| nasecure.pages.dev/cdn-cgi/phish-bypass?atok=gsS2GQy8mJQ5F2YR5m_Tus6zYk3EHtFQn4h2w09eZT4-1746287107.4271297-0.0.1.1-%2F&cf-turnstile-response= |  188.114.96.1 | 400 Bad Request | 23 B |
URL User Request GET nasecure.pages.dev/cdn-cgi/phish-bypass?atok=gsS2GQy8mJQ5F2YR5m_Tus6zYk3EHtFQn4h2w09eZT4-1746287107.4271297-0.0.1.1-%2F&cf-turnstile-response= IP188.114.96.1:443
CertificateIssuerGoogle Trust Services Subjectnasecure.pages.dev Fingerprint76:D7:03:69:4E:C7:7D:6C:08:03:7E:64:67:74:77:FC:71:36:DD:EA ValidityFri, 02 May 2025 00:28:08 GMT - Thu, 31 Jul 2025 01:25:53 GMT
File typeASCII text, with no line terminators Hash1862a245f1f02bd4477a17e9432e3a25 5e9e7ba669c7c6e7aa7aede335b0b22f0a08b88f e999e13afc2c76a9b3523daa037814a97f9ad5310ee32c4dfe3b5d006a0ed73b
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/phish-bypass?atok=gsS2GQy8mJQ5F2YR5m_Tus6zYk3EHtFQn4h2w09eZT4-1746287107.4271297-0.0.1.1-%2F&cf-turnstile-response= HTTP/1.1
Host: nasecure.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 400 Bad Request
date: Sun, 04 May 2025 17:27:15 GMT
server: cloudflare
cf-ray: 93a9b5338944a899-RIX
X-Firefox-Spdy: h2
|
| nasecure.pages.dev/cdn-cgi/phish-bypass?atok=gsS2GQy8mJQ5F2YR5m_Tus6zYk3EHtFQn4h2w09eZT4-1746287107.4271297-0.0.1.1-%2F&cf-turnstile-response= | 188.114.96.1 | 403 Forbidden | 151 B |
URL User Request GET nasecure.pages.dev/cdn-cgi/phish-bypass?atok=gsS2GQy8mJQ5F2YR5m_Tus6zYk3EHtFQn4h2w09eZT4-1746287107.4271297-0.0.1.1-%2F&cf-turnstile-response= IP188.114.96.1:80
File typeHTML document, ASCII text, with CRLF line terminators Hashc371fa8374a06a3c0535fc341d454236 441671eacb9398792d435443beaddd3fc5fa1910 eed0b81a2fbdd1c5a9f80705885fc5bbf346ba428a79ff7a13ec8491c6a8e96c
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/phish-bypass?atok=gsS2GQy8mJQ5F2YR5m_Tus6zYk3EHtFQn4h2w09eZT4-1746287107.4271297-0.0.1.1-%2F&cf-turnstile-response= HTTP/1.1
Host: nasecure.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Sun, 04 May 2025 17:27:15 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Server: cloudflare
CF-RAY: 93a9b5347b4ae4cf-RIX
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Content-Encoding: gzip
|
| nasecure.pages.dev/favicon.ico | 188.114.96.1 | 301 Moved Permanently | 0 B |
URL GET nasecure.pages.dev/favicon.ico IP188.114.96.1:80
Requested byhttp://nasecure.pages.dev/cdn-cgi/phish-bypass?atok=gsS2GQy8mJQ5F2YR5m_Tus6zYk3EHtFQn4h2w09eZT4-1746287107.4271297-0.0.1.1-%2F&cf-turnstile-response=
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: nasecure.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nasecure.pages.dev/cdn-cgi/phish-bypass?atok=gsS2GQy8mJQ5F2YR5m_Tus6zYk3EHtFQn4h2w09eZT4-1746287107.4271297-0.0.1.1-%2F&cf-turnstile-response=
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Sun, 04 May 2025 17:27:16 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 04 May 2025 18:27:16 GMT
Location: https://nasecure.pages.dev/favicon.ico
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HILfpjzSZ0oenvNXsfU4ACUj%2BJVYeTJ39hP3qwVnqlEeq5W5OBkzeDjm%2FNlRsfELYTthKZyDKney7TrHMO0NEgAoQH977%2Bhap1KrRPhDBWwdT2V%2BMlDiloX7MRw5xnc%2Fb9hv3kY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 93a9b5353cdae4cf-RIX
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=17579&min_rtt=17544&rtt_var=4956&sent=3&recv=6&lost=0&retrans=0&sent_bytes=395&recv_bytes=986&delivery_rate=164564&cwnd=251&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
|
| nasecure.pages.dev/favicon.ico | 188.114.96.1 | 200 OK | 0 B |
URL GET nasecure.pages.dev/favicon.ico IP188.114.96.1:443
Requested byhttp://nasecure.pages.dev/cdn-cgi/phish-bypass?atok=gsS2GQy8mJQ5F2YR5m_Tus6zYk3EHtFQn4h2w09eZT4-1746287107.4271297-0.0.1.1-%2F&cf-turnstile-response= CertificateIssuerGoogle Trust Services Subjectnasecure.pages.dev Fingerprint76:D7:03:69:4E:C7:7D:6C:08:03:7E:64:67:74:77:FC:71:36:DD:EA ValidityFri, 02 May 2025 00:28:08 GMT - Thu, 31 Jul 2025 01:25:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: nasecure.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://nasecure.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 04 May 2025 17:27:16 GMT
content-type: text/html; charset=utf-8
cf-ray: 93a9b535c93ea872-RIX
server: cloudflare
content-encoding: br
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kTH7slCWgVjY19GtvaWAiBsRI6WXpCytb5CfuFPZRaVRJQdjXJbg7JQZHPoOUXhTxRQwy6veU6rb52pPJgZGVJTnDD6xBJbVKsvjgdutO0j%2FPst67J5g97SnOXrFKuNe2W8UFpk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=21400&min_rtt=15485&rtt_var=13605&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3292&recv_bytes=1209&delivery_rate=277359&cwnd=254&unsent_bytes=0&cid=4a85927417c1c930&ts=209&x=0"
X-Firefox-Spdy: h2
|