Report - kjgluyi.pages.dev/robots.txt

Report Overview

Submitted URL
kjgluyi.pages.dev/robots.txt
IP
172.66.47.126
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-07 04:41:27
Access
public
Website Title
Document Access - Microsoft
Final URL
kjgluyi.pages.dev/robots.txt
Tags
suspicious
urlquery detections
Suspicious - Suspicious Javascript code

Detections

urlquery
3
Network Intrusion Detection
0
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
aadcdn.msftauth.net	1455	2018-10-25	2018-11-19	2024-05-06	494 B	2.2 kB	152.199.23.37
kjgluyi.pages.dev	unknown	2020-09-02	2023-08-02	2024-03-25	921 B	325 kB	172.66.47.126
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-05-06	432 B	31 kB	142.250.74.170
api.ipify.org	3267	2014-01-05	2014-10-06	2024-05-05	476 B	267 B	172.67.74.152
i.imgur.com	5110	2009-01-09	2012-05-21	2024-05-05	422 B	302 kB	151.101.236.193

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-03-25	medium	kjgluyi.pages.dev/robots.txt	Office365
2024-04-25	medium	kjgluyi.pages.dev/	Office365

PhishTank

Scan Date	Severity	Indicator	Alert
2024-04-27	medium	kjgluyi.pages.dev/robots.txt	Microsoft
2024-04-27	medium	kjgluyi.pages.dev/favicon.ico	Microsoft

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-07	medium	kjgluyi.pages.dev	Sinkholed
2024-05-07	medium	kjgluyi.pages.dev	Sinkholed

ThreatFox

No alerts detected

JavaScript (10)

	URL	Size	First Seen	Last Seen
	unknown	2.5 kB	2023-08-01	2024-05-07
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-01 21:40:12 Last Seen2024-05-07 18:29:51 Times Seen8 Hash baa742b517c0ab1c725d10ac1a6825d1 7190b9656d76dcbfa50fc4bb2219f73962518ec7 b5a0dcd791abdcbc9fb7777d1127aba5693547768e19f2f72f44442aa4a8135d Loading...

	kjgluyi.pages.dev/robots.txt	17 kB	2023-08-01	2024-05-07
Pretty URL kjgluyi.pages.dev/robots.txt IP 172.66.47.126 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-01 21:40:12 Last Seen2024-05-07 18:29:51 Times Seen8 Hash 66da7f06e2b91a32c1aa41bf0b5bc353 4e362fe39e33894b29296d84fc4508dfb78ce73a fe8ae549777f47a78623414a1b8c232aa43f070f9de5c9db6f75489d094be349 Loading...

	unknown	182 B	2023-03-07	2024-05-08
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:37 Last Seen2024-05-08 19:23:03 Times Seen325 Hash db732671932acf5ad6cc7ba786cac3bf f71039d0c37c953dfdaefdf4dad71fa22f5b368a 9bb6a6105d39f23f3d2104c024b268d766da5d41b0d785607b48a6e49120ec9b Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js	87 kB	2023-03-07	2024-05-19
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-19 12:08:40 Times Seen67984 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	unknown	144 B	2023-08-01	2024-05-07
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-01 21:40:12 Last Seen2024-05-07 18:29:51 Times Seen8 Hash 745c3957d09263194cbdca0b4c9965ed bb391d4b71a88d83f33d231bad29b2b6b9ec1ff1 4d4261b089f674334e8c34e02a7ab74e29489ce96dedcb5258962807a483ff5b Loading...

	unknown	157 B	2023-08-01	2024-05-07
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-01 21:40:12 Last Seen2024-05-07 18:29:51 Times Seen8 Hash e31db4043cdedc5d2bf7c777904ccaf9 659543c87bf84a266802df727f1534430c3beea0 92c7df8b9758fbc76bcd27ea7c43e326fecfd44914740d79d25222089df756f5 Loading...

	unknown	254 B	2023-08-01	2024-05-07
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-01 21:40:12 Last Seen2024-05-07 18:29:51 Times Seen8 Hash 7f8fb53b92d22bcf85f62956f85057aa 84f85bc013f899c0ef8dfc3e89ea6c9e54da62b0 3e1704f5b7b1403fc680bd366332c2a6dd46cd53c3a509cdbe67272ae6455919 Loading...

	unknown	624 B	2023-08-01	2024-05-07
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-01 21:40:12 Last Seen2024-05-07 18:29:51 Times Seen8 Hash dfc8e6d978aab9d957769263ec6c008f 2d90cf0bcbdc1d9c29956662603048623215a6b7 4f44bd86d51d2af83887053ab8edc56984b2ca0240f37b8aeeb1bbbdde1051d5 Loading...

		Size	First Seen	Last Seen
	#1 Write - 2bf9f8719f16e737293569b35c9d0656	221 B	2023-03-07	2024-05-16
Pretty Observations First Seen2023-03-07 01:23:37 Last Seen2024-05-16 06:59:09 Times Seen740 Hash 2bf9f8719f16e737293569b35c9d0656 fae39a6c0395a64f118e3fff97b2e19b5502a43a e546be894f1b90a3eb05e824dd39a6422ea46b4731f2cc3c082b820afe1484df Loading...

	#2 Write - 92138da4a7de93056cf1ce3d1149e9bb	9.5 kB	2023-08-01	2024-05-07
Pretty Observations First Seen2023-08-01 21:40:12 Last Seen2024-05-07 18:29:51 Times Seen8 Hash 92138da4a7de93056cf1ce3d1149e9bb 7e9056ddfa417bdf8b399595f6b0e39cace09243 989aa9d77a5581166242b8fec57b55c33e665cbb586da73001156f162acdea27 Loading...

HTTP Transactions (6)

URL IP Response Size

aadcdn.msftauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg

152.199.23.37

200 OK

1.4 kB

URL GET HTTP/2
aadcdn.msftauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
IP
152.199.23.37:443
ASN
#15133 EDGECAST

Requested by
https://kjgluyi.pages.dev/robots.txt
Certificate
IssuerDigiCert Inc
Subjectaadcdn.msftauth.net
Fingerprint3C:9E:70:F5:B3:D1:80:80:8C:97:1C:7B:7E:A8:2C:D8:7B:94:95:0B
ValidityFri, 01 Dec 2023 00:00:00 GMT - Sun, 01 Dec 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
1.4 kB (1435 bytes)
Hash
ee5c8d9fb6248c938fd0dc19370e90bd
d01a22720918b781338b5bbf9202b241a5f99ee4
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

HTTP Headers

GET /shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kjgluyi.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 3537235
cache-control: public, max-age=31536000
content-md5: nzaLxFgP7ZB3dfMcaybWzw==
content-type: image/svg+xml
date: Tue, 07 May 2024 04:41:02 GMT
etag: 0x8D79A1B9F5E121A
last-modified: Thu, 16 Jan 2020 00:32:52 GMT
server: ECAcc (ska/F76D)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: a1e45449-701e-0068-210c-804015000000
x-ms-version: 2009-09-19
content-length: 1435
X-Firefox-Spdy: h2

kjgluyi.pages.dev/robots.txt

172.66.47.126

200 OK

306 kB

URL User Request GET HTTP/2
kjgluyi.pages.dev/robots.txt
IP
172.66.47.126:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectkjgluyi.pages.dev
FingerprintEE:4F:D2:60:1A:75:37:D5:F7:B8:F6:10:D7:FB:E1:B9:3B:77:D0:F0
ValidityMon, 25 Mar 2024 19:09:19 GMT - Sun, 23 Jun 2024 19:09:18 GMT

File type
HTML document, ASCII text, with very long lines (16992), with no line terminators
Size
306 kB (306102 bytes)
Hash
f28d51a5aa21586a2fda908d1cfbb84b
4751b890b403ad5e5189199693e1cc18a280455f
575267ed8d784a909040b0bed1cbce0cb5e5ecd23c76d36fcf5708b53c39e044

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
PhishTank	phishing	Microsoft
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /robots.txt HTTP/1.1
Host: kjgluyi.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 04:41:01 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"d5672c78d3f34d93d93fca264ba743f3"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UyPlk%2B8LCnCEUT%2FwSGrM4IqdPiuA6JnewGW3UsghU%2FKG4yiYyli3%2BF5z7XY3SRbf%2B80Oi56aJFWx1QHRCSnjvz%2B0iEuKgIDmRAYgUn7iK%2Fl8mf2ajzsKaCXe4n83tSN2qxK5iQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fe890abe4d712d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

142.250.74.170

200 OK

30 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://kjgluyi.pages.dev/robots.txt
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
JavaScript source, ASCII text, with very long lines (32058)
Size
30 kB (30306 bytes)
Hash
c9f5aeeca3ad37bf2aa006139b935f0a
1055018c28ab41087ef9ccefe411606893dabea2
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

HTTP Headers

GET /ajax/libs/jquery/3.2.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kjgluyi.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30306
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 19:54:45 GMT
expires: Fri, 02 May 2025 19:54:45 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 377177
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

api.ipify.org/?format=json

172.67.74.152

200 OK

21 B

URL GET HTTP/2
api.ipify.org/?format=json
IP
172.67.74.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://kjgluyi.pages.dev/robots.txt
Certificate
IssuerGoogle Trust Services LLC
Subjectipify.org
FingerprintC8:1A:05:47:C5:73:C6:CE:DF:1D:A6:DE:00:11:A9:9A:8C:DB:EF:A7
ValidityThu, 21 Mar 2024 19:56:02 GMT - Wed, 19 Jun 2024 19:56:01 GMT

File type
JSON text data
Size
21 B (21 bytes)
Hash
7d69c71af0f191e9a72db6153f8018d1
f67c5f2887bc05654b47f76e9621e53a4091aed1
5bac6e06cf0e1ad38c55f9f9d12122272bf4b8157877629fe68cd33fe2133c65

HTTP Headers

GET /?format=json HTTP/1.1
Host: api.ipify.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kjgluyi.pages.dev/
Origin: https://kjgluyi.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 04:41:02 GMT
content-type: application/json
content-length: 21
access-control-allow-origin: *
vary: Origin
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 87fe890f5b535694-OSL
X-Firefox-Spdy: h2

kjgluyi.pages.dev/favicon.ico

172.66.47.126

200 OK

17 kB

URL GET HTTP/3
kjgluyi.pages.dev/favicon.ico
IP
172.66.47.126:443
ASN
#13335 CLOUDFLARENET

Requested by
https://kjgluyi.pages.dev/robots.txt
Certificate
IssuerGoogle Trust Services LLC
Subjectkjgluyi.pages.dev
FingerprintEE:4F:D2:60:1A:75:37:D5:F7:B8:F6:10:D7:FB:E1:B9:3B:77:D0:F0
ValidityMon, 25 Mar 2024 19:09:19 GMT - Sun, 23 Jun 2024 19:09:18 GMT

File type
HTML document, ASCII text, with very long lines (16992), with no line terminators
Size
17 kB (16992 bytes)
Hash
f28d51a5aa21586a2fda908d1cfbb84b
4751b890b403ad5e5189199693e1cc18a280455f
575267ed8d784a909040b0bed1cbce0cb5e5ecd23c76d36fcf5708b53c39e044

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
PhishTank	phishing	Microsoft
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: kjgluyi.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kjgluyi.pages.dev/robots.txt
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 04:41:02 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"d5672c78d3f34d93d93fca264ba743f3"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rUXZ5DefCnzcf3sS8UO%2FyIvH2PYRIz87ECyyjbk08mDxO9DnwxDkpoe7E5GNxOjVSCAEGEbzV4pWU9hiS4xQ35BMgv%2F%2FRF%2BhhhvPW4SwZD9VSV2kwqBzki8H8%2B3vXYxBLGPoyg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87fe890f4d89b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

i.imgur.com/uvGVFiJ.png

151.101.236.193

200 OK

302 kB

URL GET HTTP/2
i.imgur.com/uvGVFiJ.png
IP
151.101.236.193:443
ASN
#54113 FASTLY

Requested by
https://kjgluyi.pages.dev/robots.txt
Certificate
IssuerSectigo Limited
Subject*.imgur.com
Fingerprint39:5B:E1:0D:4A:FC:A4:C7:F3:71:DE:C4:5C:12:69:F9:5F:58:9F:42
ValidityThu, 15 Feb 2024 00:00:00 GMT - Fri, 14 Feb 2025 23:59:59 GMT

File type
PNG image data, 1700 x 942, 8-bit/color RGBA, non-interlaced
Size
302 kB (301714 bytes)
Hash
43a5759d06368e13672b9ed6f8407a42
072a0b13c56caa11fffee35c0eff76b30d864627
785b2999e56633f168500b356a96fde5a7ffe5dd35b051aa9385090644053b37

HTTP Headers

GET /uvGVFiJ.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kjgluyi.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
last-modified: Mon, 26 Sep 2022 10:29:58 GMT
etag: "43a5759d06368e13672b9ed6f8407a42"
x-amz-storage-class: STANDARD_IA
x-amz-cf-pop: JFK50-P6
x-amz-cf-id: yJH_WSMYw76w6m0e9UduDVV_qFyUriMDVq09-DGCJl2ftC_RmOwarg==
cache-control: public, max-age=31536000
accept-ranges: bytes
age: 817152
date: Tue, 07 May 2024 04:41:02 GMT
x-served-by: cache-iad-kcgs7200163-IAD, cache-osl6540-OSL
x-cache: Miss from cloudfront, HIT, MISS
x-cache-hits: 67, 0
x-timer: S1715056862.307738,VS0,VE111
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 301714
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (10)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

HTTP Transactions (6)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP