| reamuk.s3.ap-southeast-2.amazonaws.com/control_vooworld.html?login=iso01@slurpmail.net&vcnt=100&request_type=load | 3.5.165.117 | | 3.4 kB |
URL reamuk.s3.ap-southeast-2.amazonaws.com/control_vooworld.html?login=iso01@slurpmail.net&vcnt=100&request_type=load IP3.5.165.117:0
File typeHTML document, ASCII text, with CRLF line terminators Hash6dc04c0394de900812cb7c9bc3002968 fed1e7b8709e326498def3ccffd14f876ac56fb0 e5e9e32586e48c2e68ae6a0e4ede5e848addc2d08277e050a03475e92cc2431b
GET /control_vooworld.html?login=iso01@slurpmail.net&vcnt=100&request_type=load HTTP/1.1
Host: reamuk.s3.ap-southeast-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: OZPQzbZo7BSR9zpB5hihoXcjtfZhF8N18Vqqz1wuG6sVWPtZcs4JYB/KmFz/2CNTy8dtSsix0ESEkmjZHguLow==
x-amz-request-id: NVK2ZAW1SRBM4E06
Date: Fri, 26 Apr 2024 21:25:54 GMT
Last-Modified: Fri, 26 Apr 2024 06:28:02 GMT
ETag: "6dc04c0394de900812cb7c9bc3002968"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/html
Server: AmazonS3
Content-Length: 3409
|
|
| dreamlanda.site/control_vooworld/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null | 54.66.94.218 | | 3.4 kB |
URL dreamlanda.site/control_vooworld/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null IP54.66.94.218:0
File typeHTML document, ASCII text, with CRLF line terminators Hash430462b308621be92aced455d7724e80 339bb22b76e650e99d5667f0a8ba5acda13ae2c5 f5c10f2a8cf12bbe67187c88f8f4098b17200a78c1e404ce9316bd08d1d9d479
GET /control_vooworld/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null HTTP/1.1
Host: dreamlanda.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 21:25:55 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.30
X-Powered-By: PHP/7.4.30
Connection: keep-alive, Keep-Alive
Content-Length: 3405
Keep-Alive: timeout=5, max=100
Content-Type: text/html; charset=UTF-8
|
|
| challenges.cloudflare.com/turnstile/v0/api.js | 104.17.2.184 | | 0 B |
URL challenges.cloudflare.com/turnstile/v0/api.js IP104.17.2.184:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khitan.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 26 Apr 2024 21:25:57 GMT
content-length: 0
cache-control: max-age=300, public
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
location: /turnstile/v0/b/471dc2adc340/api.js
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a9a5f8e87056af-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js | 142.250.74.170 | | 31 kB |
URL ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js IP142.250.74.170:0
File typeJavaScript source, ASCII text, with very long lines (65447) Hashcf2fbbf84281d9ecbffb4993203d543b 832a6a4e86daf38b1975d705c5de5d9e5f5844bc a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
GET /ajax/libs/jquery/3.6.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khitan.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:14:46 GMT
expires: Sat, 26 Apr 2025 06:14:46 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Wed, 11 Jan 2023 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 54671
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/bnw2e/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal | 104.17.2.184 | | 26 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/bnw2e/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal IP104.17.2.184:0
File typeHTML document, ASCII text, with very long lines (41702) Hash92377fd2c4f338e55805bed50ebd81a8 0f10e7e03298bed76b721c7e8dcb9b875962dfdb f674e5918c55563ed8e29ac4fde5ab875127a8a3fee89c5302f29742169998be
GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/bnw2e/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khitan.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 21:25:57 GMT
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy: same-origin
origin-agent-cluster: ?1
cross-origin-embedder-policy: require-corp
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
document-policy: js-profiling
referrer-policy: same-origin
vary: accept-encoding
server: cloudflare
cf-ray: 87a9a5fa29717128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/87a9a5fa29717128/1714166757893/VnAXlDSjmNwtdao | 104.17.2.184 | | 61 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/87a9a5fa29717128/1714166757893/VnAXlDSjmNwtdao IP104.17.2.184:0
File typePNG image data, 20 x 59, 8-bit/color RGB, non-interlaced Hashc47b2c5af2dec377fa3d9c88ace27645 e6edb521987e719961d0195995b5747d79a6636e 360672f354bc07a26adc645f5a0274c8a3bbd259a70465b582cd10cfb3c2015d
GET /cdn-cgi/challenge-platform/h/b/i/87a9a5fa29717128/1714166757893/VnAXlDSjmNwtdao HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/bnw2e/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 21:25:58 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 87a9a5ff8d9d7128-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/87a9a5fa29717128/1714166757896/1b69a088e8d6169dabf260c22395a2fee2745323e7b4152a1031765f9edc9213/xyP3ep5RUzfN7Uf | 104.17.2.184 | | 1 B |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/87a9a5fa29717128/1714166757896/1b69a088e8d6169dabf260c22395a2fee2745323e7b4152a1031765f9edc9213/xyP3ep5RUzfN7Uf IP104.17.2.184:0
File typevery short file (no magic) Hashff44570aca8241914870afbc310cdb85 58668e7669fd564d99db5d581fcdb6a5618440b5 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
GET /cdn-cgi/challenge-platform/h/b/pat/87a9a5fa29717128/1714166757896/1b69a088e8d6169dabf260c22395a2fee2745323e7b4152a1031765f9edc9213/xyP3ep5RUzfN7Uf HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/bnw2e/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 401 Unauthorized
date: Fri, 26 Apr 2024 21:25:59 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gG2mgiOjWFp2r8mDCI5Wi_uJ0UyPntBUqEDF2X57ckhMAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEApc5PUXcXSrXwpeNe3kT6EaAJPDsPBMfFZc7M608yW3JV6YSHiGBLoFiLtNHD3Yj8UsOtWbQeFa2uvS_dYz5MBsoSW4-RbOY-WCB2aGEB-eoRbXl4lJRl0UNGi00lNBgNTil_mTTSNV3ssSkmSY8kwM-5GqBNfJ2kmJPKo02MWiXn1pwc4YXbeATUrYDRvvXUXYZrgaarjDyvHFhnYpD3mqr5qOj_TS_1SCUZ0HIp8ywDX06Xc59cKjzFHEUzD3gWutoK4apMxNt9bWWxcH3D_UL1a1llCxh-knMwTxgvRXS-XHap_ymO2zCuAPNgo1SDCTl4lTQZbVX7VvpDZwMaiQIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIBtpoIjo1hadq_JgwiOVov7idFMj57QVKhAxdl-e3JITABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1FEYykHcK8H9rb_u0aFz3CmWgYloQw4YhedoEOAjJ0vy2Axa4f9UG9Dzs4uXS34_h8l6MDo2nRCvLI9lvebilMnTjCn-6D77bewqYxJKUFZW1z2jBIdu03TrETczfEg7kxgKtJE9NXGDjYJcF_iMgzgNA0PEAVM89tUYXXlFy4cUAGlqU2mPpIEOxm5ARsXC-zlLK60fkJ4cOsZRkZa6EExdhmgdwQ0fEJuSOHrBO_-zJn4hUP8q9g4yqkxW2UrfJgD07F4HaHGBEiei06sGDvH2NEPvswEl5dTGxutNrxlU7W24iYhNa2nhjlc53nNb0mKtszv-czVE9UhXyJ7-RQIDAQAB", max-age=20
server: cloudflare
cf-ray: 87a9a604294f7128-OSL
alt-svc: h3=":443"; ma=86400
|
|
| khitan.top/cdn-cgi/challenge-platform/h/b/rc/87a9a5fa29717128 | 172.67.175.12 | | 21 B |
URL khitan.top/cdn-cgi/challenge-platform/h/b/rc/87a9a5fa29717128 IP172.67.175.12:0
Hash018598ff9794435b440d1bbf293cc10f 9129b0ca1a4febdf97636946a1fe7be8abf11890 898a24300baa285e173627eb7801c18db52748bb2119f56a71dcce0a5f8c8063
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/rc/87a9a5fa29717128 HTTP/1.1
Host: khitan.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://khitan.top/_zagadart_meta/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null
Content-Type: application/json
Content-Length: 596
Origin: https://khitan.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 21:25:59 GMT
content-type: application/json
content-length: 21
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
set-cookie: cf_clearance=bwtQUIQ8HY8YsuFsiYteb_LOGHbOESp1s5rjUyd9bIc-1714166759-1.0.1.1-z9ey7fcB9Xwa0MDwYjuf9zDMX4cKJKqiK81eWf5i4BJbqQzOvY.Oa3d7UFlVYowco4hvnJkR1Oc4szjNb5EYZg; path=/; expires=Sat, 26-Apr-25 21:25:59 GMT; domain=.khitan.top; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q2VfHVVep3ExZALP6AzlKUsm2Ehqfe9y%2F1grvHl9OmN3VIdhq9RmsZvwkxwUhfWshZdLrSpjrp%2BS5StR252MY0FoFunXWGuY8y9AUBFcyjnItmTEFthC0QQFQ8CY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a9a6053c6a56a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/443890011:1714163372:D6PiYoqhU645mu8Lpjh-bKPZn96vIjKHuQR2XDhd73o/87a9a5fa29717128/283294901fe55d2 | 104.17.2.184 | | 89 kB |
URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/443890011:1714163372:D6PiYoqhU645mu8Lpjh-bKPZn96vIjKHuQR2XDhd73o/87a9a5fa29717128/283294901fe55d2 IP104.17.2.184:0
File typeASCII text, with very long lines (4416), with no line terminators Hashd542cca21493d61e14619c8fa0522859 962b512c12a2f404d9825502b7d1bddebc1b378c bd10d03fd974d5d72e0b465a179b5e4fdeb247debaf716cd564be501be903c2d
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/443890011:1714163372:D6PiYoqhU645mu8Lpjh-bKPZn96vIjKHuQR2XDhd73o/87a9a5fa29717128/283294901fe55d2 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/bnw2e/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 283294901fe55d2
Content-Length: 25553
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 21:25:59 GMT
content-type: text/html; charset=UTF-8
cf-chl-out: pfC+Q/RGdn3cufmLky1XwovTFT2Okf0wBs108ssL+YFzozqRTcgyh65TMWnVLb++s92Jqg0gfN2g3rYctqdgDXBBpdzzBfri1lMIAOAjLoPWmalfTY1jd731NKv9Fg/x$NOzEiEPggPnEVpXL61qRzg==
cf-chl-out-s: TtEJdIJxMZuoCJTtTR7bdSCW7PFSXWefLhdh1zkLbz3MR4so1B/2kQz6CeaznfkcV5bP8xNK6Y+gXGC/NM0APY3EbWQS7iHXpK9Ger08Wmw3AigrpCtQbK5i+EAcG5uqzy7Sy9M/1/jzBbT1BCwZ4IAyZ2C1gN9TJtxIDugqOQehtn449FezBrdZRhzG7MNI$EFnt06w3awTzgwsw7wT5Ng==
vary: accept-encoding
server: cloudflare
cf-ray: 87a9a604e9d77128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.google.com/s2/favicons?domain=slurpmail.net | 142.250.74.164 | 301 Moved Permanently | 333 B |
URL GET HTTP/2www.google.com/s2/favicons?domain=slurpmail.net IP142.250.74.164:443
Requested byhttps://khitan.top/_zagadart_meta/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null CertificateIssuerGoogle Trust Services LLC Subjectwww.google.com FingerprintF3:75:C9:48:E6:A5:11:C7:87:C8:8D:9A:C4:16:F8:09:4E:88:7C:5A ValidityMon, 08 Apr 2024 07:33:48 GMT - Mon, 01 Jul 2024 07:33:47 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hashbdbe4a6868e18c775ac0c17e7b2492bd 025909a37765ca7359382127fc893f766cd8d779 b9adebdc52d97c4fd6e58ff7af3b88df09d0aa9ba2d36b38b274f6990766242a
GET /s2/favicons?domain=slurpmail.net HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khitan.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 26 Apr 2024 21:26:00 GMT
expires: Fri, 26 Apr 2024 21:56:00 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 333
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.google.com/s2/favicons?domain=slurpmail.net | 142.250.74.164 | 301 Moved Permanently | 333 B |
URL GET HTTP/2www.google.com/s2/favicons?domain=slurpmail.net IP142.250.74.164:443
Requested byhttps://khitan.top/_zagadart_meta/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null CertificateIssuerGoogle Trust Services LLC Subjectwww.google.com FingerprintF3:75:C9:48:E6:A5:11:C7:87:C8:8D:9A:C4:16:F8:09:4E:88:7C:5A ValidityMon, 08 Apr 2024 07:33:48 GMT - Mon, 01 Jul 2024 07:33:47 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hashbdbe4a6868e18c775ac0c17e7b2492bd 025909a37765ca7359382127fc893f766cd8d779 b9adebdc52d97c4fd6e58ff7af3b88df09d0aa9ba2d36b38b274f6990766242a
GET /s2/favicons?domain=slurpmail.net HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khitan.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16
x-content-type-options: nosniff
server: sffe
content-length: 333
x-xss-protection: 0
date: Fri, 26 Apr 2024 21:26:00 GMT
expires: Fri, 26 Apr 2024 21:56:00 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.google.com/s2/favicons?domain=slurpmail.net | 142.250.74.164 | 301 Moved Permanently | 333 B |
URL GET HTTP/2www.google.com/s2/favicons?domain=slurpmail.net IP142.250.74.164:443
Requested byhttps://khitan.top/_zagadart_meta/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null CertificateIssuerGoogle Trust Services LLC Subjectwww.google.com FingerprintF3:75:C9:48:E6:A5:11:C7:87:C8:8D:9A:C4:16:F8:09:4E:88:7C:5A ValidityMon, 08 Apr 2024 07:33:48 GMT - Mon, 01 Jul 2024 07:33:47 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hashbdbe4a6868e18c775ac0c17e7b2492bd 025909a37765ca7359382127fc893f766cd8d779 b9adebdc52d97c4fd6e58ff7af3b88df09d0aa9ba2d36b38b274f6990766242a
GET /s2/favicons?domain=slurpmail.net HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khitan.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16
x-content-type-options: nosniff
server: sffe
content-length: 333
x-xss-protection: 0
date: Fri, 26 Apr 2024 21:26:00 GMT
expires: Fri, 26 Apr 2024 21:56:00 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 | 142.250.74.68 | | 734 B |
URL t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 IP142.250.74.68:0
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hashb864010428c077910c5ca240cf245bb6 f9715aa21b66802df7df8d5cb7d567b90542c042 dd7125f39db361fa801a74d09c1f48800926bfdbd241c67152cfcfa04402d665
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://khitan.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
content-location: http://slurpmail.net/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 734
date: Fri, 26 Apr 2024 21:26:00 GMT
expires: Fri, 03 May 2024 21:26:00 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 | 142.250.74.68 | | 734 B |
URL t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 IP142.250.74.68:0
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hashb864010428c077910c5ca240cf245bb6 f9715aa21b66802df7df8d5cb7d567b90542c042 dd7125f39db361fa801a74d09c1f48800926bfdbd241c67152cfcfa04402d665
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://khitan.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-location: http://slurpmail.net/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 734
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 21:26:00 GMT
expires: Fri, 03 May 2024 21:26:00 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 | 142.250.74.68 | | 734 B |
URL t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 IP142.250.74.68:0
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hashb864010428c077910c5ca240cf245bb6 f9715aa21b66802df7df8d5cb7d567b90542c042 dd7125f39db361fa801a74d09c1f48800926bfdbd241c67152cfcfa04402d665
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://khitan.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-location: http://slurpmail.net/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 734
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 21:26:00 GMT
expires: Fri, 03 May 2024 21:26:00 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| khitan.top/_zagadart_meta/functions/spinner.gif | 172.67.175.12 | 200 OK | 46 kB |
URL GET HTTP/3khitan.top/_zagadart_meta/functions/spinner.gif IP172.67.175.12:443
Requested byhttps://khitan.top/_zagadart_meta/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null CertificateIssuerGoogle Trust Services LLC Subjectkhitan.top FingerprintE0:BC:0D:09:4A:29:EA:12:3E:F8:55:12:60:D6:0D:27:98:31:7B:8A ValidityWed, 28 Feb 2024 23:38:41 GMT - Tue, 28 May 2024 23:38:40 GMT
File typeGIF image data, version 89a, 48 x 48 Hashbab0ad7ce20e911217791c00bcd4e35b 0822ac44951def4349090998b9ecb153128f03d5 bd750f550a5db2901c0bd52ec564da6adfbad55562b862b1f125d96d9d62b026
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_zagadart_meta/functions/spinner.gif HTTP/1.1
Host: khitan.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khitan.top/_zagadart_meta/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null
Cookie: cf_clearance=bwtQUIQ8HY8YsuFsiYteb_LOGHbOESp1s5rjUyd9bIc-1714166759-1.0.1.1-z9ey7fcB9Xwa0MDwYjuf9zDMX4cKJKqiK81eWf5i4BJbqQzOvY.Oa3d7UFlVYowco4hvnJkR1Oc4szjNb5EYZg; captcha=1; PHPSESSID=v4r04ft0he68cvbau2g9i452um
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 21:26:00 GMT
content-type: image/gif
content-length: 46341
last-modified: Wed, 07 Oct 2020 21:45:56 GMT
etag: "b505-5b11ba3eced00"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o2%2BwdN3XwOY6fWOBNeJcij6MMZtunnOtE%2BgkZuGfDUOgNrXvLA3WJyZ2xLv3JDM1K9Eh%2BX4%2Bo915JWyqEtjkhbAzb4QzF4GPAnnWu9lchbSl%2BwGfOKq%2BgAyOdG5L"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a9a609988256a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| khitan.top/_zagadart_meta/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null | 172.67.175.12 | 200 OK | 17 kB |
URL User Request GET HTTP/3khitan.top/_zagadart_meta/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null IP172.67.175.12:443
CertificateIssuerGoogle Trust Services LLC Subjectkhitan.top FingerprintE0:BC:0D:09:4A:29:EA:12:3E:F8:55:12:60:D6:0D:27:98:31:7B:8A ValidityWed, 28 Feb 2024 23:38:41 GMT - Tue, 28 May 2024 23:38:40 GMT
File typeHTML document, ASCII text, with very long lines (729), with no line terminators Hash38284349c7e45876dd1e507faf539629 ae1fdcac1811b433754fd7684d2d9981f13f2826 59e7cbc4e743db72cf74522cdc4e49b788cb832b698246115e5b539e105b62bb
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Microsoft Outlook | urlquery | suspicious | Suspicious - Anti-debugging code | Quad9 DNS | malicious | Sinkholed |
GET /_zagadart_meta/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null HTTP/1.1
Host: khitan.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://dreamlanda.site/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Fri, 26 Apr 2024 21:25:57 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=joTRMbguvIYtqfUKDMEmDwoC8Y4kaNCJfYvEQRW7NLJ0cvg%2FevxBbJ36b8pEa%2Bk0jHvN7Y4c5UPw0X2VKNG4AOuYbrtm7OUmwrC6qRYXoNvSqltaXd4lQKGdXn8O"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a9a5f69d00b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.js | 142.250.74.170 | 200 OK | 289 kB |
URL GET HTTP/3ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.js IP142.250.74.170:443
Requested byhttps://khitan.top/_zagadart_meta/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50 ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT
File typeJavaScript source, ASCII text Size289 kB (288580 bytes) Hash2849239b95f5a9a2aea3f6ed9420bb88 af32f706407ab08f800c5e697cce92466e735847 1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239
GET /ajax/libs/jquery/3.6.0/jquery.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khitan.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 85110
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:04:29 GMT
expires: Sat, 26 Apr 2025 06:04:29 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 55290
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 | 142.250.74.68 | 200 OK | 734 B |
URL GET HTTP/2t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 IP142.250.74.68:443
Requested byhttps://khitan.top/_zagadart_meta/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hashb864010428c077910c5ca240cf245bb6 f9715aa21b66802df7df8d5cb7d567b90542c042 dd7125f39db361fa801a74d09c1f48800926bfdbd241c67152cfcfa04402d665
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://khitan.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-location: http://slurpmail.net/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 734
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 21:26:00 GMT
expires: Fri, 03 May 2024 21:26:00 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 | 142.250.74.68 | 200 OK | 734 B |
URL GET HTTP/2t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 IP142.250.74.68:443
Requested byhttps://khitan.top/_zagadart_meta/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hashb864010428c077910c5ca240cf245bb6 f9715aa21b66802df7df8d5cb7d567b90542c042 dd7125f39db361fa801a74d09c1f48800926bfdbd241c67152cfcfa04402d665
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://khitan.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
content-location: http://slurpmail.net/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 734
date: Fri, 26 Apr 2024 21:26:00 GMT
expires: Fri, 03 May 2024 21:26:00 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| khitan.top/favicon.ico | 0.0.0.0 | | 0 B |
IP0.0.0.0:0
Requested byhttps://khitan.top/_zagadart_meta/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null CertificateIssuerGoogle Trust Services LLC Subjectkhitan.top FingerprintE0:BC:0D:09:4A:29:EA:12:3E:F8:55:12:60:D6:0D:27:98:31:7B:8A ValidityWed, 28 Feb 2024 23:38:41 GMT - Tue, 28 May 2024 23:38:40 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: khitan.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://khitan.top/_zagadart_meta/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null
Cookie: cf_clearance=bwtQUIQ8HY8YsuFsiYteb_LOGHbOESp1s5rjUyd9bIc-1714166759-1.0.1.1-z9ey7fcB9Xwa0MDwYjuf9zDMX4cKJKqiK81eWf5i4BJbqQzOvY.Oa3d7UFlVYowco4hvnJkR1Oc4szjNb5EYZg; captcha=1; PHPSESSID=v4r04ft0he68cvbau2g9i452um
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
|
|
| t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 | 142.250.74.68 | 200 OK | 734 B |
URL GET HTTP/2t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 IP142.250.74.68:443
Requested byhttps://khitan.top/_zagadart_meta/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hashb864010428c077910c5ca240cf245bb6 f9715aa21b66802df7df8d5cb7d567b90542c042 dd7125f39db361fa801a74d09c1f48800926bfdbd241c67152cfcfa04402d665
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://khitan.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-location: http://slurpmail.net/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 734
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 21:26:00 GMT
expires: Fri, 03 May 2024 21:26:00 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| wakandos.top/usp_Enigma_premium_users/admin/kfud_loader.php?login=iso01@slurpmail.net&page=null&hide_email=true | 0.0.0.0 | | 0 B |
URL GET wakandos.top/usp_Enigma_premium_users/admin/kfud_loader.php?login=iso01@slurpmail.net&page=null&hide_email=true IP0.0.0.0:0
Requested byhttps://khitan.top/_zagadart_meta/?login=iso01@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usp_Enigma_premium_users/admin/kfud_loader.php?login=iso01@slurpmail.net&page=null&hide_email=true HTTP/1.1
Host: wakandos.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://khitan.top
DNT: 1
Connection: keep-alive
Referer: https://khitan.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|