| allcos.s3.eu-north-1.amazonaws.com/control_dugxmoni.html?login=info@glueck-raum.de&pcnt=3&no_redrct=no_redrct&request_type=load&use_cdtimr=use_cdtimr | 3.5.216.50 | | 3.4 kB |
URL allcos.s3.eu-north-1.amazonaws.com/control_dugxmoni.html?login=info@glueck-raum.de&pcnt=3&no_redrct=no_redrct&request_type=load&use_cdtimr=use_cdtimr IP3.5.216.50:0
File typeHTML document, ASCII text, with CRLF line terminators Hashd292fe5d6a05cfc291e8a34a85d64030 81cac6b17388119e9884028d51fe2326ca6d8820 e77a9a75fbc84a5eca928c1c788732afad08c1e0f27d8ea1d37b1b6c82620aed
GET /control_dugxmoni.html?login=info@glueck-raum.de&pcnt=3&no_redrct=no_redrct&request_type=load&use_cdtimr=use_cdtimr HTTP/1.1
Host: allcos.s3.eu-north-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: TjULD4+PUgT5tnhAfbN5hiSQf0bmv4dpZy96BzDglme5zd7VvT02O/pO0FPkK+FYfFv14vwnpj6bZn4p1tr1sWESaBRIYNMg
x-amz-request-id: MZ1ZFJ97W4XNEXKC
Date: Wed, 08 May 2024 13:57:24 GMT
Last-Modified: Thu, 02 May 2024 05:22:25 GMT
ETag: "d292fe5d6a05cfc291e8a34a85d64030"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/html
Server: AmazonS3
Content-Length: 3406
|
|
| amasalom.top/_bluewhale_delta/?login=info@glueck-raum.de&page=null&request_type=load&page_bg=null&no_redrct=no_redrct&pcnt=3&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=use_cdtimr | 104.21.56.191 | 200 OK | 10 kB |
URL User Request GET HTTP/3amasalom.top/_bluewhale_delta/?login=info@glueck-raum.de&page=null&request_type=load&page_bg=null&no_redrct=no_redrct&pcnt=3&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=use_cdtimr IP104.21.56.191:443
CertificateIssuerGoogle Trust Services LLC Subjectamasalom.top FingerprintD8:97:0F:D8:D2:00:01:7B:4C:75:80:55:3C:F3:AA:E3:14:67:C3:AA ValidityThu, 18 Apr 2024 20:57:15 GMT - Wed, 17 Jul 2024 20:57:14 GMT
File typeHTML document, ASCII text, with very long lines (1847), with no line terminators Hash72067992c8fdbaaf21df187118699367 08dbc2920c3811a6b630ee45555e41ea9e75225e 66709cc39dfca392aa0682384815be2a583b6c892aa117460569192782787edd
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft Outlook | urlquery | suspicious | Suspicious - Anti-debugging code | Quad9 DNS | malicious | Sinkholed |
GET /_bluewhale_delta/?login=info@glueck-raum.de&page=null&request_type=load&page_bg=null&no_redrct=no_redrct&pcnt=3&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=use_cdtimr HTTP/1.1
Host: amasalom.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sunbar.click/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Wed, 08 May 2024 13:57:24 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.30
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bnnjZxyJsOv0koyRLNYabBs8B5BDKh4zl7lXIzZt0kpVcEtHAbULnP7iV13lDm55TPZHPfLz54CQuuITcX0S4%2BFEd0UNLom0cYABFnIyQB99abu0C5Ax0u8iafVuv8g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8809f56cf9eeb518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/turnstile/v0/api.js | 104.17.3.184 | | 0 B |
URL challenges.cloudflare.com/turnstile/v0/api.js IP104.17.3.184:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://amasalom.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Wed, 08 May 2024 13:57:25 GMT
content-length: 0
cross-origin-resource-policy: cross-origin
cache-control: max-age=300, public
access-control-allow-origin: *
location: /turnstile/v0/b/ce7818f50e39/api.js
vary: Accept-Encoding
server: cloudflare
cf-ray: 8809f56f9d0c56af-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js | 142.250.74.170 | | 31 kB |
URL ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js IP142.250.74.170:0
File typeJavaScript source, ASCII text, with very long lines (65447) Hashcf2fbbf84281d9ecbffb4993203d543b 832a6a4e86daf38b1975d705c5de5d9e5f5844bc a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
GET /ajax/libs/jquery/3.6.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://amasalom.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:01:09 GMT
expires: Fri, 02 May 2025 02:01:09 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Wed, 11 Jan 2023 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 561376
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| amasalom.top/cdn-cgi/challenge-platform/scripts/jsd/main.js | 104.21.56.191 | | 0 B |
URL amasalom.top/cdn-cgi/challenge-platform/scripts/jsd/main.js IP104.21.56.191:0
CertificateIssuerGoogle Trust Services LLC Subjectamasalom.top FingerprintD8:97:0F:D8:D2:00:01:7B:4C:75:80:55:3C:F3:AA:E3:14:67:C3:AA ValidityThu, 18 Apr 2024 20:57:15 GMT - Wed, 17 Jul 2024 20:57:14 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: amasalom.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Wed, 08 May 2024 13:57:25 GMT
content-length: 0
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rBE5RxYyZVp8%2BpzddCnLLBY5lSh91oi%2FeDyQGm%2BZZwv1aFCG3A7%2BLdzFnjsmzOX9FoxH715Slpsnrf0dIu50yRtyGSDxJ1p4o313846BMgpPbF7Zv9DJd4%2BiVeYDEkQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8809f570efd10b55-OSL
alt-svc: h3=":443"; ma=86400
|
|
| amasalom.top/cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js | 104.21.56.191 | | 3.7 kB |
URL amasalom.top/cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js IP104.21.56.191:0
CertificateIssuerGoogle Trust Services LLC Subjectamasalom.top FingerprintD8:97:0F:D8:D2:00:01:7B:4C:75:80:55:3C:F3:AA:E3:14:67:C3:AA ValidityThu, 18 Apr 2024 20:57:15 GMT - Wed, 17 Jul 2024 20:57:14 GMT
File typeJavaScript source, ASCII text, with very long lines (7942), with no line terminators Hash0cadb41bcddbc41bc5dcad3b325464c2 cd138496240157bfe9280711d13357a6631a91ac bd32f1e09c8d8f17c00a1b57da05a49e0222d5645f0717e5908798d743180c3b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js HTTP/1.1
Host: amasalom.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 13:57:25 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DwJQoMO5UidjGiq1g7m9l73o07m2pESXLBIeKVnj53m1bUePS7bWc6RoctQCkYj%2F1U%2BYfPHXG3BdzpOlH%2BCPi9dNQVVipZ3tPBjl7bPaZE%2B6IukKH8GgWZ67qg1v3F4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8809f5710ff10b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/turnstile/v0/b/ce7818f50e39/api.js | 104.17.3.184 | | 14 kB |
URL challenges.cloudflare.com/turnstile/v0/b/ce7818f50e39/api.js IP104.17.3.184:0
File typeJavaScript source, ASCII text, with very long lines (42565) Hasha5b92920e25651d2058f4982a108347b caeeadd68d38fdb681c52006c68880abc2e8a1a6 49a5abedf03eb8ad9a66eca7c5ccb8e59a440e06958e1e7b71d078f494178dc5
GET /turnstile/v0/b/ce7818f50e39/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://amasalom.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 13:57:25 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=604800, public
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 8809f56fbd3456af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8809f571093f56be/1715176645758/ITNXuDqvnmXSowg | 104.17.3.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8809f571093f56be/1715176645758/ITNXuDqvnmXSowg IP104.17.3.184:0
File typePNG image data, 81 x 68, 8-bit/color RGB, non-interlaced Hash47b0da4c81c4a52c8e44e12384cfaa47 539c7bacddfa6c40e7ab477f02e5cdeda2d7b10d a83d1cb158e9a3a51b77ffea5dc7881f4fec240dc310987ab75ca85ee4576a25
GET /cdn-cgi/challenge-platform/h/b/i/8809f571093f56be/1715176645758/ITNXuDqvnmXSowg HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/iw1wt/0x4AAAAAAAXjXiXiV7KvBpAv/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 13:57:26 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 8809f578291556be-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8809f571093f56be | 104.17.3.184 | | 173 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8809f571093f56be IP104.17.3.184:0
File typeASCII text, with very long lines (65536), with no line terminators Size173 kB (172939 bytes) Hash70b68831f057b1880cac22def267e97c 0358d7c6c34a1954163b809b058ad26a6facf67b a1131033e0db76c2bf3836c66281201de9cdd566fc02d64603df8678d0da2298
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8809f571093f56be HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/iw1wt/0x4AAAAAAAXjXiXiV7KvBpAv/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 13:57:25 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
server: cloudflare
cf-ray: 8809f571da0a56be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| amasalom.top/cdn-cgi/challenge-platform/h/b/rc/8809f571093f56be | 104.21.56.191 | | 21 B |
URL amasalom.top/cdn-cgi/challenge-platform/h/b/rc/8809f571093f56be IP104.21.56.191:0
CertificateIssuerGoogle Trust Services LLC Subjectamasalom.top FingerprintD8:97:0F:D8:D2:00:01:7B:4C:75:80:55:3C:F3:AA:E3:14:67:C3:AA ValidityThu, 18 Apr 2024 20:57:15 GMT - Wed, 17 Jul 2024 20:57:14 GMT
Hash018598ff9794435b440d1bbf293cc10f 9129b0ca1a4febdf97636946a1fe7be8abf11890 898a24300baa285e173627eb7801c18db52748bb2119f56a71dcce0a5f8c8063
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/rc/8809f571093f56be HTTP/1.1
Host: amasalom.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://amasalom.top/_bluewhale_delta/?login=info@glueck-raum.de&page=null&request_type=load&page_bg=null&no_redrct=no_redrct&pcnt=3&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=use_cdtimr
Content-Type: application/json
Content-Length: 596
Origin: https://amasalom.top
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=1EyADtTbFWvM70.bvAjYO3j1Ga1Q0KWpiqpXAKRQuHo-1715176645-1.0.1.1-fbimB67ROO_x_ADeBI1uin.RcUnRkaIEPkCxds9SANpo4GuanhOoKJ5aECrhA8QtaNzl8YuVGf3V5v686cb9ww
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 13:57:28 GMT
content-type: application/json
content-length: 21
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
set-cookie: cf_clearance=3V3V1HFHCaD9J0Yxgg0CQOIYDXekwDbF2xDNNVXw6JM-1715176648-1.0.1.1-CG5BvGE51dQHWWaagxcPBo6dWxmBZKxvVSUEkEQFp_SQPKuFwTuD9jgRiybc4mNUjhUzvRDvgvcPy4yb0psuDg; Path=/; Expires=Thu, 08-May-25 13:57:28 GMT; Domain=.amasalom.top; HttpOnly; Secure; SameSite=None; Partitioned
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9yhY6ZXqNRiaKrzLWCbBZyTcqVYapSmNDfOwZqb7opXIE%2Fh3y%2Fi1w3iGKqcAuSNe7DNpkGJSnj8wxoFY6Q6h22AW9lYadwisiRVTK4cDqxeUXY%2FDikbfZFHakm3vvFo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8809f58418960b55-OSL
alt-svc: h3=":443"; ma=86400
|
|
| amasalom.top/_bluewhale_delta/validate.php | 104.21.56.191 | | 85 kB |
URL amasalom.top/_bluewhale_delta/validate.php IP104.21.56.191:0
CertificateIssuerGoogle Trust Services LLC Subjectamasalom.top FingerprintD8:97:0F:D8:D2:00:01:7B:4C:75:80:55:3C:F3:AA:E3:14:67:C3:AA ValidityThu, 18 Apr 2024 20:57:15 GMT - Wed, 17 Jul 2024 20:57:14 GMT
Hashe1c950acaf996ddafa6c42b4d0392485 c44cb50fb6c0952636308ff1d0a9b3aa4a7455d2 2191d321c07516d5a1aaeb9864d18d3cac650f725edb78840d08ebf244c6057d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /_bluewhale_delta/validate.php HTTP/1.1
Host: amasalom.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 560
Origin: https://amasalom.top
DNT: 1
Connection: keep-alive
Referer: https://amasalom.top/_bluewhale_delta/?login=info@glueck-raum.de&page=null&request_type=load&page_bg=null&no_redrct=no_redrct&pcnt=3&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=use_cdtimr
Cookie: cf_clearance=3V3V1HFHCaD9J0Yxgg0CQOIYDXekwDbF2xDNNVXw6JM-1715176648-1.0.1.1-CG5BvGE51dQHWWaagxcPBo6dWxmBZKxvVSUEkEQFp_SQPKuFwTuD9jgRiybc4mNUjhUzvRDvgvcPy4yb0psuDg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 13:57:28 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.30
access-control-allow-origin: *
set-cookie: captcha=1; expires=Wed, 08-May-2024 14:27:28 GMT; Max-Age=1800; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cacbpmYZ10QN9UM86bdHB%2BAupqT7C0K7f28MRMJ%2FLjfY79Jgb9%2BVx%2BmSgz2gIAPafzQA9HGThoZvHTLxI73rFyTOKGDAZU0JVeSaoHWhM0rYTclEs%2BjziLTfvI7lNzQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8809f58448c40b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1598702249:1715175076:RD0vMgqBY6YYkalP99_d-9BnWkrRdHaNB5tQ4Y86wL0/8809f571093f56be/9da57cf2c99e81a | 104.17.3.184 | | 4.5 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1598702249:1715175076:RD0vMgqBY6YYkalP99_d-9BnWkrRdHaNB5tQ4Y86wL0/8809f571093f56be/9da57cf2c99e81a IP104.17.3.184:0
File typeASCII text, with very long lines (4400), with no line terminators Hashe518052fee893a923c1434029ec3ce41 54b3daee8fe8ade97ecdbda3fac38ee2f7a12b70 ef9f117627b0179deac11ccdeba1bb1064ca45a0303a9975163c9561cc8ffc6e
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1598702249:1715175076:RD0vMgqBY6YYkalP99_d-9BnWkrRdHaNB5tQ4Y86wL0/8809f571093f56be/9da57cf2c99e81a HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/iw1wt/0x4AAAAAAAXjXiXiV7KvBpAv/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 9da57cf2c99e81a
Content-Length: 28908
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 13:57:28 GMT
content-type: text/html; charset=UTF-8
cf-chl-out-s: LCsUXFFIraXnvLx32XjH9g==$XHCa+1w4Tw/DpbQYErhGNg==
cf-chl-out: fxwHyGkDfX7IQCmz9AIuCrpmx1eCHGjFa0zEA3mWN1L5djtqnwlkBnUFxxnD7BV4Jq1Pu5RRgG5dh6XT+LgIUQCUo6N1ObiHQHwRsls2ILSMZRSfar5JSWzUMSPd4kWk$wdeC4D6PQXxinM0/AeLjeQ==
vary: accept-encoding
server: cloudflare
cf-ray: 8809f5838f8456be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.google.com/s2/favicons?domain=glueck-raum.de | 142.250.74.132 | 301 Moved Permanently | 334 B |
URL GET HTTP/2www.google.com/s2/favicons?domain=glueck-raum.de IP142.250.74.132:443
Requested byhttps://amasalom.top/_bluewhale_delta/?login=info@glueck-raum.de&page=null&request_type=load&page_bg=null&no_redrct=no_redrct&pcnt=3&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=use_cdtimr CertificateIssuerGoogle Trust Services LLC Subjectwww.google.com FingerprintC6:A2:DC:31:5A:53:FA:DD:55:71:A3:F4:DD:43:3D:16:71:B8:B3:99 ValidityTue, 16 Apr 2024 04:20:32 GMT - Tue, 09 Jul 2024 04:20:31 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hash596e251cfad372457c9d1d7e584a494b 29c023bc70dc859373d2fd193bf45862eadd1366 daa20739053bfbf373d1950c40f8dfb88a6ead7055be3e50411a91253ce1ddf6
GET /s2/favicons?domain=glueck-raum.de HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://amasalom.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://glueck-raum.de&size=16
x-content-type-options: nosniff
server: sffe
content-length: 334
x-xss-protection: 0
date: Wed, 08 May 2024 13:57:29 GMT
expires: Wed, 08 May 2024 14:27:29 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.google.com/s2/favicons?domain=glueck-raum.de | 142.250.74.132 | 301 Moved Permanently | 334 B |
URL GET HTTP/2www.google.com/s2/favicons?domain=glueck-raum.de IP142.250.74.132:443
Requested byhttps://amasalom.top/_bluewhale_delta/?login=info@glueck-raum.de&page=null&request_type=load&page_bg=null&no_redrct=no_redrct&pcnt=3&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=use_cdtimr CertificateIssuerGoogle Trust Services LLC Subjectwww.google.com FingerprintC6:A2:DC:31:5A:53:FA:DD:55:71:A3:F4:DD:43:3D:16:71:B8:B3:99 ValidityTue, 16 Apr 2024 04:20:32 GMT - Tue, 09 Jul 2024 04:20:31 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hash596e251cfad372457c9d1d7e584a494b 29c023bc70dc859373d2fd193bf45862eadd1366 daa20739053bfbf373d1950c40f8dfb88a6ead7055be3e50411a91253ce1ddf6
GET /s2/favicons?domain=glueck-raum.de HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://amasalom.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://glueck-raum.de&size=16
x-content-type-options: nosniff
server: sffe
content-length: 334
x-xss-protection: 0
date: Wed, 08 May 2024 13:57:29 GMT
expires: Wed, 08 May 2024 14:27:29 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://glueck-raum.de&size=16 | 142.250.74.164 | | 726 B |
URL t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://glueck-raum.de&size=16 IP142.250.74.164:0
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hashb8a0bf372c762e966cc99ede8682bc71 2d7c9b60d1e2b4f4726141de2e4ab738110b9287 59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://glueck-raum.de&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://amasalom.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Wed, 08 May 2024 13:57:29 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| amasalom.top/_bluewhale_delta/functions/spinner.gif | 104.21.56.191 | 200 OK | 46 kB |
URL GET HTTP/3amasalom.top/_bluewhale_delta/functions/spinner.gif IP104.21.56.191:443
Requested byhttps://amasalom.top/_bluewhale_delta/?login=info@glueck-raum.de&page=null&request_type=load&page_bg=null&no_redrct=no_redrct&pcnt=3&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=use_cdtimr CertificateIssuerGoogle Trust Services LLC Subjectamasalom.top FingerprintD8:97:0F:D8:D2:00:01:7B:4C:75:80:55:3C:F3:AA:E3:14:67:C3:AA ValidityThu, 18 Apr 2024 20:57:15 GMT - Wed, 17 Jul 2024 20:57:14 GMT
File typeGIF image data, version 89a, 48 x 48 Hashbab0ad7ce20e911217791c00bcd4e35b 0822ac44951def4349090998b9ecb153128f03d5 bd750f550a5db2901c0bd52ec564da6adfbad55562b862b1f125d96d9d62b026
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_bluewhale_delta/functions/spinner.gif HTTP/1.1
Host: amasalom.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://amasalom.top/_bluewhale_delta/?login=info@glueck-raum.de&page=null&request_type=load&page_bg=null&no_redrct=no_redrct&pcnt=3&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=use_cdtimr
Cookie: cf_clearance=3V3V1HFHCaD9J0Yxgg0CQOIYDXekwDbF2xDNNVXw6JM-1715176648-1.0.1.1-CG5BvGE51dQHWWaagxcPBo6dWxmBZKxvVSUEkEQFp_SQPKuFwTuD9jgRiybc4mNUjhUzvRDvgvcPy4yb0psuDg; captcha=1; PHPSESSID=djr4sfqlba6a21lgaoqmanugs0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 13:57:29 GMT
content-type: image/gif
content-length: 46341
last-modified: Wed, 07 Oct 2020 21:45:56 GMT
etag: "b505-5b11ba3eced00"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rjpBRH%2B69zZ%2FKr7r8Z22k87adjrECgbEvZ5grQKAiuMH%2FcE%2F4m8h1ZR2%2FjFmpwFOoOfDiJFgemZ%2BKQ9gsj8HZyLvj1prz%2BoPvqatOzZfhWyLxpalyl80y2gXy3O0GgQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8809f5887ceb0b55-OSL
alt-svc: h3=":443"; ma=86400
|
|
| t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://glueck-raum.de&size=16 | 142.250.74.164 | | 726 B |
URL t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://glueck-raum.de&size=16 IP142.250.74.164:0
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hashb8a0bf372c762e966cc99ede8682bc71 2d7c9b60d1e2b4f4726141de2e4ab738110b9287 59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://glueck-raum.de&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://amasalom.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Wed, 08 May 2024 13:57:29 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://glueck-raum.de&size=16 | 142.250.74.164 | | 726 B |
URL t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://glueck-raum.de&size=16 IP142.250.74.164:0
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hashb8a0bf372c762e966cc99ede8682bc71 2d7c9b60d1e2b4f4726141de2e4ab738110b9287 59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://glueck-raum.de&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://amasalom.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Wed, 08 May 2024 13:57:29 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1598702249:1715175076:RD0vMgqBY6YYkalP99_d-9BnWkrRdHaNB5tQ4Y86wL0/8809f571093f56be/9da57cf2c99e81a | 104.17.3.184 | | 118 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1598702249:1715175076:RD0vMgqBY6YYkalP99_d-9BnWkrRdHaNB5tQ4Y86wL0/8809f571093f56be/9da57cf2c99e81a IP104.17.3.184:0
File typeASCII text, with very long lines (65536), with no line terminators Size118 kB (118307 bytes) Hash99e97fef118f92e72fd7f465b4467205 20b4b124cd2516146b18577b23c314232d579b9d ce63d6ef56848f6d5d5abc78e2a6a4af246733fffe46c56997480452af9af0ab
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1598702249:1715175076:RD0vMgqBY6YYkalP99_d-9BnWkrRdHaNB5tQ4Y86wL0/8809f571093f56be/9da57cf2c99e81a HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/iw1wt/0x4AAAAAAAXjXiXiV7KvBpAv/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 9da57cf2c99e81a
Content-Length: 2798
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 13:57:25 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: EbLaYWa3UByASFVjEzmABbaXe1F+SxOV/wWqla3JbU497wnFR3SZwCQ+q6LDDJnyMvP0sRq2Y6cXFqK81F9egAhd2jVpmYaEIVvZxNXASi6TgFNH/ZCl6u/ulwgWfIk0HkBDuGPjnvFhNUaj7vGwvSeozUHlbUW25bbAYOD7vx5vls8A2tAHevyLDpw+X7p5Uk0VDyAHuKUixkTulpDaNYQQg6OVHljosP5xbAKXZxmoEQaoilBMwJ/ghLwYUvc+BmPCmC09AT9pFNKY8AgcGBB5M5W37W4EpWQnVNEA90ZqxulWhj91DlSPOvCA0XUViBWf5A0l5o4i9VgwbB6vaObOwvLc35IjMke1vm7NTCn4Q2IZaO0zxprBGen+e0c2E5tuvAHr288lSCs7kRQoPT0iRsYPAUMYZsZC/7imH/btVWjLNKcmC4XX+28buMu2sheYstB9G4/n50We8dlidQ==$yFj5C8rv+4bPgLarX0+G5g==
vary: accept-encoding
server: cloudflare
cf-ray: 8809f573ec2056be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://glueck-raum.de&size=16 | 142.250.74.164 | 404 Not Found | 726 B |
URL GET HTTP/2t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://glueck-raum.de&size=16 IP142.250.74.164:443
Requested byhttps://amasalom.top/_bluewhale_delta/?login=info@glueck-raum.de&page=null&request_type=load&page_bg=null&no_redrct=no_redrct&pcnt=3&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=use_cdtimr CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hashb8a0bf372c762e966cc99ede8682bc71 2d7c9b60d1e2b4f4726141de2e4ab738110b9287 59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://glueck-raum.de&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://amasalom.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Wed, 08 May 2024 13:57:29 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.js | 142.250.74.170 | 200 OK | 289 kB |
URL GET HTTP/3ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.js IP142.250.74.170:443
Requested byhttps://amasalom.top/_bluewhale_delta/?login=info@glueck-raum.de&page=null&request_type=load&page_bg=null&no_redrct=no_redrct&pcnt=3&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=use_cdtimr CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeJavaScript source, ASCII text Size289 kB (288580 bytes) Hash2849239b95f5a9a2aea3f6ed9420bb88 af32f706407ab08f800c5e697cce92466e735847 1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239
GET /ajax/libs/jquery/3.6.0/jquery.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://amasalom.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 85110
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 05:06:55 GMT
expires: Sat, 03 May 2025 05:06:55 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 463834
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| wakandos.top/usp_Enigma_premium_users/admin/kfud_loader.php?login=info@glueck-raum.de&page=null&hide_email=true | 0.0.0.0 | | 0 B |
URL GET wakandos.top/usp_Enigma_premium_users/admin/kfud_loader.php?login=info@glueck-raum.de&page=null&hide_email=true IP0.0.0.0:0
Requested byhttps://amasalom.top/_bluewhale_delta/?login=info@glueck-raum.de&page=null&request_type=load&page_bg=null&no_redrct=no_redrct&pcnt=3&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=use_cdtimr
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usp_Enigma_premium_users/admin/kfud_loader.php?login=info@glueck-raum.de&page=null&hide_email=true HTTP/1.1
Host: wakandos.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://amasalom.top
DNT: 1
Connection: keep-alive
Referer: https://amasalom.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://glueck-raum.de&size=16 | 142.250.74.164 | 404 Not Found | 726 B |
URL GET HTTP/2t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://glueck-raum.de&size=16 IP142.250.74.164:443
Requested byhttps://amasalom.top/_bluewhale_delta/?login=info@glueck-raum.de&page=null&request_type=load&page_bg=null&no_redrct=no_redrct&pcnt=3&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=use_cdtimr CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hashb8a0bf372c762e966cc99ede8682bc71 2d7c9b60d1e2b4f4726141de2e4ab738110b9287 59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://glueck-raum.de&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://amasalom.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Wed, 08 May 2024 13:57:29 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://glueck-raum.de&size=16 | 142.250.74.164 | 404 Not Found | 726 B |
URL GET HTTP/2t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://glueck-raum.de&size=16 IP142.250.74.164:443
Requested byhttps://amasalom.top/_bluewhale_delta/?login=info@glueck-raum.de&page=null&request_type=load&page_bg=null&no_redrct=no_redrct&pcnt=3&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=use_cdtimr CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hashb8a0bf372c762e966cc99ede8682bc71 2d7c9b60d1e2b4f4726141de2e4ab738110b9287 59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://glueck-raum.de&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://amasalom.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Wed, 08 May 2024 13:57:29 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|