Report - ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/

Report Overview

Submitted URL
ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/
IP
172.66.47.113
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-17 04:51:31
Access
public
Website Title
Login | Charles Schwab
Final URL
ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
40

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
content.schwab.com	31426	1993-04-07	2012-10-11	2024-03-24	3.4 kB	1.8 MB	23.36.79.25
client.schwab.com	26752	1993-04-07	2012-10-11	2024-03-23	11 kB	367 kB	23.36.79.19
ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev	unknown	unknown	No data	No data	13 kB	1.0 MB	172.66.44.143
cdn.cookielaw.org	502	2011-06-20	2013-12-28	2024-04-17	589 B	37 kB	104.19.178.52

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-11	medium	ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/	Charles Schwab
2024-04-11	medium	ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/	Charles Schwab
2024-04-11	medium	ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/	Charles Schwab
2024-04-11	medium	ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/	Charles Schwab
2024-04-11	medium	ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/	Charles Schwab
2024-04-11	medium	ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/	Charles Schwab
2024-04-11	medium	ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/	Charles Schwab
2024-04-11	medium	ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/	Charles Schwab
2024-04-11	medium	ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/	Charles Schwab
2024-04-11	medium	ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/	Charles Schwab
2024-04-11	medium	ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/	Charles Schwab
2024-04-16	medium	ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/	Charles Schwab
2024-04-11	medium	ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/	Charles Schwab
2024-04-11	medium	ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/	Charles Schwab
2024-04-11	medium	ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/	Charles Schwab
2024-04-11	medium	ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/	Charles Schwab
2024-04-11	medium	ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/	Charles Schwab
2024-04-11	medium	ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/	Charles Schwab
2024-04-11	medium	ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/	Charles Schwab
2024-04-11	medium	ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/	Charles Schwab

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (3)

	URL	Size	First Seen	Last Seen
	ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/sch/resource.html	329 B	2023-03-07	2024-04-28
Pretty URL ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/sch/resource.html IP 172.66.44.143 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02:45 Last Seen2024-04-28 16:52:03 Times Seen2799 Hash 2e0a5c03de3cd4e06d20ce52df361558 acef8edf4d83a5e0ba200add1c875b3330ea5958 f4bf349d6ebfc27b0d682fd358da3882bc8e1f76c6a6d57d27ce35fc12b0027a Loading...

	ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/resource.html	150 B	2024-04-17	2024-04-17
Pretty URL ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/resource.html IP 172.66.44.143 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-17 06:51:38 Last Seen2024-04-17 19:43:59 Times Seen2 Hash 518dd0c48ad712d3b424276aba76cbb9 8224d4ede5a908adcc2276c0479214776e78196f 7186bdf832ed7581b9c834445d96fdc4df25777b6c5a27623284d701e27565ea Loading...

	ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/resource.html	456 B	2024-04-17	2024-04-17
Pretty URL ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/resource.html IP 172.66.44.143 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-17 06:51:38 Last Seen2024-04-17 19:43:59 Times Seen2 Hash 6b850994b0506d628dd5fffc10e9805d 14ecf110fa198b12f5206886cf6adec30f4d21cb 0c8c5663ff2e1dbae058e194bb1ca65662326a356000051ab413e34956182ac6 Loading...

HTTP Transactions (45)

URL IP Response Size

content.schwab.com/web/login/login-background-hq.png

23.36.79.25

200 OK

254 kB

URL GET HTTP/1.1
content.schwab.com/web/login/login-background-hq.png
IP
23.36.79.25:443
ASN
#20940 Akamai International B.V.

Requested by
https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/sch/sch/resource.html
Certificate
IssuerDigiCert Inc
Subjectcontent.schwab.com
Fingerprint69:D5:1F:FA:79:08:60:B3:06:9E:8D:D9:58:21:5C:34:D3:A9:1A:C9
ValidityMon, 26 Jun 2023 00:00:00 GMT - Tue, 25 Jun 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1524, components 3
Size
254 kB (254157 bytes)
Hash
da803de51efd8f479878e71b18a2dd02
dd60ef7895dacfad103c009e09c29c82df9bee3d
dda7745750242bc04808fce0c1d3b7a5316413c924b64c963c00dba4f7ef8c9f

HTTP Headers

GET /web/login/login-background-hq.png HTTP/1.1
Host: content.schwab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Thu, 28 Dec 2023 15:04:23 GMT
ETag: "da803de51efd8f479878e71b18a2dd02:1702562795.651757"
Server: Akamai Image Manager
Content-Length: 254157
Content-Type: image/jpeg
Cache-Control: private, no-transform, max-age=43200
Expires: Wed, 17 Apr 2024 16:51:05 GMT
Date: Wed, 17 Apr 2024 04:51:05 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Methods: GET, GET
Access-Control-Allow-Origin: *

content.schwab.com/web/login/login-background-hq.png

23.36.79.25

200 OK

254 kB

URL GET HTTP/1.1
content.schwab.com/web/login/login-background-hq.png
IP
23.36.79.25:443
ASN
#20940 Akamai International B.V.

Requested by
https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/sch/sch/resource.html
Certificate
IssuerDigiCert Inc
Subjectcontent.schwab.com
Fingerprint69:D5:1F:FA:79:08:60:B3:06:9E:8D:D9:58:21:5C:34:D3:A9:1A:C9
ValidityMon, 26 Jun 2023 00:00:00 GMT - Tue, 25 Jun 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1524, components 3
Size
254 kB (254157 bytes)
Hash
da803de51efd8f479878e71b18a2dd02
dd60ef7895dacfad103c009e09c29c82df9bee3d
dda7745750242bc04808fce0c1d3b7a5316413c924b64c963c00dba4f7ef8c9f

HTTP Headers

GET /web/login/login-background-hq.png HTTP/1.1
Host: content.schwab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Thu, 28 Dec 2023 15:04:23 GMT
ETag: "da803de51efd8f479878e71b18a2dd02:1702562795.651757"
Server: Akamai Image Manager
Content-Length: 254157
Content-Type: image/jpeg
Cache-Control: private, no-transform, max-age=43200
Expires: Wed, 17 Apr 2024 16:51:05 GMT
Date: Wed, 17 Apr 2024 04:51:05 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Methods: GET, GET
Access-Control-Allow-Origin: *

client.schwab.com/Areas/Access/Content/login/dist/font/CharlesModernMedium.1b247deb1873c1b8b158.woff

23.36.79.19

200 OK

19 kB

URL GET HTTP/2
client.schwab.com/Areas/Access/Content/login/dist/font/CharlesModernMedium.1b247deb1873c1b8b158.woff
IP
23.36.79.19:443
ASN
#20940 Akamai International B.V.

Requested by
https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/
Certificate
IssuerEntrust, Inc.
Subjectwww.schwab.com
FingerprintD2:81:EE:64:46:FC:78:6D:94:5D:E2:CC:1F:77:98:4E:B5:57:9E:D0
ValidityWed, 07 Feb 2024 18:27:21 GMT - Wed, 05 Feb 2025 18:27:20 GMT

File type
Web Open Font Format, TrueType, length 19448, version 1.6553
Size
19 kB (19448 bytes)
Hash
2c72a4c855fffe2eed0299266635fc1d
5f9d3ef1139b821b00a66a8367f95e5b57967e64
ad7851335d320cdcb2201d37b4aebf6ad679dd3ae7f2b6c821a1906e402541de

HTTP Headers

GET /Areas/Access/Content/login/dist/font/CharlesModernMedium.1b247deb1873c1b8b158.woff HTTP/1.1
Host: client.schwab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/
Origin: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/x-font-woff
last-modified: Mon, 25 Mar 2024 21:41:02 GMT
accept-ranges: bytes
etag: "0abd021fd7eda1:0"
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-length: 19448
f5ip: 162.93.232.100
cache-control: max-age=7776000
expires: Tue, 16 Jul 2024 04:51:05 GMT
date: Wed, 17 Apr 2024 04:51:05 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=178, origin; dur=0, ak_p; desc="1713329465139_388255503_292718803_17802_12491_1_10_31";dur=1
X-Firefox-Spdy: h2

client.schwab.com/Areas/Access/Content/login/dist/font/CharlesModern-Regular.8f42eb9674012799efea.woff

23.36.79.19

200 OK

22 kB

URL GET HTTP/2
client.schwab.com/Areas/Access/Content/login/dist/font/CharlesModern-Regular.8f42eb9674012799efea.woff
IP
23.36.79.19:443
ASN
#20940 Akamai International B.V.

Requested by
https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/resource.html
Certificate
IssuerEntrust, Inc.
Subjectwww.schwab.com
FingerprintD2:81:EE:64:46:FC:78:6D:94:5D:E2:CC:1F:77:98:4E:B5:57:9E:D0
ValidityWed, 07 Feb 2024 18:27:21 GMT - Wed, 05 Feb 2025 18:27:20 GMT

File type
Web Open Font Format, TrueType, length 22452, version 1.0
Size
22 kB (22452 bytes)
Hash
203e1ecea7a09d56f12e371b0c0d06af
dca8fcee4e47a5db897df33c91a5b2d93eb4a76f
d78b96c40cd112affd6d5cfb13213364f5a86d6a83415413482d22722542917e

HTTP Headers

GET /Areas/Access/Content/login/dist/font/CharlesModern-Regular.8f42eb9674012799efea.woff HTTP/1.1
Host: client.schwab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/
Origin: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/x-font-woff
last-modified: Mon, 25 Mar 2024 21:41:02 GMT
accept-ranges: bytes
etag: "0abd021fd7eda1:0"
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-length: 22452
f5ip: 162.93.220.100
cache-control: max-age=7776000
expires: Tue, 16 Jul 2024 04:51:05 GMT
date: Wed, 17 Apr 2024 04:51:05 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=178, origin; dur=0, ak_p; desc="1713329465151_388255503_292718804_17805_12475_1_10_31";dur=1
X-Firefox-Spdy: h2

client.schwab.com/Areas/Access/Content/login/dist/font/CharlesModernMedium.1b247deb1873c1b8b158.woff

23.36.79.19

200 OK

19 kB

URL GET HTTP/2
client.schwab.com/Areas/Access/Content/login/dist/font/CharlesModernMedium.1b247deb1873c1b8b158.woff
IP
23.36.79.19:443
ASN
#20940 Akamai International B.V.

Requested by
https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/
Certificate
IssuerEntrust, Inc.
Subjectwww.schwab.com
FingerprintD2:81:EE:64:46:FC:78:6D:94:5D:E2:CC:1F:77:98:4E:B5:57:9E:D0
ValidityWed, 07 Feb 2024 18:27:21 GMT - Wed, 05 Feb 2025 18:27:20 GMT

File type
Web Open Font Format, TrueType, length 19448, version 1.6553
Size
19 kB (19448 bytes)
Hash
2c72a4c855fffe2eed0299266635fc1d
5f9d3ef1139b821b00a66a8367f95e5b57967e64
ad7851335d320cdcb2201d37b4aebf6ad679dd3ae7f2b6c821a1906e402541de

HTTP Headers

GET /Areas/Access/Content/login/dist/font/CharlesModernMedium.1b247deb1873c1b8b158.woff HTTP/1.1
Host: client.schwab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/
Origin: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/x-font-woff
last-modified: Mon, 25 Mar 2024 21:41:02 GMT
accept-ranges: bytes
etag: "0abd021fd7eda1:0"
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-length: 19448
f5ip: 162.93.232.100
cache-control: max-age=7776000
expires: Tue, 16 Jul 2024 04:51:05 GMT
date: Wed, 17 Apr 2024 04:51:05 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=171, origin; dur=0, ak_p; desc="1713329465160_388255503_292718832_17157_10696_1_0_31";dur=1
X-Firefox-Spdy: h2

client.schwab.com/Areas/Access/Content/login/dist/font/CharlesModern-Regular.8f42eb9674012799efea.woff

23.36.79.19

200 OK

22 kB

URL GET HTTP/2
client.schwab.com/Areas/Access/Content/login/dist/font/CharlesModern-Regular.8f42eb9674012799efea.woff
IP
23.36.79.19:443
ASN
#20940 Akamai International B.V.

Requested by
https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/resource.html
Certificate
IssuerEntrust, Inc.
Subjectwww.schwab.com
FingerprintD2:81:EE:64:46:FC:78:6D:94:5D:E2:CC:1F:77:98:4E:B5:57:9E:D0
ValidityWed, 07 Feb 2024 18:27:21 GMT - Wed, 05 Feb 2025 18:27:20 GMT

File type
Web Open Font Format, TrueType, length 22452, version 1.0
Size
22 kB (22452 bytes)
Hash
203e1ecea7a09d56f12e371b0c0d06af
dca8fcee4e47a5db897df33c91a5b2d93eb4a76f
d78b96c40cd112affd6d5cfb13213364f5a86d6a83415413482d22722542917e

HTTP Headers

GET /Areas/Access/Content/login/dist/font/CharlesModern-Regular.8f42eb9674012799efea.woff HTTP/1.1
Host: client.schwab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/
Origin: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/x-font-woff
last-modified: Mon, 25 Mar 2024 21:41:02 GMT
accept-ranges: bytes
etag: "0abd021fd7eda1:0"
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-length: 22452
f5ip: 162.93.220.100
cache-control: max-age=7776000
expires: Tue, 16 Jul 2024 04:51:05 GMT
date: Wed, 17 Apr 2024 04:51:05 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=171, origin; dur=0, ak_p; desc="1713329465160_388255503_292718830_17132_10802_1_0_31";dur=1
X-Firefox-Spdy: h2

client.schwab.com/Areas/Access/Content/login/dist/font/CharlesModern-Regular.8f42eb9674012799efea.woff

23.36.79.19

200 OK

22 kB

URL GET HTTP/2
client.schwab.com/Areas/Access/Content/login/dist/font/CharlesModern-Regular.8f42eb9674012799efea.woff
IP
23.36.79.19:443
ASN
#20940 Akamai International B.V.

Requested by
https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/resource.html
Certificate
IssuerEntrust, Inc.
Subjectwww.schwab.com
FingerprintD2:81:EE:64:46:FC:78:6D:94:5D:E2:CC:1F:77:98:4E:B5:57:9E:D0
ValidityWed, 07 Feb 2024 18:27:21 GMT - Wed, 05 Feb 2025 18:27:20 GMT

File type
Web Open Font Format, TrueType, length 22452, version 1.0
Size
22 kB (22452 bytes)
Hash
203e1ecea7a09d56f12e371b0c0d06af
dca8fcee4e47a5db897df33c91a5b2d93eb4a76f
d78b96c40cd112affd6d5cfb13213364f5a86d6a83415413482d22722542917e

HTTP Headers

GET /Areas/Access/Content/login/dist/font/CharlesModern-Regular.8f42eb9674012799efea.woff HTTP/1.1
Host: client.schwab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/
Origin: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/x-font-woff
last-modified: Mon, 25 Mar 2024 21:41:02 GMT
accept-ranges: bytes
etag: "0abd021fd7eda1:0"
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-length: 22452
f5ip: 162.93.220.100
cache-control: max-age=7776000
expires: Tue, 16 Jul 2024 04:51:05 GMT
date: Wed, 17 Apr 2024 04:51:05 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1713329465487_388255503_292720219_61_10276_1_0_31";dur=1
X-Firefox-Spdy: h2

client.schwab.com/Areas/Access/Content/login/dist/font/CharlesModernMedium.1b247deb1873c1b8b158.woff

23.36.79.19

200 OK

19 kB

URL GET HTTP/2
client.schwab.com/Areas/Access/Content/login/dist/font/CharlesModernMedium.1b247deb1873c1b8b158.woff
IP
23.36.79.19:443
ASN
#20940 Akamai International B.V.

Requested by
https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/
Certificate
IssuerEntrust, Inc.
Subjectwww.schwab.com
FingerprintD2:81:EE:64:46:FC:78:6D:94:5D:E2:CC:1F:77:98:4E:B5:57:9E:D0
ValidityWed, 07 Feb 2024 18:27:21 GMT - Wed, 05 Feb 2025 18:27:20 GMT

File type
Web Open Font Format, TrueType, length 19448, version 1.6553
Size
19 kB (19448 bytes)
Hash
2c72a4c855fffe2eed0299266635fc1d
5f9d3ef1139b821b00a66a8367f95e5b57967e64
ad7851335d320cdcb2201d37b4aebf6ad679dd3ae7f2b6c821a1906e402541de

HTTP Headers

GET /Areas/Access/Content/login/dist/font/CharlesModernMedium.1b247deb1873c1b8b158.woff HTTP/1.1
Host: client.schwab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/
Origin: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/x-font-woff
last-modified: Mon, 25 Mar 2024 21:41:02 GMT
accept-ranges: bytes
etag: "0abd021fd7eda1:0"
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-length: 19448
f5ip: 162.93.232.100
cache-control: max-age=7776000
expires: Tue, 16 Jul 2024 04:51:05 GMT
date: Wed, 17 Apr 2024 04:51:05 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1713329465488_388255503_292720225_32_10359_1_0_31";dur=1
X-Firefox-Spdy: h2

content.schwab.com/web/login/login-background-hq.png

23.36.79.25

200 OK

254 kB

URL GET HTTP/1.1
content.schwab.com/web/login/login-background-hq.png
IP
23.36.79.25:443
ASN
#20940 Akamai International B.V.

Requested by
https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/sch/sch/resource.html
Certificate
IssuerDigiCert Inc
Subjectcontent.schwab.com
Fingerprint69:D5:1F:FA:79:08:60:B3:06:9E:8D:D9:58:21:5C:34:D3:A9:1A:C9
ValidityMon, 26 Jun 2023 00:00:00 GMT - Tue, 25 Jun 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1524, components 3
Size
254 kB (254157 bytes)
Hash
da803de51efd8f479878e71b18a2dd02
dd60ef7895dacfad103c009e09c29c82df9bee3d
dda7745750242bc04808fce0c1d3b7a5316413c924b64c963c00dba4f7ef8c9f

HTTP Headers

GET /web/login/login-background-hq.png HTTP/1.1
Host: content.schwab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Thu, 28 Dec 2023 15:04:23 GMT
ETag: "da803de51efd8f479878e71b18a2dd02:1702562795.651757"
Server: Akamai Image Manager
Content-Length: 254157
Content-Type: image/jpeg
Cache-Control: private, no-transform, max-age=43200
Expires: Wed, 17 Apr 2024 16:51:05 GMT
Date: Wed, 17 Apr 2024 04:51:05 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Methods: GET, GET
Access-Control-Allow-Origin: *

ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/resource.html

172.66.44.143

200 OK

40 kB

URL GET HTTP/3
ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/resource.html
IP
172.66.44.143:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/resource.html
Certificate
IssuerGoogle Trust Services LLC
Subjectujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
Fingerprint87:03:EA:FF:21:1F:4B:E5:0F:58:17:F7:C7:3E:24:7B:18:58:44:AF
ValidityThu, 21 Mar 2024 11:13:18 GMT - Wed, 19 Jun 2024 11:13:17 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (2094)
Size
40 kB (40323 bytes)
Hash
155aee273023c101e07d894ddfa8ba23
bcf9b3d9f3bc309fdd86a881ab59bad808b14bdd
2ef0c756dd56138376fab33a58b4dd77faa38f69470a6aa6e3d0f3a37cf830e8

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Charles Schwab

HTTP Headers

GET /sch/sch/location/sch/sch/resource.html HTTP/1.1
Host: ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/resource.html
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:51:05 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"9e35b66328a4e298311fffa4ee41d9f8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3ss6HHHwg%2FFBBiZ5QRfnSICqyrNNFde8GO0ndM%2BLFH1UZrMKIK7pkT%2FDtqvdgCBxIgaRsxJNDICr2X2sKEPwNbGY061%2BOlifbYXUY1NyjBVw%2FUD2z3Tq9fR%2BTj%2Bs7%2BzB4mGxGN1qt1wRLgZwKjruKQscEQeQa%2FzPTmCKDP9gcPZDfzhExvtzhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759cc45c8969304-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

client.schwab.com/Areas/Access/Content/login/dist/font/CharlesModern-Regular.8f42eb9674012799efea.woff

23.36.79.19

200 OK

22 kB

URL GET HTTP/2
client.schwab.com/Areas/Access/Content/login/dist/font/CharlesModern-Regular.8f42eb9674012799efea.woff
IP
23.36.79.19:443
ASN
#20940 Akamai International B.V.

Requested by
https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/resource.html
Certificate
IssuerEntrust, Inc.
Subjectwww.schwab.com
FingerprintD2:81:EE:64:46:FC:78:6D:94:5D:E2:CC:1F:77:98:4E:B5:57:9E:D0
ValidityWed, 07 Feb 2024 18:27:21 GMT - Wed, 05 Feb 2025 18:27:20 GMT

File type
Web Open Font Format, TrueType, length 22452, version 1.0
Size
22 kB (22452 bytes)
Hash
203e1ecea7a09d56f12e371b0c0d06af
dca8fcee4e47a5db897df33c91a5b2d93eb4a76f
d78b96c40cd112affd6d5cfb13213364f5a86d6a83415413482d22722542917e

HTTP Headers

GET /Areas/Access/Content/login/dist/font/CharlesModern-Regular.8f42eb9674012799efea.woff HTTP/1.1
Host: client.schwab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/
Origin: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/x-font-woff
last-modified: Mon, 25 Mar 2024 21:41:02 GMT
accept-ranges: bytes
etag: "0abd021fd7eda1:0"
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-length: 22452
f5ip: 162.93.220.100
cache-control: max-age=7776000
expires: Tue, 16 Jul 2024 04:51:05 GMT
date: Wed, 17 Apr 2024 04:51:05 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1713329465670_388255503_292720995_37_10436_0_0_31";dur=1
X-Firefox-Spdy: h2

ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/login.9887b156e7f00e5514d9.css

172.66.44.143

200 OK

24 kB

URL GET HTTP/3
ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/login.9887b156e7f00e5514d9.css
IP
172.66.44.143:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/resource.html
Certificate
IssuerGoogle Trust Services LLC
Subjectujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
Fingerprint87:03:EA:FF:21:1F:4B:E5:0F:58:17:F7:C7:3E:24:7B:18:58:44:AF
ValidityThu, 21 Mar 2024 11:13:18 GMT - Wed, 19 Jun 2024 11:13:17 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (2094)
Size
24 kB (23725 bytes)
Hash
155aee273023c101e07d894ddfa8ba23
bcf9b3d9f3bc309fdd86a881ab59bad808b14bdd
2ef0c756dd56138376fab33a58b4dd77faa38f69470a6aa6e3d0f3a37cf830e8

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Charles Schwab

HTTP Headers

GET /sch/sch/location/sch/sch/sch/login.9887b156e7f00e5514d9.css HTTP/1.1
Host: ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/resource.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:51:05 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"9e35b66328a4e298311fffa4ee41d9f8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BNE8V%2BSOoUO7Xe4JX7E0d3ToDzg6LvZjijbJTUItALwMi%2BzN%2BYUerEHAEcVgjlDPcF8be65YeJfzDhEGooQRTpM6LC%2FQeORmUehOFD4CWyqhtowY3YNf205mrw6ELOB2mnvISa4926vVxRfsTvO1SWON1iv%2FJUQdMMyVMjzMw3yxpEoakhKSpA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759cc476a0a9304-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

content.schwab.com/web/login/login-background-hq.png

23.36.79.25

200 OK

254 kB

URL GET HTTP/1.1
content.schwab.com/web/login/login-background-hq.png
IP
23.36.79.25:443
ASN
#20940 Akamai International B.V.

Requested by
https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/sch/sch/resource.html
Certificate
IssuerDigiCert Inc
Subjectcontent.schwab.com
Fingerprint69:D5:1F:FA:79:08:60:B3:06:9E:8D:D9:58:21:5C:34:D3:A9:1A:C9
ValidityMon, 26 Jun 2023 00:00:00 GMT - Tue, 25 Jun 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1524, components 3
Size
254 kB (254157 bytes)
Hash
da803de51efd8f479878e71b18a2dd02
dd60ef7895dacfad103c009e09c29c82df9bee3d
dda7745750242bc04808fce0c1d3b7a5316413c924b64c963c00dba4f7ef8c9f

HTTP Headers

GET /web/login/login-background-hq.png HTTP/1.1
Host: content.schwab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Thu, 28 Dec 2023 15:04:23 GMT
ETag: "da803de51efd8f479878e71b18a2dd02:1702562795.651757"
Server: Akamai Image Manager
Content-Length: 254157
Content-Type: image/jpeg
Cache-Control: private, no-transform, max-age=43200
Expires: Wed, 17 Apr 2024 16:51:05 GMT
Date: Wed, 17 Apr 2024 04:51:05 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Methods: GET, GET
Access-Control-Allow-Origin: *

ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/resource.html

172.66.44.143

200 OK

258 kB

URL GET HTTP/3
ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/resource.html
IP
172.66.44.143:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/resource.html
Certificate
IssuerGoogle Trust Services LLC
Subjectujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
Fingerprint87:03:EA:FF:21:1F:4B:E5:0F:58:17:F7:C7:3E:24:7B:18:58:44:AF
ValidityThu, 21 Mar 2024 11:13:18 GMT - Wed, 19 Jun 2024 11:13:17 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (2094)
Size
258 kB (258434 bytes)
Hash
155aee273023c101e07d894ddfa8ba23
bcf9b3d9f3bc309fdd86a881ab59bad808b14bdd
2ef0c756dd56138376fab33a58b4dd77faa38f69470a6aa6e3d0f3a37cf830e8

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Charles Schwab

HTTP Headers

GET /sch/sch/location/sch/sch/sch/sch/resource.html HTTP/1.1
Host: ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/resource.html
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:51:05 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"9e35b66328a4e298311fffa4ee41d9f8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wQ0zPi%2B4QzOBsv%2BMk4F%2B67HEGneoverTRj0XEg76SSXOfb6DpOmYmYWBMzOEwc86LeisjfDs4aAnmR9qjHOyI46Z9sgBnofbgZyrWdQk7rb0Zocn6cy0gmYIoeEoxkIS8kHq%2Fi5b5SAgqPb%2Bd7fHuCNR42kE9YPTsQbTnbW67hUb8xneeXatyA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759cc48fb7f9304-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

client.schwab.com/Areas/Access/Content/login/dist/font/CharlesModern-Regular.8f42eb9674012799efea.woff

23.36.79.19

200 OK

22 kB

URL GET HTTP/2
client.schwab.com/Areas/Access/Content/login/dist/font/CharlesModern-Regular.8f42eb9674012799efea.woff
IP
23.36.79.19:443
ASN
#20940 Akamai International B.V.

Requested by
https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/resource.html
Certificate
IssuerEntrust, Inc.
Subjectwww.schwab.com
FingerprintD2:81:EE:64:46:FC:78:6D:94:5D:E2:CC:1F:77:98:4E:B5:57:9E:D0
ValidityWed, 07 Feb 2024 18:27:21 GMT - Wed, 05 Feb 2025 18:27:20 GMT

File type
Web Open Font Format, TrueType, length 22452, version 1.0
Size
22 kB (22452 bytes)
Hash
203e1ecea7a09d56f12e371b0c0d06af
dca8fcee4e47a5db897df33c91a5b2d93eb4a76f
d78b96c40cd112affd6d5cfb13213364f5a86d6a83415413482d22722542917e

HTTP Headers

GET /Areas/Access/Content/login/dist/font/CharlesModern-Regular.8f42eb9674012799efea.woff HTTP/1.1
Host: client.schwab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/
Origin: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/x-font-woff
last-modified: Mon, 25 Mar 2024 21:41:02 GMT
accept-ranges: bytes
etag: "0abd021fd7eda1:0"
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-length: 22452
f5ip: 162.93.220.100
cache-control: max-age=7776000
expires: Tue, 16 Jul 2024 04:51:05 GMT
date: Wed, 17 Apr 2024 04:51:05 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1713329465809_388255503_292721639_90_10205_5_0_31";dur=1
X-Firefox-Spdy: h2

ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/login.9887b156e7f00e5514d9.css

172.66.44.143

200 OK

24 kB

URL GET HTTP/3
ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/login.9887b156e7f00e5514d9.css
IP
172.66.44.143:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/resource.html
Certificate
IssuerGoogle Trust Services LLC
Subjectujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
Fingerprint87:03:EA:FF:21:1F:4B:E5:0F:58:17:F7:C7:3E:24:7B:18:58:44:AF
ValidityThu, 21 Mar 2024 11:13:18 GMT - Wed, 19 Jun 2024 11:13:17 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (2094)
Size
24 kB (23725 bytes)
Hash
155aee273023c101e07d894ddfa8ba23
bcf9b3d9f3bc309fdd86a881ab59bad808b14bdd
2ef0c756dd56138376fab33a58b4dd77faa38f69470a6aa6e3d0f3a37cf830e8

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Charles Schwab

HTTP Headers

GET /sch/sch/location/sch/sch/sch/sch/login.9887b156e7f00e5514d9.css HTTP/1.1
Host: ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/resource.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:51:05 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"9e35b66328a4e298311fffa4ee41d9f8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dw0prTyprCzmYfHV9vj7YimmwsV0bXYKEJ5scVmqPTiYsI9wLM7p5JzQ4OCzRC%2Fwqi2XvFxEus8EaiUM2goj90zEH3NAWjS73PZma3I%2FXEkwnybrHWOYKjF1XSOFocYYB3zyw5ICfDnT6pYQaUa3iayaTlnBAAw570%2FIP2QKI3iAJvxIiaStXA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759cc488b239304-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

content.schwab.com/web/login/login-background-hq.png

23.36.79.25

200 OK

254 kB

URL GET HTTP/1.1
content.schwab.com/web/login/login-background-hq.png
IP
23.36.79.25:443
ASN
#20940 Akamai International B.V.

Requested by
https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/sch/sch/resource.html
Certificate
IssuerDigiCert Inc
Subjectcontent.schwab.com
Fingerprint69:D5:1F:FA:79:08:60:B3:06:9E:8D:D9:58:21:5C:34:D3:A9:1A:C9
ValidityMon, 26 Jun 2023 00:00:00 GMT - Tue, 25 Jun 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1524, components 3
Size
254 kB (254157 bytes)
Hash
da803de51efd8f479878e71b18a2dd02
dd60ef7895dacfad103c009e09c29c82df9bee3d
dda7745750242bc04808fce0c1d3b7a5316413c924b64c963c00dba4f7ef8c9f

HTTP Headers

GET /web/login/login-background-hq.png HTTP/1.1
Host: content.schwab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Thu, 28 Dec 2023 15:04:23 GMT
ETag: "da803de51efd8f479878e71b18a2dd02:1702562795.651757"
Server: Akamai Image Manager
Content-Length: 254157
Content-Type: image/jpeg
Cache-Control: private, no-transform, max-age=43200
Expires: Wed, 17 Apr 2024 16:51:05 GMT
Date: Wed, 17 Apr 2024 04:51:05 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Methods: GET, GET
Access-Control-Allow-Origin: *

ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/resource.html

172.66.44.143

200 OK

27 kB

URL GET HTTP/3
ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/resource.html
IP
172.66.44.143:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/resource.html
Certificate
IssuerGoogle Trust Services LLC
Subjectujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
Fingerprint87:03:EA:FF:21:1F:4B:E5:0F:58:17:F7:C7:3E:24:7B:18:58:44:AF
ValidityThu, 21 Mar 2024 11:13:18 GMT - Wed, 19 Jun 2024 11:13:17 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (2094)
Size
27 kB (26729 bytes)
Hash
155aee273023c101e07d894ddfa8ba23
bcf9b3d9f3bc309fdd86a881ab59bad808b14bdd
2ef0c756dd56138376fab33a58b4dd77faa38f69470a6aa6e3d0f3a37cf830e8

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Charles Schwab

HTTP Headers

GET /sch/sch/location/sch/sch/sch/sch/sch/resource.html HTTP/1.1
Host: ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/resource.html
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:51:05 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"9e35b66328a4e298311fffa4ee41d9f8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=302Y9TyQ0HNIuE9Lsdl7bM%2FdlgPW02JmCDYGJfViFcb4IhRY7YWho0l5rdH6gf4pDHr1ndI9zjn6TskXDQTF4ZUoiHModZwxleUeY3SQdKOAS0i9K07wVcaetDuhDH4vZZJ%2BP6cRCnL46QkjZy3tq5YyKZEdyjvcKmgCWztNKbhvWKvEOEYOhw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759cc49ec5e9304-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

client.schwab.com/Areas/Access/Content/login/dist/font/CharlesModernMedium.1b247deb1873c1b8b158.woff

23.36.79.19

200 OK

19 kB

URL GET HTTP/2
client.schwab.com/Areas/Access/Content/login/dist/font/CharlesModernMedium.1b247deb1873c1b8b158.woff
IP
23.36.79.19:443
ASN
#20940 Akamai International B.V.

Requested by
https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/
Certificate
IssuerEntrust, Inc.
Subjectwww.schwab.com
FingerprintD2:81:EE:64:46:FC:78:6D:94:5D:E2:CC:1F:77:98:4E:B5:57:9E:D0
ValidityWed, 07 Feb 2024 18:27:21 GMT - Wed, 05 Feb 2025 18:27:20 GMT

File type
Web Open Font Format, TrueType, length 19448, version 1.6553
Size
19 kB (19448 bytes)
Hash
2c72a4c855fffe2eed0299266635fc1d
5f9d3ef1139b821b00a66a8367f95e5b57967e64
ad7851335d320cdcb2201d37b4aebf6ad679dd3ae7f2b6c821a1906e402541de

HTTP Headers

GET /Areas/Access/Content/login/dist/font/CharlesModernMedium.1b247deb1873c1b8b158.woff HTTP/1.1
Host: client.schwab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/
Origin: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/x-font-woff
last-modified: Mon, 25 Mar 2024 21:41:02 GMT
accept-ranges: bytes
etag: "0abd021fd7eda1:0"
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-length: 19448
f5ip: 162.93.232.100
cache-control: max-age=7776000
expires: Tue, 16 Jul 2024 04:51:05 GMT
date: Wed, 17 Apr 2024 04:51:05 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1713329465969_388255503_292722248_66_9606_4_0_31";dur=1
X-Firefox-Spdy: h2

ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/sch/resource.html

172.66.44.143

200 OK

258 kB

URL GET HTTP/3
ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/sch/resource.html
IP
172.66.44.143:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/resource.html
Certificate
IssuerGoogle Trust Services LLC
Subjectujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
Fingerprint87:03:EA:FF:21:1F:4B:E5:0F:58:17:F7:C7:3E:24:7B:18:58:44:AF
ValidityThu, 21 Mar 2024 11:13:18 GMT - Wed, 19 Jun 2024 11:13:17 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (2094)
Size
258 kB (258434 bytes)
Hash
155aee273023c101e07d894ddfa8ba23
bcf9b3d9f3bc309fdd86a881ab59bad808b14bdd
2ef0c756dd56138376fab33a58b4dd77faa38f69470a6aa6e3d0f3a37cf830e8

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Charles Schwab

HTTP Headers

GET /sch/sch/location/sch/sch/sch/sch/sch/sch/resource.html HTTP/1.1
Host: ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/resource.html
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:51:06 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"9e35b66328a4e298311fffa4ee41d9f8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wCXQpIqjptjwXEua%2BmRQJf7LS2mqR%2FkbZySjhjWma6PTS87iilvNPjzQtb3ZY836GJxvfJuzyYxL0aRTk4%2F9TrC8Z%2B8SiiDuNHHTD6PC3i6PiLM9ViJwQk2oADkAioudGKCRvuxi3l17DLKgN5j8xlYPbrffR61SIRW7T%2FwRiTd0zbEKOjeLTg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759cc4add5e9304-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

client.schwab.com/Areas/Access/Content/login/dist/font/CharlesModernMedium.1b247deb1873c1b8b158.woff

23.36.79.19

200 OK

19 kB

URL GET HTTP/2
client.schwab.com/Areas/Access/Content/login/dist/font/CharlesModernMedium.1b247deb1873c1b8b158.woff
IP
23.36.79.19:443
ASN
#20940 Akamai International B.V.

Requested by
https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/
Certificate
IssuerEntrust, Inc.
Subjectwww.schwab.com
FingerprintD2:81:EE:64:46:FC:78:6D:94:5D:E2:CC:1F:77:98:4E:B5:57:9E:D0
ValidityWed, 07 Feb 2024 18:27:21 GMT - Wed, 05 Feb 2025 18:27:20 GMT

File type
Web Open Font Format, TrueType, length 19448, version 1.6553
Size
19 kB (19448 bytes)
Hash
2c72a4c855fffe2eed0299266635fc1d
5f9d3ef1139b821b00a66a8367f95e5b57967e64
ad7851335d320cdcb2201d37b4aebf6ad679dd3ae7f2b6c821a1906e402541de

HTTP Headers

GET /Areas/Access/Content/login/dist/font/CharlesModernMedium.1b247deb1873c1b8b158.woff HTTP/1.1
Host: client.schwab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/
Origin: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/x-font-woff
last-modified: Mon, 25 Mar 2024 21:41:02 GMT
accept-ranges: bytes
etag: "0abd021fd7eda1:0"
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-length: 19448
f5ip: 162.93.232.100
cache-control: max-age=7776000
expires: Tue, 16 Jul 2024 04:51:06 GMT
date: Wed, 17 Apr 2024 04:51:06 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1713329466117_388255503_292723005_126_11145_2_0_31";dur=1
X-Firefox-Spdy: h2

client.schwab.com/Areas/Access/Content/login/dist/font/CharlesModern-Regular.8f42eb9674012799efea.woff

23.36.79.19

200 OK

22 kB

URL GET HTTP/2
client.schwab.com/Areas/Access/Content/login/dist/font/CharlesModern-Regular.8f42eb9674012799efea.woff
IP
23.36.79.19:443
ASN
#20940 Akamai International B.V.

Requested by
https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/resource.html
Certificate
IssuerEntrust, Inc.
Subjectwww.schwab.com
FingerprintD2:81:EE:64:46:FC:78:6D:94:5D:E2:CC:1F:77:98:4E:B5:57:9E:D0
ValidityWed, 07 Feb 2024 18:27:21 GMT - Wed, 05 Feb 2025 18:27:20 GMT

File type
Web Open Font Format, TrueType, length 22452, version 1.0
Size
22 kB (22452 bytes)
Hash
203e1ecea7a09d56f12e371b0c0d06af
dca8fcee4e47a5db897df33c91a5b2d93eb4a76f
d78b96c40cd112affd6d5cfb13213364f5a86d6a83415413482d22722542917e

HTTP Headers

GET /Areas/Access/Content/login/dist/font/CharlesModern-Regular.8f42eb9674012799efea.woff HTTP/1.1
Host: client.schwab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/
Origin: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/x-font-woff
last-modified: Mon, 25 Mar 2024 21:41:02 GMT
accept-ranges: bytes
etag: "0abd021fd7eda1:0"
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-length: 22452
f5ip: 162.93.220.100
cache-control: max-age=7776000
expires: Tue, 16 Jul 2024 04:51:06 GMT
date: Wed, 17 Apr 2024 04:51:06 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1713329466117_388255503_292723004_134_12257_2_0_31";dur=1
X-Firefox-Spdy: h2

client.schwab.com/Areas/Access/Content/login/dist/font/CharlesModern-Regular.8f42eb9674012799efea.woff

23.36.79.19

200 OK

22 kB

URL GET HTTP/2
client.schwab.com/Areas/Access/Content/login/dist/font/CharlesModern-Regular.8f42eb9674012799efea.woff
IP
23.36.79.19:443
ASN
#20940 Akamai International B.V.

Requested by
https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/resource.html
Certificate
IssuerEntrust, Inc.
Subjectwww.schwab.com
FingerprintD2:81:EE:64:46:FC:78:6D:94:5D:E2:CC:1F:77:98:4E:B5:57:9E:D0
ValidityWed, 07 Feb 2024 18:27:21 GMT - Wed, 05 Feb 2025 18:27:20 GMT

File type
Web Open Font Format, TrueType, length 22452, version 1.0
Size
22 kB (22452 bytes)
Hash
203e1ecea7a09d56f12e371b0c0d06af
dca8fcee4e47a5db897df33c91a5b2d93eb4a76f
d78b96c40cd112affd6d5cfb13213364f5a86d6a83415413482d22722542917e

HTTP Headers

GET /Areas/Access/Content/login/dist/font/CharlesModern-Regular.8f42eb9674012799efea.woff HTTP/1.1
Host: client.schwab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/
Origin: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/x-font-woff
last-modified: Mon, 25 Mar 2024 21:41:02 GMT
accept-ranges: bytes
etag: "0abd021fd7eda1:0"
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-length: 22452
f5ip: 162.93.220.100
cache-control: max-age=7776000
expires: Tue, 16 Jul 2024 04:51:06 GMT
date: Wed, 17 Apr 2024 04:51:06 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1713329466260_388255503_292723638_53_10926_2_0_31";dur=1
X-Firefox-Spdy: h2

client.schwab.com/Areas/Access/Content/login/dist/font/CharlesModernMedium.1b247deb1873c1b8b158.woff

23.36.79.19

200 OK

19 kB

URL GET HTTP/2
client.schwab.com/Areas/Access/Content/login/dist/font/CharlesModernMedium.1b247deb1873c1b8b158.woff
IP
23.36.79.19:443
ASN
#20940 Akamai International B.V.

Requested by
https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/
Certificate
IssuerEntrust, Inc.
Subjectwww.schwab.com
FingerprintD2:81:EE:64:46:FC:78:6D:94:5D:E2:CC:1F:77:98:4E:B5:57:9E:D0
ValidityWed, 07 Feb 2024 18:27:21 GMT - Wed, 05 Feb 2025 18:27:20 GMT

File type
Web Open Font Format, TrueType, length 19448, version 1.6553
Size
19 kB (19448 bytes)
Hash
2c72a4c855fffe2eed0299266635fc1d
5f9d3ef1139b821b00a66a8367f95e5b57967e64
ad7851335d320cdcb2201d37b4aebf6ad679dd3ae7f2b6c821a1906e402541de

HTTP Headers

GET /Areas/Access/Content/login/dist/font/CharlesModernMedium.1b247deb1873c1b8b158.woff HTTP/1.1
Host: client.schwab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/
Origin: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/x-font-woff
last-modified: Mon, 25 Mar 2024 21:41:02 GMT
accept-ranges: bytes
etag: "0abd021fd7eda1:0"
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-length: 19448
f5ip: 162.93.232.100
cache-control: max-age=7776000
expires: Tue, 16 Jul 2024 04:51:06 GMT
date: Wed, 17 Apr 2024 04:51:06 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1713329466260_388255503_292723639_43_10897_2_0_31";dur=1
X-Firefox-Spdy: h2

ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/sch/sch/resource.html

172.66.44.143

200 OK

258 kB

URL GET HTTP/3
ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/sch/sch/resource.html
IP
172.66.44.143:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/sch/resource.html
Certificate
IssuerGoogle Trust Services LLC
Subjectujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
Fingerprint87:03:EA:FF:21:1F:4B:E5:0F:58:17:F7:C7:3E:24:7B:18:58:44:AF
ValidityThu, 21 Mar 2024 11:13:18 GMT - Wed, 19 Jun 2024 11:13:17 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (2094)
Size
258 kB (258434 bytes)
Hash
155aee273023c101e07d894ddfa8ba23
bcf9b3d9f3bc309fdd86a881ab59bad808b14bdd
2ef0c756dd56138376fab33a58b4dd77faa38f69470a6aa6e3d0f3a37cf830e8

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Charles Schwab

HTTP Headers

GET /sch/sch/location/sch/sch/sch/sch/sch/sch/sch/resource.html HTTP/1.1
Host: ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/sch/resource.html
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:51:06 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"9e35b66328a4e298311fffa4ee41d9f8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4OJUlpNLiWKPhERibjvWK5aY%2F2j7DJQuJE0BxHlVJUy9u3nnuO3y9WjIhUpcSRGwUhC8yX%2FHbSdehzFlQgbqLlUzDbDZiIP0969UbsLCgehwi99uhSHjw%2BsXixZ4H0howV7MmIHxpbOKzbLmNY14GBMmg6YgFqzjJ1tqQ8M3Zs2WW%2ByHY%2FmrGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759cc4bce649304-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

client.schwab.com/Areas/Access/Content/login/dist/font/CharlesModern-Regular.8f42eb9674012799efea.woff

23.36.79.19

200 OK

22 kB

URL GET HTTP/2
client.schwab.com/Areas/Access/Content/login/dist/font/CharlesModern-Regular.8f42eb9674012799efea.woff
IP
23.36.79.19:443
ASN
#20940 Akamai International B.V.

Requested by
https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/resource.html
Certificate
IssuerEntrust, Inc.
Subjectwww.schwab.com
FingerprintD2:81:EE:64:46:FC:78:6D:94:5D:E2:CC:1F:77:98:4E:B5:57:9E:D0
ValidityWed, 07 Feb 2024 18:27:21 GMT - Wed, 05 Feb 2025 18:27:20 GMT

File type
Web Open Font Format, TrueType, length 22452, version 1.0
Size
22 kB (22452 bytes)
Hash
203e1ecea7a09d56f12e371b0c0d06af
dca8fcee4e47a5db897df33c91a5b2d93eb4a76f
d78b96c40cd112affd6d5cfb13213364f5a86d6a83415413482d22722542917e

HTTP Headers

GET /Areas/Access/Content/login/dist/font/CharlesModern-Regular.8f42eb9674012799efea.woff HTTP/1.1
Host: client.schwab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/
Origin: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/x-font-woff
last-modified: Mon, 25 Mar 2024 21:41:02 GMT
accept-ranges: bytes
etag: "0abd021fd7eda1:0"
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-length: 22452
f5ip: 162.93.220.100
cache-control: max-age=7776000
expires: Tue, 16 Jul 2024 04:51:06 GMT
date: Wed, 17 Apr 2024 04:51:06 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1713329466414_388255503_292724365_28_10180_1_0_31";dur=1
X-Firefox-Spdy: h2

content.schwab.com/web/login/login-background-hq.png

23.36.79.25

200 OK

254 kB

URL GET HTTP/1.1
content.schwab.com/web/login/login-background-hq.png
IP
23.36.79.25:443
ASN
#20940 Akamai International B.V.

Requested by
https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/sch/sch/resource.html
Certificate
IssuerDigiCert Inc
Subjectcontent.schwab.com
Fingerprint69:D5:1F:FA:79:08:60:B3:06:9E:8D:D9:58:21:5C:34:D3:A9:1A:C9
ValidityMon, 26 Jun 2023 00:00:00 GMT - Tue, 25 Jun 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1524, components 3
Size
254 kB (254157 bytes)
Hash
da803de51efd8f479878e71b18a2dd02
dd60ef7895dacfad103c009e09c29c82df9bee3d
dda7745750242bc04808fce0c1d3b7a5316413c924b64c963c00dba4f7ef8c9f

HTTP Headers

GET /web/login/login-background-hq.png HTTP/1.1
Host: content.schwab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Thu, 28 Dec 2023 15:04:23 GMT
ETag: "da803de51efd8f479878e71b18a2dd02:1702562795.651757"
Server: Akamai Image Manager
Content-Length: 254157
Content-Type: image/jpeg
Cache-Control: private, no-transform, max-age=43200
Expires: Wed, 17 Apr 2024 16:51:06 GMT
Date: Wed, 17 Apr 2024 04:51:06 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Methods: GET, GET
Access-Control-Allow-Origin: *

client.schwab.com/Areas/Access/Content/login/dist/font/CharlesModernMedium.1b247deb1873c1b8b158.woff

23.36.79.19

200 OK

19 kB

URL GET HTTP/2
client.schwab.com/Areas/Access/Content/login/dist/font/CharlesModernMedium.1b247deb1873c1b8b158.woff
IP
23.36.79.19:443
ASN
#20940 Akamai International B.V.

Requested by
https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/
Certificate
IssuerEntrust, Inc.
Subjectwww.schwab.com
FingerprintD2:81:EE:64:46:FC:78:6D:94:5D:E2:CC:1F:77:98:4E:B5:57:9E:D0
ValidityWed, 07 Feb 2024 18:27:21 GMT - Wed, 05 Feb 2025 18:27:20 GMT

File type
Web Open Font Format, TrueType, length 19448, version 1.6553
Size
19 kB (19448 bytes)
Hash
2c72a4c855fffe2eed0299266635fc1d
5f9d3ef1139b821b00a66a8367f95e5b57967e64
ad7851335d320cdcb2201d37b4aebf6ad679dd3ae7f2b6c821a1906e402541de

HTTP Headers

GET /Areas/Access/Content/login/dist/font/CharlesModernMedium.1b247deb1873c1b8b158.woff HTTP/1.1
Host: client.schwab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/
Origin: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/x-font-woff
last-modified: Mon, 25 Mar 2024 21:41:02 GMT
accept-ranges: bytes
etag: "0abd021fd7eda1:0"
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-length: 19448
f5ip: 162.93.232.100
cache-control: max-age=7776000
expires: Tue, 16 Jul 2024 04:51:06 GMT
date: Wed, 17 Apr 2024 04:51:06 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1713329466417_388255503_292724381_35_11279_1_0_31";dur=1
X-Firefox-Spdy: h2

ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/login.9887b156e7f00e5514d9.css

172.66.44.143

200 OK

24 kB

URL GET HTTP/3
ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/login.9887b156e7f00e5514d9.css
IP
172.66.44.143:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/resource.html
Certificate
IssuerGoogle Trust Services LLC
Subjectujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
Fingerprint87:03:EA:FF:21:1F:4B:E5:0F:58:17:F7:C7:3E:24:7B:18:58:44:AF
ValidityThu, 21 Mar 2024 11:13:18 GMT - Wed, 19 Jun 2024 11:13:17 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (2094)
Size
24 kB (24170 bytes)
Hash
155aee273023c101e07d894ddfa8ba23
bcf9b3d9f3bc309fdd86a881ab59bad808b14bdd
2ef0c756dd56138376fab33a58b4dd77faa38f69470a6aa6e3d0f3a37cf830e8

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Charles Schwab

HTTP Headers

GET /sch/sch/location/sch/sch/sch/sch/sch/login.9887b156e7f00e5514d9.css HTTP/1.1
Host: ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/resource.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:51:05 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"9e35b66328a4e298311fffa4ee41d9f8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BweA10vn%2BiUs4%2BoEEbmsV5XEf3Sg%2B676ZocJZ8O0JG3Oe9KbeNkSGMRmKvMZYxyzORxBR93TP11XfJemjLR%2FW25BUi9yY%2Bgle9oADhGe9GV715bYIyvnhQz%2FmeNwCCPQEyzva%2F5pLs%2Bw4P%2FiedWaG%2Bc0mp6SswgJ9n2ZiHDpHFkKB%2BZfNuBMrg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759cc497c099304-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/login.9887b156e7f00e5514d9.css

172.66.44.143

200 OK

14 kB

URL GET HTTP/3
ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/login.9887b156e7f00e5514d9.css
IP
172.66.44.143:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/
Certificate
IssuerGoogle Trust Services LLC
Subjectujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
Fingerprint87:03:EA:FF:21:1F:4B:E5:0F:58:17:F7:C7:3E:24:7B:18:58:44:AF
ValidityThu, 21 Mar 2024 11:13:18 GMT - Wed, 19 Jun 2024 11:13:17 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (2094)
Size
14 kB (14239 bytes)
Hash
155aee273023c101e07d894ddfa8ba23
bcf9b3d9f3bc309fdd86a881ab59bad808b14bdd
2ef0c756dd56138376fab33a58b4dd77faa38f69470a6aa6e3d0f3a37cf830e8

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Charles Schwab

HTTP Headers

GET /sch/sch/location/sch/login.9887b156e7f00e5514d9.css HTTP/1.1
Host: ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:51:05 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"9e35b66328a4e298311fffa4ee41d9f8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P%2BKHhQRZMOH06M6OVV%2FBjbL9mAuIwCCox1L8YWwITsSab5Ityc3yy23047Vx8wLNzKlVI4PZpVQMdVA4mXRNZVQkg8a8lPhXVdtRKTU4AVde7CVfuMHBFjggM54Ad4T5jppiM6ARpCbMosY9LeRLDfE2bi90%2F17yE34pTJjA2xZETbMNU%2F0Myg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759cc442f1c9304-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

client.schwab.com/Areas/Access/Content/login/dist/font/CharlesModern-Regular.8f42eb9674012799efea.woff

23.36.79.19

200 OK

22 kB

URL GET HTTP/2
client.schwab.com/Areas/Access/Content/login/dist/font/CharlesModern-Regular.8f42eb9674012799efea.woff
IP
23.36.79.19:443
ASN
#20940 Akamai International B.V.

Requested by
https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/resource.html
Certificate
IssuerEntrust, Inc.
Subjectwww.schwab.com
FingerprintD2:81:EE:64:46:FC:78:6D:94:5D:E2:CC:1F:77:98:4E:B5:57:9E:D0
ValidityWed, 07 Feb 2024 18:27:21 GMT - Wed, 05 Feb 2025 18:27:20 GMT

File type
Web Open Font Format, TrueType, length 22452, version 1.0
Size
22 kB (22452 bytes)
Hash
203e1ecea7a09d56f12e371b0c0d06af
dca8fcee4e47a5db897df33c91a5b2d93eb4a76f
d78b96c40cd112affd6d5cfb13213364f5a86d6a83415413482d22722542917e

HTTP Headers

GET /Areas/Access/Content/login/dist/font/CharlesModern-Regular.8f42eb9674012799efea.woff HTTP/1.1
Host: client.schwab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/
Origin: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/x-font-woff
last-modified: Mon, 25 Mar 2024 21:41:02 GMT
accept-ranges: bytes
etag: "0abd021fd7eda1:0"
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-length: 22452
f5ip: 162.93.220.100
cache-control: max-age=7776000
expires: Tue, 16 Jul 2024 04:51:06 GMT
date: Wed, 17 Apr 2024 04:51:06 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1713329466575_388255503_292725098_30_9621_2_0_31";dur=1
X-Firefox-Spdy: h2

client.schwab.com/Areas/Access/Content/login/dist/font/CharlesModernMedium.1b247deb1873c1b8b158.woff

23.36.79.19

200 OK

19 kB

URL GET HTTP/2
client.schwab.com/Areas/Access/Content/login/dist/font/CharlesModernMedium.1b247deb1873c1b8b158.woff
IP
23.36.79.19:443
ASN
#20940 Akamai International B.V.

Requested by
https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/
Certificate
IssuerEntrust, Inc.
Subjectwww.schwab.com
FingerprintD2:81:EE:64:46:FC:78:6D:94:5D:E2:CC:1F:77:98:4E:B5:57:9E:D0
ValidityWed, 07 Feb 2024 18:27:21 GMT - Wed, 05 Feb 2025 18:27:20 GMT

File type
Web Open Font Format, TrueType, length 19448, version 1.6553
Size
19 kB (19448 bytes)
Hash
2c72a4c855fffe2eed0299266635fc1d
5f9d3ef1139b821b00a66a8367f95e5b57967e64
ad7851335d320cdcb2201d37b4aebf6ad679dd3ae7f2b6c821a1906e402541de

HTTP Headers

GET /Areas/Access/Content/login/dist/font/CharlesModernMedium.1b247deb1873c1b8b158.woff HTTP/1.1
Host: client.schwab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/
Origin: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/x-font-woff
last-modified: Mon, 25 Mar 2024 21:41:02 GMT
accept-ranges: bytes
etag: "0abd021fd7eda1:0"
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-length: 19448
f5ip: 162.93.232.100
cache-control: max-age=7776000
expires: Tue, 16 Jul 2024 04:51:06 GMT
date: Wed, 17 Apr 2024 04:51:06 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1713329466578_388255503_292725109_28_6872_2_0_31";dur=1
X-Firefox-Spdy: h2

content.schwab.com/web/login/login-background-hq.png

23.36.79.25

200 OK

254 kB

URL GET HTTP/1.1
content.schwab.com/web/login/login-background-hq.png
IP
23.36.79.25:443
ASN
#20940 Akamai International B.V.

Requested by
https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/sch/sch/resource.html
Certificate
IssuerDigiCert Inc
Subjectcontent.schwab.com
Fingerprint69:D5:1F:FA:79:08:60:B3:06:9E:8D:D9:58:21:5C:34:D3:A9:1A:C9
ValidityMon, 26 Jun 2023 00:00:00 GMT - Tue, 25 Jun 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1524, components 3
Size
254 kB (254157 bytes)
Hash
da803de51efd8f479878e71b18a2dd02
dd60ef7895dacfad103c009e09c29c82df9bee3d
dda7745750242bc04808fce0c1d3b7a5316413c924b64c963c00dba4f7ef8c9f

HTTP Headers

GET /web/login/login-background-hq.png HTTP/1.1
Host: content.schwab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Thu, 28 Dec 2023 15:04:23 GMT
ETag: "da803de51efd8f479878e71b18a2dd02:1702562795.651757"
Server: Akamai Image Manager
Content-Length: 254157
Content-Type: image/jpeg
Cache-Control: private, no-transform, max-age=43200
Expires: Wed, 17 Apr 2024 16:51:06 GMT
Date: Wed, 17 Apr 2024 04:51:06 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Timing-Allow-Origin: *
Access-Control-Allow-Methods: GET, GET
Access-Control-Allow-Origin: *

ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/sch/sch/sch/sch/sch/login.9887b156e7f00e5514d9.css

172.66.44.143

200 OK

8.4 kB

URL GET HTTP/3
ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/sch/sch/sch/sch/sch/login.9887b156e7f00e5514d9.css
IP
172.66.44.143:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/sch/sch/sch/sch/resource.html
Certificate
IssuerGoogle Trust Services LLC
Subjectujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
Fingerprint87:03:EA:FF:21:1F:4B:E5:0F:58:17:F7:C7:3E:24:7B:18:58:44:AF
ValidityThu, 21 Mar 2024 11:13:18 GMT - Wed, 19 Jun 2024 11:13:17 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (2094)
Size
8.4 kB (8446 bytes)
Hash
155aee273023c101e07d894ddfa8ba23
bcf9b3d9f3bc309fdd86a881ab59bad808b14bdd
2ef0c756dd56138376fab33a58b4dd77faa38f69470a6aa6e3d0f3a37cf830e8

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Charles Schwab

HTTP Headers

GET /sch/sch/location/sch/sch/sch/sch/sch/sch/sch/sch/sch/sch/login.9887b156e7f00e5514d9.css HTTP/1.1
Host: ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/sch/sch/sch/sch/resource.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:51:06 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"9e35b66328a4e298311fffa4ee41d9f8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S88M6Lbt1SLqcUYsEWBSodMtar7KFFC5bJM5Ougdp%2B%2F%2BnByC3VY2HjdVSjvq1q3BOr3%2BL8iy3EZCuBJwBspr5ISxFJGtWBK6%2BAQI%2Fe48thaWxQSAa9YKoQ0mTlABVFAJfdCwQpCdmrNv%2FCRg6kUKwNPmw146JfSXulysCfwddcVuoQOhwRa%2B0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759cc4e38529304-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/sch/sch/sch/login.9887b156e7f00e5514d9.css

172.66.44.143

200 OK

0 B

URL GET HTTP/3
ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/sch/sch/sch/login.9887b156e7f00e5514d9.css
IP
172.66.44.143:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/sch/sch/resource.html
Certificate
IssuerGoogle Trust Services LLC
Subjectujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
Fingerprint87:03:EA:FF:21:1F:4B:E5:0F:58:17:F7:C7:3E:24:7B:18:58:44:AF
ValidityThu, 21 Mar 2024 11:13:18 GMT - Wed, 19 Jun 2024 11:13:17 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Charles Schwab

HTTP Headers

GET /sch/sch/location/sch/sch/sch/sch/sch/sch/sch/sch/login.9887b156e7f00e5514d9.css HTTP/1.1
Host: ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/sch/sch/resource.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:51:06 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"9e35b66328a4e298311fffa4ee41d9f8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dYQ4lJqNiXKOuQdk4%2BqZe0UVlMk8fB%2FITTYNeaH%2F3k6LBEzvQK1iX3%2BOHt3PvjJOwlMXhftNPMBUOkFH1vtlw17KVmIdhJJR6Qh28tpkcAHNapHKs41soq5iT1MZL2zkoEavJzxQZpbGsaocvuJMwbaaksBu0pNlRaXuFZQ%2FRchHRowFUx55%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759cc4c3ebf9304-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/

172.66.44.143

200 OK

13 kB

URL User Request GET HTTP/2
ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/
IP
172.66.44.143:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
Fingerprint87:03:EA:FF:21:1F:4B:E5:0F:58:17:F7:C7:3E:24:7B:18:58:44:AF
ValidityThu, 21 Mar 2024 11:13:18 GMT - Wed, 19 Jun 2024 11:13:17 GMT

File type

Size
13 kB (13321 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Charles Schwab

HTTP Headers

GET /sch/sch/location/ HTTP/1.1
Host: ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 17 Apr 2024 04:51:04 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"9e35b66328a4e298311fffa4ee41d9f8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1j0vho6%2FKmOdVQI9iVDBUId4m3SNamsrNyUK%2FCr60NBjxcN47seaQEVEeZDe4i5s1wo1jIORlizhrShO3%2FZ%2Bt4ATr2c4OquM64oIcrd7xRHgUeNYDPOrEnFy%2FcjEBtPs8resucmSysbxmxhApuBEnCdxzlUSloDVRj1GmKg%2FCGtX2P8iRjPsvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759cc4238e192d9-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/sch/login.9887b156e7f00e5514d9.css

172.66.44.143

200 OK

0 B

URL GET HTTP/3
ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/sch/login.9887b156e7f00e5514d9.css
IP
172.66.44.143:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/resource.html
Certificate
IssuerGoogle Trust Services LLC
Subjectujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
Fingerprint87:03:EA:FF:21:1F:4B:E5:0F:58:17:F7:C7:3E:24:7B:18:58:44:AF
ValidityThu, 21 Mar 2024 11:13:18 GMT - Wed, 19 Jun 2024 11:13:17 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Charles Schwab

HTTP Headers

GET /sch/sch/location/sch/sch/sch/sch/sch/sch/login.9887b156e7f00e5514d9.css HTTP/1.1
Host: ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/resource.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:51:06 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"9e35b66328a4e298311fffa4ee41d9f8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XbDDeZrRuOtjlIQRCrP6x4D8UH25IWQpVYc0wNXaxIeahzQXBB7MWgL76I%2Fa9QN3Ti37FkeTHHifuoQ3KkQSLzh1EKJO941f9Ouulq%2BZiunTxCqNGKmDcOE1cjADIXqlCM8U7qiZTCZ3YiFSRMxYA5d2Z52K4PX6upEnQgqH8ZyE7koNZFGKFA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759cc4a5cc69304-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/sch/sch/sch/resource.html

172.66.44.143

200 OK

13 kB

URL GET HTTP/3
ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/sch/sch/sch/resource.html
IP
172.66.44.143:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/sch/sch/resource.html
Certificate
IssuerGoogle Trust Services LLC
Subjectujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
Fingerprint87:03:EA:FF:21:1F:4B:E5:0F:58:17:F7:C7:3E:24:7B:18:58:44:AF
ValidityThu, 21 Mar 2024 11:13:18 GMT - Wed, 19 Jun 2024 11:13:17 GMT

File type

Size
13 kB (13321 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Charles Schwab

HTTP Headers

GET /sch/sch/location/sch/sch/sch/sch/sch/sch/sch/sch/resource.html HTTP/1.1
Host: ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/sch/sch/resource.html
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:51:06 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"9e35b66328a4e298311fffa4ee41d9f8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7%2FtUwsvBWp2UTbXoIlCdUC08GxX5JChpPiyxLQ4QeJ9bnow4IbbiNP53CfKbgZTMb6OFNp4XPc9lEC0Sebsw6Wylcp%2F9gFClOv3NMh1yhqFbE7A0Lm72VVaokQRswOqKW1gOuDkUkSWgxnU55u1Zy03KSOkngktlwdmpD8yXRucndG4VR%2B2GRA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759cc4caf359304-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/resource.html

172.66.44.143

200 OK

13 kB

URL GET HTTP/3
ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/resource.html
IP
172.66.44.143:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/resource.html
Certificate
IssuerGoogle Trust Services LLC
Subjectujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
Fingerprint87:03:EA:FF:21:1F:4B:E5:0F:58:17:F7:C7:3E:24:7B:18:58:44:AF
ValidityThu, 21 Mar 2024 11:13:18 GMT - Wed, 19 Jun 2024 11:13:17 GMT

File type

Size
13 kB (13321 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Charles Schwab

HTTP Headers

GET /sch/sch/location/sch/sch/sch/resource.html HTTP/1.1
Host: ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/resource.html
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:51:05 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"9e35b66328a4e298311fffa4ee41d9f8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hNRFRP%2Bm4roJwPPciJz2bJQD4hpf41iLqyFtD8mgLTNorl4sIKrVz3rQWjfVJts1HBbiNxtFFBpD38wds21G3%2FUGJPod4n1II%2F4eJZDC66cRnvEGwzYeji0PNiPHiEy0epG8ZnrgqIaz5OZvzmbZUx3tDSmjGj9cuvJxz38rH6aJwJ%2FzrqizMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759cc47da689304-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/sch/sch/login.9887b156e7f00e5514d9.css

172.66.44.143

200 OK

0 B

URL GET HTTP/3
ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/sch/sch/login.9887b156e7f00e5514d9.css
IP
172.66.44.143:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/sch/resource.html
Certificate
IssuerGoogle Trust Services LLC
Subjectujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
Fingerprint87:03:EA:FF:21:1F:4B:E5:0F:58:17:F7:C7:3E:24:7B:18:58:44:AF
ValidityThu, 21 Mar 2024 11:13:18 GMT - Wed, 19 Jun 2024 11:13:17 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Charles Schwab

HTTP Headers

GET /sch/sch/location/sch/sch/sch/sch/sch/sch/sch/login.9887b156e7f00e5514d9.css HTTP/1.1
Host: ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/sch/resource.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:51:06 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"9e35b66328a4e298311fffa4ee41d9f8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hC3bmnQ0o9FjB47Nv%2FqnCti7EUgxsNAvEU0xAogyNprGB4gIOjjNBI089y5je2XgRJcFnI1POhnkwJ%2BdtPF6m0RI5SnyY6IdtSXyBOCx7vZg2XAaDOfIGj3mJxNyhYIUfLH4cJLP%2F3hN4hJl%2FU%2FfzRUSlm8yAbVb6j6MS%2BjyzQmkUiCLhkPG1g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759cc4b4ded9304-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/sch/sch/sch/sch/resource.html

172.66.44.143

200 OK

13 kB

URL GET HTTP/3
ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/sch/sch/sch/sch/resource.html
IP
172.66.44.143:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/sch/sch/sch/resource.html
Certificate
IssuerGoogle Trust Services LLC
Subjectujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
Fingerprint87:03:EA:FF:21:1F:4B:E5:0F:58:17:F7:C7:3E:24:7B:18:58:44:AF
ValidityThu, 21 Mar 2024 11:13:18 GMT - Wed, 19 Jun 2024 11:13:17 GMT

File type

Size
13 kB (13321 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Charles Schwab

HTTP Headers

GET /sch/sch/location/sch/sch/sch/sch/sch/sch/sch/sch/sch/resource.html HTTP/1.1
Host: ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/sch/sch/sch/resource.html
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:51:06 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"9e35b66328a4e298311fffa4ee41d9f8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6DrLzO8K0T%2FkbaV0vegElV9%2F%2FYIXaLCFUlehkGbpUQqm940I4b%2Bo2uzncxwSN75tkpAzIKP%2FxtWJanmn9H8Kbppojs9oekb5TEtpSK6XfUB0pEh3YVRX4PUaRvlvFe0uUXQz%2Ftg45qk1s1unxuyxiXe9%2BBMnRzpXiDZTs97yrYqRCGXIJLPu%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759cc4dafe89304-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdn.cookielaw.org/logos/a9974912-473f-42db-8840-bf20d48f0189/7e29ceee-79e7-451d-8f3f-6670cdb47cbf/fddbb540-7c66-446a-b77b-6c6af62ca1e7/CS_logo_140x140.jpg

104.19.178.52

200 OK

36 kB

URL GET HTTP/2
cdn.cookielaw.org/logos/a9974912-473f-42db-8840-bf20d48f0189/7e29ceee-79e7-451d-8f3f-6670cdb47cbf/fddbb540-7c66-446a-b77b-6c6af62ca1e7/CS_logo_140x140.jpg
IP
104.19.178.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/
Certificate
IssuerCloudflare, Inc.
Subjectcookielaw.org
FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 140x140, components 3
Size
36 kB (36076 bytes)
Hash
b3495b7d18e78c13df5909754c518040
e6b9adbc16feb477d8f47d202109180420a7ca5b
61de0434d04b57d22f1a273ec9cf1a7fe1ee60b822a7f3f559330951414e3378

HTTP Headers

GET /logos/a9974912-473f-42db-8840-bf20d48f0189/7e29ceee-79e7-451d-8f3f-6670cdb47cbf/fddbb540-7c66-446a-b77b-6c6af62ca1e7/CS_logo_140x140.jpg HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 17 Apr 2024 04:51:05 GMT
content-type: image/jpeg
content-length: 36076
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cf-bgj: h2pri
content-md5: s0lbfRjnjBPfWQl1TFGAQA==
etag: 0x8DAE4729576123E
last-modified: Thu, 22 Dec 2022 23:16:41 GMT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 6e91af25-501e-007f-0993-0cf618000000
x-ms-version: 2009-09-19
cache-control: max-age=86400
cf-cache-status: HIT
age: 59663
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8759cc47ecb36df0-CPH
X-Firefox-Spdy: h2

ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/login.9887b156e7f00e5514d9.css

172.66.44.143

200 OK

0 B

URL GET HTTP/3
ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/login.9887b156e7f00e5514d9.css
IP
172.66.44.143:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/resource.html
Certificate
IssuerGoogle Trust Services LLC
Subjectujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
Fingerprint87:03:EA:FF:21:1F:4B:E5:0F:58:17:F7:C7:3E:24:7B:18:58:44:AF
ValidityThu, 21 Mar 2024 11:13:18 GMT - Wed, 19 Jun 2024 11:13:17 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Charles Schwab

HTTP Headers

GET /sch/sch/location/sch/sch/login.9887b156e7f00e5514d9.css HTTP/1.1
Host: ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/resource.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:51:05 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"9e35b66328a4e298311fffa4ee41d9f8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FhlMax1p%2B632jJnBZgHTWpUdQLQEUExolk8%2B8F0udMHFdyrG9DIzp0WBVrg7Ng7ceQPk1V0Q8Gw0MfdUCu2a8YAa9eT2zaexFFJOCk86%2B58K17Um2cTd5rZqBVFeeaLRjlMHL0hAXRrd%2FPRqXGxjYZHVzA%2B2vVW9cUAdZjPXn5hkNnGuEkHNEw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759cc4558279304-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/resource.html

172.66.44.143

200 OK

13 kB

URL GET HTTP/3
ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/resource.html
IP
172.66.44.143:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/
Certificate
IssuerGoogle Trust Services LLC
Subjectujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
Fingerprint87:03:EA:FF:21:1F:4B:E5:0F:58:17:F7:C7:3E:24:7B:18:58:44:AF
ValidityThu, 21 Mar 2024 11:13:18 GMT - Wed, 19 Jun 2024 11:13:17 GMT

File type

Size
13 kB (13321 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Charles Schwab

HTTP Headers

GET /sch/sch/location/sch/resource.html HTTP/1.1
Host: ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:51:05 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"9e35b66328a4e298311fffa4ee41d9f8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6dZhz1Pchaycemd4TZAg1i4XkhZEwWFk%2F2%2FKSk7asyfKv8hScrAXPe0vj3d1cQlz6AIm0qui7VTFSexBQBRU2kJI7r5to9qaTLNnMSQtbHzpH6EyHdGvFjedKl2eBgl4sNl8PBkJJFfpia8YQQgMm9Q%2FYvI%2B4KhQBys1muZpQH%2BLzU9EircMUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759cc44bf999304-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/sch/sch/sch/sch/login.9887b156e7f00e5514d9.css

172.66.44.143

200 OK

0 B

URL GET HTTP/3
ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/sch/sch/sch/sch/login.9887b156e7f00e5514d9.css
IP
172.66.44.143:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/sch/sch/sch/resource.html
Certificate
IssuerGoogle Trust Services LLC
Subjectujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
Fingerprint87:03:EA:FF:21:1F:4B:E5:0F:58:17:F7:C7:3E:24:7B:18:58:44:AF
ValidityThu, 21 Mar 2024 11:13:18 GMT - Wed, 19 Jun 2024 11:13:17 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Charles Schwab

HTTP Headers

GET /sch/sch/location/sch/sch/sch/sch/sch/sch/sch/sch/sch/login.9887b156e7f00e5514d9.css HTTP/1.1
Host: ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ujhgfnjfbhhbv77y4y4nhvufsdudfsghr7y4rbhjjsd.pages.dev/sch/sch/location/sch/sch/sch/sch/sch/sch/sch/sch/resource.html
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 04:51:06 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"9e35b66328a4e298311fffa4ee41d9f8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0cFbjJSrg%2FcfQ3LmtTi2F9aeOf2kPSvTXwTfratODcXLhrbqMn2nen4df9Zrxc5MRiI6YnU3zQfYkHLfiT3b9AQydDK60zMMwZRfRoVVcxzn93gsx3rdXII1FFyqynP%2FZK7SZL3NO4IQzg2XNtlsHBPKqWB57HTx%2FPi2qJIB139uoSAbhOgwCw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8759cc4d3f8b9304-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (45)

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate