Report Overview
Visitedpublic
2026-03-03 08:15:00
Tags
Submit Tags
URL
kelmor-biz-zantix-17126.pages.dev/heartily_welcome
Finishing URL
kelmor-biz-zantix-17126.pages.dev/form_submit_appeal
IP / ASN
172.66.44.73
Title
Suspected phishing site | Cloudflare
Detections
urlquery
0
Network Intrusion Detection
3
Threat Detection Systems
2
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
get.geojs.io | 99948 | 2017-02-18 | 2017-03-30 | 2026-02-25 | 960 B | 2.4 kB | 172.67.70.233 |  |
kelmor-biz-zantix-17126.pages.dev 10 alert(s) on this Host | unknown | 2020-09-02 | 2026-03-03 | 2026-03-03 | 5.2 kB | 1.0 MB | 172.66.44.73 |   |
challenges.cloudflare.com | 11393 | 2009-02-17 | 2021-10-20 | 2026-03-01 | 811 B | 103 kB | 104.18.95.41 | |
smtpjs.com 1 alert(s) on this Host | 370400 | 2016-01-30 | 2016-02-01 | 2026-02-26 | 427 B | 5.4 kB |  172.239.57.117 |   |
Cloudflare (CDN)
Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.React (JavaScript frameworks)
React is an open-source JavaScript library for building user interfaces or UI components.SmtpJS:3 (Email)
SmtpJS is a free library you can use for sending emails from JavaScript.OpenResty (Web servers)
OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.Nginx (Web servers, Reverse proxies)
Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
| Timestamp | Severity | Source IP | Destination IP | Alert |
|---|---|---|---|---|
| low | Client IP | 172.66.44.73 | ET INFO Observed Cloudflare Page Developer Domain (pages .dev in TLS SNI) | |
| medium | Client IP | 172.67.70.233 | ET INFO External IP Address Lookup Domain (get .geojs .io) in TLS SNI | |
| medium | Client IP | 172.67.70.233 | ET INFO External IP Address Lookup Domain (get .geojs .io) in TLS SNI |
Threat Detection Systems
| Detection System | Indicator | Verdict | Alert |
|---|---|---|---|
| DNS4EU | kelmor-biz-zantix-17126.pages.dev | malicious | Sinkholed |
| Cloudflare DNS | smtpjs.com | malicious | Sinkholed |
JavaScript (6)
No JavaScripts
HTTP Transactions (15)
| URL | IP | Response | Size |
|---|