| webmail-oxcs.networksolutionsemail.com/appsuite/favicon.svg?version=3999779421 |  198.251.71.220 | 403 Forbidden | 0 B |
URL GET webmail-oxcs.networksolutionsemail.com/appsuite/favicon.svg?version=3999779421 IP198.251.71.220:443
Requested byhttps://shrouded-half-prune.glitch.me/xfdt.html CertificateIssuerSectigo Limited Subject*.networksolutionsemail.com FingerprintD5:E1:96:FA:EA:36:36:92:F6:7E:11:6C:88:AF:DE:42:F6:56:BE:54 ValidityThu, 09 Jan 2025 00:00:00 GMT - Fri, 09 Jan 2026 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /appsuite/favicon.svg?version=3999779421 HTTP/1.1
Host: webmail-oxcs.networksolutionsemail.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://shrouded-half-prune.glitch.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Mon, 31 Mar 2025 13:37:17 GMT
content-type: application/xml
x-amz-request-id: tx00000e0c6efdc4642a24a-0067ea9a8d-177766ff4-msc1
accept-ranges: bytes
x-app-server: rgw14ham1
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload;
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
|
|
| shrouded-half-prune.glitch.me/xfdt.html | 151.101.130.59 | 200 OK | 121 kB |
URL User Request GET shrouded-half-prune.glitch.me/xfdt.html IP151.101.130.59:443
CertificateIssuerCertainly Subject*.glitch.me Fingerprint97:AE:38:66:3D:A4:DF:39:E3:02:0E:99:02:5B:C4:DD:7A:E0:6D:60 ValiditySat, 22 Mar 2025 21:21:47 GMT - Mon, 21 Apr 2025 21:21:46 GMT
File typeHTML document, ASCII text, with very long lines (65536), with no line terminators Size121 kB (121445 bytes) Hash892a573f95dc11dcf6a0a02c475b2199 eb6fa90d6ce43d7ee0897919d127e74175db9d62 51ef60c345c7a19288fc89b4120ee2a6142b1f53c049b6afa512f8e88ec19139
| Analyzer | Verdict | Alert |
|---|
| urlquery | suspicious | Suspicious - Suspicious Javascript code | | OpenPhish | phishing | Webmail Providers | | PhishTank | phishing | Other |
GET /xfdt.html HTTP/1.1
Host: shrouded-half-prune.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-server-side-encryption: AES256
etag: "892a573f95dc11dcf6a0a02c475b2199"
cache-control: no-cache
server: AmazonS3
last-modified: Tue, 25 Mar 2025 19:42:55 GMT
x-amz-id-2: Gi8r7CoMGa99CvKfr6xp7Ypp9EBTzJxrTDCok2zhbp+Xeqi9NcXfcFapz932324HeqKxvhTCqxiF+WNcQVse4T0PhpbqjNJorJI2Sa95irU=
x-amz-request-id: 1432ZJH0SV8C5EGA
content-type: text/html; charset=utf-8
x-amz-version-id: JEvgpcEPf5sexmUAzwX29puSDj5AOx80
accept-ranges: bytes
date: Mon, 31 Mar 2025 13:37:10 GMT
via: 1.1 varnish
x-served-by: cache-hel1410027-HEL, cache-hel1410027-HEL
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1743428230.635493,VS0,VE374
content-length: 121445
X-Firefox-Spdy: h2
|
|
| waxmedx.com/app/network/media/index.html.js.download | 145.223.77.127 | 200 OK | 0 B |
URL GET waxmedx.com/app/network/media/index.html.js.download IP145.223.77.127:443 ASN#47583 Hostinger International Limited
Requested byhttps://shrouded-half-prune.glitch.me/xfdt.html CertificateIssuerLet's Encrypt Subjectwaxmedx.com Fingerprint36:2C:6A:97:8E:70:96:B4:E7:3B:34:90:09:EA:ED:AD:02:03:42:94 ValidityTue, 18 Feb 2025 08:49:29 GMT - Mon, 19 May 2025 08:49:28 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /app/network/media/index.html.js.download HTTP/1.1
Host: waxmedx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shrouded-half-prune.glitch.me
DNT: 1
Connection: keep-alive
Referer: https://shrouded-half-prune.glitch.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/plain
last-modified: Mon, 23 Dec 2024 10:43:42 GMT
etag: "116b-67693ede-1a5aad2763c23a34;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2086
date: Mon, 31 Mar 2025 13:37:10 GMT
server: LiteSpeed
platform: hostinger
panel: hpanel
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
|
|
| waxmedx.com/app/network/media/main-781bf877.css | 145.223.77.127 | 200 OK | 343 kB |
URL GET waxmedx.com/app/network/media/main-781bf877.css IP145.223.77.127:443 ASN#47583 Hostinger International Limited
Requested byhttps://shrouded-half-prune.glitch.me/xfdt.html CertificateIssuerLet's Encrypt Subjectwaxmedx.com Fingerprint36:2C:6A:97:8E:70:96:B4:E7:3B:34:90:09:EA:ED:AD:02:03:42:94 ValidityTue, 18 Feb 2025 08:49:29 GMT - Mon, 19 May 2025 08:49:28 GMT
Size343 kB (342558 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /app/network/media/main-781bf877.css HTTP/1.1
Host: waxmedx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://shrouded-half-prune.glitch.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 07 Apr 2025 13:37:10 GMT
content-type: text/css
last-modified: Mon, 23 Dec 2024 10:43:42 GMT
etag: "53a1e-67693ede-98912753e194db0a;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 49272
date: Mon, 31 Mar 2025 13:37:10 GMT
server: LiteSpeed
platform: hostinger
panel: hpanel
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
|
|
| waxmedx.com/app/network/media/logo | 145.223.77.127 | 200 OK | 4.3 kB |
URL GET waxmedx.com/app/network/media/logo IP145.223.77.127:443 ASN#47583 Hostinger International Limited
Requested byhttps://shrouded-half-prune.glitch.me/xfdt.html CertificateIssuerLet's Encrypt Subjectwaxmedx.com Fingerprint36:2C:6A:97:8E:70:96:B4:E7:3B:34:90:09:EA:ED:AD:02:03:42:94 ValidityTue, 18 Feb 2025 08:49:29 GMT - Mon, 19 May 2025 08:49:28 GMT
File typePNG image data, 154 x 62, 8-bit/color RGBA, non-interlaced Hash8d74d147618554291f8cb17959e22450 4602c88a77f1ae4832e5943a9f31e6dc46c4019c 38f4cd5c0c12b0655856bb8470b15392154ebad70467d63a577ff730e8f248df
GET /app/network/media/logo HTTP/1.1
Host: waxmedx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://shrouded-half-prune.glitch.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Mon, 23 Dec 2024 10:43:42 GMT
etag: "10f6-67693ede-20cd7a78fb9fecb7;;;"
accept-ranges: bytes
content-length: 4342
date: Mon, 31 Mar 2025 13:37:10 GMT
server: LiteSpeed
platform: hostinger
panel: hpanel
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
|
|
| waxmedx.com/app/network/media/error-generic.svg | 145.223.77.127 | 200 OK | 5.1 kB |
URL GET waxmedx.com/app/network/media/error-generic.svg IP145.223.77.127:443 ASN#47583 Hostinger International Limited
Requested byhttps://shrouded-half-prune.glitch.me/xfdt.html CertificateIssuerLet's Encrypt Subjectwaxmedx.com Fingerprint36:2C:6A:97:8E:70:96:B4:E7:3B:34:90:09:EA:ED:AD:02:03:42:94 ValidityTue, 18 Feb 2025 08:49:29 GMT - Mon, 19 May 2025 08:49:28 GMT
File typeSVG Scalable Vector Graphics image Hash94f4b2097b323d5776bac1d91e8c8745 6e9df6ba575da23594331bdec6ad578622d21aa3 3412fd66dfcaf0e4e4ce55aad1842cfad80330f384e8a4a7c92eeed9bf85bc32
GET /app/network/media/error-generic.svg HTTP/1.1
Host: waxmedx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://shrouded-half-prune.glitch.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 07 Apr 2025 13:37:10 GMT
content-type: image/svg+xml
last-modified: Mon, 23 Dec 2024 10:43:42 GMT
etag: "13d9-67693ede-6550b0a01945d9dd;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1688
date: Mon, 31 Mar 2025 13:37:10 GMT
server: LiteSpeed
platform: hostinger
panel: hpanel
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
|
|
| waxmedx.com/app/network/media/logo_180.png | 145.223.77.127 | 200 OK | 16 kB |
URL GET waxmedx.com/app/network/media/logo_180.png IP145.223.77.127:443 ASN#47583 Hostinger International Limited
Requested byhttps://shrouded-half-prune.glitch.me/xfdt.html CertificateIssuerLet's Encrypt Subjectwaxmedx.com Fingerprint36:2C:6A:97:8E:70:96:B4:E7:3B:34:90:09:EA:ED:AD:02:03:42:94 ValidityTue, 18 Feb 2025 08:49:29 GMT - Mon, 19 May 2025 08:49:28 GMT
File typeRIFF (little-endian) data, Web/P image Hashe06af44c8daf198f8f7347c19d16b6fb 5f19c6b1810c23b4c00c47ab9ab69ac2fe616954 bf4d6827f36f12aaf4e420da28f3ee7b6335be06a13aa3b54bc67eaa4f6465ae
GET /app/network/media/logo_180.png HTTP/1.1
Host: waxmedx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://shrouded-half-prune.glitch.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Mon, 07 Apr 2025 13:37:11 GMT
content-type: image/png
last-modified: Mon, 23 Dec 2024 10:43:42 GMT
etag: "3d8a-67693ede-1e143a29c8deb500;;;"
accept-ranges: bytes
content-length: 15754
date: Mon, 31 Mar 2025 13:37:11 GMT
server: LiteSpeed
platform: hostinger
panel: hpanel
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
|
|
0.0.0.0