Report - minty-frr.lomjepdkrzh.workers.dev/

Report Overview

Submitted URL
minty-frr.lomjepdkrzh.workers.dev/
IP
172.67.144.172
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-18 06:03:36
Access
public
Website Title
AT&T - Login
Final URL
minty-frr.lomjepdkrzh.workers.dev/
Tags
phishing suspicious
urlquery detections
Phishing - Generic phishing
Suspicious - Suspicious Javascript code

Detections

urlquery
11
Network Intrusion Detection
0
Threat Detection Systems
16

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
code.jquery.com	634	2005-12-10	2012-05-21	2024-04-17	898 B	112 kB	151.101.130.137
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-04-17	448 B	31 kB	216.58.207.234
api.ipify.org	3267	2014-01-05	2014-10-06	2024-04-17	508 B	267 B	104.26.13.205
minty-frr.lomjepdkrzh.workers.dev	unknown	2019-02-08	2022-04-15	2024-04-18	1.9 kB	78 kB	172.67.144.172

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-17	medium	minty-frr.lomjepdkrzh.workers.dev/	AT&T Inc.
2024-04-17	medium	minty-frr.lomjepdkrzh.workers.dev/	AT&T Inc.
2024-04-17	medium	minty-frr.lomjepdkrzh.workers.dev/	AT&T Inc.
2024-04-17	medium	minty-frr.lomjepdkrzh.workers.dev/	AT&T Inc.

PhishTank

Scan Date	Severity	Indicator	Alert
2024-04-03	medium	minty-frr.lomjepdkrzh.workers.dev/favicon.ico	AT&T
2024-04-03	medium	minty-frr.lomjepdkrzh.workers.dev/style.css	AT&T
2024-04-03	medium	minty-frr.lomjepdkrzh.workers.dev/style.css	AT&T
2024-04-03	medium	minty-frr.lomjepdkrzh.workers.dev/	AT&T

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (11)

	URL	Size	First Seen	Last Seen
	ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js	86 kB	2023-03-07	2024-05-01
Pretty URL ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js IP 216.58.207.234 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-01 10:17:29 Times Seen386867 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

	code.jquery.com/jquery-3.1.1.min.js	87 kB	2023-03-07	2024-05-01
Pretty URL code.jquery.com/jquery-3.1.1.min.js IP 151.101.130.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-05-01 09:40:55 Times Seen265850 Hash e071abda8fe61194711cfc2ab99fe104 f647a6d37dc4ca055ced3cf64bbc1f490070acba 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf Loading...

	code.jquery.com/jquery-3.3.1.js	272 kB	2023-03-07	2024-05-01
Pretty URL code.jquery.com/jquery-3.3.1.js IP 151.101.130.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-05-01 08:10:20 Times Seen59525 Hash 6a07da9fae934baf3f749e876bbfdd96 46a436eba01c79acdb225757ed80bf54bad6416b d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad Loading...

	unknown	371 B	2023-04-20	2024-04-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-20 08:57:38 Last Seen2024-04-18 08:03:37 Times Seen29 Hash a0ff002cabc4758e0f97ef5e6ee5edca e5e8e7541bd75d25cdba18d5c822a6aec6dabd9a 227e57d59d9ead0e434261f539ac9cac35d79ce694bb946f615b400f3f2d7bd5 Loading...

	unknown	1.1 kB	2024-04-03	2024-04-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-03 19:45:52 Last Seen2024-04-18 08:03:37 Times Seen2 Hash 1807f70a46721e87a79ed216ff38f070 5d03fc20103bc88ecb6f5212b726a52bf58671d0 08349b6a1c9ddf848869a81ed630a91dd19cc7f4e96016fa819175043fd76852 Loading...

	minty-frr.lomjepdkrzh.workers.dev/	20 kB	2024-04-03	2024-04-18
Pretty URL minty-frr.lomjepdkrzh.workers.dev/ IP 172.67.144.172 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-03 19:45:52 Last Seen2024-04-18 08:03:37 Times Seen2 Hash 2466aa5cb75b7f103354f9fd3f255a8b 02b9757514ed1b3c674a3365332f7ee948b1e2bb 997deca8630f447c71e0a9fa0b6c7ddf1568c526e8b80304a76cf4160e67e1c0 Loading...

	unknown	16 kB	2024-04-03	2024-04-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-03 19:45:52 Last Seen2024-04-18 08:03:37 Times Seen2 Hash 10ec3e93f3fe7969826465c45b374578 ec777218f7e23f93597bbc7b5c891a1c5e21f11a 30d4fda7c06dbe791b90a75c6ede0c112cc3d9af96aef5b69b13eeac8500b3db Loading...

	unknown	11 kB	2024-04-03	2024-04-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-03 19:45:52 Last Seen2024-04-18 08:03:37 Times Seen2 Hash 77ca488fd8215e74128d9a454384a3a2 ada4f8f02da99152129ab02194c22f850f10270e 4c7f7716ca9fb85d07db887da853c08a55596d2ac1f0cb32ff16d11a28ef6334 Loading...

		Size	First Seen	Last Seen
	#1 Write - 3386c3f76d9b085b3f3f9e50f2c3be37	16 kB	2024-04-03	2024-04-18
Pretty Observations First Seen2024-04-03 19:45:52 Last Seen2024-04-18 08:03:37 Times Seen2 Hash 3386c3f76d9b085b3f3f9e50f2c3be37 03fed1e825d81b3d43f33f471320d599fa1ef5fd 63fe95dafcee2f6aabee39c36a30e48b4e0b29fd55678021e794739bd1e311cf Loading...

	#2 Write - c7387dba5f2c19fe4bf09c306e9ed585	11 kB	2024-04-03	2024-04-18
Pretty Observations First Seen2024-04-03 19:45:52 Last Seen2024-04-18 08:03:37 Times Seen2 Hash c7387dba5f2c19fe4bf09c306e9ed585 ad077bd957376c36e007eb33a10f41f6125d11a2 cb22db40227c28be205a0a876370aed6b3523fcf79228447dd3acb5621239641 Loading...

	#3 Write - 7051201a4ffeeb5c7dae419164f61c6c	7.0 kB	2024-04-03	2024-04-18
Pretty Observations First Seen2024-04-03 19:45:52 Last Seen2024-04-18 08:03:37 Times Seen2 Hash 7051201a4ffeeb5c7dae419164f61c6c 722c49317b8d72b5f5c41b9ec25e95c87b3912d9 e7b02bc411fce5a0979a075bf5d9907a021e7c2f8f1d60ca301251bc5eb79c7c Loading...

HTTP Transactions (8)

URL IP Response Size

code.jquery.com/jquery-3.1.1.min.js

151.101.130.137

200 OK

30 kB

URL GET HTTP/2
code.jquery.com/jquery-3.1.1.min.js
IP
151.101.130.137:443
ASN
#54113 FASTLY

Requested by
https://minty-frr.lomjepdkrzh.workers.dev/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32030)
Size
30 kB (30070 bytes)
Hash
e071abda8fe61194711cfc2ab99fe104
f647a6d37dc4ca055ced3cf64bbc1f490070acba
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

HTTP Headers

GET /jquery-3.1.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://minty-frr.lomjepdkrzh.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-152b5"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 18 Apr 2024 06:03:11 GMT
age: 18619592
x-served-by: cache-lga21947-LGA, cache-hel1410022-HEL
x-cache: HIT, HIT
x-cache-hits: 118, 10111
x-timer: S1713420191.334103,VS0,VE0
vary: Accept-Encoding
content-length: 30070
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.3.1.js

151.101.130.137

200 OK

80 kB

URL GET HTTP/2
code.jquery.com/jquery-3.3.1.js
IP
151.101.130.137:443
ASN
#54113 FASTLY

Requested by
https://minty-frr.lomjepdkrzh.workers.dev/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
80 kB (80268 bytes)
Hash
6a07da9fae934baf3f749e876bbfdd96
46a436eba01c79acdb225757ed80bf54bad6416b
d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad

HTTP Headers

GET /jquery-3.3.1.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://minty-frr.lomjepdkrzh.workers.dev
DNT: 1
Connection: keep-alive
Referer: https://minty-frr.lomjepdkrzh.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-42587"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 18 Apr 2024 06:03:11 GMT
age: 18619540
x-served-by: cache-lga21980-LGA, cache-hel1410028-HEL
x-cache: HIT, HIT
x-cache-hits: 99, 28173
x-timer: S1713420191.335658,VS0,VE0
vary: Accept-Encoding
content-length: 80268
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

216.58.207.234

200 OK

30 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
IP
216.58.207.234:443
ASN
#15169 GOOGLE

Requested by
https://minty-frr.lomjepdkrzh.workers.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
JavaScript source, ASCII text, with very long lines (32065)
Size
30 kB (30028 bytes)
Hash
2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

HTTP Headers

GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://minty-frr.lomjepdkrzh.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 13 Apr 2024 13:58:13 GMT
expires: Sun, 13 Apr 2025 13:58:13 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 403498
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

api.ipify.org/?format=json

104.26.13.205

200 OK

21 B

URL GET HTTP/2
api.ipify.org/?format=json
IP
104.26.13.205:443
ASN
#13335 CLOUDFLARENET

Requested by
https://minty-frr.lomjepdkrzh.workers.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectipify.org
FingerprintC8:1A:05:47:C5:73:C6:CE:DF:1D:A6:DE:00:11:A9:9A:8C:DB:EF:A7
ValidityThu, 21 Mar 2024 19:56:02 GMT - Wed, 19 Jun 2024 19:56:01 GMT

File type
JSON text data
Size
21 B (21 bytes)
Hash
7d69c71af0f191e9a72db6153f8018d1
f67c5f2887bc05654b47f76e9621e53a4091aed1
5bac6e06cf0e1ad38c55f9f9d12122272bf4b8157877629fe68cd33fe2133c65

HTTP Headers

GET /?format=json HTTP/1.1
Host: api.ipify.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://minty-frr.lomjepdkrzh.workers.dev
DNT: 1
Connection: keep-alive
Referer: https://minty-frr.lomjepdkrzh.workers.dev/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:03:11 GMT
content-type: application/json
content-length: 21
access-control-allow-origin: *
vary: Origin
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 876273455834569c-OSL
X-Firefox-Spdy: h2

minty-frr.lomjepdkrzh.workers.dev/favicon.ico

172.67.144.172

200 OK

15 kB

URL GET HTTP/3
minty-frr.lomjepdkrzh.workers.dev/favicon.ico
IP
172.67.144.172:443
ASN
#13335 CLOUDFLARENET

Requested by
https://minty-frr.lomjepdkrzh.workers.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectlomjepdkrzh.workers.dev
FingerprintEA:AB:6F:78:F5:DA:66:8E:73:54:A3:A5:10:45:37:9C:C3:33:D5:A1
ValiditySun, 03 Mar 2024 02:21:59 GMT - Sat, 01 Jun 2024 02:21:58 GMT

File type
HTML document, ASCII text, with very long lines (19895)
Size
15 kB (15391 bytes)
Hash
dd2d1681212d402aab7077df3743abe9
b224ba12bc5682ff1d1eded5948601d272305f46
b61d54f18261a537e30b9c16862497f68f3bb0967a18fd7ed4201d4e5025e323

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	AT&T Inc.
PhishTank	phishing	AT&T

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: minty-frr.lomjepdkrzh.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://minty-frr.lomjepdkrzh.workers.dev/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:03:11 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3HBgmAkiRQIhc84KaATlpr6yODJafs3MboO3rZLoVrszTdDA8KovCEzeVFCXrre%2BaBXtfSjJj6LK5U6Lo8WMDR2mu%2FynhZU37w%2BoBnDe18SkZqIsGi2ygQQlCZVS%2BIPAoiYruhZuo8%2FKtP8u1ma4P48scmg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876273460a7b5693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

minty-frr.lomjepdkrzh.workers.dev/style.css

172.67.144.172

200 OK

20 kB

URL GET HTTP/3
minty-frr.lomjepdkrzh.workers.dev/style.css
IP
172.67.144.172:443
ASN
#13335 CLOUDFLARENET

Requested by
https://minty-frr.lomjepdkrzh.workers.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectlomjepdkrzh.workers.dev
FingerprintEA:AB:6F:78:F5:DA:66:8E:73:54:A3:A5:10:45:37:9C:C3:33:D5:A1
ValiditySun, 03 Mar 2024 02:21:59 GMT - Sat, 01 Jun 2024 02:21:58 GMT

File type
HTML document, ASCII text, with very long lines (19895)
Size
20 kB (19945 bytes)
Hash
dd2d1681212d402aab7077df3743abe9
b224ba12bc5682ff1d1eded5948601d272305f46
b61d54f18261a537e30b9c16862497f68f3bb0967a18fd7ed4201d4e5025e323

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	AT&T Inc.
PhishTank	phishing	AT&T

HTTP Headers

GET /style.css HTTP/1.1
Host: minty-frr.lomjepdkrzh.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://minty-frr.lomjepdkrzh.workers.dev/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:03:11 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rXufcNSbvKWWTsGelF%2B6Z9HrJNxepQGDt166a9pVelZh4Tc4yDc3TqXeN2XY69UC1KLSBPQqn97jyjU9bJw%2BGguv7WeeC2ImT%2BvypsR8M28g5oMgtXcYxOR%2Fr%2BaYJru9LXJHXXC1Eb9Yf4rksgz9mggqo2g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876273434ef55693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

minty-frr.lomjepdkrzh.workers.dev/style.css

172.67.144.172

200 OK

20 kB

URL GET HTTP/3
minty-frr.lomjepdkrzh.workers.dev/style.css
IP
172.67.144.172:443
ASN
#13335 CLOUDFLARENET

Requested by
https://minty-frr.lomjepdkrzh.workers.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectlomjepdkrzh.workers.dev
FingerprintEA:AB:6F:78:F5:DA:66:8E:73:54:A3:A5:10:45:37:9C:C3:33:D5:A1
ValiditySun, 03 Mar 2024 02:21:59 GMT - Sat, 01 Jun 2024 02:21:58 GMT

File type
HTML document, ASCII text, with very long lines (19895)
Size
20 kB (19945 bytes)
Hash
dd2d1681212d402aab7077df3743abe9
b224ba12bc5682ff1d1eded5948601d272305f46
b61d54f18261a537e30b9c16862497f68f3bb0967a18fd7ed4201d4e5025e323

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	AT&T Inc.
PhishTank	phishing	AT&T

HTTP Headers

GET /style.css HTTP/1.1
Host: minty-frr.lomjepdkrzh.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://minty-frr.lomjepdkrzh.workers.dev/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:03:11 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yq%2F0h1st9h0jAwVxQfVr1ZBBS2EokVZnoDgpS9Y1lo9X9uugoaOYaapapmvsoynfKLwYIYCeuQhPlcI6cAMAd%2FqPB7tzGYIr64Ynwy5yz38J7wSJKaRVKOUv7XH63k7eWCYtD7bz9drRCg6nVE6HZPDmtJg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8762734539445693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

minty-frr.lomjepdkrzh.workers.dev/

172.67.144.172

200 OK

20 kB

URL User Request GET HTTP/2
minty-frr.lomjepdkrzh.workers.dev/
IP
172.67.144.172:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectlomjepdkrzh.workers.dev
FingerprintEA:AB:6F:78:F5:DA:66:8E:73:54:A3:A5:10:45:37:9C:C3:33:D5:A1
ValiditySun, 03 Mar 2024 02:21:59 GMT - Sat, 01 Jun 2024 02:21:58 GMT

File type
HTML document, ASCII text, with very long lines (19895)
Size
20 kB (19945 bytes)
Hash
dd2d1681212d402aab7077df3743abe9
b224ba12bc5682ff1d1eded5948601d272305f46
b61d54f18261a537e30b9c16862497f68f3bb0967a18fd7ed4201d4e5025e323

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - Suspicious Javascript code
OpenPhish	phishing	AT&T Inc.
PhishTank	phishing	AT&T

HTTP Headers

GET / HTTP/1.1
Host: minty-frr.lomjepdkrzh.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:03:10 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sz3mrHNaHtLceK3BH0hQjdgIQprxzaiXlWOltreGHVh88%2Bag7vqTmRQrinEs5vTR83LxVxoYlTHy6kdSISJxYgnfV5F%2FEMUpqTmCddthFZjeXK37LS1KaM6cpzagNH0X2Y%2FKG2LtE9qr5fTyGAs8RNH9DII%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87627340f9a7b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

HTTP Transactions (8)

URL GET HTTP/2

IP

ASN