| 1701666918.eurotesting99.cc/ | 104.21.16.54 | | 0 B |
URL 1701666918.eurotesting99.cc/ IP104.21.16.54:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET / HTTP/1.1
Host: 1701666918.eurotesting99.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Mon, 04 Dec 2023 05:15:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 04 Dec 2023 06:15:51 GMT
Location: https://1701666918.eurotesting99.cc/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5hyktSLA7HvXYIP7KVFSy1HUJyCu7VrRp3dvpJRJhcMmW3GfaTlS0wznOvSSw3C0UUv1gL2ot2ss8XDFZyacXLwsnJ7Q5kqjbmf%2FmFM71xNPXi1cINsND5304ypkQJsTbY%2B7in0z7HPPbCEB8OY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 830192ef29fd56c5-OSL
alt-svc: h2=":443"; ma=60
|
|
| 1701666918.eurotesting99.cc/ | 104.21.16.54 | | 472 B |
URL 1701666918.eurotesting99.cc/ IP104.21.16.54:0
Hashc8e172038dad75b35d3115ef63ab1bd7 163f6b877bf8eddc3c6636fde845140a47997e96 be2331ad70399bca919a20bc3dc238ab122ec166ae61387ddcef7b68b0568cd2
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET / HTTP/1.1
Host: 1701666918.eurotesting99.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Mon, 04 Dec 2023 05:15:53 GMT
content-type: text/html; charset=UTF-8
location: https://1701666953.eurotesting99.cc/index
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2dJl8avmHTVhqmljhWXGcFKdvJNrYJO2dYKMeYr8mEZKbBoWkHVNeIhnLdQ32Xyxxx%2BR9BsbWf9bB2vKmY7T0Llrqze3thIxxdZRNLstRYqSEbJ3JmWrumGKeY7j%2FeS3hM3iuINoXsGcez1Yzfo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=86400; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830192ef5a87b4f1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 1701666918.eurotesting99.cc/img/BG-02.png | 104.21.16.54 | 200 OK | 1.7 kB |
URL GET HTTP/31701666918.eurotesting99.cc/img/BG-02.png IP104.21.16.54:443
Requested byhttps://1701666918.eurotesting99.cc/index/user/login/1701666950.html CertificateIssuerGoogle Trust Services LLC Subjecteurotesting99.cc Fingerprint6E:75:69:3D:1B:A2:65:1E:83:B2:C8:FE:CE:BE:BB:54:6B:15:4B:93 ValiditySun, 26 Nov 2023 12:31:35 GMT - Sat, 24 Feb 2024 12:31:34 GMT
File typePNG image data, 400 x 400, 8-bit colormap, non-interlaced\012- data Hash3fddc88d1a5aaececb8e1722ebae13fe ad2c2af726002d922c1b4dd5ec35d9588b2c0937 efe284cd11a10ce3d54c9e6c1defe460c5cc534d84a0796f67e007f64f339ecd
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /img/BG-02.png HTTP/1.1
Host: 1701666918.eurotesting99.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701666918.eurotesting99.cc/index/user/login/1701666950.html
Cookie: think_var=en_us; s9851347b=nv42f0kb156bol713k5bnaleb7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:15:53 GMT
content-type: image/png
content-length: 1731
last-modified: Sun, 01 May 2022 13:31:30 GMT
etag: "626e8bb2-6c3"
expires: Wed, 03 Jan 2024 05:15:53 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y0uJV4biK7%2F1hDEVnbn3G338DNiT8Qu2K2QVf4YgyPJRiVB3iBn%2Bnf0L9A63Ai072bgnWR%2Bm%2BPjErj6yU6SrSc7ooLIT7kiCSpMLTKigeRiHX89fG9ZXcxjICHl2PlXP2bQ%2BV0iA8KdDiDp2TNc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=86400; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830192f93f7456c7-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 1701666918.eurotesting99.cc/img/Icons/icon-15.png | 104.21.16.54 | 200 OK | 21 kB |
URL GET HTTP/31701666918.eurotesting99.cc/img/Icons/icon-15.png IP104.21.16.54:443
Requested byhttps://1701666918.eurotesting99.cc/index/user/login/1701666950.html CertificateIssuerGoogle Trust Services LLC Subjecteurotesting99.cc Fingerprint6E:75:69:3D:1B:A2:65:1E:83:B2:C8:FE:CE:BE:BB:54:6B:15:4B:93 ValiditySun, 26 Nov 2023 12:31:35 GMT - Sat, 24 Feb 2024 12:31:34 GMT
File typePNG image data, 400 x 400, 8-bit colormap, non-interlaced\012- data Hash039a2cd46fb5029c8ce65eb2872d52c0 17999cde44a2cab266902e4ec0a232d910bc825c 1dcc87e99c0dc4b6aa560e5654ac343e5b4e5f2eb4d581531ca92791b9c8d891
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /img/Icons/icon-15.png HTTP/1.1
Host: 1701666918.eurotesting99.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701666918.eurotesting99.cc/index/user/login/1701666950.html
Cookie: think_var=en_us; s9851347b=nv42f0kb156bol713k5bnaleb7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:15:53 GMT
content-type: image/png
content-length: 21002
last-modified: Tue, 18 Oct 2022 12:59:58 GMT
etag: "634ea34e-520a"
expires: Wed, 03 Jan 2024 05:15:53 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FoAgcXH2YvJSZk3b4YD7hYLO7sE2ksc9o%2B7sKCKoHgzeT%2B3Q0c2BypFxrk61bScUzNbhWeZeBcqE89g2AaaNQShynonJzQT8qGo%2FtK%2B1%2BVi1Hbz6OXNNRa3pBlgDK4uypE74y3llgm3V2YrE%2Brc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=86400; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830192f93f7656c7-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 1701666918.eurotesting99.cc/imgy/jt.png | 104.21.16.54 | 200 OK | 2.4 kB |
URL GET HTTP/31701666918.eurotesting99.cc/imgy/jt.png IP104.21.16.54:443
Requested byhttps://1701666918.eurotesting99.cc/index/user/login/1701666950.html CertificateIssuerGoogle Trust Services LLC Subjecteurotesting99.cc Fingerprint6E:75:69:3D:1B:A2:65:1E:83:B2:C8:FE:CE:BE:BB:54:6B:15:4B:93 ValiditySun, 26 Nov 2023 12:31:35 GMT - Sat, 24 Feb 2024 12:31:34 GMT
File typePNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data Hashe964107220dbdd61e6b472795240444a 0408a43b2085287cc2443074c14844f0f2520fcf d151a40c6e9c58773a8bf737a89a170daf644d3d2341ed48fc609d70cebdd448
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /imgy/jt.png HTTP/1.1
Host: 1701666918.eurotesting99.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701666918.eurotesting99.cc/index/user/login/1701666950.html
Cookie: think_var=en_us; s9851347b=nv42f0kb156bol713k5bnaleb7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:15:53 GMT
content-type: image/png
content-length: 2375
last-modified: Tue, 06 Sep 2022 00:12:36 GMT
etag: "63169074-947"
expires: Wed, 03 Jan 2024 05:15:53 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=470wbgEdS%2BCbwnRJKva8MoAcofxwOdakcXN2VcUS3t2kBxvkDO0d2VMytIcP83WUoeRWFVVo3in%2BWmg7izCa5eQauxtUCvIsvYLmRSEHQQ4AucBsjthFgYPy8Tasty5L1T4v1aNtErCZ5GAkSV0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=86400; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830192f93f7856c7-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 1701666918.eurotesting99.cc/imgy/Tapptitude-logo-031_1.png | 104.21.16.54 | 200 OK | 23 kB |
URL GET HTTP/31701666918.eurotesting99.cc/imgy/Tapptitude-logo-031_1.png IP104.21.16.54:443
Requested byhttps://1701666918.eurotesting99.cc/index/user/login/1701666950.html CertificateIssuerGoogle Trust Services LLC Subjecteurotesting99.cc Fingerprint6E:75:69:3D:1B:A2:65:1E:83:B2:C8:FE:CE:BE:BB:54:6B:15:4B:93 ValiditySun, 26 Nov 2023 12:31:35 GMT - Sat, 24 Feb 2024 12:31:34 GMT
File typePNG image data, 592 x 74, 8-bit/color RGBA, non-interlaced\012- data Hash615b82fc36a2d246faae75b9f9153d0b 0a1cc40a07ce6ea315e66238c528fb4d20ee5216 21c1edefa64b1975773aa2e06c8def761b8eb0474bf36bed5c79783e41096376
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /imgy/Tapptitude-logo-031_1.png HTTP/1.1
Host: 1701666918.eurotesting99.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701666918.eurotesting99.cc/index/user/login/1701666950.html
Cookie: think_var=en_us; s9851347b=nv42f0kb156bol713k5bnaleb7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:15:53 GMT
content-type: image/png
content-length: 22928
last-modified: Fri, 20 Oct 2023 03:34:40 GMT
etag: "6531f550-5990"
expires: Wed, 03 Jan 2024 05:15:53 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XVgDrT9yA7%2B%2BQ4oDjPlBJ1gVOSBYXnspXkoRiLwA0DmICtJbIxyyYt3sINY6Mflq7%2F9aw3fahhNpaZgNVWGDhrZZ0sayRfZ49shlYG2%2BaOjZAzqC3%2FEn5gH2hTV0TuHIiwYwh7Z5Cja0z43CmfQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=86400; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830192f93f7756c7-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 1701666918.eurotesting99.cc/static_new/js/common.js | 104.21.16.54 | 200 OK | 1.5 kB |
URL GET HTTP/31701666918.eurotesting99.cc/static_new/js/common.js IP104.21.16.54:443
Requested byhttps://1701666918.eurotesting99.cc/index/user/login/1701666950.html CertificateIssuerGoogle Trust Services LLC Subjecteurotesting99.cc Fingerprint6E:75:69:3D:1B:A2:65:1E:83:B2:C8:FE:CE:BE:BB:54:6B:15:4B:93 ValiditySun, 26 Nov 2023 12:31:35 GMT - Sat, 24 Feb 2024 12:31:34 GMT
File typeHTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators Hash4e3725bd66c9f142d4468799bd513bbd 85a79d2444f2efa6db1140edfdacb028ea0265b5 137ab52ea1f182be9d4c84d01110a7d54b4523c7f2a8b504737c138874f9a5b2
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /static_new/js/common.js HTTP/1.1
Host: 1701666918.eurotesting99.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701666918.eurotesting99.cc/index/user/login/1701666950.html
Cookie: think_var=en_us; s9851347b=nv42f0kb156bol713k5bnaleb7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:15:53 GMT
content-type: application/javascript
last-modified: Sun, 06 Nov 2022 20:24:30 GMT
vary: Accept-Encoding
etag: W/"636817fe-a32"
expires: Mon, 04 Dec 2023 17:15:53 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DRB1gTibdbEp71dzySIkReXEmvQew370Y5ZCioJHhQrIZ%2B2mXC8Rc%2Bb2zXqu0CfQ1tbCI38UFrMb2IJywZ77gYOTy%2FGWvaSu0pFFg1hfaeeNMs%2Bzj32EO8jCnd%2FdKsyprWFdepp4fF6ACpWtvms%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=86400; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830192f93f8056c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 1701666918.eurotesting99.cc/red/jquery-3.3.1.min.js | 104.21.16.54 | 200 OK | 47 kB |
URL GET HTTP/31701666918.eurotesting99.cc/red/jquery-3.3.1.min.js IP104.21.16.54:443
Requested byhttps://1701666918.eurotesting99.cc/index/user/login/1701666950.html CertificateIssuerGoogle Trust Services LLC Subjecteurotesting99.cc Fingerprint6E:75:69:3D:1B:A2:65:1E:83:B2:C8:FE:CE:BE:BB:54:6B:15:4B:93 ValiditySun, 26 Nov 2023 12:31:35 GMT - Sat, 24 Feb 2024 12:31:34 GMT
File typeASCII text, with very long lines (65451) Hasha09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /red/jquery-3.3.1.min.js HTTP/1.1
Host: 1701666918.eurotesting99.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701666918.eurotesting99.cc/index/user/login/1701666950.html
Cookie: think_var=en_us; s9851347b=nv42f0kb156bol713k5bnaleb7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:15:54 GMT
content-type: application/javascript
last-modified: Fri, 05 Mar 2021 16:34:38 GMT
vary: Accept-Encoding
etag: W/"60425d9e-1538f"
expires: Mon, 04 Dec 2023 17:15:53 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZaAlQNXAotL4FSgXA28HJ8uOIz7NMmjlwfqrNYBSOTfn534Ud4m1DDQyXM1x7RwvF1FQ4ZGynwiEPiJ4OvsGrgN9sqUQwJPHsERprGvBp%2F2VbiCjtpjDAx5lLS%2BOWdtnilYaXsVFNSYyAz1TEfg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=86400; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830193003a5756c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 1701666918.eurotesting99.cc/red/bootstrap/css/bootstrap.min.css | 104.21.16.54 | 200 OK | 26 kB |
URL GET HTTP/31701666918.eurotesting99.cc/red/bootstrap/css/bootstrap.min.css IP104.21.16.54:443
Requested byhttps://1701666918.eurotesting99.cc/index/user/login/1701666950.html CertificateIssuerGoogle Trust Services LLC Subjecteurotesting99.cc Fingerprint6E:75:69:3D:1B:A2:65:1E:83:B2:C8:FE:CE:BE:BB:54:6B:15:4B:93 ValiditySun, 26 Nov 2023 12:31:35 GMT - Sat, 24 Feb 2024 12:31:34 GMT
File typeASCII text, with very long lines (65326) Hashd432e4222814b62dd30c9513dcc29440 2cac4afc120983921411296bd4e8fd8a94ba237e 4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /red/bootstrap/css/bootstrap.min.css HTTP/1.1
Host: 1701666918.eurotesting99.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701666918.eurotesting99.cc/index/user/login/1701666950.html
Cookie: think_var=en_us; s9851347b=nv42f0kb156bol713k5bnaleb7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:15:53 GMT
content-type: text/css
last-modified: Sat, 06 Mar 2021 03:08:24 GMT
vary: Accept-Encoding
etag: W/"6042f228-27681"
expires: Mon, 04 Dec 2023 17:15:53 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=75cio05t35vNa3uCc1mNOykOzbfaDLPR5Jy7E2VcRqKVRJIKjnZhG70WsYa4CBzAJ1AkW8TY0stkIpMcg5jyBDr1a1fFgOaTeBVaHQA1BdpOIWfpbxEPdAF0JqY1oyOlE56yjNQ6%2BNJ877eMckE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=86400; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830192f91f6456c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
Requested byhttps://1701666918.eurotesting99.cc/index/user/login/1701666950.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1701666918.eurotesting99.cc
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:57:34 GMT
expires: Fri, 29 Nov 2024 04:57:34 GMT
cache-control: public, max-age=31536000
age: 346700
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 1701666918.eurotesting99.cc/red/main.js?v=V1.24 | 104.21.16.54 | 200 OK | 18 kB |
URL GET HTTP/31701666918.eurotesting99.cc/red/main.js?v=V1.24 IP104.21.16.54:443
Requested byhttps://1701666918.eurotesting99.cc/index/user/login/1701666950.html CertificateIssuerGoogle Trust Services LLC Subjecteurotesting99.cc Fingerprint6E:75:69:3D:1B:A2:65:1E:83:B2:C8:FE:CE:BE:BB:54:6B:15:4B:93 ValiditySun, 26 Nov 2023 12:31:35 GMT - Sat, 24 Feb 2024 12:31:34 GMT
File typeASCII text, with CRLF line terminators Hashb90b1e7f3effbe0945d51be2591e957a eb699dc823c7297a91317b3d97fde455caa52782 f5733054b0df915644a10c7c7bf9f4029dec903183464d982d2af0aab3336412
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /red/main.js?v=V1.24 HTTP/1.1
Host: 1701666918.eurotesting99.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701666918.eurotesting99.cc/index/user/login/1701666950.html
Cookie: think_var=en_us; s9851347b=nv42f0kb156bol713k5bnaleb7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:15:53 GMT
content-type: application/javascript
last-modified: Fri, 05 Mar 2021 16:35:18 GMT
vary: Accept-Encoding
etag: W/"60425dc6-27c0"
expires: Mon, 04 Dec 2023 17:15:53 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2Fazh98ri%2FOKRQsyEboKbzesPbq1dMfi6R%2B2DpHWhWnOYwHlco3cUKeWRrigVALVoQJjk5gcwcLpic9YMGiEhi2xWCf%2FMq9l7GphN8V%2B9%2FGZw0iLWS4SP0Nxr1fYFKHZvDnA9s2uuNjVlVu6%2By0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=86400; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830192f93f8156c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 1701666918.eurotesting99.cc/imgy/BG-01.png | 104.21.16.54 | 200 OK | 27 kB |
URL GET HTTP/31701666918.eurotesting99.cc/imgy/BG-01.png IP104.21.16.54:443
Requested byhttps://1701666918.eurotesting99.cc/index/user/login/1701666950.html CertificateIssuerGoogle Trust Services LLC Subjecteurotesting99.cc Fingerprint6E:75:69:3D:1B:A2:65:1E:83:B2:C8:FE:CE:BE:BB:54:6B:15:4B:93 ValiditySun, 26 Nov 2023 12:31:35 GMT - Sat, 24 Feb 2024 12:31:34 GMT
File typePNG image data, 800 x 900, 8-bit/color RGBA, non-interlaced\012- data Hash32e5a811d97ee090735b1b91c0504da8 eaeafca8c27de39c0445155e2098a45c9710d6e4 b4a732b2cfdf0b07576b5fafca34c485db75c90f3c466f54987f62c361c21082
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /imgy/BG-01.png HTTP/1.1
Host: 1701666918.eurotesting99.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701666918.eurotesting99.cc/index/user/login/1701666950.html
Cookie: think_var=en_us; s9851347b=nv42f0kb156bol713k5bnaleb7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:15:54 GMT
content-type: image/png
content-length: 26585
last-modified: Sun, 13 Nov 2022 09:55:20 GMT
etag: "6370bf08-67d9"
expires: Wed, 03 Jan 2024 05:15:54 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MpgnnKPoIoA1t1r83aqOrufOD44vfvYzzGdIC2IrfhCm9VezmlA4fbHuXfiaiTmxr6KcVWxYMOKw5CdeUMJGgBEwOct0zMLppkBgZBsNzee6yQXi4WtOhlrraz0Q%2BfyxbFcgjk7lNa0uxRb1zcY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=86400; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830193004a5f56c7-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 1701666918.eurotesting99.cc/public/js/layer_mobile/layer.js | 104.21.16.54 | 200 OK | 3.3 kB |
URL GET HTTP/31701666918.eurotesting99.cc/public/js/layer_mobile/layer.js IP104.21.16.54:443
Requested byhttps://1701666918.eurotesting99.cc/index/user/login/1701666950.html CertificateIssuerGoogle Trust Services LLC Subjecteurotesting99.cc Fingerprint6E:75:69:3D:1B:A2:65:1E:83:B2:C8:FE:CE:BE:BB:54:6B:15:4B:93 ValiditySun, 26 Nov 2023 12:31:35 GMT - Sat, 24 Feb 2024 12:31:34 GMT
File typeUnicode text, UTF-8 text, with very long lines (3435), with no line terminators Hash13fd3d5b0fb763160395abbad25d8e57 6bc56d44091c873f6b5496ef8be2ed9f36e5220b f1757725deb30f2928f10e427b253f153b0466a60a1c399e9f6bb6cbf5908941
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /public/js/layer_mobile/layer.js HTTP/1.1
Host: 1701666918.eurotesting99.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701666918.eurotesting99.cc/index/user/login/1701666950.html
Cookie: think_var=en_us; s9851347b=nv42f0kb156bol713k5bnaleb7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:15:54 GMT
content-type: application/javascript
last-modified: Tue, 10 Dec 2019 03:14:46 GMT
vary: Accept-Encoding
etag: W/"5def0da6-ce8"
expires: Mon, 04 Dec 2023 17:15:53 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NdOLtcE8IcEEAXUMMzBVxhuMRGCTZ%2FiDCSjgnduhH6MA38feV%2BmufkzhRJ91%2FfI9QRFVVbwLH5vnYfvESPyMQ30e6tzLk%2B9hrBQ0N5MdNXVUSx0vEr7SS3hkpggFb3i%2F7QiYakMIFOKlDJ%2FsB%2Bk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=86400; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830192f93f7f56c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 1701666918.eurotesting99.cc/index/user/login/1701666950.html | 104.21.16.54 | 200 OK | 12 kB |
URL User Request GET HTTP/21701666918.eurotesting99.cc/index/user/login/1701666950.html IP104.21.16.54:443
CertificateIssuerGoogle Trust Services LLC Subjecteurotesting99.cc Fingerprint6E:75:69:3D:1B:A2:65:1E:83:B2:C8:FE:CE:BE:BB:54:6B:15:4B:93 ValiditySun, 26 Nov 2023 12:31:35 GMT - Sat, 24 Feb 2024 12:31:34 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /index/user/login/1701666950.html HTTP/1.1
Host: 1701666918.eurotesting99.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: think_var=en_us; s9851347b=nv42f0kb156bol713k5bnaleb7
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 05:15:52 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KdCC0l%2BOJ3iNtaHA9PLCllsoZEgDJML28lzgis9gRGC0%2Br5mpkhcM2L4hDew4ZY%2F9DKQ%2BkZjP4KQdhpS3yt3tK0fso%2FpiOrFYjBjXtl%2FRR79jlNWzciCxwppV7j7cIG%2BrkeHywBizA5xbaW2Av8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=86400; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830192e898d7b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 1701666918.eurotesting99.cc/static_new/js/dialog.min.js | 104.21.16.54 | 200 OK | 28 kB |
URL GET HTTP/31701666918.eurotesting99.cc/static_new/js/dialog.min.js IP104.21.16.54:443
Requested byhttps://1701666918.eurotesting99.cc/index/user/login/1701666950.html CertificateIssuerGoogle Trust Services LLC Subjecteurotesting99.cc Fingerprint6E:75:69:3D:1B:A2:65:1E:83:B2:C8:FE:CE:BE:BB:54:6B:15:4B:93 ValiditySun, 26 Nov 2023 12:31:35 GMT - Sat, 24 Feb 2024 12:31:34 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /static_new/js/dialog.min.js HTTP/1.1
Host: 1701666918.eurotesting99.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701666918.eurotesting99.cc/index/user/login/1701666950.html
Cookie: think_var=en_us; s9851347b=nv42f0kb156bol713k5bnaleb7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:15:53 GMT
content-type: application/javascript
last-modified: Sat, 15 Feb 2020 10:13:12 GMT
vary: Accept-Encoding
etag: W/"5e47c438-6cfa"
expires: Mon, 04 Dec 2023 17:15:53 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lm9e0sY0d3YMhRIIzYTQMjoR%2BotOt64KF6R8%2F3Ru8pcoyeTATrLOJdipd6xEWhLEMIpAmINRhx6KPse3ur9hAfmOT6jHzjV3uimbj9NUDnFK4XK6lrFYJaHoin%2FSVg%2FMruYxMGhJpOEIMUkdKhs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=86400; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830192f93f7d56c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 1701666918.eurotesting99.cc/favicon.ico | 104.21.16.54 | 404 Not Found | 25 kB |
URL GET HTTP/31701666918.eurotesting99.cc/favicon.ico IP104.21.16.54:443
Requested byhttps://1701666918.eurotesting99.cc/index/user/login/1701666950.html CertificateIssuerGoogle Trust Services LLC Subjecteurotesting99.cc Fingerprint6E:75:69:3D:1B:A2:65:1E:83:B2:C8:FE:CE:BE:BB:54:6B:15:4B:93 ValiditySun, 26 Nov 2023 12:31:35 GMT - Sat, 24 Feb 2024 12:31:34 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /favicon.ico HTTP/1.1
Host: 1701666918.eurotesting99.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701666918.eurotesting99.cc/index/user/login/1701666950.html
Cookie: think_var=en_us; s9851347b=nv42f0kb156bol713k5bnaleb7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Mon, 04 Dec 2023 05:15:55 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L9mYp9kdCs11h3IEZZkLG1kVWGm853YI70rjP5aFKVdpB48lRGT7H1ShDiH50fo%2B4hoG3HSJKzidx9eU1nbHm3MUPaoQ5MhLyusnQQp08Vfz2xf%2B50RLui%2Fq6hxVYRF30I4J4H2xXkh6umA5aE4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=86400; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830193026b1c56c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 1701666918.eurotesting99.cc/static_new/css/public.css?v=V1.24 | 104.21.16.54 | 200 OK | 17 kB |
URL GET HTTP/31701666918.eurotesting99.cc/static_new/css/public.css?v=V1.24 IP104.21.16.54:443
Requested byhttps://1701666918.eurotesting99.cc/index/user/login/1701666950.html CertificateIssuerGoogle Trust Services LLC Subjecteurotesting99.cc Fingerprint6E:75:69:3D:1B:A2:65:1E:83:B2:C8:FE:CE:BE:BB:54:6B:15:4B:93 ValiditySun, 26 Nov 2023 12:31:35 GMT - Sat, 24 Feb 2024 12:31:34 GMT
File typeASCII text, with CRLF line terminators Hash169e4de5136bed51956394ccd4328122 3fca078ed53575c53e868fffa9be8cffe910684c ce9c68517b2551c460aa4225e927dd8a58775df119518be2bdcc6532ea859fe7
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /static_new/css/public.css?v=V1.24 HTTP/1.1
Host: 1701666918.eurotesting99.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701666918.eurotesting99.cc/index/user/login/1701666950.html
Cookie: think_var=en_us; s9851347b=nv42f0kb156bol713k5bnaleb7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:15:53 GMT
content-type: text/css
last-modified: Thu, 01 Sep 2022 14:01:26 GMT
vary: Accept-Encoding
etag: W/"6310bb36-43fb"
expires: Mon, 04 Dec 2023 17:15:53 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uio7EEBLXMZK90Bz49J2iQUVAGuj6foN9e5ubgBCNUdN1qPcaIdxrzJobMukheOuTFiJ0rqmRv0ULV1Tk7Z5aosYD2T2ReoDqFKrzjqcjDJOe%2B%2F0bPNcUSjbYiN1VyfCSTt3pE7cNjZRygdnIDQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=86400; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830192f92f6856c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP216.58.207.227:443
Requested byhttps://1701666918.eurotesting99.cc/index/user/login/1701666950.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data Hash3a44e06eb954b96aa043227f3534189d 23cef6993ddb2b2979e8e7647fc3763694e2ba7d b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1701666918.eurotesting99.cc
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 07:29:35 GMT
expires: Fri, 29 Nov 2024 07:29:35 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 337579
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 1701666918.eurotesting99.cc/red/jquery.cookie.js | 104.21.16.54 | 200 OK | 3.1 kB |
URL GET HTTP/31701666918.eurotesting99.cc/red/jquery.cookie.js IP104.21.16.54:443
Requested byhttps://1701666918.eurotesting99.cc/index/user/login/1701666950.html CertificateIssuerGoogle Trust Services LLC Subjecteurotesting99.cc Fingerprint6E:75:69:3D:1B:A2:65:1E:83:B2:C8:FE:CE:BE:BB:54:6B:15:4B:93 ValiditySun, 26 Nov 2023 12:31:35 GMT - Sat, 24 Feb 2024 12:31:34 GMT
File typeASCII text, with very long lines (3441), with no line terminators Hashc70a657c6ff1764a238929b6e46fb8e4 e2a8eb96b388abf14690ea14fe4af3f600296235 466840a5176a0d6bd70e2d5ade5928ad656ca6b9cd3040a241e33478c63f5813
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /red/jquery.cookie.js HTTP/1.1
Host: 1701666918.eurotesting99.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701666918.eurotesting99.cc/index/user/login/1701666950.html
Cookie: think_var=en_us; s9851347b=nv42f0kb156bol713k5bnaleb7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:15:53 GMT
content-type: application/javascript
last-modified: Fri, 05 Mar 2021 16:36:06 GMT
vary: Accept-Encoding
etag: W/"60425df6-c31"
expires: Mon, 04 Dec 2023 17:15:53 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2FEoPuSDLbl1r9gr%2BJl%2FQ3zZ9u%2FfCkh1DaabvRLVM1K8BV6tpuauVMjpF72nI5uyO%2FFbEsKO0EexJ90jDL%2BCfNiQE9GISLeposYcMGUtrHj44OjBPqpAJdz8N51TgSjrZfVzcMsm8LLJQYsvgP0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=86400; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830192f93f7c56c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 1701666918.eurotesting99.cc/public/js/layer_mobile/need/layer.css | 104.21.16.54 | 200 OK | 5.3 kB |
URL GET HTTP/31701666918.eurotesting99.cc/public/js/layer_mobile/need/layer.css IP104.21.16.54:443
Requested byhttps://1701666918.eurotesting99.cc/index/user/login/1701666950.html CertificateIssuerGoogle Trust Services LLC Subjecteurotesting99.cc Fingerprint6E:75:69:3D:1B:A2:65:1E:83:B2:C8:FE:CE:BE:BB:54:6B:15:4B:93 ValiditySun, 26 Nov 2023 12:31:35 GMT - Sat, 24 Feb 2024 12:31:34 GMT
File typeASCII text, with very long lines (5260), with no line terminators Hash633915e62d14a714594b95b974ee0836 e11ebb64a70272c4f35b92fea064f27c4b87efad eecc7effcae5f246e6212c30c525cee9e11cadedc7d32aa6def213f1a90d98f6
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /public/js/layer_mobile/need/layer.css HTTP/1.1
Host: 1701666918.eurotesting99.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701666918.eurotesting99.cc/index/user/login/1701666950.html
Cookie: think_var=en_us; s9851347b=nv42f0kb156bol713k5bnaleb7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:15:53 GMT
content-type: text/css
last-modified: Tue, 10 Dec 2019 03:14:46 GMT
vary: Accept-Encoding
etag: W/"5def0da6-148c"
expires: Mon, 04 Dec 2023 17:15:53 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Zf3E%2FOKYlmZoWUlquFm3MVXLqsDjrTOhLJkDAxUewT0aIWjFu38UrjpAUtb0DW33FbHuCdtKCjF6du0sAu8Pm1fSoB2H1aqn0lq6igBxKGhXDCTzpCYW6qgZqHeJBnMWpPfh2tkntG4ar1KQjA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=86400; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830192f93f7e56c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 1701666918.eurotesting99.cc/red/style.css?v=V1.24 | 104.21.16.54 | 200 OK | 126 kB |
URL GET HTTP/31701666918.eurotesting99.cc/red/style.css?v=V1.24 IP104.21.16.54:443
Requested byhttps://1701666918.eurotesting99.cc/index/user/login/1701666950.html CertificateIssuerGoogle Trust Services LLC Subjecteurotesting99.cc Fingerprint6E:75:69:3D:1B:A2:65:1E:83:B2:C8:FE:CE:BE:BB:54:6B:15:4B:93 ValiditySun, 26 Nov 2023 12:31:35 GMT - Sat, 24 Feb 2024 12:31:34 GMT
Size126 kB (125806 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /red/style.css?v=V1.24 HTTP/1.1
Host: 1701666918.eurotesting99.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701666918.eurotesting99.cc/index/user/login/1701666950.html
Cookie: think_var=en_us; s9851347b=nv42f0kb156bol713k5bnaleb7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:15:53 GMT
content-type: text/css
last-modified: Wed, 07 Sep 2022 15:17:36 GMT
vary: Accept-Encoding
etag: W/"6318b610-1eb6e"
expires: Mon, 04 Dec 2023 17:15:53 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ey7ODfJpHrCYgDivHwBXxk0dmD5Eu5ekke3Wqpo8WVKxa86CEuHa2bqxNMwFAOWHJEpfHfFY7mOfwTp%2F9TbhvAw4Qdu2JVut8g1tZ8GkXm0eOsMOEftSZPKGzvK0R6HlKq1yOZlRTrcGKKgAzxA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=86400; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830192f92f6656c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 1701666918.eurotesting99.cc/red/swiper/swiper-bundle.min.css | 104.21.16.54 | 200 OK | 14 kB |
URL GET HTTP/31701666918.eurotesting99.cc/red/swiper/swiper-bundle.min.css IP104.21.16.54:443
Requested byhttps://1701666918.eurotesting99.cc/index/user/login/1701666950.html CertificateIssuerGoogle Trust Services LLC Subjecteurotesting99.cc Fingerprint6E:75:69:3D:1B:A2:65:1E:83:B2:C8:FE:CE:BE:BB:54:6B:15:4B:93 ValiditySun, 26 Nov 2023 12:31:35 GMT - Sat, 24 Feb 2024 12:31:34 GMT
File typeASCII text, with very long lines (13663) Hash4d0619d7577a990881a0079718c5c92e 02553ae8ed1026ae5e1fe6cc5883fd42379e5e68 f9a55bcc80d6d8b2815299c5501cddaa8e5f3f697cdb8f5ce1e3e924097117ba
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /red/swiper/swiper-bundle.min.css HTTP/1.1
Host: 1701666918.eurotesting99.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701666918.eurotesting99.cc/index/user/login/1701666950.html
Cookie: think_var=en_us; s9851347b=nv42f0kb156bol713k5bnaleb7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:15:53 GMT
content-type: text/css
last-modified: Fri, 05 Mar 2021 16:40:04 GMT
vary: Accept-Encoding
etag: W/"60425ee4-3661"
expires: Mon, 04 Dec 2023 17:15:53 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dX%2Fl4LeNWgdmevel4imWpRh6cebbuXuqBq90Bg2QDLcvujOHsKNrE8Iqdbd0WQOfxMU9o%2FrcLai1CSYkSnNf2C0LB0%2BdxMgqOxtKGu%2BSx9vH4NfmZ%2BJQoLZMhj1xoM%2FLg33yIWBtNk1JPnQa1Zk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=86400; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830192f92f6556c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 1701666918.eurotesting99.cc/red/bootstrap/js/bootstrap.min.js | 104.21.16.54 | 200 OK | 64 kB |
URL GET HTTP/31701666918.eurotesting99.cc/red/bootstrap/js/bootstrap.min.js IP104.21.16.54:443
Requested byhttps://1701666918.eurotesting99.cc/index/user/login/1701666950.html CertificateIssuerGoogle Trust Services LLC Subjecteurotesting99.cc Fingerprint6E:75:69:3D:1B:A2:65:1E:83:B2:C8:FE:CE:BE:BB:54:6B:15:4B:93 ValiditySun, 26 Nov 2023 12:31:35 GMT - Sat, 24 Feb 2024 12:31:34 GMT
File typeASCII text, with very long lines (63188) Hashf0c2bcf5ef0c4476508d79ec9cdcce07 3beed68ed7d753c6bf4f61c26386ddd7929ba030 edd03b96ae4ff7886406c59d7dfeeaa1b624a7da297bf2f92d0cb6b7f9633cba
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /red/bootstrap/js/bootstrap.min.js HTTP/1.1
Host: 1701666918.eurotesting99.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701666918.eurotesting99.cc/index/user/login/1701666950.html
Cookie: think_var=en_us; s9851347b=nv42f0kb156bol713k5bnaleb7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:15:53 GMT
content-type: application/javascript
last-modified: Sat, 06 Mar 2021 03:08:34 GMT
vary: Accept-Encoding
etag: W/"6042f232-f7eb"
expires: Mon, 04 Dec 2023 17:15:53 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UJgsbnxzVlokBK8NmxhlVdUllibT67j9TTNyzS6%2FHqv%2BesmSMnJScxg%2FHaexFNr3PZoc7prXKTTqG3v5uARxHC%2F7oKdyykBw%2FrmNc4BIjhQOuyukvjKpk8Vbsa%2BbkXU53f%2B1cJmhx5V54H6fur8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=86400; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830192f93f7a56c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 1701666918.eurotesting99.cc/vue.js | 104.21.16.54 | 200 OK | 344 kB |
URL GET HTTP/31701666918.eurotesting99.cc/vue.js IP104.21.16.54:443
Requested byhttps://1701666918.eurotesting99.cc/index/user/login/1701666950.html CertificateIssuerGoogle Trust Services LLC Subjecteurotesting99.cc Fingerprint6E:75:69:3D:1B:A2:65:1E:83:B2:C8:FE:CE:BE:BB:54:6B:15:4B:93 ValiditySun, 26 Nov 2023 12:31:35 GMT - Sat, 24 Feb 2024 12:31:34 GMT
Size344 kB (343988 bytes) Hashf5c020d18d70f21851364d0570d38127 5dba3f5cb7463e356310fc14e26d3358c1b00ed2 58692c4b6420c192dcf7620267b09183cf3c4bd6050b31843698e69a59c26e6c
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /vue.js HTTP/1.1
Host: 1701666918.eurotesting99.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701666918.eurotesting99.cc/index/user/login/1701666950.html
Cookie: think_var=en_us; s9851347b=nv42f0kb156bol713k5bnaleb7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:15:54 GMT
content-type: application/javascript
last-modified: Sun, 28 Aug 2022 23:13:22 GMT
vary: Accept-Encoding
etag: W/"630bf692-53fb4"
expires: Mon, 04 Dec 2023 17:15:53 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n5RYhl4QQW3pzwifGX6YcN2P%2BEm2srvDpGIYg6Mm0o8GebUI%2BmGJhmUUL1tNLmaPEx1FAXLLZcIsPAE7F1VJxch6ts2Hrk%2BQIDs%2FK2g2Gl5%2BTdxgad6gSaA4iMO%2F0DL%2BBhFkYog9N0gPMQFbezU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=86400; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830192f91f6256c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/icon?family=Material+Icons | 142.250.74.106 | 200 OK | 565 B |
URL GET HTTP/2fonts.googleapis.com/icon?family=Material+Icons IP142.250.74.106:443
Requested byhttps://1701666918.eurotesting99.cc/index/user/login/1701666950.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42 ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File typeASCII text, with very long lines (588), with no line terminators Hashbdcf60bde5544e1017e1f2e60888a9c7 6fb24309b7ff90c1c99d19c0c7a127a16508840e d701601406acfca6bfc0c58b411446e3e0e96c659f35c143355d3dd72c390952
GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701666918.eurotesting99.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 04 Dec 2023 05:15:53 GMT
date: Mon, 04 Dec 2023 05:15:53 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap | 142.250.74.106 | 200 OK | 9.1 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap IP142.250.74.106:443
Requested byhttps://1701666918.eurotesting99.cc/index/user/login/1701666950.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42 ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File typeASCII text, with very long lines (9360), with no line terminators Hash311d8cdf954644f222105d26d89d1d7f 1445a416c8f15a49fb6afb69d25b8ccb01db4b66 45d9a25c93de59121371b5487af8dd0ed67b61136cf072a7622f202a11740f8d
GET /css?family=Roboto:300,400,500,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701666918.eurotesting99.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 04 Dec 2023 05:15:53 GMT
date: Mon, 04 Dec 2023 05:15:53 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 1701666918.eurotesting99.cc/css/app.css | 104.21.16.54 | 200 OK | 24 kB |
URL GET HTTP/31701666918.eurotesting99.cc/css/app.css IP104.21.16.54:443
Requested byhttps://1701666918.eurotesting99.cc/index/user/login/1701666950.html CertificateIssuerGoogle Trust Services LLC Subjecteurotesting99.cc Fingerprint6E:75:69:3D:1B:A2:65:1E:83:B2:C8:FE:CE:BE:BB:54:6B:15:4B:93 ValiditySun, 26 Nov 2023 12:31:35 GMT - Sat, 24 Feb 2024 12:31:34 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /css/app.css HTTP/1.1
Host: 1701666918.eurotesting99.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701666918.eurotesting99.cc/index/user/login/1701666950.html
Cookie: think_var=en_us; s9851347b=nv42f0kb156bol713k5bnaleb7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:15:53 GMT
content-type: text/css
last-modified: Tue, 18 Oct 2022 13:16:50 GMT
vary: Accept-Encoding
etag: W/"634ea742-5ea3"
expires: Mon, 04 Dec 2023 17:15:53 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gcI2ijr%2F5cOxxZ0xD%2FWxaqq6LiAPrc8ls%2BKfn%2FZvmyYRSlFZu77q9P1oy9wO0Xja9BNoySqUWRWRPyV7ePmdb6IGcu1V8F4BEoOpt1CNaA7DqTnCxxUbpXeH8CYTzrAu0nnHH0ovrkzvHPKVeAc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=86400; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830192f92f6956c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 1701666918.eurotesting99.cc/red/swiper/swiper-bundle.min.js | 104.21.16.54 | 200 OK | 140 kB |
URL GET HTTP/31701666918.eurotesting99.cc/red/swiper/swiper-bundle.min.js IP104.21.16.54:443
Requested byhttps://1701666918.eurotesting99.cc/index/user/login/1701666950.html CertificateIssuerGoogle Trust Services LLC Subjecteurotesting99.cc Fingerprint6E:75:69:3D:1B:A2:65:1E:83:B2:C8:FE:CE:BE:BB:54:6B:15:4B:93 ValiditySun, 26 Nov 2023 12:31:35 GMT - Sat, 24 Feb 2024 12:31:34 GMT
File typeASCII text, with very long lines (65278) Size140 kB (139961 bytes) Hashc4358cb63a4b96c5d71a2fb630871f30 be3b7d9d5bbd680d035f768345778d84eb08fe23 c26293076ae548cd0614c5946e9c16f34bd7810fd2f63deeaa28df61ce935229
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /red/swiper/swiper-bundle.min.js HTTP/1.1
Host: 1701666918.eurotesting99.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701666918.eurotesting99.cc/index/user/login/1701666950.html
Cookie: think_var=en_us; s9851347b=nv42f0kb156bol713k5bnaleb7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:15:54 GMT
content-type: application/javascript
last-modified: Fri, 05 Mar 2021 16:40:04 GMT
vary: Accept-Encoding
etag: W/"60425ee4-222b9"
expires: Mon, 04 Dec 2023 17:15:53 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gvyDuE7ZqDVmavnFPypR9oauRaarw3sL22v2mIoYMFyBBBiEHTmQqKChz3RPPWIhmGlnhMoPYpIH%2FFi1s2oWPTfRGsM6QOsiWmYwOlJTUqeinTvKXmu5KrMpqor9botsAD1ijAhgNw1Ujkno0Ww%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=86400; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830192f93f7b56c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP216.58.207.227:443
Requested byhttps://1701666918.eurotesting99.cc/index/user/login/1701666950.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1701666918.eurotesting99.cc
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:13:56 GMT
expires: Thu, 28 Nov 2024 21:13:56 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 374518
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 1701666918.eurotesting99.cc/index/index/user/login/1701666919.html/index/user/login/1701666919.html/index/user/login/1701666932.html | 104.21.16.54 | 301 Moved Permanently | 12 kB |
URL User Request GET HTTP/21701666918.eurotesting99.cc/index/index/user/login/1701666919.html/index/user/login/1701666919.html/index/user/login/1701666932.html IP104.21.16.54:443
CertificateIssuerGoogle Trust Services LLC Subjecteurotesting99.cc Fingerprint6E:75:69:3D:1B:A2:65:1E:83:B2:C8:FE:CE:BE:BB:54:6B:15:4B:93 ValiditySun, 26 Nov 2023 12:31:35 GMT - Sat, 24 Feb 2024 12:31:34 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /index/index/user/login/1701666919.html/index/user/login/1701666919.html/index/user/login/1701666932.html HTTP/1.1
Host: 1701666918.eurotesting99.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Mon, 04 Dec 2023 05:15:50 GMT
content-type: text/html; charset=utf-8
set-cookie: think_var=en_us; expires=Mon, 04-Dec-2023 05:45:49 GMT; Max-Age=1799; path=/; HttpOnly
s9851347b=nv42f0kb156bol713k5bnaleb7; path=/; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cache-control: no-cache,must-revalidate
location: /index/user/login/1701666950.html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H7UKtHXbzIJ1n%2FQIsmdqKwZ36DV3BKAIYT5l%2F0xtX%2Bz7aLAMhCwGx%2Bp1RpmpkauACgq9cvoY6ygBD1A3Etjk%2BTsu1iQYP84yKSJ9POfcT1foTkcM7yOuL03QQydkD%2FSONu4%2Bkjaj5Jss%2BWRgNN4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=86400; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830192dccc28b51b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 1701666918.eurotesting99.cc/public/js/layer_mobile/need/layer.css?2.0 | 104.21.16.54 | 200 OK | 5.3 kB |
URL GET HTTP/31701666918.eurotesting99.cc/public/js/layer_mobile/need/layer.css?2.0 IP104.21.16.54:443
Requested byhttps://1701666918.eurotesting99.cc/index/user/login/1701666950.html CertificateIssuerGoogle Trust Services LLC Subjecteurotesting99.cc Fingerprint6E:75:69:3D:1B:A2:65:1E:83:B2:C8:FE:CE:BE:BB:54:6B:15:4B:93 ValiditySun, 26 Nov 2023 12:31:35 GMT - Sat, 24 Feb 2024 12:31:34 GMT
File typeASCII text, with very long lines (5260), with no line terminators Hash633915e62d14a714594b95b974ee0836 e11ebb64a70272c4f35b92fea064f27c4b87efad eecc7effcae5f246e6212c30c525cee9e11cadedc7d32aa6def213f1a90d98f6
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /public/js/layer_mobile/need/layer.css?2.0 HTTP/1.1
Host: 1701666918.eurotesting99.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701666918.eurotesting99.cc/index/user/login/1701666950.html
Cookie: think_var=en_us; s9851347b=nv42f0kb156bol713k5bnaleb7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:15:55 GMT
content-type: text/css
last-modified: Tue, 10 Dec 2019 03:14:46 GMT
vary: Accept-Encoding
etag: W/"5def0da6-148c"
expires: Mon, 04 Dec 2023 17:15:55 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gOX4zXLN6YYouEtNL3oV8Dq9DGGpOx2hLY4Tw%2BnTkjsMy63rsdl%2FNc%2B91wv8O%2BnJF81pF611vjAAX%2FNqeBB21f1noXRfLPBVvcuSKSdw9w7PVThQIBICqHLStMBXkci4NujgUdrcoyJmkd5hKQc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=86400; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 83019300baa256c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 1701666918.eurotesting99.cc/red/popper.min.js | 104.21.16.54 | 200 OK | 21 kB |
URL GET HTTP/31701666918.eurotesting99.cc/red/popper.min.js IP104.21.16.54:443
Requested byhttps://1701666918.eurotesting99.cc/index/user/login/1701666950.html CertificateIssuerGoogle Trust Services LLC Subjecteurotesting99.cc Fingerprint6E:75:69:3D:1B:A2:65:1E:83:B2:C8:FE:CE:BE:BB:54:6B:15:4B:93 ValiditySun, 26 Nov 2023 12:31:35 GMT - Sat, 24 Feb 2024 12:31:34 GMT
File typeASCII text, with very long lines (20831) Hash56456db9d72a4b380ed3cb63095e6022 6dbce88aee15b42f29083df7a07513cf3b486ba0 66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Salesforce |
GET /red/popper.min.js HTTP/1.1
Host: 1701666918.eurotesting99.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1701666918.eurotesting99.cc/index/user/login/1701666950.html
Cookie: think_var=en_us; s9851347b=nv42f0kb156bol713k5bnaleb7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:15:53 GMT
content-type: application/javascript
last-modified: Fri, 05 Mar 2021 16:34:56 GMT
vary: Accept-Encoding
etag: W/"60425db0-520c"
expires: Mon, 04 Dec 2023 17:15:53 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=86FM7hqlL785RpwsIMP1xeA4ADwGhG9dEU1DivFEFOCsyMsntN3KCqqTTUYrrGRfFlQd2I2%2FXky9yZfDK9AAq5LxFvcX3eAc2hAvewunzbwiTVwOadRMDs%2BKLLuiSFIMsJx0J0KrSuh%2F9cuGFG8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=86400; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 830192f93f7956c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|