| 9i9u8y7t6t77y.pages.dev/?user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/86.0.4240.75%20Safari/537.36 | 188.114.97.1 | 200 OK | 19 kB |
URL User Request GET HTTP/29i9u8y7t6t77y.pages.dev/?user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/86.0.4240.75%20Safari/537.36 IP188.114.97.1:443
CertificateIssuerLet's Encrypt Subject9i9u8y7t6t77y.pages.dev Fingerprint42:4B:A5:1B:98:0D:5E:C1:79:D7:5F:71:36:56:A3:CB:73:65:D1:A6 ValiditySat, 23 Mar 2024 23:06:11 GMT - Fri, 21 Jun 2024 23:06:10 GMT
File typeHTML document, ASCII text, with very long lines (16646) Hash3b1483bc4b5323ac3aca4e59087aee81 28c6bb6c4bc325d11109f48409461d701a2b8f06 c834020b404d188632042b66d93c6b1cf9cc762bf7da07559d5403a6e226ac46
Analyzer | Verdict | Alert | OpenPhish | phishing | Generic/Spear Phishing |
GET /?user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/86.0.4240.75%20Safari/537.36 HTTP/1.1
Host: 9i9u8y7t6t77y.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 14:40:11 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"3b10a666c53a8e052906e3952ba70d6d"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pk35TO5qmpOJZGQoNdh7p63U9B2D5QvFiZ6Fukt9X1VdvtwGvemFdzyuHreofXfDsMyTrbtgkhuSEwVWNp88NoRg5BBFbU5I%2FaPiyzPr8ZbVLmIIcB2kDA4vFXBTPTKH9cpYdJ494OVdpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8796d8d5794f56bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 9i9u8y7t6t77y.pages.dev/fonts/sqmarket/sqmarket-regular.woff | 188.114.97.1 | 404 Not Found | 16 kB |
URL GET HTTP/39i9u8y7t6t77y.pages.dev/fonts/sqmarket/sqmarket-regular.woff IP188.114.97.1:443
Requested byhttps://9i9u8y7t6t77y.pages.dev/?user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/86.0.4240.75%20Safari/537.36 CertificateIssuerLet's Encrypt Subject9i9u8y7t6t77y.pages.dev Fingerprint42:4B:A5:1B:98:0D:5E:C1:79:D7:5F:71:36:56:A3:CB:73:65:D1:A6 ValiditySat, 23 Mar 2024 23:06:11 GMT - Fri, 21 Jun 2024 23:06:10 GMT
File typeHTML document, ASCII text, with very long lines (15956) Hashf6b4ca4ed235dee13a5a751c9ee4e3c1 b127a8f9e745b6774cb17f3784902d85b836c766 9eeb69bca26c982ff8ba618ba261d7cfcc402f89d2e094599bf6dee394105a0a
Analyzer | Verdict | Alert | OpenPhish | phishing | Generic/Spear Phishing |
GET /fonts/sqmarket/sqmarket-regular.woff HTTP/1.1
Host: 9i9u8y7t6t77y.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://9i9u8y7t6t77y.pages.dev/login.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Wed, 24 Apr 2024 14:40:11 GMT
content-type: text/html; charset=utf-8
content-length: 16053
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r%2FCmlXd01Dq8HtrXXTGf5TZGLQilID926VtdxDDMiCxGo2dPO%2FPbLKZZcjl%2B3ARI6eg%2FtOF76Lq%2Bj7AIDo%2BaeXoAfEjBvyFCWFZo3l2cavzdVLthryHqVfGpv8HX2Dr%2BJIFpUI8Pq0M5SA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8796d8d968d656af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.google.com/s2/favicons?domain=null | 216.58.211.4 | 301 Moved Permanently | 324 B |
URL GET HTTP/2www.google.com/s2/favicons?domain=null IP216.58.211.4:443
Requested byhttps://9i9u8y7t6t77y.pages.dev/?user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/86.0.4240.75%20Safari/537.36 CertificateIssuerGoogle Trust Services LLC Subjectwww.google.com FingerprintCD:48:2A:0C:60:1D:37:5A:D4:D5:A9:F7:DE:A0:2B:5E:2F:29:76:73 ValidityMon, 18 Mar 2024 20:38:49 GMT - Mon, 10 Jun 2024 20:38:48 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hash19da2041e0568020940488812c827188 c1a1383d8460541f37db92d4cf5afc09aa0ca5f8 5c97b7ffcd84e5bf686a07cab2a0eb54fec29c1377d270445b930683b9d03507
GET /s2/favicons?domain=null HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://9i9u8y7t6t77y.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://null&size=16
x-content-type-options: nosniff
server: sffe
content-length: 324
x-xss-protection: 0
date: Wed, 24 Apr 2024 14:35:40 GMT
expires: Wed, 24 Apr 2024 15:05:40 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 271
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://null&size=16 | 142.250.74.132 | | 726 B |
URL t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://null&size=16 IP142.250.74.132:0
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hashb8a0bf372c762e966cc99ede8682bc71 2d7c9b60d1e2b4f4726141de2e4ab738110b9287 59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://null&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://9i9u8y7t6t77y.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Wed, 24 Apr 2024 14:40:12 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 9i9u8y7t6t77y.pages.dev/favicon.ico | 188.114.97.1 | 404 Not Found | 3.2 kB |
URL GET HTTP/39i9u8y7t6t77y.pages.dev/favicon.ico IP188.114.97.1:443
Requested byhttps://9i9u8y7t6t77y.pages.dev/?user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/86.0.4240.75%20Safari/537.36 CertificateIssuerLet's Encrypt Subject9i9u8y7t6t77y.pages.dev Fingerprint42:4B:A5:1B:98:0D:5E:C1:79:D7:5F:71:36:56:A3:CB:73:65:D1:A6 ValiditySat, 23 Mar 2024 23:06:11 GMT - Fri, 21 Jun 2024 23:06:10 GMT
File typeHTML document, ASCII text, with very long lines (15956) Hashf6b4ca4ed235dee13a5a751c9ee4e3c1 b127a8f9e745b6774cb17f3784902d85b836c766 9eeb69bca26c982ff8ba618ba261d7cfcc402f89d2e094599bf6dee394105a0a
Analyzer | Verdict | Alert | OpenPhish | phishing | Generic/Spear Phishing |
GET /favicon.ico HTTP/1.1
Host: 9i9u8y7t6t77y.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://9i9u8y7t6t77y.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Wed, 24 Apr 2024 14:40:11 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NG%2B9PSgpX44DA7XDT856y3tg1WqxSnTm5%2FCcLvaq1epx5WUS4o6JJKwg%2FPSfZ3lrhihWVDQQctTCJL6PK14OZ1A3PtuRxFPXO9ew0zRR3mfYKr5cPWQ6MwxjW7IYM0ygUHmNcQ%2BPbEy6tg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8796d8d88f7e56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 9i9u8y7t6t77y.pages.dev/fonts/sqmarket/sqmarket-regular.ttf | 188.114.97.1 | 404 Not Found | 3.2 kB |
URL GET HTTP/39i9u8y7t6t77y.pages.dev/fonts/sqmarket/sqmarket-regular.ttf IP188.114.97.1:443
Requested byhttps://9i9u8y7t6t77y.pages.dev/?user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/86.0.4240.75%20Safari/537.36 CertificateIssuerLet's Encrypt Subject9i9u8y7t6t77y.pages.dev Fingerprint42:4B:A5:1B:98:0D:5E:C1:79:D7:5F:71:36:56:A3:CB:73:65:D1:A6 ValiditySat, 23 Mar 2024 23:06:11 GMT - Fri, 21 Jun 2024 23:06:10 GMT
File typeHTML document, ASCII text, with very long lines (15956) Hashf6b4ca4ed235dee13a5a751c9ee4e3c1 b127a8f9e745b6774cb17f3784902d85b836c766 9eeb69bca26c982ff8ba618ba261d7cfcc402f89d2e094599bf6dee394105a0a
Analyzer | Verdict | Alert | OpenPhish | phishing | Generic/Spear Phishing |
GET /fonts/sqmarket/sqmarket-regular.ttf HTTP/1.1
Host: 9i9u8y7t6t77y.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://9i9u8y7t6t77y.pages.dev/login.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Wed, 24 Apr 2024 14:40:11 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OMGGpxh2BnP1bY8Fm%2B5bb8oD6Vcd3NZqGZhzwAhSE98vn6Akc1yI5mxVJBDKingQmcAPpJBsmzHXndaKTT7XT%2F3bKKzfxuygAVmu9DR%2BrGbDG8Reafw9g78bHy05vfokqXqUlueJUym4XA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8796d8d9b93756af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 9i9u8y7t6t77y.pages.dev/fonts/sqmarket/sqmarket-regular.otf | 188.114.97.1 | 404 Not Found | 9.4 kB |
URL GET HTTP/39i9u8y7t6t77y.pages.dev/fonts/sqmarket/sqmarket-regular.otf IP188.114.97.1:443
Requested byhttps://9i9u8y7t6t77y.pages.dev/?user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/86.0.4240.75%20Safari/537.36 CertificateIssuerLet's Encrypt Subject9i9u8y7t6t77y.pages.dev Fingerprint42:4B:A5:1B:98:0D:5E:C1:79:D7:5F:71:36:56:A3:CB:73:65:D1:A6 ValiditySat, 23 Mar 2024 23:06:11 GMT - Fri, 21 Jun 2024 23:06:10 GMT
File typeHTML document, ASCII text, with very long lines (15956) Hashf6b4ca4ed235dee13a5a751c9ee4e3c1 b127a8f9e745b6774cb17f3784902d85b836c766 9eeb69bca26c982ff8ba618ba261d7cfcc402f89d2e094599bf6dee394105a0a
Analyzer | Verdict | Alert | OpenPhish | phishing | Generic/Spear Phishing |
GET /fonts/sqmarket/sqmarket-regular.otf HTTP/1.1
Host: 9i9u8y7t6t77y.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://9i9u8y7t6t77y.pages.dev/login.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Wed, 24 Apr 2024 14:40:11 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eZ77DqAuSCNW%2Bw66VqD4x58tlALcry72T6xnMgH1maa%2FcM%2FWb0kbXPoUgvNgLhAbHuMR9gmyJk5%2B%2FGnDkzGFM3vFwIKLDuXMCaZiXQjCGRVPQ43YDNNM6%2F9ywZY73w4uS9cnWWfoJASASg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8796d8d8cfc856af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 9i9u8y7t6t77y.pages.dev/login.css | 188.114.97.1 | 200 OK | 75 kB |
URL GET HTTP/39i9u8y7t6t77y.pages.dev/login.css IP188.114.97.1:443
Requested byhttps://9i9u8y7t6t77y.pages.dev/?user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/86.0.4240.75%20Safari/537.36 CertificateIssuerLet's Encrypt Subject9i9u8y7t6t77y.pages.dev Fingerprint42:4B:A5:1B:98:0D:5E:C1:79:D7:5F:71:36:56:A3:CB:73:65:D1:A6 ValiditySat, 23 Mar 2024 23:06:11 GMT - Fri, 21 Jun 2024 23:06:10 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Generic/Spear Phishing |
GET /login.css HTTP/1.1
Host: 9i9u8y7t6t77y.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://9i9u8y7t6t77y.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 14:40:11 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"6c4d7dcb550dd3f369163ad7c02f8caa"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dTOBCoy2ZvUI227YSZEEDKODAIXFe2qPu3HeVhQojZEZtLGBQL4XdPTMlcBeUMdL%2FmUeJDZ1wlB1Mq9A5%2Felrni8jFJJ5s4D1CQrb0ou1uR03bmUdSSI0lXMCBKkDDsO6prklIv%2Bg2SUdg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8796d8d7de6456af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://null&size=16 | 142.250.74.132 | 404 Not Found | 726 B |
URL GET HTTP/2t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://null&size=16 IP142.250.74.132:443
Requested byhttps://9i9u8y7t6t77y.pages.dev/?user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/86.0.4240.75%20Safari/537.36 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hashb8a0bf372c762e966cc99ede8682bc71 2d7c9b60d1e2b4f4726141de2e4ab738110b9287 59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://null&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://9i9u8y7t6t77y.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Wed, 24 Apr 2024 14:40:12 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 9i9u8y7t6t77y.pages.dev/fonts/sqmarket/sqmarket-medium.otf | 188.114.97.1 | 404 Not Found | 16 kB |
URL GET HTTP/39i9u8y7t6t77y.pages.dev/fonts/sqmarket/sqmarket-medium.otf IP188.114.97.1:443
Requested byhttps://9i9u8y7t6t77y.pages.dev/?user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/86.0.4240.75%20Safari/537.36 CertificateIssuerLet's Encrypt Subject9i9u8y7t6t77y.pages.dev Fingerprint42:4B:A5:1B:98:0D:5E:C1:79:D7:5F:71:36:56:A3:CB:73:65:D1:A6 ValiditySat, 23 Mar 2024 23:06:11 GMT - Fri, 21 Jun 2024 23:06:10 GMT
File typeHTML document, ASCII text, with very long lines (15956) Hashf6b4ca4ed235dee13a5a751c9ee4e3c1 b127a8f9e745b6774cb17f3784902d85b836c766 9eeb69bca26c982ff8ba618ba261d7cfcc402f89d2e094599bf6dee394105a0a
Analyzer | Verdict | Alert | OpenPhish | phishing | Generic/Spear Phishing |
GET /fonts/sqmarket/sqmarket-medium.otf HTTP/1.1
Host: 9i9u8y7t6t77y.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://9i9u8y7t6t77y.pages.dev/login.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Wed, 24 Apr 2024 14:40:11 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lxRn9ID%2FbV%2F0YV758bO3QIGdZ5FjOBdXei8U4SafVytGxExSLT%2BvM0i10iIh4ZUlvvFW936HgIfon2gkodevr0m9pOgVmPZxn7NuCQ%2FYFIg%2BU7mnt5%2FIw%2Bl7wDHeLcqcwOYNGIkTqV3mgw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8796d8d8cfbd56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 9i9u8y7t6t77y.pages.dev/fonts/sqmarket/sqmarket-medium.woff | 188.114.97.1 | 404 Not Found | 16 kB |
URL GET HTTP/39i9u8y7t6t77y.pages.dev/fonts/sqmarket/sqmarket-medium.woff IP188.114.97.1:443
Requested byhttps://9i9u8y7t6t77y.pages.dev/?user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/86.0.4240.75%20Safari/537.36 CertificateIssuerLet's Encrypt Subject9i9u8y7t6t77y.pages.dev Fingerprint42:4B:A5:1B:98:0D:5E:C1:79:D7:5F:71:36:56:A3:CB:73:65:D1:A6 ValiditySat, 23 Mar 2024 23:06:11 GMT - Fri, 21 Jun 2024 23:06:10 GMT
File typeHTML document, ASCII text, with very long lines (15956) Hashf6b4ca4ed235dee13a5a751c9ee4e3c1 b127a8f9e745b6774cb17f3784902d85b836c766 9eeb69bca26c982ff8ba618ba261d7cfcc402f89d2e094599bf6dee394105a0a
Analyzer | Verdict | Alert | OpenPhish | phishing | Generic/Spear Phishing |
GET /fonts/sqmarket/sqmarket-medium.woff HTTP/1.1
Host: 9i9u8y7t6t77y.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://9i9u8y7t6t77y.pages.dev/login.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Wed, 24 Apr 2024 14:40:11 GMT
content-type: text/html; charset=utf-8
content-length: 16053
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HjAcamUYI9w5NWOlZFkOeprYnACcKt4mJy8eXg7CzHzcYJoTGHnIQMqMuwxlOzwElzUlEczGfwsGn3nsEYwr42cnHQ2ZLSVJ9fQsaTEiq%2FgQi%2FeX%2Bq0VzOocUAA7YZH6CGIHIiO58fR%2Fmg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8796d8d958b356af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 9i9u8y7t6t77y.pages.dev/fonts/sqmarket/sqmarket-medium.ttf | 188.114.97.1 | 404 Not Found | 16 kB |
URL GET HTTP/39i9u8y7t6t77y.pages.dev/fonts/sqmarket/sqmarket-medium.ttf IP188.114.97.1:443
Requested byhttps://9i9u8y7t6t77y.pages.dev/?user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/86.0.4240.75%20Safari/537.36 CertificateIssuerLet's Encrypt Subject9i9u8y7t6t77y.pages.dev Fingerprint42:4B:A5:1B:98:0D:5E:C1:79:D7:5F:71:36:56:A3:CB:73:65:D1:A6 ValiditySat, 23 Mar 2024 23:06:11 GMT - Fri, 21 Jun 2024 23:06:10 GMT
File typeHTML document, ASCII text, with very long lines (15956) Hashf6b4ca4ed235dee13a5a751c9ee4e3c1 b127a8f9e745b6774cb17f3784902d85b836c766 9eeb69bca26c982ff8ba618ba261d7cfcc402f89d2e094599bf6dee394105a0a
Analyzer | Verdict | Alert | OpenPhish | phishing | Generic/Spear Phishing |
GET /fonts/sqmarket/sqmarket-medium.ttf HTTP/1.1
Host: 9i9u8y7t6t77y.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://9i9u8y7t6t77y.pages.dev/login.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Wed, 24 Apr 2024 14:40:11 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EVHOKpWaq%2B0eh72g17%2F7iXelVhZPaHUxEWYKgrc2ot2hxD0epzrO1mIjAFRqBt0udItPFLZkwz%2FklY6VwqFRenBy0z99AsBakha2brhmBGvRSm991NMKvOryKl9vFAbYAVCkg6ai4xQ3aw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8796d8d9a92456af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|