| bf9c066b.sso-maiwebsrvr-5tefwwr3rf.pages.dev/fonts/sqmarket/sqmarket-medium.woff | 172.66.45.14 | 404 Not Found | 16 kB |
URL GET HTTP/3bf9c066b.sso-maiwebsrvr-5tefwwr3rf.pages.dev/fonts/sqmarket/sqmarket-medium.woff IP172.66.45.14:443
Requested byhttps://bf9c066b.sso-maiwebsrvr-5tefwwr3rf.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectsso-maiwebsrvr-5tefwwr3rf.pages.dev Fingerprint91:AC:4F:1B:CC:59:D0:0D:1D:E5:C9:65:26:0C:1E:0C:71:B9:74:C2 ValidityWed, 13 Mar 2024 02:32:26 GMT - Tue, 11 Jun 2024 02:32:25 GMT
File typeHTML document, ASCII text, with very long lines (15956) Hashf6b4ca4ed235dee13a5a751c9ee4e3c1 b127a8f9e745b6774cb17f3784902d85b836c766 9eeb69bca26c982ff8ba618ba261d7cfcc402f89d2e094599bf6dee394105a0a
Analyzer | Verdict | Alert | OpenPhish | phishing | Generic/Spear Phishing |
GET /fonts/sqmarket/sqmarket-medium.woff HTTP/1.1
Host: bf9c066b.sso-maiwebsrvr-5tefwwr3rf.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://bf9c066b.sso-maiwebsrvr-5tefwwr3rf.pages.dev/login.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Wed, 24 Apr 2024 23:39:44 GMT
content-type: text/html; charset=utf-8
content-length: 16053
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EbnG4siaHdLZCsOXhaBO0FPuqxRckZf5apiS5Le7THtna3JiRJP6nmHshD1AXp5X3YGdxh%2BOo%2FEHKQ42t7Kx%2FNg3SBN5pB9t%2Fp4m2cll0VlEnZ%2Bi4ZZ3OU2LSWHKXP8S6%2Bp1o8kQxRsfGfB5Mz3NYv%2F8WivfYZ86bCIZkWV03Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8799ef30aa5db50f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bf9c066b.sso-maiwebsrvr-5tefwwr3rf.pages.dev/fonts/sqmarket/sqmarket-regular.otf | 172.66.45.14 | 404 Not Found | 19 kB |
URL GET HTTP/3bf9c066b.sso-maiwebsrvr-5tefwwr3rf.pages.dev/fonts/sqmarket/sqmarket-regular.otf IP172.66.45.14:443
Requested byhttps://bf9c066b.sso-maiwebsrvr-5tefwwr3rf.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectsso-maiwebsrvr-5tefwwr3rf.pages.dev Fingerprint91:AC:4F:1B:CC:59:D0:0D:1D:E5:C9:65:26:0C:1E:0C:71:B9:74:C2 ValidityWed, 13 Mar 2024 02:32:26 GMT - Tue, 11 Jun 2024 02:32:25 GMT
File typeHTML document, ASCII text, with very long lines (15956) Hashf6b4ca4ed235dee13a5a751c9ee4e3c1 b127a8f9e745b6774cb17f3784902d85b836c766 9eeb69bca26c982ff8ba618ba261d7cfcc402f89d2e094599bf6dee394105a0a
Analyzer | Verdict | Alert | OpenPhish | phishing | Generic/Spear Phishing |
GET /fonts/sqmarket/sqmarket-regular.otf HTTP/1.1
Host: bf9c066b.sso-maiwebsrvr-5tefwwr3rf.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bf9c066b.sso-maiwebsrvr-5tefwwr3rf.pages.dev/login.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Wed, 24 Apr 2024 23:39:44 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W%2BjtHNhyv%2BgSgAhoqEd5pKykvAzWbE3Vxg6uRG%2BFK0hN8e9ob%2FRhNVyZeBpGIbbZ7RJTAZIrQjwpvVjGi7czWgt%2FnBGW0JndubNodoDC69C2f77%2FCW9YsexC4%2BNmZf8zZCvGbCUGL0Mh9Z2s4scz%2BepnBx0kw8l8eMq3pwhtRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8799ef302a32b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bf9c066b.sso-maiwebsrvr-5tefwwr3rf.pages.dev/favicon.ico | 172.66.45.14 | 404 Not Found | 5.7 kB |
URL GET HTTP/3bf9c066b.sso-maiwebsrvr-5tefwwr3rf.pages.dev/favicon.ico IP172.66.45.14:443
Requested byhttps://bf9c066b.sso-maiwebsrvr-5tefwwr3rf.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectsso-maiwebsrvr-5tefwwr3rf.pages.dev Fingerprint91:AC:4F:1B:CC:59:D0:0D:1D:E5:C9:65:26:0C:1E:0C:71:B9:74:C2 ValidityWed, 13 Mar 2024 02:32:26 GMT - Tue, 11 Jun 2024 02:32:25 GMT
File typeHTML document, ASCII text, with very long lines (15956) Hashf6b4ca4ed235dee13a5a751c9ee4e3c1 b127a8f9e745b6774cb17f3784902d85b836c766 9eeb69bca26c982ff8ba618ba261d7cfcc402f89d2e094599bf6dee394105a0a
Analyzer | Verdict | Alert | OpenPhish | phishing | Generic/Spear Phishing |
GET /favicon.ico HTTP/1.1
Host: bf9c066b.sso-maiwebsrvr-5tefwwr3rf.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bf9c066b.sso-maiwebsrvr-5tefwwr3rf.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Wed, 24 Apr 2024 23:39:44 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Asm4NEgOVqsbQqgOeNmKmD7tfcOmIXQgcSkiiPWV3GJ1vMC0iNXSJzqnC%2Fjh00hpe4cJgFkhumemHGgJCtiH13w%2BeMfp%2FU9uTEvMwHJEcPbteGaP8Y%2BjXKxQS25eI7dkBVrgfUrYHQQoHGAnnZJ1izTV9eIJqmSfGF4JMZ1IHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8799ef300a1cb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://null&size=16 | 142.250.74.100 | | 726 B |
URL t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://null&size=16 IP142.250.74.100:0
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hashb8a0bf372c762e966cc99ede8682bc71 2d7c9b60d1e2b4f4726141de2e4ab738110b9287 59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://null&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bf9c066b.sso-maiwebsrvr-5tefwwr3rf.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Wed, 24 Apr 2024 23:39:44 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| bf9c066b.sso-maiwebsrvr-5tefwwr3rf.pages.dev/login.css | 172.66.45.14 | 200 OK | 75 kB |
URL GET HTTP/3bf9c066b.sso-maiwebsrvr-5tefwwr3rf.pages.dev/login.css IP172.66.45.14:443
Requested byhttps://bf9c066b.sso-maiwebsrvr-5tefwwr3rf.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectsso-maiwebsrvr-5tefwwr3rf.pages.dev Fingerprint91:AC:4F:1B:CC:59:D0:0D:1D:E5:C9:65:26:0C:1E:0C:71:B9:74:C2 ValidityWed, 13 Mar 2024 02:32:26 GMT - Tue, 11 Jun 2024 02:32:25 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Generic/Spear Phishing |
GET /login.css HTTP/1.1
Host: bf9c066b.sso-maiwebsrvr-5tefwwr3rf.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bf9c066b.sso-maiwebsrvr-5tefwwr3rf.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 23:39:43 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"6c4d7dcb550dd3f369163ad7c02f8caa"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-robots-tag: noindex
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=80dHb0JLbTlAYUsAiU51xlJzQCaGBRn5BZNSYvuXqZrPgb6UHOqSOFo1dnI5tGdFDtyHVmWEYDXU3xVF9iVepnz6AdBauAN0SP%2BnryKjUuD9MtwLNGrIxz5hRgdVuKs9dFTE3442Wj950lsNqGTranXNybTynp%2FJt3Xb20Q04g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8799ef2f69ceb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bf9c066b.sso-maiwebsrvr-5tefwwr3rf.pages.dev/fonts/sqmarket/sqmarket-medium.otf | 172.66.45.14 | 404 Not Found | 16 kB |
URL GET HTTP/3bf9c066b.sso-maiwebsrvr-5tefwwr3rf.pages.dev/fonts/sqmarket/sqmarket-medium.otf IP172.66.45.14:443
Requested byhttps://bf9c066b.sso-maiwebsrvr-5tefwwr3rf.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectsso-maiwebsrvr-5tefwwr3rf.pages.dev Fingerprint91:AC:4F:1B:CC:59:D0:0D:1D:E5:C9:65:26:0C:1E:0C:71:B9:74:C2 ValidityWed, 13 Mar 2024 02:32:26 GMT - Tue, 11 Jun 2024 02:32:25 GMT
File typeHTML document, ASCII text, with very long lines (15956) Hashf6b4ca4ed235dee13a5a751c9ee4e3c1 b127a8f9e745b6774cb17f3784902d85b836c766 9eeb69bca26c982ff8ba618ba261d7cfcc402f89d2e094599bf6dee394105a0a
Analyzer | Verdict | Alert | OpenPhish | phishing | Generic/Spear Phishing |
GET /fonts/sqmarket/sqmarket-medium.otf HTTP/1.1
Host: bf9c066b.sso-maiwebsrvr-5tefwwr3rf.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bf9c066b.sso-maiwebsrvr-5tefwwr3rf.pages.dev/login.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Wed, 24 Apr 2024 23:39:44 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sfgaHX855eWSybQKkhNmSmJR0j7P%2BF1aVfurGBBGM0cOa5kgMCHiLCKu8%2B7qtxC2BDGyZSGxloaF%2F7IudjqGpVRLQgJv0rmKJlz5ByyseYbylMcIarSdsMH5%2BFsRSkAtJ3ZINqm7p1gvriyurPXuV54DfIqIiTBGl5WJbdfXCA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8799ef302a30b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bf9c066b.sso-maiwebsrvr-5tefwwr3rf.pages.dev/fonts/sqmarket/sqmarket-regular.ttf | 172.66.45.14 | 404 Not Found | 16 kB |
URL GET HTTP/3bf9c066b.sso-maiwebsrvr-5tefwwr3rf.pages.dev/fonts/sqmarket/sqmarket-regular.ttf IP172.66.45.14:443
Requested byhttps://bf9c066b.sso-maiwebsrvr-5tefwwr3rf.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectsso-maiwebsrvr-5tefwwr3rf.pages.dev Fingerprint91:AC:4F:1B:CC:59:D0:0D:1D:E5:C9:65:26:0C:1E:0C:71:B9:74:C2 ValidityWed, 13 Mar 2024 02:32:26 GMT - Tue, 11 Jun 2024 02:32:25 GMT
File typeHTML document, ASCII text, with very long lines (15956) Hashf6b4ca4ed235dee13a5a751c9ee4e3c1 b127a8f9e745b6774cb17f3784902d85b836c766 9eeb69bca26c982ff8ba618ba261d7cfcc402f89d2e094599bf6dee394105a0a
Analyzer | Verdict | Alert | OpenPhish | phishing | Generic/Spear Phishing |
GET /fonts/sqmarket/sqmarket-regular.ttf HTTP/1.1
Host: bf9c066b.sso-maiwebsrvr-5tefwwr3rf.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bf9c066b.sso-maiwebsrvr-5tefwwr3rf.pages.dev/login.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Wed, 24 Apr 2024 23:39:44 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KWDr2RZ%2FrZidXl349mbHNUuYW2MGxvdufDtM8QUX2jG8qjOQRYNdz3d1rCy2YwmlWFL2YQCeCTsn1soPMTl6FikTepbCbfox0qahoSXtSw9y2WQ8OcPrIOBTf6EpYlpZG8YfkoAXCqhT35tPkkbdsa3WhRyA3bMsdcJNHkWlPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8799ef30ea7eb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bf9c066b.sso-maiwebsrvr-5tefwwr3rf.pages.dev/ | 172.66.45.14 | 200 OK | 17 kB |
URL User Request GET HTTP/2bf9c066b.sso-maiwebsrvr-5tefwwr3rf.pages.dev/ IP172.66.45.14:443
CertificateIssuerGoogle Trust Services LLC Subjectsso-maiwebsrvr-5tefwwr3rf.pages.dev Fingerprint91:AC:4F:1B:CC:59:D0:0D:1D:E5:C9:65:26:0C:1E:0C:71:B9:74:C2 ValidityWed, 13 Mar 2024 02:32:26 GMT - Tue, 11 Jun 2024 02:32:25 GMT
File typeHTML document, ASCII text, with very long lines (16667) Hash525dcece6e6a32e891ed3f0024646bc6 263f53cb43954d64104a7fd13830e87d0908af45 a8d600cd32c22a5f0872c223adb96fea91225f880a4f73024b138343db3588f9
Analyzer | Verdict | Alert | OpenPhish | phishing | Generic/Spear Phishing |
GET / HTTP/1.1
Host: bf9c066b.sso-maiwebsrvr-5tefwwr3rf.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 23:39:43 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"8fe468e5ad156a215e680a8f1223bed7"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-robots-tag: noindex
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GxVEgyYonsTLHZIt9uXRw9qun1fQPZqE5TOY3BhNNMVS7o6Vu4cUL2RShupT92QEGL4yM1iRxOSuTgKFv0qkvHEF7zObLCcc79%2Bbpbogs4F33bzlD%2FShXwAPDut4Uh0xIZBr5jQ24jyZh92XqXU3IgBN4q50g3KFUS5rtrLf%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8799ef2cdbe4b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| bf9c066b.sso-maiwebsrvr-5tefwwr3rf.pages.dev/fonts/sqmarket/sqmarket-regular.woff | 172.66.45.14 | 404 Not Found | 16 kB |
URL GET HTTP/3bf9c066b.sso-maiwebsrvr-5tefwwr3rf.pages.dev/fonts/sqmarket/sqmarket-regular.woff IP172.66.45.14:443
Requested byhttps://bf9c066b.sso-maiwebsrvr-5tefwwr3rf.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectsso-maiwebsrvr-5tefwwr3rf.pages.dev Fingerprint91:AC:4F:1B:CC:59:D0:0D:1D:E5:C9:65:26:0C:1E:0C:71:B9:74:C2 ValidityWed, 13 Mar 2024 02:32:26 GMT - Tue, 11 Jun 2024 02:32:25 GMT
File typeHTML document, ASCII text, with very long lines (15956) Hashf6b4ca4ed235dee13a5a751c9ee4e3c1 b127a8f9e745b6774cb17f3784902d85b836c766 9eeb69bca26c982ff8ba618ba261d7cfcc402f89d2e094599bf6dee394105a0a
Analyzer | Verdict | Alert | OpenPhish | phishing | Generic/Spear Phishing |
GET /fonts/sqmarket/sqmarket-regular.woff HTTP/1.1
Host: bf9c066b.sso-maiwebsrvr-5tefwwr3rf.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://bf9c066b.sso-maiwebsrvr-5tefwwr3rf.pages.dev/login.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Wed, 24 Apr 2024 23:39:44 GMT
content-type: text/html; charset=utf-8
content-length: 16053
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BbUB%2Bz3cSp1o71Y8f0YdSv0KoWuU0KMg0Y7uhM%2BeTkiZ%2F3benUrMAa30Pt3dQseuCt16iAl4MpPkRRyOcb0pydJfxY1Nkc90o6eMj9tb7zHO3gpWV5Fhk%2BJtgjnEKnLsOlLZG4sinNdyxRO%2B5Mlr59mTHOLGZ2tsvnzDNMmbOA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8799ef30ba66b50f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bf9c066b.sso-maiwebsrvr-5tefwwr3rf.pages.dev/fonts/sqmarket/sqmarket-medium.ttf | 172.66.45.14 | 404 Not Found | 16 kB |
URL GET HTTP/3bf9c066b.sso-maiwebsrvr-5tefwwr3rf.pages.dev/fonts/sqmarket/sqmarket-medium.ttf IP172.66.45.14:443
Requested byhttps://bf9c066b.sso-maiwebsrvr-5tefwwr3rf.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectsso-maiwebsrvr-5tefwwr3rf.pages.dev Fingerprint91:AC:4F:1B:CC:59:D0:0D:1D:E5:C9:65:26:0C:1E:0C:71:B9:74:C2 ValidityWed, 13 Mar 2024 02:32:26 GMT - Tue, 11 Jun 2024 02:32:25 GMT
File typeHTML document, ASCII text, with very long lines (15956) Hashf6b4ca4ed235dee13a5a751c9ee4e3c1 b127a8f9e745b6774cb17f3784902d85b836c766 9eeb69bca26c982ff8ba618ba261d7cfcc402f89d2e094599bf6dee394105a0a
Analyzer | Verdict | Alert | OpenPhish | phishing | Generic/Spear Phishing |
GET /fonts/sqmarket/sqmarket-medium.ttf HTTP/1.1
Host: bf9c066b.sso-maiwebsrvr-5tefwwr3rf.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bf9c066b.sso-maiwebsrvr-5tefwwr3rf.pages.dev/login.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Wed, 24 Apr 2024 23:39:44 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QhpWoiTgAj3Nv43ILyBw0a4EJmx5iGk0a7F5TVAsnoyI1xalaaldvs0j2t7eCJIzMBfMYDJ%2FUd%2FrfciYSbY%2BCnRJ5BmLRFW6dzvrA6FxNmhg2BVpDsqTS5KdF5IRdOnfHpTw5%2FCMMy7DNnuEWUJrXdTkPg3%2B5DwQi9Bn1gFIkg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8799ef30da75b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.google.com/s2/favicons?domain=null | 142.250.74.164 | 301 Moved Permanently | 726 B |
URL GET HTTP/2www.google.com/s2/favicons?domain=null IP142.250.74.164:443
Requested byhttps://bf9c066b.sso-maiwebsrvr-5tefwwr3rf.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectwww.google.com FingerprintCD:48:2A:0C:60:1D:37:5A:D4:D5:A9:F7:DE:A0:2B:5E:2F:29:76:73 ValidityMon, 18 Mar 2024 20:38:49 GMT - Mon, 10 Jun 2024 20:38:48 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/favicons?domain=null HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bf9c066b.sso-maiwebsrvr-5tefwwr3rf.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://null&size=16
x-content-type-options: nosniff
server: sffe
content-length: 324
x-xss-protection: 0
date: Wed, 24 Apr 2024 23:31:26 GMT
expires: Thu, 25 Apr 2024 00:01:26 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 498
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://null&size=16 | 142.250.74.100 | 404 Not Found | 726 B |
URL GET HTTP/2t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://null&size=16 IP142.250.74.100:443
Requested byhttps://bf9c066b.sso-maiwebsrvr-5tefwwr3rf.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hashb8a0bf372c762e966cc99ede8682bc71 2d7c9b60d1e2b4f4726141de2e4ab738110b9287 59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://null&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bf9c066b.sso-maiwebsrvr-5tefwwr3rf.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Wed, 24 Apr 2024 23:39:44 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|