Overview

overview

10

Static

static

10

EZFNLauncherV2.apk

android-13-x64

7

Analysis

  • max time kernel
    42s
  • max time network
    68s
  • platform
    android_x64
  • resource
    android-33-x64-arm64-20240229-en
  • resource tags

    androidarch:arm64arch:x64image:android-33-x64-arm64-20240229-enlocale:en-usos:android-13-x64system
  • submitted
    16/03/2024, 10:03 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    EZFNLauncherV2.apk

  • Size

    38.1MB

  • MD5

    147e6b26aa1f252bf912c7a1c3a01cb6

  • SHA1

    2cf8e0ccb43311f5885d95bc0188462077a9f77d

  • SHA256

    af6985992d674ac664c07a659515de10eae7ecade0183fda28ac46bb83bcc425

  • SHA512

    89a72e52c0b739bdde18c80aef5ab162cad73f88a077429d3aff34c7d84ae7206949d5145acede4ff3359d324323fece006230a70064380e1878b3020172e89b

  • SSDEEP

    786432:/Ym2d67A9Ls3unQn1SxlMTpxABB9F5d3fHQ62G3Zu3V0u/U1S2G:3Tn1SvMNxABB9vdx3ZgygUhG

Score
7/10
evasion

Malware Config

Signatures

  • Loads dropped Dex/Jar 1 TTPs 4 IoCs

    Runs executable file dropped to the device during analysis.

    evasion

Processes

  • com.ezfn.launcher
    1⤵
    • Loads dropped Dex/Jar
    PID:4325

Network

  • flag-us
    DNS
    remoteprovisioning.googleapis.com
    Remote address:
    1.1.1.1:53
    Request
    remoteprovisioning.googleapis.com
    IN A
    Response
    remoteprovisioning.googleapis.com
    IN A
    172.217.169.74
    remoteprovisioning.googleapis.com
    IN A
    142.250.178.10
    remoteprovisioning.googleapis.com
    IN A
    172.217.169.42
    remoteprovisioning.googleapis.com
    IN A
    142.250.179.234
    remoteprovisioning.googleapis.com
    IN A
    216.58.212.234
    remoteprovisioning.googleapis.com
    IN A
    172.217.16.234
    remoteprovisioning.googleapis.com
    IN A
    172.217.169.10
    remoteprovisioning.googleapis.com
    IN A
    216.58.213.10
    remoteprovisioning.googleapis.com
    IN A
    142.250.187.234
    remoteprovisioning.googleapis.com
    IN A
    142.250.200.10
    remoteprovisioning.googleapis.com
    IN A
    142.250.200.42
    remoteprovisioning.googleapis.com
    IN A
    216.58.201.106
    remoteprovisioning.googleapis.com
    IN A
    216.58.204.74
    remoteprovisioning.googleapis.com
    IN A
    142.250.180.10
    remoteprovisioning.googleapis.com
    IN A
    142.250.187.202
  • flag-us
    DNS
    remoteprovisioning.googleapis.com
    Remote address:
    1.1.1.1:53
    Request
    remoteprovisioning.googleapis.com
    IN A
  • flag-us
    DNS
    android.apis.google.com
    Remote address:
    1.1.1.1:53
    Request
    android.apis.google.com
    IN A
    Response
    android.apis.google.com
    IN CNAME
    clients.l.google.com
    clients.l.google.com
    IN A
    172.217.16.238
  • flag-us
    DNS
    ezfn.dev
    Remote address:
    1.1.1.1:53
    Request
    ezfn.dev
    IN A
    Response
    ezfn.dev
    IN A
    104.26.7.31
    ezfn.dev
    IN A
    172.67.75.135
    ezfn.dev
    IN A
    104.26.6.31
  • flag-us
    GET
    https://ezfn.dev/launcher
    Remote address:
    104.26.7.31:443
    Request
    GET /launcher HTTP/2.0
    host: ezfn.dev
    upgrade-insecure-requests: 1
    user-agent: Mozilla/5.0 (Linux; Android 13; sdk_gphone_x86_64 Build/TE1A.220922.033; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/103.0.5060.71 Mobile Safari/537.36
    accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
    x-requested-with: com.ezfn.launcher
    sec-fetch-site: none
    sec-fetch-mode: navigate
    sec-fetch-user: ?1
    sec-fetch-dest: document
    accept-encoding: gzip, deflate
    accept-language: en-US,en;q=0.9
    Response
    HTTP/2.0 308
    date: Sat, 16 Mar 2024 10:06:16 GMT
    content-length: 0
    location: /launcher/
    access-control-allow-origin: *
    referrer-policy: strict-origin-when-cross-origin
    report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aAegbqWUfTAeN9DmW2Q2sqd582M9ptQA7j%2BrHE9LXh%2Fsz1rbhrw7wclqrxo8niBdQAbREDKoZCsNZ1wpfDqMFLs7QrIrRoRD9aXQhzMmN8oTvgPzT1%2B6Jlk%2BHw%3D%3D"}],"group":"cf-nel","max_age":604800}
    nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    vary: Accept-Encoding
    cf-cache-status: DYNAMIC
    server: cloudflare
    cf-ray: 8653edf9edc3dc1d-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://ezfn.dev/launcher/
    Remote address:
    104.26.7.31:443
    Request
    GET /launcher/ HTTP/2.0
    host: ezfn.dev
    upgrade-insecure-requests: 1
    user-agent: Mozilla/5.0 (Linux; Android 13; sdk_gphone_x86_64 Build/TE1A.220922.033; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/103.0.5060.71 Mobile Safari/537.36
    accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
    x-requested-with: com.ezfn.launcher
    sec-fetch-site: none
    sec-fetch-mode: navigate
    sec-fetch-user: ?1
    sec-fetch-dest: document
    accept-encoding: gzip, deflate
    accept-language: en-US,en;q=0.9
    Response
    HTTP/2.0 200
    date: Sat, 16 Mar 2024 10:06:16 GMT
    content-type: text/html; charset=utf-8
    access-control-allow-origin: *
    cache-control: public, max-age=0, must-revalidate
    referrer-policy: strict-origin-when-cross-origin
    x-content-type-options: nosniff
    report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2uEYPAtRO3xfNClt1w21mKT9XmRsF4FG1KpP87rIx1o9rqfgsIfAJ%2B4SjQDKvAWN83AU7KpOtjo%2BuOidRPi7PT6XjcEM%2FCtrEY1iqAuqzwSeXT%2BJPYlQMEsgdw%3D%3D"}],"group":"cf-nel","max_age":604800}
    nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    vary: Accept-Encoding
    cf-cache-status: DYNAMIC
    server: cloudflare
    cf-ray: 8653edfa8e45dc1d-LHR
    content-encoding: gzip
    alt-svc: h3=":443"; ma=86400
  • flag-us
    DNS
    ezfnv2-cloudflare-pages.pages.dev
    Remote address:
    1.1.1.1:53
    Request
    ezfnv2-cloudflare-pages.pages.dev
    IN A
    Response
    ezfnv2-cloudflare-pages.pages.dev
    IN A
    172.66.44.118
    ezfnv2-cloudflare-pages.pages.dev
    IN A
    172.66.47.138
  • flag-us
    DNS
    cdnjs.cloudflare.com
    Remote address:
    1.1.1.1:53
    Request
    cdnjs.cloudflare.com
    IN A
    Response
    cdnjs.cloudflare.com
    IN A
    104.17.24.14
    cdnjs.cloudflare.com
    IN A
    104.17.25.14
  • flag-us
    GET
    https://ezfnv2-cloudflare-pages.pages.dev/assets/css/bootstrap.min.css
    Remote address:
    172.66.44.118:443
    Request
    GET /assets/css/bootstrap.min.css HTTP/2.0
    host: ezfnv2-cloudflare-pages.pages.dev
    user-agent: Mozilla/5.0 (Linux; Android 13; sdk_gphone_x86_64 Build/TE1A.220922.033; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/103.0.5060.71 Mobile Safari/537.36
    accept: text/css,*/*;q=0.1
    x-requested-with: com.ezfn.launcher
    sec-fetch-site: cross-site
    sec-fetch-mode: no-cors
    sec-fetch-dest: style
    referer: https://ezfn.dev/
    accept-encoding: gzip, deflate
    accept-language: en-US,en;q=0.9
    Response
    HTTP/2.0 200
    date: Sat, 16 Mar 2024 10:06:17 GMT
    content-type: text/css; charset=utf-8
    access-control-allow-origin: *
    cache-control: public, max-age=0, must-revalidate
    etag: W/"449795731ec894c666a440c19e4fdb45"
    referrer-policy: strict-origin-when-cross-origin
    x-content-type-options: nosniff
    report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6aPT6czjbFe%2Bh9La%2BB%2B5jt7lZR9koCv%2F%2BN65LDCyypCe%2FndQ2T6Unn1y%2BWNwlQrmNiTeqX31zgnmqg1fKoEPgla%2BOKGiXIo4CgBA3k8zWHoC6nq3TPWtBU5kZc8kZysuv%2BifwHZOJ0N4aGPksHG0dNaUjPE%3D"}],"group":"cf-nel","max_age":604800}
    nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    vary: Accept-Encoding
    server: cloudflare
    cf-ray: 8653edfc6feb3867-LHR
    content-encoding: gzip
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://ezfnv2-cloudflare-pages.pages.dev/assets/css/icons.min.css
    Remote address:
    172.66.44.118:443
    Request
    GET /assets/css/icons.min.css HTTP/2.0
    host: ezfnv2-cloudflare-pages.pages.dev
    user-agent: Mozilla/5.0 (Linux; Android 13; sdk_gphone_x86_64 Build/TE1A.220922.033; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/103.0.5060.71 Mobile Safari/537.36
    accept: text/css,*/*;q=0.1
    x-requested-with: com.ezfn.launcher
    sec-fetch-site: cross-site
    sec-fetch-mode: no-cors
    sec-fetch-dest: style
    referer: https://ezfn.dev/
    accept-encoding: gzip, deflate
    accept-language: en-US,en;q=0.9
    Response
    HTTP/2.0 200
    date: Sat, 16 Mar 2024 10:06:17 GMT
    content-type: text/css; charset=utf-8
    access-control-allow-origin: *
    cache-control: public, max-age=0, must-revalidate
    etag: W/"969b7faadac8b888047f4836314c44ff"
    referrer-policy: strict-origin-when-cross-origin
    x-content-type-options: nosniff
    report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nnA7tkRKRdBLtBeuSTCWahn1EW1s7CwtD3fjzsV7Z5FyKmRluBg1T9ONvlSEOfVPV0C%2B07R50wAkNsse6j6t3NroPq7Cico9CKN15%2F8jmMDTq7TeHfKYGCzJSX5%2F92SL87jRnOl7ke0dUI4DcFIYfo4JH0Y%3D"}],"group":"cf-nel","max_age":604800}
    nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    vary: Accept-Encoding
    server: cloudflare
    cf-ray: 8653edfc6fe93867-LHR
    content-encoding: gzip
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://ezfnv2-cloudflare-pages.pages.dev/assets/libs/@iconscout/unicons/css/line.css
    Remote address:
    172.66.44.118:443
    Request
    GET /assets/libs/@iconscout/unicons/css/line.css HTTP/2.0
    host: ezfnv2-cloudflare-pages.pages.dev
    user-agent: Mozilla/5.0 (Linux; Android 13; sdk_gphone_x86_64 Build/TE1A.220922.033; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/103.0.5060.71 Mobile Safari/537.36
    accept: text/css,*/*;q=0.1
    x-requested-with: com.ezfn.launcher
    sec-fetch-site: cross-site
    sec-fetch-mode: no-cors
    sec-fetch-dest: style
    referer: https://ezfn.dev/
    accept-encoding: gzip, deflate
    accept-language: en-US,en;q=0.9
    Response
    HTTP/2.0 200
    date: Sat, 16 Mar 2024 10:06:17 GMT
    content-type: text/css; charset=utf-8
    access-control-allow-origin: *
    cache-control: public, max-age=0, must-revalidate
    etag: W/"243f77718513204346df091010abf8e5"
    referrer-policy: strict-origin-when-cross-origin
    x-content-type-options: nosniff
    report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QHmrFXyKO8zhRlzo%2Bl6ce%2Fap1lT6%2BjitrHMP%2BT2XwlZbsHxfxsgJ5MRypMtpueFj6ugPLRFGIgUI5qDcEmyUWXbfQNDxNVYvZJV%2Ftc%2FHzMvgK8hzwy3iR45vdB6n0HRMv9chRBZ4mMqRwbaYgjq%2F%2F2iSEeQ%3D"}],"group":"cf-nel","max_age":604800}
    nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    vary: Accept-Encoding
    server: cloudflare
    cf-ray: 8653edfc6fe83867-LHR
    content-encoding: gzip
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://ezfnv2-cloudflare-pages.pages.dev/assets/css/style.min.css
    Remote address:
    172.66.44.118:443
    Request
    GET /assets/css/style.min.css HTTP/2.0
    host: ezfnv2-cloudflare-pages.pages.dev
    user-agent: Mozilla/5.0 (Linux; Android 13; sdk_gphone_x86_64 Build/TE1A.220922.033; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/103.0.5060.71 Mobile Safari/537.36
    accept: text/css,*/*;q=0.1
    x-requested-with: com.ezfn.launcher
    sec-fetch-site: cross-site
    sec-fetch-mode: no-cors
    sec-fetch-dest: style
    referer: https://ezfn.dev/
    accept-encoding: gzip, deflate
    accept-language: en-US,en;q=0.9
    Response
    HTTP/2.0 200
    date: Sat, 16 Mar 2024 10:06:17 GMT
    content-type: text/css; charset=utf-8
    access-control-allow-origin: *
    cache-control: public, max-age=0, must-revalidate
    etag: W/"1ecce64e6465ce595ca97044cbfe503f"
    referrer-policy: strict-origin-when-cross-origin
    x-content-type-options: nosniff
    report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yYLmF89ViEOEEhDVFYxK0k%2BxySrMWE%2FPeGeLNccAqVVCeb1hmkfFaG6iWrBajCrG%2FzaCjlzflV%2BPrJCsnodnTSV3RZGMPSxans3VEq1tnO%2B09iJnWsyeiRxPTufQq1YzrLk0lh5L4fX24grirx6kiNoqh9Y%3D"}],"group":"cf-nel","max_age":604800}
    nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    vary: Accept-Encoding
    server: cloudflare
    cf-ray: 8653edfc98303867-LHR
    content-encoding: gzip
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://ezfnv2-cloudflare-pages.pages.dev/assets/css/bootstrap.min.css
    Remote address:
    172.66.44.118:443
    Request
    GET /assets/css/bootstrap.min.css HTTP/2.0
    host: ezfnv2-cloudflare-pages.pages.dev
    user-agent: Mozilla/5.0 (Linux; Android 13; sdk_gphone_x86_64 Build/TE1A.220922.033; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/103.0.5060.71 Mobile Safari/537.36
    if-none-match: W/"243f77718513204346df091010abf8e5"
    accept: text/css,*/*;q=0.1
    x-requested-with: com.ezfn.launcher
    sec-fetch-site: cross-site
    sec-fetch-mode: no-cors
    sec-fetch-dest: style
    referer: https://ezfn.dev/
    accept-encoding: gzip, deflate
    accept-language: en-US,en;q=0.9
    Response
    HTTP/2.0 304
    date: Sat, 16 Mar 2024 10:06:21 GMT
    access-control-allow-origin: *
    referrer-policy: strict-origin-when-cross-origin
    report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3cpkUmv15ut225q4p%2F4bPVg1%2F3NcvkZm%2BHLBZ%2FdS6BDmiKrARoW2PdhbaFMgqRFih9mu0SrsBGQhhLiYZWeFkpLI1n3scNzCXhNa%2B%2BshU%2BecC%2BNZB%2BOulVCHcLlQmWcXv2Z603P4aaOFL8%2FyI8UAf1%2F6eHk%3D"}],"group":"cf-nel","max_age":604800}
    nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    vary: Accept-Encoding
    server: cloudflare
    cf-ray: 8653ee156ba03867-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://ezfnv2-cloudflare-pages.pages.dev/assets/css/icons.min.css
    Remote address:
    172.66.44.118:443
    Request
    GET /assets/css/icons.min.css HTTP/2.0
    host: ezfnv2-cloudflare-pages.pages.dev
    user-agent: Mozilla/5.0 (Linux; Android 13; sdk_gphone_x86_64 Build/TE1A.220922.033; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/103.0.5060.71 Mobile Safari/537.36
    if-none-match: W/"969b7faadac8b888047f4836314c44ff"
    accept: text/css,*/*;q=0.1
    x-requested-with: com.ezfn.launcher
    sec-fetch-site: cross-site
    sec-fetch-mode: no-cors
    sec-fetch-dest: style
    referer: https://ezfn.dev/
    accept-encoding: gzip, deflate
    accept-language: en-US,en;q=0.9
    Response
    HTTP/2.0 304
    date: Sat, 16 Mar 2024 10:06:21 GMT
    access-control-allow-origin: *
    referrer-policy: strict-origin-when-cross-origin
    report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DeJ1SmJSyrOFmkcL5X5TEQvEIi0qbsxWCIjap%2FDyP96PY14xCCY%2BjVXr%2BHDItgq7VBUoUtDv%2BBHu7rUMIsaaZ4WiGmD4q8WSJ1XiOxKxUq%2FBWqlSYP1j1eatT4GKlZBKOkd3eDktbqCMTX3u6Upy9EWV2FU%3D"}],"group":"cf-nel","max_age":604800}
    nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    vary: Accept-Encoding
    server: cloudflare
    cf-ray: 8653ee156ba83867-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://ezfnv2-cloudflare-pages.pages.dev/assets/libs/@iconscout/unicons/css/line.css
    Remote address:
    172.66.44.118:443
    Request
    GET /assets/libs/@iconscout/unicons/css/line.css HTTP/2.0
    host: ezfnv2-cloudflare-pages.pages.dev
    user-agent: Mozilla/5.0 (Linux; Android 13; sdk_gphone_x86_64 Build/TE1A.220922.033; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/103.0.5060.71 Mobile Safari/537.36
    if-none-match: W/"449795731ec894c666a440c19e4fdb45"
    accept: text/css,*/*;q=0.1
    x-requested-with: com.ezfn.launcher
    sec-fetch-site: cross-site
    sec-fetch-mode: no-cors
    sec-fetch-dest: style
    referer: https://ezfn.dev/
    accept-encoding: gzip, deflate
    accept-language: en-US,en;q=0.9
    Response
    HTTP/2.0 304
    date: Sat, 16 Mar 2024 10:06:21 GMT
    access-control-allow-origin: *
    referrer-policy: strict-origin-when-cross-origin
    report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OqeGjadKhVr9X1MSeoFX%2FsQzDsyMWtIX5QkH%2BHOWkVrqAzGQ4ovwyeJ0kGqAE2p%2BNn2Ccv3D7%2B8Xv6TRKmIawIPDI3DFiJd7nqxLqcbqgSKfyUByfwN8fnygCxB6XHTR1UUPwaNGSQAHEBptKnKq4uRpoWU%3D"}],"group":"cf-nel","max_age":604800}
    nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    vary: Accept-Encoding
    server: cloudflare
    cf-ray: 8653ee156ba33867-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://ezfnv2-cloudflare-pages.pages.dev/assets/css/style.min.css
    Remote address:
    172.66.44.118:443
    Request
    GET /assets/css/style.min.css HTTP/2.0
    host: ezfnv2-cloudflare-pages.pages.dev
    user-agent: Mozilla/5.0 (Linux; Android 13; sdk_gphone_x86_64 Build/TE1A.220922.033; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/103.0.5060.71 Mobile Safari/537.36
    if-none-match: W/"1ecce64e6465ce595ca97044cbfe503f"
    accept: text/css,*/*;q=0.1
    x-requested-with: com.ezfn.launcher
    sec-fetch-site: cross-site
    sec-fetch-mode: no-cors
    sec-fetch-dest: style
    referer: https://ezfn.dev/
    accept-encoding: gzip, deflate
    accept-language: en-US,en;q=0.9
    Response
    HTTP/2.0 304
    date: Sat, 16 Mar 2024 10:06:21 GMT
    access-control-allow-origin: *
    referrer-policy: strict-origin-when-cross-origin
    report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8ETNgHP%2FnyFXGG5sPgDjNZXbmOQ3i%2FheeWtL5hHWHgqmc0r3PtMzeUik9S7op6h9hiBS8lKJsYTe36QPIG7OtcDIXxEi6qR8iso%2FdaPCcnMRV1jE5uzlk%2Be9K3mRJ6oIS9LUkrsMo6zk9HjzBtguNzdCdGA%3D"}],"group":"cf-nel","max_age":604800}
    nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    vary: Accept-Encoding
    server: cloudflare
    cf-ray: 8653ee156baa3867-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/css/all.min.css
    Remote address:
    104.17.24.14:443
    Request
    GET /ajax/libs/font-awesome/6.2.0/css/all.min.css HTTP/2.0
    host: cdnjs.cloudflare.com
    origin: https://ezfn.dev
    user-agent: Mozilla/5.0 (Linux; Android 13; sdk_gphone_x86_64 Build/TE1A.220922.033; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/103.0.5060.71 Mobile Safari/537.36
    accept: text/css,*/*;q=0.1
    x-requested-with: com.ezfn.launcher
    sec-fetch-site: cross-site
    sec-fetch-mode: cors
    sec-fetch-dest: style
    accept-encoding: gzip, deflate
    accept-language: en-US,en;q=0.9
    Response
    HTTP/2.0 200
    date: Sat, 16 Mar 2024 10:06:17 GMT
    content-type: text/css; charset=utf-8
    content-length: 21562
    access-control-allow-origin: *
    cache-control: public, max-age=30672000
    content-encoding: gzip
    etag: "630e6e62-543a"
    last-modified: Tue, 30 Aug 2022 20:09:06 GMT
    cf-cdnjs-via: cfworker/kv
    cross-origin-resource-policy: cross-origin
    timing-allow-origin: *
    x-content-type-options: nosniff
    vary: Accept-Encoding
    cf-cache-status: HIT
    age: 231762
    expires: Thu, 06 Mar 2025 10:06:17 GMT
    accept-ranges: bytes
    report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qJKzFOWxawnosQH3hyWzOXwbPg2PCJmVxcDFdUgnED8kyX%2BZHRUz74ffd49%2BuH%2FbM8bLz9uBrMiAnOwElJg5y6uYBscBSN6i7xqY9g5oH%2FTUonP1MXjAfCMUfx6Zup1G%2BtnQK9Vx"}],"group":"cf-nel","max_age":604800}
    nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
    strict-transport-security: max-age=15780000
    server: cloudflare
    cf-ray: 8653edfc39d16406-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    DNS
    challenges.cloudflare.com
    Remote address:
    1.1.1.1:53
    Request
    challenges.cloudflare.com
    IN A
    Response
    challenges.cloudflare.com
    IN A
    104.17.3.184
    challenges.cloudflare.com
    IN A
    104.17.2.184
  • flag-us
    DNS
    static.cloudflareinsights.com
    Remote address:
    1.1.1.1:53
    Request
    static.cloudflareinsights.com
    IN A
    Response
    static.cloudflareinsights.com
    IN A
    104.16.79.73
    static.cloudflareinsights.com
    IN A
    104.16.80.73
  • flag-us
    DNS
    cdn.ezfn.dev
    Remote address:
    1.1.1.1:53
    Request
    cdn.ezfn.dev
    IN A
    Response
    cdn.ezfn.dev
    IN A
    172.67.75.135
    cdn.ezfn.dev
    IN A
    104.26.7.31
    cdn.ezfn.dev
    IN A
    104.26.6.31
  • flag-us
    GET
    https://challenges.cloudflare.com/turnstile/v0/api.js?compat=recaptcha
    Remote address:
    104.17.3.184:443
    Request
    GET /turnstile/v0/api.js?compat=recaptcha HTTP/2.0
    host: challenges.cloudflare.com
    user-agent: Mozilla/5.0 (Linux; Android 13; sdk_gphone_x86_64 Build/TE1A.220922.033; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/103.0.5060.71 Mobile Safari/537.36
    accept: */*
    x-requested-with: com.ezfn.launcher
    sec-fetch-site: cross-site
    sec-fetch-mode: no-cors
    sec-fetch-dest: script
    referer: https://ezfn.dev/
    accept-encoding: gzip, deflate
    accept-language: en-US,en;q=0.9
    Response
    HTTP/2.0 302
    date: Sat, 16 Mar 2024 10:06:20 GMT
    content-length: 0
    location: /turnstile/v0/b/ace796eb5511/api.js?compat=recaptcha
    access-control-allow-origin: *
    cross-origin-resource-policy: cross-origin
    cache-control: max-age=300, public
    vary: Accept-Encoding
    server: cloudflare
    cf-ray: 8653ee118e458868-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://static.cloudflareinsights.com/beacon.min.js
    Remote address:
    104.16.79.73:443
    Request
    GET /beacon.min.js HTTP/2.0
    host: static.cloudflareinsights.com
    user-agent: Mozilla/5.0 (Linux; Android 13; sdk_gphone_x86_64 Build/TE1A.220922.033; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/103.0.5060.71 Mobile Safari/537.36
    accept: */*
    x-requested-with: com.ezfn.launcher
    sec-fetch-site: cross-site
    sec-fetch-mode: no-cors
    sec-fetch-dest: script
    referer: https://ezfn.dev/
    accept-encoding: gzip, deflate
    accept-language: en-US,en;q=0.9
    Response
    HTTP/2.0 200
    date: Sat, 16 Mar 2024 10:06:21 GMT
    content-type: text/javascript;charset=UTF-8
    access-control-allow-origin: *
    cache-control: public, max-age=86400
    etag: W/"2023.10.0"
    last-modified: Tue, 10 Oct 2023 21:38:13 GMT
    cross-origin-resource-policy: cross-origin
    vary: Accept-Encoding
    server: cloudflare
    cf-ray: 8653ee163d8335dc-LHR
    content-encoding: gzip
  • flag-us
    GET
    https://cdn.ezfn.dev/PS_Preview.png
    Remote address:
    172.67.75.135:443
    Request
    GET /PS_Preview.png HTTP/2.0
    host: cdn.ezfn.dev
    user-agent: Mozilla/5.0 (Linux; Android 13; sdk_gphone_x86_64 Build/TE1A.220922.033; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/103.0.5060.71 Mobile Safari/537.36
    accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
    x-requested-with: com.ezfn.launcher
    sec-fetch-site: same-site
    sec-fetch-mode: no-cors
    sec-fetch-dest: image
    referer: https://ezfn.dev/
    accept-encoding: gzip, deflate
    accept-language: en-US,en;q=0.9
    Response
    HTTP/2.0 200
    date: Sat, 16 Mar 2024 10:06:20 GMT
    content-type: image/webp
    content-length: 420528
    access-control-allow-credentials: true
    access-control-allow-headers: *
    access-control-allow-methods: GET, POST, OPTIONS
    access-control-allow-origin: *
    cf-bgj: imgq:100,h2pri
    cf-polished: origFmt=png, origSize=811834
    content-disposition: inline; filename="H_Preview.webp"
    etag: "62a5f465-c633a"
    last-modified: Sun, 12 Jun 2022 14:12:53 GMT
    vary: Accept
    cf-cache-status: REVALIDATED
    accept-ranges: bytes
    report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=weNtaAQG4OqUz8qmNynU1BJREx%2FsTJr0gXSFnIXobzgj%2BL2FtpOGV46kfhp%2BMB6RElIZNZ1HecQpd65DncWfKT49z%2F%2FvUlhPDxJN%2F%2FhR0JjdWx%2FGa%2By6AtrSxOm5Kg%3D%3D"}],"group":"cf-nel","max_age":604800}
    nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    server: cloudflare
    cf-ray: 8653ee119c8d71a5-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://cdn.ezfn.dev/H_Preview.png
    Remote address:
    172.67.75.135:443
    Request
    GET /H_Preview.png HTTP/2.0
    host: cdn.ezfn.dev
    user-agent: Mozilla/5.0 (Linux; Android 13; sdk_gphone_x86_64 Build/TE1A.220922.033; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/103.0.5060.71 Mobile Safari/537.36
    accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
    x-requested-with: com.ezfn.launcher
    sec-fetch-site: same-site
    sec-fetch-mode: no-cors
    sec-fetch-dest: image
    referer: https://ezfn.dev/
    accept-encoding: gzip, deflate
    accept-language: en-US,en;q=0.9
    Response
    HTTP/2.0 200
    date: Sat, 16 Mar 2024 10:06:20 GMT
    content-type: image/webp
    content-length: 785390
    access-control-allow-credentials: true
    access-control-allow-headers: *
    access-control-allow-methods: GET, POST, OPTIONS
    access-control-allow-origin: *
    cf-bgj: imgq:100,h2pri
    cf-polished: origFmt=png, origSize=1374615
    content-disposition: inline; filename="PS_Preview.webp"
    etag: "62a30730-14f997"
    last-modified: Fri, 10 Jun 2022 08:56:16 GMT
    vary: Accept
    cf-cache-status: REVALIDATED
    accept-ranges: bytes
    report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5dxM7sloVtRhRqTKE6lgnPmTN5nlKyt3U1sgI7R0nJyGqlec59UNVnrcsn%2BHi9xjWOUhTJ4WaEA5Etaw5nG%2FWG4o7Z8tRPfwHJrCFX%2FtHRKyXQ0AHIINRdQVu3u2Zg%3D%3D"}],"group":"cf-nel","max_age":604800}
    nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    server: cloudflare
    cf-ray: 8653ee119c8b71a5-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://ezfnv2-cloudflare-pages.pages.dev/assets/fonts/materialdesignicons-webfont.woff2?v=5.8.55
    Remote address:
    172.66.44.118:443
    Request
    GET /assets/fonts/materialdesignicons-webfont.woff2?v=5.8.55 HTTP/2.0
    host: ezfnv2-cloudflare-pages.pages.dev
    origin: https://ezfn.dev
    user-agent: Mozilla/5.0 (Linux; Android 13; sdk_gphone_x86_64 Build/TE1A.220922.033; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/103.0.5060.71 Mobile Safari/537.36
    accept: */*
    x-requested-with: com.ezfn.launcher
    sec-fetch-site: cross-site
    sec-fetch-mode: cors
    sec-fetch-dest: font
    referer: https://ezfnv2-cloudflare-pages.pages.dev/assets/css/icons.min.css
    accept-encoding: gzip, deflate
    accept-language: en-US,en;q=0.9
    Response
    HTTP/2.0 200
    date: Sat, 16 Mar 2024 10:06:18 GMT
    content-type: font/woff2
    content-length: 385360
    access-control-allow-origin: *
    cache-control: public, max-age=0, must-revalidate
    etag: "5d99b315916d323160143c5b45cbeb45"
    referrer-policy: strict-origin-when-cross-origin
    x-content-type-options: nosniff
    report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j0OrWnq%2FdQm158mjAIdtKDw7zWwJqo4QXu2%2BJbkXf5aIeCjh%2F1iSZLz22vgo7q%2BVcmCkE7rHxJx6PjNUlZ8WqDp0KOFuqrlS2AcEuIvastOG9nYu92DzeeXuyf5v%2FqVTu%2B248QVdf3rREwW5LM08uWJTfYg%3D"}],"group":"cf-nel","max_age":604800}
    nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    vary: Accept-Encoding
    server: cloudflare
    cf-ray: 8653ee027dcd0691-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://ezfnv2-cloudflare-pages.pages.dev/assets/libs/@iconscout/unicons/fonts/line/unicons-6.woff2
    Remote address:
    172.66.44.118:443
    Request
    GET /assets/libs/@iconscout/unicons/fonts/line/unicons-6.woff2 HTTP/2.0
    host: ezfnv2-cloudflare-pages.pages.dev
    origin: https://ezfn.dev
    user-agent: Mozilla/5.0 (Linux; Android 13; sdk_gphone_x86_64 Build/TE1A.220922.033; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/103.0.5060.71 Mobile Safari/537.36
    accept: */*
    x-requested-with: com.ezfn.launcher
    sec-fetch-site: cross-site
    sec-fetch-mode: cors
    sec-fetch-dest: font
    referer: https://ezfnv2-cloudflare-pages.pages.dev/assets/libs/@iconscout/unicons/css/line.css
    accept-encoding: gzip, deflate
    accept-language: en-US,en;q=0.9
    Response
    HTTP/2.0 200
    date: Sat, 16 Mar 2024 10:06:18 GMT
    content-type: font/woff2
    content-length: 11560
    access-control-allow-origin: *
    cache-control: public, max-age=0, must-revalidate
    etag: "196ec1397bf9c9e2c7d10ce1de67b5aa"
    referrer-policy: strict-origin-when-cross-origin
    x-content-type-options: nosniff
    report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HAqK4GNPmfqyD4Mo9fLAawIGH10lVnSQUibRHCiFrxSd%2FZcHri5gzlwDypIWdsjX1luzJlVIpvHht%2FT6HzA2Q6TcTF%2BdNsHlwBlpqVS37SoBLUcycbts6Q9%2BSIK24FSTiX6HFj9s8Z1BJciziFk%2B2yUzRyU%3D"}],"group":"cf-nel","max_age":604800}
    nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    vary: Accept-Encoding
    server: cloudflare
    cf-ray: 8653ee027dd00691-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://ezfnv2-cloudflare-pages.pages.dev/assets/libs/@iconscout/unicons/fonts/line/unicons-6.woff
    Remote address:
    172.66.44.118:443
    Request
    GET /assets/libs/@iconscout/unicons/fonts/line/unicons-6.woff HTTP/2.0
    host: ezfnv2-cloudflare-pages.pages.dev
    origin: https://ezfn.dev
    user-agent: Mozilla/5.0 (Linux; Android 13; sdk_gphone_x86_64 Build/TE1A.220922.033; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/103.0.5060.71 Mobile Safari/537.36
    accept: */*
    x-requested-with: com.ezfn.launcher
    sec-fetch-site: cross-site
    sec-fetch-mode: cors
    sec-fetch-dest: font
    referer: https://ezfnv2-cloudflare-pages.pages.dev/assets/libs/@iconscout/unicons/css/line.css
    accept-encoding: gzip, deflate
    accept-language: en-US,en;q=0.9
    Response
    HTTP/2.0 200
    date: Sat, 16 Mar 2024 10:06:18 GMT
    content-type: font/woff
    content-length: 13884
    access-control-allow-origin: *
    cache-control: public, max-age=0, must-revalidate
    etag: "527ecaf5c6a283b5a28e059c5f92d514"
    referrer-policy: strict-origin-when-cross-origin
    x-content-type-options: nosniff
    report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U8MV7rQfkIvACANQFxRgBlmG5K448A%2B%2FV7gixfC%2FFCObEhp%2FBD6tigVgUkDXRrVrjKkL261iWSblvvNH66wymqJ%2B9QfO9JUqRLeyO1h7YDg8XgD7q8xeiWJGCOCeCdZv9QZgFl6F0ABHdg%2B%2FeWAk8l5mSJk%3D"}],"group":"cf-nel","max_age":604800}
    nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    vary: Accept-Encoding
    server: cloudflare
    cf-ray: 8653ee0518f30691-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    DNS
    content-autofill.googleapis.com
    Remote address:
    1.1.1.1:53
    Request
    content-autofill.googleapis.com
    IN A
    Response
    content-autofill.googleapis.com
    IN A
    172.217.169.10
    content-autofill.googleapis.com
    IN A
    216.58.213.10
    content-autofill.googleapis.com
    IN A
    142.250.187.202
    content-autofill.googleapis.com
    IN A
    142.250.200.10
    content-autofill.googleapis.com
    IN A
    142.250.187.234
    content-autofill.googleapis.com
    IN A
    142.250.180.10
    content-autofill.googleapis.com
    IN A
    172.217.169.74
    content-autofill.googleapis.com
    IN A
    142.250.179.234
    content-autofill.googleapis.com
    IN A
    216.58.204.74
    content-autofill.googleapis.com
    IN A
    142.250.178.10
    content-autofill.googleapis.com
    IN A
    142.250.200.42
    content-autofill.googleapis.com
    IN A
    172.217.16.234
    content-autofill.googleapis.com
    IN A
    216.58.212.234
    content-autofill.googleapis.com
    IN A
    216.58.201.106
    content-autofill.googleapis.com
    IN A
    172.217.169.42
  • flag-gb
    GET
    https://content-autofill.googleapis.com/v1/pages/ChRDaHJvbWUvMTAzLjAuNTA2MC43MRIXCT-_-72aN7MJEgUNg6hbPRIFDc5BTHo=?alt=proto
    Remote address:
    172.217.169.10:443
    Request
    GET /v1/pages/ChRDaHJvbWUvMTAzLjAuNTA2MC43MRIXCT-_-72aN7MJEgUNg6hbPRIFDc5BTHo=?alt=proto HTTP/2.0
    host: content-autofill.googleapis.com
    x-goog-encode-response-if-executable: base64
    x-goog-api-key: AIzaSyDlwuGjJ5WJUJ1ulxR1gYIRGe8t2nIVZJU
    sec-fetch-site: none
    sec-fetch-mode: no-cors
    sec-fetch-dest: empty
    user-agent: Mozilla/5.0 (Linux; Android 13; sdk_gphone_x86_64 Build/TE1A.220922.033; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/103.0.5060.71 Mobile Safari/537.36
    accept-encoding: gzip, deflate
    accept-language: en-US,en;q=0.9
  • flag-us
    DNS
    cloudflareinsights.com
    Remote address:
    1.1.1.1:53
    Request
    cloudflareinsights.com
    IN A
    Response
    cloudflareinsights.com
    IN A
    104.16.80.73
    cloudflareinsights.com
    IN A
    104.16.79.73
  • flag-us
    OPTIONS
    https://cloudflareinsights.com/cdn-cgi/rum
    Remote address:
    104.16.80.73:443
    Request
    OPTIONS /cdn-cgi/rum HTTP/2.0
    host: cloudflareinsights.com
    accept: */*
    access-control-request-method: POST
    access-control-request-headers: content-type
    origin: https://ezfn.dev
    user-agent: Mozilla/5.0 (Linux; Android 13; sdk_gphone_x86_64 Build/TE1A.220922.033; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/103.0.5060.71 Mobile Safari/537.36
    sec-fetch-mode: cors
    x-requested-with: com.ezfn.launcher
    sec-fetch-site: cross-site
    sec-fetch-dest: empty
    referer: https://ezfn.dev/
    accept-encoding: gzip, deflate
    accept-language: en-US,en;q=0.9
    Response
    HTTP/2.0 200
    date: Sat, 16 Mar 2024 10:06:26 GMT
    content-type: text/plain
    access-control-allow-origin: https://ezfn.dev
    access-control-allow-methods: POST,OPTIONS
    access-control-allow-headers: Content-Type
    access-control-max-age: 86400
    vary: Origin
    access-control-allow-credentials: true
    server: cloudflare
    cf-ray: 8653ee363d6148c9-LHR
    x-frame-options: DENY
    x-content-type-options: nosniff
    content-encoding: gzip
  • flag-us
    POST
    https://cloudflareinsights.com/cdn-cgi/rum
    Remote address:
    104.16.80.73:443
    Request
    POST /cdn-cgi/rum HTTP/2.0
    host: cloudflareinsights.com
    content-length: 10196
    user-agent: Mozilla/5.0 (Linux; Android 13; sdk_gphone_x86_64 Build/TE1A.220922.033; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/103.0.5060.71 Mobile Safari/537.36
    content-type: application/json
    accept: */*
    origin: https://ezfn.dev
    x-requested-with: com.ezfn.launcher
    sec-fetch-site: cross-site
    sec-fetch-mode: cors
    sec-fetch-dest: empty
    referer: https://ezfn.dev/
    accept-encoding: gzip, deflate
    accept-language: en-US,en;q=0.9
    Response
    HTTP/2.0 204
    date: Sat, 16 Mar 2024 10:06:26 GMT
    access-control-allow-origin: https://ezfn.dev
    access-control-allow-methods: POST,OPTIONS
    access-control-max-age: 86400
    vary: Origin
    access-control-allow-credentials: true
    server: cloudflare
    cf-ray: 8653ee368db048c9-LHR
    x-frame-options: DENY
    x-content-type-options: nosniff
  • 173.194.76.188:5228
    tls
    128 B
     40 B
     2
    1
  • 142.250.200.36:443
    www.google.com
    tls
    1.5kB
     5.7kB
     11
    12
  • 142.250.179.238:443
    tls, https
    914 B
     40 B
     1
    1
  • 104.26.7.31:443
    ezfn.dev
    tls, http2
    993 B
     940 B
     7
    4
  • 104.26.7.31:443
    https://ezfn.dev/launcher/
    tls, http2
    2.4kB
     11.6kB
     23
    18

    HTTP Request

    GET https://ezfn.dev/launcher

    HTTP Response

    308

    HTTP Request

    GET https://ezfn.dev/launcher/

    HTTP Response

    200
  • 172.66.44.118:443
    https://ezfnv2-cloudflare-pages.pages.dev/assets/css/style.min.css
    tls, http2
    7.0kB
     115.8kB
     93
    117

    HTTP Request

    GET https://ezfnv2-cloudflare-pages.pages.dev/assets/css/bootstrap.min.css

    HTTP Request

    GET https://ezfnv2-cloudflare-pages.pages.dev/assets/css/icons.min.css

    HTTP Request

    GET https://ezfnv2-cloudflare-pages.pages.dev/assets/libs/@iconscout/unicons/css/line.css

    HTTP Request

    GET https://ezfnv2-cloudflare-pages.pages.dev/assets/css/style.min.css

    HTTP Response

    200

    HTTP Response

    200

    HTTP Response

    200

    HTTP Response

    200

    HTTP Request

    GET https://ezfnv2-cloudflare-pages.pages.dev/assets/css/bootstrap.min.css

    HTTP Request

    GET https://ezfnv2-cloudflare-pages.pages.dev/assets/css/icons.min.css

    HTTP Request

    GET https://ezfnv2-cloudflare-pages.pages.dev/assets/libs/@iconscout/unicons/css/line.css

    HTTP Request

    GET https://ezfnv2-cloudflare-pages.pages.dev/assets/css/style.min.css

    HTTP Response

    304

    HTTP Response

    304

    HTTP Response

    304

    HTTP Response

    304
  • 172.66.44.118:443
    ezfnv2-cloudflare-pages.pages.dev
    tls, http2
    981 B
     2.9kB
     8
    6
  • 172.66.44.118:443
    ezfnv2-cloudflare-pages.pages.dev
    tls, http2
    993 B
     2.9kB
     8
    5
  • 172.66.44.118:443
    ezfnv2-cloudflare-pages.pages.dev
    tls
    813 B
     2.4kB
     6
    5
  • 104.17.24.14:443
    https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/css/all.min.css
    tls, http2
    2.3kB
     26.6kB
     24
    24

    HTTP Request

    GET https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/css/all.min.css

    HTTP Response

    200
  • 104.17.3.184:443
    https://challenges.cloudflare.com/turnstile/v0/api.js?compat=recaptcha
    tls, http2
    1.7kB
     3.3kB
     12
    8

    HTTP Request

    GET https://challenges.cloudflare.com/turnstile/v0/api.js?compat=recaptcha

    HTTP Response

    302
  • 104.16.79.73:443
    https://static.cloudflareinsights.com/beacon.min.js
    tls, http2
    2.1kB
     13.1kB
     20
    19

    HTTP Request

    GET https://static.cloudflareinsights.com/beacon.min.js

    HTTP Response

    200
  • 172.67.75.135:443
    https://cdn.ezfn.dev/H_Preview.png
    tls, http2
    34.2kB
     1.0MB
     493
    633

    HTTP Request

    GET https://cdn.ezfn.dev/PS_Preview.png

    HTTP Request

    GET https://cdn.ezfn.dev/H_Preview.png

    HTTP Response

    200

    HTTP Response

    200
  • 172.67.75.135:443
    cdn.ezfn.dev
    tls, http2
    1.1kB
     5.1kB
     10
    7
  • 172.66.44.118:443
    https://ezfnv2-cloudflare-pages.pages.dev/assets/libs/@iconscout/unicons/fonts/line/unicons-6.woff
    tls, http2
    12.6kB
     432.2kB
     216
    286

    HTTP Request

    GET https://ezfnv2-cloudflare-pages.pages.dev/assets/fonts/materialdesignicons-webfont.woff2?v=5.8.55

    HTTP Request

    GET https://ezfnv2-cloudflare-pages.pages.dev/assets/libs/@iconscout/unicons/fonts/line/unicons-6.woff2

    HTTP Response

    200

    HTTP Response

    200

    HTTP Request

    GET https://ezfnv2-cloudflare-pages.pages.dev/assets/libs/@iconscout/unicons/fonts/line/unicons-6.woff

    HTTP Response

    200
  • 216.58.204.67:443
    tls, https
    154 B
     40 B
     1
    1
  • 172.217.169.10:443
    https://content-autofill.googleapis.com/v1/pages/ChRDaHJvbWUvMTAzLjAuNTA2MC43MRIXCT-_-72aN7MJEgUNg6hbPRIFDc5BTHo=?alt=proto
    tls, http2
    2.0kB
     7.0kB
     17
    14

    HTTP Request

    GET https://content-autofill.googleapis.com/v1/pages/ChRDaHJvbWUvMTAzLjAuNTA2MC43MRIXCT-_-72aN7MJEgUNg6hbPRIFDc5BTHo=?alt=proto
  • 104.16.80.73:443
    https://cloudflareinsights.com/cdn-cgi/rum
    tls, http2
    12.5kB
     6.2kB
     20
    14

    HTTP Request

    OPTIONS https://cloudflareinsights.com/cdn-cgi/rum

    HTTP Response

    200

    HTTP Request

    POST https://cloudflareinsights.com/cdn-cgi/rum

    HTTP Response

    204
  • 142.250.187.196:443
    468 B
     9
  • 142.250.200.4:443
    tls, https
    504 B
     40 B
     4
    1
  • 142.250.187.196:443
    www.google.com
    tls
    1.1kB
     4.9kB
     8
    8
  • 216.58.213.14:443
    468 B
     9
  • 172.64.41.3:443
    tls, https
    607 B
     40 B
     3
    1
  • 172.64.41.3:443
    chrome.cloudflare-dns.com
    tls
    3.1kB
     5.8kB
     23
    17
  • 172.64.41.3:443
    100 B
     60 B
     2
    1
  • 142.250.179.227:443
    update.googleapis.com
    tls
    5.0kB
     11.3kB
     21
    18
  • 34.104.35.123:80
    376 B
     228 B
     7
    4
  • 142.250.200.4:443
    https
    454 B
     70 B
     3
    1
  • 142.250.200.4:443
    https
    4.8kB
     10.1kB
     31
    26
  • 224.0.0.251:5353
    3.3kB
     10
  • 1.1.1.1:53
    remoteprovisioning.googleapis.com
    dns
    158 B
     319 B
     2
    1

    DNS Request

    remoteprovisioning.googleapis.com

    DNS Request

    remoteprovisioning.googleapis.com

    DNS Response

    172.217.169.74
    142.250.178.10
    172.217.169.42
    142.250.179.234
    216.58.212.234
    172.217.16.234
    172.217.169.10
    216.58.213.10
    142.250.187.234
    142.250.200.10
    142.250.200.42
    216.58.201.106
    216.58.204.74
    142.250.180.10
    142.250.187.202

  • 1.1.1.1:53
    android.apis.google.com
    dns
    69 B
     109 B
     1
    1

    DNS Request

    android.apis.google.com

    DNS Response

    172.217.16.238

  • 1.1.1.1:53
    ezfn.dev
    dns
    54 B
     102 B
     1
    1

    DNS Request

    ezfn.dev

    DNS Response

    104.26.7.31
    172.67.75.135
    104.26.6.31

  • 104.26.7.31:443
    ezfn.dev
    https
    17.7kB
     185.5kB
     92
    191
  • 1.1.1.1:53
    ezfnv2-cloudflare-pages.pages.dev
    dns
    79 B
     111 B
     1
    1

    DNS Request

    ezfnv2-cloudflare-pages.pages.dev

    DNS Response

    172.66.44.118
    172.66.47.138

  • 1.1.1.1:53
    cdnjs.cloudflare.com
    dns
    66 B
     98 B
     1
    1

    DNS Request

    cdnjs.cloudflare.com

    DNS Response

    104.17.24.14
    104.17.25.14

  • 104.17.24.14:443
    cdnjs.cloudflare.com
    https
    9.1kB
     309.0kB
     75
    269
  • 1.1.1.1:53
    challenges.cloudflare.com
    dns
    71 B
     103 B
     1
    1

    DNS Request

    challenges.cloudflare.com

    DNS Response

    104.17.3.184
    104.17.2.184

  • 1.1.1.1:53
    static.cloudflareinsights.com
    dns
    75 B
     107 B
     1
    1

    DNS Request

    static.cloudflareinsights.com

    DNS Response

    104.16.79.73
    104.16.80.73

  • 1.1.1.1:53
    cdn.ezfn.dev
    dns
    58 B
     106 B
     1
    1

    DNS Request

    cdn.ezfn.dev

    DNS Response

    172.67.75.135
    104.26.7.31
    104.26.6.31

  • 172.66.44.118:443
    ezfnv2-cloudflare-pages.pages.dev
    https
    6.3kB
     51.8kB
     36
    57
  • 104.17.3.184:443
    challenges.cloudflare.com
    https
    46.3kB
     333.0kB
     135
    311
  • 172.66.44.118:443
    ezfnv2-cloudflare-pages.pages.dev
    https
    5.3kB
     15.4kB
     16
    23
  • 1.1.1.1:53
    content-autofill.googleapis.com
    dns
    77 B
     317 B
     1
    1

    DNS Request

    content-autofill.googleapis.com

    DNS Response

    172.217.169.10
    216.58.213.10
    142.250.187.202
    142.250.200.10
    142.250.187.234
    142.250.180.10
    172.217.169.74
    142.250.179.234
    216.58.204.74
    142.250.178.10
    142.250.200.42
    172.217.16.234
    216.58.212.234
    216.58.201.106
    172.217.169.42

  • 1.1.1.1:53
    cloudflareinsights.com
    dns
    68 B
     100 B
     1
    1

    DNS Request

    cloudflareinsights.com

    DNS Response

    104.16.80.73
    104.16.79.73

  • 142.250.200.4:443
    https
    8.0kB
     15.7kB
     45
    39
  • 142.250.187.196:443
    https
    3.4kB
     8.8kB
     11
    12
  • 172.64.41.3:443
    https
    1.8kB
     4.1kB
     7
    9
  • 142.250.179.227:443
    https
    30.6kB
     18.9kB
     71
    80

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /system_ext/framework/androidx.window.extensions.jar
    Filesize

    123KB

    MD5

    3056e1bdb7d4e19789d0319eff484bd0

    SHA1

    6791ae47aa9466fe0bca27ad6643f846853bbee4

    SHA256

    8e6331a07c9f2ac139214c527dcaff2c82d126bbe7bd3420cdc36d6a8c9204b0

    SHA512

    c790980fd68d9f89e32743bc28846807d5e5947c555f494de47714dec5cbd0c08d81c3260fa463759d1b17a953af3c44ec30b14fb08bf6b29db3837346c9f658

    Download Submit

  • /system_ext/framework/androidx.window.sidecar.jar
    Filesize

    25KB

    MD5

    29469324e59dfcc052f24b5af4e7b2c4

    SHA1

    10c1e17ac6f598037bb51baa07945663645de4eb

    SHA256

    9195dc6a1c75a841384050240dfc972e48178964993fba6619788625f4b40d1a

    SHA512

    5e27c2b1431369a248298f2f749136a575005584f9999f2a4c204a0c47adce2e33c8df9f058bdafa1bde1c99e46d175560cedfcddcd8581718ed1d9973c37cc2

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.