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /5f205bbae3ed9_v.png HTTP/1.1
Host: open-3mg.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open-3mg.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 24 Oct 2023 12:16:06 GMT
content-type: image/png
content-length: 349
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "0d6dd742fc1124fe244e6f4f212155f3"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HuCSCrrzSxCARl4P1YVgX9TVS8h%2FTC%2FEWpDaVO9gpeozOaY%2FHcYQyuoBzgMjRA1%2BgL6sMzM0wo9k6f38NuJkb8LkAvm3BdBvSqqQ7Bg6GlNCrnuuS3nGMcy%2Fugoo5RdYREygCLE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81b226264f701c0e-OSL
alt-svc: h3=":443"; ma=86400

open-3mg.pages.dev/minus.png

188.114.96.1

200 OK

945 B

URL GET HTTP/3
open-3mg.pages.dev/minus.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://open-3mg.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectopen-3mg.pages.dev
FingerprintA2:E8:46:4E:48:D9:62:8F:3B:37:16:5A:A9:13:EC:A9:58:B4:E0:A3
ValiditySun, 22 Oct 2023 23:25:09 GMT - Sat, 20 Jan 2024 23:25:08 GMT

File type
PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced\012- data
Size
945 B (945 bytes)
Hash
e6eb3d938f3ebebd85c71307b38a3bf3
387223165f8e86f861a09adb1e3c10a8f2ec7006
2b6c8e23b2a2c49ac71393cb3e1740b7e2fccaa310ee06b68ca27b693d133f8e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /minus.png HTTP/1.1
Host: open-3mg.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open-3mg.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 24 Oct 2023 12:16:06 GMT
content-type: image/png
content-length: 945
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "715a3a123fc024df0a9f0d171386bebc"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YBdGFvnr5%2FiGS7eLka2pGGkq6L8UoZ0NKuGYXib9ytIYF0yUv8wVE%2FhiFoMk8YwiMjm2CkUl7poFnJp5uwleSBxW8Yf0DfVv1QgaKRjKKS3xRipP83V2Y5ZGsA9D3PpR%2B2Ifq7E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81b226264f681c0e-OSL
alt-svc: h3=":443"; ma=86400

open-3mg.pages.dev/5f205bbb6fc7d_v.gif

188.114.96.1

200 OK

102 B

URL GET HTTP/3
open-3mg.pages.dev/5f205bbb6fc7d_v.gif
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://open-3mg.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectopen-3mg.pages.dev
FingerprintA2:E8:46:4E:48:D9:62:8F:3B:37:16:5A:A9:13:EC:A9:58:B4:E0:A3
ValiditySun, 22 Oct 2023 23:25:09 GMT - Sat, 20 Jan 2024 23:25:08 GMT

File type
GIF image data, version 89a, 24 x 9\012- data
Size
102 B (102 bytes)
Hash
ef14d57c065fdbd3c66d017a729ca91f
2e7b72d674361a9c2b41767ccfbed2486e6695dd
6fcbfcda8a36536a0f9b0bc8c4a6ca451d9bafd4a879d56697e48e209691ba36

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /5f205bbb6fc7d_v.gif HTTP/1.1
Host: open-3mg.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open-3mg.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 24 Oct 2023 12:16:06 GMT
content-type: image/gif
content-length: 102
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "40e933c6110bf926e3aed6bfee33acd0"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K0K2GTKnMWsFiapk49UE%2BTcAcCfVDyT11nf8PeFcTwnCj1f2NPz85ToEVDk1hljqXnVbOBclNJjkujucQyGykwM5mTdeFC%2FD%2F31IJCFSetjziR8p96BA0lUdQ%2BVkyzuilLIAyEg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81b226264f721c0e-OSL
alt-svc: h3=":443"; ma=86400

open-3mg.pages.dev/5f205bbece31e_v.gif

188.114.96.1

200 OK

1.5 kB

URL GET HTTP/3
open-3mg.pages.dev/5f205bbece31e_v.gif
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://open-3mg.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectopen-3mg.pages.dev
FingerprintA2:E8:46:4E:48:D9:62:8F:3B:37:16:5A:A9:13:EC:A9:58:B4:E0:A3
ValiditySun, 22 Oct 2023 23:25:09 GMT - Sat, 20 Jan 2024 23:25:08 GMT

File type
GIF image data, version 89a, 30 x 29\012- data
Size
1.5 kB (1509 bytes)
Hash
1834c112f6e54f620d2ef8f8c037d450
b911b12717fc708c9418b4a2a0d72f79c5c53be3
81a5f62c155d307316d16a11e5a907a99fcfa3f70dce41d01d9f65518206734e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /5f205bbece31e_v.gif HTTP/1.1
Host: open-3mg.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open-3mg.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 24 Oct 2023 12:16:06 GMT
content-type: image/gif
content-length: 1509
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "c0bc1a0dbe7f469d69d4170c9fa8e4f9"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yK1htvzGodXNuoWwO9ORCXrfxMNhZLZG2kl1bqiL8WHWIfvsCcq544VdA6ZUDrzo1kXQOy7wgpA9QKvEbmnrtbNXQbftk6DYuENMqvAUG1E1lBrA13uwCjUEJwxLrm2DYGT59hM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81b226264f771c0e-OSL
alt-svc: h3=":443"; ma=86400

open-3mg.pages.dev/5f205bbbf25aa_v.gif

188.114.96.1

200 OK

1.5 kB

URL GET HTTP/3
open-3mg.pages.dev/5f205bbbf25aa_v.gif
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://open-3mg.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectopen-3mg.pages.dev
FingerprintA2:E8:46:4E:48:D9:62:8F:3B:37:16:5A:A9:13:EC:A9:58:B4:E0:A3
ValiditySun, 22 Oct 2023 23:25:09 GMT - Sat, 20 Jan 2024 23:25:08 GMT

File type
GIF image data, version 89a, 80 x 65\012- data
Size
1.5 kB (1506 bytes)
Hash
0d3c4efabb6072ec3312574009be3ef8
02d319a4e46538bcadcc5122883e1a0c3e94c123
45a676a0eb476e7706e0187d975b612f51f3bb4c26596f991d55f5e68fbef3e3

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /5f205bbbf25aa_v.gif HTTP/1.1
Host: open-3mg.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open-3mg.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 24 Oct 2023 12:16:06 GMT
content-type: image/gif
content-length: 1506
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "b79fc93a137bdb4771a1c52124efac77"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j76MMxHC9lU0kEiBb3qxYT%2FQiLA5pLLg5okCmeFZuP0hKVlKR%2BgyT73ksAi5yy2ZorVbsZ8wQ4OUXwhIVNYclbdQnjHqCezE63DHRzkMEzRU3rIHvMdhCR%2BRRaI1%2F4vzkIL6xEQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81b226264f731c0e-OSL
alt-svc: h3=":443"; ma=86400

open-3mg.pages.dev/microsoft.png

188.114.96.1

200 OK

1.0 kB

URL GET HTTP/3
open-3mg.pages.dev/microsoft.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://open-3mg.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectopen-3mg.pages.dev
FingerprintA2:E8:46:4E:48:D9:62:8F:3B:37:16:5A:A9:13:EC:A9:58:B4:E0:A3
ValiditySun, 22 Oct 2023 23:25:09 GMT - Sat, 20 Jan 2024 23:25:08 GMT

File type
PNG image data, 47 x 46, 8-bit/color RGBA, non-interlaced\012- data
Size
1.0 kB (1045 bytes)
Hash
bf2b460590fbb9d8e9611a6e9006b816
561e1dab259d61e798b3ce380527b71b61074ff3
ee4bc5fe81fa7c1e8497d79c9c8a96485df217092d334e9b48fa8840fed11d03

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /microsoft.png HTTP/1.1
Host: open-3mg.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open-3mg.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 24 Oct 2023 12:16:06 GMT
content-type: image/png
content-length: 1045
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "784ab5e987249ef1422816edc26a250f"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FkKsalFrbxIMETtmRGWbRQkuA0Q%2F9cBAQHjBmsuB3M7DXzbFo6uMMrJVGpGNSkZc0yGsPfDllJu8Syu5hoyIVTE3fCKVGVfmnINXRYvOkghGZTbx87%2FtGhIMbsZ4%2BAC25pp356M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81b226264f6b1c0e-OSL
alt-svc: h3=":443"; ma=86400

open-3mg.pages.dev/5f205bbe46967_v.png

188.114.96.1

200 OK

293 B

URL GET HTTP/3
open-3mg.pages.dev/5f205bbe46967_v.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://open-3mg.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectopen-3mg.pages.dev
FingerprintA2:E8:46:4E:48:D9:62:8F:3B:37:16:5A:A9:13:EC:A9:58:B4:E0:A3
ValiditySun, 22 Oct 2023 23:25:09 GMT - Sat, 20 Jan 2024 23:25:08 GMT

File type
PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced\012- data
Size
293 B (293 bytes)
Hash
9eb68d2ce05c151bda542a7a6356e22c
baeeefe4a7ac657c10a5f081841015de1bcf90dd
2d2b7040bc32b397c3c60d800de9aa7d86404f1874862eba61bdaa21f1523eb7

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /5f205bbe46967_v.png HTTP/1.1
Host: open-3mg.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open-3mg.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 24 Oct 2023 12:16:06 GMT
content-type: image/png
content-length: 293
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "50d567cbc4ca65349c78e08b48e4ce01"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MDMD9mW%2BdLZwNNQp6Mr4cGEo4hNVKJzEWYfknEW75hija7TID3PLFn%2Bf1N8nXM1MO99fKwhLvTn2Fx7VjV3V9rTdoyThI8EV6whGcnFbRrZD9OORTgOzKf8E1Y4JGlHkZHFa7QQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81b226264f6e1c0e-OSL
alt-svc: h3=":443"; ma=86400

open-3mg.pages.dev/5f205bbc8a6e3_v.gif

188.114.96.1

200 OK

1.5 kB

URL GET HTTP/3
open-3mg.pages.dev/5f205bbc8a6e3_v.gif
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://open-3mg.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectopen-3mg.pages.dev
FingerprintA2:E8:46:4E:48:D9:62:8F:3B:37:16:5A:A9:13:EC:A9:58:B4:E0:A3
ValiditySun, 22 Oct 2023 23:25:09 GMT - Sat, 20 Jan 2024 23:25:08 GMT

File type
GIF image data, version 89a, 65 x 80\012- data
Size
1.5 kB (1547 bytes)
Hash
af52e51f42fd0c55bc3cf2c8ece71492
016f83da68ff461a5c6aebcc2a45668317b2f24c
e91f304cf7409723968740e6363dda01b50acb8e94b5ca05b4a4617666ff095c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /5f205bbc8a6e3_v.gif HTTP/1.1
Host: open-3mg.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open-3mg.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 24 Oct 2023 12:16:06 GMT
content-type: image/gif
content-length: 1547
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "e07c4b56e0330a7ab00e21f12e7b8fef"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nx%2BHch4fQmhnNdcpN9cLVI9adflDKHArpVzef0LBidB2QkXaS%2B7IuWwb6%2FnwdP6BN9G3bCXq79w2bcdLT3VZNmc82LDQJdeKSDdYJ%2BvMwAGpF7FfSyTQEC4Ix4N1g4q9S6JXb44%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81b226264f751c0e-OSL
alt-svc: h3=":443"; ma=86400

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
25ee40154711e09e72514fb1d97998db
9d9c7de2b4e049ca9ee938c1bc2259b915d0ca7b
31fdfba6b02cf76a87b31d19645609d200108e0e967495cb583a40fa963614f4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Oct 2023 12:16:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

open-3mg.pages.dev/5f205bbdae210_v.png

188.114.96.1

200 OK

364 B

URL GET HTTP/3
open-3mg.pages.dev/5f205bbdae210_v.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://open-3mg.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectopen-3mg.pages.dev
FingerprintA2:E8:46:4E:48:D9:62:8F:3B:37:16:5A:A9:13:EC:A9:58:B4:E0:A3
ValiditySun, 22 Oct 2023 23:25:09 GMT - Sat, 20 Jan 2024 23:25:08 GMT

File type
PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced\012- data
Size
364 B (364 bytes)
Hash
e144c3378090087c8ce129a30cb6cb4e
59da5466551de941d0215e45c54aa2ceaf436be1
b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /5f205bbdae210_v.png HTTP/1.1
Host: open-3mg.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open-3mg.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 24 Oct 2023 12:16:06 GMT
content-type: image/png
content-length: 364
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ee63d8b934f54cf7e606ebae2b4bfcf6"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bzdqjrz3q22hRY%2BDdhgfmnINugTFWDz6U2I0uaYsofCZte%2FHfHRrnLYezh%2BsH078zN8RZuE7zUWgtJF4tNvsPETEanefVFvv0kFj3ROP6jjOqLftRx05DH1mNzRoMYll7Paxxqk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81b226264f6f1c0e-OSL
alt-svc: h3=":443"; ma=86400

open-3mg.pages.dev/5f205bc1a74d5_v.gif

188.114.96.1

200 OK

69 B

URL GET HTTP/3
open-3mg.pages.dev/5f205bc1a74d5_v.gif
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://open-3mg.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectopen-3mg.pages.dev
FingerprintA2:E8:46:4E:48:D9:62:8F:3B:37:16:5A:A9:13:EC:A9:58:B4:E0:A3
ValiditySun, 22 Oct 2023 23:25:09 GMT - Sat, 20 Jan 2024 23:25:08 GMT

File type
GIF image data, version 89a, 16 x 16\012- data
Size
69 B (69 bytes)
Hash
3ae573d079dcd1d2da4086f2c0c72c45
e7c9dabec81379373476ed23168dcecb9b8c56aa
9cce08ab28e94790cf78c87e37f8690acbc6c535e4b43ae7b38506b94538e107

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /5f205bc1a74d5_v.gif HTTP/1.1
Host: open-3mg.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open-3mg.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 24 Oct 2023 12:16:06 GMT
content-type: image/gif
content-length: 69
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "aaf6c5e1ac9ac320bede916158ed5d07"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sqEzrN3Jx7ztwe5nU7BSiSbyWMnmgUlzYb1Yy7zp7M1Qeg1aczV%2FK8zrFMw1eY1JS5tSck8YhWo3x92hIlvJzIBifPZpDZme7gY7H3A%2FR5RWfNZQMb1Hr3tgv0kXreqbMaJByd4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81b226264f7a1c0e-OSL
alt-svc: h3=":443"; ma=86400

open-3mg.pages.dev/background-2.png

188.114.96.1

200 OK

387 kB

URL GET HTTP/3
open-3mg.pages.dev/background-2.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://open-3mg.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectopen-3mg.pages.dev
FingerprintA2:E8:46:4E:48:D9:62:8F:3B:37:16:5A:A9:13:EC:A9:58:B4:E0:A3
ValiditySun, 22 Oct 2023 23:25:09 GMT - Sat, 20 Jan 2024 23:25:08 GMT

File type
PNG image data, 1920 x 1126, 8-bit/color RGBA, non-interlaced\012- data
Size
387 kB (386648 bytes)
Hash
db2c775d2583118bf4464dd65a58535b
45413378bf16997decf585915931305788e55328
de9fbe2de348e17bd4948011260ef297c4102b69068692daaba02bf632acd291

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /background-2.png HTTP/1.1
Host: open-3mg.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open-3mg.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 24 Oct 2023 12:16:06 GMT
content-type: image/png
content-length: 386648
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ba8c46f17ca474cdf9a2ec29722c8f9a"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=73p9KOsHlpFrLwN7zeO7%2BMR7WDVE7kCB%2BcEUq1XefipgGxCY5CEbMQ3Nb0YTbihP2VbnfbasOT%2BryTrhBukuD%2FcS%2BoSwEzZIp79e7v8W66HEyFdK5yJnzrNZcsjHcK8O8kG50xk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81b226264f6a1c0e-OSL
alt-svc: h3=":443"; ma=86400

open-3mg.pages.dev/5f205bc2c1b4b_v.gif

188.114.96.1

200 OK

234 B

URL GET HTTP/3
open-3mg.pages.dev/5f205bc2c1b4b_v.gif
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://open-3mg.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectopen-3mg.pages.dev
FingerprintA2:E8:46:4E:48:D9:62:8F:3B:37:16:5A:A9:13:EC:A9:58:B4:E0:A3
ValiditySun, 22 Oct 2023 23:25:09 GMT - Sat, 20 Jan 2024 23:25:08 GMT

File type
GIF image data, version 89a, 16 x 16\012- data
Size
234 B (234 bytes)
Hash
9ce99ec458daf212f9812a90f3fadd13
9e3041bc91b79a17b52e0fbb6c2d0e2f905d98a1
b0d335401c9fd5fac9991ec92edaf7865ff3a491ebe390120936c69796c3b753

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /5f205bc2c1b4b_v.gif HTTP/1.1
Host: open-3mg.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open-3mg.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 24 Oct 2023 12:16:06 GMT
content-type: image/gif
content-length: 234
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "77658f49c3237c43feb1f812a11dc45b"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ijMIUicBHxfbm7yfaXs%2Bjb%2BecfHeXdaucv0r9qj36Jj%2B1Al6UtXEQvG1fG1qe%2BlzE8crNJY5qUPVJqKP0Koljhx52%2FQWHwii7y7gSF0cuKqaBFFhD5Cjd5Z4BQaUXETdPhBO%2FiA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81b226264f7c1c0e-OSL
alt-svc: h3=":443"; ma=86400

open-3mg.pages.dev/5f205bc2379ac_v.gif

188.114.96.1

200 OK

377 B

URL GET HTTP/3
open-3mg.pages.dev/5f205bc2379ac_v.gif
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://open-3mg.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectopen-3mg.pages.dev
FingerprintA2:E8:46:4E:48:D9:62:8F:3B:37:16:5A:A9:13:EC:A9:58:B4:E0:A3
ValiditySun, 22 Oct 2023 23:25:09 GMT - Sat, 20 Jan 2024 23:25:08 GMT

File type
GIF image data, version 89a, 16 x 16\012- data
Size
377 B (377 bytes)
Hash
c10bdec858cb0cf9e6cc5865d5925746
697c095ed5509e5a5af0c5ebf2380662aeffc531
b65b47a79e32335d9ca35ff59c6975d2b5808f84da0db88d11ce777b33e72ad9

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /5f205bc2379ac_v.gif HTTP/1.1
Host: open-3mg.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open-3mg.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 24 Oct 2023 12:16:06 GMT
content-type: image/gif
content-length: 377
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "9f6c72ab1272f4bbadf6b026cfcf0490"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VcgA%2FW7WKDN%2F7HgKl3PKTEvOrcRGZMfqdmUTkHDBip2fXdCwVftnZQggGhXBQ7J2gZgBJryS%2FIPrAmiMFCGqfBNUfNOkiMi26j2y8GvjogSEv%2B%2FOqG7db%2FCVRrd4fZubAuCRP%2Bo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81b226264f7b1c0e-OSL
alt-svc: h3=":443"; ma=86400

open-3mg.pages.dev/5f205bba58587_v.png

188.114.96.1

200 OK

128 B

URL GET HTTP/3
open-3mg.pages.dev/5f205bba58587_v.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://open-3mg.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectopen-3mg.pages.dev
FingerprintA2:E8:46:4E:48:D9:62:8F:3B:37:16:5A:A9:13:EC:A9:58:B4:E0:A3
ValiditySun, 22 Oct 2023 23:25:09 GMT - Sat, 20 Jan 2024 23:25:08 GMT

File type
PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced\012- data
Size
128 B (128 bytes)
Hash
0bb86caf792dd7d24731c18cd37bb68e
dda1e433a0eaf785b2aa2c6214d5e48cb82a3a25
2ac27821ba64d645f36e2ad197492d30c11b10a032cc474554679555f4604622

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /5f205bba58587_v.png HTTP/1.1
Host: open-3mg.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open-3mg.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 24 Oct 2023 12:16:06 GMT
content-type: image/png
content-length: 128
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "716018fe568eb003c2e5c767a6744f01"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IVjAAJTzJLuMdKs20TH8ako%2BxsNUFWu9mHavaclVO%2FO634%2BPSlYMGzpOeEsga78Q1DiW1goftDnuTtmPY4u6jkdkkofgg41bAmP1OOgYISMMYtgBsFUUGEZ3Sj552SoiCTGky40%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81b226264f6d1c0e-OSL
alt-svc: h3=":443"; ma=86400

open-3mg.pages.dev/5f205bbf6a050_v.gif

188.114.96.1

200 OK

1.2 kB

URL GET HTTP/3
open-3mg.pages.dev/5f205bbf6a050_v.gif
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://open-3mg.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectopen-3mg.pages.dev
FingerprintA2:E8:46:4E:48:D9:62:8F:3B:37:16:5A:A9:13:EC:A9:58:B4:E0:A3
ValiditySun, 22 Oct 2023 23:25:09 GMT - Sat, 20 Jan 2024 23:25:08 GMT

File type
GIF image data, version 89a, 29 x 29\012- data
Size
1.2 kB (1245 bytes)
Hash
6d0c71ad95c413318e0946960a597318
297fa9d7797afcb90cb49adb045b673672b360ec
f2b1758e4d68018096355641f5e7163b0df07efc85e9c3513e51949a75c0446d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /5f205bbf6a050_v.gif HTTP/1.1
Host: open-3mg.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open-3mg.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 24 Oct 2023 12:16:06 GMT
content-type: image/gif
content-length: 1245
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "e4530ea5a667f71ac649973679e32073"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hHzQDUP4jICQn6MhdXUqQ9tmXxvnqy%2Fcnb62zXBbOuUEglacseuqzzzrG7YohRAh747CQDaqNsFKIIYITXLMPbJ1bNsAuh8gEbGWeFRkZsyg8%2BLh7xZ0UgsV36nW2AiFpi9nhA0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81b226264f791c0e-OSL
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtag/js?id=UA-233119464-1

142.250.74.168

200 OK

69 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-233119464-1
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://open-3mg.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint81:B9:A4:E4:E4:84:05:A7:F6:52:4F:E2:74:27:36:05:0D:74:15:89
ValidityThu, 28 Sep 2023 05:26:20 GMT - Thu, 21 Dec 2023 05:26:19 GMT

File type
ASCII text, with very long lines (4179)
Size
69 kB (68654 bytes)
Hash
89aabddb71310a4e2ba8b1b2b9f9018e
970af8e8267e32c8837c6076a22b4dc1a4f9c780
49ae6daedc485ef722a3c0b4d6ed947b276450c5a8a044047a12f16c77ad991e

HTTP Headers

GET /gtag/js?id=UA-233119464-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open-3mg.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 24 Oct 2023 12:16:06 GMT
expires: Tue, 24 Oct 2023 12:16:06 GMT
cache-control: private, max-age=900
last-modified: Tue, 24 Oct 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 68654
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
57f4d85ba07739f3ee499b522b32f8eb
8d65a4709be8e43c310fb0519f2d1e016835122f
ccb12b856d4aaa5d410bfdd983cf9281e3ec5131fec50aafd7d1109da9d57cb3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Oct 2023 12:16:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6fc9448d5878282732fb2678d7a73bfe
a4b02c28a589d32902e36e7940a5a7ace9e1a9b8
5939492c9cf5a2356c62e9689a9a51faf11a1a44cbfe9cfc2231244f3a0d79b5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Oct 2023 12:16:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

open-3mg.pages.dev/5f205bc00090f_v.gif

188.114.96.1

200 OK

949 B

URL GET HTTP/3
open-3mg.pages.dev/5f205bc00090f_v.gif
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://open-3mg.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectopen-3mg.pages.dev
FingerprintA2:E8:46:4E:48:D9:62:8F:3B:37:16:5A:A9:13:EC:A9:58:B4:E0:A3
ValiditySun, 22 Oct 2023 23:25:09 GMT - Sat, 20 Jan 2024 23:25:08 GMT

File type
GIF image data, version 89a, 78 x 68\012- data
Size
949 B (949 bytes)
Hash
da9d153375da51a616a7663f1504e3a5
bd81fe60fe017bfe79be8c1afed88b659ff166d9
9bb88049c3d3f3c172d97246fa148bb725e727847c37e28c3be156be240a0c04

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /5f205bc00090f_v.gif HTTP/1.1
Host: open-3mg.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open-3mg.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 24 Oct 2023 12:16:06 GMT
content-type: image/gif
content-length: 949
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "f783fbbf25820b1a0be467bd6ce995fe"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nKUjqtOxzAwMLb%2FZArtQnOadLBGR%2Fr1njQ3vpMjrZZg%2FIvxiJpSuwRtMO6EtE%2B7U0G%2BIO8SiSAbr1TzFFaVPUHo7%2FyCm%2B7j9%2BLkEIn%2FL3GAHyLbe0ifY%2BEgUqWcc0%2BBf6WEvklE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81b226264f761c0e-OSL
alt-svc: h3=":443"; ma=86400

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6fc9448d5878282732fb2678d7a73bfe
a4b02c28a589d32902e36e7940a5a7ace9e1a9b8
5939492c9cf5a2356c62e9689a9a51faf11a1a44cbfe9cfc2231244f3a0d79b5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Oct 2023 12:16:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=G-615GFK45L8&l=dataLayer&cx=c

142.250.74.168

200 OK

79 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-615GFK45L8&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://open-3mg.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint81:B9:A4:E4:E4:84:05:A7:F6:52:4F:E2:74:27:36:05:0D:74:15:89
ValidityThu, 28 Sep 2023 05:26:20 GMT - Thu, 21 Dec 2023 05:26:19 GMT

File type
ASCII text, with very long lines (4179)
Size
79 kB (78906 bytes)
Hash
0ff0b6872f293ee31de91eb60e945148
861d967535bdfa801f71556441a10bb2eb6fadbd
357bdae2eef637900f13833f8eadc96ac6c1436ecddb157bbbd599654bdc490a

HTTP Headers

GET /gtag/js?id=G-615GFK45L8&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open-3mg.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 24 Oct 2023 12:16:06 GMT
expires: Tue, 24 Oct 2023 12:16:06 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 78906
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

open-3mg.pages.dev/5f205bc497791_v.css

188.114.96.1

200 OK

509 B

URL GET HTTP/3
open-3mg.pages.dev/5f205bc497791_v.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://open-3mg.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectopen-3mg.pages.dev
FingerprintA2:E8:46:4E:48:D9:62:8F:3B:37:16:5A:A9:13:EC:A9:58:B4:E0:A3
ValiditySun, 22 Oct 2023 23:25:09 GMT - Sat, 20 Jan 2024 23:25:08 GMT

File type
ASCII text
Size
509 B (509 bytes)
Hash
0e646e2e128c473d6fba7996a4a94e40
a4d4fb349d7480c10da8249c0851ea287a0309bb
8cf6666c0c6d23dcf25eed0ecb5c439e484e1ddd598522bc21eb6e454edaea33

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /5f205bc497791_v.css HTTP/1.1
Host: open-3mg.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open-3mg.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 24 Oct 2023 12:16:06 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"86dd9c8ca27d25ca0775fe510410d102"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zwn%2BNK5A4RD3G7DKnT0z6ZU2lygmxJwDRJ%2FiliHa12ZyS9yoUgrBnq7SkvMmx08%2BZsO3ThhaHTfxudRaaSd%2Fg5dum%2FDzU0DaMeJF5AXqr4tY5JNDWE83IMThATDxpBvZCtyF4UY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81b226261f551c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3470b494ff1af9d0328defc4186f3137
a10332f0e842fecc87b755c7916037097259bbcb
73ba1ebd33bac734e602778a46acbb788ffb8f211a045207bb3c840152e4902d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Oct 2023 12:16:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

216.58.207.227

200 OK

7.9 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://open-3mg.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint55:7F:79:64:ED:7A:04:50:63:54:9C:32:2A:AF:B7:95:17:D7:E0:33
ValidityThu, 28 Sep 2023 05:32:05 GMT - Thu, 21 Dec 2023 05:32:04 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://open-3mg.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Oct 2023 15:18:26 GMT
expires: Fri, 18 Oct 2024 15:18:26 GMT
cache-control: public, max-age=31536000
age: 421060
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ee4ce8529315033c5ec8f4df2ce6c17c
c0967416e1ed7b51fc0c894089993b89f490d351
474c2e2155e052770868c6149cd0b792d4070139698b6eefae8a826aa3d415e5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Oct 2023 12:16:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

216.58.207.227

200 OK

8.0 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://open-3mg.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint55:7F:79:64:ED:7A:04:50:63:54:9C:32:2A:AF:B7:95:17:D7:E0:33
ValidityThu, 28 Sep 2023 05:32:05 GMT - Thu, 21 Dec 2023 05:32:04 GMT

File type
Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Size
8.0 kB (8000 bytes)
Hash
72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

HTTP Headers

GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://open-3mg.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 20 Oct 2023 10:05:21 GMT
expires: Sat, 19 Oct 2024 10:05:21 GMT
cache-control: public, max-age=31536000
age: 353445
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

open-3mg.pages.dev/0wa0rni0ng0.mp3

188.114.96.1

200 OK

8.4 kB

URL GET HTTP/3
open-3mg.pages.dev/0wa0rni0ng0.mp3
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://open-3mg.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectopen-3mg.pages.dev
FingerprintA2:E8:46:4E:48:D9:62:8F:3B:37:16:5A:A9:13:EC:A9:58:B4:E0:A3
ValiditySun, 22 Oct 2023 23:25:09 GMT - Sat, 20 Jan 2024 23:25:08 GMT

File type
Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 56 kbps, 44.1 kHz, Monaural\012- data
Size
8.4 kB (8405 bytes)
Hash
8618fbb0911e3b8fc96725dee8bfd81f
1bbcb78922946d0cf18fbf3a9e092e36453eb767
0589be7715d2320e559eae6bd26f3528e97450c70293da2e1e8ce45f77f99ab1

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /0wa0rni0ng0.mp3 HTTP/1.1
Host: open-3mg.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Referer: https://open-3mg.pages.dev/
Range: bytes=0-
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 24 Oct 2023 12:16:06 GMT
content-type: audio/mpeg
content-length: 8405
access-control-allow-origin: *
etag: "0825ebad9a641a19e1944426ffe4916e"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZRSw38IKmfsIc2XgufUj%2BdizQqLtDsalMntw5kWZb6EjaCJ8h3DXBPzZqI%2B5V6ueY93qTxIFp4fJhp723Xw0kAuw0TRV1B0WoqNEsK0bM1%2FIMLn3qM6YiIqeXJg1a02NnyqV3fM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81b2262b1a551c0e-OSL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

216.58.207.227

200 OK

7.8 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://open-3mg.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint55:7F:79:64:ED:7A:04:50:63:54:9C:32:2A:AF:B7:95:17:D7:E0:33
ValidityThu, 28 Sep 2023 05:32:05 GMT - Thu, 21 Dec 2023 05:32:04 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Size
7.8 kB (7816 bytes)
Hash
25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

HTTP Headers

GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://open-3mg.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 20 Oct 2023 21:09:04 GMT
expires: Sat, 19 Oct 2024 21:09:04 GMT
cache-control: public, max-age=31536000
age: 313623
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

104.18.11.207

200 OK

6.6 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://open-3mg.pages.dev/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (27303)
Size
6.6 kB (6638 bytes)
Hash
4fbd15cb6047af93373f4f895639c8bf
12d6861075de8e293265ff6ff03b1f3adcb44c76
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

HTTP Headers

GET /font-awesome/4.5.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open-3mg.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 24 Oct 2023 12:16:06 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: US
cdn-edgestorageid: 617, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-06-08 14:23:29
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 990eb37a8813a99367bd383681b974a4
cdn-cache: HIT
cf-cache-status: HIT
age: 4659482
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 81b226265ac556cc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

open-3mg.pages.dev/a0ler0tm0s.mp3

188.114.96.1

200 OK

201 kB

URL GET HTTP/3
open-3mg.pages.dev/a0ler0tm0s.mp3
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://open-3mg.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectopen-3mg.pages.dev
FingerprintA2:E8:46:4E:48:D9:62:8F:3B:37:16:5A:A9:13:EC:A9:58:B4:E0:A3
ValiditySun, 22 Oct 2023 23:25:09 GMT - Sat, 20 Jan 2024 23:25:08 GMT

File type
Audio file with ID3 version 2.3.0, contains:\012- MPEG ADTS, layer III, v2, 64 kbps, 22.05 kHz, Monaural\012- data
Size
201 kB (200832 bytes)
Hash
0116152611dd51432e852781f8cc7e82
2408d3d281b25649894f78a4e19f7f8a8ac735f9
fc59bbb18f923747b9cd3f3b23537ff09c5ad2fdfc1505a4800a3f269a234e65

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /a0ler0tm0s.mp3 HTTP/1.1
Host: open-3mg.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Referer: https://open-3mg.pages.dev/
Range: bytes=0-
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 24 Oct 2023 12:16:07 GMT
content-type: audio/mpeg
content-length: 200832
access-control-allow-origin: *
etag: "8ed7622fbdd15ff1b20ee9c97316f31c"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2fCNnpUO5%2BRB8Zdg%2FoTx0J2Ogf79UiZtCSuIDpjVVBRyt%2Bv%2FzBQhruMO03qbumJ6jMJHVbo26aKRWSvAZExPbnRvgK3ZdqGiJdXYjE1fIVT4jACpMzdrETF%2FoQla8ZXdXscl7FI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81b2262b2a691c0e-OSL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

216.58.207.227

200 OK

7.7 kB

URL GET HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://open-3mg.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint55:7F:79:64:ED:7A:04:50:63:54:9C:32:2A:AF:B7:95:17:D7:E0:33
ValidityThu, 28 Sep 2023 05:32:05 GMT - Thu, 21 Dec 2023 05:32:04 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Size
7.7 kB (7748 bytes)
Hash
a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

HTTP Headers

GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://open-3mg.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 21 Oct 2023 13:23:30 GMT
expires: Sun, 20 Oct 2024 13:23:30 GMT
cache-control: public, max-age=31536000
age: 255158
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2

216.58.207.227

200 OK

7.8 kB

URL GET HTTP/3
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://open-3mg.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint55:7F:79:64:ED:7A:04:50:63:54:9C:32:2A:AF:B7:95:17:D7:E0:33
ValidityThu, 28 Sep 2023 05:32:05 GMT - Thu, 21 Dec 2023 05:32:04 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7840, version 1.0\012- data
Size
7.8 kB (7840 bytes)
Hash
8d91ec1ca2d8b56640a47117e313a3e9
a9e9bafe64666f4595051a0e895b47a5fa39e67e
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb

HTTP Headers

GET /s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://open-3mg.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Oct 2023 15:08:24 GMT
expires: Fri, 18 Oct 2024 15:08:24 GMT
cache-control: public, max-age=31536000
age: 421667
last-modified: Wed, 27 Apr 2022 16:51:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0

104.18.11.207

67 kB

URL
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 66624, version 4.262\012- data
Size
67 kB (66624 bytes)
Hash
db812d8a70a4e88e888744c1c9a27e89
638c652d623280a58144f93e7b552c66d1667a11
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

HTTP Headers

GET /font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://open-3mg.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 24 Oct 2023 12:16:22 GMT
content-type: font/woff2
content-length: 66624
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "db812d8a70a4e88e888744c1c9a27e89"
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 08/15/2022 13:52:58
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 6806ef96e08bdd4c18a781c4fd87570e
cdn-cache: HIT
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 81b2268efd1c56c6-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

open-3mg.pages.dev/jquery.min.js

188.114.96.1

200 OK

84 kB

URL GET HTTP/3
open-3mg.pages.dev/jquery.min.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://open-3mg.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectopen-3mg.pages.dev
FingerprintA2:E8:46:4E:48:D9:62:8F:3B:37:16:5A:A9:13:EC:A9:58:B4:E0:A3
ValiditySun, 22 Oct 2023 23:25:09 GMT - Sat, 20 Jan 2024 23:25:08 GMT

File type
ASCII text, with very long lines (32180)
Size
84 kB (84357 bytes)
Hash
5ef8f94927c4b93db369713bbcb3d497
5ef934231388f13dd7874575e90101d023615ca1
6806c88afe0840c35208894c4ceba911154f696b624614b30b884298c2c3e00d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /jquery.min.js HTTP/1.1
Host: open-3mg.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open-3mg.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 24 Oct 2023 12:16:06 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"988550d6e4b42044e81d5b1d94c8568f"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ErtnMCzLFBugzT6RzN0UMB6EZ5hfweeEAHfsrdsiqSZLVxxXs0vDT2HL5hHOSypRJc7CWP65nKFXYBxQm9w4zaf9naP7eZNHm5p7CqZzky2nZpsAokDai3%2FYICKVv63SRiLbFt4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81b226261f511c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

open-3mg.pages.dev/img/anim_orange.gif

188.114.96.1

200 OK

88 kB

URL GET HTTP/3
open-3mg.pages.dev/img/anim_orange.gif
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://open-3mg.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectopen-3mg.pages.dev
FingerprintA2:E8:46:4E:48:D9:62:8F:3B:37:16:5A:A9:13:EC:A9:58:B4:E0:A3
ValiditySun, 22 Oct 2023 23:25:09 GMT - Sat, 20 Jan 2024 23:25:08 GMT

File type

Size
88 kB (88097 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /img/anim_orange.gif HTTP/1.1
Host: open-3mg.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open-3mg.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: _ga_615GFK45L8=GS1.1.1698149767.1.0.1698149767.0.0.0; _ga=GA1.1.2051643928.1698149768
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 24 Oct 2023 12:16:08 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"7c4a826574860e14bf7488daa7184204"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WpppnEkS1Jct8ptafKl%2B6nmahBlVm%2F0Day5K28skv1RB5kPuwBM6frcoL1F9HP%2Fnq0wXG%2B6GAi%2FO5sTx1HVgrVu7%2BcBoZG97BNg8dt%2BhlsqdP7HKb9PFE1cfV%2B0rfpPxSMqIr2Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81b2263739721c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

open-3mg.pages.dev/img/anim_red.gif

188.114.96.1

200 OK

88 kB

URL GET HTTP/3
open-3mg.pages.dev/img/anim_red.gif
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://open-3mg.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectopen-3mg.pages.dev
FingerprintA2:E8:46:4E:48:D9:62:8F:3B:37:16:5A:A9:13:EC:A9:58:B4:E0:A3
ValiditySun, 22 Oct 2023 23:25:09 GMT - Sat, 20 Jan 2024 23:25:08 GMT

File type

Size
88 kB (88097 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /img/anim_red.gif HTTP/1.1
Host: open-3mg.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open-3mg.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: _ga_615GFK45L8=GS1.1.1698149767.1.0.1698149767.0.0.0; _ga=GA1.1.2051643928.1698149768
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 24 Oct 2023 12:16:11 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"7c4a826574860e14bf7488daa7184204"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L5p7G%2B%2BEELOvpbuK%2BYoN96RtiMKckURwCijLUEX9hj5SXF78ODDlX03h9eCVWTethLEJ4TEoA3QsYJeECkRLbRVdhf7PNtvK1lVauyBfpvP2lwr3Wf3EMk6oJb0NH17WZsdfvZo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81b22649fc8c1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css

104.18.11.207

200 OK

160 kB

URL GET HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://open-3mg.pages.dev/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (65326)
Size
160 kB (160302 bytes)
Hash
816af0eddd3b4822c2756227c7e7b7ee
c470239d4c7db36d56dc3a74a080c62218c6edc4
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a

HTTP Headers

GET /bootstrap/4.5.2/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open-3mg.pages.dev/
Origin: https://open-3mg.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 24 Oct 2023 12:16:06 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"816af0eddd3b4822c2756227c7e7b7ee"
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
cdn-cachedat: 07/07/2023 01:23:40
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1055
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 8bbbbc6226c308b4a9d800e792b97437
cdn-cache: HIT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 81b226268e7f56c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

open-3mg.pages.dev/favicon.ico

188.114.96.1

200 OK

88 kB

URL GET HTTP/3
open-3mg.pages.dev/favicon.ico
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://open-3mg.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectopen-3mg.pages.dev
FingerprintA2:E8:46:4E:48:D9:62:8F:3B:37:16:5A:A9:13:EC:A9:58:B4:E0:A3
ValiditySun, 22 Oct 2023 23:25:09 GMT - Sat, 20 Jan 2024 23:25:08 GMT

File type

Size
88 kB (88097 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: open-3mg.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open-3mg.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: _ga_615GFK45L8=GS1.1.1698149767.1.0.1698149767.0.0.0; _ga=GA1.1.2051643928.1698149768
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 24 Oct 2023 12:16:07 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"7c4a826574860e14bf7488daa7184204"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RddJwWWTMym5aMLs9EuX0EabKpcBvTombeA98pGCc5uXQ%2BMaQBDMjiF8kcxZvGeD7nQSrIGW%2FjXVB8MQLZ%2BR9cJ68gC4GQ9i%2FQ9L636KbTAyPwWd7f8sALkH5FOesXHjbBEnrlg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81b2262c8b3a1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

142.250.74.138

200 OK

19 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://open-3mg.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint28:23:2B:8B:2D:09:6C:BB:06:7A:35:80:95:BB:F8:03:41:C8:99:2C
ValidityThu, 28 Sep 2023 05:32:05 GMT - Thu, 21 Dec 2023 05:32:04 GMT

File type
ASCII text
Size
19 kB (19031 bytes)
Hash
bbb091ff9861ef6bf6058e42630ca42e
e0ea2d297d84a43ced9b7e162d5ae1db28fc3432
3726f6f71175b54abf48e8863b8634461bcbf34831f7c1b0a1d11e2604782b3a

HTTP Headers

GET /css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&amp;display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open-3mg.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 24 Oct 2023 12:16:06 GMT
date: Tue, 24 Oct 2023 12:16:06 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

open-3mg.pages.dev/5f205bb74a5eb_v.css

188.114.96.1

200 OK

25 kB

URL GET HTTP/3
open-3mg.pages.dev/5f205bb74a5eb_v.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://open-3mg.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectopen-3mg.pages.dev
FingerprintA2:E8:46:4E:48:D9:62:8F:3B:37:16:5A:A9:13:EC:A9:58:B4:E0:A3
ValiditySun, 22 Oct 2023 23:25:09 GMT - Sat, 20 Jan 2024 23:25:08 GMT

File type
ASCII text, with CRLF line terminators
Size
25 kB (25059 bytes)
Hash
ab25ae70934938fc98d32c689a466fff
70bc9ab476054ac02a90c6385d39208fe36176ee
5dbd53e6bf5cdca3c1bd27d7621e939eb9c0b5387c62fea84deb2cab9a4663e7

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /5f205bb74a5eb_v.css HTTP/1.1
Host: open-3mg.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open-3mg.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 24 Oct 2023 12:16:06 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"868bb4e5dd7a1c09c1b868cf33f7557f"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ye2JrL796L18BBoksmtElyN6SuOd2QyLWvWG6zKcumLM0L3cSv5BGTQIM1UDL0Cg5iQIPXhjAGMLVxuAg4d7JyJLhhhET2r44chwgM6N3MrkWKsYkSS9r1f4ChPS7o5Lzc85ARM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81b226261f521c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js

104.18.11.207

200 OK

60 kB

URL GET HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://open-3mg.pages.dev/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (59765)
Size
60 kB (60044 bytes)
Hash
02d223393e00c273efdcb1ade8f4f8b1
0cc93b8421d89c24a889642428b363cb831de78a
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582

HTTP Headers

GET /bootstrap/4.5.2/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://open-3mg.pages.dev/
Origin: https://open-3mg.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 24 Oct 2023 12:16:06 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"02d223393e00c273efdcb1ade8f4f8b1"
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
cdn-cachedat: 09/17/2023 22:21:35
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-edgestorageid: 1048
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 87bf959b0e9c151d1f7568b393d1f146
cdn-cache: HIT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 81b226267e6f56c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

open-3mg.pages.dev/

188.114.96.1

200 OK

88 kB

URL User Request GET HTTP/2
open-3mg.pages.dev/
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectopen-3mg.pages.dev
FingerprintA2:E8:46:4E:48:D9:62:8F:3B:37:16:5A:A9:13:EC:A9:58:B4:E0:A3
ValiditySun, 22 Oct 2023 23:25:09 GMT - Sat, 20 Jan 2024 23:25:08 GMT

File type

Size
88 kB (88097 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET / HTTP/1.1
Host: open-3mg.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 24 Oct 2023 12:16:05 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"7c4a826574860e14bf7488daa7184204"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w7S0CwRmXlskdwgzI6yVtmTUIqKzdfuiEAePCLpZBHb68%2BUNYm3AxktWX%2F0HAOdgL7PD67oxq4aHbxzoKj%2F%2FTKr0WXlLDXlA2vkGs8tqwLepRKM%2FS1AYpCScIvaxKReeeCW3Ttg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81b226237e9fb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (33)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by