| prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ActiefGrotesque_W_Medium-293e86f0.woff | 54.230.111.37 | 200 OK | 32 kB |
URL GET HTTP/2prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ActiefGrotesque_W_Medium-293e86f0.woff IP54.230.111.37:443
Requested byhttps://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt CertificateIssuerAmazon Subjectwetransfer.net Fingerprint0B:0D:65:82:74:97:1B:AD:60:D8:48:2B:7D:A7:00:EA:34:08:86:48 ValiditySun, 30 Jul 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT
File typeWeb Open Font Format, TrueType, length 32124, version 1.6554 Hash868aedeefe7669e8a4f7196f7df5d058 45bd20ef2c6b717a2526efd98a01207979b2a623 d8700b022ef56752cd12ff224b3f409e84aeb8a43ac68ba052167096baf46555
GET /packs/media/actiefgrotesque/ActiefGrotesque_W_Medium-293e86f0.woff HTTP/1.1
Host: prod-cdn.wetransfer.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
Origin: https://lingering-thunder-0229.nguyenchong9455.workers.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: font/woff
content-length: 32124
date: Thu, 11 Apr 2024 11:43:40 GMT
last-modified: Thu, 21 Dec 2023 14:25:54 GMT
etag: "868aedeefe7669e8a4f7196f7df5d058"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1t9YTBQr8v_0kHEWo7Suf8UAQoKT_pFCUZPxzUyewcoMWoIMoeU4WQ==
age: 451647
X-Firefox-Spdy: h2
|
|
| prod-cdn.wetransfer.net/packs/media/gt-super-wt/GT-Super-WT-Super-1b214df1.woff | 54.230.111.37 | 200 OK | 43 kB |
URL GET HTTP/2prod-cdn.wetransfer.net/packs/media/gt-super-wt/GT-Super-WT-Super-1b214df1.woff IP54.230.111.37:443
Requested byhttps://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt CertificateIssuerAmazon Subjectwetransfer.net Fingerprint0B:0D:65:82:74:97:1B:AD:60:D8:48:2B:7D:A7:00:EA:34:08:86:48 ValiditySun, 30 Jul 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT
File typeWeb Open Font Format, TrueType, length 43188, version 0.0 Hash55576599a2d772f9297c5036d355b1fb c52e4f9a59137105deb12a3de25ee7d5a15fd286 1e3d5d86432b9bfcdf25ce0e35fd23667cea86f6fa71fa920cd84abb70258f73
GET /packs/media/gt-super-wt/GT-Super-WT-Super-1b214df1.woff HTTP/1.1
Host: prod-cdn.wetransfer.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
Origin: https://lingering-thunder-0229.nguyenchong9455.workers.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: font/woff
content-length: 43188
date: Thu, 11 Apr 2024 18:24:22 GMT
last-modified: Thu, 21 Dec 2023 14:25:55 GMT
etag: "55576599a2d772f9297c5036d355b1fb"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JkAvCqSc2McQHhj8MAJTrCZQvpsvL8jH4FoE2sl9IpDpqg56EEgAQQ==
age: 427605
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js | 104.17.24.14 | 200 OK | 6.2 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js IP104.17.24.14:443
Requested byhttps://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (19015) Hash70d3fda195602fe8b75e0097eed74dde c3b977aa4b8dfb69d651e07015031d385ded964b a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
Origin: https://lingering-thunder-0229.nguyenchong9455.workers.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 17:11:06 GMT
content-type: application/javascript; charset=utf-8
content-length: 6157
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-4af4"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2732350
expires: Sun, 06 Apr 2025 17:11:06 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wve%2FHl%2BtIwgCj04l%2BnqsYWzdiCMKGWTWCE6a3BKAlDReLk0qtU5O9tYNd2yP93tX2ExLyYvkBQyaIqYblXzUdmYHNSVwYOzhauBosMuhut02J%2Fst89IhKvBnMuklCyGVhaJaWDVU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8755cae8490a1c06-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| code.jquery.com/jquery-3.2.1.slim.min.js | 151.101.194.137 | 200 OK | 24 kB |
URL GET HTTP/2code.jquery.com/jquery-3.2.1.slim.min.js IP151.101.194.137:443
Requested byhttps://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt CertificateIssuerSectigo Limited Subject*.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (32012) Hash5f48fc77cac90c4778fa24ec9c57f37d 9e89d1515bc4c371b86f4cb1002fd8e377c1829f 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
GET /jquery-3.2.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
Origin: https://lingering-thunder-0229.nguyenchong9455.workers.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-10fdd"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 16 Apr 2024 17:11:06 GMT
age: 757599
x-served-by: cache-lga21963-LGA, cache-hel1410029-HEL
x-cache: HIT, HIT
x-cache-hits: 40, 76188
x-timer: S1713287466.318440,VS0,VE0
vary: Accept-Encoding
content-length: 23856
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/jquery.session@1.0.0/jquery.session.min.js | 151.101.65.229 | 200 OK | 983 B |
URL GET HTTP/2cdn.jsdelivr.net/npm/jquery.session@1.0.0/jquery.session.min.js IP151.101.65.229:443
Requested byhttps://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeASCII text, with very long lines (1993) Hashc0ac9c9487d60de96dc68dbb25bd8dd6 99419b0be4b85422ff84870e54dbd8a52dc6dab1 76ad6584ac5bdd459939dc7532fae7c2bdd8e22d773ff16d2306f42a1ffc569c
GET /npm/jquery.session@1.0.0/jquery.session.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.0.0
x-jsd-version-type: version
etag: W/"91d-mUGbC+S4VCL/hIcOVNvYpS3G2rE"
content-encoding: br
accept-ranges: bytes
date: Tue, 16 Apr 2024 17:11:06 GMT
age: 3681169
x-served-by: cache-fra-eddf8230025-FRA, cache-hel1410031-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 983
X-Firefox-Spdy: h2
|
|
| prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ActiefGrotesque_W_Regular-1f437876.woff | 54.230.111.37 | 200 OK | 31 kB |
URL GET HTTP/2prod-cdn.wetransfer.net/packs/media/actiefgrotesque/ActiefGrotesque_W_Regular-1f437876.woff IP54.230.111.37:443
Requested byhttps://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt CertificateIssuerAmazon Subjectwetransfer.net Fingerprint0B:0D:65:82:74:97:1B:AD:60:D8:48:2B:7D:A7:00:EA:34:08:86:48 ValiditySun, 30 Jul 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT
File typeWeb Open Font Format, TrueType, length 31120, version 1.6554 Hash57cbbfdafc43e0deecc75a309dd042c6 b9cc2ff331b8520706de175f5b3fdba6731a9bfc a9117f16bdaa64c953b303bef951dfca6316ef59f1b7ca72d5b946b1d815f6a6
GET /packs/media/actiefgrotesque/ActiefGrotesque_W_Regular-1f437876.woff HTTP/1.1
Host: prod-cdn.wetransfer.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
Origin: https://lingering-thunder-0229.nguyenchong9455.workers.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: font/woff
content-length: 31120
date: Wed, 10 Apr 2024 21:58:06 GMT
last-modified: Thu, 21 Dec 2023 14:25:54 GMT
etag: "57cbbfdafc43e0deecc75a309dd042c6"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: igahCKuQtRIYLcih59F_Ru3XRw_lf5TCLSnlRnnsisVzE9q4KODZCg==
age: 501181
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js | 142.250.74.74 | 200 OK | 30 kB |
URL GET HTTP/2ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js IP142.250.74.74:443
Requested byhttps://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeJavaScript source, ASCII text, with very long lines (32065) Hash2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 13 Apr 2024 13:58:13 GMT
expires: Sun, 13 Apr 2025 13:58:13 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 270773
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| lingering-thunder-0229.nguyenchong9455.workers.dev/packs/media/actiefgrotesque/ActiefGrotesque_W_Bd-1bdd99f9.woff | 172.67.175.143 | 200 OK | 2.0 MB |
URL GET HTTP/3lingering-thunder-0229.nguyenchong9455.workers.dev/packs/media/actiefgrotesque/ActiefGrotesque_W_Bd-1bdd99f9.woff IP172.67.175.143:443
Requested byhttps://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt CertificateIssuerGoogle Trust Services LLC Subjectnguyenchong9455.workers.dev Fingerprint4F:AF:F2:54:B4:8B:77:6C:2B:9C:3B:7E:1C:3B:60:8B:5A:24:A2:CD ValiditySat, 13 Apr 2024 20:58:01 GMT - Fri, 12 Jul 2024 20:58:00 GMT
File typeHTML document, ASCII text, with very long lines (65527) Size2.0 MB (2013081 bytes) Hash557d3772c4c1e1564e8c734160d81602 d7f03f917d23363e7f5de2724abc43c9c054fea5 a0774701220e259dc394ed31b92bea4b60275ccf8cc1747145e72ef8d46b1623
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - WeTransfer | OpenPhish | phishing | WeTransfer | PhishTank | phishing | WeTransfer |
GET /packs/media/actiefgrotesque/ActiefGrotesque_W_Bd-1bdd99f9.woff HTTP/1.1
Host: lingering-thunder-0229.nguyenchong9455.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 Apr 2024 17:11:07 GMT
content-type: text/html;charset=UTF-8
content-length: 2013081
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x66fgEapwDGS56v4YYspaPFqrZozm1ivpwdRWwQ8n0u4oCOivv2fnzIq0JfHW6MSJ9AO2PN%2FXBrzg8lK1GqZ4vnLYMhCHL6qWzAoC9QiuvJSnUGe1SkhPJhSwsT4QgA39orSLgdHehof8VXDqUJ2CCjJD2gSrEPtNzg9N972zXw5x3IAjg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755caedd95756bd-OSL
alt-svc: h3=":443"; ma=86400
|
|
| lingering-thunder-0229.nguyenchong9455.workers.dev/packs/media/actiefgrotesque/ActiefGrotesque_W_Regular-1f437876.woff | 172.67.175.143 | 200 OK | 2.0 MB |
URL GET HTTP/3lingering-thunder-0229.nguyenchong9455.workers.dev/packs/media/actiefgrotesque/ActiefGrotesque_W_Regular-1f437876.woff IP172.67.175.143:443
Requested byhttps://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt CertificateIssuerGoogle Trust Services LLC Subjectnguyenchong9455.workers.dev Fingerprint4F:AF:F2:54:B4:8B:77:6C:2B:9C:3B:7E:1C:3B:60:8B:5A:24:A2:CD ValiditySat, 13 Apr 2024 20:58:01 GMT - Fri, 12 Jul 2024 20:58:00 GMT
File typeHTML document, ASCII text, with very long lines (65527) Size2.0 MB (2013081 bytes) Hash557d3772c4c1e1564e8c734160d81602 d7f03f917d23363e7f5de2724abc43c9c054fea5 a0774701220e259dc394ed31b92bea4b60275ccf8cc1747145e72ef8d46b1623
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - WeTransfer | OpenPhish | phishing | WeTransfer | PhishTank | phishing | WeTransfer |
GET /packs/media/actiefgrotesque/ActiefGrotesque_W_Regular-1f437876.woff HTTP/1.1
Host: lingering-thunder-0229.nguyenchong9455.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 Apr 2024 17:11:07 GMT
content-type: text/html;charset=UTF-8
content-length: 2013081
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f9sbmMesOnGFhbiGTKvjZXtLVB5xC3ZJ1VXY9hft6Zp73TLFxiUglFYCTPKy8EqjCROyM1GtNm%2BQXTsE7aDjTwzavj2jyPIkYFe1554in%2Bb2Ok1gbEaoHGmVLR4aegckeK5Fw%2BUahHH40LXUU99zhZiSs5jg5KTqIU6ZO7DCq%2B8bPLPXfg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755caedd95c56bd-OSL
alt-svc: h3=":443"; ma=86400
|
|
| lingering-thunder-0229.nguyenchong9455.workers.dev/packs/media/actiefgrotesque/ActiefGrotesque_W_Medium-293e86f0.woff | 172.67.175.143 | 200 OK | 2.0 MB |
URL GET HTTP/3lingering-thunder-0229.nguyenchong9455.workers.dev/packs/media/actiefgrotesque/ActiefGrotesque_W_Medium-293e86f0.woff IP172.67.175.143:443
Requested byhttps://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt CertificateIssuerGoogle Trust Services LLC Subjectnguyenchong9455.workers.dev Fingerprint4F:AF:F2:54:B4:8B:77:6C:2B:9C:3B:7E:1C:3B:60:8B:5A:24:A2:CD ValiditySat, 13 Apr 2024 20:58:01 GMT - Fri, 12 Jul 2024 20:58:00 GMT
File typeHTML document, ASCII text, with very long lines (65527) Size2.0 MB (2013081 bytes) Hash557d3772c4c1e1564e8c734160d81602 d7f03f917d23363e7f5de2724abc43c9c054fea5 a0774701220e259dc394ed31b92bea4b60275ccf8cc1747145e72ef8d46b1623
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - WeTransfer | OpenPhish | phishing | WeTransfer | PhishTank | phishing | WeTransfer |
GET /packs/media/actiefgrotesque/ActiefGrotesque_W_Medium-293e86f0.woff HTTP/1.1
Host: lingering-thunder-0229.nguyenchong9455.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 Apr 2024 17:11:07 GMT
content-type: text/html;charset=UTF-8
content-length: 2013081
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ouchzT94BKgyUS1X%2BrMdQkUwHZeSN4DdYuv2qZGzkNLd5A6kJXA4zEBk8wSLEnOkAFAm3W5qbYZK39NHWRIh9oHQIE6JMVyikn8hNiBT%2FeT3meY4foCfMmyMZrsjM5pCI3lgdp%2FGXJ%2B6vrlQ%2B%2FD2Mcd1TAcDWQ8HYTscvwqKRjDu%2BxvrKw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755caee09a256bd-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtm.js?id=GTM-5WF5RH4 | 142.250.74.136 | 200 OK | 67 kB |
URL GET HTTP/2www.googletagmanager.com/gtm.js?id=GTM-5WF5RH4 IP142.250.74.136:443
Requested byhttps://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (44393) Hashe61862acc9a5ec0cacf31e5c64bd3919 9fe0adb7467f6ec85d9c85c6865cf67b992d6865 46fa5b6b83632760f39e13b3220ad047e2e51426c5b38f02a5f9dd193f1b43b8
GET /gtm.js?id=GTM-5WF5RH4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 16 Apr 2024 17:11:08 GMT
expires: Tue, 16 Apr 2024 17:11:08 GMT
cache-control: private, max-age=900
last-modified: Tue, 16 Apr 2024 16:16:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 66816
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| prod-cdn.wetransfer.net/packs/media/images/apple-touch-icon-180x180-precomposed-fd272b89.png | 54.230.111.37 | 200 OK | 16 kB |
URL GET HTTP/2prod-cdn.wetransfer.net/packs/media/images/apple-touch-icon-180x180-precomposed-fd272b89.png IP54.230.111.37:443
Requested byhttps://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt CertificateIssuerAmazon Subjectwetransfer.net Fingerprint0B:0D:65:82:74:97:1B:AD:60:D8:48:2B:7D:A7:00:EA:34:08:86:48 ValiditySun, 30 Jul 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT
File typePNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced Hashbc5b180f2d0001298a5ea3691e3fc623 edf2c67a5cef4efd081e5e6e4bc027e72be45593 b8c5bf2f80790d4abbe7fd5dca0bcf5c3eeaa4e23b1b35c8854a3fdb5c26b1e9
GET /packs/media/images/apple-touch-icon-180x180-precomposed-fd272b89.png HTTP/1.1
Host: prod-cdn.wetransfer.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 16208
date: Fri, 22 Dec 2023 22:58:57 GMT
last-modified: Thu, 21 Dec 2023 14:25:55 GMT
etag: "bc5b180f2d0001298a5ea3691e3fc623"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: SuC9pfIJ4KbilMdSVEjskBHpjyAyH2upEQL1KZLLmNNNXZXKXMhaOQ==
age: 10001532
X-Firefox-Spdy: h2
|
|
| lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/runtimeapplication-bafdd8b86fd88bb4273d.js | 172.67.175.143 | 200 OK | 298 kB |
URL GET HTTP/3lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/runtimeapplication-bafdd8b86fd88bb4273d.js IP172.67.175.143:443
Requested byhttps://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt CertificateIssuerGoogle Trust Services LLC Subjectnguyenchong9455.workers.dev Fingerprint4F:AF:F2:54:B4:8B:77:6C:2B:9C:3B:7E:1C:3B:60:8B:5A:24:A2:CD ValiditySat, 13 Apr 2024 20:58:01 GMT - Fri, 12 Jul 2024 20:58:00 GMT
File typeHTML document, ASCII text, with very long lines (65527) Size298 kB (297621 bytes) Hash557d3772c4c1e1564e8c734160d81602 d7f03f917d23363e7f5de2724abc43c9c054fea5 a0774701220e259dc394ed31b92bea4b60275ccf8cc1747145e72ef8d46b1623
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - WeTransfer | OpenPhish | phishing | WeTransfer | PhishTank | phishing | WeTransfer |
GET /css/css/runtimeapplication-bafdd8b86fd88bb4273d.js HTTP/1.1
Host: lingering-thunder-0229.nguyenchong9455.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 Apr 2024 17:11:07 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J3jCUKX32WC1xUjW11M4fuqGWU7LMIqc8LPxJJVWhmPu9%2B9uCqqQW9a%2F0QHpw5JBK6D%2BeQcx89MC3nxWPo9Os1OtnVBiEyr9Nph%2BLK1Wjr%2FMQKMNjyt4YIoj6auWfmW%2BaAmgqOJSgXSyyghZQc0wmV%2BeClvAKg44S%2B551WRdmbbWaArGlg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755caeeebed56bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/vendor-ef8fd9ca3a0295622111.js | 172.67.175.143 | 200 OK | 286 kB |
URL GET HTTP/3lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/vendor-ef8fd9ca3a0295622111.js IP172.67.175.143:443
Requested byhttps://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt CertificateIssuerGoogle Trust Services LLC Subjectnguyenchong9455.workers.dev Fingerprint4F:AF:F2:54:B4:8B:77:6C:2B:9C:3B:7E:1C:3B:60:8B:5A:24:A2:CD ValiditySat, 13 Apr 2024 20:58:01 GMT - Fri, 12 Jul 2024 20:58:00 GMT
File typeHTML document, ASCII text, with very long lines (65527) Size286 kB (285950 bytes) Hash557d3772c4c1e1564e8c734160d81602 d7f03f917d23363e7f5de2724abc43c9c054fea5 a0774701220e259dc394ed31b92bea4b60275ccf8cc1747145e72ef8d46b1623
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - WeTransfer | OpenPhish | phishing | WeTransfer | PhishTank | phishing | WeTransfer |
GET /css/css/vendor-ef8fd9ca3a0295622111.js HTTP/1.1
Host: lingering-thunder-0229.nguyenchong9455.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 Apr 2024 17:11:07 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R%2Ff04Y%2FTD1t9gDu1oo7%2F6ckKX9jNWUeEOCDjs4RZPY%2FoaGwiCZnzg5r34zrCzbLGLlhqrA2nXpjjlwrCLk001fJEKhRAlxf906%2FvfthSH8hohDGeeNun4yOreEMI8SwILtX9Ory3c5l8FmKDhno6hdc6BvhCcb8rzUXU5%2B4qeDuOndNbbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755caeeebf356bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-101-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml | 35.244.181.201 | | 444 B |
URL aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-101-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml IP35.244.181.201:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typeXML 1.0 document, ASCII text, with very long lines (332) Hash3b324dec137a87ef7e24a30a65b13dd0 c0faa95b2f1018e264b3a14aaf50d1003e6c27b3 6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463
GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-101-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-05-20-00-15-28.chain; p384ecdsa=Q2Kr1ZbAulgIP4KT80O4G8yaj7FGCrkEtST3om94xHNLUltFU2cdmBhvoXCck0OEy_aCzBooJpljEa1Wr2_a9sv6_kX-f2hxu5rDN66jmWjg1LuU-uLSSxc4FI-ocO58
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
date: Tue, 16 Apr 2024 17:10:22 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 444
age: 62
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt | 172.67.175.143 | 200 OK | 2.0 MB |
URL User Request GET HTTP/2lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt IP172.67.175.143:443
CertificateIssuerGoogle Trust Services LLC Subjectnguyenchong9455.workers.dev Fingerprint4F:AF:F2:54:B4:8B:77:6C:2B:9C:3B:7E:1C:3B:60:8B:5A:24:A2:CD ValiditySat, 13 Apr 2024 20:58:01 GMT - Fri, 12 Jul 2024 20:58:00 GMT
Size2.0 MB (2013081 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - WeTransfer | OpenPhish | phishing | WeTransfer | PhishTank | phishing | WeTransfer |
GET /css/0.txt HTTP/1.1
Host: lingering-thunder-0229.nguyenchong9455.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 17:11:05 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZHdJsYTd7jnDIanXcdpDfIQKXF%2Bkf5GNDj022iWlYTawe1cKtgEre0vvfgxHQPwUav17B0r83%2Fy%2BpSZHLP8YsV3%2FggFQLP5IKzr8fYjGKzcodTmC1NUVvOaNdty7auyYS3uZMwrxMEQhQ8o0mBOAAdS68YgQpJIk8%2FZMlpF4os8ShGoG9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755cae18f060b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/sp.js | 172.67.175.143 | 200 OK | 2.0 MB |
URL GET HTTP/3lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/sp.js IP172.67.175.143:443
Requested byhttps://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt CertificateIssuerGoogle Trust Services LLC Subjectnguyenchong9455.workers.dev Fingerprint4F:AF:F2:54:B4:8B:77:6C:2B:9C:3B:7E:1C:3B:60:8B:5A:24:A2:CD ValiditySat, 13 Apr 2024 20:58:01 GMT - Fri, 12 Jul 2024 20:58:00 GMT
Size2.0 MB (2013081 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - WeTransfer | OpenPhish | phishing | WeTransfer | PhishTank | phishing | WeTransfer |
GET /css/css/sp.js HTTP/1.1
Host: lingering-thunder-0229.nguyenchong9455.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 16 Apr 2024 17:11:06 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R%2BwU%2B6Dm0W2eKRIqOkTnOBkDhVSutMPnXXDgOUqL40iSDPn4MGw%2B9yAOhqrL7r6Ep0mPf%2FQVlXUUZsJ1i30SZmO3V8Fe%2FYz%2BiRSGMnMBF4IABJPrPQnV55SuHzPvyimCdv0ollMtkzQaygJelzzW1uRQjywq95p6iscWW%2Fn10rqGVOCrHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755cae6d91156bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js | 104.18.11.207 | 200 OK | 49 kB |
URL GET HTTP/2maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js IP104.18.11.207:443
Requested byhttps://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeJavaScript source, ASCII text, with very long lines (48664) Hash14d449eb8876fa55e1ef3c2cc52b0c17 a9545831803b1359cfeed47e3b4d6bae68e40e99 e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
Origin: https://lingering-thunder-0229.nguyenchong9455.workers.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 17:11:06 GMT
content-type: application/javascript; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 03/18/2024 12:46:36
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1048
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: f79feda6c4e9612994404e3f59b85cc4
cdn-cache: HIT
cf-cache-status: HIT
age: 172149
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8755cae85a09b4ed-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/application-c2b6f877fed288c2431f.js | 172.67.175.143 | 200 OK | 2.0 MB |
URL GET HTTP/3lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/application-c2b6f877fed288c2431f.js IP172.67.175.143:443
Requested byhttps://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt CertificateIssuerGoogle Trust Services LLC Subjectnguyenchong9455.workers.dev Fingerprint4F:AF:F2:54:B4:8B:77:6C:2B:9C:3B:7E:1C:3B:60:8B:5A:24:A2:CD ValiditySat, 13 Apr 2024 20:58:01 GMT - Fri, 12 Jul 2024 20:58:00 GMT
Size2.0 MB (2013081 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - WeTransfer | OpenPhish | phishing | WeTransfer | PhishTank | phishing | WeTransfer |
GET /css/css/application-c2b6f877fed288c2431f.js HTTP/1.1
Host: lingering-thunder-0229.nguyenchong9455.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 16 Apr 2024 17:11:07 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8L7y8Rcu9UzU0CSmQgHJ06M8eyoF8xmLBCISAqyFg0QmZN79usLmgE0Iy8P2hASDLT5Di5mK%2BGJSygRbMyvcYgfUWdzSGJvl9fsrszHhowfZnuaH%2Fu8J4srxZKqc%2FlkjmAeBukNk5OYvXZN2g%2BR8GuHJqjTI6vgsWw2Dm4OmHc1zwa3x3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755caeeebef56bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/analytics.js | 172.67.175.143 | 200 OK | 2.0 MB |
URL GET HTTP/3lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/analytics.js IP172.67.175.143:443
Requested byhttps://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt CertificateIssuerGoogle Trust Services LLC Subjectnguyenchong9455.workers.dev Fingerprint4F:AF:F2:54:B4:8B:77:6C:2B:9C:3B:7E:1C:3B:60:8B:5A:24:A2:CD ValiditySat, 13 Apr 2024 20:58:01 GMT - Fri, 12 Jul 2024 20:58:00 GMT
Size2.0 MB (2013081 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - WeTransfer | OpenPhish | phishing | WeTransfer | PhishTank | phishing | WeTransfer |
GET /css/css/analytics.js HTTP/1.1
Host: lingering-thunder-0229.nguyenchong9455.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 16 Apr 2024 17:11:06 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x245usXNL4%2FPlBE5VEIdIeaoI0beemnONEO9lFYFqn4btAMGeux31jOs%2FctyMjKpNNu6OE3W0hxuhXB41UXu8or8%2Bc4rOAFbCggWbrfc4Wgc8MkQhsOXpCloX6X59cDMwjJb%2FhHWol9ji7uE0ExHGbxjAlPOVisAUtk5XkTGwbT9JSTqag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755cae6a88756bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/gtm_002.js | 172.67.175.143 | 200 OK | 2.0 MB |
URL GET HTTP/3lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/gtm_002.js IP172.67.175.143:443
Requested byhttps://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt CertificateIssuerGoogle Trust Services LLC Subjectnguyenchong9455.workers.dev Fingerprint4F:AF:F2:54:B4:8B:77:6C:2B:9C:3B:7E:1C:3B:60:8B:5A:24:A2:CD ValiditySat, 13 Apr 2024 20:58:01 GMT - Fri, 12 Jul 2024 20:58:00 GMT
Size2.0 MB (2013081 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - WeTransfer | OpenPhish | phishing | WeTransfer | PhishTank | phishing | WeTransfer |
GET /css/css/gtm_002.js HTTP/1.1
Host: lingering-thunder-0229.nguyenchong9455.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 16 Apr 2024 17:11:06 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SArDSvq1Ws1YkUDXJX1fOn3IM9H0dYg9u8X9Fw%2BIqNfp45teerFULss4goLhkp081qq52MQASo%2BhebTc536wtGVLz8uGkhUZPCqr0MrPBgsrsGkisoq165RXshIkxSB%2FeoWBhDPP8gcuVjPM52G363atFf3xKekz3KWKYCLCOaRz5K4Liw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755cae6a88956bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/gtm.js | 172.67.175.143 | 200 OK | 2.0 MB |
URL GET HTTP/3lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/gtm.js IP172.67.175.143:443
Requested byhttps://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt CertificateIssuerGoogle Trust Services LLC Subjectnguyenchong9455.workers.dev Fingerprint4F:AF:F2:54:B4:8B:77:6C:2B:9C:3B:7E:1C:3B:60:8B:5A:24:A2:CD ValiditySat, 13 Apr 2024 20:58:01 GMT - Fri, 12 Jul 2024 20:58:00 GMT
Size2.0 MB (2013081 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - WeTransfer | OpenPhish | phishing | WeTransfer | PhishTank | phishing | WeTransfer |
GET /css/css/gtm.js HTTP/1.1
Host: lingering-thunder-0229.nguyenchong9455.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 16 Apr 2024 17:11:06 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EkyUt6CsZuqL607MXWnjnq%2FNiLyOiYbBtwd8rRWdd%2FZ5keuYxwQXU7xKvWdVGnjGfcTiVfEzjYjqovRd%2BTtrLk8m2n4RY1ujozDCxVxDFcysl87%2FP8SjdUF1cj0JhW%2FT%2FkiIbjcGh%2FJ0R93TNzcz0QM%2FT7UgR4KlGbiAqPtkzHtBy4IoVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755cae6d90c56bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/advertising-4aee5180207621f94abeb04df0d9e7e52f4496bf16a55f712.js | 172.67.175.143 | 200 OK | 2.0 MB |
URL GET HTTP/3lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/advertising-4aee5180207621f94abeb04df0d9e7e52f4496bf16a55f712.js IP172.67.175.143:443
Requested byhttps://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt CertificateIssuerGoogle Trust Services LLC Subjectnguyenchong9455.workers.dev Fingerprint4F:AF:F2:54:B4:8B:77:6C:2B:9C:3B:7E:1C:3B:60:8B:5A:24:A2:CD ValiditySat, 13 Apr 2024 20:58:01 GMT - Fri, 12 Jul 2024 20:58:00 GMT
Size2.0 MB (2013081 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - WeTransfer | OpenPhish | phishing | WeTransfer | PhishTank | phishing | WeTransfer |
GET /css/css/advertising-4aee5180207621f94abeb04df0d9e7e52f4496bf16a55f712.js HTTP/1.1
Host: lingering-thunder-0229.nguyenchong9455.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 16 Apr 2024 17:11:06 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HWIXOkTx6M5AH8Mr%2BEW5hkWJXfqZPLGf3HFMEeg2BRQnYkhWpXQq77hdJ1uY5K4p7oO2ca%2BK1Zk0x5ShAzl28j4p8IC5N9T9%2FnwQEQgLafgpqbirUjBPlVh8DtgIgBovjUP8%2FZOQS%2F4SS8qUcaFuKqU%2FwOVa7OeZL0GqxX2vLfg67YaKdA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755cae6d91756bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ajax.googleapis.luchifab.com/ajax.googleapis/ajax/libs/jquery/2.2.4/jquery.min.js | 0.0.0.0 | | 0 B |
URL GET ajax.googleapis.luchifab.com/ajax.googleapis/ajax/libs/jquery/2.2.4/jquery.min.js IP0.0.0.0:0
Requested byhttps://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ajax.googleapis/ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.luchifab.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/fbevents.js | 172.67.175.143 | 200 OK | 2.0 MB |
URL GET HTTP/3lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/fbevents.js IP172.67.175.143:443
Requested byhttps://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt CertificateIssuerGoogle Trust Services LLC Subjectnguyenchong9455.workers.dev Fingerprint4F:AF:F2:54:B4:8B:77:6C:2B:9C:3B:7E:1C:3B:60:8B:5A:24:A2:CD ValiditySat, 13 Apr 2024 20:58:01 GMT - Fri, 12 Jul 2024 20:58:00 GMT
Size2.0 MB (2013081 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - WeTransfer | OpenPhish | phishing | WeTransfer | PhishTank | phishing | WeTransfer |
GET /css/css/fbevents.js HTTP/1.1
Host: lingering-thunder-0229.nguyenchong9455.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 16 Apr 2024 17:11:06 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jz5ulYfcHkpcx7PUIGg9gMJWj%2FC9VnrnNMiJ0IeemxVdMFWm9J9aCdV8W042makZ%2FSACl%2Bbd%2Bbe1UVd1q%2FAW%2B6qdLvKOfX7NmA3Kv50CkqyxQd9gNfeqkVR2r191A9Q0yuCiDcZ9FlgY7V4e5U3VbTpc2exdBvmMkRRuD2rU1%2B%2BK1hJj2w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755cae6987856bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/wallpaper-59e18dcf37d4cc5f163b.js | 172.67.175.143 | 200 OK | 2.0 MB |
URL GET HTTP/3lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/wallpaper-59e18dcf37d4cc5f163b.js IP172.67.175.143:443
Requested byhttps://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt CertificateIssuerGoogle Trust Services LLC Subjectnguyenchong9455.workers.dev Fingerprint4F:AF:F2:54:B4:8B:77:6C:2B:9C:3B:7E:1C:3B:60:8B:5A:24:A2:CD ValiditySat, 13 Apr 2024 20:58:01 GMT - Fri, 12 Jul 2024 20:58:00 GMT
Size2.0 MB (2013081 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - WeTransfer | OpenPhish | phishing | WeTransfer | PhishTank | phishing | WeTransfer |
GET /css/css/wallpaper-59e18dcf37d4cc5f163b.js HTTP/1.1
Host: lingering-thunder-0229.nguyenchong9455.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 16 Apr 2024 17:11:06 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ok2zAp0pgRBGwG2Jzre%2BCml4%2FBmP2%2FbJdrblVUzgl94hZ8kw3mwdtev9JBYeRKsrTUazr1ejMyzxvmASSSET6RLFkUSpD7xENkc3ImAVab9Nxm8%2BZJnAcPDMAFHrm0IdiACj2eiQqMc0ywEOBHlTLZLuovc3KqpqbgTBCuTZSRjsM3igJg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755cae6a89a56bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| prod-cdn.wetransfer.net/packs/media/images/favicon-a34a7465.ico | 54.230.111.37 | 200 OK | 42 kB |
URL GET HTTP/2prod-cdn.wetransfer.net/packs/media/images/favicon-a34a7465.ico IP54.230.111.37:443
Requested byhttps://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt CertificateIssuerAmazon Subjectwetransfer.net Fingerprint0B:0D:65:82:74:97:1B:AD:60:D8:48:2B:7D:A7:00:EA:34:08:86:48 ValiditySun, 30 Jul 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT
File typeMS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel Hash692e1c7339c359b6412f059c9c9a0474 e7c1a53dca16b7664880e5b8a92524cf9a47fb62 d12161435ace47c6883360e08466508593325f134c1852b1d0e6e75d5f76adda
GET /packs/media/images/favicon-a34a7465.ico HTTP/1.1
Host: prod-cdn.wetransfer.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/vnd.microsoft.icon
content-length: 41566
date: Wed, 27 Mar 2024 01:09:01 GMT
last-modified: Thu, 21 Dec 2023 14:25:56 GMT
etag: "692e1c7339c359b6412f059c9c9a0474"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5oEsUT5sQ2qc7Np6SRZRfAhln0g6CjtaK86JGvHxo8OSZiGlHozeAQ==
age: 1785728
X-Firefox-Spdy: h2
|
|
| lingering-thunder-0229.nguyenchong9455.workers.dev/packs/media/images/globe-dd3d31e7.svg | 172.67.175.143 | 200 OK | 2.0 MB |
URL GET HTTP/3lingering-thunder-0229.nguyenchong9455.workers.dev/packs/media/images/globe-dd3d31e7.svg IP172.67.175.143:443
Requested byhttps://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt CertificateIssuerGoogle Trust Services LLC Subjectnguyenchong9455.workers.dev Fingerprint4F:AF:F2:54:B4:8B:77:6C:2B:9C:3B:7E:1C:3B:60:8B:5A:24:A2:CD ValiditySat, 13 Apr 2024 20:58:01 GMT - Fri, 12 Jul 2024 20:58:00 GMT
Size2.0 MB (2013081 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - WeTransfer | OpenPhish | phishing | WeTransfer | PhishTank | phishing | WeTransfer |
GET /packs/media/images/globe-dd3d31e7.svg HTTP/1.1
Host: lingering-thunder-0229.nguyenchong9455.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 16 Apr 2024 17:11:07 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OanndsxmsUJOodAAg9%2B1xYx1VjgixoyzDHiYb74Yyn1I4XKOjZeekaLcABF9m5qNzGO9jPxqeG0XrBmD3YM74QZOTtunZ%2BbKgN7zNnU%2BiarZj%2B9lnuvLFfg%2Fv7MUhwdx9HNVamIgUmcbvQiiP39vSjdAyxUui5VogvzWVFYihpc0FLQIHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755caedb8a056bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js | 104.18.10.207 | 200 OK | 51 kB |
URL GET HTTP/2stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js IP104.18.10.207:443
Requested byhttps://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeJavaScript source, ASCII text, with very long lines (50758) Hash67176c242e1bdc20603c878dee836df3 27a71b00383d61ef3c489326b3564d698fc1227c 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 17:11:06 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-cachedat: 11/15/2021 23:30:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: a35b0179a28ed953258d0fb41376a09c
cdn-cache: HIT
cf-cache-status: HIT
age: 1202067
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8755cae6aebcb4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| prod-cdn.wetransfer.net/packs/media/transfer_window/email-verification-lock-e6ed8c56.svg | 54.230.111.37 | 200 OK | 1.7 kB |
URL GET HTTP/2prod-cdn.wetransfer.net/packs/media/transfer_window/email-verification-lock-e6ed8c56.svg IP54.230.111.37:443
Requested byhttps://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt CertificateIssuerAmazon Subjectwetransfer.net Fingerprint0B:0D:65:82:74:97:1B:AD:60:D8:48:2B:7D:A7:00:EA:34:08:86:48 ValiditySun, 30 Jul 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash886c669e43a2cb3b3d624da08a9c39ff 565a6c535981f273b263ee8e6ae2d0fc9ab97565 c1532b769622f6757e4958c8b1c0789e73fab7c1bcc50ce57a0cfb903d6dfdd3
GET /packs/media/transfer_window/email-verification-lock-e6ed8c56.svg HTTP/1.1
Host: prod-cdn.wetransfer.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/svg+xml
date: Thu, 04 Jan 2024 14:30:13 GMT
last-modified: Thu, 21 Dec 2023 14:26:03 GMT
etag: W/"207f0c93fc997af575b8b9ad9db8777c"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=31536000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nfD5qpVoDhZzIbDRQoOoy8pVSs9POy2W7lon1TzgqVipDnNiiHZMgA==
age: 8908854
X-Firefox-Spdy: h2
|
|
| lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/0.txt | 172.67.175.143 | 200 OK | 2.0 MB |
URL GET HTTP/3lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/0.txt IP172.67.175.143:443
Requested byhttps://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt CertificateIssuerGoogle Trust Services LLC Subjectnguyenchong9455.workers.dev Fingerprint4F:AF:F2:54:B4:8B:77:6C:2B:9C:3B:7E:1C:3B:60:8B:5A:24:A2:CD ValiditySat, 13 Apr 2024 20:58:01 GMT - Fri, 12 Jul 2024 20:58:00 GMT
Size2.0 MB (2013081 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - WeTransfer | OpenPhish | phishing | WeTransfer | PhishTank | phishing | WeTransfer |
GET /css/css/0.txt HTTP/1.1
Host: lingering-thunder-0229.nguyenchong9455.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 16 Apr 2024 17:11:06 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CVN8PqQCGGaw4N766QN7ZNE%2F4tKLGwbiWIF4je27Q76YtdD15i4d5pQ05oXeXR51CLvcYwOVgJL3SHrFrDRFt2MaNSp7Z56%2BklBYaFrsjp%2F0I2%2FMOKkWOfQD7GDBKHO8FxLDvUbPb48tOm0W2Zi1jZxjkEJPdvXfUoNFQngfzxQsW%2BfZuw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755cae6f94e56bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/en-0d65947306b8b68f172b.js | 172.67.175.143 | 200 OK | 2.0 MB |
URL GET HTTP/3lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/en-0d65947306b8b68f172b.js IP172.67.175.143:443
Requested byhttps://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt CertificateIssuerGoogle Trust Services LLC Subjectnguyenchong9455.workers.dev Fingerprint4F:AF:F2:54:B4:8B:77:6C:2B:9C:3B:7E:1C:3B:60:8B:5A:24:A2:CD ValiditySat, 13 Apr 2024 20:58:01 GMT - Fri, 12 Jul 2024 20:58:00 GMT
Size2.0 MB (2013081 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - WeTransfer | OpenPhish | phishing | WeTransfer | PhishTank | phishing | WeTransfer |
GET /css/css/en-0d65947306b8b68f172b.js HTTP/1.1
Host: lingering-thunder-0229.nguyenchong9455.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 16 Apr 2024 17:11:06 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ik9gfQtOtGXYTYIV5A2A%2BY%2BG%2FQXu0fTEOpidRTBTCeDLllP0JcM9wqIdJNwBHOvkBe0fjjDse%2Bbt4MAtX%2BNVmROjFMdHeElnl%2F4vRunRJnps%2F7Hb9Po3hzaKx4Y%2B4DeigrH%2FWtNqj7HRi8oy7PYIkSWeb34sFeP698WYOo3SJDecWst5qg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755cae6d91456bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/17116643.js | 172.67.175.143 | 200 OK | 2.0 MB |
URL GET HTTP/3lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/17116643.js IP172.67.175.143:443
Requested byhttps://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt CertificateIssuerGoogle Trust Services LLC Subjectnguyenchong9455.workers.dev Fingerprint4F:AF:F2:54:B4:8B:77:6C:2B:9C:3B:7E:1C:3B:60:8B:5A:24:A2:CD ValiditySat, 13 Apr 2024 20:58:01 GMT - Fri, 12 Jul 2024 20:58:00 GMT
Size2.0 MB (2013081 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - WeTransfer | OpenPhish | phishing | WeTransfer | PhishTank | phishing | WeTransfer |
GET /css/css/17116643.js HTTP/1.1
Host: lingering-thunder-0229.nguyenchong9455.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 16 Apr 2024 17:11:06 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bs5JB5p%2FoITdCGuDvv0HDe6U8hGe6GYV16E0tKWvRL%2BrvQXB2F29voEjxf4gkmgUeNc%2FPsSKdKvOmSfuPhPkcp04Wof7BLiS90U4Y0XjfViETsaie5YpGXZMOBA74viqFhZXbrenAPa6h2G2MtCaGbjzdbWYE4chX1SQkDxmQrKP7SBeaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755cae6a89c56bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/0.txt | 172.67.175.143 | 200 OK | 2.0 MB |
URL GET HTTP/3lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/0.txt IP172.67.175.143:443
Requested byhttps://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt CertificateIssuerGoogle Trust Services LLC Subjectnguyenchong9455.workers.dev Fingerprint4F:AF:F2:54:B4:8B:77:6C:2B:9C:3B:7E:1C:3B:60:8B:5A:24:A2:CD ValiditySat, 13 Apr 2024 20:58:01 GMT - Fri, 12 Jul 2024 20:58:00 GMT
Size2.0 MB (2013081 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - WeTransfer | OpenPhish | phishing | WeTransfer | PhishTank | phishing | WeTransfer |
GET /css/css/0.txt HTTP/1.1
Host: lingering-thunder-0229.nguyenchong9455.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 16 Apr 2024 17:11:07 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wBLnA4lDQ2UtU8H8QmYS%2Bm2Gq4eMXtztL9NwUDxwFKyzEjPQkGo163jvA58IJvHa6brdG1pQbmUzFW%2B70dF%2B%2FohbMIUaIes8vaVWE0Qv12KGdXixKDBf2YyFdXO3cfv0dq1lvQk1Bf3I%2FFLNCjCcVs0rhsesc%2FWBanjlyCWyP%2FJbP7BcxA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755caeeebf756bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js | 104.18.10.207 | 200 OK | 51 kB |
URL GET HTTP/3stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js IP104.18.10.207:443
Requested byhttps://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeJavaScript source, ASCII text, with very long lines (50758) Hash67176c242e1bdc20603c878dee836df3 27a71b00383d61ef3c489326b3564d698fc1227c 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 16 Apr 2024 17:11:07 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-cachedat: 11/15/2021 23:30:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: a35b0179a28ed953258d0fb41376a09c
cdn-cache: HIT
cf-cache-status: HIT
age: 1202068
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8755caef3a070b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/bat.js | 172.67.175.143 | 200 OK | 2.0 MB |
URL GET HTTP/3lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/bat.js IP172.67.175.143:443
Requested byhttps://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt CertificateIssuerGoogle Trust Services LLC Subjectnguyenchong9455.workers.dev Fingerprint4F:AF:F2:54:B4:8B:77:6C:2B:9C:3B:7E:1C:3B:60:8B:5A:24:A2:CD ValiditySat, 13 Apr 2024 20:58:01 GMT - Fri, 12 Jul 2024 20:58:00 GMT
Size2.0 MB (2013081 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - WeTransfer | OpenPhish | phishing | WeTransfer | PhishTank | phishing | WeTransfer |
GET /css/css/bat.js HTTP/1.1
Host: lingering-thunder-0229.nguyenchong9455.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 16 Apr 2024 17:11:06 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lDsRSCCXeOoqxjrD1eAxo%2FBA4Zmif86iNNZaDp0z609xmedvmD1C7IkaWFog2AdP8H8dZU5bBQPz7tm5%2BvIh3f06i6qPDiONjcJKFcYicUu2wM5CxNJvgSEs6VjYEqZ3sDSCaHVneBu7U6XjZsXHelYEzvVluTCA%2FLRjyfiFAPduCm8uIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755cae6988556bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| d19ptbnuzhibkh.cloudfront.net/2.10.2/sp.js | 54.230.241.183 | 200 OK | 98 kB |
URL GET HTTP/2d19ptbnuzhibkh.cloudfront.net/2.10.2/sp.js IP54.230.241.183:443
Requested byhttps://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt CertificateIssuerAmazon Subject*.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (64917) Hash69c0026af7f2b8f2eed23f2f5fc5c68f a0e872c89db6991d03932756d43480e40eb38628 d9a9b2a15666ace13ce304e0a34baaa8a82ce5bc9d01480872869c9871dc552c
GET /2.10.2/sp.js HTTP/1.1
Host: d19ptbnuzhibkh.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
content-length: 29895
date: Sun, 07 Apr 2024 09:53:15 GMT
last-modified: Tue, 30 Apr 2019 15:14:08 GMT
etag: "c7b65b3f4e8761897af9a3ca5d76682e"
cache-control: max-age=315360000
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: e1xu6N-UAFMXjTpSflIH3P6kzTu5Aw4bSPOAeMMq7KL02hdrk3SQcQ==
age: 803873
X-Firefox-Spdy: h2
|
|
| lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/application-c2b6f877fed288c2431f.js | 172.67.175.143 | 200 OK | 2.0 MB |
URL GET HTTP/3lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/application-c2b6f877fed288c2431f.js IP172.67.175.143:443
Requested byhttps://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt CertificateIssuerGoogle Trust Services LLC Subjectnguyenchong9455.workers.dev Fingerprint4F:AF:F2:54:B4:8B:77:6C:2B:9C:3B:7E:1C:3B:60:8B:5A:24:A2:CD ValiditySat, 13 Apr 2024 20:58:01 GMT - Fri, 12 Jul 2024 20:58:00 GMT
Size2.0 MB (2013081 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - WeTransfer | OpenPhish | phishing | WeTransfer | PhishTank | phishing | WeTransfer |
GET /css/css/application-c2b6f877fed288c2431f.js HTTP/1.1
Host: lingering-thunder-0229.nguyenchong9455.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 16 Apr 2024 17:11:06 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZHEDQL91VwJa8Lozp4lSoiQtJbh4IOeJznXiGKoup47HRh3vdJlLIXBFyT06iduWSicx3VggnTOxQnKLku06TC72UQj0NaQGVYlaHR%2FuS4E8Hk%2Bslg3oU%2BuiP2VAMcC1SPdeUmvzppy1qkLvpWuR7hO%2F%2B%2FJ2tWeKfuLDqZzj9ztS01LPSg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755cae6780456bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/en-de295c39cb769807d9fa.js | 172.67.175.143 | 200 OK | 2.0 MB |
URL GET HTTP/3lingering-thunder-0229.nguyenchong9455.workers.dev/css/css/en-de295c39cb769807d9fa.js IP172.67.175.143:443
Requested byhttps://lingering-thunder-0229.nguyenchong9455.workers.dev/css/0.txt CertificateIssuerGoogle Trust Services LLC Subjectnguyenchong9455.workers.dev Fingerprint4F:AF:F2:54:B4:8B:77:6C:2B:9C:3B:7E:1C:3B:60:8B:5A:24:A2:CD ValiditySat, 13 Apr 2024 20:58:01 GMT - Fri, 12 Jul 2024 20:58:00 GMT
Size2.0 MB (2013081 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - WeTransfer | OpenPhish | phishing | WeTransfer | PhishTank | phishing | WeTransfer |
GET /css/css/en-de295c39cb769807d9fa.js HTTP/1.1
Host: lingering-thunder-0229.nguyenchong9455.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lingering-thunder-0229.nguyenchong9455.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 16 Apr 2024 17:11:06 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s3ybacF5q3QCsxIvNjDrxjcFnTHFrRuZyrGvl21CnnTJBHqRaR4QAA%2FxoCKaS7dhm6jKYG9bm8kov2NCf%2FXm9%2B6ggK4Fchl2CoxbiS2LrCMy55%2FS0XyKY8ObjtTccgvsXWJhtQQ%2F3z9bkcnENM9UlkCe01wgf5rQVMm8h0GQJnVAhua5tw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8755cae6d91556bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|