| | 3.33.236.10 | 301 Moved Permanently | 89 B |
URL User Request GET HTTP/2IP3.33.236.10:443
CertificateIssuerLet's Encrypt Subject6x.work Fingerprint51:4F:F1:73:A8:66:8E:86:AB:0A:25:0B:36:87:10:05:F7:2C:DD:41 ValidityMon, 11 Mar 2024 19:06:38 GMT - Sun, 09 Jun 2024 19:06:37 GMT
File typeHTML document, ASCII text Hashc03a4ed785c2b344299ee3cf7749ed9b 51625547f681025afe45e80a219f90f9fc35be23 f4f9f4e30d1faf351b230387991d768cf43ccb140048ce26a5718a904d5f3f3d
Analyzer | Verdict | Alert | OpenPhish | phishing | SwissPass |
GET /zWNA HTTP/1.1
Host: 6x.work
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 02 May 2024 16:27:33 GMT
edge: premium-de-19.high-performance.network
location: https://uqb.grr.temporary.site/kosi/travld/support/
server: RedirHub
vary: Accept-Encoding
content-length: 89
X-Firefox-Spdy: h2
|
|
| uqb.grr.temporary.site/kosi/travld/support/ | 192.185.17.122 | 200 OK | 7.2 kB |
URL User Request GET HTTP/2uqb.grr.temporary.site/kosi/travld/support/ IP192.185.17.122:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
CertificateIssuerLet's Encrypt Subjectsuojdplp.com FingerprintB5:DB:53:A6:CE:29:ED:6B:71:D7:47:88:30:24:32:1C:F7:F3:47:93 ValiditySun, 28 Apr 2024 02:59:59 GMT - Sat, 27 Jul 2024 02:59:58 GMT
File typeHTML document, Unicode text, UTF-8 text Hash2cc3f867544c5c09d2f0e98b65329841 34703d74dcdd5c78ec2ffeaa3cbca699a6a8c04b c383d295c268bafc1f5c774912d90a4bc003b01c07c0e5da83e20e3ba2a85f39
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - SwissPass | OpenPhish | phishing | SwissPass | PhishTank | phishing | Other |
GET /kosi/travld/support/ HTTP/1.1
Host: uqb.grr.temporary.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=4d80ccd1b3d753e8b635b3a9039892e0; path=/
vary: Accept-Encoding
content-encoding: gzip
x-newfold-cache-level: 2
content-length: 7196
content-type: text/html; charset=UTF-8
date: Thu, 02 May 2024 16:27:34 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| cdn.cookielaw.org/scripttemplates/otSDKStub.js | 104.19.177.52 | 200 OK | 6.9 kB |
URL GET HTTP/2cdn.cookielaw.org/scripttemplates/otSDKStub.js IP104.19.177.52:443
Requested byhttps://uqb.grr.temporary.site/kosi/travld/support/ CertificateIssuerCloudflare, Inc. Subjectcookielaw.org FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31 ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (21229) Hash0cd317a7b9c520801230e944f7d50e41 e3985ff0c2e8b1eaacb617c7c5af5bebfcbceda6 6f08699117c1f15f6d35e7b4380d12d18a1881f075e177b5853b1017a3307544
GET /scripttemplates/otSDKStub.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uqb.grr.temporary.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 02 May 2024 16:27:34 GMT
content-type: application/javascript
content-length: 6882
content-encoding: gzip
content-md5: zgTRIDojRJmnmBTwUyI2Vw==
last-modified: Thu, 02 May 2024 06:39:36 GMT
etag: 0x8DC6A72A2C6DA09
x-ms-request-id: 5a2fb172-101e-003d-0aab-9cf44f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 601
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87d96123ce53b515-OSL
X-Firefox-Spdy: h2
|
|
| uqb.grr.temporary.site/kosi/travld/support/resources/js/vendor/head/modernizr/modernizr-20200819.js | 192.185.17.122 | 200 OK | 3.8 kB |
URL GET HTTP/2uqb.grr.temporary.site/kosi/travld/support/resources/js/vendor/head/modernizr/modernizr-20200819.js IP192.185.17.122:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://uqb.grr.temporary.site/kosi/travld/support/ CertificateIssuerLet's Encrypt Subjectsuojdplp.com FingerprintB5:DB:53:A6:CE:29:ED:6B:71:D7:47:88:30:24:32:1C:F7:F3:47:93 ValiditySun, 28 Apr 2024 02:59:59 GMT - Sat, 27 Jul 2024 02:59:58 GMT
File typeJavaScript source, ASCII text, with very long lines (7466), with CRLF line terminators Hash1fa235981d7cbf5eb6098a7523afc383 b764fad44ab2448d9924c2b0cf73ccee7b768c16 7a9fa521a58ee93001981f3a7db498c589233d8cc616e8d09af0119388a865bc
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - SwissPass |
GET /kosi/travld/support/resources/js/vendor/head/modernizr/modernizr-20200819.js HTTP/1.1
Host: uqb.grr.temporary.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uqb.grr.temporary.site/kosi/travld/support/
Cookie: PHPSESSID=4d80ccd1b3d753e8b635b3a9039892e0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 16:44:54 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Fri, 03 May 2024 16:27:34 GMT
vary: Accept-Encoding
content-encoding: gzip
x-newfold-cache-level: 2
content-length: 3757
content-type: application/javascript
date: Thu, 02 May 2024 16:27:34 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| assets.adobedtm.com/15ff638fdec4/7a0c4d63ddff/launch-6cc731e967aa.min.js | 2.18.172.233 | 200 OK | 39 kB |
URL GET HTTP/2assets.adobedtm.com/15ff638fdec4/7a0c4d63ddff/launch-6cc731e967aa.min.js IP2.18.172.233:443
Requested byhttps://uqb.grr.temporary.site/kosi/travld/support/ CertificateIssuerDigiCert Inc Subjectassets.adobedtm.com Fingerprint8E:2F:9F:94:55:93:C2:B5:58:37:E8:D3:02:3C:23:AF:BA:E7:1D:EA ValidityTue, 11 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (32765) Hashd5bf712a6ebd7590bb155ad6e1290f49 7161acdca9b24c3189fe2d8e9807faee2cccd345 f053f049a78c3afbce0d34f57d0bea4a24f7964d0e1e45197a35c06124b5e357
GET /15ff638fdec4/7a0c4d63ddff/launch-6cc731e967aa.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uqb.grr.temporary.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "d5bf712a6ebd7590bb155ad6e1290f49:1700654894.794356"
last-modified: Wed, 22 Nov 2023 12:08:14 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 39144
cache-control: max-age=3600
expires: Thu, 02 May 2024 17:27:34 GMT
date: Thu, 02 May 2024 16:27:34 GMT
access-control-allow-origin: https://uqb.grr.temporary.site
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| uqb.grr.temporary.site/kosi/travld/support/resources/img/logo_text_de-20200819.svg | 192.185.17.122 | 200 OK | 140 kB |
URL GET HTTP/2uqb.grr.temporary.site/kosi/travld/support/resources/img/logo_text_de-20200819.svg IP192.185.17.122:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://uqb.grr.temporary.site/kosi/travld/support/ CertificateIssuerLet's Encrypt Subjectsuojdplp.com FingerprintB5:DB:53:A6:CE:29:ED:6B:71:D7:47:88:30:24:32:1C:F7:F3:47:93 ValiditySun, 28 Apr 2024 02:59:59 GMT - Sat, 27 Jul 2024 02:59:58 GMT
File typeSVG Scalable Vector Graphics image Size140 kB (139971 bytes) Hash512410d9227bb0c2481e175dce0eda72 1deb5d9f09592101e632a8351865d54b1d6a27f7 c337d42ed7979c6be0282900bd957dd9d112a430dc7761463d655eb8f0d9bc07
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - SwissPass |
GET /kosi/travld/support/resources/img/logo_text_de-20200819.svg HTTP/1.1
Host: uqb.grr.temporary.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uqb.grr.temporary.site/kosi/travld/support/
Cookie: PHPSESSID=4d80ccd1b3d753e8b635b3a9039892e0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 16:44:54 GMT
accept-ranges: bytes
content-length: 139971
cache-control: max-age=86400
expires: Fri, 03 May 2024 16:27:34 GMT
x-newfold-cache-level: 2
content-type: image/svg+xml
date: Thu, 02 May 2024 16:27:34 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| uqb.grr.temporary.site/kosi/travld/support/resources/img/logo-20200819.svg | 192.185.17.122 | 200 OK | 7.4 kB |
URL GET HTTP/2uqb.grr.temporary.site/kosi/travld/support/resources/img/logo-20200819.svg IP192.185.17.122:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://uqb.grr.temporary.site/kosi/travld/support/ CertificateIssuerLet's Encrypt Subjectsuojdplp.com FingerprintB5:DB:53:A6:CE:29:ED:6B:71:D7:47:88:30:24:32:1C:F7:F3:47:93 ValiditySun, 28 Apr 2024 02:59:59 GMT - Sat, 27 Jul 2024 02:59:58 GMT
File typeSVG Scalable Vector Graphics image Hash795242580bfa3135028bd0750fdc1654 2c344b6662e62ddbdba49f635e1c33a827fe75d4 deeee170c3759a6ed35c0c05c5b935d0e7638f1c0c5677166918ecff6edb1909
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - SwissPass |
GET /kosi/travld/support/resources/img/logo-20200819.svg HTTP/1.1
Host: uqb.grr.temporary.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uqb.grr.temporary.site/kosi/travld/support/
Cookie: PHPSESSID=4d80ccd1b3d753e8b635b3a9039892e0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 16:44:54 GMT
accept-ranges: bytes
content-length: 7374
cache-control: max-age=86400
expires: Fri, 03 May 2024 16:27:34 GMT
x-newfold-cache-level: 2
content-type: image/svg+xml
date: Thu, 02 May 2024 16:27:34 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| uqb.grr.temporary.site/kosi/travld/support/resources/img/loader-20200819.png | 192.185.17.122 | 200 OK | 272 B |
URL GET HTTP/2uqb.grr.temporary.site/kosi/travld/support/resources/img/loader-20200819.png IP192.185.17.122:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://uqb.grr.temporary.site/kosi/travld/support/ CertificateIssuerLet's Encrypt Subjectsuojdplp.com FingerprintB5:DB:53:A6:CE:29:ED:6B:71:D7:47:88:30:24:32:1C:F7:F3:47:93 ValiditySun, 28 Apr 2024 02:59:59 GMT - Sat, 27 Jul 2024 02:59:58 GMT
File typePNG image data, 24 x 24, 4-bit colormap, non-interlaced Hash1a7ca896940219da5393e26600e0ee7b 558e1d3bad16b2faa7527f1f3133e21bf89cd507 f766c7457c6ec463eaa85778aa47261344f1772e0b7cf1987ad212f889f472f5
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - SwissPass |
GET /kosi/travld/support/resources/img/loader-20200819.png HTTP/1.1
Host: uqb.grr.temporary.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uqb.grr.temporary.site/kosi/travld/support/
Cookie: PHPSESSID=4d80ccd1b3d753e8b635b3a9039892e0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 16:44:54 GMT
accept-ranges: bytes
content-length: 272
cache-control: max-age=86400
expires: Fri, 03 May 2024 16:27:34 GMT
x-newfold-cache-level: 2
content-type: image/png
date: Thu, 02 May 2024 16:27:34 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| uqb.grr.temporary.site/kosi/travld/support/resources/js/swisspass.min-20200819.js | 192.185.17.122 | 200 OK | 38 kB |
URL GET HTTP/2uqb.grr.temporary.site/kosi/travld/support/resources/js/swisspass.min-20200819.js IP192.185.17.122:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://uqb.grr.temporary.site/kosi/travld/support/ CertificateIssuerLet's Encrypt Subjectsuojdplp.com FingerprintB5:DB:53:A6:CE:29:ED:6B:71:D7:47:88:30:24:32:1C:F7:F3:47:93 ValiditySun, 28 Apr 2024 02:59:59 GMT - Sat, 27 Jul 2024 02:59:58 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashf5af14986b41cbe56676015e489846b0 4b1497029be8baa5d4dca0f086afa5af158f50e5 714d3e27695dfc68bc245c40e981f768335c4453f5f3ec38841ec8aca2c1cc05
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - SwissPass |
GET /kosi/travld/support/resources/js/swisspass.min-20200819.js HTTP/1.1
Host: uqb.grr.temporary.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uqb.grr.temporary.site/kosi/travld/support/
Cookie: PHPSESSID=4d80ccd1b3d753e8b635b3a9039892e0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 16:44:54 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Fri, 03 May 2024 16:27:34 GMT
vary: Accept-Encoding
content-encoding: gzip
x-newfold-cache-level: 2
content-type: application/javascript
date: Thu, 02 May 2024 16:27:34 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| uqb.grr.temporary.site/kosi/travld/support/resources/css/normal/app/sso.min-20200819.css | 192.185.17.122 | 200 OK | 41 kB |
URL GET HTTP/2uqb.grr.temporary.site/kosi/travld/support/resources/css/normal/app/sso.min-20200819.css IP192.185.17.122:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://uqb.grr.temporary.site/kosi/travld/support/ CertificateIssuerLet's Encrypt Subjectsuojdplp.com FingerprintB5:DB:53:A6:CE:29:ED:6B:71:D7:47:88:30:24:32:1C:F7:F3:47:93 ValiditySun, 28 Apr 2024 02:59:59 GMT - Sat, 27 Jul 2024 02:59:58 GMT
File typegzip compressed data, from Unix Hashc6ce346dbad140f4148d668567535ce8 94447faf768df114f290b6c8113e1670b97dadb5 e3b4bedf01a16edb53a19ddc032ce73194b205801bb694e51c6adefb909b2953
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - SwissPass |
GET /kosi/travld/support/resources/css/normal/app/sso.min-20200819.css HTTP/1.1
Host: uqb.grr.temporary.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uqb.grr.temporary.site/kosi/travld/support/
Cookie: PHPSESSID=4d80ccd1b3d753e8b635b3a9039892e0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 16:44:54 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Fri, 03 May 2024 16:27:34 GMT
vary: Accept-Encoding
content-encoding: gzip
x-newfold-cache-level: 2
content-type: text/css
date: Thu, 02 May 2024 16:27:34 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| uqb.grr.temporary.site/kosi/travld/support/resources/img/login_bg.jpg | 192.185.17.122 | 404 Not Found | 462 B |
URL GET HTTP/2uqb.grr.temporary.site/kosi/travld/support/resources/img/login_bg.jpg IP192.185.17.122:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://uqb.grr.temporary.site/kosi/travld/support/ CertificateIssuerLet's Encrypt Subjectsuojdplp.com FingerprintB5:DB:53:A6:CE:29:ED:6B:71:D7:47:88:30:24:32:1C:F7:F3:47:93 ValiditySun, 28 Apr 2024 02:59:59 GMT - Sat, 27 Jul 2024 02:59:58 GMT
File typeHTML document, ASCII text Hashdbf8ec3db1d4b93b848197591827939c 2e12f671d6101f52060133c32f8d359af756f9b2 63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - SwissPass |
GET /kosi/travld/support/resources/img/login_bg.jpg HTTP/1.1
Host: uqb.grr.temporary.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uqb.grr.temporary.site/kosi/travld/support/
Cookie: PHPSESSID=4d80ccd1b3d753e8b635b3a9039892e0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
last-modified: Sun, 19 Jun 2022 19:42:34 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 462
content-type: text/html
date: Thu, 02 May 2024 16:27:35 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| uqb.grr.temporary.site/kosi/travld/support/resources/fonts/icomoon/icomoon.woff2?7m5yri | 192.185.17.122 | 404 Not Found | 746 B |
URL GET HTTP/2uqb.grr.temporary.site/kosi/travld/support/resources/fonts/icomoon/icomoon.woff2?7m5yri IP192.185.17.122:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://uqb.grr.temporary.site/kosi/travld/support/ CertificateIssuerLet's Encrypt Subjectsuojdplp.com FingerprintB5:DB:53:A6:CE:29:ED:6B:71:D7:47:88:30:24:32:1C:F7:F3:47:93 ValiditySun, 28 Apr 2024 02:59:59 GMT - Sat, 27 Jul 2024 02:59:58 GMT
File typeHTML document, ASCII text Hashdbf8ec3db1d4b93b848197591827939c 2e12f671d6101f52060133c32f8d359af756f9b2 63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - SwissPass |
GET /kosi/travld/support/resources/fonts/icomoon/icomoon.woff2?7m5yri HTTP/1.1
Host: uqb.grr.temporary.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://uqb.grr.temporary.site/kosi/travld/support/resources/css/normal/app/sso.min-20200819.css
Cookie: PHPSESSID=4d80ccd1b3d753e8b635b3a9039892e0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
last-modified: Sun, 19 Jun 2022 19:42:34 GMT
accept-ranges: bytes
content-length: 746
vary: Accept-Encoding
content-type: text/html
date: Thu, 02 May 2024 16:27:35 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| uqb.grr.temporary.site/kosi/travld/support/resources/js/vendor/vendor.min-20200819.js | 192.185.17.122 | 200 OK | 84 kB |
URL GET HTTP/2uqb.grr.temporary.site/kosi/travld/support/resources/js/vendor/vendor.min-20200819.js IP192.185.17.122:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://uqb.grr.temporary.site/kosi/travld/support/ CertificateIssuerLet's Encrypt Subjectsuojdplp.com FingerprintB5:DB:53:A6:CE:29:ED:6B:71:D7:47:88:30:24:32:1C:F7:F3:47:93 ValiditySun, 28 Apr 2024 02:59:59 GMT - Sat, 27 Jul 2024 02:59:58 GMT
File typegzip compressed data, from Unix Hashcbdc416d4dd4c00603eda91dd17dd6b7 d391544f9c90d1a3b1d4fb2a02e39ca5fdf8ad27 fd850b361afa2ec82984f83501b9b46f196641c23f6bc95485a896b809e5ad21
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - SwissPass |
GET /kosi/travld/support/resources/js/vendor/vendor.min-20200819.js HTTP/1.1
Host: uqb.grr.temporary.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uqb.grr.temporary.site/kosi/travld/support/
Cookie: PHPSESSID=4d80ccd1b3d753e8b635b3a9039892e0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 16:44:54 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Fri, 03 May 2024 16:27:34 GMT
vary: Accept-Encoding
content-encoding: gzip
x-newfold-cache-level: 2
content-type: application/javascript
date: Thu, 02 May 2024 16:27:34 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| uqb.grr.temporary.site/idp/co-branding?resource=co-branding&lang=de&provider= | 192.185.17.122 | 404 Not Found | 1.2 kB |
URL GET HTTP/2uqb.grr.temporary.site/idp/co-branding?resource=co-branding&lang=de&provider= IP192.185.17.122:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://uqb.grr.temporary.site/kosi/travld/support/ CertificateIssuerLet's Encrypt Subjectsuojdplp.com FingerprintB5:DB:53:A6:CE:29:ED:6B:71:D7:47:88:30:24:32:1C:F7:F3:47:93 ValiditySun, 28 Apr 2024 02:59:59 GMT - Sat, 27 Jul 2024 02:59:58 GMT
File typeHTML document, ASCII text, with very long lines (560) Hash445b609724093a1b4fa57cd64877df24 5de3948089c0a20fdcebb38279e0c8ec9842697d 1093c7726012b869d1c999006813bade037422e404769f09d7c07396976451ea
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - SwissPass |
GET /idp/co-branding?resource=co-branding&lang=de&provider= HTTP/1.1
Host: uqb.grr.temporary.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://uqb.grr.temporary.site/kosi/travld/support/
Cookie: PHPSESSID=4d80ccd1b3d753e8b635b3a9039892e0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate
set-cookie: nfdbrandname=hostgator; expires=Sun, 30 Apr 2034 16:27:35 GMT; Max-Age=315360000; path=/
vary: Accept-Encoding
content-encoding: gzip
x-newfold-cache-level: 2
content-length: 1157
content-type: text/html; charset=UTF-8
date: Thu, 02 May 2024 16:27:35 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| uqb.grr.temporary.site/kosi/travld/support/resources/fonts/icomoon/icomoon.ttf?7m5yri | 192.185.17.122 | 404 Not Found | 462 B |
URL GET HTTP/2uqb.grr.temporary.site/kosi/travld/support/resources/fonts/icomoon/icomoon.ttf?7m5yri IP192.185.17.122:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://uqb.grr.temporary.site/kosi/travld/support/ CertificateIssuerLet's Encrypt Subjectsuojdplp.com FingerprintB5:DB:53:A6:CE:29:ED:6B:71:D7:47:88:30:24:32:1C:F7:F3:47:93 ValiditySun, 28 Apr 2024 02:59:59 GMT - Sat, 27 Jul 2024 02:59:58 GMT
File typeHTML document, ASCII text Hashdbf8ec3db1d4b93b848197591827939c 2e12f671d6101f52060133c32f8d359af756f9b2 63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - SwissPass |
GET /kosi/travld/support/resources/fonts/icomoon/icomoon.ttf?7m5yri HTTP/1.1
Host: uqb.grr.temporary.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uqb.grr.temporary.site/kosi/travld/support/resources/css/normal/app/sso.min-20200819.css
Cookie: PHPSESSID=4d80ccd1b3d753e8b635b3a9039892e0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
last-modified: Sun, 19 Jun 2022 19:42:34 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 462
content-type: text/html
date: Thu, 02 May 2024 16:27:35 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| cdn.cookielaw.org/scripttemplates/202403.1.0/otBannerSdk.js | 104.19.177.52 | 200 OK | 110 kB |
URL GET HTTP/2cdn.cookielaw.org/scripttemplates/202403.1.0/otBannerSdk.js IP104.19.177.52:443
Requested byhttps://uqb.grr.temporary.site/kosi/travld/support/ CertificateIssuerCloudflare, Inc. Subjectcookielaw.org FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31 ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Size110 kB (109676 bytes) Hash3ab7906a4d12b7d35c62bac882d39d74 5d034541d6a9a05b0719c3605880fcfc9229e4b4 15de250a16ce58a10f84bebab59b9005ce36df4ec8e87c3bb1acc92726cfa971
GET /scripttemplates/202403.1.0/otBannerSdk.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uqb.grr.temporary.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 02 May 2024 16:27:35 GMT
content-type: application/javascript
content-length: 109676
content-encoding: gzip
content-md5: s7qm2vbmUNglr6Jt5k9KHA==
last-modified: Thu, 21 Mar 2024 07:04:35 GMT
etag: 0x8DC49752A75EB01
x-ms-request-id: f463857b-001e-005d-3a08-7c3307000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 78563
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87d96129deacb515-OSL
X-Firefox-Spdy: h2
|
|
| geolocation.onetrust.com/cookieconsentpub/v1/geo/location | 104.18.32.137 | 200 OK | 550 B |
URL GET HTTP/2geolocation.onetrust.com/cookieconsentpub/v1/geo/location IP104.18.32.137:443
Requested byhttps://uqb.grr.temporary.site/kosi/travld/support/ CertificateIssuerCloudflare, Inc. Subjectonetrust.com Fingerprint9B:BC:B4:A8:C7:6C:6C:02:0F:FD:9F:06:F2:67:FB:DD:A1:E0:3F:47 ValidityMon, 13 Nov 2023 00:00:00 GMT - Tue, 12 Nov 2024 23:59:59 GMT
File typeHTML document, ASCII text Hashf34a6bf89d369c2a0ba208e247ec4649 877ac11c7efada1a85d3da451d39c8e2d3409b8f 8b9bca51d4410ca41e17d856f11f0c8b4f74942498d5f3f2eef666c1746f6aef
GET /cookieconsentpub/v1/geo/location HTTP/1.1
Host: geolocation.onetrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://uqb.grr.temporary.site
DNT: 1
Connection: keep-alive
Referer: https://uqb.grr.temporary.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 02 May 2024 16:27:35 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87d961294dd2b512-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| uqb.grr.temporary.site/kosi/travld/support/resources/fonts/icomoon/icomoon.woff?7m5yri | 192.185.17.122 | 404 Not Found | 746 B |
URL GET HTTP/2uqb.grr.temporary.site/kosi/travld/support/resources/fonts/icomoon/icomoon.woff?7m5yri IP192.185.17.122:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://uqb.grr.temporary.site/kosi/travld/support/ CertificateIssuerLet's Encrypt Subjectsuojdplp.com FingerprintB5:DB:53:A6:CE:29:ED:6B:71:D7:47:88:30:24:32:1C:F7:F3:47:93 ValiditySun, 28 Apr 2024 02:59:59 GMT - Sat, 27 Jul 2024 02:59:58 GMT
File typeHTML document, ASCII text Hashdbf8ec3db1d4b93b848197591827939c 2e12f671d6101f52060133c32f8d359af756f9b2 63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - SwissPass |
GET /kosi/travld/support/resources/fonts/icomoon/icomoon.woff?7m5yri HTTP/1.1
Host: uqb.grr.temporary.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://uqb.grr.temporary.site/kosi/travld/support/resources/css/normal/app/sso.min-20200819.css
Cookie: PHPSESSID=4d80ccd1b3d753e8b635b3a9039892e0; nfdbrandname=hostgator
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
last-modified: Sun, 19 Jun 2022 19:42:34 GMT
accept-ranges: bytes
content-length: 746
vary: Accept-Encoding
content-type: text/html
date: Thu, 02 May 2024 16:27:35 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| cdn.cookielaw.org/consent/e91f4b90-f9aa-4ace-891b-96dd07595d9f-test/ba92dbb5-02d7-443f-8481-b67e4427328b/de-ch.json | 104.19.177.52 | 200 OK | 15 kB |
URL GET HTTP/2cdn.cookielaw.org/consent/e91f4b90-f9aa-4ace-891b-96dd07595d9f-test/ba92dbb5-02d7-443f-8481-b67e4427328b/de-ch.json IP104.19.177.52:443
Requested byhttps://uqb.grr.temporary.site/kosi/travld/support/ CertificateIssuerCloudflare, Inc. Subjectcookielaw.org FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31 ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
Hash921e9dcb65ee956739cc0ac742bcb15c ebbdc7439729f9e843fc49a2084491eace91a4ca 61026706307e88772f61f6e05d84bd06cc8763a9ddf08d74787b506860ea0aaf
GET /consent/e91f4b90-f9aa-4ace-891b-96dd07595d9f-test/ba92dbb5-02d7-443f-8481-b67e4427328b/de-ch.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uqb.grr.temporary.site/
Origin: https://uqb.grr.temporary.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 02 May 2024 16:27:35 GMT
content-type: application/x-javascript
content-length: 14574
cf-ray: 87d9612a792b0b55-OSL
cf-cache-status: DYNAMIC
access-control-allow-origin: *
cache-control: public, max-age=86400
content-encoding: gzip
etag: 0x8DC4F0599778E17
last-modified: Thu, 28 Mar 2024 09:01:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-md5: 9een+dQKiHe9pgo7gEa5EQ==
x-content-type-options: nosniff
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 50a67627-201e-0053-06ad-9c5d66000000
x-ms-version: 2009-09-19
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
|
|
| cdn.cookielaw.org/scripttemplates/202403.1.0/assets/otFlat.json | 104.19.177.52 | 200 OK | 3.0 kB |
URL GET HTTP/2cdn.cookielaw.org/scripttemplates/202403.1.0/assets/otFlat.json IP104.19.177.52:443
Requested byhttps://uqb.grr.temporary.site/kosi/travld/support/ CertificateIssuerCloudflare, Inc. Subjectcookielaw.org FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31 ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
Hash9b1f8ddf85fb0cbfd926faacb1fc0405 ade7f952c70f07fd3497cd3e8656ca1f28c78633 f4aaa18c55c90588c5e828e56dcc6b2cb0acf9a4280494c7d1a53fc5e3669112
GET /scripttemplates/202403.1.0/assets/otFlat.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uqb.grr.temporary.site/
Origin: https://uqb.grr.temporary.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 02 May 2024 16:27:35 GMT
content-type: application/json
content-length: 3041
content-encoding: gzip
content-md5: KLWFssuowJEtDumTaVZD/A==
last-modified: Thu, 21 Mar 2024 07:04:28 GMT
etag: 0x8DC497526A04834
x-ms-request-id: 75d71c5b-c01e-007d-1239-9948a0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87d9612af9b80b55-OSL
X-Firefox-Spdy: h2
|
|
| cdn.cookielaw.org/scripttemplates/202403.1.0/assets/v2/otPcTab.json | 104.19.177.52 | 200 OK | 14 kB |
URL GET HTTP/2cdn.cookielaw.org/scripttemplates/202403.1.0/assets/v2/otPcTab.json IP104.19.177.52:443
Requested byhttps://uqb.grr.temporary.site/kosi/travld/support/ CertificateIssuerCloudflare, Inc. Subjectcookielaw.org FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31 ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
Hash67eafe0ca141b9b52080c52d281966c4 93308b43a6234c01123881a7b02e9b014b082294 51dfbad7e1a227d3935016e5c4190e5e46e03daa4b249e5ded55f54235efbd7a
GET /scripttemplates/202403.1.0/assets/v2/otPcTab.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uqb.grr.temporary.site/
Origin: https://uqb.grr.temporary.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 02 May 2024 16:27:35 GMT
content-type: application/json
content-length: 13599
content-encoding: gzip
content-md5: JqD83lHxEjWNdmDqKd9lzA==
last-modified: Thu, 21 Mar 2024 07:04:31 GMT
etag: 0x8DC4975281E71C8
x-ms-request-id: 41562960-301e-009d-5d39-99cb39000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87d9612af9bc0b55-OSL
X-Firefox-Spdy: h2
|
|
| uqb.grr.temporary.site/kosi/travld/support/resources/img/favicon.ico?v=20140709-1126 | 192.185.17.122 | 200 OK | 1.2 kB |
URL GET HTTP/2uqb.grr.temporary.site/kosi/travld/support/resources/img/favicon.ico?v=20140709-1126 IP192.185.17.122:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://uqb.grr.temporary.site/kosi/travld/support/ CertificateIssuerLet's Encrypt Subjectsuojdplp.com FingerprintB5:DB:53:A6:CE:29:ED:6B:71:D7:47:88:30:24:32:1C:F7:F3:47:93 ValiditySun, 28 Apr 2024 02:59:59 GMT - Sat, 27 Jul 2024 02:59:58 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hash6d866d9c4568bf7fc03e597e74ce7e28 e1b3d9f0e9cdcb785a94b6c1e1fe651a4ff98dcb 7c1925da382279a72f94990d0a1456f78918619f35780ea0905e4ae0db684677
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - SwissPass |
GET /kosi/travld/support/resources/img/favicon.ico?v=20140709-1126 HTTP/1.1
Host: uqb.grr.temporary.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uqb.grr.temporary.site/kosi/travld/support/
Cookie: PHPSESSID=4d80ccd1b3d753e8b635b3a9039892e0; nfdbrandname=hostgator
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 16:44:54 GMT
accept-ranges: bytes
content-length: 1150
cache-control: max-age=31536000
expires: Fri, 02 May 2025 16:27:35 GMT
x-newfold-cache-level: 2
content-type: image/x-icon
date: Thu, 02 May 2024 16:27:35 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| cdn.app.sbb.ch/fonts/v1_6_subset/SBBWeb-Roman.woff2 | 18.195.200.224 | 200 OK | 14 kB |
URL GET HTTP/2cdn.app.sbb.ch/fonts/v1_6_subset/SBBWeb-Roman.woff2 IP18.195.200.224:443
Requested byhttps://uqb.grr.temporary.site/kosi/travld/support/ CertificateIssuerAmazon Subject*.app.sbb.ch Fingerprint91:97:68:15:9B:1D:9F:0F:5B:C1:DB:F4:EE:DC:A6:EC:4A:2A:09:71 ValidityWed, 16 Aug 2023 00:00:00 GMT - Fri, 13 Sep 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 14152, version 1.0 Hash82e55d1865d40988204fa60522628f4b e9d74fb23204a62c520d19b8fae3f0193539cdfb 966a89b8080879ba41c6b9f15c5efb58182c33a0d2d1e08748beb554b28b4997
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - SwissPass |
GET /fonts/v1_6_subset/SBBWeb-Roman.woff2 HTTP/1.1
Host: cdn.app.sbb.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://uqb.grr.temporary.site
DNT: 1
Connection: keep-alive
Referer: https://uqb.grr.temporary.site/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 02 May 2024 16:27:35 GMT
content-type: application/font-woff2
content-length: 14152
server: nginx/1.25.5
last-modified: Wed, 31 Jan 2024 10:14:44 GMT
vary: Accept-Encoding
etag: "65ba1d94-3748"
expires: Fri, 02 May 2025 16:27:35 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
cache-control: max-age=31536000, public, private
accept-ranges: bytes
set-cookie: 9527f1a32486d650b0687919ffd41c2b=665361f1425aabb6e3921cd9e597ab09; path=/; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| cdn.cookielaw.org/logos/d8f340ef-178f-4257-9ea8-01744cfc5459/182f96bb-6fd6-41f6-bfd2-2807f1757dae/039a2007-c2e0-4340-8d2c-4e6f23342858/OneTrust_SwissPass_logo_mobile.png | 104.19.177.52 | 200 OK | 2.0 kB |
URL GET HTTP/2cdn.cookielaw.org/logos/d8f340ef-178f-4257-9ea8-01744cfc5459/182f96bb-6fd6-41f6-bfd2-2807f1757dae/039a2007-c2e0-4340-8d2c-4e6f23342858/OneTrust_SwissPass_logo_mobile.png IP104.19.177.52:443
Requested byhttps://uqb.grr.temporary.site/kosi/travld/support/ CertificateIssuerCloudflare, Inc. Subjectcookielaw.org FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31 ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typePNG image data, 100 x 50, 8-bit colormap, non-interlaced Hashcd5e1b7e01b85b2716c593d706f3e6f2 d9e647da2b1c1f440f2513fd699159f74b5bf6d5 e42fe383c86ab1185425bf334a44f9a311dd06d8ccf9e409d05b45dbe0bc48c6
GET /logos/d8f340ef-178f-4257-9ea8-01744cfc5459/182f96bb-6fd6-41f6-bfd2-2807f1757dae/039a2007-c2e0-4340-8d2c-4e6f23342858/OneTrust_SwissPass_logo_mobile.png HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uqb.grr.temporary.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 02 May 2024 16:27:35 GMT
content-type: image/png
content-length: 1962
content-md5: zV4bfgG4WycWxZPXBvPm8g==
last-modified: Wed, 03 Mar 2021 11:26:34 GMT
etag: 0x8D8DE3733F257B1
x-ms-request-id: 9ef6e1b1-401e-0011-5c2d-7fa337000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 72487
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87d9612bf9bbb515-OSL
X-Firefox-Spdy: h2
|
|
| cdn.cookielaw.org/logos/static/ot_guard_logo.svg | 104.19.177.52 | 200 OK | 497 B |
URL GET HTTP/2cdn.cookielaw.org/logos/static/ot_guard_logo.svg IP104.19.177.52:443
Requested byhttps://uqb.grr.temporary.site/kosi/travld/support/ CertificateIssuerCloudflare, Inc. Subjectcookielaw.org FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31 ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash4cefeea2da1f500b581d4842d6454a50 9939dd4c1394641f53655e558bfdca7499480c52 220f235f0188ff469b92b56eb86adf4e828b8a90c587ebfa073383b8583aaeb2
GET /logos/static/ot_guard_logo.svg HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uqb.grr.temporary.site/
Origin: https://uqb.grr.temporary.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 02 May 2024 16:27:35 GMT
content-type: image/svg+xml
content-md5: tXyZydHjxQshFMbbBT1/8A==
last-modified: Tue, 30 Apr 2024 06:34:31 GMT
x-ms-request-id: 2023637a-401e-0001-7c1e-9b665f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87d9612c0b0c0b55-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| uqb.grr.temporary.site/kosi/travld/support/resources/primefaces/jquery/jquery-20200819.js | 192.185.17.122 | 200 OK | 97 kB |
URL GET HTTP/2uqb.grr.temporary.site/kosi/travld/support/resources/primefaces/jquery/jquery-20200819.js IP192.185.17.122:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://uqb.grr.temporary.site/kosi/travld/support/ CertificateIssuerLet's Encrypt Subjectsuojdplp.com FingerprintB5:DB:53:A6:CE:29:ED:6B:71:D7:47:88:30:24:32:1C:F7:F3:47:93 ValiditySun, 28 Apr 2024 02:59:59 GMT - Sat, 27 Jul 2024 02:59:58 GMT
File typeJavaScript source, ASCII text, with very long lines (32060), with CRLF line terminators Hashb6c9978c306ef264158551c140a4c475 a8316d0f66cc97376d60ae86a47c7efb3b8134ac 2b2485b0669a2f73c4846e82eb5a37421358591a8ac8ba21d8149bfb88adcbfb
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - SwissPass |
GET /kosi/travld/support/resources/primefaces/jquery/jquery-20200819.js HTTP/1.1
Host: uqb.grr.temporary.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uqb.grr.temporary.site/kosi/travld/support/
Cookie: PHPSESSID=4d80ccd1b3d753e8b635b3a9039892e0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Wed, 09 Aug 2023 16:44:54 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Fri, 03 May 2024 16:27:34 GMT
vary: Accept-Encoding
content-encoding: gzip
x-newfold-cache-level: 2
content-type: application/javascript
date: Thu, 02 May 2024 16:27:34 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| cdn.cookielaw.org/logos/static/powered_by_logo.svg | 104.19.177.52 | 200 OK | 5.2 kB |
URL GET HTTP/2cdn.cookielaw.org/logos/static/powered_by_logo.svg IP104.19.177.52:443
Requested byhttps://uqb.grr.temporary.site/kosi/travld/support/ CertificateIssuerCloudflare, Inc. Subjectcookielaw.org FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31 ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash38b5388f36f8f885deb26afdac0e3116 112eccab1891a3a7cab1c5602ba72c9e127136e0 a8562f11c5a80a5c1c4ab388cfa2a69598203a57a5c67d1f80512bddd80d09ef
GET /logos/static/powered_by_logo.svg HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uqb.grr.temporary.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 02 May 2024 16:27:35 GMT
content-type: image/svg+xml
content-md5: Y+c301RBZNK39PvKQWrIBw==
last-modified: Tue, 30 Apr 2024 06:34:32 GMT
x-ms-request-id: 5615e828-501e-007f-6031-9bf618000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 78566
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87d9612c09c3b515-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cdn.app.sbb.ch/fonts/v1_6_subset/SBBWeb-Light.woff2 | 18.195.200.224 | 200 OK | 14 kB |
URL GET HTTP/2cdn.app.sbb.ch/fonts/v1_6_subset/SBBWeb-Light.woff2 IP18.195.200.224:443
Requested byhttps://uqb.grr.temporary.site/kosi/travld/support/ CertificateIssuerAmazon Subject*.app.sbb.ch Fingerprint91:97:68:15:9B:1D:9F:0F:5B:C1:DB:F4:EE:DC:A6:EC:4A:2A:09:71 ValidityWed, 16 Aug 2023 00:00:00 GMT - Fri, 13 Sep 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 14212, version 1.0 Hash8b70a44a98a0ac5d721df7d8f5136f7b 10e10c01e732f3d35a78e1051bfcc9fe2589ddda 5c7f0e173844556da7ca5eb8936fa3dab1c00206960920a49a1eea9cde2bfaaf
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - SwissPass |
GET /fonts/v1_6_subset/SBBWeb-Light.woff2 HTTP/1.1
Host: cdn.app.sbb.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://uqb.grr.temporary.site
DNT: 1
Connection: keep-alive
Referer: https://uqb.grr.temporary.site/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 02 May 2024 16:27:35 GMT
content-type: application/font-woff2
content-length: 14212
server: nginx/1.25.5
last-modified: Wed, 31 Jan 2024 10:14:44 GMT
vary: Accept-Encoding
etag: "65ba1d94-3784"
expires: Fri, 02 May 2025 16:27:35 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
cache-control: max-age=31536000, public, private
accept-ranges: bytes
set-cookie: 9527f1a32486d650b0687919ffd41c2b=a3ed87b2dc9abb853daf697c7a2ecf62; path=/; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| cdn.cookielaw.org/scripttemplates/202403.1.0/assets/otCommonStyles.css | 104.19.177.52 | 200 OK | 25 kB |
URL GET HTTP/2cdn.cookielaw.org/scripttemplates/202403.1.0/assets/otCommonStyles.css IP104.19.177.52:443
Requested byhttps://uqb.grr.temporary.site/kosi/travld/support/ CertificateIssuerCloudflare, Inc. Subjectcookielaw.org FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31 ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (24823), with no line terminators Hashe04ad89975c535b30bae773d0eb0d3b2 0c72555d0fd844150b6ec407a57da2d29bf380e2 06c0edbfc1b871fb45195265f5faad3e23191305f6ff2125557a9fbc287c8992
GET /scripttemplates/202403.1.0/assets/otCommonStyles.css HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uqb.grr.temporary.site/
Origin: https://uqb.grr.temporary.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 02 May 2024 16:27:35 GMT
content-type: text/css
content-md5: 4ErYmXXFNbMLrnc9DrDTsg==
last-modified: Thu, 21 Mar 2024 07:04:40 GMT
x-ms-request-id: a17c28e3-701e-008c-7239-99518d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87d9612b09bf0b55-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cdn.cookielaw.org/consent/e91f4b90-f9aa-4ace-891b-96dd07595d9f-test/e91f4b90-f9aa-4ace-891b-96dd07595d9f-test.json | 104.19.177.52 | 200 OK | 4.3 kB |
URL GET HTTP/2cdn.cookielaw.org/consent/e91f4b90-f9aa-4ace-891b-96dd07595d9f-test/e91f4b90-f9aa-4ace-891b-96dd07595d9f-test.json IP104.19.177.52:443
Requested byhttps://uqb.grr.temporary.site/kosi/travld/support/ CertificateIssuerCloudflare, Inc. Subjectcookielaw.org FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31 ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (5128), with no line terminators Hash10513ca209286a4084d86a022e2718cb d0b1a96c62dbd52b295f99e6b2c59f8e7288384f 9d0be3ec5974e872ca2464d4c23d8b4abd280dacde80defdd5ecb33dc347f539
GET /consent/e91f4b90-f9aa-4ace-891b-96dd07595d9f-test/e91f4b90-f9aa-4ace-891b-96dd07595d9f-test.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://uqb.grr.temporary.site
DNT: 1
Connection: keep-alive
Referer: https://uqb.grr.temporary.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 02 May 2024 16:27:34 GMT
content-type: application/x-javascript
content-length: 1593
cf-ray: 87d961274d6b0b55-OSL
cf-cache-status: DYNAMIC
access-control-allow-origin: *
cache-control: public, max-age=86400
content-encoding: gzip
etag: 0x8DC4F059623FCE9
last-modified: Thu, 28 Mar 2024 09:00:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-md5: iwIpyq7vAuKwpHzHQHFt4g==
x-content-type-options: nosniff
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 68fe6026-c01e-007b-2ead-9c2ad9000000
x-ms-version: 2009-09-19
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
|
|
| uqb.grr.temporary.site/kosi/travld/support/resources/ico/apple-touch-icon-precomposed-20200819.png | 192.185.17.122 | 404 Not Found | 746 B |
URL GET HTTP/2uqb.grr.temporary.site/kosi/travld/support/resources/ico/apple-touch-icon-precomposed-20200819.png IP192.185.17.122:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
Requested byhttps://uqb.grr.temporary.site/kosi/travld/support/ CertificateIssuerLet's Encrypt Subjectsuojdplp.com FingerprintB5:DB:53:A6:CE:29:ED:6B:71:D7:47:88:30:24:32:1C:F7:F3:47:93 ValiditySun, 28 Apr 2024 02:59:59 GMT - Sat, 27 Jul 2024 02:59:58 GMT
File typeHTML document, ASCII text, with very long lines (796), with no line terminators Hash82b38436551cb1289fa12c06cd95543d 7b14d82f64d44becb2206649c3d2a491ea1c6496 a1594a666b6d0d5f671ced26c073c698a76ed31c5ea4ba1f434f0aa78f397a5d
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - SwissPass |
GET /kosi/travld/support/resources/ico/apple-touch-icon-precomposed-20200819.png HTTP/1.1
Host: uqb.grr.temporary.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uqb.grr.temporary.site/kosi/travld/support/
Cookie: PHPSESSID=4d80ccd1b3d753e8b635b3a9039892e0; nfdbrandname=hostgator
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
last-modified: Sun, 19 Jun 2022 19:42:34 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 462
content-type: text/html
date: Thu, 02 May 2024 16:27:35 GMT
server: Apache
X-Firefox-Spdy: h2
|
|