urlscan.io logo urlscan.io
SecurityTrails logo

gr-login.com Open in urlscan Pro
104.21.43.30  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://gr-login.com/
Effective URL: https://gr-login.com/Login.php
Submission: On September 16 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 22 HTTP transactions. The main IP is 104.21.43.30, located in and belongs to CLOUDFLARENET, US. The main domain is gr-login.com.
TLS certificate: Issued by R3 on September 16th 2021. Valid for: 3 months.
This is the only time gr-login.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Alpha Bank (Banking)

Domain & IP information

IP Address AS Autonomous System
1 23 104.21.43.30 13335 (CLOUDFLAR...)
22 1
Apex Domain
Subdomains		 Transfer
23 gr-login.com
gr-login.com
1 MB
22 1
Domain Requested by
23 gr-login.com 1 redirects gr-login.com
22 1

This site contains links to these domains. Also see Links.

Domain
www.alpha.gr
secure.alpha.gr
Subject Issuer Validity Valid
*.gr-login.com
R3		 2021-09-16 -
2021-12-15		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://gr-login.com/Login.php
Frame ID: 682C6C86091D60CC0AD8279D93C05845
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

myAlpha Web

Page URL History Show full URLs

  1. https://gr-login.com/ HTTP 302
    https://gr-login.com/Login.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1362 kB
Transfer

1759 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://gr-login.com/ HTTP 302
    https://gr-login.com/Login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Login.php
gr-login.com/
Redirect Chain
  • https://gr-login.com/
  • https://gr-login.com/Login.php
30 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gr-login.com/Login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.43.30 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.23
Resource Hash
b8d18d5edd733e822d138949a0d5a61a884e6e0eee7447d8b2de1ac8b893b57a

Request headers

:method
GET
:authority
gr-login.com
:scheme
https
:path
/Login.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 16 Sep 2021 13:03:36 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4.23
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XVH3QayTClQVJv9bfQsTgeqaBOKbhKpmN3RaRPpQzQPhyXtcncTh53a1Zjuu2vYtjoIszBU1y6%2B3Z9Atl7ozSkYsMwMlm5VImSr7gXFYIFaoa%2FlzMZ7zM%2FLTR43e8TQ%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68fa4bbb3ef63bce-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Thu, 16 Sep 2021 13:03:36 GMT
content-type
text/html; charset=UTF-8
location
Login.php
x-powered-by
PHP/7.4.23
cache-control
no-cache, no-store, must-revalidate, max-age=0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-turbo-charged-by
LiteSpeed
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=umoy%2BfpaKh%2F%2F%2BYFKOtCAXYPWXDp%2F8Ze9qX0S%2BzKs%2BV%2B8%2FeFEuODWaJ%2FANUEHLWznenGy9XDF0kYdLAH0wP3MQVlIHu3dJUvABitoZr%2Bm5I9cUz9p0kvAAv2n94U65m4%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68fa4bb8192c3bce-CDG
login.css
gr-login.com/alpha_gr_filez/css/ 		174 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gr-login.com/alpha_gr_filez/css/login.css
Requested by
Host: gr-login.com
URL: https://gr-login.com/Login.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.43.30 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a97ccf6996fa08a62a84aad5357dc80306adaa3829aa4778bb8ddc9f7254e6b

Request headers

:path
/alpha_gr_filez/css/login.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
gr-login.com
referer
https://gr-login.com/Login.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://gr-login.com/Login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 13:03:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
182
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 08 Sep 2021 10:36:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JlkITrsqNlzzL1wQxIP8s2273vHSJ9tffebM4naUaT8FH3qzNS%2BDYXs57LS2l6GGixyQ%2B4nu9HxQcofvSjXraMDMuLftutDaDEEEvprfmrut5tuUfhd9F9LXcfy7VPk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
68fa4bbc7e953a3b-CDG
expires
Thu, 23 Sep 2021 13:00:34 GMT
jquery.js
gr-login.com/alpha_gr_filez/js/ 		266 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gr-login.com/alpha_gr_filez/js/jquery.js
Requested by
Host: gr-login.com
URL: https://gr-login.com/Login.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.43.30 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84086bb634fc6fd223918894c6b74641811e06e84007937c5809942b7a02ddff

Request headers

:path
/alpha_gr_filez/js/jquery.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
gr-login.com
referer
https://gr-login.com/Login.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://gr-login.com/Login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 13:03:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
182
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 08 Sep 2021 10:36:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rNgHLYVgj2WSH4BeY2qg35ZXxMwIddsMNotsB13c757TMvfxM%2Fn%2BIhhcdyBTNPve93WGxD5LyZ%2BnVi0ilcqRaSdyS%2BLpba3ooTg3g8g8Od99fhjjKckhv6PNVVqaTFM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
68fa4bbc7e983a3b-CDG
expires
Thu, 23 Sep 2021 13:00:34 GMT
jquery.validate.js
gr-login.com/alpha_gr_filez/js/ 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gr-login.com/alpha_gr_filez/js/jquery.validate.js
Requested by
Host: gr-login.com
URL: https://gr-login.com/Login.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.43.30 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
643cec1f3b8b02da905715f06e046d7c03d743b500a09457040503bdcf46f422

Request headers

:path
/alpha_gr_filez/js/jquery.validate.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
gr-login.com
referer
https://gr-login.com/Login.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://gr-login.com/Login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 13:03:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
182
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 08 Sep 2021 10:36:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8AUoal9DA3rwuLKlK%2F373pWE9KaWO8MK%2BhRbkqH4u3JKmYynLUTCe62FTPOd4OOb3F7f8Ef03JrIYEQveSaGCdYZ4a2Bm%2BnvM2TYgCweYkB9bLgAzBZU9SPdWjQ9ZR4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
68fa4bbc7e993a3b-CDG
expires
Thu, 23 Sep 2021 13:00:34 GMT
jquery.maskedinput.js
gr-login.com/alpha_gr_filez/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gr-login.com/alpha_gr_filez/js/jquery.maskedinput.js
Requested by
Host: gr-login.com
URL: https://gr-login.com/Login.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.43.30 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b134fc3f777a1aeb46d45b7999e88fb655daa62f4fafe5bcaed5f70b4bb7bcef

Request headers

:path
/alpha_gr_filez/js/jquery.maskedinput.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
gr-login.com
referer
https://gr-login.com/Login.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://gr-login.com/Login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 13:03:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
182
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 08 Sep 2021 10:36:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZxzFiX8FQhMehF17s%2Fp2oBMkvHLT6f71f5Y9x%2BLkML%2Bchf1HA1jYxjLGbNmrvFUcgJ3MTETRuOgoM3N5ITpp3pmsSE542aCKq8xOCpNQF7cjiVee1HuqjQ44quEuvWE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
68fa4bbc7e9a3a3b-CDG
expires
Thu, 23 Sep 2021 13:00:34 GMT
jquery.payment.js
gr-login.com/alpha_gr_filez/js/ 		17 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gr-login.com/alpha_gr_filez/js/jquery.payment.js
Requested by
Host: gr-login.com
URL: https://gr-login.com/Login.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.43.30 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95d434ce5101fa0215bc35d3422c524705f6cd7998b728fcc6d8277b07f39730

Request headers

:path
/alpha_gr_filez/js/jquery.payment.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
gr-login.com
referer
https://gr-login.com/Login.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://gr-login.com/Login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 13:03:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
182
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 08 Sep 2021 10:36:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tEA9mJfYUkKsprKDJHalmC2wRtwYRQe6%2BDLYkf%2BF3J7w44kYFYnhirlBAHNkzecvfpCS0qp44UDnIfQK6gCwl5f4IKCNyNsLknGxGtwooIQYnsVbutAbipKoQBS6AwU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
68fa4bbc7e9b3a3b-CDG
expires
Thu, 23 Sep 2021 13:00:34 GMT
notification.png
gr-login.com/alpha_gr_filez/img/ 		451 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gr-login.com/alpha_gr_filez/img/notification.png
Requested by
Host: gr-login.com
URL: https://gr-login.com/Login.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.43.30 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccc3857f312489191143a105a811870ae647d7814faeeb54dc9873cd614022af

Request headers

:path
/alpha_gr_filez/img/notification.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
gr-login.com
referer
https://gr-login.com/Login.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://gr-login.com/Login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 13:03:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
182
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
451
last-modified
Wed, 08 Sep 2021 10:36:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8EUBvX1sia%2BEW0ksby1vT%2BlJoY1qZ1uByc5Xs03lu9uL4PnKOjk5DkH2CacXaVVnPlZ%2FtjrPCdRhUK0kkudUIXEbkCHbwLyQZYGNleaZA74IG%2BvUDdCkuGlsJGz0yeE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68fa4bbcef293a3b-CDG
expires
Thu, 23 Sep 2021 13:00:34 GMT
logo.png
gr-login.com/alpha_gr_filez/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gr-login.com/alpha_gr_filez/img/logo.png
Requested by
Host: gr-login.com
URL: https://gr-login.com/Login.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.43.30 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21503eecb48b62604d6855e33399ab5731f3679a03d412065ea47464de612785

Request headers

:path
/alpha_gr_filez/img/logo.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
gr-login.com
referer
https://gr-login.com/Login.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://gr-login.com/Login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 13:03:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
182
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3350
last-modified
Wed, 08 Sep 2021 10:36:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aFZo8VbfJjoy3y%2FGUu%2B%2FhOCtDrcUXtUZqQDxOGhpxC2L2MrMe%2BO9mzH7F4Rrv%2B8JMAFNeVhQ8HWzGQ2DyzGM1AQjGkjhxTSQ5TnvO3wtAV7x6OVJCIqDqY%2BZE1W836M%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68fa4bbcff3f3a3b-CDG
expires
Thu, 23 Sep 2021 13:00:34 GMT
lock.png
gr-login.com/alpha_gr_filez/img/ 		442 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gr-login.com/alpha_gr_filez/img/lock.png
Requested by
Host: gr-login.com
URL: https://gr-login.com/Login.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.43.30 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9ba69a712ca83a83213bb90a9f821da8c904c9f954eba6c5e7e23bdad6e2c3e

Request headers

:path
/alpha_gr_filez/img/lock.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
gr-login.com
referer
https://gr-login.com/Login.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://gr-login.com/Login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 13:03:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
182
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
442
last-modified
Wed, 08 Sep 2021 10:36:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dtyDtXxTzCvYmn0j6q%2B%2F1DfQaZJM%2BcdlXywf86GbNsvr4fEuTC4%2BqCBhoWW6xm0lBpGpdTY1gke1Bv9wOmPmjbykMkulX%2B2PPsOSFYXWMEXdse2EdPKX9ziYOukdSKI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68fa4bbcff413a3b-CDG
expires
Thu, 23 Sep 2021 13:00:34 GMT
laptop.png
gr-login.com/alpha_gr_filez/img/ 		311 B
922 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gr-login.com/alpha_gr_filez/img/laptop.png
Requested by
Host: gr-login.com
URL: https://gr-login.com/Login.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.43.30 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1612606ef48d6a8c375d4a747b8c1fe4f6927e242ec21c449b27ed0325505f2

Request headers

:path
/alpha_gr_filez/img/laptop.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
gr-login.com
referer
https://gr-login.com/Login.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://gr-login.com/Login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 13:03:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
182
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
311
last-modified
Wed, 08 Sep 2021 10:36:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ry9vcPgUnesRGrUj828ADSFkBMlRf54s0JutJmtldxlf61FsHwMAd3v5ETplZbMqh6TBEp%2BHQzeu9xbj3ov493VvlS8Kdkk91jAFnOxoA86%2FYc1O6ASloO5um07960g%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68fa4bbcff433a3b-CDG
expires
Thu, 23 Sep 2021 13:00:34 GMT
email.png
gr-login.com/alpha_gr_filez/img/ 		350 B
966 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gr-login.com/alpha_gr_filez/img/email.png
Requested by
Host: gr-login.com
URL: https://gr-login.com/Login.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.43.30 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed71ce33d772d291d9c787d26972c89d581a81b6b5e10bfaa8a18173a9877f4c

Request headers

:path
/alpha_gr_filez/img/email.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
gr-login.com
referer
https://gr-login.com/Login.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://gr-login.com/Login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 13:03:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
182
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
350
last-modified
Wed, 08 Sep 2021 10:36:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i9sYjTkQIXdzn%2BmHgzPbCJaDqxzwUzwpAuolKapuFuFTR6JRzY%2Bes%2BzQaWW8F2zgYeEuM3G9uMuPZfsqVNs5qDCFF2r4F3brC2YPKvAXhIh4FGmkwiWLVGnbk3n8NG0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68fa4bbcff443a3b-CDG
expires
Thu, 23 Sep 2021 13:00:34 GMT
phone.png
gr-login.com/alpha_gr_filez/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gr-login.com/alpha_gr_filez/img/phone.png
Requested by
Host: gr-login.com
URL: https://gr-login.com/Login.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.43.30 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4626e282c2921300f1f087f82643dfe7c3482ef156d4f151d5d892d1a6cb7f49

Request headers

:path
/alpha_gr_filez/img/phone.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
gr-login.com
referer
https://gr-login.com/Login.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://gr-login.com/Login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 13:03:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
182
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1366
last-modified
Wed, 08 Sep 2021 10:36:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CAlG58gtqYvIKujI%2B%2Fw0GzxybhoueISEEX4rgeAarn3FG63KcYZBbUu7mKI5Jjwuxn6H9AQ%2FzpDuJodl%2FXaEH77dBoPjoSG6GuPfFIZYzd5EJKBnKGOZhlrKBpHaUNU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68fa4bbcff463a3b-CDG
expires
Thu, 23 Sep 2021 13:00:34 GMT
info.png
gr-login.com/alpha_gr_filez/img/ 		622 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gr-login.com/alpha_gr_filez/img/info.png
Requested by
Host: gr-login.com
URL: https://gr-login.com/Login.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.43.30 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd892e8748d7c8b9068fc17b082e57ba012a3e1923f8ea0323f4a325e5367e52

Request headers

:path
/alpha_gr_filez/img/info.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
gr-login.com
referer
https://gr-login.com/Login.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://gr-login.com/Login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 13:03:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
182
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
622
last-modified
Wed, 08 Sep 2021 10:36:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vxRycYsSMeAxXVDToi16hQjCu23OKmgz4L%2B%2FKy5dIBuZxVwrpaWhGK5JHpEdbRF7LXg3e7Ywxc%2FOyZtKgqnMDEoEdqkxIYdLTCqpsfPBDAgAETicenSFbTnO8eocg9c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68fa4bbcff483a3b-CDG
expires
Thu, 23 Sep 2021 13:00:34 GMT
shield.png
gr-login.com/alpha_gr_filez/img/ 		675 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gr-login.com/alpha_gr_filez/img/shield.png
Requested by
Host: gr-login.com
URL: https://gr-login.com/Login.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.43.30 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9294cf365d3365ce77692019b950cd5c1c1ea1187aa6cc891b0ee1457578643

Request headers

:path
/alpha_gr_filez/img/shield.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
gr-login.com
referer
https://gr-login.com/Login.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://gr-login.com/Login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 13:03:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
182
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
675
last-modified
Wed, 08 Sep 2021 10:36:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZYurASrMC%2BCp6SAHYvxyR2i8ogV8bS08JKeXv1monazzBOw%2B0MoD834gOjTh%2BQuKB6AJdNkNEf7YAZ8se7yl3x0J5H7gXv27oQXC2NYVs3gLP%2FbDRuPk4OW9XMtYQew%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68fa4bbcff4a3a3b-CDG
expires
Thu, 23 Sep 2021 13:00:34 GMT
retail.png
gr-login.com/alpha_gr_filez/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gr-login.com/alpha_gr_filez/img/retail.png
Requested by
Host: gr-login.com
URL: https://gr-login.com/Login.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.43.30 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ba8e512923cd34399ee6274ba26e52ed26d9bc21794092eb8126012120daef9

Request headers

:path
/alpha_gr_filez/img/retail.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
gr-login.com
referer
https://gr-login.com/Login.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://gr-login.com/Login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 13:03:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
182
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3864
last-modified
Wed, 08 Sep 2021 10:36:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fAw5ws0G%2BLZcTW%2Bu8BpeNEOrS6nEnSM02zo%2FzFVHQCGnpCJzijRvdfKq5HqWntE2UfhIw%2F3KHL7WV%2FP8EHjtXkBFzz7nmJOb5r%2FKcYoXcyjxIliDofAZv7kFFResgec%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68fa4bbcff4b3a3b-CDG
expires
Thu, 23 Sep 2021 13:00:34 GMT
corporate.png
gr-login.com/alpha_gr_filez/img/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gr-login.com/alpha_gr_filez/img/corporate.png
Requested by
Host: gr-login.com
URL: https://gr-login.com/Login.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.43.30 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0528735cdfd91c5ec3139dee69492183dcf03e3b9a72e3df105a0b113ff96f4

Request headers

:path
/alpha_gr_filez/img/corporate.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
gr-login.com
referer
https://gr-login.com/Login.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://gr-login.com/Login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 13:03:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
182
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5601
last-modified
Wed, 08 Sep 2021 10:36:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X4ggW7hEFpe14VukvacawFznWnFFNU9PYymKVzQ7sOh6KGBMgkLkQMiBBbxGCFw8qMd82jwC4FHEjPkr3WGUHnOELHT3iXmRn9dUJSU0qZy5Tk8SMkf%2BKOmzckVkCPI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68fa4bbcff4c3a3b-CDG
expires
Thu, 23 Sep 2021 13:00:34 GMT
email-decode.min.js
gr-login.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gr-login.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: gr-login.com
URL: https://gr-login.com/Login.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.43.30 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
gr-login.com
referer
https://gr-login.com/Login.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://gr-login.com/Login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 13:03:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 07 Sep 2021 12:26:08 GMT
server
cloudflare
etag
W/"61375a60-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WrgXoMCPe5aXJhEluc5TzuQl6xakVnGOqnZaEXCUgN5run6XJPk5erpGT0eEYXhTWuAqgo6R7sLBU%2BTbhrZtHNeIUlmYATcBzTp7UpGhz6cuH45VKhtB9hJ5V%2BCvKaI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
68fa4bbcef273a3b-CDG
vary
Accept-Encoding
expires
Sat, 18 Sep 2021 13:03:36 GMT
login-background-stripped@3x.png
gr-login.com/alpha_gr_filez/img/ 		162 KB
162 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gr-login.com/alpha_gr_filez/img/login-background-stripped@3x.png
Requested by
Host: gr-login.com
URL: https://gr-login.com/alpha_gr_filez/css/login.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.43.30 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7b625a085dc2e7e3c7c5d882c279d6e6da3a860fb17c041232a575bfe033f1d

Request headers

:path
/alpha_gr_filez/img/login-background-stripped@3x.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
gr-login.com
referer
https://gr-login.com/alpha_gr_filez/css/login.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://gr-login.com/alpha_gr_filez/css/login.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 13:03:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
179
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
165495
last-modified
Wed, 08 Sep 2021 10:36:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NphnisRXtSqUbnrEoXPi%2BEPLUbyNk3zsB1UY0K9YyV%2BVIXRNY9xk6BEIUXNrOGRc5xTJR7jPe9%2FnIB8KlyArHle%2BGkMudlvknpZRLv6juFGx5Ey6djmgh2fMbl6A9FE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68fa4bbd0f4e3a3b-CDG
expires
Thu, 23 Sep 2021 13:00:37 GMT
login-background-elements@3x.png
gr-login.com/alpha_gr_filez/img/ 		1006 KB
1006 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gr-login.com/alpha_gr_filez/img/login-background-elements@3x.png
Requested by
Host: gr-login.com
URL: https://gr-login.com/alpha_gr_filez/css/login.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.43.30 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0735fb7399059f96adfcea3b0378e2df6e08488c6b65627e4fb79e1d127b3336

Request headers

:path
/alpha_gr_filez/img/login-background-elements@3x.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
gr-login.com
referer
https://gr-login.com/alpha_gr_filez/css/login.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://gr-login.com/alpha_gr_filez/css/login.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 13:03:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
179
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1029774
last-modified
Wed, 08 Sep 2021 10:36:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bVbzivctNVwFZO2jVl5uRWMT7y0bamzXci%2BJJsHoPyJ9pHW9Cx8AzQGtLZemC9N04NglwTwRvCX%2B2Ac%2BAldqgPfpL64TN21tNZImd%2F5jyzP2vS1%2FnAWI%2BiBtXXr9YDY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68fa4bbd0f513a3b-CDG
expires
Thu, 23 Sep 2021 13:00:37 GMT
OpenSans-Regular.woff2
gr-login.com/alpha_gr_filez/fonts/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gr-login.com/alpha_gr_filez/fonts/OpenSans-Regular.woff2
Requested by
Host: gr-login.com
URL: https://gr-login.com/alpha_gr_filez/css/login.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.43.30 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
104f021ba27815796f30420554e6ddfac4b1b40a042b88d6d674529a2c329cb5

Request headers

:path
/alpha_gr_filez/fonts/OpenSans-Regular.woff2
pragma
no-cache
origin
https://gr-login.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
gr-login.com
referer
https://gr-login.com/alpha_gr_filez/css/login.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://gr-login.com/alpha_gr_filez/css/login.css
Origin
https://gr-login.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 13:03:36 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
7848
last-modified
Wed, 08 Sep 2021 10:36:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fs5L17sNpJNyaS42oo4vvv5I%2BsMMw010kvB8DG82jGu93RsAfZDcfuI%2Fc6efyNbGpWGmqk7m3tawjT2e8j0Z61aEsVV3C4tIIcY5hiU%2BnEeCZlXwBnBD4SLapkv6Gmg%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68fa4bbd0f533a3b-CDG
expires
Thu, 23 Sep 2021 13:03:36 GMT
OpenSans-Bold_1.woff2
gr-login.com/alpha_gr_filez/fonts/ 		8 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gr-login.com/alpha_gr_filez/fonts/OpenSans-Bold_1.woff2
Requested by
Host: gr-login.com
URL: https://gr-login.com/alpha_gr_filez/css/login.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.43.30 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de63222194af0292363f4acaf2e3162a13a088b327c27242f20c8c679b63bf80

Request headers

:path
/alpha_gr_filez/fonts/OpenSans-Bold_1.woff2
pragma
no-cache
origin
https://gr-login.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
gr-login.com
referer
https://gr-login.com/alpha_gr_filez/css/login.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://gr-login.com/alpha_gr_filez/css/login.css
Origin
https://gr-login.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 13:03:36 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8200
last-modified
Wed, 08 Sep 2021 10:36:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9vVaK2j3rev2nGjsogEpfP3Jw5AR67aYR%2FD%2BM5unhDGLmRIMQlyo4GqXsVTvK3SAy4Hnaz115vLt5fCgmYZ2H4jSiMwYSU1Ha5nvdqcEjDGIJ4l7QS2sVAOGTsZIixg%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68fa4bbd0f543a3b-CDG
expires
Thu, 23 Sep 2021 13:03:36 GMT
OpenSans-Bold.woff2
gr-login.com/alpha_gr_filez/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gr-login.com/alpha_gr_filez/fonts/OpenSans-Bold.woff2
Requested by
Host: gr-login.com
URL: https://gr-login.com/alpha_gr_filez/css/login.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.43.30 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53be8f7df9d8aab48536ed0bb910ccc47c009819dc4357ccad20e95c409df367

Request headers

:path
/alpha_gr_filez/fonts/OpenSans-Bold.woff2
pragma
no-cache
origin
https://gr-login.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
gr-login.com
referer
https://gr-login.com/alpha_gr_filez/css/login.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://gr-login.com/alpha_gr_filez/css/login.css
Origin
https://gr-login.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 13:03:37 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
15052
last-modified
Wed, 08 Sep 2021 10:36:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=umZkKTDyYksV8%2FTYGWMzwLrl72tvR%2F6X%2BSVH1M1sX8AxBEpdq26SBjcZ0VhQQ51unq79gN06Djb8mhQqahOIZMDbPaElwZZWyjn06pvcleoeB40Zf3CT6L875LAwQ3o%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68fa4bbe49043a3b-CDG
expires
Thu, 23 Sep 2021 13:03:36 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Alpha Bank (Banking)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

gr-login.com
104.21.43.30
0735fb7399059f96adfcea3b0378e2df6e08488c6b65627e4fb79e1d127b3336
0a97ccf6996fa08a62a84aad5357dc80306adaa3829aa4778bb8ddc9f7254e6b
104f021ba27815796f30420554e6ddfac4b1b40a042b88d6d674529a2c329cb5
21503eecb48b62604d6855e33399ab5731f3679a03d412065ea47464de612785
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
3ba8e512923cd34399ee6274ba26e52ed26d9bc21794092eb8126012120daef9
4626e282c2921300f1f087f82643dfe7c3482ef156d4f151d5d892d1a6cb7f49
53be8f7df9d8aab48536ed0bb910ccc47c009819dc4357ccad20e95c409df367
643cec1f3b8b02da905715f06e046d7c03d743b500a09457040503bdcf46f422
84086bb634fc6fd223918894c6b74641811e06e84007937c5809942b7a02ddff
95d434ce5101fa0215bc35d3422c524705f6cd7998b728fcc6d8277b07f39730
a0528735cdfd91c5ec3139dee69492183dcf03e3b9a72e3df105a0b113ff96f4
a1612606ef48d6a8c375d4a747b8c1fe4f6927e242ec21c449b27ed0325505f2
a7b625a085dc2e7e3c7c5d882c279d6e6da3a860fb17c041232a575bfe033f1d
a9ba69a712ca83a83213bb90a9f821da8c904c9f954eba6c5e7e23bdad6e2c3e
b134fc3f777a1aeb46d45b7999e88fb655daa62f4fafe5bcaed5f70b4bb7bcef
b8d18d5edd733e822d138949a0d5a61a884e6e0eee7447d8b2de1ac8b893b57a
b9294cf365d3365ce77692019b950cd5c1c1ea1187aa6cc891b0ee1457578643
ccc3857f312489191143a105a811870ae647d7814faeeb54dc9873cd614022af
dd892e8748d7c8b9068fc17b082e57ba012a3e1923f8ea0323f4a325e5367e52
de63222194af0292363f4acaf2e3162a13a088b327c27242f20c8c679b63bf80
ed71ce33d772d291d9c787d26972c89d581a81b6b5e10bfaa8a18173a9877f4c