| fonts.gstatic.com/s/roboto/v15/CWB0XYA8bzo0kSThX0UTuA.woff2 | 216.58.207.227 | 200 OK | 15 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v15/CWB0XYA8bzo0kSThX0UTuA.woff2 IP216.58.207.227:443
Requested byhttps://earned-staying-convenient-matched.trycloudflare.com/login.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 14584, version 2.0 Hash7e367be02cd17a96d513ab74846bafb3 1eb572d023f15389ce0aa4bc54fdd28c9f717223 f7bbc8461b2f4cc870743729ee5d44ce0466ca67618f89a8942b655f8a644e68
GET /s/roboto/v15/CWB0XYA8bzo0kSThX0UTuA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://earned-staying-convenient-matched.trycloudflare.com
DNT: 1
Connection: keep-alive
Referer: https://earned-staying-convenient-matched.trycloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14584
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:35:55 GMT
expires: Fri, 18 Apr 2025 17:35:55 GMT
cache-control: public, max-age=31536000
age: 165659
last-modified: Wed, 14 Jan 2015 22:47:37 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.google.com/favicon.ico | 142.250.74.164 | | 1.5 kB |
URL GET www.google.com/favicon.ico IP142.250.74.164:0
Requested byhttps://earned-staying-convenient-matched.trycloudflare.com/login.html CertificateIssuerGoogle Trust Services LLC Subjectwww.google.com FingerprintCD:48:2A:0C:60:1D:37:5A:D4:D5:A9:F7:DE:A0:2B:5E:2F:29:76:73 ValidityMon, 18 Mar 2024 20:38:49 GMT - Mon, 10 Jun 2024 20:38:48 GMT
File typeMS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel Hashf3418a443e7d841097c714d69ec4bcb8 49263695f6b0cdd72f45cf1b775e660fdc36c606 6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770
GET /favicon.ico HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://earned-staying-convenient-matched.trycloudflare.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1494
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 19 Apr 2024 05:27:47 GMT
expires: Sat, 27 Apr 2024 05:27:47 GMT
cache-control: public, max-age=691200
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
content-type: image/x-icon
vary: Accept-Encoding
age: 122948
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| earned-staying-convenient-matched.trycloudflare.com/login.html | 104.16.230.132 | 200 OK | 748 kB |
URL User Request GET HTTP/2earned-staying-convenient-matched.trycloudflare.com/login.html IP104.16.230.132:443
CertificateIssuerLet's Encrypt Subjecttrycloudflare.com Fingerprint26:05:9A:89:F8:1B:AA:DF:7C:3E:07:C2:4F:C2:B9:A9:73:32:CC:D0 ValidityThu, 28 Mar 2024 01:47:53 GMT - Wed, 26 Jun 2024 01:47:52 GMT
Size748 kB (748486 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Google Inc. | Quad9 DNS | malicious | Sinkholed |
GET /login.html HTTP/1.1
Host: earned-staying-convenient-matched.trycloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 Apr 2024 15:36:54 GMT
content-type: text/html; charset=UTF-8
cf-ray: 87763669fabb568f-OSL
cf-cache-status: DYNAMIC
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| earned-staying-convenient-matched.trycloudflare.com/jserror | 104.16.230.132 | 302 Found | 748 kB |
URL POST HTTP/2earned-staying-convenient-matched.trycloudflare.com/jserror IP104.16.230.132:443
Requested byhttps://earned-staying-convenient-matched.trycloudflare.com/login.html CertificateIssuerLet's Encrypt Subjecttrycloudflare.com Fingerprint26:05:9A:89:F8:1B:AA:DF:7C:3E:07:C2:4F:C2:B9:A9:73:32:CC:D0 ValidityThu, 28 Mar 2024 01:47:53 GMT - Wed, 26 Jun 2024 01:47:52 GMT
Size748 kB (748486 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /jserror HTTP/1.1
Host: earned-staying-convenient-matched.trycloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 6464
Origin: https://earned-staying-convenient-matched.trycloudflare.com
DNT: 1
Connection: keep-alive
Referer: https://earned-staying-convenient-matched.trycloudflare.com/login.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sat, 20 Apr 2024 15:36:54 GMT
content-type: text/html; charset=UTF-8
location: login.html
cf-ray: 8776366e5f15568f-OSL
cf-cache-status: DYNAMIC
x-powered-by: PHP/8.2.8
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
|
|
| accounts.youtube.com/accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.google.com&v=1838497349×tamp=1494410966271 | 216.58.211.14 | 200 OK | 0 B |
URL GET HTTP/2accounts.youtube.com/accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.google.com&v=1838497349×tamp=1494410966271 IP216.58.211.14:443
Requested byhttps://earned-staying-convenient-matched.trycloudflare.com/login.html CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.google.com&v=1838497349×tamp=1494410966271 HTTP/1.1
Host: accounts.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://earned-staying-convenient-matched.trycloudflare.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-frame-options: ALLOW-FROM https://accounts.google.com
content-security-policy: frame-ancestors https://accounts.google.com, script-src 'nonce-l9Mf9huIP8kUOJ1P4v7xCw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsDomainCookiesCheckConnectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsDomainCookiesCheckConnectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsDomainCookiesCheckConnectionHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 20 Apr 2024 15:36:54 GMT
cross-origin-opener-policy: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
reporting-endpoints: default="/_/AccountsDomainCookiesCheckConnectionHttp/web-reports?context=eJzjUtDikmLw0ZBikPj6kkkLiJ3SZ7CGAHHyv_OspUAsxMMx7VD_RjaBA4vWLGYGAHX5Eas"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| earned-staying-convenient-matched.trycloudflare.com/login.html | 104.16.230.132 | 200 OK | 748 kB |
URL GET HTTP/2earned-staying-convenient-matched.trycloudflare.com/login.html IP104.16.230.132:443
Requested byhttps://earned-staying-convenient-matched.trycloudflare.com/login.html CertificateIssuerLet's Encrypt Subjecttrycloudflare.com Fingerprint26:05:9A:89:F8:1B:AA:DF:7C:3E:07:C2:4F:C2:B9:A9:73:32:CC:D0 ValidityThu, 28 Mar 2024 01:47:53 GMT - Wed, 26 Jun 2024 01:47:52 GMT
Size748 kB (748486 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Google Inc. | Quad9 DNS | malicious | Sinkholed |
GET /login.html HTTP/1.1
Host: earned-staying-convenient-matched.trycloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://earned-staying-convenient-matched.trycloudflare.com/login.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 Apr 2024 15:36:55 GMT
content-type: text/html; charset=UTF-8
cf-ray: 8776367018a1568f-OSL
cf-cache-status: DYNAMIC
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2
|
|