| nftstorage.link/ipfs/bafkreiducigww7pbzvwqizckrddofdyohjhst3zk2kfdkn5iqq5hdjbp6y?login=yahoo@yahoo.com&request_type=validate | 172.64.146.216 | | 0 B |
URL nftstorage.link/ipfs/bafkreiducigww7pbzvwqizckrddofdyohjhst3zk2kfdkn5iqq5hdjbp6y?login=yahoo@yahoo.com&request_type=validate IP172.64.146.216:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ipfs/bafkreiducigww7pbzvwqizckrddofdyohjhst3zk2kfdkn5iqq5hdjbp6y?login=yahoo@yahoo.com&request_type=validate HTTP/1.1
Host: nftstorage.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Wed, 17 Apr 2024 09:20:48 GMT
content-length: 0
location: https://bafkreiducigww7pbzvwqizckrddofdyohjhst3zk2kfdkn5iqq5hdjbp6y.ipfs.nftstorage.link/?login=yahoo@yahoo.com&request_type=validate
access-control-allow-origin: *
access-control-expose-headers: Link
server-timing: request;dur=0
vary: Accept-Encoding
server: cloudflare
cf-ray: 875b575d0c35abdb-CPH
X-Firefox-Spdy: h2
|
|
| khabardarkhabar.com/wp-includes/central/control_cahali/?login=yahoo@yahoo.com&page=null&request_type=validate&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null | 166.62.6.144 | | 1.1 kB |
URL khabardarkhabar.com/wp-includes/central/control_cahali/?login=yahoo@yahoo.com&page=null&request_type=validate&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null IP166.62.6.144:0 ASN#26496 AS-26496-GO-DADDY-COM-LLC
File typeHTML document, ASCII text, with CRLF line terminators Hash6db7a47ec6d317943dc8257774b334d3 76345b3169086b4a24bf90a32c039d426f346c0d 693f0d08840cb687052ff0717410b8c6c84c013e59155577582a83b50b41c652
GET /wp-includes/central/control_cahali/?login=yahoo@yahoo.com&page=null&request_type=validate&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null HTTP/1.1
Host: khabardarkhabar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafkreiducigww7pbzvwqizckrddofdyohjhst3zk2kfdkn5iqq5hdjbp6y.ipfs.nftstorage.link/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-powered-by: PHP/7.3.33
vary: Accept-Encoding
content-encoding: br
content-length: 1085
content-type: text/html; charset=UTF-8
date: Wed, 17 Apr 2024 09:20:51 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/turnstile/v0/api.js | 104.17.3.184 | | 0 B |
URL challenges.cloudflare.com/turnstile/v0/api.js IP104.17.3.184:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bandagrid.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Wed, 17 Apr 2024 09:20:52 GMT
content-length: 0
access-control-allow-origin: *
location: /turnstile/v0/b/bcc5fb0a8815/api.js
cache-control: max-age=300, public
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 875b5778082aabcc-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js | 142.250.181.202 | | 31 kB |
URL ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js IP142.250.181.202:0
File typeJavaScript source, ASCII text, with very long lines (65447) Hashcf2fbbf84281d9ecbffb4993203d543b 832a6a4e86daf38b1975d705c5de5d9e5f5844bc a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
GET /ajax/libs/jquery/3.6.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bandagrid.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 00:39:06 GMT
expires: Wed, 16 Apr 2025 00:39:06 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 117706
last-modified: Wed, 11 Jan 2023 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| bandagrid.top/cdn-cgi/challenge-platform/scripts/jsd/main.js | 188.114.97.1 | | 0 B |
URL bandagrid.top/cdn-cgi/challenge-platform/scripts/jsd/main.js IP188.114.97.1:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Yahoo |
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: bandagrid.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Wed, 17 Apr 2024 09:20:52 GMT
content-length: 0
cache-control: max-age=300, public
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VFsGjJpfnKjJkbnZcRMF8bYAG97h4DikLNC4fBHAXT9RKvUb77HVP%2BVfoGB7y2ToDPn76nRt8hTejnbpiz5gVzD4Mqjn6vJCdxeVaAWdFNdVSEDukLoabt1DE1gMr6Fv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875b57792bad6dea-CPH
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D | 104.17.3.184 | | 85 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D IP104.17.3.184:0
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hashff561da5868ec34cd18b86c09b939a5f 2835b3dc33f9c57cbc515cf7d3f13950b3345f11 a2d5cd7d7d855bfa77d021e0537d6e5fa9db85687fa4e93bf83ca76f7f9de065
GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/di93k/0x4AAAAAAADzWzgyzZH-kqvo/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:20:52 GMT
content-type: image/png
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 875b577a193692c4-CPH
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/286695531:1713343444:IajxjCkLOcxv7dJxyjn8eLLudSC6ri87nSvFCyj1eIo/875b57793f5b92c4/4c1f1d0b98e7a27 | 104.17.3.184 | | 111 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/286695531:1713343444:IajxjCkLOcxv7dJxyjn8eLLudSC6ri87nSvFCyj1eIo/875b57793f5b92c4/4c1f1d0b98e7a27 IP104.17.3.184:0
File typeASCII text, with very long lines (65536), with no line terminators Size111 kB (110564 bytes) Hash47b0df39e0f4b581eea96e26ed7a4e4c 9da9653b9834968ff647e351d09ff9f8f453f04f a3c192cb732d35edc855fa0576e2fe031781e4a0f27a94a795abc65ff02c1b02
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/286695531:1713343444:IajxjCkLOcxv7dJxyjn8eLLudSC6ri87nSvFCyj1eIo/875b57793f5b92c4/4c1f1d0b98e7a27 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/di93k/0x4AAAAAAADzWzgyzZH-kqvo/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 4c1f1d0b98e7a27
Content-Length: 2736
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:20:53 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: h2k5WxduKauGUnEzZ2lzFAlq3jzZXhHgSWoiePx6YNSP61h2xOIZlhWM+4BeppuKPzjoT2cANOpicJLUMeoT36Kqi2rZ8HgK3WCD+WuWxw8sNu/6LzCjmWgkY2o5uMPvklVSyQGc+zH4znARD1B67oFMHXZG1b0ZJS/7RBuFo8GQ5n4V+mpNb4CdCpoPiN299yw26fg+VB1IXkqGvWgLbM5BYc1jC9b+820krExXFJqehY1Kvkf47nKJp1IpdwXjMi7aMoj0U3SkpMNfaQGk2GnjANBI/9go3yFGkpnb/b/3QH+5RQJqptrrfXbCvWTtY1QlS/Rm7nVHLHPZ/StahXl9Y0DH3szsqiwIif+gcHfF+uY+82nRAKZe+vwzWDkHv85j8yFKU+OaSg7bsevF9RleWPvrsWWYvWJfGwmq1e3dh6o5IlNaAM8unz6UN0HRHGMffrZSa8rZgXpNmVAd7kHSakAKFc+UG8bGKCwGl/g=$lEHYeQbgFy0EEMlCdkXpxA==
server: cloudflare
cf-ray: 875b577c0dd592c4-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.google.com/s2/favicons?domain=yahoo.com | 142.250.74.164 | | 329 B |
URL www.google.com/s2/favicons?domain=yahoo.com IP142.250.74.164:0
File typeHTML document, ASCII text, with CRLF, LF line terminators Hash42284e554525151fc7cf570527fe2cb3 60cdfdef2ec66b6e929348179f246c63215f1494 7a9f0735ff7664cc9b2143f307774e7063cd4703160b03e84b4a6fd8bbf98728
GET /s2/favicons?domain=yahoo.com HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bandagrid.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://yahoo.com&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 17 Apr 2024 09:20:56 GMT
expires: Wed, 17 Apr 2024 09:50:56 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 329
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.google.com/s2/favicons?domain=yahoo.com | 142.250.74.164 | | 329 B |
URL www.google.com/s2/favicons?domain=yahoo.com IP142.250.74.164:0
File typeHTML document, ASCII text, with CRLF, LF line terminators Hash42284e554525151fc7cf570527fe2cb3 60cdfdef2ec66b6e929348179f246c63215f1494 7a9f0735ff7664cc9b2143f307774e7063cd4703160b03e84b4a6fd8bbf98728
GET /s2/favicons?domain=yahoo.com HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bandagrid.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://yahoo.com&size=16
x-content-type-options: nosniff
server: sffe
content-length: 329
x-xss-protection: 0
date: Wed, 17 Apr 2024 09:20:56 GMT
expires: Wed, 17 Apr 2024 09:50:56 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.google.com/s2/favicons?domain=yahoo.com | 142.250.74.164 | | 329 B |
URL www.google.com/s2/favicons?domain=yahoo.com IP142.250.74.164:0
File typeHTML document, ASCII text, with CRLF, LF line terminators Hash42284e554525151fc7cf570527fe2cb3 60cdfdef2ec66b6e929348179f246c63215f1494 7a9f0735ff7664cc9b2143f307774e7063cd4703160b03e84b4a6fd8bbf98728
GET /s2/favicons?domain=yahoo.com HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bandagrid.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://yahoo.com&size=16
x-content-type-options: nosniff
server: sffe
content-length: 329
x-xss-protection: 0
date: Wed, 17 Apr 2024 09:20:56 GMT
expires: Wed, 17 Apr 2024 09:50:56 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://yahoo.com&size=16 | 142.250.74.132 | | 287 B |
URL t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://yahoo.com&size=16 IP142.250.74.132:0
File typePNG image data, 16 x 16, 8-bit colormap, non-interlaced Hashe9a2cad2f6872ce5db1aca419fe95648 a9962a4f43b2c1a60bc1ff20f0e399e2505a4bd5 b6996ea45ee0e5676f30818e46dd1c3d75a2e7236031abde84d05eccddb672d6
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://yahoo.com&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bandagrid.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://s.yimg.com/rz/l/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 287
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 07:39:05 GMT
expires: Thu, 18 Apr 2024 07:39:05 GMT
cache-control: public, max-age=604800
age: 524511
last-modified: Mon, 23 Sep 2019 14:23:03 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://yahoo.com&size=16 | 142.250.74.132 | | 287 B |
URL t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://yahoo.com&size=16 IP142.250.74.132:0
File typePNG image data, 16 x 16, 8-bit colormap, non-interlaced Hashe9a2cad2f6872ce5db1aca419fe95648 a9962a4f43b2c1a60bc1ff20f0e399e2505a4bd5 b6996ea45ee0e5676f30818e46dd1c3d75a2e7236031abde84d05eccddb672d6
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://yahoo.com&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bandagrid.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://s.yimg.com/rz/l/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 287
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 07:39:05 GMT
expires: Thu, 18 Apr 2024 07:39:05 GMT
cache-control: public, max-age=604800
age: 524511
last-modified: Mon, 23 Sep 2019 14:23:03 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://yahoo.com&size=16 | 142.250.74.132 | | 287 B |
URL t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://yahoo.com&size=16 IP142.250.74.132:0
File typePNG image data, 16 x 16, 8-bit colormap, non-interlaced Hashe9a2cad2f6872ce5db1aca419fe95648 a9962a4f43b2c1a60bc1ff20f0e399e2505a4bd5 b6996ea45ee0e5676f30818e46dd1c3d75a2e7236031abde84d05eccddb672d6
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://yahoo.com&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bandagrid.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://s.yimg.com/rz/l/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 287
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 07:39:05 GMT
expires: Thu, 18 Apr 2024 07:39:05 GMT
cache-control: public, max-age=604800
age: 524511
last-modified: Mon, 23 Sep 2019 14:23:03 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| bandagrid.top/_oldguard_oxy/functions/spinner.gif | 188.114.97.1 | | 46 kB |
URL bandagrid.top/_oldguard_oxy/functions/spinner.gif IP188.114.97.1:0
File typeGIF image data, version 89a, 48 x 48 Hashbab0ad7ce20e911217791c00bcd4e35b 0822ac44951def4349090998b9ecb153128f03d5 bd750f550a5db2901c0bd52ec564da6adfbad55562b862b1f125d96d9d62b026
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Yahoo |
GET /_oldguard_oxy/functions/spinner.gif HTTP/1.1
Host: bandagrid.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bandagrid.top/_oldguard_oxy/?login=yahoo@yahoo.com&page=null&request_type=validate&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
Cookie: cf_clearance=x1YSXrIHrKqxIeAvKkI6Mq7zGjYk2_8hpAtCshpi88A-1713345653-1.0.1.1-pXCaspB15.2ad35t1dasAjiMFugERkvvGAsNrYTe9O6wFlyM4mIvM7piE6IiUsYSAnboo7phfFpsoRsFAjggJQ; captcha=1; PHPSESSID=1j0rknqusst3t437e6es0qauni
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:20:56 GMT
content-type: image/gif
content-length: 46341
last-modified: Wed, 07 Oct 2020 17:45:56 GMT
etag: "b505-5b118499e5d00"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SR%2BJtdEVik%2BlVNLxWTW6SsjIZreoaTfg5LqHW%2B1EjMzz%2Fkcc%2Bji0NE8DmRFwfamjxndHUyVbx27JYs9cSRGfq4kE7k9Qtvg0vplOdcHwLtpAmkuWR%2B2ET9mU%2B4H2UWMd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875b578ec9456dea-CPH
alt-svc: h3=":443"; ma=86400
|
|
| bandagrid.top/_oldguard_oxy/?login=yahoo@yahoo.com&page=null&request_type=validate&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null | 188.114.97.1 | | 4.5 kB |
URL bandagrid.top/_oldguard_oxy/?login=yahoo@yahoo.com&page=null&request_type=validate&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null IP188.114.97.1:0
File typeHTML document, ASCII text, with very long lines (1847), with no line terminators Hashe191b8b27f7befa0a85a8ae598894eda 4c9d8c9347cfea35d60738a81a46bf77b6ac3db2 900c59318bb98cffd840b4b70fa69784acda040dd38944ca89be345d9ecf9864
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Yahoo |
GET /_oldguard_oxy/?login=yahoo@yahoo.com&page=null&request_type=validate&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null HTTP/1.1
Host: bandagrid.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khabardarkhabar.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Wed, 17 Apr 2024 09:20:52 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.30
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zKtyIoapH%2B%2FCz%2BHfJ8URLTh5xiDnhBCExGQlMDuY5Rg0KQQYNDr80gb7k%2BiyH2%2B4X6c%2B0okWoIKmCHS%2BDHjcLHAxRivwBXzh299UtN%2BOk3jWWk14uUVk4%2BbFKBlf1eOr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875b577589ca92ec-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.js | 142.250.181.202 | 200 OK | 85 kB |
URL GET HTTP/3ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.js IP142.250.181.202:443
Requested byhttps://bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=validate&no_redrct=null&pcnt=null&no_psplash=null&pmax=null CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeJavaScript source, ASCII text Hash2849239b95f5a9a2aea3f6ed9420bb88 af32f706407ab08f800c5e697cce92466e735847 1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239
GET /ajax/libs/jquery/3.6.0/jquery.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bandagrid.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 85110
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 19:27:45 GMT
expires: Fri, 11 Apr 2025 19:27:45 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 481993
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css | 104.17.25.14 | 200 OK | 10 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css IP104.17.25.14:443
Requested byhttps://bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=validate&no_redrct=null&pcnt=null&no_psplash=null&pmax=null CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (58392) Hash76cb46c10b6c0293433b371bae2414b2 0038dc97c79451578b7bd48af60ba62282b4082b 876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84
GET /ajax/libs/font-awesome/5.13.0/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bandagrid.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 09:20:58 GMT
content-type: text/css; charset=utf-8
content-length: 10301
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e60-e4d2"
last-modified: Mon, 04 May 2020 16:10:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 384727
expires: Mon, 07 Apr 2025 09:20:58 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tqmsJbasddkhD%2FFFQ3liIP%2BhjDI0dJo1pXStb7Od6tDWvVXrlqx9bmyDWjdot8aZAAL6%2BVedOD32G%2BmHAu4ljDGfDh3G814CbPmdm9OZ2oi1cWmRRx8grvYM%2FObYAN8veFAXz6aV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 875b579cadeb92a9-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=validate&no_redrct=null&pcnt=null&no_psplash=null&pmax=null | 188.114.97.1 | 200 OK | 5.5 kB |
URL User Request GET HTTP/3bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=validate&no_redrct=null&pcnt=null&no_psplash=null&pmax=null IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectbandagrid.top Fingerprint2A:D4:6A:EF:D5:B3:DC:82:7D:5B:43:C2:5F:EF:F8:86:60:DA:33:A6 ValidityMon, 11 Mar 2024 19:03:23 GMT - Sun, 09 Jun 2024 19:03:22 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (376) Hashf3c92136d50cecf9abc6560ff589c1e3 731a44f7086b645c6d86c6fd7911a809fcdbbd9d 3fe116e5004f92f0d6eb52654160538642b51cadfff3a8b54aae2d87cc8e9849
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Yahoo | urlquery | suspicious | Suspicious - Anti-debugging code |
GET /_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=validate&no_redrct=null&pcnt=null&no_psplash=null&pmax=null HTTP/1.1
Host: bandagrid.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index.php?login=eWFob29AeWFob28uY29t&request_type=validate&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Cookie: cf_clearance=x1YSXrIHrKqxIeAvKkI6Mq7zGjYk2_8hpAtCshpi88A-1713345653-1.0.1.1-pXCaspB15.2ad35t1dasAjiMFugERkvvGAsNrYTe9O6wFlyM4mIvM7piE6IiUsYSAnboo7phfFpsoRsFAjggJQ; captcha=1; PHPSESSID=1j0rknqusst3t437e6es0qauni
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:20:58 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.30
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2C0vIAzNHPOGWESWtEibDiIppUQYqva%2FQPRchYJqLbexIcDd2SZBFCl0vIaBZKNBJYjVRgABPlYmHdTOg97itBovUEkcYnv42%2BLLXH%2BF%2F%2FWYQM2vAWl%2BjfJ4okjHDkJx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875b579b28646dea-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index_files/fudhoo_frontpage_en-US_s_f_w_bestfit_frontpage_2x.png | 188.114.97.1 | 200 OK | 1.4 kB |
URL GET HTTP/3bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index_files/fudhoo_frontpage_en-US_s_f_w_bestfit_frontpage_2x.png IP188.114.97.1:443
Requested byhttps://bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=validate&no_redrct=null&pcnt=null&no_psplash=null&pmax=null CertificateIssuerGoogle Trust Services LLC Subjectbandagrid.top Fingerprint2A:D4:6A:EF:D5:B3:DC:82:7D:5B:43:C2:5F:EF:F8:86:60:DA:33:A6 ValidityMon, 11 Mar 2024 19:03:23 GMT - Sun, 09 Jun 2024 19:03:22 GMT
File typePNG image data, 240 x 72, 8-bit colormap, non-interlaced Hashdd31f56b9e4dff40eb87447c3dc55b84 1908b34af2d15440d33dfc81fcb93aa9b271dc58 4f47ef8ff3dad2a78360ab207cf35ff2905622511c0426109f6e225052cf5637
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Yahoo |
GET /_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index_files/fudhoo_frontpage_en-US_s_f_w_bestfit_frontpage_2x.png HTTP/1.1
Host: bandagrid.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=validate&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=x1YSXrIHrKqxIeAvKkI6Mq7zGjYk2_8hpAtCshpi88A-1713345653-1.0.1.1-pXCaspB15.2ad35t1dasAjiMFugERkvvGAsNrYTe9O6wFlyM4mIvM7piE6IiUsYSAnboo7phfFpsoRsFAjggJQ; captcha=1; PHPSESSID=1j0rknqusst3t437e6es0qauni
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:20:58 GMT
content-type: image/png
content-length: 1391
last-modified: Thu, 22 Dec 2022 09:17:40 GMT
etag: "56f-5f06724029500"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5RiDfmLYf0leZ4t7hoYhz20Dt0j5p81bAW16zCfswGYCwvahuzvsA9NRabZpl%2FJYdVhGCvBwgbXa5k3FBZ0sKNn%2BAahZ3DDtmNlVpIlmjjP3g4kqIARQQc1VXRx%2Bg%2Bc6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875b579c4ad56dea-CPH
alt-svc: h3=":443"; ma=86400
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/webfonts/fa-regular-400.woff2 | 104.17.25.14 | 200 OK | 14 kB |
URL GET HTTP/3cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/webfonts/fa-regular-400.woff2 IP104.17.25.14:443
Requested byhttps://bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=validate&no_redrct=null&pcnt=null&no_psplash=null&pmax=null CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 13584, version 331.524 Hashc20b5b7362d8d7bb7eddf94344ace33e 260bb01acd44d88dcb7f501a238ab968f86bef9e 6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65
GET /ajax/libs/font-awesome/5.13.0/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bandagrid.top
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:20:59 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 13584
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e60-3510"
last-modified: Mon, 04 May 2020 16:10:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 562620
expires: Mon, 07 Apr 2025 09:20:59 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lPE7emKh7EYmB%2FdWcJ%2FIMCIhnda0kKMrhYB77uUq9QZM9EGU4KbI1uwFT5Kn9N5zwnA2%2F6EH0imPoHwO9yMISqiCP8GDk74s9GkeiX46SePKhKFOIxO4B%2BIosvJOZkCxSmQ9K7Kw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 875b57a1392c9303-CPH
alt-svc: h3=":443"; ma=86400
|
|
| bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index_files/fudhoo-main.css | 188.114.97.1 | 200 OK | 134 kB |
URL GET HTTP/3bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index_files/fudhoo-main.css IP188.114.97.1:443
Requested byhttps://bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=validate&no_redrct=null&pcnt=null&no_psplash=null&pmax=null CertificateIssuerGoogle Trust Services LLC Subjectbandagrid.top Fingerprint2A:D4:6A:EF:D5:B3:DC:82:7D:5B:43:C2:5F:EF:F8:86:60:DA:33:A6 ValidityMon, 11 Mar 2024 19:03:23 GMT - Sun, 09 Jun 2024 19:03:22 GMT
File typeASCII text, with very long lines (42888) Size134 kB (133840 bytes) Hash506f75e804003bd3573dd5727dc66ea2 6566bd8d56e837250ca18ef2a89758956c47f6c9 e948bc5df8549290f0b161c33dc0cbc9a9b7f220a9283db6486d45813e3ac714
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Yahoo |
GET /_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index_files/fudhoo-main.css HTTP/1.1
Host: bandagrid.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=validate&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=x1YSXrIHrKqxIeAvKkI6Mq7zGjYk2_8hpAtCshpi88A-1713345653-1.0.1.1-pXCaspB15.2ad35t1dasAjiMFugERkvvGAsNrYTe9O6wFlyM4mIvM7piE6IiUsYSAnboo7phfFpsoRsFAjggJQ; captcha=1; PHPSESSID=1j0rknqusst3t437e6es0qauni
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:20:58 GMT
content-type: text/css
last-modified: Thu, 22 Dec 2022 09:17:39 GMT
etag: W/"840a5-5f06723f352c0"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=phwDFT9GgHAER6zzH0mO46SjDV1eGbgsbqcjQmVpaS8x0h4otNHsgCWKWrzOWkAQPVgVr4kqtoDQ7VFL78kgWzerUYIpAS1pqoOWRAWxcTLHJBnJ%2B9WgAt%2FYahb2y%2FDf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875b579c4ac36dea-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| s.yimg.com/cv/ae/sports/fonts/2017/Yahoo_Sans-Medium.woff2 | 87.248.119.252 | 200 OK | 29 kB |
URL GET HTTP/2s.yimg.com/cv/ae/sports/fonts/2017/Yahoo_Sans-Medium.woff2 IP87.248.119.252:443 ASN#203220 Yahoo-UK Limited
Requested byhttps://bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=validate&no_redrct=null&pcnt=null&no_psplash=null&pmax=null CertificateIssuerDigiCert Inc Subject*.fantasysports.yahoo.com FingerprintF9:49:E1:CC:DE:98:74:FF:9B:DF:28:DC:D8:43:B9:82:99:B1:60:DB ValidityTue, 02 Apr 2024 00:00:00 GMT - Wed, 22 May 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 29228, version 1.0 Hash7c7c02dcee2bf1c2528db6092d4ad1fa 988a01f705c074261490625c70f94b2642413693 d5312dacbe6f248c6c4b60251d7acf77bc3bc891cd9b880dead36d9babb288c4
GET /cv/ae/sports/fonts/2017/Yahoo_Sans-Medium.woff2 HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bandagrid.top
DNT: 1
Connection: keep-alive
Referer: https://bandagrid.top/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: WhTtCfl9XOmfCI4oYNlSvFXWhdtve28d047AmTbn+qRDlqM9+yHVyLpj3oToEfUei9XGttRqHtE=
x-amz-request-id: V8BK3SFRFD3KRNGF
date: Wed, 14 Feb 2024 01:19:45 GMT
last-modified: Thu, 19 Apr 2018 16:25:50 GMT
etag: "7c7c02dcee2bf1c2528db6092d4ad1fa"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000,public
x-amz-meta-created-date: Tue, 03 Oct 2017 06:22:52 GMT
x-amz-meta-mbst-etag: "YM:1:1bb49599-26ac-442e-b6b8-f4e40f067ea500055a9e855b6ecb"
x-amz-meta-x-ysws-mbst-vtime: 1507011772247755
expires: Sat, 05 Sep 2026 00:00:00 GMT
x-amz-meta-x-ysws-access: public
accept-ranges: bytes
content-type: font/woff2
server: ATS
content-length: 29228
referrer-policy: no-referrer-when-downgrade
age: 5472075
access-control-allow-origin: *
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: Origin
ats-carp-promotion: 1, 1
X-Firefox-Spdy: h2
|
|
| bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index_files/r-csc.html | 188.114.97.1 | 200 OK | 1.3 kB |
URL GET HTTP/3bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index_files/r-csc.html IP188.114.97.1:443
Requested byhttps://bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=validate&no_redrct=null&pcnt=null&no_psplash=null&pmax=null CertificateIssuerGoogle Trust Services LLC Subjectbandagrid.top Fingerprint2A:D4:6A:EF:D5:B3:DC:82:7D:5B:43:C2:5F:EF:F8:86:60:DA:33:A6 ValidityMon, 11 Mar 2024 19:03:23 GMT - Sun, 09 Jun 2024 19:03:22 GMT
File typeJavaScript source, ASCII text, with very long lines (1432) Hash5dba5aa66f71699811f67de823d3484b 680aade953f59eabbfde2941b32819309dade834 154925f5d81745dd89974adf2152b075c1f1eb233cb3a20b10943d003a458539
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Yahoo |
GET /_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index_files/r-csc.html HTTP/1.1
Host: bandagrid.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=validate&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=x1YSXrIHrKqxIeAvKkI6Mq7zGjYk2_8hpAtCshpi88A-1713345653-1.0.1.1-pXCaspB15.2ad35t1dasAjiMFugERkvvGAsNrYTe9O6wFlyM4mIvM7piE6IiUsYSAnboo7phfFpsoRsFAjggJQ; captcha=1; PHPSESSID=1j0rknqusst3t437e6es0qauni
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:20:59 GMT
content-type: text/html
last-modified: Thu, 22 Dec 2022 09:17:48 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rtZybcUHNdQUkqte3olNaUQ1K1kpj76BW0IJcCYMOjclFnWP26gI3n8BYmXzK5BZIk0eN5Kk%2FTYoMO3GAQNsNQP37vTkIjqRbpLdcEX%2BzqxfF%2FRDytjBOHgxTtAZOTLH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875b57a11b4e6dea-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| s.yimg.com/cv/ae/sports/fonts/2017/Yahoo_Sans-Bold.woff2 | 87.248.119.252 | 200 OK | 28 kB |
URL GET HTTP/2s.yimg.com/cv/ae/sports/fonts/2017/Yahoo_Sans-Bold.woff2 IP87.248.119.252:443 ASN#203220 Yahoo-UK Limited
Requested byhttps://bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=validate&no_redrct=null&pcnt=null&no_psplash=null&pmax=null CertificateIssuerDigiCert Inc Subject*.fantasysports.yahoo.com FingerprintF9:49:E1:CC:DE:98:74:FF:9B:DF:28:DC:D8:43:B9:82:99:B1:60:DB ValidityTue, 02 Apr 2024 00:00:00 GMT - Wed, 22 May 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 28108, version 1.0 Hash58b9e3ca84accc5d50ac893317cd6705 fd393c1f50fd2f771deb92bf8b26bd39f97db2c5 22e9e86d745200109fbcb3e96695307fea67880fca509728194b2cfce3906fa7
GET /cv/ae/sports/fonts/2017/Yahoo_Sans-Bold.woff2 HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bandagrid.top
DNT: 1
Connection: keep-alive
Referer: https://bandagrid.top/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: bYo6gGcShJvKhBDdV42vFWjAyIDSffSAcCJBNtXTBkffEuEsT2n+SNDhc0woLywmy/LRkGddwB0=
x-amz-request-id: GVYDQ3Z1RQA9W8K3
date: Tue, 19 Mar 2024 06:36:28 GMT
last-modified: Thu, 19 Apr 2018 17:20:37 GMT
etag: "58b9e3ca84accc5d50ac893317cd6705"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000,public
x-amz-meta-created-date: Tue, 03 Oct 2017 06:22:52 GMT
x-amz-meta-mbst-etag: "YM:1:5893a8ed-f86d-4278-b1dc-94c16c36132200055a9e85598641"
x-amz-meta-x-ysws-mbst-vtime: 1507011772122689
expires: Sat, 05 Sep 2026 00:00:00 GMT
x-amz-meta-x-ysws-access: public
accept-ranges: bytes
content-type: font/woff2
server: ATS
content-length: 28108
referrer-policy: no-referrer-when-downgrade
age: 2515472
access-control-allow-origin: *
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: Origin
ats-carp-promotion: 1, 1
X-Firefox-Spdy: h2
|
|
| s.yimg.com/cv/ae/sports/fonts/2017/Yahoo_Sans-ExtraBold.woff2 | 87.248.119.252 | 200 OK | 29 kB |
URL GET HTTP/2s.yimg.com/cv/ae/sports/fonts/2017/Yahoo_Sans-ExtraBold.woff2 IP87.248.119.252:443 ASN#203220 Yahoo-UK Limited
Requested byhttps://bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=validate&no_redrct=null&pcnt=null&no_psplash=null&pmax=null CertificateIssuerDigiCert Inc Subject*.fantasysports.yahoo.com FingerprintF9:49:E1:CC:DE:98:74:FF:9B:DF:28:DC:D8:43:B9:82:99:B1:60:DB ValidityTue, 02 Apr 2024 00:00:00 GMT - Wed, 22 May 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 28808, version 1.0 Hash632a74de7778e84fd6e92f2f6c49f1c3 9ad7f087f4c8f7bea2a0725951029c2b0943f9d4 e3b229d1d0e49226f929a219c007a701c2c2646ef75c215e427a28e36466ab1b
GET /cv/ae/sports/fonts/2017/Yahoo_Sans-ExtraBold.woff2 HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bandagrid.top
DNT: 1
Connection: keep-alive
Referer: https://bandagrid.top/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: 3hffWZjFH26lko87n8jVt6z92wpvvbWbFQQeksrvPimmHEMa0w5L8D45ZQyJJ9PSDU12ter3BKc=
x-amz-request-id: TM32HT8QP6D32WQG
date: Sat, 13 Apr 2024 06:05:04 GMT
last-modified: Thu, 19 Apr 2018 19:01:13 GMT
etag: "632a74de7778e84fd6e92f2f6c49f1c3"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000,public
x-amz-meta-created-date: Tue, 03 Oct 2017 06:22:51 GMT
x-amz-meta-mbst-etag: "YM:1:1ccdd2c4-6102-4773-912a-83dcdcf0e3cd00055a9e85568140"
x-amz-meta-x-ysws-mbst-vtime: 1507011771924800
expires: Sat, 05 Sep 2026 00:00:00 GMT
x-amz-meta-x-ysws-access: public
accept-ranges: bytes
content-type: font/woff2
server: ATS
content-length: 28808
referrer-policy: no-referrer-when-downgrade
age: 357357
access-control-allow-origin: *
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: Origin
ats-carp-promotion: 1, 1
X-Firefox-Spdy: h2
|
|
| s.yimg.com/cv/ae/sports/fonts/2017/Yahoo_Sans-Semibold.woff2 | 87.248.119.252 | 200 OK | 29 kB |
URL GET HTTP/2s.yimg.com/cv/ae/sports/fonts/2017/Yahoo_Sans-Semibold.woff2 IP87.248.119.252:443 ASN#203220 Yahoo-UK Limited
Requested byhttps://bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=validate&no_redrct=null&pcnt=null&no_psplash=null&pmax=null CertificateIssuerDigiCert Inc Subject*.fantasysports.yahoo.com FingerprintF9:49:E1:CC:DE:98:74:FF:9B:DF:28:DC:D8:43:B9:82:99:B1:60:DB ValidityTue, 02 Apr 2024 00:00:00 GMT - Wed, 22 May 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 29040, version 1.0 Hashaf9fdad7698452697b016850fff96423 710130c79bf56297f8abcc6d6c575172590133b0 b8989e0be6a0c3a8a407d8b69b7884eb5ebf401b7eee8b8b98c5eeec3ba497fa
GET /cv/ae/sports/fonts/2017/Yahoo_Sans-Semibold.woff2 HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bandagrid.top
DNT: 1
Connection: keep-alive
Referer: https://bandagrid.top/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: PEQGrJvR/1t+jLXxoN30CXz3wzejdAB/Ye/PFmi6rOL8T/8BIg9PbPmL8kB/S1zJuhQThp3dqYo=
x-amz-request-id: WZ7X5QKQ2DNFGC5F
date: Mon, 15 Apr 2024 09:43:58 GMT
last-modified: Thu, 19 Apr 2018 17:33:29 GMT
etag: "af9fdad7698452697b016850fff96423"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000,public
x-amz-meta-created-date: Tue, 03 Oct 2017 06:22:51 GMT
x-amz-meta-mbst-etag: "YM:1:95620d49-21c2-4044-b803-58b70c8e419700055a9e854fb9f1"
x-amz-meta-x-ysws-mbst-vtime: 1507011771480561
expires: Sat, 05 Sep 2026 00:00:00 GMT
x-amz-meta-x-ysws-access: public
accept-ranges: bytes
content-type: font/woff2
server: ATS
content-length: 29040
referrer-policy: no-referrer-when-downgrade
age: 171423
access-control-allow-origin: *
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: Origin
ats-carp-promotion: 1, 1
X-Firefox-Spdy: h2
|
|
| bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index_files/sp.js.download | 188.114.97.1 | 200 OK | 1.2 kB |
URL GET HTTP/3bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index_files/sp.js.download IP188.114.97.1:443
Requested byhttps://bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index_files/r-csc.html CertificateIssuerGoogle Trust Services LLC Subjectbandagrid.top Fingerprint2A:D4:6A:EF:D5:B3:DC:82:7D:5B:43:C2:5F:EF:F8:86:60:DA:33:A6 ValidityMon, 11 Mar 2024 19:03:23 GMT - Sun, 09 Jun 2024 19:03:22 GMT
File typeASCII text, with very long lines (1215), with no line terminators Hashc34ae82b51d124843913669b0c80d3e7 b90dab48704067489e02904cfedc13bef272a415 dc03c144aa51ba16bf6f15c2bb97d5acc6c34d7446f3151734b589affb9245dd
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Yahoo |
GET /_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index_files/sp.js.download HTTP/1.1
Host: bandagrid.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index_files/r-csc.html
Cookie: cf_clearance=x1YSXrIHrKqxIeAvKkI6Mq7zGjYk2_8hpAtCshpi88A-1713345653-1.0.1.1-pXCaspB15.2ad35t1dasAjiMFugERkvvGAsNrYTe9O6wFlyM4mIvM7piE6IiUsYSAnboo7phfFpsoRsFAjggJQ; captcha=1; PHPSESSID=1j0rknqusst3t437e6es0qauni
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:20:59 GMT
content-type: application/javascript
last-modified: Thu, 22 Dec 2022 09:17:48 GMT
etag: W/"4a8-5f067247ca700"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wWAre4YMhbf9qw213uCR7tSkLjSK201jPv1jQSyaQyoa7iFApUVM98ml8Ih3nrCZ4EI2Jhf0iFpNQa2uZCe3fxWEYMrid2dvQAdKZ8byhuzFXJC%2Bx1oIsynFdcTnAEe%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875b57a1ecd36dea-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index_files/fudhoo-apple-touch-v0.0.2.png | 188.114.97.1 | 404 Not Found | 300 B |
URL GET HTTP/3bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index_files/fudhoo-apple-touch-v0.0.2.png IP188.114.97.1:443
Requested byhttps://bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=validate&no_redrct=null&pcnt=null&no_psplash=null&pmax=null CertificateIssuerGoogle Trust Services LLC Subjectbandagrid.top Fingerprint2A:D4:6A:EF:D5:B3:DC:82:7D:5B:43:C2:5F:EF:F8:86:60:DA:33:A6 ValidityMon, 11 Mar 2024 19:03:23 GMT - Sun, 09 Jun 2024 19:03:22 GMT
File typeHTML document, ASCII text, with very long lines (311), with no line terminators Hashff969b3afd6bd3b68bfeb41e13eac22a 9031313962c30512bca70d1d4f0c8fbad7ea47ee a442b2b96feae9f7fbdd5da7e48f0d14cf80033f7c396d01c4271341894c5db5
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Yahoo |
GET /_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index_files/fudhoo-apple-touch-v0.0.2.png HTTP/1.1
Host: bandagrid.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=validate&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=x1YSXrIHrKqxIeAvKkI6Mq7zGjYk2_8hpAtCshpi88A-1713345653-1.0.1.1-pXCaspB15.2ad35t1dasAjiMFugERkvvGAsNrYTe9O6wFlyM4mIvM7piE6IiUsYSAnboo7phfFpsoRsFAjggJQ; captcha=1; PHPSESSID=1j0rknqusst3t437e6es0qauni
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Wed, 17 Apr 2024 09:20:59 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uQ31NyABbywrOEjZmtG2NIv0dOBM70wc%2BhF0DvV3BtWrKNt7ezHG9w7hg9IReOj7Lgdx33HB3UFfmp3P1%2FK%2FMTaz%2Fhgqu92bidjhskyUhIogLcy3mZC4EL4GUVF%2FvHYL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875b57a3e8d86dea-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index.php?login=eWFob29AeWFob28uY29t&request_type=validate&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null | 188.114.97.1 | 200 OK | 2.5 kB |
URL User Request GET HTTP/3bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index.php?login=eWFob29AeWFob28uY29t&request_type=validate&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectbandagrid.top Fingerprint2A:D4:6A:EF:D5:B3:DC:82:7D:5B:43:C2:5F:EF:F8:86:60:DA:33:A6 ValidityMon, 11 Mar 2024 19:03:23 GMT - Sun, 09 Jun 2024 19:03:22 GMT
File typeJavaScript source, ASCII text, with very long lines (2779), with no line terminators Hashc04d7e21e8ba6d1ee20240f8b6fe90b7 49be3d0511a7836b3a8de3c74cb571968041be76 d621e24ee5602f7f3b5f25a04619e7f84ec9331c0db66121cf6e14571486b9f9
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Yahoo |
GET /_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index.php?login=eWFob29AeWFob28uY29t&request_type=validate&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null HTTP/1.1
Host: bandagrid.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bandagrid.top/_oldguard_oxy/?login=yahoo@yahoo.com&page=null&request_type=validate&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
Cookie: cf_clearance=x1YSXrIHrKqxIeAvKkI6Mq7zGjYk2_8hpAtCshpi88A-1713345653-1.0.1.1-pXCaspB15.2ad35t1dasAjiMFugERkvvGAsNrYTe9O6wFlyM4mIvM7piE6IiUsYSAnboo7phfFpsoRsFAjggJQ; captcha=1; PHPSESSID=1j0rknqusst3t437e6es0qauni
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:20:58 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.30
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K0Si7LUnBqPXgcUbs6xvIGJMMRrhlKbD4jzh8qu%2FCk9YqZALW8SE0iQ8jZznv55YpQMRydjICa2YojRs%2F%2FLXQyCiPGTc5Ui6nzp0wwmWmaoC2%2BysjIR%2BXvqjS%2BuhBtGo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875b5799fe6d6dea-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index_files/fudhoo-favicon-img-v0.0.2.ico | 188.114.97.1 | 200 OK | 1.4 kB |
URL GET HTTP/3bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index_files/fudhoo-favicon-img-v0.0.2.ico IP188.114.97.1:443
Requested byhttps://bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=validate&no_redrct=null&pcnt=null&no_psplash=null&pmax=null CertificateIssuerGoogle Trust Services LLC Subjectbandagrid.top Fingerprint2A:D4:6A:EF:D5:B3:DC:82:7D:5B:43:C2:5F:EF:F8:86:60:DA:33:A6 ValidityMon, 11 Mar 2024 19:03:23 GMT - Sun, 09 Jun 2024 19:03:22 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 8 bits/pixel Hashb6814ae5582d7953821acbd76e977bb4 75a33fc706c2c6ba233e76c17337e466949f403c 4a491acd00880c407a2b749619003716c87e9c25ac344e5934c13e8f9aa0e8b3
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Yahoo |
GET /_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index_files/fudhoo-favicon-img-v0.0.2.ico HTTP/1.1
Host: bandagrid.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=validate&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=x1YSXrIHrKqxIeAvKkI6Mq7zGjYk2_8hpAtCshpi88A-1713345653-1.0.1.1-pXCaspB15.2ad35t1dasAjiMFugERkvvGAsNrYTe9O6wFlyM4mIvM7piE6IiUsYSAnboo7phfFpsoRsFAjggJQ; captcha=1; PHPSESSID=1j0rknqusst3t437e6es0qauni
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:20:59 GMT
content-type: image/x-icon
last-modified: Tue, 21 Feb 2023 16:43:40 GMT
etag: W/"57e-5f5387b59a700"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9V%2B57TBA%2BOBCIEviaiJtKsaI4s45FHi80N03C2lok0gGDqeaLc7NEBBgYIWfkCeRcxPCy9AEJ6LC00vvjokRCCg2Ekucwp0R92zTTDYhi65gJtcvVNIxKln%2BapVTmXAZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875b57a3e8de6dea-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index_files/fudhoo_frontpage_en-US_s_f_p_bestfit_frontpage_2x.png | 188.114.97.1 | 200 OK | 1.3 kB |
URL GET HTTP/3bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index_files/fudhoo_frontpage_en-US_s_f_p_bestfit_frontpage_2x.png IP188.114.97.1:443
Requested byhttps://bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=validate&no_redrct=null&pcnt=null&no_psplash=null&pmax=null CertificateIssuerGoogle Trust Services LLC Subjectbandagrid.top Fingerprint2A:D4:6A:EF:D5:B3:DC:82:7D:5B:43:C2:5F:EF:F8:86:60:DA:33:A6 ValidityMon, 11 Mar 2024 19:03:23 GMT - Sun, 09 Jun 2024 19:03:22 GMT
File typePNG image data, 240 x 72, 8-bit colormap, non-interlaced Hashcd166981c96c6d0f4b5a7d798c25878e 09031c4013138bb8bd54ab9092ac59aa47d7c60c 0fdefe26bac6a6b0b06fe67984582f887af70b7da25d6cb1b401f9074db58338
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Yahoo |
GET /_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index_files/fudhoo_frontpage_en-US_s_f_p_bestfit_frontpage_2x.png HTTP/1.1
Host: bandagrid.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=validate&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=x1YSXrIHrKqxIeAvKkI6Mq7zGjYk2_8hpAtCshpi88A-1713345653-1.0.1.1-pXCaspB15.2ad35t1dasAjiMFugERkvvGAsNrYTe9O6wFlyM4mIvM7piE6IiUsYSAnboo7phfFpsoRsFAjggJQ; captcha=1; PHPSESSID=1j0rknqusst3t437e6es0qauni
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:20:58 GMT
content-type: image/png
content-length: 1346
last-modified: Thu, 22 Dec 2022 09:17:40 GMT
etag: "542-5f06724029500"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8305idM8gxmNtJIA1OezfNkXxVnDbGOEWiPPz6lfuqQgCCkrfJrK%2Feh2OVMua9%2BeKW7Z9n4b%2B6i%2BJthJStW03pMWBVbCAlAJE2d809QgcQm1h%2BK9b2ZzAu0L3paRE7LN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875b579c4acf6dea-CPH
alt-svc: h3=":443"; ma=86400
|
|
| bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index_files/rapid-3.53.30.js.download | 188.114.97.1 | 200 OK | 50 kB |
URL GET HTTP/3bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index_files/rapid-3.53.30.js.download IP188.114.97.1:443
Requested byhttps://bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=validate&no_redrct=null&pcnt=null&no_psplash=null&pmax=null CertificateIssuerGoogle Trust Services LLC Subjectbandagrid.top Fingerprint2A:D4:6A:EF:D5:B3:DC:82:7D:5B:43:C2:5F:EF:F8:86:60:DA:33:A6 ValidityMon, 11 Mar 2024 19:03:23 GMT - Sun, 09 Jun 2024 19:03:22 GMT
Hash665798d28ecf9be7cbc434e75267920d 55864f76f012bb11a354c6bacdcc7769a5ec6fa2 7bc917ebee12bcd521ae88840228032579459c25a3ccf8953d8a2dbe5e085be9
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Yahoo |
GET /_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index_files/rapid-3.53.30.js.download HTTP/1.1
Host: bandagrid.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=validate&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=x1YSXrIHrKqxIeAvKkI6Mq7zGjYk2_8hpAtCshpi88A-1713345653-1.0.1.1-pXCaspB15.2ad35t1dasAjiMFugERkvvGAsNrYTe9O6wFlyM4mIvM7piE6IiUsYSAnboo7phfFpsoRsFAjggJQ; captcha=1; PHPSESSID=1j0rknqusst3t437e6es0qauni
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:20:58 GMT
content-type: application/javascript
last-modified: Thu, 22 Dec 2022 09:17:40 GMT
etag: W/"c45a-5f06724029500"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y7JMxDOXpBCl%2BxLPNkWDLBzlB4kWhlDJCxUlXPqm8u7v14BMN7DC%2FTiuv9dQ%2BdOgpM2Qj3Vu8eQ3dNPcvL8J%2FGiGXFL4qtOrs37l2mjrobqQhPi8Z6eRfVhQHm%2Fz9aGW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875b579c4ad96dea-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index_files/bundle.js.download | 188.114.97.1 | 200 OK | 188 kB |
URL GET HTTP/3bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index_files/bundle.js.download IP188.114.97.1:443
Requested byhttps://bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=validate&no_redrct=null&pcnt=null&no_psplash=null&pmax=null CertificateIssuerGoogle Trust Services LLC Subjectbandagrid.top Fingerprint2A:D4:6A:EF:D5:B3:DC:82:7D:5B:43:C2:5F:EF:F8:86:60:DA:33:A6 ValidityMon, 11 Mar 2024 19:03:23 GMT - Sun, 09 Jun 2024 19:03:22 GMT
Size188 kB (188232 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Yahoo |
GET /_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index_files/bundle.js.download HTTP/1.1
Host: bandagrid.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=validate&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=x1YSXrIHrKqxIeAvKkI6Mq7zGjYk2_8hpAtCshpi88A-1713345653-1.0.1.1-pXCaspB15.2ad35t1dasAjiMFugERkvvGAsNrYTe9O6wFlyM4mIvM7piE6IiUsYSAnboo7phfFpsoRsFAjggJQ; captcha=1; PHPSESSID=1j0rknqusst3t437e6es0qauni
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:20:58 GMT
content-type: application/javascript
last-modified: Thu, 22 Dec 2022 09:17:41 GMT
etag: W/"2df48-5f0672411d740"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jIMi870R%2FW8t%2F3kNcxOf63w%2BtdZnC18naNypGko7zQFRHVEQnevcHh9MJgIop80SxTeq7rYspwqNkD5eZKpi7bznTK0Kx5kn0fy0WlXxI84FGFtvfKQ8WMOArqEqf5%2B8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875b579c6b1a6dea-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| s.yimg.com/cv/ae/sports/fonts/2017/Yahoo_Sans-Regular.woff2 | 87.248.119.252 | 200 OK | 29 kB |
URL GET HTTP/2s.yimg.com/cv/ae/sports/fonts/2017/Yahoo_Sans-Regular.woff2 IP87.248.119.252:443 ASN#203220 Yahoo-UK Limited
Requested byhttps://bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=validate&no_redrct=null&pcnt=null&no_psplash=null&pmax=null CertificateIssuerDigiCert Inc Subject*.fantasysports.yahoo.com FingerprintF9:49:E1:CC:DE:98:74:FF:9B:DF:28:DC:D8:43:B9:82:99:B1:60:DB ValidityTue, 02 Apr 2024 00:00:00 GMT - Wed, 22 May 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 28860, version 1.0 Hasha99b283070afc519f4816e4300c515d2 65b78d03d56de125060e61069debfc47e38fb3df fc0e2df417e7959509df87df6b4de2eb1479c8718bc2d8ab0bc70d3753c68560
GET /cv/ae/sports/fonts/2017/Yahoo_Sans-Regular.woff2 HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bandagrid.top
DNT: 1
Connection: keep-alive
Referer: https://bandagrid.top/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: pjbb7fNOmtoSpL+GdOfdVyNwkJIrT1PeuEUI0ZgDSwYDB+utoUI8FzeFoXV/AhvRBRubUH1DtEo=
x-amz-request-id: GVYBPNWJB7RENT07
date: Tue, 19 Mar 2024 06:36:28 GMT
last-modified: Thu, 19 Apr 2018 19:06:41 GMT
etag: "a99b283070afc519f4816e4300c515d2"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000,public
x-amz-meta-created-date: Tue, 03 Oct 2017 06:22:51 GMT
x-amz-meta-mbst-etag: "YM:1:cb5e4811-e042-455c-b2b2-f984d5f70e0200055a9e8550b736"
x-amz-meta-x-ysws-mbst-vtime: 1507011771545398
expires: Sat, 05 Sep 2026 00:00:00 GMT
x-amz-meta-x-ysws-access: public
accept-ranges: bytes
content-type: font/woff2
server: ATS
content-length: 28860
referrer-policy: no-referrer-when-downgrade
age: 2515472
access-control-allow-origin: *
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: Origin
ats-carp-promotion: 1, 1
X-Firefox-Spdy: h2
|
|
| bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index_files/adcount_2.0_5113.1_5043043_0_0_AdId=-41 | 188.114.97.1 | 200 OK | 1 B |
URL GET HTTP/3bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index_files/adcount_2.0_5113.1_5043043_0_0_AdId=-41 IP188.114.97.1:443
Requested byhttps://bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index_files/r-csc.html CertificateIssuerGoogle Trust Services LLC Subjectbandagrid.top Fingerprint2A:D4:6A:EF:D5:B3:DC:82:7D:5B:43:C2:5F:EF:F8:86:60:DA:33:A6 ValidityMon, 11 Mar 2024 19:03:23 GMT - Sun, 09 Jun 2024 19:03:22 GMT
File typevery short file (no magic) Hash7215ee9c7d9dc229d2921a40e899ec5f b858cb282617fb0956d960215c8e84d1ccf909c6 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Yahoo |
GET /_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index_files/adcount_2.0_5113.1_5043043_0_0_AdId=-41 HTTP/1.1
Host: bandagrid.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index_files/r-csc.html
Cookie: cf_clearance=x1YSXrIHrKqxIeAvKkI6Mq7zGjYk2_8hpAtCshpi88A-1713345653-1.0.1.1-pXCaspB15.2ad35t1dasAjiMFugERkvvGAsNrYTe9O6wFlyM4mIvM7piE6IiUsYSAnboo7phfFpsoRsFAjggJQ; captcha=1; PHPSESSID=1j0rknqusst3t437e6es0qauni
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:20:59 GMT
content-length: 1
last-modified: Thu, 22 Dec 2022 09:17:48 GMT
etag: "1-5f067247ca700"
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=832Ewp8zClCGyd6dpUix6yWxzTdS1oJn8q4E%2BFBGe1UviBaCjQmBW%2FV5KZ3fsHoMyohDVxtz5sesvIhPhLAIAaZ8%2BAVxbpAqqKElI8SJ3tUb21K18nSskzcew%2FhoYDQ4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875b57a1ecd26dea-CPH
alt-svc: h3=":443"; ma=86400
|
|
| bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index_files/client.php | 188.114.97.1 | 200 OK | 13 kB |
URL GET HTTP/3bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index_files/client.php IP188.114.97.1:443
Requested byhttps://bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=validate&no_redrct=null&pcnt=null&no_psplash=null&pmax=null CertificateIssuerGoogle Trust Services LLC Subjectbandagrid.top Fingerprint2A:D4:6A:EF:D5:B3:DC:82:7D:5B:43:C2:5F:EF:F8:86:60:DA:33:A6 ValidityMon, 11 Mar 2024 19:03:23 GMT - Sun, 09 Jun 2024 19:03:22 GMT
File typeJavaScript source, ASCII text, with very long lines (11287) Hash82ef930ac50fa1b6a28a338a3dd6f9be eaf3106c7c8dd9de1151858664cab017ff8b9284 f1cc472ef4f7854355839987322c3aaaf6deb438201a1c80ad647671106417ff
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Yahoo |
GET /_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index_files/client.php HTTP/1.1
Host: bandagrid.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=validate&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=x1YSXrIHrKqxIeAvKkI6Mq7zGjYk2_8hpAtCshpi88A-1713345653-1.0.1.1-pXCaspB15.2ad35t1dasAjiMFugERkvvGAsNrYTe9O6wFlyM4mIvM7piE6IiUsYSAnboo7phfFpsoRsFAjggJQ; captcha=1; PHPSESSID=1j0rknqusst3t437e6es0qauni
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:20:58 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.30
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aWmwTr1w%2F9Co7y5rhy0YBZZZv20dMqdUrYsmXt6Zm9gT0smsUrizWCSqhTCT%2FVmmSIQqxDtsVZISBCgtln7kYcE%2BwbrW47MV9AGJ8yzR3bXhrJe8ELfo7hrOloRIJ1Qd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875b579d8d8a6dea-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| s.yimg.com/rq/darla/boot.js | 87.248.119.252 | 403 Forbidden | 0 B |
URL GET HTTP/2s.yimg.com/rq/darla/boot.js IP87.248.119.252:443 ASN#203220 Yahoo-UK Limited
Requested byhttps://bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=validate&no_redrct=null&pcnt=null&no_psplash=null&pmax=null CertificateIssuerDigiCert Inc Subject*.fantasysports.yahoo.com FingerprintF9:49:E1:CC:DE:98:74:FF:9B:DF:28:DC:D8:43:B9:82:99:B1:60:DB ValidityTue, 02 Apr 2024 00:00:00 GMT - Wed, 22 May 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rq/darla/boot.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bandagrid.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
x-amz-request-id: DSGHJVCVYDPW0H46
x-amz-id-2: bABUiIG5TtPElNHDN35DU0KtTVvLLU9WTt3xZumFYzbBMS+CwlvNWsFGBtyqmcDVgnyD+XX4yM8=
content-type: application/xml
date: Wed, 17 Apr 2024 09:20:59 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin
age: 3
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index_files/sp-frame.html | 188.114.97.1 | 200 OK | 8.9 kB |
URL GET HTTP/3bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index_files/sp-frame.html IP188.114.97.1:443
Requested byhttps://bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index_files/r-csc.html CertificateIssuerGoogle Trust Services LLC Subjectbandagrid.top Fingerprint2A:D4:6A:EF:D5:B3:DC:82:7D:5B:43:C2:5F:EF:F8:86:60:DA:33:A6 ValidityMon, 11 Mar 2024 19:03:23 GMT - Sun, 09 Jun 2024 19:03:22 GMT
File typeHTML document, ASCII text, with very long lines (9060), with no line terminators Hash0b12be72857dd137cda2475071340057 d15748d9b3a431e94ff312d13e686da329cae5c5 89baaa72d6abfe0f3c63cbef6516ab5bb85775db80f69f1ae08699a419b042cf
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Yahoo |
GET /_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index_files/sp-frame.html HTTP/1.1
Host: bandagrid.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index_files/r-csc.html
Cookie: cf_clearance=x1YSXrIHrKqxIeAvKkI6Mq7zGjYk2_8hpAtCshpi88A-1713345653-1.0.1.1-pXCaspB15.2ad35t1dasAjiMFugERkvvGAsNrYTe9O6wFlyM4mIvM7piE6IiUsYSAnboo7phfFpsoRsFAjggJQ; captcha=1; PHPSESSID=1j0rknqusst3t437e6es0qauni
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:20:59 GMT
content-type: text/html
last-modified: Thu, 22 Dec 2022 09:17:48 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o4k6PjstN%2Byc4iWK59x0LGLXxeWP7WkOlIhF1MS26g%2F211h4HrJ%2BsyhDjIZyuIrFMqxRdc1SJiGnnlKkGxiCswaDqZwGkfNw%2BLawJvfBBHM9YFPLEiqG3B7S3SSoDkFI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875b57a3f9046dea-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index_files/opus-frame.html | 188.114.97.1 | 200 OK | 9.3 kB |
URL GET HTTP/3bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index_files/opus-frame.html IP188.114.97.1:443
Requested byhttps://bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index_files/r-csc.html CertificateIssuerGoogle Trust Services LLC Subjectbandagrid.top Fingerprint2A:D4:6A:EF:D5:B3:DC:82:7D:5B:43:C2:5F:EF:F8:86:60:DA:33:A6 ValidityMon, 11 Mar 2024 19:03:23 GMT - Sun, 09 Jun 2024 19:03:22 GMT
File typeHTML document, ASCII text, with very long lines (9565), with no line terminators Hash933e0d3dc36b686d73f72253752cfb17 809e707a637b877ae2b01bfebbe09db4504acba3 683ae6e5c21cca2a8d541443f501a804812f476969183250281945650699d97b
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Yahoo |
GET /_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index_files/opus-frame.html HTTP/1.1
Host: bandagrid.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bandagrid.top/_oldguard_oxy/voult/241fe8af1e038118cd817048a65f803e/index_files/r-csc.html
Cookie: cf_clearance=x1YSXrIHrKqxIeAvKkI6Mq7zGjYk2_8hpAtCshpi88A-1713345653-1.0.1.1-pXCaspB15.2ad35t1dasAjiMFugERkvvGAsNrYTe9O6wFlyM4mIvM7piE6IiUsYSAnboo7phfFpsoRsFAjggJQ; captcha=1; PHPSESSID=1j0rknqusst3t437e6es0qauni
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 09:20:59 GMT
content-type: text/html
last-modified: Thu, 22 Dec 2022 09:17:48 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h1yNjniKUc0bWNEOsD5%2BhKa8EbUkCEQQFkF7tU2D2Gkwp224tztByagL8uMV4FUC0JHmcjFgFggoB1yJ6SOmhJK8elgtFjVLu9Ug5e646HZ60PIq%2BVG6cGgXHKbQfqVu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875b57a1fcfc6dea-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|