| fonts.googleapis.com/icon?family=Material+Icons | 142.250.74.106 | 200 OK | 812 B |
URL GET HTTP/2fonts.googleapis.com/icon?family=Material+Icons IP 142.250.74.106:443
Requested byhttps://1701669320.eurotesting36.cc/index/user/login/1701669339.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42 ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File typegzip compressed data, max compression\012- data Hashce6842534d03ae0dee3501933b6acdab 9b8db3e2b60065ab8d5e93bd701f2acdc47c527b 788c4108891e71b9034f6a18ccb6dcbb578cc27d01b2e7e294b0037683c47c34
GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701669320.eurotesting36.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 04 Dec 2023 05:55:40 GMT
date: Mon, 04 Dec 2023 05:55:40 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 1701669320.eurotesting36.cc/img/BG-02.png | 104.21.10.17 | 200 OK | 1.7 kB |
URL GET HTTP/31701669320.eurotesting36.cc/img/BG-02.png IP 104.21.10.17:443
Requested byhttps://1701669320.eurotesting36.cc/index/user/login/1701669339.html CertificateIssuerGoogle Trust Services LLC Subjecteurotesting36.cc Fingerprint9C:58:77:D8:BF:18:F1:AE:FC:56:20:70:28:F7:10:93:0B:0B:9A:31 ValidityFri, 10 Nov 2023 12:38:54 GMT - Thu, 08 Feb 2024 12:38:53 GMT
File typePNG image data, 400 x 400, 8-bit colormap, non-interlaced\012- data Hash3fddc88d1a5aaececb8e1722ebae13fe ad2c2af726002d922c1b4dd5ec35d9588b2c0937 efe284cd11a10ce3d54c9e6c1defe460c5cc534d84a0796f67e007f64f339ecd
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /img/BG-02.png HTTP/1.1
Host: 1701669320.eurotesting36.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701669320.eurotesting36.cc/index/user/login/1701669339.html
Cookie: think_var=en_us; s9851347b=gok0dk675n33bhs1cdj8nmev53
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:55:40 GMT
content-type: image/png
content-length: 1731
last-modified: Sun, 01 May 2022 13:31:30 GMT
etag: "626e8bb2-6c3"
expires: Wed, 03 Jan 2024 05:55:40 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lyLJgKeNKXrVZx8R65kYsffnw8VbhKi8vX0WgihJh7AL1ViyXK8igUOx1wdCWAgnRPlaex7dnlUXWDB2lYZSZSOexPbLkefodvizHI6OUd3W9u9DdLx3%2F4btDv8e4xZVXBs8wB6uN%2BALJOWG7L8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8301cd424dca5684-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 1701669320.eurotesting36.cc/imgy/jt.png | 104.21.10.17 | 200 OK | 2.4 kB |
URL GET HTTP/31701669320.eurotesting36.cc/imgy/jt.png IP 104.21.10.17:443
Requested byhttps://1701669320.eurotesting36.cc/index/user/login/1701669339.html CertificateIssuerGoogle Trust Services LLC Subjecteurotesting36.cc Fingerprint9C:58:77:D8:BF:18:F1:AE:FC:56:20:70:28:F7:10:93:0B:0B:9A:31 ValidityFri, 10 Nov 2023 12:38:54 GMT - Thu, 08 Feb 2024 12:38:53 GMT
File typePNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data Hashe964107220dbdd61e6b472795240444a 0408a43b2085287cc2443074c14844f0f2520fcf d151a40c6e9c58773a8bf737a89a170daf644d3d2341ed48fc609d70cebdd448
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /imgy/jt.png HTTP/1.1
Host: 1701669320.eurotesting36.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701669320.eurotesting36.cc/index/user/login/1701669339.html
Cookie: think_var=en_us; s9851347b=gok0dk675n33bhs1cdj8nmev53
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:55:40 GMT
content-type: image/png
content-length: 2375
last-modified: Tue, 06 Sep 2022 00:12:36 GMT
etag: "63169074-947"
expires: Wed, 03 Jan 2024 05:55:40 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mhpMdmQ1sTPftz7MgQlTO%2BKn7uw3F8aZGNogwiY29Tfbv3WkchIfo0nhUtCBu1pAE8O7zK6BEFaiocxw200XyrmFIw3n%2BjMJZKJzgkzEVCYaMm3qJEaaGnUWMTpO2pdJBJrQM0LsVdQjYtqipCY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8301cd425de25684-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 1701669320.eurotesting36.cc/img/Icons/icon-15.png | 104.21.10.17 | 200 OK | 21 kB |
URL GET HTTP/31701669320.eurotesting36.cc/img/Icons/icon-15.png IP 104.21.10.17:443
Requested byhttps://1701669320.eurotesting36.cc/index/user/login/1701669339.html CertificateIssuerGoogle Trust Services LLC Subjecteurotesting36.cc Fingerprint9C:58:77:D8:BF:18:F1:AE:FC:56:20:70:28:F7:10:93:0B:0B:9A:31 ValidityFri, 10 Nov 2023 12:38:54 GMT - Thu, 08 Feb 2024 12:38:53 GMT
File typePNG image data, 400 x 400, 8-bit colormap, non-interlaced\012- data Hash039a2cd46fb5029c8ce65eb2872d52c0 17999cde44a2cab266902e4ec0a232d910bc825c 1dcc87e99c0dc4b6aa560e5654ac343e5b4e5f2eb4d581531ca92791b9c8d891
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /img/Icons/icon-15.png HTTP/1.1
Host: 1701669320.eurotesting36.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701669320.eurotesting36.cc/index/user/login/1701669339.html
Cookie: think_var=en_us; s9851347b=gok0dk675n33bhs1cdj8nmev53
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:55:41 GMT
content-type: image/png
content-length: 21002
last-modified: Tue, 18 Oct 2022 12:59:58 GMT
etag: "634ea34e-520a"
expires: Wed, 03 Jan 2024 05:55:40 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H7I9C9A5xo3dXNfUS98JY603uHXHBfngKox7hV%2FXNS2JzJKrO%2BUCfl3DHw49W2d4R1E2cIfFQ3G0gTy6xYmBpzPfRHonBqq2NGUOFAcGcYA6DMM3x1CTneoBLJBRTYf1qGYcs7uzW6QwcIe%2B9WI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8301cd425ddf5684-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 1701669320.eurotesting36.cc/imgy/Tapptitude-logo-031_1.png | 104.21.10.17 | 200 OK | 23 kB |
URL GET HTTP/31701669320.eurotesting36.cc/imgy/Tapptitude-logo-031_1.png IP 104.21.10.17:443
Requested byhttps://1701669320.eurotesting36.cc/index/user/login/1701669339.html CertificateIssuerGoogle Trust Services LLC Subjecteurotesting36.cc Fingerprint9C:58:77:D8:BF:18:F1:AE:FC:56:20:70:28:F7:10:93:0B:0B:9A:31 ValidityFri, 10 Nov 2023 12:38:54 GMT - Thu, 08 Feb 2024 12:38:53 GMT
File typePNG image data, 592 x 74, 8-bit/color RGBA, non-interlaced\012- data Hash615b82fc36a2d246faae75b9f9153d0b 0a1cc40a07ce6ea315e66238c528fb4d20ee5216 21c1edefa64b1975773aa2e06c8def761b8eb0474bf36bed5c79783e41096376
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /imgy/Tapptitude-logo-031_1.png HTTP/1.1
Host: 1701669320.eurotesting36.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701669320.eurotesting36.cc/index/user/login/1701669339.html
Cookie: think_var=en_us; s9851347b=gok0dk675n33bhs1cdj8nmev53
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:55:41 GMT
content-type: image/png
content-length: 22928
last-modified: Fri, 20 Oct 2023 03:34:40 GMT
etag: "6531f550-5990"
expires: Wed, 03 Jan 2024 05:55:40 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ftPUOLKENJQIVzD8bGVrbzfAyoWUHUHVlPID9HURH9daX6GrkmIJGFrBDLZ4M6M4kZNebHhZK1%2Fl%2Fc2wlvPJKuvw94DkgasnC0sO0Uvbfhd6mwWI5O7AFHs35q9z7fPI6RiPL8cIcc54yzYr35s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8301cd425de05684-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.67 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP 142.250.74.67:443
Requested byhttps://1701669320.eurotesting36.cc/index/user/login/1701669339.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1701669320.eurotesting36.cc
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:57:34 GMT
expires: Fri, 29 Nov 2024 04:57:34 GMT
cache-control: public, max-age=31536000
age: 349087
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 1701669320.eurotesting36.cc/red/main.js?v=V1.24 | 104.21.10.17 | 200 OK | 3.0 kB |
URL GET HTTP/31701669320.eurotesting36.cc/red/main.js?v=V1.24 IP 104.21.10.17:443
Requested byhttps://1701669320.eurotesting36.cc/index/user/login/1701669339.html CertificateIssuerGoogle Trust Services LLC Subjecteurotesting36.cc Fingerprint9C:58:77:D8:BF:18:F1:AE:FC:56:20:70:28:F7:10:93:0B:0B:9A:31 ValidityFri, 10 Nov 2023 12:38:54 GMT - Thu, 08 Feb 2024 12:38:53 GMT
File typeASCII text, with CRLF line terminators Hashb90b1e7f3effbe0945d51be2591e957a eb699dc823c7297a91317b3d97fde455caa52782 f5733054b0df915644a10c7c7bf9f4029dec903183464d982d2af0aab3336412
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /red/main.js?v=V1.24 HTTP/1.1
Host: 1701669320.eurotesting36.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701669320.eurotesting36.cc/index/user/login/1701669339.html
Cookie: think_var=en_us; s9851347b=gok0dk675n33bhs1cdj8nmev53
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:55:40 GMT
content-type: application/javascript
last-modified: Fri, 05 Mar 2021 16:35:18 GMT
vary: Accept-Encoding
etag: W/"60425dc6-27c0"
expires: Mon, 04 Dec 2023 17:55:40 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K4Og3CUUORAHXkntoe5PP53clQtteiQI13j3PCexQmeVIYgIzARct88nHxmlFH%2BEwurS41dRuLjSgvTyiAksjLXmpRZIpR3hCv4Qep%2F4eviLUiqJTqawp6%2B8EqjC1niDBH0AEidVQCqGPXClhN0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8301cd425dec5684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 1701669320.eurotesting36.cc/vue.js | 104.21.10.17 | 200 OK | 140 kB |
URL GET HTTP/31701669320.eurotesting36.cc/vue.js IP 104.21.10.17:443
Requested byhttps://1701669320.eurotesting36.cc/index/user/login/1701669339.html CertificateIssuerGoogle Trust Services LLC Subjecteurotesting36.cc Fingerprint9C:58:77:D8:BF:18:F1:AE:FC:56:20:70:28:F7:10:93:0B:0B:9A:31 ValidityFri, 10 Nov 2023 12:38:54 GMT - Thu, 08 Feb 2024 12:38:53 GMT
Size140 kB (139901 bytes) Hashf5c020d18d70f21851364d0570d38127 5dba3f5cb7463e356310fc14e26d3358c1b00ed2 58692c4b6420c192dcf7620267b09183cf3c4bd6050b31843698e69a59c26e6c
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /vue.js HTTP/1.1
Host: 1701669320.eurotesting36.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701669320.eurotesting36.cc/index/user/login/1701669339.html
Cookie: think_var=en_us; s9851347b=gok0dk675n33bhs1cdj8nmev53
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:55:41 GMT
content-type: application/javascript
last-modified: Sun, 28 Aug 2022 23:13:22 GMT
vary: Accept-Encoding
etag: W/"630bf692-53fb4"
expires: Mon, 04 Dec 2023 17:55:40 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RgYTMFcP4jAQp51PYWOz2dFgBQlrQS2Js9J5%2F87G1mNe3QakCrL6ISSv8hfXCRgaJwlqoLxFvNe%2BHt2kPOILb%2FxYV%2Bpgp94vpLevTponWQpJ8sSQ%2B4Y%2Boovy1YRV6S0fTvAV3vMO1Z0WfSXoyec%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8301cd423db05684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 1701669320.eurotesting36.cc/css/app.css | 104.21.10.17 | 200 OK | 21 kB |
URL GET HTTP/31701669320.eurotesting36.cc/css/app.css IP 104.21.10.17:443
Requested byhttps://1701669320.eurotesting36.cc/index/user/login/1701669339.html CertificateIssuerGoogle Trust Services LLC Subjecteurotesting36.cc Fingerprint9C:58:77:D8:BF:18:F1:AE:FC:56:20:70:28:F7:10:93:0B:0B:9A:31 ValidityFri, 10 Nov 2023 12:38:54 GMT - Thu, 08 Feb 2024 12:38:53 GMT
File typeUnicode text, UTF-8 text, with CRLF line terminators Hashae3caa52c7fab666fb168ff6a696d9c5 090c339bde608db35013e6ada8d7c81b2a684d3a cc21fb7e30b9f6c795ec25c1ce9b8d456b44f97b4f0d8b77ccf4e11d5aed06ec
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /css/app.css HTTP/1.1
Host: 1701669320.eurotesting36.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701669320.eurotesting36.cc/index/user/login/1701669339.html
Cookie: think_var=en_us; s9851347b=gok0dk675n33bhs1cdj8nmev53
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:55:40 GMT
content-type: text/css
last-modified: Tue, 18 Oct 2022 13:16:50 GMT
vary: Accept-Encoding
etag: W/"634ea742-5ea3"
expires: Mon, 04 Dec 2023 17:55:40 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JabcwqsyhFK0%2B7%2BL9TmiMzDt8duuvQGkkPwCaoEX6rO7vHKfjnzkd8DN2YnU8mqkhmtHVSYTo2hzfPb67Yx2yl3oTLyqXTF8zGuozEzi8Nfx3gaz9vrY5ye8ohVtlZx9b2zJuPPTe3ouIjLce6Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8301cd424dc05684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 1701669320.eurotesting36.cc/imgy/BG-01.png | 104.21.10.17 | 200 OK | 27 kB |
URL GET HTTP/31701669320.eurotesting36.cc/imgy/BG-01.png IP 104.21.10.17:443
Requested byhttps://1701669320.eurotesting36.cc/index/user/login/1701669339.html CertificateIssuerGoogle Trust Services LLC Subjecteurotesting36.cc Fingerprint9C:58:77:D8:BF:18:F1:AE:FC:56:20:70:28:F7:10:93:0B:0B:9A:31 ValidityFri, 10 Nov 2023 12:38:54 GMT - Thu, 08 Feb 2024 12:38:53 GMT
File typePNG image data, 800 x 900, 8-bit/color RGBA, non-interlaced\012- data Hash32e5a811d97ee090735b1b91c0504da8 eaeafca8c27de39c0445155e2098a45c9710d6e4 b4a732b2cfdf0b07576b5fafca34c485db75c90f3c466f54987f62c361c21082
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /imgy/BG-01.png HTTP/1.1
Host: 1701669320.eurotesting36.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701669320.eurotesting36.cc/index/user/login/1701669339.html
Cookie: think_var=en_us; s9851347b=gok0dk675n33bhs1cdj8nmev53
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:55:42 GMT
content-type: image/png
content-length: 26585
last-modified: Sun, 13 Nov 2022 09:55:20 GMT
etag: "6370bf08-67d9"
expires: Wed, 03 Jan 2024 05:55:41 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JyI2V9RaH1n4JDfeuII1JtmwFheLNRt9Tb9f7VHWgyh93TdOySUxvKK9eMV65vVFC42cYSqtClFcBqac2s7NFbNOfLzm1Q0MAvruDZYTImwi8CLCKN7U%2FREPgV1qQKH4YQ9Mp2AXVSfZQon6Glg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8301cd49190b5684-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 1701669320.eurotesting36.cc/red/jquery.cookie.js | 104.21.10.17 | 200 OK | 3.1 kB |
URL GET HTTP/31701669320.eurotesting36.cc/red/jquery.cookie.js IP 104.21.10.17:443
Requested byhttps://1701669320.eurotesting36.cc/index/user/login/1701669339.html CertificateIssuerGoogle Trust Services LLC Subjecteurotesting36.cc Fingerprint9C:58:77:D8:BF:18:F1:AE:FC:56:20:70:28:F7:10:93:0B:0B:9A:31 ValidityFri, 10 Nov 2023 12:38:54 GMT - Thu, 08 Feb 2024 12:38:53 GMT
File typeASCII text, with very long lines (3441), with no line terminators Hashc70a657c6ff1764a238929b6e46fb8e4 e2a8eb96b388abf14690ea14fe4af3f600296235 466840a5176a0d6bd70e2d5ade5928ad656ca6b9cd3040a241e33478c63f5813
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /red/jquery.cookie.js HTTP/1.1
Host: 1701669320.eurotesting36.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701669320.eurotesting36.cc/index/user/login/1701669339.html
Cookie: think_var=en_us; s9851347b=gok0dk675n33bhs1cdj8nmev53
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:55:40 GMT
content-type: application/javascript
last-modified: Fri, 05 Mar 2021 16:36:06 GMT
vary: Accept-Encoding
etag: W/"60425df6-c31"
expires: Mon, 04 Dec 2023 17:55:40 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4AbhhZLeR%2Bq0ShFjc7RbhtiUEshmNcmylPsmFljYyBnR2t7%2BY4rEGrt11gUokj7hucEeosnobOVm0CaTMVtMw5XD0L9rL9TjaLStgH9J74SpWehoFTLEPfTQ1h03wn7wfKC0vkEzb8PMJiBUs64%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8301cd425de75684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 1701669320.eurotesting36.cc/public/js/layer_mobile/need/layer.css | 104.21.10.17 | 200 OK | 5.3 kB |
URL GET HTTP/31701669320.eurotesting36.cc/public/js/layer_mobile/need/layer.css IP 104.21.10.17:443
Requested byhttps://1701669320.eurotesting36.cc/index/user/login/1701669339.html CertificateIssuerGoogle Trust Services LLC Subjecteurotesting36.cc Fingerprint9C:58:77:D8:BF:18:F1:AE:FC:56:20:70:28:F7:10:93:0B:0B:9A:31 ValidityFri, 10 Nov 2023 12:38:54 GMT - Thu, 08 Feb 2024 12:38:53 GMT
File typeASCII text, with very long lines (5260), with no line terminators Hash633915e62d14a714594b95b974ee0836 e11ebb64a70272c4f35b92fea064f27c4b87efad eecc7effcae5f246e6212c30c525cee9e11cadedc7d32aa6def213f1a90d98f6
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /public/js/layer_mobile/need/layer.css HTTP/1.1
Host: 1701669320.eurotesting36.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701669320.eurotesting36.cc/index/user/login/1701669339.html
Cookie: think_var=en_us; s9851347b=gok0dk675n33bhs1cdj8nmev53
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:55:40 GMT
content-type: text/css
last-modified: Tue, 10 Dec 2019 03:14:46 GMT
vary: Accept-Encoding
etag: W/"5def0da6-148c"
expires: Mon, 04 Dec 2023 17:55:40 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ri9FIbt1ohQQT4JL6kFz64VxlVnPxq8Ct0FAFWvSkhc9j5dJ6xVFXRhDyjuo7sg4uF2PpWIJ3OVLZ1G2Jp3%2BdYeOREv7yOBAQ3VJOGxQfTFlxony0ZDrvZQ1B9sSpvT%2FkGjMvpMK7pxU3bHm%2FM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8301cd425de95684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 142.250.74.67 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP 142.250.74.67:443
Requested byhttps://1701669320.eurotesting36.cc/index/user/login/1701669339.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1701669320.eurotesting36.cc
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:13:56 GMT
expires: Thu, 28 Nov 2024 21:13:56 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 376905
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 1701669320.eurotesting36.cc/red/bootstrap/js/bootstrap.min.js | 104.21.10.17 | 200 OK | 64 kB |
URL GET HTTP/31701669320.eurotesting36.cc/red/bootstrap/js/bootstrap.min.js IP 104.21.10.17:443
Requested byhttps://1701669320.eurotesting36.cc/index/user/login/1701669339.html CertificateIssuerGoogle Trust Services LLC Subjecteurotesting36.cc Fingerprint9C:58:77:D8:BF:18:F1:AE:FC:56:20:70:28:F7:10:93:0B:0B:9A:31 ValidityFri, 10 Nov 2023 12:38:54 GMT - Thu, 08 Feb 2024 12:38:53 GMT
File typeASCII text, with very long lines (63188) Hashf0c2bcf5ef0c4476508d79ec9cdcce07 3beed68ed7d753c6bf4f61c26386ddd7929ba030 edd03b96ae4ff7886406c59d7dfeeaa1b624a7da297bf2f92d0cb6b7f9633cba
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /red/bootstrap/js/bootstrap.min.js HTTP/1.1
Host: 1701669320.eurotesting36.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701669320.eurotesting36.cc/index/user/login/1701669339.html
Cookie: think_var=en_us; s9851347b=gok0dk675n33bhs1cdj8nmev53
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:55:41 GMT
content-type: application/javascript
last-modified: Sat, 06 Mar 2021 03:08:34 GMT
vary: Accept-Encoding
etag: W/"6042f232-f7eb"
expires: Mon, 04 Dec 2023 17:55:40 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fTa%2BAC0JBZ9yMwBL2MKt62BbS2YEqisOek1mwI0IQksnuE%2Fl6bRYk5LoZv3zxFgLYfp4ylnyB%2Fk6w13PCsfKJWSiYQmy6kwH2Z4Q4nW%2F54ImRSWlSzZ2WfHdY9kfkubeiCDQG8wuNqQQWROTnCc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8301cd425de45684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 1701669320.eurotesting36.cc/favicon.ico | 104.21.10.17 | 404 Not Found | 25 kB |
URL GET HTTP/31701669320.eurotesting36.cc/favicon.ico IP 104.21.10.17:443
Requested byhttps://1701669320.eurotesting36.cc/index/user/login/1701669339.html CertificateIssuerGoogle Trust Services LLC Subjecteurotesting36.cc Fingerprint9C:58:77:D8:BF:18:F1:AE:FC:56:20:70:28:F7:10:93:0B:0B:9A:31 ValidityFri, 10 Nov 2023 12:38:54 GMT - Thu, 08 Feb 2024 12:38:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /favicon.ico HTTP/1.1
Host: 1701669320.eurotesting36.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701669320.eurotesting36.cc/index/user/login/1701669339.html
Cookie: think_var=en_us; s9851347b=gok0dk675n33bhs1cdj8nmev53
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Mon, 04 Dec 2023 05:55:42 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g9zc%2Bv3gZY81I6m3JBIl6FjjNaU8YBRud02KxzSBA%2Fbfo9YMBf9gpEXVEge9mbSZxUH5nbWY5LI3uTjvBA88cibg0nzDEQQ52Jp11Ypws7Goar%2BnnTYUuzB3lVW2GsD8%2FLzzudPEVTa14%2BvdHRw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8301cd4baa655684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 1701669320.eurotesting36.cc/red/swiper/swiper-bundle.min.css | 104.21.10.17 | 200 OK | 14 kB |
URL GET HTTP/31701669320.eurotesting36.cc/red/swiper/swiper-bundle.min.css IP 104.21.10.17:443
Requested byhttps://1701669320.eurotesting36.cc/index/user/login/1701669339.html CertificateIssuerGoogle Trust Services LLC Subjecteurotesting36.cc Fingerprint9C:58:77:D8:BF:18:F1:AE:FC:56:20:70:28:F7:10:93:0B:0B:9A:31 ValidityFri, 10 Nov 2023 12:38:54 GMT - Thu, 08 Feb 2024 12:38:53 GMT
File typeASCII text, with very long lines (13663) Hash4d0619d7577a990881a0079718c5c92e 02553ae8ed1026ae5e1fe6cc5883fd42379e5e68 f9a55bcc80d6d8b2815299c5501cddaa8e5f3f697cdb8f5ce1e3e924097117ba
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /red/swiper/swiper-bundle.min.css HTTP/1.1
Host: 1701669320.eurotesting36.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701669320.eurotesting36.cc/index/user/login/1701669339.html
Cookie: think_var=en_us; s9851347b=gok0dk675n33bhs1cdj8nmev53
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:55:40 GMT
content-type: text/css
last-modified: Fri, 05 Mar 2021 16:40:04 GMT
vary: Accept-Encoding
etag: W/"60425ee4-3661"
expires: Mon, 04 Dec 2023 17:55:40 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ol3r3zArVvv%2BaHiOxn%2BB0rCv9%2FTJOWk4alDzrOculn%2BmOCaMa5CU3muZOY3F5sa%2F8QeHj9Gs%2BNsGyf%2BuU1uowEeMDKK1m%2BZbb8hasBZBnIXJSyXRhpfKjEtV9reOg14HyK3xQ%2FH1dSPDxLTZhoE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8301cd424db55684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 142.250.74.67 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP 142.250.74.67:443
Requested byhttps://1701669320.eurotesting36.cc/index/user/login/1701669339.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data Hash3a44e06eb954b96aa043227f3534189d 23cef6993ddb2b2979e8e7647fc3763694e2ba7d b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1701669320.eurotesting36.cc
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 07:29:35 GMT
expires: Fri, 29 Nov 2024 07:29:35 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 339966
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 1701669320.eurotesting36.cc/public/js/layer_mobile/need/layer.css?2.0 | 104.21.10.17 | 200 OK | 5.3 kB |
URL GET HTTP/31701669320.eurotesting36.cc/public/js/layer_mobile/need/layer.css?2.0 IP 104.21.10.17:443
Requested byhttps://1701669320.eurotesting36.cc/index/user/login/1701669339.html CertificateIssuerGoogle Trust Services LLC Subjecteurotesting36.cc Fingerprint9C:58:77:D8:BF:18:F1:AE:FC:56:20:70:28:F7:10:93:0B:0B:9A:31 ValidityFri, 10 Nov 2023 12:38:54 GMT - Thu, 08 Feb 2024 12:38:53 GMT
File typeASCII text, with very long lines (5260), with no line terminators Hash633915e62d14a714594b95b974ee0836 e11ebb64a70272c4f35b92fea064f27c4b87efad eecc7effcae5f246e6212c30c525cee9e11cadedc7d32aa6def213f1a90d98f6
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /public/js/layer_mobile/need/layer.css?2.0 HTTP/1.1
Host: 1701669320.eurotesting36.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701669320.eurotesting36.cc/index/user/login/1701669339.html
Cookie: think_var=en_us; s9851347b=gok0dk675n33bhs1cdj8nmev53
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:55:42 GMT
content-type: text/css
last-modified: Tue, 10 Dec 2019 03:14:46 GMT
vary: Accept-Encoding
etag: W/"5def0da6-148c"
expires: Mon, 04 Dec 2023 17:55:42 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XnCXe5%2F7RVjbn9tQccv3NELYXAFzqKChiAjgAQntjZiCtO6QPyCb5TDfwiSyf9%2F5x1RWPSSPPxNRoXOGRW9HIztysQKvq1fswC7G4KVeqOEJXpEAhkZRULANDJa2wc9BIy8re%2Fe2v4i1rXG0tyc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8301cd4a69e65684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 1701669320.eurotesting36.cc/red/style.css?v=V1.24 | 104.21.10.17 | 200 OK | 126 kB |
URL GET HTTP/31701669320.eurotesting36.cc/red/style.css?v=V1.24 IP 104.21.10.17:443
Requested byhttps://1701669320.eurotesting36.cc/index/user/login/1701669339.html CertificateIssuerGoogle Trust Services LLC Subjecteurotesting36.cc Fingerprint9C:58:77:D8:BF:18:F1:AE:FC:56:20:70:28:F7:10:93:0B:0B:9A:31 ValidityFri, 10 Nov 2023 12:38:54 GMT - Thu, 08 Feb 2024 12:38:53 GMT
Size126 kB (125806 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /red/style.css?v=V1.24 HTTP/1.1
Host: 1701669320.eurotesting36.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701669320.eurotesting36.cc/index/user/login/1701669339.html
Cookie: think_var=en_us; s9851347b=gok0dk675n33bhs1cdj8nmev53
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:55:41 GMT
content-type: text/css
last-modified: Wed, 07 Sep 2022 15:17:36 GMT
vary: Accept-Encoding
etag: W/"6318b610-1eb6e"
expires: Mon, 04 Dec 2023 17:55:40 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ckreTxmrTfWPH9xo8BrgJIKMHk%2BofWTEjm9u5wvuMkEXnnEsYLwzUfsWX8Hgv9mV5j659w3O9LSeOJyDRx9fBA%2FR2Z4eiW3N4xT3uw3TkEK5%2Bo4%2Fg06bashycHLEa07b3dbrcTbSd8aqosX4oTs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8301cd424db85684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 1701669320.eurotesting36.cc/red/popper.min.js | 104.21.10.17 | 200 OK | 21 kB |
URL GET HTTP/31701669320.eurotesting36.cc/red/popper.min.js IP 104.21.10.17:443
Requested byhttps://1701669320.eurotesting36.cc/index/user/login/1701669339.html CertificateIssuerGoogle Trust Services LLC Subjecteurotesting36.cc Fingerprint9C:58:77:D8:BF:18:F1:AE:FC:56:20:70:28:F7:10:93:0B:0B:9A:31 ValidityFri, 10 Nov 2023 12:38:54 GMT - Thu, 08 Feb 2024 12:38:53 GMT
File typeASCII text, with very long lines (20831) Hash56456db9d72a4b380ed3cb63095e6022 6dbce88aee15b42f29083df7a07513cf3b486ba0 66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /red/popper.min.js HTTP/1.1
Host: 1701669320.eurotesting36.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701669320.eurotesting36.cc/index/user/login/1701669339.html
Cookie: think_var=en_us; s9851347b=gok0dk675n33bhs1cdj8nmev53
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:55:40 GMT
content-type: application/javascript
last-modified: Fri, 05 Mar 2021 16:34:56 GMT
vary: Accept-Encoding
etag: W/"60425db0-520c"
expires: Mon, 04 Dec 2023 17:55:40 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=08h2E%2Fb6ih6gWkIb6x6d9bihuLqWZlRydI2ax5Rv4rTaYHmah9L7FBLxlzDUXUn%2B4vNCmu9QSIYAYcnxon74gd4bgCaj%2B7YvTOib0uhqgYtAYtHNMVtHPtx3%2B2l%2BZYFZRhMM%2BpsiLenz%2B9%2FrKXY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8301cd425de35684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 1701669320.eurotesting36.cc/static_new/css/public.css?v=V1.24 | 104.21.10.17 | 200 OK | 17 kB |
URL GET HTTP/31701669320.eurotesting36.cc/static_new/css/public.css?v=V1.24 IP 104.21.10.17:443
Requested byhttps://1701669320.eurotesting36.cc/index/user/login/1701669339.html CertificateIssuerGoogle Trust Services LLC Subjecteurotesting36.cc Fingerprint9C:58:77:D8:BF:18:F1:AE:FC:56:20:70:28:F7:10:93:0B:0B:9A:31 ValidityFri, 10 Nov 2023 12:38:54 GMT - Thu, 08 Feb 2024 12:38:53 GMT
File typeASCII text, with CRLF line terminators Hash169e4de5136bed51956394ccd4328122 3fca078ed53575c53e868fffa9be8cffe910684c ce9c68517b2551c460aa4225e927dd8a58775df119518be2bdcc6532ea859fe7
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /static_new/css/public.css?v=V1.24 HTTP/1.1
Host: 1701669320.eurotesting36.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701669320.eurotesting36.cc/index/user/login/1701669339.html
Cookie: think_var=en_us; s9851347b=gok0dk675n33bhs1cdj8nmev53
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:55:40 GMT
content-type: text/css
last-modified: Thu, 01 Sep 2022 14:01:26 GMT
vary: Accept-Encoding
etag: W/"6310bb36-43fb"
expires: Mon, 04 Dec 2023 17:55:40 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2BFOdgTWDUYbySNlmggoATR2ku701aCDJ5Sb8C1eByxUxm8bA3pAVIRDPwI8pVUgiIPZPaywBqFexOrmukZeYKAVPqY0tRsOvtynP59iN09ZiLW8wEndz1HquCI7jTf%2BgPA69XW1CNDg5oek%2Ffc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8301cd424dbb5684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 1701669320.eurotesting36.cc/red/swiper/swiper-bundle.min.js | 104.21.10.17 | 200 OK | 140 kB |
URL GET HTTP/31701669320.eurotesting36.cc/red/swiper/swiper-bundle.min.js IP 104.21.10.17:443
Requested byhttps://1701669320.eurotesting36.cc/index/user/login/1701669339.html CertificateIssuerGoogle Trust Services LLC Subjecteurotesting36.cc Fingerprint9C:58:77:D8:BF:18:F1:AE:FC:56:20:70:28:F7:10:93:0B:0B:9A:31 ValidityFri, 10 Nov 2023 12:38:54 GMT - Thu, 08 Feb 2024 12:38:53 GMT
File typeASCII text, with very long lines (65278) Size140 kB (139961 bytes) Hashc4358cb63a4b96c5d71a2fb630871f30 be3b7d9d5bbd680d035f768345778d84eb08fe23 c26293076ae548cd0614c5946e9c16f34bd7810fd2f63deeaa28df61ce935229
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /red/swiper/swiper-bundle.min.js HTTP/1.1
Host: 1701669320.eurotesting36.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701669320.eurotesting36.cc/index/user/login/1701669339.html
Cookie: think_var=en_us; s9851347b=gok0dk675n33bhs1cdj8nmev53
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:55:41 GMT
content-type: application/javascript
last-modified: Fri, 05 Mar 2021 16:40:04 GMT
vary: Accept-Encoding
etag: W/"60425ee4-222b9"
expires: Mon, 04 Dec 2023 17:55:40 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0T05Atfjh2atPlpOUQhq1n7dPp%2B6q5DPJSFXJK73QYE9BiejtOy8oVPEXE2jGfcTR7bPXt40oTQbiJ3L4HrTT2nsE4ewNCLMvy5XivDLznu9fdu8nWy2cDB0khkipvYQdvtj2gwOdtZcey4VI5s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8301cd425de55684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 1701669320.eurotesting36.cc/static_new/js/dialog.min.js | 104.21.10.17 | 200 OK | 28 kB |
URL GET HTTP/31701669320.eurotesting36.cc/static_new/js/dialog.min.js IP 104.21.10.17:443
Requested byhttps://1701669320.eurotesting36.cc/index/user/login/1701669339.html CertificateIssuerGoogle Trust Services LLC Subjecteurotesting36.cc Fingerprint9C:58:77:D8:BF:18:F1:AE:FC:56:20:70:28:F7:10:93:0B:0B:9A:31 ValidityFri, 10 Nov 2023 12:38:54 GMT - Thu, 08 Feb 2024 12:38:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /static_new/js/dialog.min.js HTTP/1.1
Host: 1701669320.eurotesting36.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701669320.eurotesting36.cc/index/user/login/1701669339.html
Cookie: think_var=en_us; s9851347b=gok0dk675n33bhs1cdj8nmev53
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:55:40 GMT
content-type: application/javascript
last-modified: Sat, 15 Feb 2020 10:13:12 GMT
vary: Accept-Encoding
etag: W/"5e47c438-6cfa"
expires: Mon, 04 Dec 2023 17:55:40 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JmxasBqYCci8euSoKcY1x%2BRirJ8vQuZR7jQ34wXNR%2BgxlffGSTS6gpGOA3jTc7vKbscHX7zotBkf4R9j1Xqpm%2F6v12UHelStP%2FZrqr9duUcOhWV2atn4u4d3%2Fk%2BXC3%2B%2F7Q6S8wbZzXGLhkF6mn4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8301cd425de85684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 1701669320.eurotesting36.cc/red/jquery-3.3.1.min.js | 104.21.10.17 | 200 OK | 87 kB |
URL GET HTTP/31701669320.eurotesting36.cc/red/jquery-3.3.1.min.js IP 104.21.10.17:443
Requested byhttps://1701669320.eurotesting36.cc/index/user/login/1701669339.html CertificateIssuerGoogle Trust Services LLC Subjecteurotesting36.cc Fingerprint9C:58:77:D8:BF:18:F1:AE:FC:56:20:70:28:F7:10:93:0B:0B:9A:31 ValidityFri, 10 Nov 2023 12:38:54 GMT - Thu, 08 Feb 2024 12:38:53 GMT
File typeASCII text, with very long lines (65451) Hasha09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /red/jquery-3.3.1.min.js HTTP/1.1
Host: 1701669320.eurotesting36.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701669320.eurotesting36.cc/index/user/login/1701669339.html
Cookie: think_var=en_us; s9851347b=gok0dk675n33bhs1cdj8nmev53
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:55:41 GMT
content-type: application/javascript
last-modified: Fri, 05 Mar 2021 16:34:38 GMT
vary: Accept-Encoding
etag: W/"60425d9e-1538f"
expires: Mon, 04 Dec 2023 17:55:40 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vWO6SSmSEYK%2BH7EyHmRQ%2FahvOOWDYpqBgal5rO8pRpo5QqHRbr8dOeibfNo4ix1JOtygsPw5akCxNkaMH%2FjrSfYguvjsOZVUXHj7GtvXWYOcgzPNqxJo0NvGgwbYVIq4fMlkoqwT6iBTt52pzeU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8301cd4909095684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 1701669320.eurotesting36.cc/index/index/user/login/1701669320.html/index/user/login/1701669320.html/index/user/login/1701669321.html | 104.21.10.17 | 301 Moved Permanently | 12 kB |
URL User Request GET HTTP/21701669320.eurotesting36.cc/index/index/user/login/1701669320.html/index/user/login/1701669320.html/index/user/login/1701669321.html IP 104.21.10.17:443
CertificateIssuerGoogle Trust Services LLC Subjecteurotesting36.cc Fingerprint9C:58:77:D8:BF:18:F1:AE:FC:56:20:70:28:F7:10:93:0B:0B:9A:31 ValidityFri, 10 Nov 2023 12:38:54 GMT - Thu, 08 Feb 2024 12:38:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /index/index/user/login/1701669320.html/index/user/login/1701669320.html/index/user/login/1701669321.html HTTP/1.1
Host: 1701669320.eurotesting36.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Mon, 04 Dec 2023 05:55:39 GMT
content-type: text/html; charset=utf-8
set-cookie: think_var=en_us; expires=Mon, 04-Dec-2023 06:25:39 GMT; Max-Age=1800; path=/; HttpOnly
s9851347b=gok0dk675n33bhs1cdj8nmev53; path=/; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cache-control: no-cache,must-revalidate
location: /index/user/login/1701669339.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ta6%2BfwmF3aL5x6V3KZ%2FUWyGbj2hHmPQDKUdt8fMj%2FhfjUVeNQpXR68afKoJzHQN9N60yOXPz5%2FfjDWm7tvOA3KQj6QUFXXwUroHoP1UFoyLUorytjy81Ly9V6Snv0Z5%2B6Q0feqsmOSLP%2F0PI2Zs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8301cd3c1ea656c7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap | 142.250.74.106 | 200 OK | 9.1 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap IP 142.250.74.106:443
Requested byhttps://1701669320.eurotesting36.cc/index/user/login/1701669339.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42 ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File typeASCII text, with very long lines (9360), with no line terminators Hash311d8cdf954644f222105d26d89d1d7f 1445a416c8f15a49fb6afb69d25b8ccb01db4b66 45d9a25c93de59121371b5487af8dd0ed67b61136cf072a7622f202a11740f8d
GET /css?family=Roboto:300,400,500,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701669320.eurotesting36.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 04 Dec 2023 05:55:40 GMT
date: Mon, 04 Dec 2023 05:55:40 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 1701669320.eurotesting36.cc/red/jquery-3.3.1.min.js | 104.21.10.17 | 200 OK | 87 kB |
URL GET HTTP/31701669320.eurotesting36.cc/red/jquery-3.3.1.min.js IP 104.21.10.17:443
Requested byhttps://1701669320.eurotesting36.cc/index/user/login/1701669339.html CertificateIssuerGoogle Trust Services LLC Subjecteurotesting36.cc Fingerprint9C:58:77:D8:BF:18:F1:AE:FC:56:20:70:28:F7:10:93:0B:0B:9A:31 ValidityFri, 10 Nov 2023 12:38:54 GMT - Thu, 08 Feb 2024 12:38:53 GMT
File typeASCII text, with very long lines (65451) Hasha09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /red/jquery-3.3.1.min.js HTTP/1.1
Host: 1701669320.eurotesting36.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701669320.eurotesting36.cc/index/user/login/1701669339.html
Cookie: think_var=en_us; s9851347b=gok0dk675n33bhs1cdj8nmev53
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:55:41 GMT
content-type: application/javascript
last-modified: Fri, 05 Mar 2021 16:34:38 GMT
vary: Accept-Encoding
etag: W/"60425d9e-1538f"
expires: Mon, 04 Dec 2023 17:55:40 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rAOqqaARRUdYPWcxXOJdh1KvkDOzybGfY6D1RXvdTjWjXSKKNrVgaJB17hzCynWuecGixcQX7lJTAp7u2NjJwiJhWx6H9zQF5hP7WzfPjkeXDRZgigvpdD8%2FhAemGGvt0PxNjjnzcLoF18tExf0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8301cd424dc45684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 1701669320.eurotesting36.cc/red/bootstrap/css/bootstrap.min.css | 104.21.10.17 | 200 OK | 161 kB |
URL GET HTTP/31701669320.eurotesting36.cc/red/bootstrap/css/bootstrap.min.css IP 104.21.10.17:443
Requested byhttps://1701669320.eurotesting36.cc/index/user/login/1701669339.html CertificateIssuerGoogle Trust Services LLC Subjecteurotesting36.cc Fingerprint9C:58:77:D8:BF:18:F1:AE:FC:56:20:70:28:F7:10:93:0B:0B:9A:31 ValidityFri, 10 Nov 2023 12:38:54 GMT - Thu, 08 Feb 2024 12:38:53 GMT
File typeASCII text, with very long lines (65326) Size161 kB (161409 bytes) Hashd432e4222814b62dd30c9513dcc29440 2cac4afc120983921411296bd4e8fd8a94ba237e 4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /red/bootstrap/css/bootstrap.min.css HTTP/1.1
Host: 1701669320.eurotesting36.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701669320.eurotesting36.cc/index/user/login/1701669339.html
Cookie: think_var=en_us; s9851347b=gok0dk675n33bhs1cdj8nmev53
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:55:41 GMT
content-type: text/css
last-modified: Sat, 06 Mar 2021 03:08:24 GMT
vary: Accept-Encoding
etag: W/"6042f228-27681"
expires: Mon, 04 Dec 2023 17:55:40 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3M%2FCPZsst8gwwKGp%2Fqqex0RRtE50KVHD1ib7fyuDgxL2fovdLSPN%2BoxiP087i0sLC8myNcFpDx%2BdfVQJKp5IUrVRwebTp0CsJe7mDh5oGLnOPeUiNPvooqCfxyCL7u5gqywXCIB4NjTiwPcm9lM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8301cd424db45684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 1701669320.eurotesting36.cc/public/js/layer_mobile/layer.js | 104.21.10.17 | 200 OK | 3.3 kB |
URL GET HTTP/31701669320.eurotesting36.cc/public/js/layer_mobile/layer.js IP 104.21.10.17:443
Requested byhttps://1701669320.eurotesting36.cc/index/user/login/1701669339.html CertificateIssuerGoogle Trust Services LLC Subjecteurotesting36.cc Fingerprint9C:58:77:D8:BF:18:F1:AE:FC:56:20:70:28:F7:10:93:0B:0B:9A:31 ValidityFri, 10 Nov 2023 12:38:54 GMT - Thu, 08 Feb 2024 12:38:53 GMT
File typeUnicode text, UTF-8 text, with very long lines (3435), with no line terminators Hash13fd3d5b0fb763160395abbad25d8e57 6bc56d44091c873f6b5496ef8be2ed9f36e5220b f1757725deb30f2928f10e427b253f153b0466a60a1c399e9f6bb6cbf5908941
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /public/js/layer_mobile/layer.js HTTP/1.1
Host: 1701669320.eurotesting36.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701669320.eurotesting36.cc/index/user/login/1701669339.html
Cookie: think_var=en_us; s9851347b=gok0dk675n33bhs1cdj8nmev53
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:55:40 GMT
content-type: application/javascript
last-modified: Tue, 10 Dec 2019 03:14:46 GMT
vary: Accept-Encoding
etag: W/"5def0da6-ce8"
expires: Mon, 04 Dec 2023 17:55:40 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xZ5US4Tu06cOiaf%2FhW1Ehnyn90%2BwsCrJ5vB%2FSH%2FChISMKOhZw%2BZHdC7t96skRsI33nby2u%2BmCmXeP3Hjpz3%2B5sBmxOV9gdIGKjJvbYDmLsMJ%2FKGq75YA9vdrv2kjTERh%2FrTrogZtmqzIarxNdwk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8301cd425dea5684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 1701669320.eurotesting36.cc/static_new/js/common.js | 104.21.10.17 | 200 OK | 2.6 kB |
URL GET HTTP/31701669320.eurotesting36.cc/static_new/js/common.js IP 104.21.10.17:443
Requested byhttps://1701669320.eurotesting36.cc/index/user/login/1701669339.html CertificateIssuerGoogle Trust Services LLC Subjecteurotesting36.cc Fingerprint9C:58:77:D8:BF:18:F1:AE:FC:56:20:70:28:F7:10:93:0B:0B:9A:31 ValidityFri, 10 Nov 2023 12:38:54 GMT - Thu, 08 Feb 2024 12:38:53 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (2737), with no line terminators Hash47da7e76ce9452fee91c87417c13fb38 286af070ababfdfc497b609fb2ec05560f90d785 0d96d9dc5de250b868903260e201d6d8cfd63c8da748828b2f46fbb59cbc205d
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /static_new/js/common.js HTTP/1.1
Host: 1701669320.eurotesting36.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701669320.eurotesting36.cc/index/user/login/1701669339.html
Cookie: think_var=en_us; s9851347b=gok0dk675n33bhs1cdj8nmev53
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:55:40 GMT
content-type: application/javascript
last-modified: Sun, 06 Nov 2022 20:24:30 GMT
vary: Accept-Encoding
etag: W/"636817fe-a32"
expires: Mon, 04 Dec 2023 17:55:40 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UtR00iHP0HfiwojFigizK%2FsLNPNokQJpc56H8umuX7nWGKnye8XJphr99508AB0FT9RYU%2Foyj%2FdaZHGHQqSgzGzDfV8yt3xCL%2FYWV5oZh8T5CUTbK6P5ukFD7u%2B5DA%2B6lElzCmkn6UWji%2F5%2FwQs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8301cd425deb5684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 1701669320.eurotesting36.cc/index/user/login/1701669339.html | 104.21.10.17 | 200 OK | 12 kB |
URL User Request GET HTTP/21701669320.eurotesting36.cc/index/user/login/1701669339.html IP 104.21.10.17:443
CertificateIssuerGoogle Trust Services LLC Subjecteurotesting36.cc Fingerprint9C:58:77:D8:BF:18:F1:AE:FC:56:20:70:28:F7:10:93:0B:0B:9A:31 ValidityFri, 10 Nov 2023 12:38:54 GMT - Thu, 08 Feb 2024 12:38:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /index/user/login/1701669339.html HTTP/1.1
Host: 1701669320.eurotesting36.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: think_var=en_us; s9851347b=gok0dk675n33bhs1cdj8nmev53
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 05:55:40 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vNI1lCku%2Fw0TFsf1f7DU%2Fb%2BYU2rIYzqzG2IYnAFt5wZcxqBtIftzgz9UY6iVVBZbW0lv3CPXHbMxa3dY93PgfTqoEN4JPB6xJEO0qWzayLqkCXzhV9aTWPVquf9YxEEdqeiSiBBc1CHNjLGJy98%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8301cd3ef84956c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|