Report - on-clouds-a96f.oifadccrsi.workers.dev/

Report Overview

Submitted URL
on-clouds-a96f.oifadccrsi.workers.dev/
IP
104.21.78.92
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-19 05:41:04
Access
public
Website Title
Onedrive
Final URL
on-clouds-a96f.oifadccrsi.workers.dev/10c2cecf-fa2c-402a-9581-f3c5c312b964
Tags
suspicious
urlquery detections
Suspicious - Anti-debugging code

Detections

urlquery
3
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-04-18	456 B	7.2 kB	104.17.25.14
image.similarpng.com	335522	2019-08-19	2020-04-02	2024-02-22	464 B	70 kB	104.18.42.227
img2.pngdownload.id	577768	2019-01-12	2019-04-25	2024-02-22	500 B	56 kB	104.21.51.164
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-04-18	790 B	62 kB	142.250.74.138
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-19	412 B	1.6 kB	142.250.74.106
www.pinclipart.com	50700	2018-12-26	2019-01-25	2024-04-14	455 B	44 kB	173.208.137.67
encrypted-tbn0.gstatic.com	unknown	2008-02-11	2013-05-31	2024-04-19	1.5 kB	18 kB	142.250.74.174
ka-f.fontawesome.com	3598	2012-10-18	2019-12-17	2024-04-18	1.0 kB	89 kB	104.21.26.223
blobs.officehome.msocdn.com	13490	2013-06-17	2019-09-27	2024-02-25	434 B	0 B	0.0.0.0
on-clouds-a96f.oifadccrsi.workers.dev	unknown	2019-02-08	2023-11-04	2024-02-07	963 B	3.4 MB	172.67.219.21
code.jquery.com	634	2005-12-10	2012-05-21	2024-04-18	1.3 kB	86 kB	151.101.194.137
kit.fontawesome.com	1868	2012-10-18	2019-12-16	2024-04-18	424 B	16 kB	104.18.40.68
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18	2024-04-18	920 B	196 kB	104.18.10.207

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-18	medium	on-clouds-a96f.oifadccrsi.workers.dev/	Microsoft OneDrive
2024-04-18	medium	on-clouds-a96f.oifadccrsi.workers.dev/	Microsoft OneDrive

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (42)

	URL	Size	First Seen	Last Seen
	unknown	472 B	2024-01-03	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-03 03:53:12 Last Seen2024-04-19 07:41:06 Times Seen8 Hash b5c0d24979479f53332f3eee5d343300 12124f21e81c5a813952a13ea63081e778f5c4f4 a8f5d91eabf617b1b22f2b2f0ccefd239f3888260e8dbb693429535b83e44404 Loading...

	unknown	16 kB	2024-01-03	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-03 03:53:12 Last Seen2024-04-19 07:41:06 Times Seen8 Hash a90f6cc16113c3904cc9a224e625e062 41866563db8071cf1736e367c1d0e3b7e50f1d21 222ca3861912225368c326907c7900e6c2b413115819ad2b12338026778ac853 Loading...

	code.jquery.com/jquery-3.2.1.slim.min.js	70 kB	2023-03-07	2024-05-02
Pretty URL code.jquery.com/jquery-3.2.1.slim.min.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:43 Last Seen2024-05-02 10:54:44 Times Seen107258 Hash 5f48fc77cac90c4778fa24ec9c57f37d 9e89d1515bc4c371b86f4cb1002fd8e377c1829f 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398 Loading...

	unknown	1.2 MB	2024-01-03	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-03 03:53:11 Last Seen2024-04-19 07:41:06 Times Seen5 Hash 8319f3d2e3860e76101001c0e25fe266 534d56a7af1b2814e16f59400c0a7fbfab233327 08d47ae701719fce9a5f21e707a5f451a6eabc3f37ab9c3cf5c8244bc62d5698 Loading...

	unknown	124 kB	2024-01-03	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-03 03:53:12 Last Seen2024-04-19 07:41:06 Times Seen8 Hash 9aafe66f24fe1ad273d0b710bd3ddb1a 07e057537412b9ace25f39f04f80dc4e0dae7d4a 892e23f540ec6677d256326bc0c55301cdb3852484c5814ce863c0b035f89348 Loading...

	maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js	49 kB	2023-03-07	2024-05-02
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js IP 104.18.10.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-05-02 11:25:46 Times Seen138203 Hash 14d449eb8876fa55e1ef3c2cc52b0c17 a9545831803b1359cfeed47e3b4d6bae68e40e99 e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js	87 kB	2023-03-07	2024-05-02
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-02 13:16:15 Times Seen63947 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	unknown	34 B	2023-04-11	2024-05-02
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:16:40 Last Seen2024-05-02 12:18:11 Times Seen75872 Hash 572cb94037fffc2a0a53b465972e15f1 0d679b041a7c1ca45cc99e2d229fc2b86762838d 6487e4bdd0f51bbfd9105810a41755847fdae2c274e2fc325cd22356d7707e35 Loading...

	unknown	1.3 MB	2024-01-03	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-03 03:53:11 Last Seen2024-04-19 07:41:06 Times Seen5 Hash 466ddaa419ee3ebe377e54ba2b3546ef cc5286b9797019a58a33e4b8007e6b75739346f7 31e370c095089bd00eb1b7f387101fcd17de7222f5f9acc948b0eb2f0d174dc9 Loading...

	ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js	86 kB	2023-03-07	2024-05-02
Pretty URL ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-02 13:10:49 Times Seen387229 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

	kit.fontawesome.com/585b051251.js	12 kB	2023-11-29	2024-05-02
Pretty URL kit.fontawesome.com/585b051251.js IP 104.18.40.68 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-29 01:32:53 Last Seen2024-05-02 12:18:12 Times Seen8578 Hash 55d343a40c7166a79fd314f13cbb2e93 96904a849c32ca220e0aaa2ae3e81cf2b5cdf764 a1f75d6278713a84a8f28a392c77ca8a6a7c32bf14314d4a34a6ce2f06cfdf7a Loading...

	on-clouds-a96f.oifadccrsi.workers.dev/10c2cecf-fa2c-402a-9581-f3c5c312b964	1.5 MB	2024-01-03	2024-04-19
Pretty URL on-clouds-a96f.oifadccrsi.workers.dev/10c2cecf-fa2c-402a-9581-f3c5c312b964 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-03 03:53:12 Last Seen2024-04-19 07:41:06 Times Seen5 Hash 036d450dfba3bb31ebf5cb661c5b18db ad74ac588113dc09bcdaae4532b5d759ad318611 9f1fe527a04778044cfadc28e7c041d07c7d6f04ba544bac288c538275e146a1 Loading...

	unknown	458 B	2024-01-03	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-03 03:53:12 Last Seen2024-04-19 07:41:06 Times Seen8 Hash a38062058eca6ee0ab8de00b6fcc9b5c 024ab52150a448e9aa78376c9a504b0de430c729 8d77ee8717500889750238fd93341819e96a7ad5c395b1bdcae6050f3f6c5915 Loading...

	unknown	26 kB	2024-01-03	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-03 03:53:12 Last Seen2024-04-19 07:41:06 Times Seen8 Hash 7f8e1e0837ba4b70007bcb81a138720d 57904c71b18f334be5738427ca579dec418eb8b6 f9c17c2377d064a895b085a3145a0a37f0c4e0148dda6128c3f0d898bc9c6df1 Loading...

	code.jquery.com/jquery-3.1.1.min.js	87 kB	2023-03-07	2024-05-02
Pretty URL code.jquery.com/jquery-3.1.1.min.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-05-02 13:08:10 Times Seen266331 Hash e071abda8fe61194711cfc2ab99fe104 f647a6d37dc4ca055ced3cf64bbc1f490070acba 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf Loading...

	unknown	404 B	2024-01-03	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-03 03:53:12 Last Seen2024-04-19 07:41:06 Times Seen8 Hash da1a0753522d316dd5b648c3df435a45 7b642ef4d4ca42bf3b37203da7fb6c2ea146eccc 739da7dc2bcbd58212d447eeba0c31bff469ce883d8c8b09901a1f287fcc6859 Loading...

	unknown	291 kB	2024-01-03	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-03 03:53:11 Last Seen2024-04-19 07:41:06 Times Seen5 Hash 556ad5983f38f6d8eb05bde029234481 edf46b7b363243081d6596fdd761fc14cf145b4b faf7054a6ccaec52f111a3ada87223283b69a4d437ac0b3a77338a71afdae56f Loading...

	unknown	388 B	2024-01-03	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-03 03:53:12 Last Seen2024-04-19 07:41:06 Times Seen8 Hash a5f2444cf7adccf802fe95c3fb8bec67 f85fb782d1e5314c2859e21da05e00154610ef5f 2d6d2182c29ab6a75410159b0da8be1171ca36c690a7a98df3dcd249502e7f4e Loading...

	unknown	18 kB	2024-01-03	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-03 03:53:12 Last Seen2024-04-19 07:41:06 Times Seen8 Hash 0dd6c79a16bf95e85f5df6e0ee8f31c4 4dd29224f3e7a8385f45e7c660bf8d8510698a29 9c3d1d78b6b8dffdaf871bd89eeb8a1c925b58d769ba585baa5bcff03b49c171 Loading...

	unknown	8.8 kB	2024-01-03	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-03 03:53:12 Last Seen2024-04-19 07:41:06 Times Seen5 Hash f3768da38e73ad0ec3078f73afa0a58d c00918d7ac09b65aafdfd249f7077573d4fdf49a dce2bf0a4544ef24f48af09ef78b7751dea81a67e96baf62ce8373b0524e9f71 Loading...

	unknown	5.4 kB	2024-01-03	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-03 03:53:12 Last Seen2024-04-19 07:41:06 Times Seen5 Hash ffce978ac7c072db97633dac4a2b2503 020369143abdcaf788294318e9747517f693c2dd 64c0f30b609bfd51ecde20ad2a6b27ff6aeeaa542efbc0ee61967f611699dbde Loading...

	unknown	1.4 MB	2024-01-03	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-03 03:53:11 Last Seen2024-04-19 07:41:06 Times Seen5 Hash 8cf167d0110241ef8d9ab8a784846a24 ca5e931cd27406318ac4d4af5a2d624d6ce7011c a65d66c5b26df61f09f840e0989aaa328dc6323ffd3e6f85448c16a882f1c2a2 Loading...

	unknown	12 kB	2024-01-03	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-03 03:53:12 Last Seen2024-04-19 07:41:06 Times Seen5 Hash e16e9be5c21b2700e310067f0864ca25 169b70d1d582aef942acccb84be6c9dcbef0f59c f331e3573dd269f756a4577c11f090b2beaf19c7e077282d480e0f2504a50d7c Loading...

	cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js	19 kB	2023-03-07	2024-05-02
Pretty URL cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-05-02 10:54:44 Times Seen112982 Hash 70d3fda195602fe8b75e0097eed74dde c3b977aa4b8dfb69d651e07015031d385ded964b a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66 Loading...

		Size	First Seen	Last Seen
	#1 Eval - d9e409a40bb7e24b95ac2cf05ca1e0cb	317 B	2023-12-04	2024-04-25
Pretty Observations First Seen2023-12-04 20:29:23 Last Seen2024-04-25 17:41:24 Times Seen25 Hash d9e409a40bb7e24b95ac2cf05ca1e0cb 492eb422533735a0ba01ba4ef7d37ffbd0993943 125b2a5664aeeba07a078738350021322612b8a104b7def081df28a18e346313 Loading...

	#2 Eval - aa280e2e51b649b2a650c9572139971f	298 B	2023-12-09	2024-04-25
Pretty Observations First Seen2023-12-09 13:52:18 Last Seen2024-04-25 17:41:24 Times Seen16 Hash aa280e2e51b649b2a650c9572139971f 66f142fce5cbeaf0391781f0cc1045602a0afceb 78854ed874b07027545735ab55a6358de21bca7e81d000bf1eb14a33b953afd3 Loading...

	#3 Eval - 3a9ddde2b30672199647a939a549d7fb	1.3 MB	2024-01-03	2024-04-19
Pretty Observations First Seen2024-01-03 03:53:13 Last Seen2024-04-19 07:41:07 Times Seen5 Hash 3a9ddde2b30672199647a939a549d7fb 8b80fb67697324092d70f9be9797b02ec7e48a0f c4d646f6f1902e38c4a6d6fb7b6e71cd319f0c600eb3a3e6ed59f6cebff43e53 Loading...

	#4 Eval - ffcbc5ce46f13e582f2bb8d031545363	1.3 MB	2024-01-03	2024-04-19
Pretty Observations First Seen2024-01-03 03:53:13 Last Seen2024-04-19 07:41:07 Times Seen5 Hash ffcbc5ce46f13e582f2bb8d031545363 b2d72d7bdc09b25fdb9e09fb2a6689ddd48fb5d2 5ae526da1fdc33697b926146477b92f19e8029a15de482b7aad1062571917941 Loading...

	#5 Eval - bb22144a721f4f6b2d2d3b915b8db2ca	888 B	2023-12-04	2024-04-25
Pretty Observations First Seen2023-12-04 20:29:23 Last Seen2024-04-25 17:41:24 Times Seen25 Hash bb22144a721f4f6b2d2d3b915b8db2ca e9c5a3e581acd9aebeaca614097b54de46f61135 cf9c81963d995e331bc4f674d00971efd35c35ff032391e8fcb9c614d0e358d4 Loading...

	#6 Eval - fe9f211374d689e1a3f37f603409ea3a	2.3 kB	2023-12-04	2024-04-25
Pretty Observations First Seen2023-12-04 20:29:23 Last Seen2024-04-25 17:41:24 Times Seen25 Hash fe9f211374d689e1a3f37f603409ea3a e8efe80b937fd681f60e009b021156a325562d07 3303b3a626e68e9fe22670f7a54c9ce1e72875e0085f49ceef6dcfb9a878f595 Loading...

	#7 Eval - 88263a7dd7ebcd1228e404b60310fb61	3.1 kB	2023-12-04	2024-04-25
Pretty Observations First Seen2023-12-04 20:29:23 Last Seen2024-04-25 17:41:24 Times Seen22 Hash 88263a7dd7ebcd1228e404b60310fb61 0bdf79a399d285e44c029cc27bcfe663b908dbea 25bded14fd214d715a97326ef4e959e707a13659b30d5a0d626b95f292c5e663 Loading...

		Size	First Seen	Last Seen
	#1 Write - f7cda50656e22e7d21150b47c49f591f	195 B	2023-12-04	2024-04-25
Pretty Observations First Seen2023-12-04 20:29:24 Last Seen2024-04-25 17:41:25 Times Seen25 Hash f7cda50656e22e7d21150b47c49f591f ee6a2b6f4f680133ff512d383f0a97fccd6da985 fc417708be3e2b4b579cdfbc217c9747b3ad8bf03e3e52b30fce1def4e656387 Loading...

	#2 Write - 8727a7e66258baa1dbd710cb808ba7c5	1.2 MB	2024-01-03	2024-04-19
Pretty Observations First Seen2024-01-03 03:53:13 Last Seen2024-04-19 07:41:07 Times Seen5 Hash 8727a7e66258baa1dbd710cb808ba7c5 a5d450efa0b84a216cbd29e56dafaf955629e4a2 ac720ef970b6cd07106b20b1751f923584feeb85f7d59c14d55a2af49b36ee6b Loading...

	#3 Write - 7571c35660d8d39df3197534a307b52c	1.3 MB	2024-01-03	2024-04-19
Pretty Observations First Seen2024-01-03 03:53:14 Last Seen2024-04-19 07:41:07 Times Seen5 Hash 7571c35660d8d39df3197534a307b52c 5c0827974b6e083b1dfa1060ed4e77d4b966a92f 88e8defb4aaa5322f774b97b976c62d5efa4c17e2516cb7ac76b0fec94bd5476 Loading...

	#4 Write - 85bf7720f8a3c88d5b26bb06298bde65	243 kB	2023-12-04	2024-04-19
Pretty Observations First Seen2023-12-04 20:29:23 Last Seen2024-04-19 07:41:07 Times Seen14 Hash 85bf7720f8a3c88d5b26bb06298bde65 049de5c2efa1d2b86fb08652027f5b04cde74415 d4d4c4766c5d4429d1397c969ff1a987d40949c5981daf8fa260687be8c35b22 Loading...

	#5 Write - 0de2ebe3cdbefcef236e6a75c40c0494	684 B	2023-12-04	2024-04-25
Pretty Observations First Seen2023-12-04 20:29:23 Last Seen2024-04-25 17:41:25 Times Seen25 Hash 0de2ebe3cdbefcef236e6a75c40c0494 6f5ad7c5cbf6ef6120ecdb49635e563a7f586db1 1497175f7b9810f90fc3faf090ce72dee6d2d139e0c971fe987f131f04b59ccd Loading...

	#6 Write - 4ff04c27dead24b23ee5ea19b8d4c6a0	206 B	2023-12-04	2024-04-25
Pretty Observations First Seen2023-12-04 20:29:23 Last Seen2024-04-25 17:41:25 Times Seen25 Hash 4ff04c27dead24b23ee5ea19b8d4c6a0 46447de0f9c6820993f3086713835b40d2d79e68 088ae2260c39783f42c0196a24bdb4d982d43e4f84602a782adcdbef6f3b17c2 Loading...

	#7 Write - 197f8f5314238fc7cc89c79026a6ff17	197 B	2023-12-04	2024-04-25
Pretty Observations First Seen2023-12-04 20:29:24 Last Seen2024-04-25 17:41:25 Times Seen25 Hash 197f8f5314238fc7cc89c79026a6ff17 90c82deb6d7efe445cf581440f0e24742589b46a 25a703a9de328af971e098decdf9bd201c726616e1bafc126c2503d807aeb946 Loading...

	#8 Write - b76ac975aef56f99e4ab2eaf7e3ae533	180 B	2023-12-09	2024-04-25
Pretty Observations First Seen2023-12-09 13:52:18 Last Seen2024-04-25 17:41:24 Times Seen16 Hash b76ac975aef56f99e4ab2eaf7e3ae533 066e0964275cbff0998f0b7adbffe4349da887ca 1e856241859ab2ac21ac10b76438c07a32bf0c23414ae6b378ef40404b2f0af3 Loading...

	#9 Write - 65e664e9c8f43d13efc20a9fe2941489	1.4 MB	2024-01-03	2024-04-19
Pretty Observations First Seen2024-01-03 03:53:13 Last Seen2024-04-19 07:41:07 Times Seen5 Hash 65e664e9c8f43d13efc20a9fe2941489 3eb289fb8b96b018b4d2fe3aa063d920e89fb9bb f3bb98e43017d9965fa36f76dcf272f59cfde31603256abb04704ff30b4f24f1 Loading...

	#10 Write - 9edf0a72820c9a23c7009211f88ac256	691 B	2023-12-04	2024-04-25
Pretty Observations First Seen2023-12-04 20:29:24 Last Seen2024-04-25 17:41:25 Times Seen22 Hash 9edf0a72820c9a23c7009211f88ac256 690cd103cee2f07275630606daa8107cd8d97d32 124773965a05b7c63288d98b8338173aed69e588232a9c93e277a2a548b4968d Loading...

	#11 Write - 98c8d2b4b895f84ca2149ea55d82c04b	188 B	2023-12-04	2024-04-19
Pretty Observations First Seen2023-12-04 20:29:24 Last Seen2024-04-19 07:41:07 Times Seen11 Hash 98c8d2b4b895f84ca2149ea55d82c04b 61756b588a0a25be879f11e00498f234c352c296 b39c553f74854a0278ebe7980433336f1ca7b82509eb0a6a13342869e33eff3b Loading...

HTTP Transactions (21)

URL IP Response Size

code.jquery.com/jquery-3.4.1.min.js

151.101.194.137

200 OK

31 kB

URL GET HTTP/2
code.jquery.com/jquery-3.4.1.min.js
IP
151.101.194.137:443
ASN
#54113 FASTLY

Requested by
https://on-clouds-a96f.oifadccrsi.workers.dev/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
31 kB (30638 bytes)
Hash
220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

HTTP Headers

GET /jquery-3.4.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://on-clouds-a96f.oifadccrsi.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15851"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 19 Apr 2024 05:40:34 GMT
age: 5423732
x-served-by: cache-lga21965-LGA, cache-hel1410020-HEL
x-cache: HIT, HIT
x-cache-hits: 23, 4558
x-timer: S1713505235.524099,VS0,VE0
vary: Accept-Encoding
content-length: 30638
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.1.1.min.js

151.101.194.137

200 OK

30 kB

URL GET HTTP/2
code.jquery.com/jquery-3.1.1.min.js
IP
151.101.194.137:443
ASN
#54113 FASTLY

Requested by
https://on-clouds-a96f.oifadccrsi.workers.dev/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32030)
Size
30 kB (30070 bytes)
Hash
e071abda8fe61194711cfc2ab99fe104
f647a6d37dc4ca055ced3cf64bbc1f490070acba
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

HTTP Headers

GET /jquery-3.1.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-152b5"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 19 Apr 2024 05:40:37 GMT
age: 18704637
x-served-by: cache-lga21947-LGA, cache-hel1410020-HEL
x-cache: HIT, HIT
x-cache-hits: 118, 1160
x-timer: S1713505238.556590,VS0,VE0
vary: Accept-Encoding
content-length: 30070
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.2.1.slim.min.js

151.101.194.137

200 OK

24 kB

URL GET HTTP/2
code.jquery.com/jquery-3.2.1.slim.min.js
IP
151.101.194.137:443
ASN
#54113 FASTLY

Requested by
https://on-clouds-a96f.oifadccrsi.workers.dev/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32012)
Size
24 kB (23856 bytes)
Hash
5f48fc77cac90c4778fa24ec9c57f37d
9e89d1515bc4c371b86f4cb1002fd8e377c1829f
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

HTTP Headers

GET /jquery-3.2.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://on-clouds-a96f.oifadccrsi.workers.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-10fdd"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 19 Apr 2024 05:40:37 GMT
age: 975371
x-served-by: cache-lga21963-LGA, cache-hel1410020-HEL
x-cache: HIT, HIT
x-cache-hits: 40, 1195
x-timer: S1713505238.573691,VS0,VE0
vary: Accept-Encoding
content-length: 23856
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js

104.17.25.14

200 OK

6.2 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://on-clouds-a96f.oifadccrsi.workers.dev/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (19015)
Size
6.2 kB (6157 bytes)
Hash
70d3fda195602fe8b75e0097eed74dde
c3b977aa4b8dfb69d651e07015031d385ded964b
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

HTTP Headers

GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://on-clouds-a96f.oifadccrsi.workers.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 05:40:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 6157
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-4af4"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2950121
expires: Wed, 09 Apr 2025 05:40:37 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Op3ifroVFa6zJVr0zK1lvqhpn%2FFvZwx83HuD3Z4GdXZ5cKiF8WyA3l%2BF7izU66kOjeeYUEVsufklz8uwN7CcfeXb%2FIQ9b%2BTU9HwigINLbaLh2%2Fsds530IxX716sVrTXctIWCzUyH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 876a8f96fc33b524-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

142.250.74.138

200 OK

30 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://on-clouds-a96f.oifadccrsi.workers.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
JavaScript source, ASCII text, with very long lines (32065)
Size
30 kB (30028 bytes)
Hash
2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

HTTP Headers

GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:38:23 GMT
expires: Fri, 18 Apr 2025 17:38:23 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 43334
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

142.250.74.138

200 OK

30 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://on-clouds-a96f.oifadccrsi.workers.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
JavaScript source, ASCII text, with very long lines (32058)
Size
30 kB (30306 bytes)
Hash
c9f5aeeca3ad37bf2aa006139b935f0a
1055018c28ab41087ef9ccefe411606893dabea2
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

HTTP Headers

GET /ajax/libs/jquery/3.2.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30306
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:46:15 GMT
expires: Fri, 18 Apr 2025 17:46:15 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 42862
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

image.similarpng.com/very-thumbnail/2021/09/Outlook-icon-on-transparent-background-PNG.png

104.18.42.227

200 OK

69 kB

URL GET HTTP/2
image.similarpng.com/very-thumbnail/2021/09/Outlook-icon-on-transparent-background-PNG.png
IP
104.18.42.227:443
ASN
#13335 CLOUDFLARENET

Requested by
https://on-clouds-a96f.oifadccrsi.workers.dev/
Certificate
IssuerLet's Encrypt
Subjectsimilarpng.com
FingerprintC6:5C:BC:56:BF:1C:C6:FB:AE:4B:BD:00:DB:C7:57:6B:28:B5:F9:A2
ValiditySun, 07 Apr 2024 23:02:14 GMT - Sat, 06 Jul 2024 23:02:13 GMT

File type
PNG image data, 600 x 600, 8-bit/color RGB, non-interlaced
Size
69 kB (69286 bytes)
Hash
023bff6503a7c777fb61eb08bc9ce84a
3626702eafe338c3f89d22949f3a397d6ceafb0f
e4aaea8bc5be7cc2e82bd23355aa9a29b5f8c58a234293e188b90d589e9033db

HTTP Headers

GET /very-thumbnail/2021/09/Outlook-icon-on-transparent-background-PNG.png HTTP/1.1
Host: image.similarpng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 19 Apr 2024 05:40:37 GMT
content-type: image/png
content-length: 69286
last-modified: Mon, 13 Sep 2021 14:14:39 GMT
x-rgw-object-type: Normal
etag: "023bff6503a7c777fb61eb08bc9ce84a"
x-amz-request-id: tx0000003f50fef0bfe2dcb-0065f5c46a-4f6a37aa-nyc3b
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-do-cdn-uuid: 072a0ebe-bbef-4350-ab6e-e04d2ac99d6c
cache-control: max-age=3600
x-envoy-upstream-healthchecked-cluster: 
cf-cache-status: HIT
accept-ranges: bytes
set-cookie: __cf_bm=pdA_EElUYA8u04MikM4czWMd_256fz0TbjU5dTyejDg-1713505237-1.0.1.1-N7CUJ2YQr48lAY1.6i5b_XC1KJDGfhMrHF_eXVRdsAC2DPYVtzexTYDE262iUMzEO4KV6.n.8KIxJyNl4S3fXA; path=/; expires=Fri, 19-Apr-24 06:10:37 GMT; domain=.image.similarpng.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 876a8f97abd6b4f1-OSL
X-Firefox-Spdy: h2

img2.pngdownload.id/20180327/wfq/kisspng-microsoft-office-365-office-online-computer-softwa-office-5abb01d66a0b39.1638325715222051424344.jpg

104.21.51.164

200 OK

55 kB

URL GET HTTP/2
img2.pngdownload.id/20180327/wfq/kisspng-microsoft-office-365-office-online-computer-softwa-office-5abb01d66a0b39.1638325715222051424344.jpg
IP
104.21.51.164:443
ASN
#13335 CLOUDFLARENET

Requested by
https://on-clouds-a96f.oifadccrsi.workers.dev/
Certificate
IssuerLet's Encrypt
Subjectpngdownload.id
Fingerprint04:56:C9:04:A2:CF:81:63:D7:53:B9:89:4B:DA:1A:AA:7B:9C:3B:A6
ValiditySat, 24 Feb 2024 04:00:30 GMT - Fri, 24 May 2024 04:00:29 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 900x540, components 3
Size
55 kB (54749 bytes)
Hash
fa9c94c3e02ab946abd124563c15e15c
ee73ec14e36011125124a5f739741b4b3d44e7d7
e6e8d049eae71adc7885cd270fb033e975af9ead0ca3535a40debdd00a78e502

HTTP Headers

GET /20180327/wfq/kisspng-microsoft-office-365-office-online-computer-softwa-office-5abb01d66a0b39.1638325715222051424344.jpg HTTP/1.1
Host: img2.pngdownload.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 05:40:37 GMT
content-type: image/jpeg
content-length: 54749
last-modified: Wed, 28 Mar 2018 02:45:42 GMT
etag: "5abb01d6-d5dd"
expires: Sun, 28 Apr 2024 13:30:39 GMT
cache-control: max-age=864000
cf-cache-status: HIT
age: 58153
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ggyongpBciw5U9UMmSgN5r1odnzFGh5ZQhddUEI6byMZB7C4ZTtimADEL%2FtPTbtTt3Xf4mVe%2BqTj%2BsamSS1EBrppzZ6HBbZXDYeZZNeRurFk4R6JYHCjGSGUUMwvBatXYt8jgoHp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876a8f981a140b45-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Archivo+Narrow&display=swap

142.250.74.106

200 OK

938 B

URL GET HTTP/2
fonts.googleapis.com/css?family=Archivo+Narrow&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://on-clouds-a96f.oifadccrsi.workers.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
gzip compressed data, max compression
Size
938 B (938 bytes)
Hash
0489e88262cb445c562972d32ee2f36d
8878b9373296ccf495080621285382b1812b60fd
15600c35328c892541f889239e7dfa0d746b976a87e14e35ba5cedd7ba72d1c5

HTTP Headers

GET /css?family=Archivo+Narrow&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 19 Apr 2024 05:40:37 GMT
date: Fri, 19 Apr 2024 05:40:37 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.pinclipart.com/picdir/middle/80-804103_office-365-is-securable-but-not-secure-microsoft.png

173.208.137.67

43 kB

URL GET
www.pinclipart.com/picdir/middle/80-804103_office-365-is-securable-but-not-secure-microsoft.png
IP
173.208.137.67:0
ASN
#32097 WII

Requested by
https://on-clouds-a96f.oifadccrsi.workers.dev/
Certificate
IssuerLet's Encrypt
Subjectpinclipart.com
Fingerprint28:5C:90:B4:39:AF:0A:77:7A:6A:C1:05:34:07:A7:89:9C:38:9E:F9
ValidityFri, 01 Mar 2024 22:46:49 GMT - Thu, 30 May 2024 22:46:48 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 880x917, components 3
Size
43 kB (43394 bytes)
Hash
2160e26fb1da62c4e66d1ba92b87358a
49c74bdcfd0e85427accd33614dede7ae9a2fede
c11e0dff418ff81f05a64998df774bf601715aeac44341959b918c34b41d3251

HTTP Headers

GET /picdir/middle/80-804103_office-365-is-securable-but-not-secure-microsoft.png HTTP/1.1
Host: www.pinclipart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.14.0
Date: Fri, 19 Apr 2024 05:40:38 GMT
Content-Type: image/png
Last-Modified: Sun, 22 Dec 2019 06:56:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5dff1380-1ab6d"
Content-Encoding: gzip

encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcSwt0Wr5uodzG7-sVzAC53bWMdf9_lngTlrKiQsRxw48YJ6hAOCn-GFa__IymxiQseYF0s&usqp=CAU

142.250.74.174

200 OK

4.0 kB

URL GET HTTP/2
encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcSwt0Wr5uodzG7-sVzAC53bWMdf9_lngTlrKiQsRxw48YJ6hAOCn-GFa__IymxiQseYF0s&usqp=CAU
IP
142.250.74.174:443
ASN
#15169 GOOGLE

Requested by
https://on-clouds-a96f.oifadccrsi.workers.dev/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
PNG image data, 263 x 192, 8-bit colormap, non-interlaced
Size
4.0 kB (3974 bytes)
Hash
e7a215ff694499e8c3c24f05cd1b2447
8d24989ea451693dd06bd55f3db10262cc0025f8
ac9ca3052e8894414df2ca5f150f03ea086e07899634a98c9452ae73a86ac9b0

HTTP Headers

GET /images?q=tbn:ANd9GcSwt0Wr5uodzG7-sVzAC53bWMdf9_lngTlrKiQsRxw48YJ6hAOCn-GFa__IymxiQseYF0s&usqp=CAU HTTP/1.1
Host: encrypted-tbn0.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-length: 3974
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 13:31:15 GMT
expires: Fri, 18 Apr 2025 13:31:15 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Nov 2019 04:48:28 GMT
content-type: image/png
age: 58163
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

kit.fontawesome.com/585b051251.js

104.18.40.68

200 OK

16 kB

URL GET HTTP/2
kit.fontawesome.com/585b051251.js
IP
104.18.40.68:443
ASN
#13335 CLOUDFLARENET

Requested by
https://on-clouds-a96f.oifadccrsi.workers.dev/
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint93:F9:69:8C:73:B0:08:60:65:F3:39:41:39:66:D3:2B:78:3A:6E:3D
ValidityMon, 04 Dec 2023 00:00:00 GMT - Fri, 03 Jan 2025 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
16 kB (15697 bytes)
Hash
ff26e7b6953aefdd200e91347bce897c
ceb0b2c105a7661c2d9e98aceda45bb1fa6f150c
24f85669395fef05e82b0716c528bc25cf254ff22349b20e3990ceb1a922592c

HTTP Headers

GET /585b051251.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://on-clouds-a96f.oifadccrsi.workers.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 05:40:37 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, stale-while-revalidate=30
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: F8eGjWNEH2j3Xv-dT-Vh
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 876a8f970906568a-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQEgm6xT0Oa1ZGAnJKTY4Ijvse1mMtUmNS43Ee1fTLRmkzvBaqkRFvykICJdk9KLfVV46Q&usqp=CAU

142.250.74.174

200 OK

4.9 kB

URL GET HTTP/2
encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQEgm6xT0Oa1ZGAnJKTY4Ijvse1mMtUmNS43Ee1fTLRmkzvBaqkRFvykICJdk9KLfVV46Q&usqp=CAU
IP
142.250.74.174:443
ASN
#15169 GOOGLE

Requested by
https://on-clouds-a96f.oifadccrsi.workers.dev/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 282x179, components 3
Size
4.9 kB (4896 bytes)
Hash
55c096df4a450f1990e5ef99c4487ad0
9be2024a77adbe61ca34b5c60506efd7bd5031f9
f278759a7bacecd4acecee9386bd0937cd0da327967de61c48381c8fe9a1963b

HTTP Headers

GET /images?q=tbn:ANd9GcQEgm6xT0Oa1ZGAnJKTY4Ijvse1mMtUmNS43Ee1fTLRmkzvBaqkRFvykICJdk9KLfVV46Q&usqp=CAU HTTP/1.1
Host: encrypted-tbn0.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-length: 4896
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 16:44:46 GMT
expires: Fri, 18 Apr 2025 16:44:46 GMT
cache-control: public, max-age=31536000
age: 46553
last-modified: Sat, 13 Oct 2018 22:03:27 GMT
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcR8X9YX2EtdgLet95X7sJ_9UI7Jst0vgxUMYNTt3m8npKpU6K_Wi9379Twj3GwyTnqrUiU&usqp=CAU

142.250.74.174

200 OK

7.2 kB

URL GET HTTP/2
encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcR8X9YX2EtdgLet95X7sJ_9UI7Jst0vgxUMYNTt3m8npKpU6K_Wi9379Twj3GwyTnqrUiU&usqp=CAU
IP
142.250.74.174:443
ASN
#15169 GOOGLE

Requested by
https://on-clouds-a96f.oifadccrsi.workers.dev/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
PNG image data, 225 x 225, 8-bit colormap, non-interlaced
Size
7.2 kB (7164 bytes)
Hash
ea6e682d600503feffd3a1bb3dec2c50
23ee21668b7383afe3aef550faafa8241f6322bb
2b5e34b465ea48aa40348054e373b5cc8d72a04452cabaa1d54c1a3d0cab54a1

HTTP Headers

GET /images?q=tbn:ANd9GcR8X9YX2EtdgLet95X7sJ_9UI7Jst0vgxUMYNTt3m8npKpU6K_Wi9379Twj3GwyTnqrUiU&usqp=CAU HTTP/1.1
Host: encrypted-tbn0.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-length: 7164
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 16:44:46 GMT
expires: Fri, 18 Apr 2025 16:44:46 GMT
cache-control: public, max-age=31536000
age: 46552
last-modified: Thu, 17 Oct 2019 04:38:22 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css

104.18.10.207

200 OK

145 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://on-clouds-a96f.oifadccrsi.workers.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
ASCII text, with very long lines (65325)
Size
145 kB (144877 bytes)
Hash
450fc463b8b1a349df717056fbb3e078
895125a4522a3b10ee7ada06ee6503587cbf95c5
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

HTTP Headers

GET /bootstrap/4.0.0/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://on-clouds-a96f.oifadccrsi.workers.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 05:40:37 GMT
content-type: text/css; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"450fc463b8b1a349df717056fbb3e078"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 03/18/2024 12:51:41
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1048
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 5a95e5dae1e00ae715e90a9908587a9a
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 876a8f971c3c1c0e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=585b051251

104.21.26.223

200 OK

60 kB

URL GET HTTP/2
ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=585b051251
IP
104.21.26.223:443
ASN
#13335 CLOUDFLARENET

Requested by
https://on-clouds-a96f.oifadccrsi.workers.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectka-f.fontawesome.com
Fingerprint8D:43:33:42:48:C0:F5:34:71:EC:49:69:9C:62:01:4A:6F:41:11:98
ValidityTue, 05 Mar 2024 09:23:28 GMT - Mon, 03 Jun 2024 09:23:27 GMT

File type
ASCII text, with very long lines (60130)
Size
60 kB (60312 bytes)
Hash
a12ec7ebe75a4d59a5dd6b79e2ba2e16
28f5dcc595ee6d4163481ef64170180502c8629b
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

HTTP Headers

GET /releases/v5.15.4/css/free.min.css?token=585b051251 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://on-clouds-a96f.oifadccrsi.workers.dev/
Origin: https://on-clouds-a96f.oifadccrsi.workers.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 05:40:37 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wah5OIG7Yj9aMBvKxzOGp3RGYRcQsYMYbbJvNNtR5c3iKUeVhvlxQA==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uqqbj7JtN%2BNa7A6%2BIuv45sGyXrqMZn%2F9QPvRuqt6gV%2BWzQnLGwpsOzYKbnOHXT0wwexgVEsEOquv%2BB8o1%2FTmAb3kwdy3DjX4sCMrxzzxX63myniymXR7Dwsb8Nu%2FDxJkn%2Ba9M6s1UQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876a8f988b487127-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

blobs.officehome.msocdn.com/images/content/images/favicon-8f211ea639.ico

0.0.0.0

0 B

URL GET
blobs.officehome.msocdn.com/images/content/images/favicon-8f211ea639.ico
IP
0.0.0.0:0
ASN
#0

Requested by
https://on-clouds-a96f.oifadccrsi.workers.dev/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/content/images/favicon-8f211ea639.ico HTTP/1.1
Host: blobs.officehome.msocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

on-clouds-a96f.oifadccrsi.workers.dev/

172.67.219.21

200 OK

2.0 MB

URL User Request GET HTTP/2
on-clouds-a96f.oifadccrsi.workers.dev/
IP
172.67.219.21:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectoifadccrsi.workers.dev
FingerprintA9:B7:83:2F:56:95:BA:D1:C6:D5:0B:AC:0E:F5:80:98:C0:42:F6:A5
ValidityFri, 01 Mar 2024 13:36:52 GMT - Thu, 30 May 2024 13:36:51 GMT

File type

Size
2.0 MB (1955678 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Microsoft OneDrive

HTTP Headers

GET / HTTP/1.1
Host: on-clouds-a96f.oifadccrsi.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 05:40:34 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B0L5EB5k%2B5tmfjYTQa7SoCVyaYF4DiYzp%2F%2BDa7i0d8%2FZUDFedcZ2bIkN%2BqMFI3PX7YlXuBxCHqfNGKqcaTUZGmbiZXoQzOfklce7AgZZBsNfMeWByv1JcE80WYFjxZkabXwm6EHXB9Ssr62He02ND2pjLTobc7ag"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876a8f8119cd712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

on-clouds-a96f.oifadccrsi.workers.dev/favicon.ico

172.67.219.21

200 OK

1.5 MB

URL GET HTTP/3
on-clouds-a96f.oifadccrsi.workers.dev/favicon.ico
IP
172.67.219.21:443
ASN
#13335 CLOUDFLARENET

Requested by
https://on-clouds-a96f.oifadccrsi.workers.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectoifadccrsi.workers.dev
FingerprintA9:B7:83:2F:56:95:BA:D1:C6:D5:0B:AC:0E:F5:80:98:C0:42:F6:A5
ValidityFri, 01 Mar 2024 13:36:52 GMT - Thu, 30 May 2024 13:36:51 GMT

File type

Size
1.5 MB (1474381 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Microsoft OneDrive

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: on-clouds-a96f.oifadccrsi.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://on-clouds-a96f.oifadccrsi.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 19 Apr 2024 05:40:34 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4hHuFJ9pXEzdgQ0Do%2F32vmgH0ntKSvXtzsZAXxvMKkRxZUpB1fuIXAXQYwKW1rgI43tzL5YypGiEeRWJYm0nJ2s8Bm%2F3hohOXlhtOXKiZoiFkF6gEHj6mhIenAGFpS74qA%2Bs0LkvJhTy8PrRO1mv%2Fcq3Qwo8dpNU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876a8f84df6fb4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

104.18.10.207

200 OK

49 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://on-clouds-a96f.oifadccrsi.workers.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
JavaScript source, ASCII text, with very long lines (48664)
Size
49 kB (48944 bytes)
Hash
14d449eb8876fa55e1ef3c2cc52b0c17
a9545831803b1359cfeed47e3b4d6bae68e40e99
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

HTTP Headers

GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://on-clouds-a96f.oifadccrsi.workers.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 05:40:37 GMT
content-type: application/javascript; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 03/18/2024 12:46:36
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1048
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 9076ed1f0bc4cd57e2c2d7455a2e7b04
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 876a8f970c351c0e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=585b051251

104.21.26.223

200 OK

27 kB

URL GET HTTP/2
ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=585b051251
IP
104.21.26.223:443
ASN
#13335 CLOUDFLARENET

Requested by
https://on-clouds-a96f.oifadccrsi.workers.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectka-f.fontawesome.com
Fingerprint8D:43:33:42:48:C0:F5:34:71:EC:49:69:9C:62:01:4A:6F:41:11:98
ValidityTue, 05 Mar 2024 09:23:28 GMT - Mon, 03 Jun 2024 09:23:27 GMT

File type
ASCII text, with very long lines (26500)
Size
27 kB (26682 bytes)
Hash
76f34b71fc9fb641507ff6a822cc07f5
73ed2f8f21cd40fb496e61306acbb5849d4dbff4
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

HTTP Headers

GET /releases/v5.15.4/css/free-v4-shims.min.css?token=585b051251 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://on-clouds-a96f.oifadccrsi.workers.dev/
Origin: https://on-clouds-a96f.oifadccrsi.workers.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 05:40:37 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZDWADfeLb4uCaAGjcP3k2nbg5zivmD6ukoB0bNPHx_abZXOLg_rMaQ==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uR7Los5lY7WK7TvBrjZieY7lZo4FYv2OwZKfGV%2FBnkRuznLNPXumYhyAqxXGfTBJVtZo2Kdmh8smoWLVZhBhZ9Un7jd9B3ZxkFDMjjhX32%2F%2FQD%2F8sV2oeXa1ZebIdnGaA2wnxH38mQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876a8f989b4b7127-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (42)

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP