| times.altinawi.me/skyphigh/ | 104.21.48.32 | 301 Moved Permanently | 7.5 kB |
URL User Request GET HTTP/1.1times.altinawi.me/skyphigh/ IP104.21.48.32:80
File typeHTML document, ASCII text, with very long lines (16573), with no line terminators Hash75f9db00a8256543ce62262249bcf7b0 c67be3bd13c54ed51a6cea62e3a1e7a764f0357e 1e29c263a2eab5938217b9678097d47fba715d97bcb03ca64dd56c43e01633cd
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Dropbox | urlquery | phishing | Phishing - Generic phishing |
GET /skyphigh/ HTTP/1.1
Host: times.altinawi.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Tue, 23 Apr 2024 21:58:07 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: 4fLy577Uyg97HzpD/LvQFvjAQQO3YHEMTg/TFs9o0hxjQu2E3L8V0aM1tysBJ4KqOMYoGJN5r91crE8MIFGQPA9xo0E+AdQMMOUIah4gjcM=$EJwypuqDCc5GawsE8lw2JQ==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ur62YkXTpTdI2WqH1c776huiJBDLjUMQweqbJFdoDERkj1rDFaSJ7eEGF%2F9pe%2BB1xkQywFJuK1bjp5376VeI2mLcSi9CRP7Tm0Vy5uOovlNR9Z%2B1ujqw54Tim6hBaQAkw2SERw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87911cf5dde80b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D | 104.17.2.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D IP104.17.2.184:0
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hash9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/dfd5h/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:58:07 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 87911cfaa9137131-OSL
alt-svc: h3=":443"; ma=86400
|
|
| times.altinawi.me/skyphigh/ | 104.21.48.32 | 301 Moved Permanently | 12 kB |
URL User Request GET HTTP/1.1times.altinawi.me/skyphigh/ IP104.21.48.32:80
File typeHTML document, ASCII text, with very long lines (15976), with no line terminators Hashdd620cef617f4659bd9d974c989db664 7e6e95b6a88feadbc8de343cb33cf56ea3bdc474 19dff698d00137bc482fd26897cc38b57297432c0cb627e1ce859ca314d62c14
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Dropbox | urlquery | phishing | Phishing - Generic phishing |
GET /skyphigh/ HTTP/1.1
Host: times.altinawi.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
date: Tue, 23 Apr 2024 21:58:07 GMT
content-type: text/html; charset=UTF-8
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: TA+UHX1lC9SDy3sDkhkb4VYAVX8g9ecWs77tUb9HNYL8AH2VOpGzQPAw33XP1sq7abKJpPJkarnXxNYxaP+c1dpbwGNn8K2iI4Lb3A6jFgQ=$SGa73nfi9ZhWw6KcRiF4cQ==
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gduQK0Fbo4eLndgpe3Uqo2ChHXI5HEnxxahYIO1z9qTp77CIoEKqx7BTRTx%2For%2FBwu9jcSl%2BY0BbQ4qL15F59PSoGlXv7dFkKg6%2B7Vg8mbfOUl1EPEnINhVHw%2BjUnv9%2F5Q1fFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87911cf6d85ab51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/87911cfa28a47131/1713909488091/69959a11838b5f7bc709e25288465cdf0f312da857d9190876db456bca1fa802/vmPeuuJhatziIvi | 104.17.2.184 | | 1 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/87911cfa28a47131/1713909488091/69959a11838b5f7bc709e25288465cdf0f312da857d9190876db456bca1fa802/vmPeuuJhatziIvi IP104.17.2.184:0
File typevery short file (no magic) Hashff44570aca8241914870afbc310cdb85 58668e7669fd564d99db5d581fcdb6a5618440b5 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
GET /cdn-cgi/challenge-platform/h/b/pat/87911cfa28a47131/1713909488091/69959a11838b5f7bc709e25288465cdf0f312da857d9190876db456bca1fa802/vmPeuuJhatziIvi HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/dfd5h/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 401 Unauthorized
date: Tue, 23 Apr 2024 21:58:09 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gaZWaEYOLX3vHCeJSiEZc3w8xLahX2RkIdttFa8ofqAIAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEApc5PUXcXSrXwpeNe3kT6EaAJPDsPBMfFZc7M608yW3JV6YSHiGBLoFiLtNHD3Yj8UsOtWbQeFa2uvS_dYz5MBsoSW4-RbOY-WCB2aGEB-eoRbXl4lJRl0UNGi00lNBgNTil_mTTSNV3ssSkmSY8kwM-5GqBNfJ2kmJPKo02MWiXn1pwc4YXbeATUrYDRvvXUXYZrgaarjDyvHFhnYpD3mqr5qOj_TS_1SCUZ0HIp8ywDX06Xc59cKjzFHEUzD3gWutoK4apMxNt9bWWxcH3D_UL1a1llCxh-knMwTxgvRXS-XHap_ymO2zCuAPNgo1SDCTl4lTQZbVX7VvpDZwMaiQIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIGmVmhGDi197xwniUohGXN8PMS2oV9kZCHbbRWvKH6gCABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1FEYykHcK8H9rb_u0aFz3CmWgYloQw4YhedoEOAjJ0vy2Axa4f9UG9Dzs4uXS34_h8l6MDo2nRCvLI9lvebilMnTjCn-6D77bewqYxJKUFZW1z2jBIdu03TrETczfEg7kxgKtJE9NXGDjYJcF_iMgzgNA0PEAVM89tUYXXlFy4cUAGlqU2mPpIEOxm5ARsXC-zlLK60fkJ4cOsZRkZa6EExdhmgdwQ0fEJuSOHrBO_-zJn4hUP8q9g4yqkxW2UrfJgD07F4HaHGBEiei06sGDvH2NEPvswEl5dTGxutNrxlU7W24iYhNa2nhjlc53nNb0mKtszv-czVE9UhXyJ7-RQIDAQAB", max-age=20
server: cloudflare
cf-ray: 87911d0388857131-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/87911cfa28a47131/1713909488094/3T5d0C1OYLHbHLR | 104.17.2.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/87911cfa28a47131/1713909488094/3T5d0C1OYLHbHLR IP104.17.2.184:0
File typePNG image data, 15 x 42, 8-bit/color RGB, non-interlaced Hash73a86372a426944cb046310201597c59 789a575334374973d99ea12b53fbbaf90d05bcbc de41c748a75ce89c3a5300923a0070d296491ca9c40460558db892584703d532
GET /cdn-cgi/challenge-platform/h/b/i/87911cfa28a47131/1713909488094/3T5d0C1OYLHbHLR HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/dfd5h/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:58:09 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 87911d069b667131-OSL
alt-svc: h3=":443"; ma=86400
|
|
| code.jquery.com/jquery-3.3.1.js | 151.101.130.137 | 200 OK | 80 kB |
URL GET HTTP/2code.jquery.com/jquery-3.3.1.js IP151.101.130.137:443
Requested byhttps://times.altinawi.me/skyphigh/ CertificateIssuerSectigo Limited Subject*.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text Hash6a07da9fae934baf3f749e876bbfdd96 46a436eba01c79acdb225757ed80bf54bad6416b d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad
GET /jquery-3.3.1.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://times.altinawi.me
DNT: 1
Connection: keep-alive
Referer: https://times.altinawi.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-42587"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 23 Apr 2024 21:58:13 GMT
age: 19108843
x-served-by: cache-lga21980-LGA, cache-hel1410024-HEL
x-cache: HIT, HIT
x-cache-hits: 99, 14433
x-timer: S1713909494.591597,VS0,VE0
vary: Accept-Encoding
content-length: 80268
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js | 216.58.207.202 | 200 OK | 30 kB |
URL GET HTTP/2ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js IP216.58.207.202:443
Requested byhttps://times.altinawi.me/skyphigh/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeJavaScript source, ASCII text, with very long lines (32065) Hash2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://times.altinawi.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:38:23 GMT
expires: Fri, 18 Apr 2025 17:38:23 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 447590
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| code.jquery.com/jquery-3.1.1.min.js | 151.101.130.137 | 200 OK | 30 kB |
URL GET HTTP/2code.jquery.com/jquery-3.1.1.min.js IP151.101.130.137:443
Requested byhttps://times.altinawi.me/skyphigh/ CertificateIssuerSectigo Limited Subject*.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (32030) Hashe071abda8fe61194711cfc2ab99fe104 f647a6d37dc4ca055ced3cf64bbc1f490070acba 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
GET /jquery-3.1.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://times.altinawi.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-152b5"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 23 Apr 2024 21:58:13 GMT
age: 19108894
x-served-by: cache-lga21947-LGA, cache-hel1410024-HEL
x-cache: HIT, HIT
x-cache-hits: 118, 57512
x-timer: S1713909494.624382,VS0,VE0
vary: Accept-Encoding
content-length: 30070
X-Firefox-Spdy: h2
|
|
| code.jquery.com/jquery-3.2.1.slim.min.js | 151.101.130.137 | 200 OK | 24 kB |
URL GET HTTP/2code.jquery.com/jquery-3.2.1.slim.min.js IP151.101.130.137:443
Requested byhttps://times.altinawi.me/skyphigh/ CertificateIssuerSectigo Limited Subject*.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (32012) Hash5f48fc77cac90c4778fa24ec9c57f37d 9e89d1515bc4c371b86f4cb1002fd8e377c1829f 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
GET /jquery-3.2.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://times.altinawi.me
DNT: 1
Connection: keep-alive
Referer: https://times.altinawi.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-10fdd"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 23 Apr 2024 21:58:13 GMT
age: 1379626
x-served-by: cache-lga21963-LGA, cache-hel1410024-HEL
x-cache: HIT, HIT
x-cache-hits: 40, 53571
x-timer: S1713909494.758032,VS0,VE0
vary: Accept-Encoding
content-length: 23856
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js | 104.17.25.14 | 200 OK | 6.2 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js IP104.17.25.14:443
Requested byhttps://times.altinawi.me/skyphigh/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (19015) Hash70d3fda195602fe8b75e0097eed74dde c3b977aa4b8dfb69d651e07015031d385ded964b a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://times.altinawi.me
DNT: 1
Connection: keep-alive
Referer: https://times.altinawi.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Apr 2024 21:58:13 GMT
content-type: application/javascript; charset=utf-8
content-length: 6157
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-4af4"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3354377
expires: Sun, 13 Apr 2025 21:58:13 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LpQX4GIwacEF5mutpOKv9LkUGEO9XuUFyswvy35ATFA8nDOGJ2huF8VBnt3LSv0%2B0p4BCRQ%2FEacITWnbMjna1OkekU9WHrLFYMUSBbR8uNLq%2BS9a36Sgp%2FK8Ly5Xec6NDsDq%2FiBp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87911d2008c456af-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| times.altinawi.me/skyphigh/images/yahoo.png | 104.21.48.32 | 200 OK | 1.0 kB |
URL GET HTTP/3times.altinawi.me/skyphigh/images/yahoo.png IP104.21.48.32:443
Requested byhttps://times.altinawi.me/skyphigh/ CertificateIssuerLet's Encrypt Subjectaltinawi.me FingerprintA4:6F:A2:5A:DC:8D:AB:CA:F1:8A:56:E6:04:E2:22:F4:D0:33:12:F5 ValiditySun, 17 Mar 2024 01:17:38 GMT - Sat, 15 Jun 2024 01:17:37 GMT
File typePNG image data, 65 x 18, 8-bit/color RGBA, non-interlaced Hashe6bcb5dfc5538d11bfe7380337b52dfd c7a726d0f8d7246c127ebabf8a0e036167b64945 f4b303a7ed2422acd6a453103a4de290078485b90a0e214d5216a7411934e2e7
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Dropbox |
GET /skyphigh/images/yahoo.png HTTP/1.1
Host: times.altinawi.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://times.altinawi.me/skyphigh/
Cookie: cf_chl_3=925798cb1aa5be6; cf_clearance=VwhRlpdSZV4XKZEf5CVA75XIGDo4E_hvRulyyv_UYxo-1713909487-1.0.1.1-fMr0hMDdT.Q8GfUWKDrf_AL1c3ZL8YiH.G2VHUuiaYEq4_zXvqd7nBmYU7_CKV..Hi_TbfA3Ld1CqCJ9e2sorA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:58:13 GMT
content-type: image/png
content-length: 1025
last-modified: Tue, 05 Dec 2023 02:40:24 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BaULcxOlEan%2B4d%2FlOETcCFZlMWHarX%2Fi0R4Wxy3ASnB2ZY%2FSFinGc4IxKA67dmHdR%2BWhFe3DKbCUg8yeR4uOn0oU%2Bc5nLtnmO3DDD6lPPEkuVaGo30yVzgUzNOquUEED6EytJg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87911d1e7892b51e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| times.altinawi.me/skyphigh/images/aol.png | 104.21.48.32 | 200 OK | 608 B |
URL GET HTTP/3times.altinawi.me/skyphigh/images/aol.png IP104.21.48.32:443
Requested byhttps://times.altinawi.me/skyphigh/ CertificateIssuerLet's Encrypt Subjectaltinawi.me FingerprintA4:6F:A2:5A:DC:8D:AB:CA:F1:8A:56:E6:04:E2:22:F4:D0:33:12:F5 ValiditySun, 17 Mar 2024 01:17:38 GMT - Sat, 15 Jun 2024 01:17:37 GMT
File typePNG image data, 44 x 18, 8-bit/color RGBA, non-interlaced Hashc34396b80a0d5471185208ffa9ff97ad d47437998746e81a08ee647230d07da8300188bf 38e64fbeb524b7748d30fcf0c0e1a52f2994cbe0c036b3f2c2d1cdcf55219689
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Dropbox |
GET /skyphigh/images/aol.png HTTP/1.1
Host: times.altinawi.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://times.altinawi.me/skyphigh/
Cookie: cf_chl_3=925798cb1aa5be6; cf_clearance=VwhRlpdSZV4XKZEf5CVA75XIGDo4E_hvRulyyv_UYxo-1713909487-1.0.1.1-fMr0hMDdT.Q8GfUWKDrf_AL1c3ZL8YiH.G2VHUuiaYEq4_zXvqd7nBmYU7_CKV..Hi_TbfA3Ld1CqCJ9e2sorA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:58:13 GMT
content-type: image/png
content-length: 608
last-modified: Tue, 05 Dec 2023 02:40:24 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fzuyOylqccpNUIsVx9GU%2Fd2RE9i5K5Ae%2F%2B%2BJArO4FhWB8XmCCaqqvrig7YYgANkJZtEyhdu8gRXv5apjecZb9SjSTaMdnfacYjwW66i0FtU%2FPi0PHAchBuNOvuuaDIa6DfJ86w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87911d1e98a3b51e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| times.altinawi.me/skyphigh/images/logo.png | 104.21.48.32 | 200 OK | 10 kB |
URL GET HTTP/3times.altinawi.me/skyphigh/images/logo.png IP104.21.48.32:443
Requested byhttps://times.altinawi.me/skyphigh/ CertificateIssuerLet's Encrypt Subjectaltinawi.me FingerprintA4:6F:A2:5A:DC:8D:AB:CA:F1:8A:56:E6:04:E2:22:F4:D0:33:12:F5 ValiditySun, 17 Mar 2024 01:17:38 GMT - Sat, 15 Jun 2024 01:17:37 GMT
File typePNG image data, 500 x 98, 8-bit/color RGBA, non-interlaced Hash0bcf55c4e7c4e4dce0263762f87fd3c3 84cda8e61741c4cd7707d2f10dffa9f8047250a9 cab58d8b45a1a683e1e9ee76208fd2b842d6f78f9140c9d438eb35b58453e70a
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Dropbox |
GET /skyphigh/images/logo.png HTTP/1.1
Host: times.altinawi.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://times.altinawi.me/skyphigh/
Cookie: cf_chl_3=925798cb1aa5be6; cf_clearance=VwhRlpdSZV4XKZEf5CVA75XIGDo4E_hvRulyyv_UYxo-1713909487-1.0.1.1-fMr0hMDdT.Q8GfUWKDrf_AL1c3ZL8YiH.G2VHUuiaYEq4_zXvqd7nBmYU7_CKV..Hi_TbfA3Ld1CqCJ9e2sorA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:58:13 GMT
content-type: image/png
content-length: 10308
last-modified: Tue, 05 Dec 2023 02:40:24 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=poqKTaTTxg64gDtvtTmM3GXr%2Bt05u9%2BLkVO%2BWtyDl2zHXH5WunELkvrIAqWhGaJTwByuA2lAOsDa8O3CRaYju2ukLYFBu3Qf9JtwI0Unom9qwznMsYlPdhS8as7OpTcMB%2Fb2uQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87911d1e788db51e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| times.altinawi.me/skyphigh/images/left.png | 104.21.48.32 | 200 OK | 389 kB |
URL GET HTTP/3times.altinawi.me/skyphigh/images/left.png IP104.21.48.32:443
Requested byhttps://times.altinawi.me/skyphigh/ CertificateIssuerLet's Encrypt Subjectaltinawi.me FingerprintA4:6F:A2:5A:DC:8D:AB:CA:F1:8A:56:E6:04:E2:22:F4:D0:33:12:F5 ValiditySun, 17 Mar 2024 01:17:38 GMT - Sat, 15 Jun 2024 01:17:37 GMT
File typePNG image data, 691 x 865, 8-bit/color RGBA, non-interlaced Size389 kB (389423 bytes) Hash2688e31e91360a836f0762f8cd161e3e 47ec17224bd38db7b9db3e837df12744d88a9865 1745ed58b35250da3ee92911c17be14274f3bb34e79e1a3bc8d69501cc63caf9
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Dropbox |
GET /skyphigh/images/left.png HTTP/1.1
Host: times.altinawi.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://times.altinawi.me/skyphigh/
Cookie: cf_chl_3=925798cb1aa5be6; cf_clearance=VwhRlpdSZV4XKZEf5CVA75XIGDo4E_hvRulyyv_UYxo-1713909487-1.0.1.1-fMr0hMDdT.Q8GfUWKDrf_AL1c3ZL8YiH.G2VHUuiaYEq4_zXvqd7nBmYU7_CKV..Hi_TbfA3Ld1CqCJ9e2sorA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:58:13 GMT
content-type: image/png
content-length: 389423
last-modified: Tue, 05 Dec 2023 02:40:24 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LQyzmq7wLtzcJ1XRpbn0wVzmrs2rMVOWMlANbyz%2F8OyeDvrzI%2FED0DcbkqWRNmilGbA4BELBzuh6bv6PO376RMx1Lz0sWp4%2Bb3sp6iCmbOocAOzFkkTvVRiPXIzbx2Kr2tZY8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87911d1e788cb51e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| times.altinawi.me/skyphigh/images/other.png | 104.21.48.32 | 200 OK | 1.8 kB |
URL GET HTTP/3times.altinawi.me/skyphigh/images/other.png IP104.21.48.32:443
Requested byhttps://times.altinawi.me/skyphigh/ CertificateIssuerLet's Encrypt Subjectaltinawi.me FingerprintA4:6F:A2:5A:DC:8D:AB:CA:F1:8A:56:E6:04:E2:22:F4:D0:33:12:F5 ValiditySun, 17 Mar 2024 01:17:38 GMT - Sat, 15 Jun 2024 01:17:37 GMT
File typePNG image data, 29 x 20, 8-bit/color RGBA, non-interlaced Hasha2bd4bcc517e1546247140c1a8be404d 63207b7abf46e980b8cb38dfb51421288b715340 79f1125dcdb1f9194d515a1da5fcd62db3cd89e4d50c5aa29fb7e10a293ac127
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Dropbox |
GET /skyphigh/images/other.png HTTP/1.1
Host: times.altinawi.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://times.altinawi.me/skyphigh/
Cookie: cf_chl_3=925798cb1aa5be6; cf_clearance=VwhRlpdSZV4XKZEf5CVA75XIGDo4E_hvRulyyv_UYxo-1713909487-1.0.1.1-fMr0hMDdT.Q8GfUWKDrf_AL1c3ZL8YiH.G2VHUuiaYEq4_zXvqd7nBmYU7_CKV..Hi_TbfA3Ld1CqCJ9e2sorA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:58:13 GMT
content-type: image/png
content-length: 1775
last-modified: Tue, 05 Dec 2023 02:40:24 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f%2B%2B0LZCej9r3ysQzEP9byRPViGpq7RtUIS%2Bb1m12uc%2BPg9t3Mj0GkaPx7MEiFLg10uJRxCTnBtYWuwbia2Kp22es0INCUr3dZJ65O9GZDqail54LU38JaBszcDXMpw7WjGu%2FAw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87911d1e98a8b51e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| times.altinawi.me/skyphigh/images/gmail.png | 104.21.48.32 | 200 OK | 67 kB |
URL GET HTTP/3times.altinawi.me/skyphigh/images/gmail.png IP104.21.48.32:443
Requested byhttps://times.altinawi.me/skyphigh/ CertificateIssuerLet's Encrypt Subjectaltinawi.me FingerprintA4:6F:A2:5A:DC:8D:AB:CA:F1:8A:56:E6:04:E2:22:F4:D0:33:12:F5 ValiditySun, 17 Mar 2024 01:17:38 GMT - Sat, 15 Jun 2024 01:17:37 GMT
File typePNG image data, 1280 x 1280, 8-bit/color RGBA, non-interlaced Hashdce2f2b0e50cb1dbb0246d152791cb46 d0a69c159304edc08db005163e7a0daf5a1e98a6 acf087c1757f08b0cfd53d59066544d7ef0bfcc50999e77c5813739cd9dc1479
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Dropbox |
GET /skyphigh/images/gmail.png HTTP/1.1
Host: times.altinawi.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://times.altinawi.me/skyphigh/
Cookie: cf_chl_3=925798cb1aa5be6; cf_clearance=VwhRlpdSZV4XKZEf5CVA75XIGDo4E_hvRulyyv_UYxo-1713909487-1.0.1.1-fMr0hMDdT.Q8GfUWKDrf_AL1c3ZL8YiH.G2VHUuiaYEq4_zXvqd7nBmYU7_CKV..Hi_TbfA3Ld1CqCJ9e2sorA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:58:13 GMT
content-type: image/png
content-length: 66743
last-modified: Tue, 05 Dec 2023 02:40:24 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wWrwLhGSj1RAOiuZDYeRGl88jYz7YeH6lsEp8I99M2js0jHRPEU4A3LWJT%2BARcTd%2BfHLsFhbtRyW5mVwN3R7MWTBt8E3h9gZCSco4Gjg8P%2Bl1WU5t5aH7Sqa9Yq34W4Oo9Xbew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87911d1e98a9b51e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| times.altinawi.me/skyphigh/ | 104.21.48.32 | 301 Moved Permanently | 36 kB |
URL User Request GET HTTP/1.1times.altinawi.me/skyphigh/ IP104.21.48.32:80
File typeHTML document, Unicode text, UTF-8 text, with very long lines (1125), with CRLF line terminators Hash80c7371dbf3cbd66e880a5107b0598a4 f50f2397b9110af4d54bb1ea524bfd8c830fdebe aa45a7bd623850e84ba77d9cee9d6866cca1e8deda767f3785db272b8a56c689
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Dropbox | urlquery | phishing | Phishing - Generic phishing |
POST /skyphigh/ HTTP/1.1
Host: times.altinawi.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://times.altinawi.me/skyphigh/?__cf_chl_tk=ku8uT0J0YXN_AC43GrgPgwClDGQYcarZOx_HwavPNdE-1713909487-0.0.1.1-1493
Content-Type: application/x-www-form-urlencoded
Content-Length: 4284
Origin: https://times.altinawi.me
DNT: 1
Connection: keep-alive
Cookie: cf_chl_3=925798cb1aa5be6
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:58:13 GMT
content-type: text/html
set-cookie: cf_chl_3=; path=/; expires=Thu, Jan 01 1970 00:00:00 UTC; domain=.altinawi.me; Secure
cf_clearance=VwhRlpdSZV4XKZEf5CVA75XIGDo4E_hvRulyyv_UYxo-1713909487-1.0.1.1-fMr0hMDdT.Q8GfUWKDrf_AL1c3ZL8YiH.G2VHUuiaYEq4_zXvqd7nBmYU7_CKV..Hi_TbfA3Ld1CqCJ9e2sorA; path=/; expires=Wed, 23-Apr-25 21:58:13 GMT; domain=.altinawi.me; HttpOnly; Secure; SameSite=None
last-modified: Tue, 05 Dec 2023 02:40:22 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d1S%2F7AObHhUO7yAx1OonpyzY99PhlWixQFp%2FW8QmF0gjT7kp7b%2BBQ9SBgOMGMbK1U2RWrfuF88%2FVcmSBU0Fh5ih50DLVP7JN9rUR2dqRep2w6eWf2bU3vNpZrkQKr%2FB2RQL%2Bxg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87911d1b6e47b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| times.altinawi.me/cdn-cgi/challenge-platform/scripts/jsd/main.js | 104.21.48.32 | 302 Found | 0 B |
URL GET HTTP/3times.altinawi.me/cdn-cgi/challenge-platform/scripts/jsd/main.js IP104.21.48.32:443
Requested byhttps://times.altinawi.me/skyphigh/ CertificateIssuerLet's Encrypt Subjectaltinawi.me FingerprintA4:6F:A2:5A:DC:8D:AB:CA:F1:8A:56:E6:04:E2:22:F4:D0:33:12:F5 ValiditySun, 17 Mar 2024 01:17:38 GMT - Sat, 15 Jun 2024 01:17:37 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Dropbox |
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: times.altinawi.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: cf_chl_3=925798cb1aa5be6; cf_clearance=VwhRlpdSZV4XKZEf5CVA75XIGDo4E_hvRulyyv_UYxo-1713909487-1.0.1.1-fMr0hMDdT.Q8GfUWKDrf_AL1c3ZL8YiH.G2VHUuiaYEq4_zXvqd7nBmYU7_CKV..Hi_TbfA3Ld1CqCJ9e2sorA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Tue, 23 Apr 2024 21:58:14 GMT
content-length: 0
cache-control: max-age=300, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rt4XW2B2PTkBQGsB%2FCBC4LO%2BxsDI9oOJAvDjeUtAhQLvWK14mnREcpH1%2BXa%2FJLo8uhvjqN6uiloz%2Bau%2FOLNlj6YqtxJtJg9R4fOh2EK%2FIS4mZgec1qGk5gPDZIy8ehQ972bqbg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87911d21bad7b51e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| times.altinawi.me/cdn-cgi/challenge-platform/h/b/jsd/r/87911d1b6e47b51e | 104.21.48.32 | 200 OK | 0 B |
URL POST HTTP/3times.altinawi.me/cdn-cgi/challenge-platform/h/b/jsd/r/87911d1b6e47b51e IP104.21.48.32:443
Requested byhttps://times.altinawi.me/skyphigh/ CertificateIssuerLet's Encrypt Subjectaltinawi.me FingerprintA4:6F:A2:5A:DC:8D:AB:CA:F1:8A:56:E6:04:E2:22:F4:D0:33:12:F5 ValiditySun, 17 Mar 2024 01:17:38 GMT - Sat, 15 Jun 2024 01:17:37 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Dropbox |
POST /cdn-cgi/challenge-platform/h/b/jsd/r/87911d1b6e47b51e HTTP/1.1
Host: times.altinawi.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12155
Origin: https://times.altinawi.me
DNT: 1
Connection: keep-alive
Referer: https://times.altinawi.me/skyphigh/
Cookie: cf_chl_3=925798cb1aa5be6; cf_clearance=VwhRlpdSZV4XKZEf5CVA75XIGDo4E_hvRulyyv_UYxo-1713909487-1.0.1.1-fMr0hMDdT.Q8GfUWKDrf_AL1c3ZL8YiH.G2VHUuiaYEq4_zXvqd7nBmYU7_CKV..Hi_TbfA3Ld1CqCJ9e2sorA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:58:14 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=4tGv8pp58TSt4f4lRPxUcA1TF3ChTmKCgAb_YO6DNcw-1713909494-1.0.1.1-0Grkw2LaxFtaQdDpq9n7mOz0VfKuLZW1O.a2_YZHH0CPAFBnrpMfqaZ5OmdzOmmc7oj21KCP8Gph81FRWvjN7w; path=/; expires=Wed, 23-Apr-25 21:58:14 GMT; domain=.altinawi.me; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kASUU8Av5b%2BWUNBZ%2BpDKBdXdwH%2BbBZKQuggNh1lJuvLMpkPWrzIlBv1V7wbjqfVUhy0Ladg5BBQhPoXEBDAcw0148mWHj%2BOeExkSdx%2Bf1eeVzVL1PVpssCczec9zuYnY3sYWvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87911d22bbbbb51e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| times.altinawi.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js | 104.21.48.32 | 200 OK | 192 kB |
URL GET HTTP/3times.altinawi.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP104.21.48.32:443
Requested byhttps://times.altinawi.me/skyphigh/ CertificateIssuerLet's Encrypt Subjectaltinawi.me FingerprintA4:6F:A2:5A:DC:8D:AB:CA:F1:8A:56:E6:04:E2:22:F4:D0:33:12:F5 ValiditySun, 17 Mar 2024 01:17:38 GMT - Sat, 15 Jun 2024 01:17:37 GMT
File typegzip compressed data, from Unix Size192 kB (191659 bytes) Hasheb5c1d80ff6e705218b3fbd122840448 23c56f3605f9733568b9743ffabd69b3b3913bea a0a892a6bc114683ee39ef35ea3af8c2289985b47ddd5d0ae342d715fc3dd587
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Dropbox |
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: times.altinawi.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://times.altinawi.me/skyphigh/
Cookie: cf_chl_3=925798cb1aa5be6; cf_clearance=VwhRlpdSZV4XKZEf5CVA75XIGDo4E_hvRulyyv_UYxo-1713909487-1.0.1.1-fMr0hMDdT.Q8GfUWKDrf_AL1c3ZL8YiH.G2VHUuiaYEq4_zXvqd7nBmYU7_CKV..Hi_TbfA3Ld1CqCJ9e2sorA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:58:13 GMT
content-type: application/javascript
last-modified: Fri, 19 Apr 2024 20:54:07 GMT
etag: W/"6622d9ef-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E7iEFYCF2w3OSAAKQ3oaWh7fUwgp8jSUVOL%2FvIt%2F0hUHwupzPt4wtf%2BRVA8LI3d6GxiKPvGmnv4dMP1HJ8OWJTtg6rksxXvDLyvG9BNKTCk9EXKaZXI1U6nuQtWsvm%2B0u%2B63Vg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87911d1ff995b51e-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 25 Apr 2024 21:58:13 GMT
cache-control: max-age=172800, public
content-encoding: gzip
|
|
| maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js | 104.18.10.207 | 200 OK | 22 kB |
URL GET HTTP/2maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js IP104.18.10.207:443
Requested byhttps://times.altinawi.me/skyphigh/ CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeJavaScript source, ASCII text, with very long lines (48664) Hash14d449eb8876fa55e1ef3c2cc52b0c17 a9545831803b1359cfeed47e3b4d6bae68e40e99 e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://times.altinawi.me
DNT: 1
Connection: keep-alive
Referer: https://times.altinawi.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 23 Apr 2024 21:58:13 GMT
content-type: application/javascript; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 03/18/2024 12:46:36
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1048
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 7a9e186511cea154561befcb17780449
cdn-cache: HIT
cf-cache-status: HIT
age: 481967
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87911d1ffef8b521-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| times.altinawi.me/favicon.ico | 104.21.48.32 | 404 Not Found | 315 B |
URL GET HTTP/3times.altinawi.me/favicon.ico IP104.21.48.32:443
Requested byhttps://times.altinawi.me/skyphigh/ CertificateIssuerLet's Encrypt Subjectaltinawi.me FingerprintA4:6F:A2:5A:DC:8D:AB:CA:F1:8A:56:E6:04:E2:22:F4:D0:33:12:F5 ValiditySun, 17 Mar 2024 01:17:38 GMT - Sat, 15 Jun 2024 01:17:37 GMT
File typeHTML document, ASCII text, with very long lines (326), with no line terminators Hash97ef40509b73c101d6815511c3adf98d a4242322497ea630ea72e26ba297a95a2bbe5ccd 322c1f60d9d454c801f7cff3173ef16b61cf9963a64e09a4d9e21d36218b56be
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Dropbox |
GET /favicon.ico HTTP/1.1
Host: times.altinawi.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://times.altinawi.me/skyphigh/
Cookie: cf_chl_3=925798cb1aa5be6; cf_clearance=VwhRlpdSZV4XKZEf5CVA75XIGDo4E_hvRulyyv_UYxo-1713909487-1.0.1.1-fMr0hMDdT.Q8GfUWKDrf_AL1c3ZL8YiH.G2VHUuiaYEq4_zXvqd7nBmYU7_CKV..Hi_TbfA3Ld1CqCJ9e2sorA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Tue, 23 Apr 2024 21:58:14 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: HIT
age: 7
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=27JjlDja9YP4SWgpkUnGbQNCBxqqunTsVUoXGYs9nwHk0f1oWKnf2cuNQhHPElVJtEYBqCxHnhP9RPCQ9OkGdRSOfsgf0zD3qXAnurERXWYoC2JJZriZjKcSCiUWWvZ3pMm%2FHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87911d224b55b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| times.altinawi.me/skyphigh/images/outlook.svg | 104.21.48.32 | 200 OK | 1.4 kB |
URL GET HTTP/3times.altinawi.me/skyphigh/images/outlook.svg IP104.21.48.32:443
Requested byhttps://times.altinawi.me/skyphigh/ CertificateIssuerLet's Encrypt Subjectaltinawi.me FingerprintA4:6F:A2:5A:DC:8D:AB:CA:F1:8A:56:E6:04:E2:22:F4:D0:33:12:F5 ValiditySun, 17 Mar 2024 01:17:38 GMT - Sat, 15 Jun 2024 01:17:37 GMT
File typeSVG Scalable Vector Graphics image Hash498dcce601ec63371fe4459c0c9fe1f0 c3f64832975834155b5374e0a8d1dc7aaa70614e d18d5154ae4b92243c76f3b6b66f78ad95b1508dcc6ed173937a2ca4f6abe1da
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Dropbox |
GET /skyphigh/images/outlook.svg HTTP/1.1
Host: times.altinawi.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://times.altinawi.me/skyphigh/
Cookie: cf_chl_3=925798cb1aa5be6; cf_clearance=VwhRlpdSZV4XKZEf5CVA75XIGDo4E_hvRulyyv_UYxo-1713909487-1.0.1.1-fMr0hMDdT.Q8GfUWKDrf_AL1c3ZL8YiH.G2VHUuiaYEq4_zXvqd7nBmYU7_CKV..Hi_TbfA3Ld1CqCJ9e2sorA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:58:13 GMT
content-type: image/svg+xml
last-modified: Tue, 05 Dec 2023 02:40:24 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ORzM4K4vKNhrBLrczUNHVlwGqm5%2Fp0lhm8qiDjfGi53Q4BhrVctrt7BmHgy3kYj5fXGT5%2BT91s4MrCtWtTcbpGWmtSSOlhUrLDqz5xnBGcGDWi%2B25ngknkPgRLYq1GX2lcGKFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87911d1e8895b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| times.altinawi.me/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js | 104.21.48.32 | 200 OK | 7.9 kB |
URL GET HTTP/3times.altinawi.me/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js IP104.21.48.32:443
Requested byhttps://times.altinawi.me/skyphigh/ CertificateIssuerLet's Encrypt Subjectaltinawi.me FingerprintA4:6F:A2:5A:DC:8D:AB:CA:F1:8A:56:E6:04:E2:22:F4:D0:33:12:F5 ValiditySun, 17 Mar 2024 01:17:38 GMT - Sat, 15 Jun 2024 01:17:37 GMT
File typeJavaScript source, ASCII text, with very long lines (7883), with no line terminators Hash6432d725a5d0d50af225dc051a01af1a 9df1dc3ea392b65eb2db46d4d725c4ad459f65b3 1943963860c828f86e7d4c08384bbea7e580bfbb81b37053d35db9aff9addd7e
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Dropbox |
GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js HTTP/1.1
Host: times.altinawi.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: cf_chl_3=925798cb1aa5be6; cf_clearance=VwhRlpdSZV4XKZEf5CVA75XIGDo4E_hvRulyyv_UYxo-1713909487-1.0.1.1-fMr0hMDdT.Q8GfUWKDrf_AL1c3ZL8YiH.G2VHUuiaYEq4_zXvqd7nBmYU7_CKV..Hi_TbfA3Ld1CqCJ9e2sorA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:58:14 GMT
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-content-type-options: nosniff
vary: accept-encoding
cache-control: max-age=14400, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PMiD74S9mZum5OcelOC%2FGYI7RdVrOIh%2FavIik2auJ78BuUQMTluHGDErlEa%2FniI0mGa%2FvMWilETlYzo5CcL5OXylLoiziDxaEoCCZ3x5Jys%2FD%2B%2Fag3lXCaVVopF4wxVLA5%2BmLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87911d21cae4b51e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| | 104.26.9.129 | 302 Found | 17 kB |
URL User Request GET HTTP/2IP104.26.9.129:443
CertificateIssuerGoogle Trust Services LLC Subjectshorturl.at FingerprintE6:B3:B9:89:FA:01:F0:B9:4C:C8:BE:5C:9B:A5:92:98:5A:14:A9:9A ValidityWed, 10 Apr 2024 11:26:54 GMT - Tue, 09 Jul 2024 11:26:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /chsV5 HTTP/1.1
Host: www.shorturl.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Tue, 23 Apr 2024 21:58:06 GMT
content-type: text/html; charset=UTF-8
location: https://times.altinawi.me/skyphigh/
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1%2B3i7b0ZYHyxeHlA6e98%2FRPEa5yJnAU7pSzAI8ALFinslPENwJiW3UB6rwvGEFA2eNLkS61g13mLs5i6LH2yzvrScv3Ses1MhJGW55LiVRWnvS606SyGdASWG0xt1i38yg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87911cf33f69b4f7-OSL
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Archivo+Narrow&display=swap | 142.250.74.170 | 200 OK | 1.3 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Archivo+Narrow&display=swap IP142.250.74.170:443
Requested byhttps://times.altinawi.me/skyphigh/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeASCII text, with very long lines (1320), with no line terminators Hashe36325252bfeb23fa9155394b983a4c9 3a239d2a0c431d689f4c90af0be0b93b139b927f bdcdb817ce32418726c3a3f01dc27daa4a4c4b77bb30e5acebda35b2c967f31d
GET /css?family=Archivo+Narrow&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://times.altinawi.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 23 Apr 2024 21:58:13 GMT
date: Tue, 23 Apr 2024 21:58:13 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| times.altinawi.me/skyphigh/images/search.svg | 104.21.48.32 | 200 OK | 1.6 kB |
URL GET HTTP/3times.altinawi.me/skyphigh/images/search.svg IP104.21.48.32:443
Requested byhttps://times.altinawi.me/skyphigh/ CertificateIssuerLet's Encrypt Subjectaltinawi.me FingerprintA4:6F:A2:5A:DC:8D:AB:CA:F1:8A:56:E6:04:E2:22:F4:D0:33:12:F5 ValiditySun, 17 Mar 2024 01:17:38 GMT - Sat, 15 Jun 2024 01:17:37 GMT
File typeSVG Scalable Vector Graphics image Hash80b943e655c4a45874b0215e63f18580 9c906fa3809ba1cbe80675ee32d895a23063fa6e 950708e7e6c0f6400397c2e681ee53cf4df00154bdc754706c30a6691234902c
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Dropbox |
GET /skyphigh/images/search.svg HTTP/1.1
Host: times.altinawi.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://times.altinawi.me/skyphigh/
Cookie: cf_chl_3=925798cb1aa5be6; cf_clearance=VwhRlpdSZV4XKZEf5CVA75XIGDo4E_hvRulyyv_UYxo-1713909487-1.0.1.1-fMr0hMDdT.Q8GfUWKDrf_AL1c3ZL8YiH.G2VHUuiaYEq4_zXvqd7nBmYU7_CKV..Hi_TbfA3Ld1CqCJ9e2sorA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:58:13 GMT
content-type: image/svg+xml
last-modified: Tue, 05 Dec 2023 02:40:24 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4JXOeTpA6MV%2FaHkj2UaXqOsE%2Fbo3x6jOcPSfmE1dP9fboP9wPNYuCXeaWUaXhLsA%2Fh62yzBcDXMkz0j%2BFvWWLdnlL6RWvcscTAI%2FL185GCd687B4UzOh2dxFao%2BR79EtfNY3Tw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87911d1e98a4b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js | 104.18.10.207 | 200 OK | 51 kB |
URL GET HTTP/3stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js IP104.18.10.207:443
Requested byhttps://times.altinawi.me/skyphigh/ CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeJavaScript source, ASCII text, with very long lines (50758) Hash67176c242e1bdc20603c878dee836df3 27a71b00383d61ef3c489326b3564d698fc1227c 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://times.altinawi.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:58:13 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-cachedat: 11/15/2021 23:30:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: a35b0179a28ed953258d0fb41376a09c
cdn-cache: HIT
cf-cache-status: HIT
age: 1824094
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87911d202a3ab529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| | 104.26.9.129 | 301 Moved Permanently | 17 kB |
URL User Request GET HTTP/2IP104.26.9.129:443
CertificateIssuerGoogle Trust Services LLC Subjectshorturl.at FingerprintE6:B3:B9:89:FA:01:F0:B9:4C:C8:BE:5C:9B:A5:92:98:5A:14:A9:9A ValidityWed, 10 Apr 2024 11:26:54 GMT - Tue, 09 Jul 2024 11:26:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /chsV5 HTTP/1.1
Host: shorturl.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Tue, 23 Apr 2024 21:58:06 GMT
content-type: text/html; charset=iso-8859-1
location: https://www.shorturl.at/chsV5
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gqqfvJzlBd0hEcxHIxN3EuiocC9gGjzoTKFHWK16SW1fo45JBIF%2BhfD4kYRlWvsmq1VP3fK0UgrOAuAI0m0oxRUlysHUbb%2FT0rMHNfVna8o6BLQlwdSqhVT6%2Bl6D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87911cf20e6eb4f7-OSL
X-Firefox-Spdy: h2
|
|
| maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css | 104.18.10.207 | 200 OK | 145 kB |
URL GET HTTP/2maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css IP104.18.10.207:443
Requested byhttps://times.altinawi.me/skyphigh/ CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeASCII text, with very long lines (65325) Size145 kB (144877 bytes) Hash450fc463b8b1a349df717056fbb3e078 895125a4522a3b10ee7ada06ee6503587cbf95c5 2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
GET /bootstrap/4.0.0/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://times.altinawi.me
DNT: 1
Connection: keep-alive
Referer: https://times.altinawi.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Apr 2024 21:58:13 GMT
content-type: text/css; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"450fc463b8b1a349df717056fbb3e078"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 03/18/2024 12:51:41
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1048
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: a46e681bc45b2dfd69fc7bcdc3378d22
cdn-cache: HIT
cf-cache-status: HIT
age: 481967
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87911d1e9dccb521-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| times.altinawi.me/skyphigh/images/building_plan.jpg | 104.21.48.32 | 200 OK | 191 kB |
URL GET HTTP/3times.altinawi.me/skyphigh/images/building_plan.jpg IP104.21.48.32:443
Requested byhttps://times.altinawi.me/skyphigh/ CertificateIssuerLet's Encrypt Subjectaltinawi.me FingerprintA4:6F:A2:5A:DC:8D:AB:CA:F1:8A:56:E6:04:E2:22:F4:D0:33:12:F5 ValiditySun, 17 Mar 2024 01:17:38 GMT - Sat, 15 Jun 2024 01:17:37 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=853, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 1280x853, components 3 Size191 kB (191004 bytes) Hash13a22a713373017616397bbbea4fb1a7 10e93c1b2028931b050422bb5b456e649a6ef825 2b98fa61b7bc120a6f695dd27ec2de6f34216b17e0fac93b7e39d947175e6132
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Dropbox |
GET /skyphigh/images/building_plan.jpg HTTP/1.1
Host: times.altinawi.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://times.altinawi.me/skyphigh/
Cookie: cf_chl_3=925798cb1aa5be6; cf_clearance=VwhRlpdSZV4XKZEf5CVA75XIGDo4E_hvRulyyv_UYxo-1713909487-1.0.1.1-fMr0hMDdT.Q8GfUWKDrf_AL1c3ZL8YiH.G2VHUuiaYEq4_zXvqd7nBmYU7_CKV..Hi_TbfA3Ld1CqCJ9e2sorA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:58:15 GMT
content-type: image/jpeg
content-length: 191004
last-modified: Tue, 05 Dec 2023 02:40:24 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F1ZMfuP4Hc2l4h5Czv5ABe%2F5gcUNn%2FJL1aCbzO4y3TxDLIn8dNNnmCxUPpw6lPlsQkUgZih%2BnkavmvjUb2RFzGftJVaNFczdF4RLofGOAgneZvL%2B2XZk0oTdag8mJSP8ODGfFg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87911d2059e4b51e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| times.altinawi.me/skyphigh/images/office.svg | 104.21.48.32 | 200 OK | 1.1 kB |
URL GET HTTP/3times.altinawi.me/skyphigh/images/office.svg IP104.21.48.32:443
Requested byhttps://times.altinawi.me/skyphigh/ CertificateIssuerLet's Encrypt Subjectaltinawi.me FingerprintA4:6F:A2:5A:DC:8D:AB:CA:F1:8A:56:E6:04:E2:22:F4:D0:33:12:F5 ValiditySun, 17 Mar 2024 01:17:38 GMT - Sat, 15 Jun 2024 01:17:37 GMT
File typeSVG Scalable Vector Graphics image Hashf3bd1de7aa4dfe0b06f89a85c61144fd 4cdae0d1f528513a018a634cc735219c7e7475c6 7fca9c975c1d64a9ce2f7aae3b3a8971617e81f8fc62624f417035c2320215f2
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Dropbox |
GET /skyphigh/images/office.svg HTTP/1.1
Host: times.altinawi.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://times.altinawi.me/skyphigh/
Cookie: cf_chl_3=925798cb1aa5be6; cf_clearance=VwhRlpdSZV4XKZEf5CVA75XIGDo4E_hvRulyyv_UYxo-1713909487-1.0.1.1-fMr0hMDdT.Q8GfUWKDrf_AL1c3ZL8YiH.G2VHUuiaYEq4_zXvqd7nBmYU7_CKV..Hi_TbfA3Ld1CqCJ9e2sorA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 23 Apr 2024 21:58:13 GMT
content-type: image/svg+xml
last-modified: Tue, 05 Dec 2023 02:40:24 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z6VDrhvsUr91rO%2FvKDhzC0LKU6F9TTCRdJFTWoW%2B2p1TsXGgMDH0xA%2FxmRjxPKBuXj2VVzz2Lkmaa6lbiTOL6wErNW%2F8V8F3ZdyL8mm%2BIVAatdv12Pg6aX6BK7A1pfCmQeTbSg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87911d1e8896b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| use.fontawesome.com/releases/v5.7.0/css/all.css | 104.21.27.152 | 200 OK | 55 kB |
URL GET HTTP/2use.fontawesome.com/releases/v5.7.0/css/all.css IP104.21.27.152:443
Requested byhttps://times.altinawi.me/skyphigh/ CertificateIssuerCloudflare, Inc. Subjectuse.fontawesome.com FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78 ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT
File typeASCII text, with very long lines (54456) Hash251d28bd755f5269a4531df8a81d5664 c0f035b41b23c6e8fab735f618aa3cff0897b4f9 afdc6bf2de981ffd7d370b76f44e7580572f197efbe214b9cfa4005d189d8eae
GET /releases/v5.7.0/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://times.altinawi.me
DNT: 1
Connection: keep-alive
Referer: https://times.altinawi.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Apr 2024 21:58:13 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
etag: W/"251d28bd755f5269a4531df8a81d5664"
last-modified: Fri, 22 Sep 2023 01:45:47 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 481967
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0lXJt%2B5oKO2z0guZQfJk1QARspJtHnmxmbLM%2BmfnXgzIAP11Q7momSq1gn6NopJHp%2B%2BB3KpzVDd%2FlbG3kfRHVvgSYTQQhUfbLgAHldTj%2BQFKLvfCL1zTs5xIgG4Poq8fRLbuMSRz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87911d1e9f8356cc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|