| kmytrqpmnb.pages.dev/packs/media/images/globe-dd3d31e7.svg |  172.66.44.144 | 200 OK | 12 kB |
URL GET HTTP/3kmytrqpmnb.pages.dev/packs/media/images/globe-dd3d31e7.svg IP172.66.44.144:443
Requested byhttps://kmytrqpmnb.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectkmytrqpmnb.pages.dev Fingerprint55:9F:E9:7B:92:A7:47:55:09:2F:F9:14:EE:B5:88:60:10:D6:5D:82 ValiditySun, 24 Mar 2024 13:12:22 GMT - Sat, 22 Jun 2024 13:12:21 GMT
Hash096cd5d8d5ab246a825de11ca10f2394 88028b521c56bfe37626b42fd8fef3b222ca6aa5 9c985b3ba52ef8d6bd3840cb62458b3079a74f36c3538acd5061d6095a73fab8
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - WeTransfer | | OpenPhish | phishing | WeTransfer |
GET /packs/media/images/globe-dd3d31e7.svg HTTP/1.1
Host: kmytrqpmnb.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kmytrqpmnb.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 05:26:47 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"b61cb345bd1e45be0ed13e0986cc9d97"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JqdMsUjCtxfq5ycOkiIVJuKihDVBGlgezI2WeXMjA9tqtzBZ39P7Y8PGOYcuG7Fyh7qqzzWkWl8vbxxJjD9hMXy8RRHje5v2f8Xy5rRL78YhKrSn0OvJ1KdWanIYcRtcdaFMwupW6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a008f994e929a-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
URL User Request GET HTTP/2IP172.66.44.144:443
CertificateIssuerGoogle Trust Services LLC Subjectkmytrqpmnb.pages.dev Fingerprint55:9F:E9:7B:92:A7:47:55:09:2F:F9:14:EE:B5:88:60:10:D6:5D:82 ValiditySun, 24 Mar 2024 13:12:22 GMT - Sat, 22 Jun 2024 13:12:21 GMT
File typeHTML document, ASCII text, with very long lines (65536), with no line terminators Size683 kB (683422 bytes) Hash1de57bf3c55145a2e4f1777d46400075 a1a8da5e3ea03d0e053cc660774797c41c1dddca f6993fb093d7910df5eceb312708c4eaf0556daafd8417f2fd0a45c863a809ef
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - WeTransfer | | OpenPhish | phishing | WeTransfer |
GET / HTTP/1.1
Host: kmytrqpmnb.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 05:26:46 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"b61cb345bd1e45be0ed13e0986cc9d97"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iCz%2BT3rvic1%2BdFUwCQ7PW4ih4A07jUrLb6QbpWBFHq12JGceymP1Hff5vegLQm%2BU4hD36j0r8ugFCVwDdoq%2FUfzkhbqGAh8w7SPHY4RZoMzaBGuILmBvXof4%2B%2FIN6a%2BNHTpYrnXMsw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875a008c4d0892b5-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|