Report - pub-c913939235624066851c86d88232b631.r2.dev/j0p.html

Report Overview

Visited public
2025-04-23 07:58:31
Tags
phishing
URL
pub-c913939235624066851c86d88232b631.r2.dev/j0p.html
Finishing URL
pub-c913939235624066851c86d88232b631.r2.dev/j0p.html
IP / ASN
162.159.140.237
#13335 CLOUDFLARENET
Title
ウェブメールログイン
Phishing - Generic phishing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-04-23	1.2 kB	98 kB	142.250.74.35
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-04-23	500 B	25 kB	142.250.178.106
images.sftcdn.net	77483	2008-09-15	2017-07-20	2025-04-17	580 B	1.8 kB	151.101.65.91
logo.clearbit.com	27344	2003-07-04	2015-06-30	2025-04-17	500 B	501 B	143.204.55.100
pub-c913939235624066851c86d88232b631.r2.dev	unknown	2022-08-23	2025-04-23	2025-04-23	1.0 kB	30 kB	172.66.0.235
cdnjs.cloudflare.com	235	2009-02-17	2012-05-23	2025-04-23	969 B	151 kB	104.17.25.14
larutagt.org	unknown	2020-07-21	2025-04-23	2025-04-23	906 B	5.0 kB	170.10.160.56

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (2)

	URL	From	Size	First Seen	Last Seen
	larutagt.org/web-api/script.js	ScriptElement	3.0 kB	2024-10-04	2025-04-23
Pretty URL larutagt.org/web-api/script.js IP 170.10.160.56 ASN #32748 STEADFAST Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-04 19:56 Last Seen2025-04-23 07:58 Times Seen5 Hash 4358526d409f0cd8f72082cb48ef3d27 ee984b2aa8902efdee177facfedb4badbb5a2280 8530e2e543487e03f45cd5ccf08a7c8a16b5b324465b296f7b64044a7e6c4881 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js	ScriptElement	90 kB	2023-03-07	2025-04-23
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-04-23 14:23 Times Seen199942 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

HTTP Transactions (11)

URL IP Response Size

pub-c913939235624066851c86d88232b631.r2.dev/j0p.html

172.66.0.235

200 OK

2.0 kB

URL User Request GET
pub-c913939235624066851c86d88232b631.r2.dev/j0p.html
IP
172.66.0.235:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subject*.r2.dev
FingerprintB5:A8:AD:86:09:9A:90:92:96:24:0C:B5:31:B4:70:40:B0:04:5C:F5
ValidityTue, 25 Mar 2025 11:48:11 GMT - Mon, 23 Jun 2025 11:48:10 GMT

File type
HTML document, Unicode text, UTF-8 text
Size
2.0 kB (2005 bytes)
Hash
4262af3adb1e6ed78db93ffc23533dd6
9c9839ca2ab0b22a4abdbadb4fdcf2e9ed8813c6
cba3c9cb241a29a336a56a1e99f25d98e22e2ea91d232d714db0873a7d7aa810

HTTP Headers

GET /j0p.html HTTP/1.1
Host: pub-c913939235624066851c86d88232b631.r2.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 23 Apr 2025 07:57:59 GMT
Content-Type: text/html
Content-Length: 2005
Connection: keep-alive
Accept-Ranges: bytes
ETag: "4262af3adb1e6ed78db93ffc23533dd6"
Last-Modified: Sun, 23 Feb 2025 08:10:30 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 934bd02c5b757131-OSL

cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css

104.17.25.14

200 OK

59 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pub-c913939235624066851c86d88232b631.r2.dev/j0p.html
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint5D:9B:5B:BE:24:B7:4B:CA:F3:05:47:2F:AB:3F:3C:F7:4E:C3:4D:BC
ValidityMon, 24 Mar 2025 12:00:12 GMT - Sun, 22 Jun 2025 13:00:01 GMT

File type
ASCII text, with very long lines (59158)
Size
59 kB (59344 bytes)
Hash
74bab4578692993514e7f882cc15c218
b6293bcfd851f963edbe859498570c4c0c7eaae4
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386

HTTP Headers

GET /ajax/libs/font-awesome/5.15.3/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-c913939235624066851c86d88232b631.r2.dev/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 23 Apr 2025 07:58:00 GMT
content-type: text/css; charset=utf-8
content-length: 10482
cf-ray: 934bd0354be6b512-OSL
server: cloudflare
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6599bda5-28f2"
last-modified: Sat, 06 Jan 2024 21:52:53 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1062500
expires: Mon, 13 Apr 2026 07:58:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5%2FeXs6dxlMZE1U9NZ7%2F%2FcmkOpm6Djnd5uTYiyoPkszLc%2FUnVP8c3rHjxJFc2T9CY3v%2Bwwdv4KQBHMAcopkQ6nlVu1e9omPoOr9QNkPmKRNGYoGILsLornF05%2BbNB39UGN3Izlj%2BU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

larutagt.org/web-api/style.css

170.10.160.56

200 OK

1.2 kB

URL GET
larutagt.org/web-api/style.css
IP
170.10.160.56:443
ASN
#32748 STEADFAST

Requested by
https://pub-c913939235624066851c86d88232b631.r2.dev/j0p.html
Certificate
IssuerLet's Encrypt
Subjectlarutagt.org
Fingerprint12:5E:A3:30:ED:93:77:F4:D2:F0:E4:A9:C7:23:04:A0:FA:70:87:B2
ValidityTue, 11 Mar 2025 15:28:32 GMT - Mon, 09 Jun 2025 15:28:31 GMT

File type
ASCII text
Size
1.2 kB (1164 bytes)
Hash
3ff709b237a623f5370c18db1a651dd3
3104a593d277949fa2b75dc42cf847cf67377b63
8bf32365e83213c0c6199a7c6d7648419951f96d09627acf339adb9268a5f451

HTTP Headers

GET /web-api/style.css HTTP/1.1
Host: larutagt.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-c913939235624066851c86d88232b631.r2.dev/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 30 Apr 2025 07:58:01 GMT
content-type: text/css
last-modified: Sun, 23 Feb 2025 08:02:57 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 375
date: Wed, 23 Apr 2025 07:58:01 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

104.17.25.14

200 OK

90 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pub-c913939235624066851c86d88232b631.r2.dev/j0p.html
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint5D:9B:5B:BE:24:B7:4B:CA:F3:05:47:2F:AB:3F:3C:F7:4E:C3:4D:BC
ValidityMon, 24 Mar 2025 12:00:12 GMT - Sun, 22 Jun 2025 13:00:01 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
90 kB (89501 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

HTTP Headers

GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-c913939235624066851c86d88232b631.r2.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 23 Apr 2025 07:58:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 27938
cf-ray: 934bd0354bddb512-OSL
server: cloudflare
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-15d9d"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 463828
expires: Mon, 13 Apr 2026 07:58:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LxuzeB0wamMCftQ8Kjf2Qo64WPUezLOVBACcAP8m9DQJ3uzJU%2BFR79pzdI3lvjFNiFYD9NEXOFyXjzmipABsB3FqcOo9I7DHOpP6e7ADZJvvm4jSE2RyJ6C8TlMOh2YgZk6ynap3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.35

200 OK

48 kB

URL GET
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://pub-c913939235624066851c86d88232b631.r2.dev/j0p.html
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint62:27:9C:C9:95:FF:8F:83:34:D0:B1:42:CB:B7:63:C0:8E:6F:3E:F1
ValidityMon, 31 Mar 2025 08:55:41 GMT - Mon, 23 Jun 2025 08:55:40 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pub-c913939235624066851c86d88232b631.r2.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Apr 2025 10:12:20 GMT
expires: Fri, 17 Apr 2026 10:12:20 GMT
cache-control: public, max-age=31536000
age: 510341
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap

142.250.178.106

200 OK

24 kB

URL GET
fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&display=swap
IP
142.250.178.106:443
ASN
#15169 GOOGLE

Requested by
https://pub-c913939235624066851c86d88232b631.r2.dev/j0p.html
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint7E:14:87:08:DF:BA:04:65:17:BA:3B:4F:BA:EA:BC:8C:3F:0A:A4:00
ValidityMon, 31 Mar 2025 08:55:43 GMT - Mon, 23 Jun 2025 08:55:42 GMT

File type
ASCII text, with very long lines (1572)
Size
24 kB (24056 bytes)
Hash
ccdf05ae104db64fd0f8c2e37adce2b6
f936e5386e91decd32ae6878e914f7de5e728bea
e31541388c63ed648c1c16302c042bd8d0305f0e44d0093d72a593a59503e26e

HTTP Headers

GET /css?family=Open+Sans:300,400,600,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-c913939235624066851c86d88232b631.r2.dev/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 23 Apr 2025 07:58:00 GMT
date: Wed, 23 Apr 2025 07:58:00 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

images.sftcdn.net/images/t_app-logo-xl,f_auto,dpr_2/p/7a60e021-3fe5-4334-9e56-7cc6ebae632d/2825932570/roundcube-webmail-roundcube_logo_icon.svg

151.101.65.91

200 OK

1.1 kB

URL GET
images.sftcdn.net/images/t_app-logo-xl,f_auto,dpr_2/p/7a60e021-3fe5-4334-9e56-7cc6ebae632d/2825932570/roundcube-webmail-roundcube_logo_icon.svg
IP
151.101.65.91:443
ASN
#54113 FASTLY

Requested by
https://pub-c913939235624066851c86d88232b631.r2.dev/j0p.html
Certificate
IssuerLet's Encrypt
Subject*.sftcdn.net
Fingerprint66:F3:BF:5E:8F:8D:B3:52:E8:B9:E3:93:4E:11:F8:56:AF:76:69:12
ValiditySat, 08 Mar 2025 06:38:11 GMT - Fri, 06 Jun 2025 06:38:10 GMT

File type
SVG Scalable Vector Graphics image
Size
1.1 kB (1143 bytes)
Hash
4f570d23fa21b893a8aa12bd35c574c8
d77a32c114b73e50dc6e18e7ee4756fd69541265
690ca395b62365be46cd669814dd8f26847ec0e683cbd63d686f7605c6c96437

HTTP Headers

GET /images/t_app-logo-xl,f_auto,dpr_2/p/7a60e021-3fe5-4334-9e56-7cc6ebae632d/2825932570/roundcube-webmail-roundcube_logo_icon.svg HTTP/1.1
Host: images.sftcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-c913939235624066851c86d88232b631.r2.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: public,max-age=31536000
content-type: image/svg+xml
etag: "4f570d23fa21b893a8aa12bd35c574c8"
expires: Mon, 13 Apr 2026 02:02:30 GMT
fastly-io-error: not a supported image format
fastly-stats: io=1
last-modified: Sat, 27 Jul 2024 01:25:12 GMT
via: 1.1 varnish, 1.1 varnish
content-encoding: gzip
accept-ranges: bytes
age: 885329
date: Wed, 23 Apr 2025 07:58:00 GMT
vary: Accept
strict-transport-security: max-age=63072000; includeSubDomains; preload
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 453
X-Firefox-Spdy: h2

larutagt.org/web-api/script.js

170.10.160.56

200 OK

3.0 kB

URL GET
larutagt.org/web-api/script.js
IP
170.10.160.56:443
ASN
#32748 STEADFAST

Requested by
https://pub-c913939235624066851c86d88232b631.r2.dev/j0p.html
Certificate
IssuerLet's Encrypt
Subjectlarutagt.org
Fingerprint12:5E:A3:30:ED:93:77:F4:D2:F0:E4:A9:C7:23:04:A0:FA:70:87:B2
ValidityTue, 11 Mar 2025 15:28:32 GMT - Mon, 09 Jun 2025 15:28:31 GMT

File type
JavaScript source, ASCII text
Size
3.0 kB (3048 bytes)
Hash
4358526d409f0cd8f72082cb48ef3d27
ee984b2aa8902efdee177facfedb4badbb5a2280
8530e2e543487e03f45cd5ccf08a7c8a16b5b324465b296f7b64044a7e6c4881

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic phishing

HTTP Headers

GET /web-api/script.js HTTP/1.1
Host: larutagt.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-c913939235624066851c86d88232b631.r2.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript
last-modified: Sun, 23 Feb 2025 08:02:57 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 814
date: Wed, 23 Apr 2025 07:58:01 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.35

200 OK

48 kB

URL GET
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://pub-c913939235624066851c86d88232b631.r2.dev/j0p.html
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint62:27:9C:C9:95:FF:8F:83:34:D0:B1:42:CB:B7:63:C0:8E:6F:3E:F1
ValidityMon, 31 Mar 2025 08:55:41 GMT - Mon, 23 Jun 2025 08:55:40 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pub-c913939235624066851c86d88232b631.r2.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Apr 2025 10:12:20 GMT
expires: Fri, 17 Apr 2026 10:12:20 GMT
cache-control: public, max-age=31536000
age: 510341
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

logo.clearbit.com/undefined

143.204.55.100

404 Not Found

1 B

URL GET
logo.clearbit.com/undefined
IP
143.204.55.100:443
ASN
#16509 AMAZON-02

Requested by
https://pub-c913939235624066851c86d88232b631.r2.dev/j0p.html
Certificate
IssuerAmazon
Subjectclearbit.com
Fingerprint91:80:1A:DB:BB:67:A9:69:FC:29:AC:91:61:B8:94:78:5B:01:F1:00
ValiditySat, 21 Dec 2024 00:00:00 GMT - Sun, 18 Jan 2026 23:59:59 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
68b329da9893e34099c7d8ad5cb9c940
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

HTTP Headers

GET /undefined HTTP/1.1
Host: logo.clearbit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pub-c913939235624066851c86d88232b631.r2.dev
DNT: 1
Connection: keep-alive
Referer: https://pub-c913939235624066851c86d88232b631.r2.dev/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
content-type: text/plain; charset=utf-8
content-length: 1
date: Wed, 23 Apr 2025 07:46:37 GMT
x-envoy-response-flags: -
server: Clearbit
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: Error from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZBRXBf5Dfi5MfHamm1-SzDSwemQ26QpAxGB2J9UQEkSKSotcmgZVUA==
age: 684
X-Firefox-Spdy: h2

pub-c913939235624066851c86d88232b631.r2.dev/favicon.ico

172.66.0.235

404 Not Found

27 kB

URL GET
pub-c913939235624066851c86d88232b631.r2.dev/favicon.ico
IP
172.66.0.235:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pub-c913939235624066851c86d88232b631.r2.dev/j0p.html
Certificate
IssuerLet's Encrypt
Subject*.r2.dev
FingerprintB5:A8:AD:86:09:9A:90:92:96:24:0C:B5:31:B4:70:40:B0:04:5C:F5
ValidityTue, 25 Mar 2025 11:48:11 GMT - Mon, 23 Jun 2025 11:48:10 GMT

File type
HTML document, ASCII text, with very long lines (611)
Size
27 kB (27150 bytes)
Hash
46dd133ee00dc1bae5e4eeba7b88432f
8af86a4ac91ce48c062216fb94a6e1d57618a19b
9eb52ee46c7ab5ea4ca0982415da99fded1b7d7354f75e50847bdae6cb44eb66

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: pub-c913939235624066851c86d88232b631.r2.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pub-c913939235624066851c86d88232b631.r2.dev/j0p.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Wed, 23 Apr 2025 07:58:01 GMT
Content-Type: text/html
Content-Length: 27150
Connection: keep-alive
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 934bd03ba8487131-OSL

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (11)

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers