backend.six.phish.net Open in urlscan Pro
34.36.46.115  Public Scan

13 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response backend.six.phish.net/	17 KB 5 KB	93ms 56ms	Document text/html	34.36.46.115 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://backend.six.phish.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.36.46.115 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 115.46.36.34.bc.googleusercontent.com Software Apache/2.4.52 (Debian) / PHP/7.3.33 Resource Hash 31d5664d8eaf18327d3456d49f45d7d384a90755c67f6363b370dfdd81072df0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-store, no-cache, must-revalidate content-encoding gzip content-length 4943 content-type text/html; charset=UTF-8 date Tue, 21 Nov 2023 11:49:24 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server Apache/2.4.52 (Debian) vary Accept-Encoding via 1.1 google x-powered-by PHP/7.3.33
GET H2	200	all.min.css cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/	100 KB 19 KB	326ms 10ms	Stylesheet text/css	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css Requested by Host: backend.six.phish.net URL: https://backend.six.phish.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://backend.six.phish.net/ Origin https://backend.six.phish.net accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 21 Nov 2023 11:49:25 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 1118286 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 18778 last-modified Wed, 02 Aug 2023 21:01:56 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "64cac444-495a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t0dNyr4OrIc13rfbfON7YF84InsxOaUOI4sxNLVA0ludTvzVgo%2F0AdITjHpriYVRZjhWj2ZwK4XUo8oUIuqdA8zMPfoyFGJBvcuTUAWzYTk2h3pkaIm2mppohF1Zj17Fvq5AQibj"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 8298b58fac480f93-EWR expires Sun, 10 Nov 2024 11:49:25 GMT
GET H2	200	v4-shims.min.css cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/	27 KB 4 KB	327ms 12ms	Stylesheet text/css	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/v4-shims.min.css Requested by Host: backend.six.phish.net URL: https://backend.six.phish.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0e0a27c105caf20bd4cc76fe58f222d856ab8f626447846842dddca8ce7509ef Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://backend.six.phish.net/ Origin https://backend.six.phish.net accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 21 Nov 2023 11:49:25 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 1043823 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 3660 last-modified Wed, 02 Aug 2023 21:01:56 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "64cac444-e4c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dP6xRNqIHyTJ4NArlF%2FtHScVFpWsHed99Cp9kekeUrLM3RBJKEysBGrqPVw7%2BMdi%2BJCrEX%2Fo7%2BpPU4JPF13UviAZmnW7MqtjRBFXTxaGRRQAFZKBETjHqmvcAAnHOp%2FBgOHTLWnI"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 8298b58fac490f93-EWR expires Sun, 10 Nov 2024 11:49:25 GMT
GET H2	200	style-light.min.css scripts.phish.net/styles/compiled/	147 KB 26 KB	456ms 105ms	Stylesheet text/css	172.67.195.61 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://scripts.phish.net/styles/compiled/style-light.min.css?v=5.63 Requested by Host: backend.six.phish.net URL: https://backend.six.phish.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.195.61 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0d9409460579f7f2e2b74d289ffa0faa7383673894efdc8dcbbb15862962d802 Request headers accept-language en-US,en;q=0.9 Referer https://backend.six.phish.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 21 Nov 2023 11:49:25 GMT content-encoding br cf-cache-status EXPIRED last-modified Wed, 14 Sep 2022 23:58:01 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"24d9e-5e8abe61e3d24-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PrAWLdFvSdf%2BbmJvAPauAbpUcBDCCNyarvlxuP7aNTpjTWDmP9cO2hXDNbLRTu%2F67RFcWqZ6DeeoeSDJIjNl3IRy6QtM5WHDDurmHJzLprbOQXdKwYfKsKKzzBa9p9zFeCWehA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cf-ray 8298b58fea6e18d0-EWR alt-svc h3=":443"; ma=86400
GET H2	200	setlist.min.css scripts.phish.net/styles/compiled/	5 KB 873 B	432ms 82ms	Stylesheet text/css	172.67.195.61 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://scripts.phish.net/styles/compiled/setlist.min.css?v=5.62 Requested by Host: backend.six.phish.net URL: https://backend.six.phish.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.195.61 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d56bc4abc7d9a228a1df5a5755a2491513c882d6e105253bdd2026dd5f87b80f Request headers accept-language en-US,en;q=0.9 Referer https://backend.six.phish.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 21 Nov 2023 11:49:25 GMT content-encoding br cf-cache-status EXPIRED last-modified Tue, 04 Jan 2022 16:12:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1201-5d4c3e8fc032a-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lnY5eTcaRnBu%2BKENdn6ZQBk0qulTPzEO5C2Yu1WzsIqHf0S%2BLEUwuR27gIKbwNhy1cDqY0pPiAoGMmYeXNsgCNe0oTMiHb392PSVvBwweepCIN008mZZoJJqvel9zMlIqsJPYQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cf-ray 8298b58fea6d18d0-EWR alt-svc h3=":443"; ma=86400
GET H2	200	jquery-2.2.4.min.js Show response code.jquery.com/	84 KB 29 KB	348ms 4ms	Script application/javascript	151.101.2.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-2.2.4.min.js Requested by Host: backend.six.phish.net URL: https://backend.six.phish.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.2.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Request headers Referer https://backend.six.phish.net/ Origin https://backend.six.phish.net accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 21 Nov 2023 11:49:25 GMT content-encoding gzip via 1.1 varnish age 5663566 x-cache HIT content-length 29811 x-served-by cache-lga21968-LGA last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1700567365.094244,VS0,VE0 etag W/"28feccc0-14e4a" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 111988
GET H2	200	bootstrap.min.js Show response maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/	36 KB 11 KB	351ms 36ms	Script application/javascript	104.18.11.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js Requested by Host: backend.six.phish.net URL: https://backend.six.phish.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://backend.six.phish.net/ Origin https://backend.six.phish.net accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 21 Nov 2023 11:49:25 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br cdn-edgestorageid 940 cdn-cachedat 10/31/2023 19:05:23 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:03:59 GMT cdn-proxyver 1.04 cdn-requestpullcode 200 server cloudflare etag W/"c5b5b2fa19bd66ff23211d9f844e0131" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid 0e5d83b218e896831a4c35a5ea5ad6f4 timing-allow-origin * cdn-requestcountrycode US cdn-status 200 cf-ray 8298b58fa960727d-EWR cdn-requestpullsuccess True
GET H2	200	pnet5.js Show response scripts.phish.net/js/	11 KB 3 KB	430ms 81ms	Script application/javascript	172.67.195.61 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://scripts.phish.net/js/pnet5.js?v=5.4 Requested by Host: backend.six.phish.net URL: https://backend.six.phish.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.195.61 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e182dfa7c9e0ed6cc25e992e27e65fa48816438b2388476603a7eeccb5ee72e7 Request headers accept-language en-US,en;q=0.9 Referer https://backend.six.phish.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 21 Nov 2023 11:49:25 GMT content-encoding br cf-cache-status EXPIRED last-modified Wed, 12 Aug 2020 17:56:55 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"2b17-5acb1e9c9aae9-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E9FvHWqlSPq232xR3k4L4qTRNiCOyyMpgdUZa3WZou8j6NaBFnDhHYgMu244bi9aL7PnbkGVA1Oh54DBcSfJijjw1mXCYnJb7DDx9lULpwL9gWTLI7Nd3d%2FiUWLmjHNm2xmQDQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cf-ray 8298b58fea7018d0-EWR alt-svc h3=":443"; ma=86400
GET H2	200	sortable.css scripts.phish.net/packages/sortable/	3 KB 952 B	432ms 83ms	Stylesheet text/css	172.67.195.61 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://scripts.phish.net/packages/sortable/sortable.css Requested by Host: backend.six.phish.net URL: https://backend.six.phish.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.195.61 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e109e59771f272231342f6c2ef655a7eba1b606922d6d63a8d2705abda54cb4a Request headers accept-language en-US,en;q=0.9 Referer https://backend.six.phish.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 21 Nov 2023 11:49:25 GMT content-encoding br cf-cache-status EXPIRED last-modified Thu, 02 Jan 2020 19:21:16 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"aba-59b2d18dcd475-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=flnazabqRsBHcmiLIS4LbYL0RJAnobv69xWfDBeuz%2B2ykgyqIEblmzBDb31xNDPwIffe0OauNxMAM2uLYjMVsh1RxU%2B9bwPPs50t2A1DrbzZB1IJHCYXnQUh560XCrd2FeRzLg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cf-ray 8298b58fea6c18d0-EWR alt-svc h3=":443"; ma=86400
GET H2	200	sortable.js Show response scripts.phish.net/packages/sortable/	9 KB 2 KB	431ms 82ms	Script application/javascript	172.67.195.61 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://scripts.phish.net/packages/sortable/sortable.js Requested by Host: backend.six.phish.net URL: https://backend.six.phish.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.195.61 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4187f9233dc793b94c63b6f4ba6aa2fccc09f71985279c32b526d1db5498df9c Request headers accept-language en-US,en;q=0.9 Referer https://backend.six.phish.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 21 Nov 2023 11:49:25 GMT content-encoding br cf-cache-status EXPIRED last-modified Thu, 02 Jan 2020 19:21:16 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"227a-59b2d18dcd475-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cDnud6e%2FHUBVVscWe69Y3jr1pcyqhpEe%2B3%2BbBqkewnT3a4eKYmNb4IN7U5kgae%2BcRrkdXXNrUYaUJdwr2jDGRojwJJdlRju3dzPzNiTocXsS8degRn3pnqjRiz%2BVBRwqq5hMJQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cf-ray 8298b58fea7118d0-EWR alt-svc h3=":443"; ma=86400
GET H2	200	api.js Show response www.google.com/recaptcha/	1 KB 1 KB	379ms 40ms	Script text/javascript	172.217.13.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js Requested by Host: backend.six.phish.net URL: https://backend.six.phish.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s05-in-f4.1e100.net Software GSE / Resource Hash 68d6f5e6353b7af3f62a7458c547270de36d2f2a8af194f0337252513e518270 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://backend.six.phish.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 21 Nov 2023 11:49:25 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Tue, 21 Nov 2023 11:49:25 GMT
GET H2	200	pnet5.png media.phish.net/logo/	23 KB 24 KB	340ms 11ms	Image image/png	172.67.195.61 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.phish.net/logo/pnet5.png Requested by Host: backend.six.phish.net URL: https://backend.six.phish.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.195.61 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ee661fa29257f62be74ad049d72ae2ae2777314f1996b829c47acb0ecaf481af Request headers accept-language en-US,en;q=0.9 Referer https://backend.six.phish.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 21 Nov 2023 11:49:25 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1058228 alt-svc h3=":443"; ma=86400 content-length 23993 last-modified Sun, 17 Jul 2016 14:50:41 GMT server cloudflare etag "5db9-537d5f9bfdab2" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vzu4RuggJZJdiYf%2FSpkBZu1IFDWJZ6hvuQ%2F2qLZWyjYUwtOGQJTcLwoZiIjKNRYJzmusajtVI6ld2C84HYM30z5acFda34eZlIHcm%2FqKKQ9%2BbXD4eKC%2F8SZ0Q6p%2BGpJgKRQ%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=2592000 accept-ranges bytes cf-ray 8298b58fc9d44391-EWR expires Sat, 09 Dec 2023 05:52:17 GMT
GET H2	200	default_avatar.png media.phish.net/avatars/	11 KB 11 KB	345ms 16ms	Image image/png	172.67.195.61 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.phish.net/avatars/default_avatar.png Requested by Host: backend.six.phish.net URL: https://backend.six.phish.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.195.61 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3d9b8cc49b43c78db7b04f3eafed88e39255a3931471442173d625090e6dde5f Request headers accept-language en-US,en;q=0.9 Referer https://backend.six.phish.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 21 Nov 2023 11:49:25 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1655169 alt-svc h3=":443"; ma=86400 content-length 11383 last-modified Sat, 04 Jan 2014 00:31:44 GMT server cloudflare etag "2c77-4ef1a26ae7c00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7cbOSa9IcEIYb%2BSVHqtxN2%2F1tMK%2FcFHi7YbGUDZtipRdg%2FeSfiOYretFj7l%2F5j%2FzZOixCDROP2x4MiNlIv49EjEtRF4NJ5YhEAljdGUkqj%2BVk%2BbhZjCbntdlATATTYPGtN4%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=2592000 accept-ranges bytes cf-ray 8298b58fc9d24391-EWR expires Sat, 02 Dec 2023 08:03:16 GMT
GET H2	200	mbird.png media.phish.net/site/socialmedia/	4 KB 4 KB	13ms 12ms	Image image/png	172.67.195.61 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://media.phish.net/site/socialmedia/mbird.png Requested by Host: backend.six.phish.net URL: https://backend.six.phish.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.195.61 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c01f957e80892436b6f76dd64a0e87a088c0f59e408a081bf8b5bda20ad433f0 Request headers accept-language en-US,en;q=0.9 Referer https://backend.six.phish.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 21 Nov 2023 11:49:25 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1106009 alt-svc h3=":443"; ma=86400 content-length 3633 last-modified Tue, 17 May 2011 13:28:06 GMT server cloudflare etag "e31-4a378be014580" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tFJVUCLpDILz1gz4mWMljWO56%2BiSRo5tFOlt9DN8rQlpA6wz2LCYF1itBCqyo62bfqxk7xiS%2FItrJAsVaBPgvbB%2FMx%2FrKC55YWDeshh7nIRojJ2SKG0SnAPiKyEgy2FbN1E%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=2592000 accept-ranges bytes cf-ray 8298b58fe9e24391-EWR expires Fri, 08 Dec 2023 16:35:56 GMT
GET H2	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/	465 KB 187 KB	320ms 4ms	Script text/javascript	142.250.80.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.80.35 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s34-in-f3.1e100.net Software sffe / Resource Hash 4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://backend.six.phish.net/ Origin https://backend.six.phish.net accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 20 Nov 2023 17:04:35 GMT content-encoding gzip x-content-type-options nosniff age 67490 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 190682 x-xss-protection 0 last-modified Tue, 14 Nov 2023 05:42:11 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 19 Nov 2024 17:04:35 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	354ms 11ms	Script text/javascript	172.217.13.206 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: backend.six.phish.net URL: https://backend.six.phish.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.206 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f14.1e100.net Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://backend.six.phish.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Tue, 21 Nov 2023 10:29:01 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 4824 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Tue, 21 Nov 2023 12:29:01 GMT
GET H2	200	roboto-regular.woff scripts.phish.net/styles/fonts/	91 KB 92 KB	437ms 116ms	Font application/font-woff	172.67.195.61 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://scripts.phish.net/styles/fonts/roboto-regular.woff Requested by Host: scripts.phish.net URL: https://scripts.phish.net/styles/compiled/style-light.min.css?v=5.63 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.195.61 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 18ab5ae448dcec1f31abbbaa7dce8dcb1d890479f1bc4670a89c95f10063cf3e Request headers Referer https://scripts.phish.net/styles/compiled/style-light.min.css?v=5.63 Origin https://backend.six.phish.net accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 21 Nov 2023 11:49:25 GMT content-encoding br cf-cache-status MISS last-modified Tue, 18 Jan 2022 16:06:03 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"16ccc-5d5dd723005de" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LMKm1ES4IDtCLDTWKXLOZSHUrDZg7iM93fG8moCBkRmvWXDKyYNJhDMIV7%2B3Qfk2IWS97byPFVd3GiTLJtlZA6AmS531ArOfX%2BMv%2Fc7aytf2BxuOs%2FCmu6JJG3xjrPOSXy151g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/font-woff access-control-allow-origin * cf-ray 8298b592be8a8cbd-EWR alt-svc h3=":443"; ma=86400
GET H2	200	fa-solid-900.woff2 cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/webfonts/	147 KB 147 KB	10ms 10ms	Font application/octet-stream	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/webfonts/fa-solid-900.woff2 Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc0f0c27dcbc4bb8751ea47cf49ddd94a25139313241ec31f2b8d677ca472643 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css Origin https://backend.six.phish.net accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 21 Nov 2023 11:49:25 GMT strict-transport-security max-age=15780000 x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 968652 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 150020 last-modified Wed, 02 Aug 2023 21:01:56 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "64cac444-24a04" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iF6Uwczx3S9r%2F9PzrnDgQYqbq9rSRMXu5GXoAKzlFm7aWbx7%2BddQ5BnapYYAtFUxZhtgK2IZpNJyGgVN8DZeaQd1OuKd1Sv25v4g1hYDWVTInLSjd5GzYVCKbz5dZsfetHxuhjAW"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 8298b590bcc60f93-EWR expires Sun, 10 Nov 2024 11:49:25 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	15 B 225 B	34ms 33ms	XHR text/plain	172.217.13.206 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=211255386&t=pageview&_s=1&dl=https%3A%2F%2Fbackend.six.phish.net%2F&ul=en-us&de=UTF-8&dt=Phish.net&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=181603231&gjid=549333070&cid=1658532950.1700567366&tid=UA-10341664-1&_gid=1124375652.1700567366&_r=1&_slc=1&z=1981538763 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.206 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f14.1e100.net Software Golfe2 / Resource Hash 42edb19f8b1d115f952e16cb0a8dea366558aa147dd1081992d37b7a4ede0017 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://backend.six.phish.net/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 21 Nov 2023 11:49:25 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://backend.six.phish.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	226 KB 81 KB	389ms 47ms	Script application/javascript	172.217.13.104 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-S0E53T9VJQ&cx=c&_slc=1 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.104 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f8.1e100.net Software Google Tag Manager / Resource Hash c1670c6e86d1389caaf8689069f3adcf1db83833587ca0a54ed7758bec3729fd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://backend.six.phish.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 21 Nov 2023 11:49:26 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 82346 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 21 Nov 2023 11:49:26 GMT
POST H2	204	collect www.google-analytics.com/g/	0 56 B	34ms 33ms	Ping text/plain	172.217.13.206 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-S0E53T9VJQ&gtm=45je3b81v9120750121&_p=1700567365657&gcd=11l1l1l1l2&dma=0&ul=en-us&sr=1600x1200&cid=1658532950.1700567366&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fbackend.six.phish.net%2F&dt=Phish.net&sid=1700567366&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1477 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-S0E53T9VJQ&cx=c&_slc=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.206 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f14.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://backend.six.phish.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Tue, 21 Nov 2023 11:49:26 GMT server Golfe2 content-type text/plain access-control-allow-origin https://backend.six.phish.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery function| click_el function| ucfirst function| richtext function| blog_addplay function| createCookie object| PhishNet object| Sortable object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client string| GoogleAnalyticsObject function| ga object| recaptcha object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer object| google_tag_manager

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.phish.net/	1969-12-31 23:59:59	Name: pnet_session Value: a2cdf18d2e201db9c430532ed85ce0e4
			.phish.net/	1970-01-21 01:58:47	Name: _ga Value: GA1.2.1658532950.1700567366
			.phish.net/	1970-01-20 16:24:13	Name: _gid Value: GA1.2.1124375652.1700567366
			.phish.net/	1970-01-20 16:22:47	Name: _gat Value: 1
			.phish.net/	1970-01-21 01:58:47	Name: _ga_S0E53T9VJQ Value: GS1.2.1700567366.1.0.1700567366.0.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

backend.six.phish.net
cdnjs.cloudflare.com
code.jquery.com
maxcdn.bootstrapcdn.com
media.phish.net
scripts.phish.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
104.17.25.14
104.18.11.207
142.250.80.35
151.101.2.137
172.217.13.104
172.217.13.132
172.217.13.206
172.67.195.61
34.36.46.115
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5
0d9409460579f7f2e2b74d289ffa0faa7383673894efdc8dcbbb15862962d802
0e0a27c105caf20bd4cc76fe58f222d856ab8f626447846842dddca8ce7509ef
18ab5ae448dcec1f31abbbaa7dce8dcb1d890479f1bc4670a89c95f10063cf3e
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
31d5664d8eaf18327d3456d49f45d7d384a90755c67f6363b370dfdd81072df0
3d9b8cc49b43c78db7b04f3eafed88e39255a3931471442173d625090e6dde5f
4187f9233dc793b94c63b6f4ba6aa2fccc09f71985279c32b526d1db5498df9c
42edb19f8b1d115f952e16cb0a8dea366558aa147dd1081992d37b7a4ede0017
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7
68d6f5e6353b7af3f62a7458c547270de36d2f2a8af194f0337252513e518270
c01f957e80892436b6f76dd64a0e87a088c0f59e408a081bf8b5bda20ad433f0
c1670c6e86d1389caaf8689069f3adcf1db83833587ca0a54ed7758bec3729fd
d56bc4abc7d9a228a1df5a5755a2491513c882d6e105253bdd2026dd5f87b80f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e109e59771f272231342f6c2ef655a7eba1b606922d6d63a8d2705abda54cb4a
e182dfa7c9e0ed6cc25e992e27e65fa48816438b2388476603a7eeccb5ee72e7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee661fa29257f62be74ad049d72ae2ae2777314f1996b829c47acb0ecaf481af
fc0f0c27dcbc4bb8751ea47cf49ddd94a25139313241ec31f2b8d677ca472643