urlscan.io logo urlscan.io
SecurityTrails logo

grosss.xyz Open in urlscan Pro
198.12.248.220  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://grosss.xyz/truce/poter.cde?lau=user@outlook.com&name=%20user%20A
Effective URL: https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/jx3qoce5en2z5yu4xx0zl8ns2qwa1g.php?login=user&.verify?ser...
Submission: On May 27 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 9 domains to perform 29 HTTP transactions. The main IP is 198.12.248.220, located in Scottsdale, United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is grosss.xyz.
TLS certificate: Issued by cPanel, Inc. Certification Authority on May 14th 2020. Valid for: 3 months.
This is the only time grosss.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Email (Online) Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 11 198.12.248.220 26496 (AS-26496-...)
6 35.201.118.58 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:26f0:f1:... 20940 (AKAMAI-ASN1)
1 2606:4700:303... 13335 (CLOUDFLAR...)
6 192.229.221.185 15133 (EDGECAST)
29 8
11    198.12.248.220 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-198-12-248-220.ip.secureserver.net
grosss.xyz
6    35.201.118.58 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 58.118.201.35.bc.googleusercontent.com
cdn.jotfor.ms
2    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    2a02:26f0:f1:288::30ec (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
image.freepik.com
1    2606:4700:3033::6818:7b97 (United States)

ASN13335 (CLOUDFLARENET, US)
jsonp.afeld.me
6    192.229.221.185 (United States)

ASN15133 (EDGECAST, US)
logincdn.msauth.net
Apex Domain
Subdomains		 Transfer
11 grosss.xyz
grosss.xyz
45 KB
6 msauth.net
logincdn.msauth.net
186 KB
6 jotfor.ms
cdn.jotfor.ms
29 KB
3 unpkg.com
unpkg.com
2 KB
2 googleapis.com
ajax.googleapis.com
40 KB
1 afeld.me
jsonp.afeld.me
11 KB
1 freepik.com
image.freepik.com
42 KB
0 cors.io Failed
cors.io Failed
0 outlook.com Failed
outlook.com Failed
29 9
Domain Requested by
11 grosss.xyz 1 redirects grosss.xyz
6 logincdn.msauth.net srcdoc
6 cdn.jotfor.ms grosss.xyz
3 unpkg.com 2 redirects grosss.xyz
2 ajax.googleapis.com grosss.xyz
1 jsonp.afeld.me grosss.xyz
1 image.freepik.com grosss.xyz
0 cors.io Failed grosss.xyz
0 outlook.com Failed grosss.xyz
29 9

This site contains no links.

Subject Issuer Validity Valid
grosss.xyz
cPanel, Inc. Certification Authority		 2020-05-14 -
2020-08-12		 3 months crt.sh
jotform.com
Sectigo RSA Domain Validation Secure Server CA		 2019-08-22 -
2021-08-21		 2 years crt.sh
upload.video.google.com
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-04-06 -
2020-10-09		 6 months crt.sh
thumbr.io
Sectigo RSA Domain Validation Secure Server CA		 2019-10-09 -
2021-12-07		 2 years crt.sh
prod-identitycdnsan.msauth.net
Microsoft IT TLS CA 5		 2018-12-17 -
2020-12-17		 2 years crt.sh

This page contains 2 frames:

Primary Page: https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/jx3qoce5en2z5yu4xx0zl8ns2qwa1g.php?login=user&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=user&loginID=user&.
Frame ID: 92343E719FF0E95332D9B45C545BA238
Requests: 24 HTTP requests in this frame

Frame: https://outlook.com/
Frame ID: 9190F4EE20257C694A9331F75A1DA94A
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://grosss.xyz/truce/poter.cde?lau=user@outlook.com&name=%20user%20A Page URL
  2. https://grosss.xyz/truce/rcopy.php HTTP 302
    https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/load.php?token=01dXNlckBvdXRsb29rLmNv... Page URL
  3. https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/jx3qoce5en2z5yu4xx0zl8ns2qwa1g.php?lo... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /googleapis\.com\/.+webfont/i

Page Statistics

29
Requests

93 %
HTTPS

57 %
IPv6

9
Domains

9
Subdomains

8
IPs

3
Countries

352 kB
Transfer

1097 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://grosss.xyz/truce/poter.cde?lau=user@outlook.com&name=%20user%20A Page URL
  2. https://grosss.xyz/truce/rcopy.php HTTP 302
    https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/load.php?token=01dXNlckBvdXRsb29rLmNvbQ%3D%3D Page URL
  3. https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/jx3qoce5en2z5yu4xx0zl8ns2qwa1g.php?login=user&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=user&loginID=user&. Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://grosss.xyz/truce/rcopy.php HTTP 302
  • https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/load.php?token=01dXNlckBvdXRsb29rLmNvbQ%3D%3D
Request Chain 13
  • https://unpkg.com/@ungap/custom-elements-builtin HTTP 302
  • https://unpkg.com/@ungap/custom-elements-builtin@0.5.1 HTTP 302
  • https://unpkg.com/@ungap/custom-elements-builtin@0.5.1/min.js

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
poter.cde
grosss.xyz/truce/ 		4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://grosss.xyz/truce/poter.cde?lau=user@outlook.com&name=%20user%20A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.12.248.220 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-198-12-248-220.ip.secureserver.net
Software
Apache /
Resource Hash
3f24c131e33e73fdd792305f0421611b9f28ea8bfd9d502b7bc6f2184f912e9e

Request headers

Host
grosss.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 27 May 2020 10:00:28 GMT
Server
Apache
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
load.php
grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/
Redirect Chain
  • https://grosss.xyz/truce/rcopy.php
  • https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/load.php?token=01dXNlckBvdXRsb29rLmNvbQ%3D%3D
5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/load.php?token=01dXNlckBvdXRsb29rLmNvbQ%3D%3D
Requested by
Host: grosss.xyz
URL: https://grosss.xyz/truce/poter.cde?lau=user@outlook.com&name=%20user%20A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.12.248.220 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-198-12-248-220.ip.secureserver.net
Software
Apache /
Resource Hash

Request headers

Host
grosss.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://grosss.xyz/truce/poter.cde?lau=user@outlook.com&name=%20user%20A
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
Origin
https://grosss.xyz
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://grosss.xyz/truce/poter.cde?lau=user@outlook.com&name=%20user%20A

Response headers

Date
Wed, 27 May 2020 10:00:28 GMT
Server
Apache
Keep-Alive
timeout=5, max=98
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Wed, 27 May 2020 10:00:28 GMT
Server
Apache
Location
bbe4442ab31270bac4ab97b99758e49a/load.php?token=01dXNlckBvdXRsb29rLmNvbQ%3D%3D
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif
Primary Request jx3qoce5en2z5yu4xx0zl8ns2qwa1g.php
grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/ 		32 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/jx3qoce5en2z5yu4xx0zl8ns2qwa1g.php?login=user&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=user&loginID=user&.
Requested by
Host: grosss.xyz
URL: https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/load.php?token=01dXNlckBvdXRsb29rLmNvbQ%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.12.248.220 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-198-12-248-220.ip.secureserver.net
Software
Apache /
Resource Hash
39919d713c950da5f99ebea9a86cfb6ceac0cf24569706228b94a19768e6dbc4

Request headers

Host
grosss.xyz
Connection
keep-alive
Content-Length
36
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
Origin
https://grosss.xyz
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/load.php?token=01dXNlckBvdXRsb29rLmNvbQ%3D%3D
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
Origin
https://grosss.xyz
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/load.php?token=01dXNlckBvdXRsb29rLmNvbQ%3D%3D

Response headers

Date
Wed, 27 May 2020 10:00:28 GMT
Server
Apache
Keep-Alive
timeout=5, max=97
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif
formCss.css
cdn.jotfor.ms/static/ 		64 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jotfor.ms/static/formCss.css?3.3.16036
Requested by
Host: grosss.xyz
URL: https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/jx3qoce5en2z5yu4xx0zl8ns2qwa1g.php?login=user&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=user&loginID=user&.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.118.58 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
58.118.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
b70e98495458ca8659c58f6ea5508d6ee12d0cb98efd7bb8a4b346c34b8cd5ad

Request headers

Referer
https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/jx3qoce5en2z5yu4xx0zl8ns2qwa1g.php?login=user&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=user&loginID=user&.
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 27 May 2020 10:00:29 GMT
content-encoding
gzip
last-modified
Wed, 27 May 2020 09:21:57 GMT
server
nginx
etag
W/"5ece3135-101ca"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=315360000, public
alt-svc
clear
via
1.1 google
expires
Thu, 31 Dec 2037 23:55:55 GMT
nova.css
cdn.jotfor.ms/css/styles/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jotfor.ms/css/styles/nova.css?3.3.16036
Requested by
Host: grosss.xyz
URL: https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/jx3qoce5en2z5yu4xx0zl8ns2qwa1g.php?login=user&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=user&loginID=user&.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.118.58 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
58.118.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
945f66eb33c4ae23d0edffd13d6d488ec54ae166e971dd3a426967a86f64ac9f

Request headers

Referer
https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/jx3qoce5en2z5yu4xx0zl8ns2qwa1g.php?login=user&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=user&loginID=user&.
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 27 May 2020 10:00:29 GMT
content-encoding
gzip
last-modified
Fri, 22 May 2020 14:59:40 GMT
server
nginx
etag
W/"5ec7e8dc-4638"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=315360000, public
alt-svc
clear
via
1.1 google
expires
Thu, 31 Dec 2037 23:55:55 GMT
566a91c2977cdfcd478b4567.css
cdn.jotfor.ms/themes/CSS/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jotfor.ms/themes/CSS/566a91c2977cdfcd478b4567.css?
Requested by
Host: grosss.xyz
URL: https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/jx3qoce5en2z5yu4xx0zl8ns2qwa1g.php?login=user&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=user&loginID=user&.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.118.58 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
58.118.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
c9f745004be8950bb107fa54593349fd2bdbd857669b7544b9c5bb224377075e

Request headers

Referer
https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/jx3qoce5en2z5yu4xx0zl8ns2qwa1g.php?login=user&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=user&loginID=user&.
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 27 May 2020 10:00:29 GMT
content-encoding
gzip
last-modified
Tue, 12 Nov 2019 07:10:01 GMT
server
nginx
etag
W/"69a9d6c0f9a77f19db6d25e5183912c4"
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
status
200
cache-control
no-cache
x-form-cache
MISS-APP
alt-svc
clear
via
1.1 google
expires
Thu, 01 Jan 1970 00:00:01 GMT
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.4.2/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.4.2/webfont.js
Requested by
Host: grosss.xyz
URL: https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/jx3qoce5en2z5yu4xx0zl8ns2qwa1g.php?login=user&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=user&loginID=user&.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52ed15904751d037ad3a0835c1df150485c6d1b815355bbad1ccad6fda5f4e9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/jx3qoce5en2z5yu4xx0zl8ns2qwa1g.php?login=user&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=user&loginID=user&.
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 20 May 2020 15:47:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
583964
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6918
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 May 2021 15:47:45 GMT
printForm.css
cdn.jotfor.ms/css/ 		456 B
565 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jotfor.ms/css/printForm.css?3.3.16036
Requested by
Host: grosss.xyz
URL: https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/jx3qoce5en2z5yu4xx0zl8ns2qwa1g.php?login=user&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=user&loginID=user&.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.118.58 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
58.118.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
b23b22d37aabecfaf4922f97f2b1fa93da87fd0a284624f7f8fa00bf40b37cb7

Request headers

Referer
https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/jx3qoce5en2z5yu4xx0zl8ns2qwa1g.php?login=user&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=user&loginID=user&.
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 27 May 2020 10:00:29 GMT
via
1.1 google
last-modified
Thu, 16 May 2019 07:50:58 GMT
server
nginx
etag
"5cdd1662-1c8"
content-type
text/css
status
200
cache-control
max-age=315360000, public
accept-ranges
bytes
alt-svc
clear
content-length
456
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Requested by
Host: grosss.xyz
URL: https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/jx3qoce5en2z5yu4xx0zl8ns2qwa1g.php?login=user&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=user&loginID=user&.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/jx3qoce5en2z5yu4xx0zl8ns2qwa1g.php?login=user&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=user&loginID=user&.
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 20 May 2020 05:40:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
620386
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33434
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 May 2021 05:40:43 GMT
flyoutmenu.css
grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/resources/js/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/resources/js/flyoutmenu.css?1001088
Requested by
Host: grosss.xyz
URL: https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/jx3qoce5en2z5yu4xx0zl8ns2qwa1g.php?login=user&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=user&loginID=user&.
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.12.248.220 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-198-12-248-220.ip.secureserver.net
Software
Apache /
Resource Hash

Request headers

Referer
https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/jx3qoce5en2z5yu4xx0zl8ns2qwa1g.php?login=user&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=user&loginID=user&.
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 27 May 2020 10:00:29 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
flyoutmenu.js
grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/resources/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/resources/js/flyoutmenu.js?1001088
Requested by
Host: grosss.xyz
URL: https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/jx3qoce5en2z5yu4xx0zl8ns2qwa1g.php?login=user&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=user&loginID=user&.
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.12.248.220 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-198-12-248-220.ip.secureserver.net
Software
Apache /
Resource Hash

Request headers

Referer
https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/jx3qoce5en2z5yu4xx0zl8ns2qwa1g.php?login=user&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=user&loginID=user&.
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 27 May 2020 10:00:29 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=96
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
global.css
grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/resources/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/resources/css/global.css?1001088
Requested by
Host: grosss.xyz
URL: https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/jx3qoce5en2z5yu4xx0zl8ns2qwa1g.php?login=user&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=user&loginID=user&.
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.12.248.220 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-198-12-248-220.ip.secureserver.net
Software
Apache /
Resource Hash

Request headers

Referer
https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/jx3qoce5en2z5yu4xx0zl8ns2qwa1g.php?login=user&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=user&loginID=user&.
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 27 May 2020 10:00:29 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
min.js
unpkg.com/@ungap/custom-elements-builtin@0.5.1/
Redirect Chain
  • https://unpkg.com/@ungap/custom-elements-builtin
  • https://unpkg.com/@ungap/custom-elements-builtin@0.5.1
  • https://unpkg.com/@ungap/custom-elements-builtin@0.5.1/min.js
3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/@ungap/custom-elements-builtin@0.5.1/min.js
Requested by
Host: grosss.xyz
URL: https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/jx3qoce5en2z5yu4xx0zl8ns2qwa1g.php?login=user&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=user&loginID=user&.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a95733f6fc462f46f06765a36bf83cc043e4af8b8cc1e26eaaeed6247c83cb99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/jx3qoce5en2z5yu4xx0zl8ns2qwa1g.php?login=user&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=user&loginID=user&.
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 27 May 2020 10:00:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1742722
status
200
vary
Accept-Encoding
cf-request-id
02f72c96e300001f413613b200000001
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"b6d-AeFZtjpxREOqaOO/jTgzm5mpGIo"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
2c5e9881f461bf785ed7f55d91d570d7
cache-control
public, max-age=31536000
cf-ray
599ee39e39f41f41-FRA

Redirect headers

date
Wed, 27 May 2020 10:00:29 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1742723
status
302
vary
Accept, Accept-Encoding
content-length
66
cf-request-id
02f72c96cc00001f413613a200000001
access-control-allow-origin
*
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/plain; charset=utf-8
location
/@ungap/custom-elements-builtin@0.5.1/min.js
x-cloud-trace-context
e7dd3215d29d51d53690073687a10ad0
cache-control
public, max-age=31536000
cf-ray
599ee39e19821f41-FRA
x-frame-bypass.js
grosss.xyz/truce/engine/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://grosss.xyz/truce/engine/x-frame-bypass.js
Requested by
Host: grosss.xyz
URL: https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/jx3qoce5en2z5yu4xx0zl8ns2qwa1g.php?login=user&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=user&loginID=user&.
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.12.248.220 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-198-12-248-220.ip.secureserver.net
Software
Apache /
Resource Hash
45395e2c0a7c04a5207154f41e9d0284ea08649d310a20001eaf1c274eebf4e5

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/jx3qoce5en2z5yu4xx0zl8ns2qwa1g.php?login=user&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=user&loginID=user&.
Origin
https://grosss.xyz

Response headers

Date
Wed, 27 May 2020 10:00:29 GMT
Last-Modified
Fri, 08 May 2020 00:14:28 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2578
appointmentSlots.css
cdn.jotfor.ms/css/styles/ 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jotfor.ms/css/styles/appointmentSlots.css?v=0.13
Requested by
Host: grosss.xyz
URL: https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/jx3qoce5en2z5yu4xx0zl8ns2qwa1g.php?login=user&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=user&loginID=user&.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.118.58 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
58.118.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
5a1a32e8c7bb8e3cb1b65d0200e1ca70867205f4ff836bae85c8e7c72d8207dd

Request headers

Referer
https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/jx3qoce5en2z5yu4xx0zl8ns2qwa1g.php?login=user&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=user&loginID=user&.
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 27 May 2020 10:00:29 GMT
content-encoding
gzip
last-modified
Thu, 07 May 2020 11:22:50 GMT
server
nginx
etag
W/"5eb3ef8a-4de8"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=315360000, public
alt-svc
clear
via
1.1 google
expires
Thu, 31 Dec 2037 23:55:55 GMT
control_inline.css
cdn.jotfor.ms/css/styles/control_inline/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jotfor.ms/css/styles/control_inline/control_inline.css?v=0.2
Requested by
Host: grosss.xyz
URL: https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/jx3qoce5en2z5yu4xx0zl8ns2qwa1g.php?login=user&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=user&loginID=user&.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.118.58 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
58.118.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
227e4084a62fd074ac776a48b803dc877e6d040d92d80907ce56cf1f214b426d

Request headers

Referer
https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/jx3qoce5en2z5yu4xx0zl8ns2qwa1g.php?login=user&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=user&loginID=user&.
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 27 May 2020 10:00:29 GMT
content-encoding
gzip
last-modified
Fri, 22 May 2020 06:12:12 GMT
server
nginx
etag
W/"5ec76d3c-1a49"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=315360000, public
alt-svc
clear
via
1.1 google
expires
Thu, 31 Dec 2037 23:55:55 GMT
smartphone-message-email-lock-secure-digital_24877-2805.jpg
image.freepik.com/free-vector/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.freepik.com/free-vector/smartphone-message-email-lock-secure-digital_24877-2805.jpg
Requested by
Host: grosss.xyz
URL: https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/jx3qoce5en2z5yu4xx0zl8ns2qwa1g.php?login=user&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=user&loginID=user&.
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:f1:288::30ec , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
nginx /
Resource Hash
9bb85b7ed32c949f4342c1707181548166b5c49f4116f13d00a360d2194683fe

Request headers

Referer
https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/jx3qoce5en2z5yu4xx0zl8ns2qwa1g.php?login=user&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=user&loginID=user&.
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 27 May 2020 10:00:29 GMT
last-modified
Fri, 09 Mar 2018 11:38:41 GMT
server
nginx
etag
"5aa27241-a78d"
x-cache-status
HIT
content-type
image/jpeg
status
200
x-default-rule
YES
accept-ranges
bytes
content-length
42893
flyoutmenu.css
grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/resources/js/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/resources/js/flyoutmenu.css?1001088
Requested by
Host: grosss.xyz
URL: https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/jx3qoce5en2z5yu4xx0zl8ns2qwa1g.php?login=user&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=user&loginID=user&.
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.12.248.220 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-198-12-248-220.ip.secureserver.net
Software
Apache /
Resource Hash

Request headers

Referer
https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/jx3qoce5en2z5yu4xx0zl8ns2qwa1g.php?login=user&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=user&loginID=user&.
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 27 May 2020 10:00:29 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=95
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
flyoutmenu.js
grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/resources/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/resources/js/flyoutmenu.js?1001088
Requested by
Host: grosss.xyz
URL: https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/jx3qoce5en2z5yu4xx0zl8ns2qwa1g.php?login=user&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=user&loginID=user&.
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.12.248.220 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-198-12-248-220.ip.secureserver.net
Software
Apache /
Resource Hash

Request headers

Referer
https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/jx3qoce5en2z5yu4xx0zl8ns2qwa1g.php?login=user&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=user&loginID=user&.
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 27 May 2020 10:00:29 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
global.css
grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/resources/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/resources/css/global.css?1001088
Requested by
Host: grosss.xyz
URL: https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/jx3qoce5en2z5yu4xx0zl8ns2qwa1g.php?login=user&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=user&loginID=user&.
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.12.248.220 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-198-12-248-220.ip.secureserver.net
Software
Apache /
Resource Hash

Request headers

Referer
https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/jx3qoce5en2z5yu4xx0zl8ns2qwa1g.php?login=user&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=user&loginID=user&.
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 27 May 2020 10:00:29 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=97
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
/
outlook.com/ Frame 9190 		0
0
/
cors.io/ 		0
0
/
jsonp.afeld.me/ 		26 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://jsonp.afeld.me/?url=https://outlook.com/
Requested by
Host: grosss.xyz
URL: https://grosss.xyz/truce/engine/x-frame-bypass.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6818:7b97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a194241e088f78216654657cc2b5b98366f6db8ed8384bf86381070129d2c4ce
Security Headers
Name Value
Strict-Transport-Security max-age=0; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/jx3qoce5en2z5yu4xx0zl8ns2qwa1g.php?login=user&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=user&loginID=user&.
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 27 May 2020 10:00:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
status
200
ppserver
PPV: 30 H: BY1PPF736EC12EF V: 0
vary
Accept-Encoding
cf-request-id
02f72c9a49000005e983218200000001
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; preload
content-type
text/html; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
74501764-6bd0-46f3-bdf1-2e39199bdf35
x-xss-protection
1; mode=block
cache-control
max-age=0, no-store
cf-ray
599ee3a3af5805e9-FRA
expires
Wed, 27 May 2020 09:59:31 GMT
Converged_v21033_Vso4vqMV44DOHKPPa1RUKg2.css
logincdn.msauth.net/16.000/ Frame 9190 		100 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://logincdn.msauth.net/16.000/Converged_v21033_Vso4vqMV44DOHKPPa1RUKg2.css
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F04) /
Resource Hash
a53b73227c889007bf563167513ea5e275dc3a2b140382ae0b0a27af24fa01df

Request headers

Referer
https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/jx3qoce5en2z5yu4xx0zl8ns2qwa1g.php?login=user&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=user&loginID=user&.
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 27 May 2020 10:00:32 GMT
content-encoding
gzip
content-md5
wFU9Q++WsuK4bENMDETWWw==
age
3158052
x-cache
HIT
status
200
content-length
18858
x-ms-lease-status
unlocked
last-modified
Wed, 15 Apr 2020 05:23:59 GMT
server
ECAcc (paa/6F04)
etag
0x8D7E0FD33CC38C8
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
8c696060-c01e-004f-4a54-171dc4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
ConvergedLoginPaginatedStrings.en_sGaMmkPhMdk10vy3qysl_g2.js
logincdn.msauth.net/16.000/js/ Frame 9190 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://logincdn.msauth.net/16.000/js/ConvergedLoginPaginatedStrings.en_sGaMmkPhMdk10vy3qysl_g2.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F28) /
Resource Hash
39e1f1b803b07ce084ed694bda42848004e7a81696e419af7a2d960a5ff980a2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/jx3qoce5en2z5yu4xx0zl8ns2qwa1g.php?login=user&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=user&loginID=user&.
Origin
https://grosss.xyz

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 27 May 2020 10:00:32 GMT
content-encoding
gzip
content-md5
tHnKYWHAFyHfBUPksIFpyQ==
age
2854093
x-cache
HIT
status
200
content-length
7700
x-ms-lease-status
unlocked
last-modified
Thu, 23 Apr 2020 07:37:47 GMT
server
ECAcc (frc/8F28)
etag
0x8D7E75937F9B5C1
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
2fd375ed-501e-008f-1718-1a1923000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
OldConvergedLogin_PCore_P1tcdt7k5AQN-L7MAhxDfw2.js
logincdn.msauth.net/16.000/js/ Frame 9190 		594 KB
151 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://logincdn.msauth.net/16.000/js/OldConvergedLogin_PCore_P1tcdt7k5AQN-L7MAhxDfw2.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F0D) /
Resource Hash
07e98b6480de450ed9f67c748c44bbb7b97fc7fa2110dee5fc19435fd7ba4831

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/jx3qoce5en2z5yu4xx0zl8ns2qwa1g.php?login=user&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=user&loginID=user&.
Origin
https://grosss.xyz

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 27 May 2020 10:00:32 GMT
content-encoding
gzip
content-md5
smFmtCe1m5EK3SIDRZ7hwA==
age
2862995
x-cache
HIT
status
200
content-length
154608
x-ms-lease-status
unlocked
last-modified
Thu, 23 Apr 2020 07:42:31 GMT
server
ECAcc (frc/8F0D)
etag
0x8D7E759E1665D93
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
36cfea43-201e-007b-4703-1a3711000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
oldconvergedlogin_palt_9L70Mf7QyvgjC6Ck6tLKqw2.js
logincdn.msauth.net/16.000/js/ Frame 9190 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://logincdn.msauth.net/16.000/js/oldconvergedlogin_palt_9L70Mf7QyvgjC6Ck6tLKqw2.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8EA4) /
Resource Hash
6aec962bd9f3bb596f082b3c50bab16ded65e9cddae49e4d01f02ea442d78623

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/jx3qoce5en2z5yu4xx0zl8ns2qwa1g.php?login=user&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=user&loginID=user&.
Origin
https://grosss.xyz

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 27 May 2020 10:00:32 GMT
content-encoding
gzip
content-md5
SPSY7+rwtYk7AIOGlsOP6g==
age
2853794
x-cache
HIT
status
200
content-length
5045
x-ms-lease-status
unlocked
last-modified
Thu, 23 Apr 2020 07:42:31 GMT
server
ECAcc (frc/8EA4)
etag
0x8D7E759E17A86B9
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
a32834b3-e01e-007a-1619-1ac91c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
2_bc3d32a696895f78c19df6c717586a5d.svg
logincdn.msauth.net/16.000.28595.2/content/images/backgrounds/ Frame 9190 		2 KB
836 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logincdn.msauth.net/16.000.28595.2/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F7C) /
Resource Hash
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

Referer
https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/jx3qoce5en2z5yu4xx0zl8ns2qwa1g.php?login=user&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=user&loginID=user&.
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 27 May 2020 10:00:32 GMT
content-encoding
gzip
content-md5
DhdidjYrlCeaRJJRG/y9mA==
age
1260882
x-cache
HIT
status
200
content-length
673
x-ms-lease-status
unlocked
last-modified
Fri, 08 May 2020 12:39:05 GMT
server
ECAcc (paa/6F7C)
etag
0x8D7F34CCBD0B612
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
9c8970e2-501e-0067-6d95-2844ba000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
logincdn.msauth.net/16.000.28595.2/content/images/ Frame 9190 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logincdn.msauth.net/16.000.28595.2/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F7E) /
Resource Hash
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

Referer
https://grosss.xyz/truce/bbe4442ab31270bac4ab97b99758e49a/jx3qoce5en2z5yu4xx0zl8ns2qwa1g.php?login=user&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=user&loginID=user&.
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 27 May 2020 10:00:32 GMT
content-encoding
gzip
content-md5
nzaLxFgP7ZB3dfMcaybWzw==
age
1260946
x-cache
HIT
status
200
content-length
1435
x-ms-lease-status
unlocked
last-modified
Fri, 08 May 2020 12:39:11 GMT
server
ECAcc (paa/6F7E)
etag
0x8D7F34CCF325805
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
c1170628-a01e-003b-3495-28cbb3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
outlook.com
URL
https://outlook.com/
Domain
cors.io
URL
https://cors.io/?https://outlook.com/

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Email (Online) Microsoft (Consumer)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate boolean| Ha object| webfont object| WebFont function| $ function| jQuery object| swRegisterManager function| swPostRegister

0 Cookies

1 Console Messages

Source Level URL
Text
console-api log URL: https://grosss.xyz/truce/engine/x-frame-bypass.js(Line 13)
Message:
X-Frame-Bypass loading: https://outlook.com/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.jotfor.ms
cors.io
grosss.xyz
image.freepik.com
jsonp.afeld.me
logincdn.msauth.net
outlook.com
unpkg.com
cors.io
outlook.com
192.229.221.185
198.12.248.220
2606:4700:3033::6818:7b97
2606:4700::6810:7baf
2a00:1450:4001:801::200a
2a02:26f0:f1:288::30ec
35.201.118.58
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
07e98b6480de450ed9f67c748c44bbb7b97fc7fa2110dee5fc19435fd7ba4831
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
227e4084a62fd074ac776a48b803dc877e6d040d92d80907ce56cf1f214b426d
39919d713c950da5f99ebea9a86cfb6ceac0cf24569706228b94a19768e6dbc4
39e1f1b803b07ce084ed694bda42848004e7a81696e419af7a2d960a5ff980a2
3f24c131e33e73fdd792305f0421611b9f28ea8bfd9d502b7bc6f2184f912e9e
45395e2c0a7c04a5207154f41e9d0284ea08649d310a20001eaf1c274eebf4e5
52ed15904751d037ad3a0835c1df150485c6d1b815355bbad1ccad6fda5f4e9b
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5a1a32e8c7bb8e3cb1b65d0200e1ca70867205f4ff836bae85c8e7c72d8207dd
6aec962bd9f3bb596f082b3c50bab16ded65e9cddae49e4d01f02ea442d78623
945f66eb33c4ae23d0edffd13d6d488ec54ae166e971dd3a426967a86f64ac9f
9bb85b7ed32c949f4342c1707181548166b5c49f4116f13d00a360d2194683fe
a194241e088f78216654657cc2b5b98366f6db8ed8384bf86381070129d2c4ce
a53b73227c889007bf563167513ea5e275dc3a2b140382ae0b0a27af24fa01df
a95733f6fc462f46f06765a36bf83cc043e4af8b8cc1e26eaaeed6247c83cb99
b23b22d37aabecfaf4922f97f2b1fa93da87fd0a284624f7f8fa00bf40b37cb7
b70e98495458ca8659c58f6ea5508d6ee12d0cb98efd7bb8a4b346c34b8cd5ad
c9f745004be8950bb107fa54593349fd2bdbd857669b7544b9c5bb224377075e