| exchange2013.df.eu/owa/auth/15.0.1497/themes/resources/segoeui-semilight.ttf | 80.67.16.224 | 404 Not Found | 0 B |
URL GET HTTP/1.1exchange2013.df.eu/owa/auth/15.0.1497/themes/resources/segoeui-semilight.ttf IP80.67.16.224:443 ASN#34011 Host Europe GmbH
Requested byhttps://screenrookie.pages.dev/ CertificateIssuerGoDaddy.com, Inc. Subject*.df.eu Fingerprint42:B4:87:37:8A:8E:81:EB:A5:82:29:3C:F9:E8:8A:25:FA:B9:2D:02 ValidityTue, 02 Jan 2024 07:43:38 GMT - Sun, 02 Feb 2025 07:43:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /owa/auth/15.0.1497/themes/resources/segoeui-semilight.ttf HTTP/1.1
Host: exchange2013.df.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://screenrookie.pages.dev/
Origin: https://screenrookie.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
server: Microsoft-IIS/10.0
request-id: ddf43737-dc75-4532-9d94-7ce96e019da2
x-powered-by: ASP.NET
x-sid: 02
date: Thu, 18 Apr 2024 09:42:43 GMT
content-length: 0
|
| exchange2013.df.eu/owa/auth/15.0.1497/themes/resources/segoeui-regular.ttf | 80.67.16.224 | 404 Not Found | 0 B |
URL GET HTTP/1.1exchange2013.df.eu/owa/auth/15.0.1497/themes/resources/segoeui-regular.ttf IP80.67.16.224:443 ASN#34011 Host Europe GmbH
Requested byhttps://screenrookie.pages.dev/ CertificateIssuerGoDaddy.com, Inc. Subject*.df.eu Fingerprint42:B4:87:37:8A:8E:81:EB:A5:82:29:3C:F9:E8:8A:25:FA:B9:2D:02 ValidityTue, 02 Jan 2024 07:43:38 GMT - Sun, 02 Feb 2025 07:43:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /owa/auth/15.0.1497/themes/resources/segoeui-regular.ttf HTTP/1.1
Host: exchange2013.df.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://screenrookie.pages.dev/
Origin: https://screenrookie.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
server: Microsoft-IIS/10.0
request-id: 55e86350-9ac1-44fa-9eef-f4518f7989fe
x-powered-by: ASP.NET
x-sid: 08
date: Thu, 18 Apr 2024 09:42:43 GMT
content-length: 0
|
| exchange2013.df.eu/owa/auth/15.0.1497/themes/resources/favicon.ico | 80.67.16.224 | 404 Not Found | 0 B |
URL GET HTTP/1.1exchange2013.df.eu/owa/auth/15.0.1497/themes/resources/favicon.ico IP80.67.16.224:443 ASN#34011 Host Europe GmbH
Requested byhttps://screenrookie.pages.dev/ CertificateIssuerGoDaddy.com, Inc. Subject*.df.eu Fingerprint42:B4:87:37:8A:8E:81:EB:A5:82:29:3C:F9:E8:8A:25:FA:B9:2D:02 ValidityTue, 02 Jan 2024 07:43:38 GMT - Sun, 02 Feb 2025 07:43:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /owa/auth/15.0.1497/themes/resources/favicon.ico HTTP/1.1
Host: exchange2013.df.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://screenrookie.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
server: Microsoft-IIS/10.0
request-id: fbd7769b-c924-4b95-b154-d564fa0707b5
x-powered-by: ASP.NET
x-sid: 02
date: Thu, 18 Apr 2024 09:42:43 GMT
content-length: 0
|
URL User Request GET HTTP/2IP172.66.45.19:443
CertificateIssuerLet's Encrypt Subjectscreenrookie.pages.dev FingerprintD2:A2:11:9C:82:D7:5A:29:82:28:88:0B:DF:44:44:7B:E1:A9:16:93 ValiditySun, 24 Mar 2024 03:42:12 GMT - Sat, 22 Jun 2024 03:42:11 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (7864), with CRLF line terminators Hashb5ba074b30df0e99ba20382c1b3f80ef 0f6e4c2e76efdfa7e65f37594f33b6a62b0b969d 55e979c2fa0477e837ad51145a67d24e2495fe70afa5b55aedb251d209d3ac89
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft | OpenPhish | phishing | Outlook |
GET / HTTP/1.1
Host: screenrookie.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 09:42:43 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"486829272cfaef646827ebf2479b263c"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R3IJlQlyKZVvxsJCQT0wIYhVvMAPBLrelSQXvU8uRbfBAVO%2F2HqYaJNj1fLb0sn97P158krfnqyk6J%2Bi4IJRlw12g%2FPmSNm81DzD86aKsu0McQD3lTjrHG3lRuc1JOscNMxyTdg4jong"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8763b4d8ad0f56ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
| api.bigdatacloud.net/data/client-ip | 13.248.207.97 | 200 OK | 52 B |
URL GET HTTP/2api.bigdatacloud.net/data/client-ip IP13.248.207.97:443
Requested byhttps://screenrookie.pages.dev/ CertificateIssuerAmazon Subject*.bigdatacloud.net FingerprintCC:4B:85:95:A2:50:98:D4:22:87:A0:39:E7:CC:17:6B:F5:8A:C1:7A ValidityMon, 01 Apr 2024 00:00:00 GMT - Tue, 29 Apr 2025 23:59:59 GMT
File typeASCII text, with no line terminators Hash80575e64f543dc2b3afae87ce6e0659a 50cd17971628a8dac1602225afbe919efce34f73 b536608b4ab277f482102d5f2802257c54d9d69ee23c30fca179283aa559c6df
GET /data/client-ip HTTP/1.1
Host: api.bigdatacloud.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://screenrookie.pages.dev/
Origin: https://screenrookie.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 09:42:44 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-response-time-ms: 0.09
X-Firefox-Spdy: h2
|