Report - reamuk.s3.ap-southeast-2.amazonaws.com/control_vooworld.html?login=iso01@slurpmail.net&vcnt=100&request

Report Overview

Submitted URL
reamuk.s3.ap-southeast-2.amazonaws.com/control_vooworld.html?login=iso01@slurpmail.net&vcnt=100&request_type=load
IP
52.95.130.78
ASN
#16509 AMAZON-02
Submitted
2024-04-26 21:26:25
Access
public
Website Title
SLURPMAIL VALIDATION SERVER
Final URL
khitan.top/_zagadart_meta/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null
Tags
phishing microsoft outlook suspicious
urlquery detections
Phishing - Microsoft Outlook
Suspicious - Anti-debugging code

Detections

urlquery
5
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
khitan.top	unknown	2024-02-02	2024-02-29	2024-03-03	3.0 kB	65 kB	172.67.175.12
www.google.com	7	1997-09-15	2015-05-10	2024-03-23	1.3 kB	2.5 kB	142.250.74.164
t1.gstatic.com	unknown	2008-02-11	2013-05-07	2024-04-25	3.0 kB	9.4 kB	142.250.74.68
wakandos.top	unknown	2024-01-12	2024-01-12	2024-04-17	506 B	0 B	0.0.0.0
reamuk.s3.ap-southeast-2.amazonaws.com	unknown	unknown	No data	No data	567 B	3.8 kB	3.5.165.117
dreamlanda.site	unknown	unknown	No data	No data	546 B	3.7 kB	54.66.94.218
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2024-04-26	3.1 kB	119 kB	104.17.2.184
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-04-26	848 B	322 kB	142.250.74.170

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-26	medium	khitan.top	Sinkholed
2024-04-26	medium	khitan.top	Sinkholed
2024-04-26	medium	khitan.top	Sinkholed
2024-04-26	medium	khitan.top	Sinkholed

ThreatFox

No alerts detected

JavaScript (15)

	URL	Size	First Seen	Last Seen
	khitan.top/_zagadart_meta/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null	768 B	2024-04-26	2024-04-26
Pretty URL khitan.top/_zagadart_meta/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null IP 172.67.175.12 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 23:26:31 Last Seen2024-04-26 23:26:31 Times Seen1 Hash 57f8ef619c7f412f3d4415cc0ffd9dcc 97a21ae6e8f1d56da4e9e1287ea02b29364e42f9 39d9a6c9621af2c9cfee5ae8785fa120d622f2a5531d8b0b65d4b8470b745c78 Loading...

	khitan.top/_zagadart_meta/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null	4.6 kB	2024-04-26	2024-04-26
Pretty URL khitan.top/_zagadart_meta/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null IP 172.67.175.12 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 23:26:31 Last Seen2024-04-26 23:26:31 Times Seen1 Hash 006b4bc5927c0ab8ac7ce3f131181494 ef3f0285bccf7987163ba76ca102419c6c8c7d91 4572ce869e5111882f3442a7d0b53ac43afc1e3e496ae4139686f07ebf940374 Loading...

	khitan.top/_zagadart_meta/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null	3.3 kB	2023-11-27	2024-04-29
Pretty URL khitan.top/_zagadart_meta/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null IP 172.67.175.12 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-27 12:26:41 Last Seen2024-04-29 18:50:28 Times Seen64 Hash 610e169f49420d6ecd4a5d01a0fa0067 b54ab7b4308e9871a26780aabd7f55a063ea5247 00795e94566047ee75ea7bf8b47ae8c31cd69acd630257d2d779d82826325095 Loading...

	unknown	286 B	2023-11-23	2024-04-29
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2023-11-23 20:51:09 Last Seen2024-04-29 18:50:28 Times Seen40 Hash 19f117322afd1c16df419c8e2b3fecbe c2b3516d2d479fc5fd6d85225628392f7693e2e5 904336137915b56c184b3e411b0e3bd715129ca453ca07c453d8d2fc94682f12 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.js	289 kB	2023-03-07	2024-05-07
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:59 Last Seen2024-05-07 11:12:04 Times Seen5835 Hash 2849239b95f5a9a2aea3f6ed9420bb88 af32f706407ab08f800c5e697cce92466e735847 1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239 Loading...

	khitan.top/_zagadart_meta/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null	801 B	2023-11-30	2024-04-29
Pretty URL khitan.top/_zagadart_meta/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null IP 172.67.175.12 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-30 14:59:27 Last Seen2024-04-29 18:50:28 Times Seen59 Hash 6c271dfc7e3137a7723aae64b1b329ef 6a9a54bd0392eef3ace7b62369af871e6423d2b3 76887040e2867d2a6b677f57fd36f0ecf85954911ddc0a584ca549dd153d9b2b Loading...

	khitan.top/_zagadart_meta/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null	3.6 kB	2024-02-12	2024-04-29
Pretty URL khitan.top/_zagadart_meta/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null IP 172.67.175.12 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-12 08:59:27 Last Seen2024-04-29 18:50:28 Times Seen37 Hash 551cf70b40dbcf27fde509c02fdbd20d c93a4f8ee53042b94d2eb5c97d503bbd95a30c38 b977154685e009ce68b497f4f18c0aa3715ce6893f5f57dacd4b2a1e0ae15ae3 Loading...

	khitan.top/_zagadart_meta/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null	164 B	2023-09-21	2024-04-29
Pretty URL khitan.top/_zagadart_meta/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null IP 172.67.175.12 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-21 04:40:49 Last Seen2024-04-29 18:50:28 Times Seen99 Hash 96b36f7056f826a9c56b58f55209e794 7527670b480831c52ac5e937b947165c068af7b8 d117e0f32484b25a090d43594ea2b402631eb26a9b54644b8370aa53ecf47af3 Loading...

	khitan.top/_zagadart_meta/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null	505 B	2023-09-21	2024-04-29
Pretty URL khitan.top/_zagadart_meta/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null IP 172.67.175.12 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-21 04:40:49 Last Seen2024-04-29 18:50:28 Times Seen99 Hash d448320e57b792a64d70313976f5289d 3bcc06ab5e68132d2f23f7a987e62da38678737d aed1faff5be5d21a70535423e23cff580204c8ffaec4b6d584d9b112b5f5b0f2 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 43c81e43a6e7d9140033055ff3e04983	62 B	2024-04-18	2024-04-29
Pretty Observations First Seen2024-04-18 21:08:51 Last Seen2024-04-29 16:17:50 Times Seen2736 Hash 43c81e43a6e7d9140033055ff3e04983 b0eca03913678cb38c488c7c79cc4f9d2755ea17 3f7ef931c657c4333a401c40e8b0b8d1ff3b164542af45e14242314c0ec39f34 Loading...

	#2 Eval - 47460a0b4feac82b30ad72680eb196ae	28 B	2024-04-26	2024-04-26
Pretty Observations First Seen2024-04-26 23:26:31 Last Seen2024-04-26 23:26:31 Times Seen1 Hash 47460a0b4feac82b30ad72680eb196ae 7947eff5d64fdaf4b600c19ae39cb73d1cbc3216 70ba21ee5cbcba4c7d692bc113f0ea554e910bfeff10b19faa00b56dc859eb55 Loading...

	#3 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07	2024-05-07
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-05-07 16:12:29 Times Seen351655 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#4 Eval - 399f84c39faea6ca0640521c9eb65aa5	28 B	2024-04-26	2024-04-26
Pretty Observations First Seen2024-04-26 23:26:31 Last Seen2024-04-26 23:26:31 Times Seen1 Hash 399f84c39faea6ca0640521c9eb65aa5 d05c49d242f57b4f0ebfa8e1e02b48578450acb8 757fd6c4dbaaf2da7b2ce930170e3e848967ceb139134fde192b21dd9ad8d273 Loading...

	#5 Eval - c9422296c60e12d76fe2f4e95fc6ceb8	28 B	2024-04-26	2024-04-26
Pretty Observations First Seen2024-04-26 23:26:31 Last Seen2024-04-26 23:26:31 Times Seen1 Hash c9422296c60e12d76fe2f4e95fc6ceb8 234b617c8564e770caf23425abbf83cb9c8a7b28 1300f690d0cf47ee00c6a8d511d947d0f4376e6469e9a1ad8844512bb8c81323 Loading...

	#6 Eval - 2cd059c983b850b818b6523d59e3076d	28 B	2024-04-26	2024-04-26
Pretty Observations First Seen2024-04-26 23:26:31 Last Seen2024-04-26 23:26:31 Times Seen1 Hash 2cd059c983b850b818b6523d59e3076d c27174255034eacf738273a64dd1494f6a490c9c 20d21c621ab307f666cc0d1d9653e98bd605df31367e58fbb7b174eb19eac19a Loading...

HTTP Transactions (23)

URL IP Response Size

reamuk.s3.ap-southeast-2.amazonaws.com/control_vooworld.html?login=iso01@slurpmail.net&vcnt=100&request_type=load

3.5.165.117

3.4 kB

URL
reamuk.s3.ap-southeast-2.amazonaws.com/control_vooworld.html?login=iso01@slurpmail.net&vcnt=100&request_type=load
IP
3.5.165.117:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text, with CRLF line terminators
Size
3.4 kB (3409 bytes)
Hash
6dc04c0394de900812cb7c9bc3002968
fed1e7b8709e326498def3ccffd14f876ac56fb0
e5e9e32586e48c2e68ae6a0e4ede5e848addc2d08277e050a03475e92cc2431b

HTTP Headers

GET /control_vooworld.html?login=iso01@slurpmail.net&vcnt=100&request_type=load HTTP/1.1
Host: reamuk.s3.ap-southeast-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: OZPQzbZo7BSR9zpB5hihoXcjtfZhF8N18Vqqz1wuG6sVWPtZcs4JYB/KmFz/2CNTy8dtSsix0ESEkmjZHguLow==
x-amz-request-id: NVK2ZAW1SRBM4E06
Date: Fri, 26 Apr 2024 21:25:54 GMT
Last-Modified: Fri, 26 Apr 2024 06:28:02 GMT
ETag: "6dc04c0394de900812cb7c9bc3002968"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/html
Server: AmazonS3
Content-Length: 3409

dreamlanda.site/control_vooworld/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null

54.66.94.218

3.4 kB

URL
dreamlanda.site/control_vooworld/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null
IP
54.66.94.218:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text, with CRLF line terminators
Size
3.4 kB (3405 bytes)
Hash
430462b308621be92aced455d7724e80
339bb22b76e650e99d5667f0a8ba5acda13ae2c5
f5c10f2a8cf12bbe67187c88f8f4098b17200a78c1e404ce9316bd08d1d9d479

HTTP Headers

GET /control_vooworld/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null HTTP/1.1
Host: dreamlanda.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 21:25:55 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.30
X-Powered-By: PHP/7.4.30
Connection: keep-alive, Keep-Alive
Content-Length: 3405
Keep-Alive: timeout=5, max=100
Content-Type: text/html; charset=UTF-8

challenges.cloudflare.com/turnstile/v0/api.js

104.17.2.184

0 B

URL
challenges.cloudflare.com/turnstile/v0/api.js
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khitan.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 26 Apr 2024 21:25:57 GMT
content-length: 0
cache-control: max-age=300, public
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
location: /turnstile/v0/b/471dc2adc340/api.js
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a9a5f8e87056af-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js

142.250.74.170

31 kB

URL
ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js
IP
142.250.74.170:0
ASN
#15169 GOOGLE

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (31191 bytes)
Hash
cf2fbbf84281d9ecbffb4993203d543b
832a6a4e86daf38b1975d705c5de5d9e5f5844bc
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

HTTP Headers

GET /ajax/libs/jquery/3.6.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khitan.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:14:46 GMT
expires: Sat, 26 Apr 2025 06:14:46 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Wed, 11 Jan 2023 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 54671
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/bnw2e/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal

104.17.2.184

26 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/bnw2e/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (41702)
Size
26 kB (25727 bytes)
Hash
92377fd2c4f338e55805bed50ebd81a8
0f10e7e03298bed76b721c7e8dcb9b875962dfdb
f674e5918c55563ed8e29ac4fde5ab875127a8a3fee89c5302f29742169998be

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/bnw2e/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khitan.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 21:25:57 GMT
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy: same-origin
origin-agent-cluster: ?1
cross-origin-embedder-policy: require-corp
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
document-policy: js-profiling
referrer-policy: same-origin
vary: accept-encoding
server: cloudflare
cf-ray: 87a9a5fa29717128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/87a9a5fa29717128/1714166757893/VnAXlDSjmNwtdao

104.17.2.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/87a9a5fa29717128/1714166757893/VnAXlDSjmNwtdao
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 20 x 59, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
c47b2c5af2dec377fa3d9c88ace27645
e6edb521987e719961d0195995b5747d79a6636e
360672f354bc07a26adc645f5a0274c8a3bbd259a70465b582cd10cfb3c2015d

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/i/87a9a5fa29717128/1714166757893/VnAXlDSjmNwtdao HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/bnw2e/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 21:25:58 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 87a9a5ff8d9d7128-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/87a9a5fa29717128/1714166757896/1b69a088e8d6169dabf260c22395a2fee2745323e7b4152a1031765f9edc9213/xyP3ep5RUzfN7Uf

104.17.2.184

1 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/87a9a5fa29717128/1714166757896/1b69a088e8d6169dabf260c22395a2fee2745323e7b4152a1031765f9edc9213/xyP3ep5RUzfN7Uf
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/pat/87a9a5fa29717128/1714166757896/1b69a088e8d6169dabf260c22395a2fee2745323e7b4152a1031765f9edc9213/xyP3ep5RUzfN7Uf HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/bnw2e/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 401 Unauthorized
date: Fri, 26 Apr 2024 21:25:59 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gG2mgiOjWFp2r8mDCI5Wi_uJ0UyPntBUqEDF2X57ckhMAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEApc5PUXcXSrXwpeNe3kT6EaAJPDsPBMfFZc7M608yW3JV6YSHiGBLoFiLtNHD3Yj8UsOtWbQeFa2uvS_dYz5MBsoSW4-RbOY-WCB2aGEB-eoRbXl4lJRl0UNGi00lNBgNTil_mTTSNV3ssSkmSY8kwM-5GqBNfJ2kmJPKo02MWiXn1pwc4YXbeATUrYDRvvXUXYZrgaarjDyvHFhnYpD3mqr5qOj_TS_1SCUZ0HIp8ywDX06Xc59cKjzFHEUzD3gWutoK4apMxNt9bWWxcH3D_UL1a1llCxh-knMwTxgvRXS-XHap_ymO2zCuAPNgo1SDCTl4lTQZbVX7VvpDZwMaiQIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIBtpoIjo1hadq_JgwiOVov7idFMj57QVKhAxdl-e3JITABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1FEYykHcK8H9rb_u0aFz3CmWgYloQw4YhedoEOAjJ0vy2Axa4f9UG9Dzs4uXS34_h8l6MDo2nRCvLI9lvebilMnTjCn-6D77bewqYxJKUFZW1z2jBIdu03TrETczfEg7kxgKtJE9NXGDjYJcF_iMgzgNA0PEAVM89tUYXXlFy4cUAGlqU2mPpIEOxm5ARsXC-zlLK60fkJ4cOsZRkZa6EExdhmgdwQ0fEJuSOHrBO_-zJn4hUP8q9g4yqkxW2UrfJgD07F4HaHGBEiei06sGDvH2NEPvswEl5dTGxutNrxlU7W24iYhNa2nhjlc53nNb0mKtszv-czVE9UhXyJ7-RQIDAQAB", max-age=20
server: cloudflare
cf-ray: 87a9a604294f7128-OSL
alt-svc: h3=":443"; ma=86400

khitan.top/cdn-cgi/challenge-platform/h/b/rc/87a9a5fa29717128

172.67.175.12

21 B

URL
khitan.top/cdn-cgi/challenge-platform/h/b/rc/87a9a5fa29717128
IP
172.67.175.12:0
ASN
#13335 CLOUDFLARENET

File type
JSON text data
Size
21 B (21 bytes)
Hash
018598ff9794435b440d1bbf293cc10f
9129b0ca1a4febdf97636946a1fe7be8abf11890
898a24300baa285e173627eb7801c18db52748bb2119f56a71dcce0a5f8c8063

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/rc/87a9a5fa29717128 HTTP/1.1
Host: khitan.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://khitan.top/_zagadart_meta/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null
Content-Type: application/json
Content-Length: 596
Origin: https://khitan.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 21:25:59 GMT
content-type: application/json
content-length: 21
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
set-cookie: cf_clearance=bwtQUIQ8HY8YsuFsiYteb_LOGHbOESp1s5rjUyd9bIc-1714166759-1.0.1.1-z9ey7fcB9Xwa0MDwYjuf9zDMX4cKJKqiK81eWf5i4BJbqQzOvY.Oa3d7UFlVYowco4hvnJkR1Oc4szjNb5EYZg; path=/; expires=Sat, 26-Apr-25 21:25:59 GMT; domain=.khitan.top; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q2VfHVVep3ExZALP6AzlKUsm2Ehqfe9y%2F1grvHl9OmN3VIdhq9RmsZvwkxwUhfWshZdLrSpjrp%2BS5StR252MY0FoFunXWGuY8y9AUBFcyjnItmTEFthC0QQFQ8CY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a9a6053c6a56a4-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/443890011:1714163372:D6PiYoqhU645mu8Lpjh-bKPZn96vIjKHuQR2XDhd73o/87a9a5fa29717128/283294901fe55d2

104.17.2.184

89 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/443890011:1714163372:D6PiYoqhU645mu8Lpjh-bKPZn96vIjKHuQR2XDhd73o/87a9a5fa29717128/283294901fe55d2
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (4416), with no line terminators
Size
89 kB (89339 bytes)
Hash
d542cca21493d61e14619c8fa0522859
962b512c12a2f404d9825502b7d1bddebc1b378c
bd10d03fd974d5d72e0b465a179b5e4fdeb247debaf716cd564be501be903c2d

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/443890011:1714163372:D6PiYoqhU645mu8Lpjh-bKPZn96vIjKHuQR2XDhd73o/87a9a5fa29717128/283294901fe55d2 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/bnw2e/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 283294901fe55d2
Content-Length: 25553
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 21:25:59 GMT
content-type: text/html; charset=UTF-8
cf-chl-out: pfC+Q/RGdn3cufmLky1XwovTFT2Okf0wBs108ssL+YFzozqRTcgyh65TMWnVLb++s92Jqg0gfN2g3rYctqdgDXBBpdzzBfri1lMIAOAjLoPWmalfTY1jd731NKv9Fg/x$NOzEiEPggPnEVpXL61qRzg==
cf-chl-out-s: TtEJdIJxMZuoCJTtTR7bdSCW7PFSXWefLhdh1zkLbz3MR4so1B/2kQz6CeaznfkcV5bP8xNK6Y+gXGC/NM0APY3EbWQS7iHXpK9Ger08Wmw3AigrpCtQbK5i+EAcG5uqzy7Sy9M/1/jzBbT1BCwZ4IAyZ2C1gN9TJtxIDugqOQehtn449FezBrdZRhzG7MNI$EFnt06w3awTzgwsw7wT5Ng==
vary: accept-encoding
server: cloudflare
cf-ray: 87a9a604e9d77128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.google.com/s2/favicons?domain=slurpmail.net

142.250.74.164

301 Moved Permanently

333 B

URL GET HTTP/2
www.google.com/s2/favicons?domain=slurpmail.net
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://khitan.top/_zagadart_meta/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintF3:75:C9:48:E6:A5:11:C7:87:C8:8D:9A:C4:16:F8:09:4E:88:7C:5A
ValidityMon, 08 Apr 2024 07:33:48 GMT - Mon, 01 Jul 2024 07:33:47 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
333 B (333 bytes)
Hash
bdbe4a6868e18c775ac0c17e7b2492bd
025909a37765ca7359382127fc893f766cd8d779
b9adebdc52d97c4fd6e58ff7af3b88df09d0aa9ba2d36b38b274f6990766242a

HTTP Headers

GET /s2/favicons?domain=slurpmail.net HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khitan.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 26 Apr 2024 21:26:00 GMT
expires: Fri, 26 Apr 2024 21:56:00 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 333
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/s2/favicons?domain=slurpmail.net

142.250.74.164

301 Moved Permanently

333 B

URL GET HTTP/2
www.google.com/s2/favicons?domain=slurpmail.net
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://khitan.top/_zagadart_meta/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintF3:75:C9:48:E6:A5:11:C7:87:C8:8D:9A:C4:16:F8:09:4E:88:7C:5A
ValidityMon, 08 Apr 2024 07:33:48 GMT - Mon, 01 Jul 2024 07:33:47 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
333 B (333 bytes)
Hash
bdbe4a6868e18c775ac0c17e7b2492bd
025909a37765ca7359382127fc893f766cd8d779
b9adebdc52d97c4fd6e58ff7af3b88df09d0aa9ba2d36b38b274f6990766242a

HTTP Headers

GET /s2/favicons?domain=slurpmail.net HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khitan.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16
x-content-type-options: nosniff
server: sffe
content-length: 333
x-xss-protection: 0
date: Fri, 26 Apr 2024 21:26:00 GMT
expires: Fri, 26 Apr 2024 21:56:00 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/s2/favicons?domain=slurpmail.net

142.250.74.164

301 Moved Permanently

333 B

URL GET HTTP/2
www.google.com/s2/favicons?domain=slurpmail.net
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://khitan.top/_zagadart_meta/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintF3:75:C9:48:E6:A5:11:C7:87:C8:8D:9A:C4:16:F8:09:4E:88:7C:5A
ValidityMon, 08 Apr 2024 07:33:48 GMT - Mon, 01 Jul 2024 07:33:47 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
333 B (333 bytes)
Hash
bdbe4a6868e18c775ac0c17e7b2492bd
025909a37765ca7359382127fc893f766cd8d779
b9adebdc52d97c4fd6e58ff7af3b88df09d0aa9ba2d36b38b274f6990766242a

HTTP Headers

GET /s2/favicons?domain=slurpmail.net HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khitan.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16
x-content-type-options: nosniff
server: sffe
content-length: 333
x-xss-protection: 0
date: Fri, 26 Apr 2024 21:26:00 GMT
expires: Fri, 26 Apr 2024 21:56:00 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16

142.250.74.68

734 B

URL
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16
IP
142.250.74.68:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
734 B (734 bytes)
Hash
b864010428c077910c5ca240cf245bb6
f9715aa21b66802df7df8d5cb7d567b90542c042
dd7125f39db361fa801a74d09c1f48800926bfdbd241c67152cfcfa04402d665

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://khitan.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
content-location: http://slurpmail.net/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 734
date: Fri, 26 Apr 2024 21:26:00 GMT
expires: Fri, 03 May 2024 21:26:00 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16

142.250.74.68

734 B

URL
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16
IP
142.250.74.68:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
734 B (734 bytes)
Hash
b864010428c077910c5ca240cf245bb6
f9715aa21b66802df7df8d5cb7d567b90542c042
dd7125f39db361fa801a74d09c1f48800926bfdbd241c67152cfcfa04402d665

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://khitan.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-location: http://slurpmail.net/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 734
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 21:26:00 GMT
expires: Fri, 03 May 2024 21:26:00 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16

142.250.74.68

734 B

URL
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16
IP
142.250.74.68:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
734 B (734 bytes)
Hash
b864010428c077910c5ca240cf245bb6
f9715aa21b66802df7df8d5cb7d567b90542c042
dd7125f39db361fa801a74d09c1f48800926bfdbd241c67152cfcfa04402d665

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://khitan.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-location: http://slurpmail.net/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 734
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 21:26:00 GMT
expires: Fri, 03 May 2024 21:26:00 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

khitan.top/_zagadart_meta/functions/spinner.gif

172.67.175.12

200 OK

46 kB

URL GET HTTP/3
khitan.top/_zagadart_meta/functions/spinner.gif
IP
172.67.175.12:443
ASN
#13335 CLOUDFLARENET

Requested by
https://khitan.top/_zagadart_meta/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null
Certificate
IssuerGoogle Trust Services LLC
Subjectkhitan.top
FingerprintE0:BC:0D:09:4A:29:EA:12:3E:F8:55:12:60:D6:0D:27:98:31:7B:8A
ValidityWed, 28 Feb 2024 23:38:41 GMT - Tue, 28 May 2024 23:38:40 GMT

File type
GIF image data, version 89a, 48 x 48
Size
46 kB (46341 bytes)
Hash
bab0ad7ce20e911217791c00bcd4e35b
0822ac44951def4349090998b9ecb153128f03d5
bd750f550a5db2901c0bd52ec564da6adfbad55562b862b1f125d96d9d62b026

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_zagadart_meta/functions/spinner.gif HTTP/1.1
Host: khitan.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khitan.top/_zagadart_meta/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null
Cookie: cf_clearance=bwtQUIQ8HY8YsuFsiYteb_LOGHbOESp1s5rjUyd9bIc-1714166759-1.0.1.1-z9ey7fcB9Xwa0MDwYjuf9zDMX4cKJKqiK81eWf5i4BJbqQzOvY.Oa3d7UFlVYowco4hvnJkR1Oc4szjNb5EYZg; captcha=1; PHPSESSID=v4r04ft0he68cvbau2g9i452um
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 21:26:00 GMT
content-type: image/gif
content-length: 46341
last-modified: Wed, 07 Oct 2020 21:45:56 GMT
etag: "b505-5b11ba3eced00"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o2%2BwdN3XwOY6fWOBNeJcij6MMZtunnOtE%2BgkZuGfDUOgNrXvLA3WJyZ2xLv3JDM1K9Eh%2BX4%2Bo915JWyqEtjkhbAzb4QzF4GPAnnWu9lchbSl%2BwGfOKq%2BgAyOdG5L"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a9a609988256a4-OSL
alt-svc: h3=":443"; ma=86400

khitan.top/_zagadart_meta/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null

172.67.175.12

200 OK

17 kB

URL User Request GET HTTP/3
khitan.top/_zagadart_meta/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null
IP
172.67.175.12:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectkhitan.top
FingerprintE0:BC:0D:09:4A:29:EA:12:3E:F8:55:12:60:D6:0D:27:98:31:7B:8A
ValidityWed, 28 Feb 2024 23:38:41 GMT - Tue, 28 May 2024 23:38:40 GMT

File type
HTML document, ASCII text, with very long lines (729), with no line terminators
Size
17 kB (16613 bytes)
Hash
38284349c7e45876dd1e507faf539629
ae1fdcac1811b433754fd7684d2d9981f13f2826
59e7cbc4e743db72cf74522cdc4e49b788cb832b698246115e5b539e105b62bb

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook
urlquery	suspicious	Suspicious - Anti-debugging code
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_zagadart_meta/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null HTTP/1.1
Host: khitan.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://dreamlanda.site/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Fri, 26 Apr 2024 21:25:57 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=joTRMbguvIYtqfUKDMEmDwoC8Y4kaNCJfYvEQRW7NLJ0cvg%2FevxBbJ36b8pEa%2Bk0jHvN7Y4c5UPw0X2VKNG4AOuYbrtm7OUmwrC6qRYXoNvSqltaXd4lQKGdXn8O"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a9a5f69d00b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.js

142.250.74.170

200 OK

289 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.js
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://khitan.top/_zagadart_meta/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50
ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT

File type
JavaScript source, ASCII text
Size
289 kB (288580 bytes)
Hash
2849239b95f5a9a2aea3f6ed9420bb88
af32f706407ab08f800c5e697cce92466e735847
1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239

HTTP Headers

GET /ajax/libs/jquery/3.6.0/jquery.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khitan.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 85110
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:04:29 GMT
expires: Sat, 26 Apr 2025 06:04:29 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 55290
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16

142.250.74.68

200 OK

734 B

URL GET HTTP/2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16
IP
142.250.74.68:443
ASN
#15169 GOOGLE

Requested by
https://khitan.top/_zagadart_meta/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
734 B (734 bytes)
Hash
b864010428c077910c5ca240cf245bb6
f9715aa21b66802df7df8d5cb7d567b90542c042
dd7125f39db361fa801a74d09c1f48800926bfdbd241c67152cfcfa04402d665

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://khitan.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-location: http://slurpmail.net/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 734
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 21:26:00 GMT
expires: Fri, 03 May 2024 21:26:00 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16

142.250.74.68

200 OK

734 B

URL GET HTTP/2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16
IP
142.250.74.68:443
ASN
#15169 GOOGLE

Requested by
https://khitan.top/_zagadart_meta/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
734 B (734 bytes)
Hash
b864010428c077910c5ca240cf245bb6
f9715aa21b66802df7df8d5cb7d567b90542c042
dd7125f39db361fa801a74d09c1f48800926bfdbd241c67152cfcfa04402d665

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://khitan.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
content-location: http://slurpmail.net/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 734
date: Fri, 26 Apr 2024 21:26:00 GMT
expires: Fri, 03 May 2024 21:26:00 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

khitan.top/favicon.ico

0.0.0.0

0 B

URL GET
khitan.top/favicon.ico
IP
0.0.0.0:0
ASN
#0

Requested by
https://khitan.top/_zagadart_meta/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null
Certificate
IssuerGoogle Trust Services LLC
Subjectkhitan.top
FingerprintE0:BC:0D:09:4A:29:EA:12:3E:F8:55:12:60:D6:0D:27:98:31:7B:8A
ValidityWed, 28 Feb 2024 23:38:41 GMT - Tue, 28 May 2024 23:38:40 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: khitan.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khitan.top/_zagadart_meta/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null
Cookie: cf_clearance=bwtQUIQ8HY8YsuFsiYteb_LOGHbOESp1s5rjUyd9bIc-1714166759-1.0.1.1-z9ey7fcB9Xwa0MDwYjuf9zDMX4cKJKqiK81eWf5i4BJbqQzOvY.Oa3d7UFlVYowco4hvnJkR1Oc4szjNb5EYZg; captcha=1; PHPSESSID=v4r04ft0he68cvbau2g9i452um
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16

142.250.74.68

200 OK

734 B

URL GET HTTP/2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16
IP
142.250.74.68:443
ASN
#15169 GOOGLE

Requested by
https://khitan.top/_zagadart_meta/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
734 B (734 bytes)
Hash
b864010428c077910c5ca240cf245bb6
f9715aa21b66802df7df8d5cb7d567b90542c042
dd7125f39db361fa801a74d09c1f48800926bfdbd241c67152cfcfa04402d665

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://khitan.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-location: http://slurpmail.net/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 734
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 21:26:00 GMT
expires: Fri, 03 May 2024 21:26:00 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

wakandos.top/usp_Enigma_premium_users/admin/kfud_loader.php?login=iso01@slurpmail.net&page=null&hide_email=true

0.0.0.0

0 B

URL GET
wakandos.top/usp_Enigma_premium_users/admin/kfud_loader.php?login=iso01@slurpmail.net&page=null&hide_email=true
IP
0.0.0.0:0
ASN
#0

Requested by
https://khitan.top/_zagadart_meta/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /usp_Enigma_premium_users/admin/kfud_loader.php?login=iso01@slurpmail.net&page=null&hide_email=true HTTP/1.1
Host: wakandos.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://khitan.top
DNT: 1
Connection: keep-alive
Referer: https://khitan.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL