Report - osfny.com

Report Overview

Visited public
2023-12-25 22:49:36
Tags
URL
osfny.com
Finishing URL
009d.imumetak.top/?s1=201767&s2=1926975&s3=585&s5=backuser&click_id=cb15c8pfyqeu38ne92&iexpp=1&j1=1&utm_source=da57dc555e50572d
IP / ASN
52.33.207.7
#16509 AMAZON-02
Title
Instadate

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-25 11:41:13	472 B	2.2 kB	142.250.147.95
scmirl.top	unknown	2023-11-29	2023-11-29 21:04:05	2023-12-21 22:49:15	546 B	48 kB	104.21.67.199
21d.bimuqq.top	unknown	unknown	No data	No data	595 B	48 kB	172.67.171.171
osfny.com	unknown	unknown	No data	No data	476 B	402 B	44.230.85.241
cdn-dimi.akamaized.net	unknown	2014-03-18	2022-07-07 15:18:25	2023-12-25 14:09:18	4.8 kB	1.1 MB	84.53.172.217
009d.imumetak.top	unknown	unknown	No data	No data	573 B	42 kB	104.21.34.167
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-25 11:40:01	1.1 kB	48 kB	216.58.207.227
kexkex.net	unknown	2022-02-24	2022-02-25 11:56:43	2023-11-18 13:55:22	485 B	48 kB	104.21.79.94

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-12-25 22:44:23	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-25	medium	scmirl.top	Sinkholed

ThreatFox

No alerts detected

JavaScript (10)

	URL	From	Size	First Seen	Last Seen
	009d.imumetak.top/?utm_source=da57dc555e50572d&s1=201767&s2=1926975&j1=1&click_id=cb15c8pfyqeu38ne92&s3=585	ScriptElement	2.1 kB	2024-08-20	2024-08-20
Pretty URL 009d.imumetak.top/?utm_source=da57dc555e50572d&s1=201767&s2=1926975&j1=1&click_id=cb15c8pfyqeu38ne92&s3=585 IP 104.21.34.167 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 14:59 Last Seen2024-08-20 14:59 Times Seen1 Hash e5063fe0c083ab6870197de7f10e6c72 8571f39af525a671e45f054fa4bad7404e45fa71 91b34104665176626ec6fdf829daa1df8f23cb30a92d557dc5276784b1a68fd5 Loading...

	009d.imumetak.top/?utm_source=da57dc555e50572d&s1=201767&s2=1926975&j1=1&click_id=cb15c8pfyqeu38ne92&s3=585	ScriptElement	4.0 kB	2024-08-20	2024-08-20
Pretty URL 009d.imumetak.top/?utm_source=da57dc555e50572d&s1=201767&s2=1926975&j1=1&click_id=cb15c8pfyqeu38ne92&s3=585 IP 104.21.34.167 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 14:59 Last Seen2024-08-20 14:59 Times Seen1 Hash ea55ae42cc0412d1d1895998b35e4519 d2032be920e0ad75e77f8ea554ee8f1c7e80df25 baaece05d609bc71e2a5c968e56d24b3fa6f36648abb8567c37a934eb0e28d40 Loading...

	009d.imumetak.top/?utm_source=da57dc555e50572d&s1=201767&s2=1926975&j1=1&click_id=cb15c8pfyqeu38ne92&s3=585	ScriptElement	12 kB	2024-08-20	2024-08-20
Pretty URL 009d.imumetak.top/?utm_source=da57dc555e50572d&s1=201767&s2=1926975&j1=1&click_id=cb15c8pfyqeu38ne92&s3=585 IP 104.21.34.167 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 14:59 Last Seen2024-08-20 14:59 Times Seen1 Hash 44ef5c59643995be84cc41bf0dabc808 5f94ba2b2b32c953ea005577338e627d5b1d1b86 72164fe33265dedc4567d5b05e4077101270bde01fe41ce387d255ec95dc3093 Loading...

	cdn-dimi.akamaized.net/landings/284830/1701880242/js/translates.js?1701880242	ScriptElement	25 kB	2023-12-07	2025-05-26
Pretty URL cdn-dimi.akamaized.net/landings/284830/1701880242/js/translates.js?1701880242 IP 84.53.172.217 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-07 09:50 Last Seen2025-05-26 05:59 Times Seen189 Hash 7455b9bda59236475645ed7fde6ec8ed 0d94306d56dcbfb68842b1b54f25957c0f008e37 965e93618f8d1ac1f5d552fde96a86308fb9fa8c8820186ad1ca4bbf5e84c17d Loading...

	009d.imumetak.top/?utm_source=da57dc555e50572d&s1=201767&s2=1926975&j1=1&click_id=cb15c8pfyqeu38ne92&s3=585	ScriptElement	2.5 kB	2023-06-30	2025-06-05
Pretty URL 009d.imumetak.top/?utm_source=da57dc555e50572d&s1=201767&s2=1926975&j1=1&click_id=cb15c8pfyqeu38ne92&s3=585 IP 104.21.34.167 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-30 16:46 Last Seen2025-06-05 16:23 Times Seen2066 Hash 78a93fba834e51562cc0c1643de4a304 2bf106e16eb1752230a8499285b73ae6d8dcbcc2 d684c6105ece5706298f7778d19bc9881449a39196f92c000254f4ce6fdd368e Loading...

	009d.imumetak.top/?s1=201767&s2=1926975&s3=585&s5=backuser&click_id=cb15c8pfyqeu38ne92&iexpp=1&j1=1&utm_source=da57dc555e50572d	ScriptElement	0 B	0001-01-01	2025-06-07
Pretty URL 009d.imumetak.top/?s1=201767&s2=1926975&s3=585&s5=backuser&click_id=cb15c8pfyqeu38ne92&iexpp=1&j1=1&utm_source=da57dc555e50572d IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-06-07 09:03 Times Seen4871294 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	009d.imumetak.top/?utm_source=da57dc555e50572d&s1=201767&s2=1926975&j1=1&click_id=cb15c8pfyqeu38ne92&s3=585	ScriptElement	311 B	2024-08-20	2024-08-20
Pretty URL 009d.imumetak.top/?utm_source=da57dc555e50572d&s1=201767&s2=1926975&j1=1&click_id=cb15c8pfyqeu38ne92&s3=585 IP 104.21.34.167 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 14:59 Last Seen2024-08-20 14:59 Times Seen1 Hash 61d0ae5461fc558217a597fa409acd24 c8a166e80da4fd79b3991eee3504921e533c98e9 c24628d9a615581ed2e7cf055888ad337ae7f0d06c616521a8d7411510f19cfd Loading...

	cdn-dimi.akamaized.net/landings/284830/1701880242/js/jquery.min.js?1701880242	ScriptElement	86 kB	2023-03-07	2025-06-07
Pretty URL cdn-dimi.akamaized.net/landings/284830/1701880242/js/jquery.min.js?1701880242 IP 84.53.172.217 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-07 08:55 Times Seen178205 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

	cdn-dimi.akamaized.net/landings/284830/1701880242/js/scripts.js?1701880242	ScriptElement	511 B	2023-03-25	2025-05-26
Pretty URL cdn-dimi.akamaized.net/landings/284830/1701880242/js/scripts.js?1701880242 IP 84.53.172.217 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-25 22:54 Last Seen2025-05-26 05:59 Times Seen268 Hash 69e75e0997cdd1b51ef2d8f78358e937 f816503aceb6edd2fd9f0cc3f911b99817ca611d 40c9bae2946917f32864946aabede4750f809cf9f3ab600669faab410b82526c Loading...

	cdn-dimi.akamaized.net/landings/284830/1701880242/js/affStepHide.js?1701880242	ScriptElement	466 B	2023-12-07	2024-08-20
Pretty URL cdn-dimi.akamaized.net/landings/284830/1701880242/js/affStepHide.js?1701880242 IP 84.53.172.217 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-07 05:16 Last Seen2024-08-20 16:30 Times Seen69 Hash bb2d9098a3b17c34feaed5bb8e0badb4 cc8c4a96abcb1183072f162b22f64109e2dca647 e7ff9d01649b320e8c444c43ef0cffadd5a1e71621a98143f1ee39893d22bf68 Loading...

HTTP Transactions (18)

URL IP Response Size

osfny.com/

44.230.85.241

307 Temporary Redirect

168 B

URL User Request GET HTTP/2
osfny.com/
IP
44.230.85.241:443
ASN
#16509 AMAZON-02

Certificate
IssuerLet's Encrypt
Subjectosfny.com
FingerprintFB:2D:90:81:D7:98:80:2C:72:9F:F1:8E:E3:9D:81:A5:62:11:E7:C1
ValidityMon, 25 Dec 2023 20:18:09 GMT - Sun, 24 Mar 2024 20:18:08 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
168 B (168 bytes)
Hash
62019120e2e6b6a77d348c07ed5801aa
8d0b55297974e22979c642ba4adbd2c0cefc50f4
d3ff999a093c94b71eed485b9391ad5e80033f0728aa285049a0f81d0042dba5

HTTP Headers

GET / HTTP/1.1
Host: osfny.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 307 Temporary Redirect
server: openresty
date: Mon, 25 Dec 2023 22:49:08 GMT
content-type: text/html; charset=utf-8
content-length: 168
location: https://kexkex.net/w19dXx
x-frame-options: sameorigin
X-Firefox-Spdy: h2

cdn-dimi.akamaized.net/landings/284830/1701880242/css/reset.min.css?1701880242

84.53.172.217

200 OK

527 B

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/284830/1701880242/css/reset.min.css?1701880242
IP
84.53.172.217:443
ASN
#20940 Akamai International B.V.

Requested by
https://009d.imumetak.top/?utm_source=da57dc555e50572d&s1=201767&s2=1926975&j1=1&click_id=cb15c8pfyqeu38ne92&s3=585
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
CSV text
Size
527 B (527 bytes)
Hash
36f11c31f5b3885dc017f41ed8f5817c
e928be87b659d200361c277fcc3ed1fd13b2a472
b59fdf3a529889ad3a8d013a347d5586f3da8361e71291cc9215edb830d1e45e

HTTP Headers

GET /landings/284830/1701880242/css/reset.min.css?1701880242 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://009d.imumetak.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: wP/AMbeKMsREE0djxzVvv6dKjFD6fS0M74Lm+97ApRX3GyCqhVZYvgmbw92b4JD8pbQMvOz2L8Y=
x-amz-request-id: 68JRGRVYDYSZ5EHS
Last-Modified: Wed, 06 Dec 2023 16:30:44 GMT
ETag: "36f11c31f5b3885dc017f41ed8f5817c"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 25 Dec 2023 22:49:10 GMT
Content-Length: 527
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

009d.imumetak.top/?utm_source=da57dc555e50572d&s1=201767&s2=1926975&j1=1&click_id=cb15c8pfyqeu38ne92&s3=585

104.21.34.167

200 OK

42 kB

URL User Request GET HTTP/2
009d.imumetak.top/?utm_source=da57dc555e50572d&s1=201767&s2=1926975&j1=1&click_id=cb15c8pfyqeu38ne92&s3=585
IP
104.21.34.167:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectimumetak.top
Fingerprint8C:C9:A3:34:01:1A:A9:DD:E9:68:87:82:13:95:DD:24:CD:A3:2F:AD
ValidityFri, 08 Dec 2023 13:49:57 GMT - Thu, 07 Mar 2024 13:49:56 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (2288)
Size
42 kB (41453 bytes)
Hash
33f9d7c1249f6aeddcac1de51bf2a782
d5c82e79a1184591487e681a934c9ca6d9b41308
3318c9b24cee37a77e0630c290ee6d5ab8c7d8c357a7e3c3f5897264431ed8e1

HTTP Headers

GET /?utm_source=da57dc555e50572d&s1=201767&s2=1926975&j1=1&click_id=cb15c8pfyqeu38ne92&s3=585 HTTP/1.1
Host: 009d.imumetak.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 25 Dec 2023 22:49:10 GMT
content-type: text/html; charset=utf-8
set-cookie: unique_id=658a06e6000b1e27; Path=/; Expires=Fri, 23 Feb 2024 22:49:10 GMT
unique_id2=658987540002ffda; Path=/; Expires=Sun, 24 Mar 2024 22:49:10 GMT
658987540002ffda_c=1; Path=/; Expires=Sun, 24 Mar 2024 22:49:10 GMT
ref_token=201767; Path=/; Expires=Wed, 24 Jan 2024 22:49:10 GMT
impression=; Path=/; Expires=Mon, 25 Dec 2023 22:49:10 GMT
658987540002ffda_sl=[284830]; Path=/; Expires=Mon, 08 Jan 2024 22:49:10 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gDiC9%2B24KX35meWKiUF4yPEQJEt4e24%2BCUpYCCvAKKnBO0mA4WVuTq7yevmcns1CCYspi8UrwbusBFEHNmR6LyNgTC2bvkChSAr4bAAzd3okGt7lPjAaw%2FAxwLKHESrtjEqoWA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83b4a2bda9234e0f-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn-dimi.akamaized.net/landings/284830/1701880242/css/style.css?1701880242

84.53.172.217

200 OK

1.9 kB

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/284830/1701880242/css/style.css?1701880242
IP
84.53.172.217:443
ASN
#20940 Akamai International B.V.

Requested by
https://009d.imumetak.top/?utm_source=da57dc555e50572d&s1=201767&s2=1926975&j1=1&click_id=cb15c8pfyqeu38ne92&s3=585
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
ASCII text
Size
1.9 kB (1857 bytes)
Hash
2377fd13afd591c5738f12be02d8ac78
ea4ac44ccafc516876781ab751d796bf7705d538
325b0acec6efe45feb749aa73136ce9282d3fa0ecec25d5e5727f1b796497016

HTTP Headers

GET /landings/284830/1701880242/css/style.css?1701880242 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://009d.imumetak.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: C1xTdd7qJd/hPki68DFdDL9RLKWG2+jL0t/7zQEgOIFoGtMpPU3xtXwCZD2W13d6MMfB+/ZWjN8=
x-amz-request-id: 68JMJBXZ1Y7VYDNS
Last-Modified: Wed, 06 Dec 2023 16:30:44 GMT
ETag: "2377fd13afd591c5738f12be02d8ac78"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 25 Dec 2023 22:49:10 GMT
Content-Length: 1857
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/284830/1701880242/js/scripts.js?1701880242

84.53.172.217

200 OK

511 B

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/284830/1701880242/js/scripts.js?1701880242
IP
84.53.172.217:443
ASN
#20940 Akamai International B.V.

Requested by
https://009d.imumetak.top/?utm_source=da57dc555e50572d&s1=201767&s2=1926975&j1=1&click_id=cb15c8pfyqeu38ne92&s3=585
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
ASCII text
Size
511 B (511 bytes)
Hash
69e75e0997cdd1b51ef2d8f78358e937
f816503aceb6edd2fd9f0cc3f911b99817ca611d
40c9bae2946917f32864946aabede4750f809cf9f3ab600669faab410b82526c

HTTP Headers

GET /landings/284830/1701880242/js/scripts.js?1701880242 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://009d.imumetak.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: YUSTSyLlEHDriB3zvwzzB+GLaNQRc9wyLEp4tvyQM1K6DKQ1oHCXZJ4g6nvljfsoJi8jBnjwkm4=
x-amz-request-id: 68JXT5DEVGP4582X
Last-Modified: Wed, 06 Dec 2023 16:30:45 GMT
ETag: "69e75e0997cdd1b51ef2d8f78358e937"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 511
Date: Mon, 25 Dec 2023 22:49:10 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/284830/1701880242/js/affStepHide.js?1701880242

84.53.172.217

200 OK

466 B

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/284830/1701880242/js/affStepHide.js?1701880242
IP
84.53.172.217:443
ASN
#20940 Akamai International B.V.

Requested by
https://009d.imumetak.top/?utm_source=da57dc555e50572d&s1=201767&s2=1926975&j1=1&click_id=cb15c8pfyqeu38ne92&s3=585
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
ASCII text
Size
466 B (466 bytes)
Hash
bb2d9098a3b17c34feaed5bb8e0badb4
cc8c4a96abcb1183072f162b22f64109e2dca647
e7ff9d01649b320e8c444c43ef0cffadd5a1e71621a98143f1ee39893d22bf68

HTTP Headers

GET /landings/284830/1701880242/js/affStepHide.js?1701880242 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://009d.imumetak.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: pss0H0j+R2CN92w0dX5T/nJsXHavgmWl/X9/SYtu+J7T2F0PsKV56WdMiJ2KOsxuBZlsCmq2fPw=
x-amz-request-id: 68JYJY4ZTPC09DQ9
Last-Modified: Wed, 06 Dec 2023 16:30:45 GMT
ETag: "bb2d9098a3b17c34feaed5bb8e0badb4"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 466
Date: Mon, 25 Dec 2023 22:49:10 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/284830/1701880242/js/translates.js?1701880242

84.53.172.217

200 OK

8.8 kB

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/284830/1701880242/js/translates.js?1701880242
IP
84.53.172.217:443
ASN
#20940 Akamai International B.V.

Requested by
https://009d.imumetak.top/?utm_source=da57dc555e50572d&s1=201767&s2=1926975&j1=1&click_id=cb15c8pfyqeu38ne92&s3=585
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text
Size
8.8 kB (8781 bytes)
Hash
7455b9bda59236475645ed7fde6ec8ed
0d94306d56dcbfb68842b1b54f25957c0f008e37
965e93618f8d1ac1f5d552fde96a86308fb9fa8c8820186ad1ca4bbf5e84c17d

HTTP Headers

GET /landings/284830/1701880242/js/translates.js?1701880242 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://009d.imumetak.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: iLOivFK1QM7A+oCSbWctpRSEJ6sliBYyU+OzEhqWPUetAeW36DgYalwnygxUEOw5jSmjytrAxpk=
x-amz-request-id: 68JXWRA5NNAE23KX
Last-Modified: Wed, 06 Dec 2023 16:30:45 GMT
ETag: "7455b9bda59236475645ed7fde6ec8ed"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 25 Dec 2023 22:49:10 GMT
Content-Length: 8781
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/284830/1701880242/images/logo.svg

84.53.172.217

200 OK

11 kB

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/284830/1701880242/images/logo.svg
IP
84.53.172.217:443
ASN
#20940 Akamai International B.V.

Requested by
https://009d.imumetak.top/?utm_source=da57dc555e50572d&s1=201767&s2=1926975&j1=1&click_id=cb15c8pfyqeu38ne92&s3=585
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
11 kB (10652 bytes)
Hash
89efea4d57e53488be96c41f813895c2
4ace0a06591c30d245809c58f7cf3aad9e602959
ea91bcc64cbe5159a96da591bdec4939528366b64226c688cc4462baf74dfdd3

HTTP Headers

GET /landings/284830/1701880242/images/logo.svg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://009d.imumetak.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: w9ue075SGCjmADeWpJXoYIgpBkg+RKg1PMfSCTjWqin/jeUEVQKEJWoJcR9Qs0hh74tZ1GEWsxU=
x-amz-request-id: YG4X7BMAS9CYTRJT
Last-Modified: Wed, 06 Dec 2023 16:30:44 GMT
ETag: "89efea4d57e53488be96c41f813895c2"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 10652
Date: Mon, 25 Dec 2023 22:49:10 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/284830/1701880242/images/girl-ico.png

84.53.172.217

200 OK

1.5 kB

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/284830/1701880242/images/girl-ico.png
IP
84.53.172.217:443
ASN
#20940 Akamai International B.V.

Requested by
https://009d.imumetak.top/?utm_source=da57dc555e50572d&s1=201767&s2=1926975&j1=1&click_id=cb15c8pfyqeu38ne92&s3=585
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
Size
1.5 kB (1540 bytes)
Hash
87fa20787233a7ac89d1ee83563832c6
2fd58653f791912508d469a274fbdffbc7177bf6
2cb1de63c827301236cb47fc705964c827deb48b360148e11a28c15ea9ef66d0

HTTP Headers

GET /landings/284830/1701880242/images/girl-ico.png HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://009d.imumetak.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: C+vXkuNLPt+zKR35aU6QUG2APMoBo6R1LhFMXEA6hHUHsrpYmkuwJR3vnVVkRptn9vXV1KvpYtM=
x-amz-request-id: YG4PJT03GQTQC1YQ
Last-Modified: Wed, 06 Dec 2023 16:30:44 GMT
ETag: "87fa20787233a7ac89d1ee83563832c6"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 1540
Date: Mon, 25 Dec 2023 22:49:10 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

216.58.207.227

200 OK

24 kB

URL GET HTTP/2
fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://009d.imumetak.top/?utm_source=da57dc555e50572d&s1=201767&s2=1926975&j1=1&click_id=cb15c8pfyqeu38ne92&s3=585
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23580, version 1.0
Size
24 kB (23580 bytes)
Hash
e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

HTTP Headers

GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://009d.imumetak.top
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 25 Dec 2023 22:28:26 GMT
expires: Tue, 24 Dec 2024 22:28:26 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
age: 1245
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

216.58.207.227

200 OK

23 kB

URL GET HTTP/2
fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://009d.imumetak.top/?utm_source=da57dc555e50572d&s1=201767&s2=1926975&j1=1&click_id=cb15c8pfyqeu38ne92&s3=585
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23040, version 1.0
Size
23 kB (23040 bytes)
Hash
de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

HTTP Headers

GET /s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://009d.imumetak.top
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 23 Dec 2023 08:13:23 GMT
expires: Sun, 22 Dec 2024 08:13:23 GMT
cache-control: public, max-age=31536000
age: 225348
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn-dimi.akamaized.net/landings/284830/1701880242/images/video-1.mp4

84.53.172.217

206 Partial Content

981 kB

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/284830/1701880242/images/video-1.mp4
IP
84.53.172.217:443
ASN
#20940 Akamai International B.V.

Requested by
https://009d.imumetak.top/?utm_source=da57dc555e50572d&s1=201767&s2=1926975&j1=1&click_id=cb15c8pfyqeu38ne92&s3=585
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]
Size
981 kB (980750 bytes)
Hash
43886628e2a2ce4b7bf25bcde938569c
e18fb7f59ebb1088f5cba29b79b571c360ef1987
61159aadf9028762d505d90fb5fd542b6f4a4c04d4baa4b558622f62242f841a

HTTP Headers

GET /landings/284830/1701880242/images/video-1.mp4 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://009d.imumetak.top/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 206 Partial Content
x-amz-id-2: C6wf+GlQvjRqhs1LlaoWoJOhMLd3QSZhw12KsQmM4K6iEW1oBPaGgjqZqrznv8GkBNBZyzgsQUU=
x-amz-request-id: YG4KBEWZ7AKVQ0CF
Last-Modified: Wed, 06 Dec 2023 16:30:44 GMT
ETag: "c5a7ed946c9667be9ac3f0f0f6b28832"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: video/mp4
Server: AmazonS3
Date: Mon, 25 Dec 2023 22:49:11 GMT
Content-Range: bytes 0-1970846/1970847
Content-Length: 1970847
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/284830/1701880242/images/favicon.ico?t=20231225224910

84.53.172.217

200 OK

14 kB

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/284830/1701880242/images/favicon.ico?t=20231225224910
IP
84.53.172.217:443
ASN
#20940 Akamai International B.V.

Requested by
https://009d.imumetak.top/?utm_source=da57dc555e50572d&s1=201767&s2=1926975&j1=1&click_id=cb15c8pfyqeu38ne92&s3=585
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
MS Windows icon resource - 1 icon, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel
Size
14 kB (13868 bytes)
Hash
135aeed168833e38d0839e1709e41891
a689caccb7b0a9918ff731bef2a1e3d04aff07ec
74d44e795ea62dcb66e995bfc7a0914e4fb64041567e05cc9118cfc8608caa45

HTTP Headers

GET /landings/284830/1701880242/images/favicon.ico?t=20231225224910 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://009d.imumetak.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: poLQoLCyR5wynixGHKWsqE5sFLlUGQR4f2Qu0YSx0qtzmaNAIY72/pKJW6XcT3tTvstrXHCsprA=
x-amz-request-id: K39B7VJBV7BHYCYX
Last-Modified: Wed, 06 Dec 2023 16:30:44 GMT
ETag: "135aeed168833e38d0839e1709e41891"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/x-icon
Server: AmazonS3
Content-Length: 13868
Date: Mon, 25 Dec 2023 22:49:11 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

kexkex.net/w19dXx

104.21.79.94

302 Found

46 kB

URL User Request GET HTTP/2
kexkex.net/w19dXx
IP
104.21.79.94:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectkexkex.net
FingerprintE8:7E:3E:FF:A9:62:80:6C:0E:BB:01:C4:5B:4B:EC:32:24:DA:D8:A9
ValidityFri, 17 Nov 2023 23:14:38 GMT - Thu, 15 Feb 2024 23:14:37 GMT

File type

Size
46 kB (46495 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /w19dXx HTTP/1.1
Host: kexkex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Mon, 25 Dec 2023 22:49:09 GMT
content-type: text/html; charset=utf-8
location: https://scmirl.top/click?o=2&a=585&aff_click_id=1l695kfffpfqqcna&aff_param1=tiktokOpen
x-powered-by: PHP/5.6.40
expires: Thu, 21 Jul 1977 07:30:00 GMT
last-modified: Mon, 25 Dec 2023 22:49:08 GMT
cache-control: max-age=0
pragma: no-cache
set-cookie: 847ba=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNzAzNTQ0NTQ4fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNzAzNTQ0NTQ4fSxcInRpbWVcIjoxNzAzNTQ0NTQ4fSJ9.Pcop1gApUVEb67Z3TtV2456NkFEbqBqqSnbkPRZVquI; expires=Thu, 25-Jan-2024 22:49:09 GMT; Max-Age=2678400; path=/; domain=.kexkex.net
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TWZGU8fDc8MncSfrzSxXYN3xODql7HVyhyB%2FpgNEdIe8x1fgrhyiVdQZdX5ebXKfYdfHsuRFLfqgd0m1JBztVerc2naqxTiHfDi054bKERXixT2g%2B7apQeEreMNd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83b4a2b50dab4e0f-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Lato:wght@400;700&display=swap

142.250.147.95

200 OK

1.5 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Lato:wght@400;700&display=swap
IP
142.250.147.95:443
ASN
#15169 GOOGLE

Requested by
https://009d.imumetak.top/?utm_source=da57dc555e50572d&s1=201767&s2=1926975&j1=1&click_id=cb15c8pfyqeu38ne92&s3=585
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint10:D0:ED:9A:F4:53:C8:99:DE:B6:5E:5C:04:E6:20:0B:68:7D:46:EC
ValidityMon, 20 Nov 2023 08:08:50 GMT - Mon, 12 Feb 2024 08:08:49 GMT

File type
ASCII text, with very long lines (1566), with no line terminators
Size
1.5 kB (1530 bytes)
Hash
bef54a4f8ad5d25fc816b34ad3298c30
6e7414798c5ddeccd9b28f79316617dbe59c30ae
6f1630b5aa4ebf650967d76a891d2690f3ad4478da4875b9ad564335c40366c3

HTTP Headers

GET /css2?family=Lato:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 25 Dec 2023 22:49:10 GMT
date: Mon, 25 Dec 2023 22:49:10 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

scmirl.top/click?o=2&a=585&aff_click_id=1l695kfffpfqqcna&aff_param1=tiktokOpen

104.21.67.199

302 Found

46 kB

URL User Request GET HTTP/2
scmirl.top/click?o=2&a=585&aff_click_id=1l695kfffpfqqcna&aff_param1=tiktokOpen
IP
104.21.67.199:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectscmirl.top
Fingerprint6E:11:97:72:AA:D3:C4:87:AC:03:F8:BA:56:65:98:F0:F8:9A:01:83
ValidityWed, 29 Nov 2023 19:02:25 GMT - Tue, 27 Feb 2024 19:02:24 GMT

File type

Size
46 kB (46495 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /click?o=2&a=585&aff_click_id=1l695kfffpfqqcna&aff_param1=tiktokOpen HTTP/1.1
Host: scmirl.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Mon, 25 Dec 2023 22:49:09 GMT
content-type: text/html; charset=UTF-8
location: https://21d.bimuqq.top/click.php?key=lav6t81woikcpgjtxpyd&externalid=e53249e193606b98703b507aa27c285b&a=585&landing=tiktokOpen&sub_id1=
set-cookie: U-c81e728d9d4c2f636f067f89cc14862c=unique; expires=Wed, 24-Jan-2024 22:49:09 GMT; Max-Age=2592000; path=/; secure; SameSite=None
o_c81e728d9d4c2f636f067f89cc14862c=0e654cee-b79e-4991-8310-7ff576ce7e52; expires=Mon, 01-Jan-2024 22:49:09 GMT; Max-Age=604800; path=/; secure; SameSite=None
x-debug-tag: 658a06e551c57
x-debug-duration: 248
x-debug-link: /v-debugger/default/view?tag=658a06e551c57
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ynpa2quhe3Kwe%2BPQy8SLX8k7XnBaG78s5osY5MxsrQZ7xuzpVIBCIPLDtDHRh0w6Hu6hqdTKZBlW4GeEo1dG299mg5vTh1yTyg31pN%2BZjl3gesrC7n7lmRBZ%2BzAF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83b4a2b909add92a-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

21d.bimuqq.top/click.php?key=lav6t81woikcpgjtxpyd&externalid=e53249e193606b98703b507aa27c285b&a=585&landing=tiktokOpen&sub_id1=

172.67.171.171

302 Found

46 kB

URL User Request GET HTTP/2
21d.bimuqq.top/click.php?key=lav6t81woikcpgjtxpyd&externalid=e53249e193606b98703b507aa27c285b&a=585&landing=tiktokOpen&sub_id1=
IP
172.67.171.171:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectbimuqq.top
FingerprintE3:FA:5B:9F:6E:75:15:72:83:91:0F:9E:94:3E:97:D0:99:45:7F:BF
ValidityWed, 20 Dec 2023 20:41:16 GMT - Tue, 19 Mar 2024 20:41:15 GMT

File type

Size
46 kB (46495 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click.php?key=lav6t81woikcpgjtxpyd&externalid=e53249e193606b98703b507aa27c285b&a=585&landing=tiktokOpen&sub_id1= HTTP/1.1
Host: 21d.bimuqq.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Mon, 25 Dec 2023 22:49:09 GMT
content-type: text/html; charset=UTF-8
location: https://009d.imumetak.top/?utm_source=da57dc555e50572d&s1=201767&s2=1926975&j1=1&click_id=cb15c8pfyqeu38ne92&s3=585
set-cookie: uclick=8pfyqeu3fe; expires=Tue, 26-Dec-2023 22:49:09 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=8pfyqeu3fe-8pfyqeu3fe-fe-fe-wj-3y-6o-181ee8; expires=Tue, 26-Dec-2023 22:49:09 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclick=8pfyqeu3fe; expires=Tue, 26-Dec-2023 22:49:09 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=8pfyqeu3fe-8pfyqeu3i4-i4-b4fe-8pfe-8r37-8rx9-5954d2; expires=Tue, 26-Dec-2023 22:49:09 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclick=8pfyqeu3fe; expires=Tue, 26-Dec-2023 22:49:09 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=8pfyqeu3fe-8pfyqeu38n-vr-16bl-qdwj-syfy-17p2-19cf61; expires=Tue, 26-Dec-2023 22:49:09 GMT; Max-Age=86400; path=/; secure; SameSite=none
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TbtEjtjiGMPrI7NynG315fNpPXfdtH45pUn7pcB7pW76bEW3vohea2%2BDf8JHBoBD2wYCiJerOREnczSZpT%2B8NliOmvo55EwtgRRAh8231aWE9eW1LhE3OiGoAWlOrxe6eQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83b4a2bb6f1970f9-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn-dimi.akamaized.net/landings/284830/1701880242/js/jquery.min.js?1701880242

84.53.172.217

200 OK

86 kB

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/284830/1701880242/js/jquery.min.js?1701880242
IP
84.53.172.217:443
ASN
#20940 Akamai International B.V.

Requested by
https://009d.imumetak.top/?utm_source=da57dc555e50572d&s1=201767&s2=1926975&j1=1&click_id=cb15c8pfyqeu38ne92&s3=585
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (32065)
Size
86 kB (85578 bytes)
Hash
2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

HTTP Headers

GET /landings/284830/1701880242/js/jquery.min.js?1701880242 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://009d.imumetak.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: j8wAL5IpbpovjhiGW9sWoD0E3hmcN/Ol+Dhk8zkJN04DmByycAfWCz3Q1WcxSdNZlzgO3UpRbkk=
x-amz-request-id: 68JG561NQZQAD01P
Last-Modified: Wed, 06 Dec 2023 16:30:45 GMT
ETag: "2f6b11a7e914718e0290410e85366fe9"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 25 Dec 2023 22:49:10 GMT
Content-Length: 29855
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by