Report - progressie.click/control_greenlant?login=mflores@slurpmail.net

Report Overview

Submitted URL
progressie.click/control_greenlant?login=mflores@slurpmail.net
IP
104.21.37.9
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-08 02:37:14
Access
public
Website Title
SLURPMAIL VALIDATION SERVER
Final URL
jupita.top/_phoenix_delta/?login=mflores@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
Tags
phishing microsoft outlook suspicious
urlquery detections
Phishing - Microsoft Outlook
Suspicious - Anti-debugging code

Detections

urlquery
5
Network Intrusion Detection
0
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.google.com	7	1997-09-15	2015-05-10	2024-03-23	1.3 kB	2.5 kB	142.250.74.164
t3.gstatic.com	unknown	2008-02-11	2013-05-06	2024-05-07	3.0 kB	9.4 kB	142.250.74.100
wakandos.top	unknown	2024-01-12	2024-01-12	2024-04-12	508 B	0 B	0.0.0.0
progressie.click	unknown	unknown	No data	No data	433 B	885 B	172.67.202.43
jupita.top	unknown	2024-02-10	2024-02-12	2024-02-13	4.2 kB	52 kB	172.67.208.46
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-05-07	860 B	118 kB	216.58.207.202
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2024-05-07	1.9 kB	2.0 kB	104.17.3.184

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-07	medium	jupita.top	Sinkholed
2024-05-07	medium	jupita.top	Sinkholed
2024-05-07	medium	jupita.top	Sinkholed
2024-05-07	medium	jupita.top	Sinkholed
2024-05-07	medium	jupita.top	Sinkholed
2024-05-07	medium	jupita.top	Sinkholed

ThreatFox

No alerts detected

JavaScript (16)

	URL	Size	First Seen	Last Seen
	ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.js	289 kB	2023-03-07	2024-05-19
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.js IP 216.58.207.202 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:59 Last Seen2024-05-19 15:05:05 Times Seen5961 Hash 2849239b95f5a9a2aea3f6ed9420bb88 af32f706407ab08f800c5e697cce92466e735847 1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239 Loading...

	jupita.top/_phoenix_delta/?login=mflores@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null	770 B	2024-05-08	2024-05-08
Pretty URL jupita.top/_phoenix_delta/?login=mflores@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null IP 172.67.208.46 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-08 04:37:21 Last Seen2024-05-08 04:37:21 Times Seen1 Hash d62394ab34a52637623d856fae6227ed 471f447c507d3fd5181ab13bfa9d9d447d6188b2 b0918f270dbf9174cde4fc813b66f5bbf371f897c6ed66c6cf880a61fc384ab0 Loading...

	jupita.top/_phoenix_delta/?login=mflores@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null	4.6 kB	2024-05-08	2024-05-08
Pretty URL jupita.top/_phoenix_delta/?login=mflores@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null IP 172.67.208.46 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-08 04:37:21 Last Seen2024-05-08 04:37:21 Times Seen1 Hash 4461aef4df739d9250dfa241d25cf037 0e641d9e23e5c4a1f68a35aeea8e0e95e51a5149 ebc0a910bb8d9339a2d1d2123ce736028ca579767914c57738e24265913b99df Loading...

	jupita.top/_phoenix_delta/?login=mflores@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null	3.3 kB	2023-11-27	2024-05-15
Pretty URL jupita.top/_phoenix_delta/?login=mflores@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null IP 172.67.208.46 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-27 12:26:41 Last Seen2024-05-15 00:01:13 Times Seen72 Hash 610e169f49420d6ecd4a5d01a0fa0067 b54ab7b4308e9871a26780aabd7f55a063ea5247 00795e94566047ee75ea7bf8b47ae8c31cd69acd630257d2d779d82826325095 Loading...

	unknown	286 B	2023-11-23	2024-05-14
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2023-11-23 20:51:09 Last Seen2024-05-14 22:13:47 Times Seen46 Hash 19f117322afd1c16df419c8e2b3fecbe c2b3516d2d479fc5fd6d85225628392f7693e2e5 904336137915b56c184b3e411b0e3bd715129ca453ca07c453d8d2fc94682f12 Loading...

	jupita.top/_phoenix_delta/?login=mflores@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null	801 B	2023-11-30	2024-05-15
Pretty URL jupita.top/_phoenix_delta/?login=mflores@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null IP 172.67.208.46 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-30 14:59:27 Last Seen2024-05-15 00:01:13 Times Seen67 Hash 6c271dfc7e3137a7723aae64b1b329ef 6a9a54bd0392eef3ace7b62369af871e6423d2b3 76887040e2867d2a6b677f57fd36f0ecf85954911ddc0a584ca549dd153d9b2b Loading...

	jupita.top/_phoenix_delta/?login=mflores@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null	3.6 kB	2024-02-12	2024-05-15
Pretty URL jupita.top/_phoenix_delta/?login=mflores@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null IP 172.67.208.46 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-12 08:59:27 Last Seen2024-05-15 00:01:13 Times Seen45 Hash 551cf70b40dbcf27fde509c02fdbd20d c93a4f8ee53042b94d2eb5c97d503bbd95a30c38 b977154685e009ce68b497f4f18c0aa3715ce6893f5f57dacd4b2a1e0ae15ae3 Loading...

	jupita.top/_phoenix_delta/?login=mflores@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null	164 B	2023-09-21	2024-05-15
Pretty URL jupita.top/_phoenix_delta/?login=mflores@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null IP 172.67.208.46 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-21 04:40:49 Last Seen2024-05-15 00:01:13 Times Seen107 Hash 96b36f7056f826a9c56b58f55209e794 7527670b480831c52ac5e937b947165c068af7b8 d117e0f32484b25a090d43594ea2b402631eb26a9b54644b8370aa53ecf47af3 Loading...

	jupita.top/_phoenix_delta/?login=mflores@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null	505 B	2023-09-21	2024-05-15
Pretty URL jupita.top/_phoenix_delta/?login=mflores@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null IP 172.67.208.46 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-21 04:40:49 Last Seen2024-05-15 00:01:13 Times Seen107 Hash d448320e57b792a64d70313976f5289d 3bcc06ab5e68132d2f23f7a987e62da38678737d aed1faff5be5d21a70535423e23cff580204c8ffaec4b6d584d9b112b5f5b0f2 Loading...

		Size	First Seen	Last Seen
	#1 Eval - cac284a2280bab9a0e301cec570d8c08	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 04:37:21 Last Seen2024-05-08 04:37:21 Times Seen1 Hash cac284a2280bab9a0e301cec570d8c08 55f69e32f68966043a11ef3d3db2a82c16696f48 7c0bead42b7d48c32c3f642945d8e69a22fb69e0cc05cc1b2d3c8f64b7665260 Loading...

	#2 Eval - 44ce9c2b5dbdc0f28d7037c070550b74	62 B	2024-05-03	2024-05-09
Pretty Observations First Seen2024-05-03 14:37:29 Last Seen2024-05-09 15:26:38 Times Seen386 Hash 44ce9c2b5dbdc0f28d7037c070550b74 a9d8ff605c113bef81e606ea0bb2d8b0d65bd13e b87899b17160a1ab0138f3ff2eacc0c7c9107f22f6ab3ad6e9d9973b98deb26d Loading...

	#3 Eval - 54673c751c5a511f97ddd8dd5dc2cbf1	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 04:37:21 Last Seen2024-05-08 04:37:21 Times Seen1 Hash 54673c751c5a511f97ddd8dd5dc2cbf1 319d5766fc9e7b6beb266a47a08a94053fd4755e c27cdecd15092b471b7e4c57666d2e1a5a24e7a53d0d6d337f654a584fb4901a Loading...

	#4 Eval - 8a858ac1e7ff60bd273da24c151cf8a6	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 04:37:21 Last Seen2024-05-08 04:37:21 Times Seen1 Hash 8a858ac1e7ff60bd273da24c151cf8a6 8508990cef19cf886cb2478bdbea22d88bb31b95 cf1e6dbb8c5f3fec81af5740aa5ba1a197c7040d66aa6af4c3a0f3199f2240c2 Loading...

	#5 Eval - 633a0ee5fa15ac9ed43f99112925e556	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 04:37:21 Last Seen2024-05-08 04:37:21 Times Seen1 Hash 633a0ee5fa15ac9ed43f99112925e556 de1b94cd39c743e2feb298bc2b3c98adea9fed0e aaa38da95e51ba0e46f8dd25efe3a32d0b096a90df7c04576243c50dee2b2eb7 Loading...

	#6 Eval - 69ea53b2bbf5aac479d79f4136bf40c0	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 04:37:21 Last Seen2024-05-08 04:37:21 Times Seen1 Hash 69ea53b2bbf5aac479d79f4136bf40c0 97c371bdd688fabcb2caba051428a0c70d2020a9 15aa8d00bcad00c9100474d6099f727c493ac957af1dadc09ffdfd04974f99e0 Loading...

	#7 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07	2024-05-19
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-05-19 23:21:51 Times Seen353127 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

HTTP Transactions (22)

URL IP Response Size

progressie.click/control_greenlant/?login=mflores@slurpmail.net

172.67.202.43

167 B

URL
progressie.click/control_greenlant/?login=mflores@slurpmail.net
IP
172.67.202.43:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
0104c301c5e02bd6148b8703d19b3a73
7436e0b4b1f8c222c38069890b75fa2baf9ca620
446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

HTTP Headers

GET /control_greenlant/?login=mflores@slurpmail.net HTTP/1.1
Host: progressie.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Wed, 08 May 2024 02:36:49 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 08 May 2024 03:36:49 GMT
Location: https://progressie.click/control_greenlant/?login=mflores@slurpmail.net
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y7cF%2FcoCvfigqp%2BhnI%2FZHhYS7GMY3ncsxlW%2FiPsftJOh7YtSBvdoMWL4nd6xmlVkVcNiqLj5XXTZcarlHnsJ406P1dhg734YdNmQXlTAla1Aey6zD%2BJVbB1LdXsyGkloudpj"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 880610794e7956c9-OSL
alt-svc: h2=":443"; ma=60

jupita.top/_phoenix_delta/?login=mflores@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null

172.67.208.46

200 OK

832 B

URL User Request GET HTTP/3
jupita.top/_phoenix_delta/?login=mflores@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
IP
172.67.208.46:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectjupita.top
Fingerprint9E:5B:A3:A8:86:17:B2:D3:02:73:C1:56:80:93:96:CC:EA:89:5C:6D
ValidityThu, 18 Apr 2024 20:57:05 GMT - Wed, 17 Jul 2024 20:57:04 GMT

File type
HTML document, ASCII text, with very long lines (1847), with no line terminators
Size
832 B (832 bytes)
Hash
a3828471683c2a5188f419f5e206211e
6c07ef1c91d03b55a705623a8b388ad14ab6c202
a8319a2e5f6f0d5679701b6292fb6885f4e5a7750af2f1e26ea7ca86bf761822

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook
urlquery	suspicious	Suspicious - Anti-debugging code
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_phoenix_delta/?login=mflores@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null HTTP/1.1
Host: jupita.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://progressie.click/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Wed, 08 May 2024 02:36:50 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.30
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8opy4M0KOUUsRyTm0kYdVbM82TEj6PbVAArRzW0PGH8bU51gj%2Ff3O%2FS1n3eH7%2Btj1GProu8qwFKFiIItQfdoA2CCbm9pNHgD%2BcebkdobRSUNxqy%2B6x2rbwEQRQ6Q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8806107f08b056be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js

216.58.207.202

31 kB

URL
ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js
IP
216.58.207.202:0
ASN
#15169 GOOGLE

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (31191 bytes)
Hash
cf2fbbf84281d9ecbffb4993203d543b
832a6a4e86daf38b1975d705c5de5d9e5f5844bc
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

HTTP Headers

GET /ajax/libs/jquery/3.6.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jupita.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:01:09 GMT
expires: Fri, 02 May 2025 02:01:09 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Wed, 11 Jan 2023 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 520542
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

jupita.top/cdn-cgi/challenge-platform/scripts/jsd/main.js

172.67.208.46

0 B

URL
jupita.top/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
172.67.208.46:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectjupita.top
Fingerprint9E:5B:A3:A8:86:17:B2:D3:02:73:C1:56:80:93:96:CC:EA:89:5C:6D
ValidityThu, 18 Apr 2024 20:57:05 GMT - Wed, 17 Jul 2024 20:57:04 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: jupita.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Wed, 08 May 2024 02:36:51 GMT
content-length: 0
access-control-allow-origin: *
cache-control: max-age=300, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i1j%2Fb%2Baf8krpFo21CIZBZjCQAcHBIlsbCIEC5pUywoKd2TnsM7dtSekckhuYJDrF1nAX%2BtQFgh2MKmUwXRlvXNpTVccP9OFbysp8fv6B1Aa0ds2WyoZ0I4ime80J"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880610835d94b4ee-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D

104.17.3.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/4s297/0x4AAAAAAAXjXiXiV7KvBpAv/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 02:36:51 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 880610842f7856a4-OSL
alt-svc: h3=":443"; ma=86400

jupita.top/cdn-cgi/challenge-platform/h/b/jsd/r/8806107f08b056be

172.67.208.46

0 B

URL
jupita.top/cdn-cgi/challenge-platform/h/b/jsd/r/8806107f08b056be
IP
172.67.208.46:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectjupita.top
Fingerprint9E:5B:A3:A8:86:17:B2:D3:02:73:C1:56:80:93:96:CC:EA:89:5C:6D
ValidityThu, 18 Apr 2024 20:57:05 GMT - Wed, 17 Jul 2024 20:57:04 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/jsd/r/8806107f08b056be HTTP/1.1
Host: jupita.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12308
Origin: https://jupita.top
DNT: 1
Connection: keep-alive
Referer: https://jupita.top/_phoenix_delta/?login=mflores@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 02:36:51 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=Gd2Kyfm3WW8Jr72120RRIUh5QFTzUwCPbdAxM47vmTk-1715135811-1.0.1.1-wH7BHG.CrnjISmlnw_shRs98auOFv6GbLU9IoDC3cNBPaNY9v_QYrG3D8cpv0ygADNrPewKcRYaDyEHCwaxVdQ; Path=/; Expires=Thu, 08-May-25 02:36:51 GMT; Domain=.jupita.top; HttpOnly; Secure; SameSite=None; Partitioned
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bqj0YY%2BpEip0YsJzeeBp3kfC%2BKUSqquE7CpFDIFSKaZ9S5fDWY5LpDKQRNowsVRL%2BUAlwujoS1iLrjQ4IWKXZzBN3ZbQ2oVWEdqB4rYPjePPZXWSFRGjIFggEB4Q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880610848e37b4ee-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/880610837f3756a4/1715135811524/08dc86656abb52bd3ea50f82c314dc118d780633546242cf730cc7165f969ef3/JXzU9wnplihuk5Y

104.17.3.184

1 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/880610837f3756a4/1715135811524/08dc86656abb52bd3ea50f82c314dc118d780633546242cf730cc7165f969ef3/JXzU9wnplihuk5Y
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/pat/880610837f3756a4/1715135811524/08dc86656abb52bd3ea50f82c314dc118d780633546242cf730cc7165f969ef3/JXzU9wnplihuk5Y HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/4s297/0x4AAAAAAAXjXiXiV7KvBpAv/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 401 Unauthorized
date: Wed, 08 May 2024 02:36:52 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gCNyGZWq7Ur0-pQ-CwxTcEY14BjNUYkLPcwzHFl-WnvMAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAwJNLx-F--HQ4G6w81Lqhm55Wqle9iE4E64E37YL7QkK_ylJ-Dsmf1v3knq_MpBi8JncpUaWMssdL2Aha6xVtTuit-n3zEDZCW0VR_73N-Mc6DxdptQ_jsmIxis7apwux2f5L0gN0Z4K9C36tRcIL-chm-gijHvxrbhcCYusNwrgAlFaiqNWBqxKTiuPduHX4CNzNb7BAiNPz7ppY7Xn1WjmxSB-BaqSVLCYtDy-Mw41UBzE3QEcVUcRH9er-MksFvohzvhlnTTonFaMyAUYx3d_uCdDannmVQhRsm-aJs_P_GGe1TX3e9g5Sy-NmhGrro0kncbPlfTwFxa8SwJ5-8QIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIAjchmVqu1K9PqUPgsMU3BGNeAYzVGJCz3MMxxZflp7zABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAi_Bv1vvWWnyuOfVJgRV-AQLxEJECUUmMRrMnYz-gJA-oMd79ajvP3atoTZqB_EsZIq7SMmpbCRFhPolqzIrtXh7AF1Q-ZWY2RoRVRgKr7d6iJMZ49iZUmbz837eqBZJrEMuXftZmY35str5sb0GjzklF8z_hcQJC9vancYXncsYoiMDaROW0tLwSQA9BGfbmA6GlbVj4XH8DH19cKifxmO6RlIPPKlL1KmZbrRakkpuqvJO2-x1Zc2S5GCpponuvQTqJQH8Ud9loZLI75e-Xa9KAUNtBTM0t9WSEsv8cSJLV1BPBVTy1lOnwghofw4fqmlYv6CXClzAUqWouSTJ7uwIDAQAB", max-age=20
server: cloudflare
cf-ray: 8806108e2cd256a4-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/880610837f3756a4/1715135811527/nrGbc0jIYAbuFcY

104.17.3.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/880610837f3756a4/1715135811527/nrGbc0jIYAbuFcY
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 15 x 42, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
73a86372a426944cb046310201597c59
789a575334374973d99ea12b53fbbaf90d05bcbc
de41c748a75ce89c3a5300923a0070d296491ca9c40460558db892584703d532

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/i/880610837f3756a4/1715135811527/nrGbc0jIYAbuFcY HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/4s297/0x4AAAAAAAXjXiXiV7KvBpAv/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 02:36:53 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 88061090df2556a4-OSL
alt-svc: h3=":443"; ma=86400

jupita.top/cdn-cgi/challenge-platform/h/b/rc/880610837f3756a4

172.67.208.46

21 B

URL
jupita.top/cdn-cgi/challenge-platform/h/b/rc/880610837f3756a4
IP
172.67.208.46:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectjupita.top
Fingerprint9E:5B:A3:A8:86:17:B2:D3:02:73:C1:56:80:93:96:CC:EA:89:5C:6D
ValidityThu, 18 Apr 2024 20:57:05 GMT - Wed, 17 Jul 2024 20:57:04 GMT

File type
JSON text data
Size
21 B (21 bytes)
Hash
018598ff9794435b440d1bbf293cc10f
9129b0ca1a4febdf97636946a1fe7be8abf11890
898a24300baa285e173627eb7801c18db52748bb2119f56a71dcce0a5f8c8063

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/rc/880610837f3756a4 HTTP/1.1
Host: jupita.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jupita.top/_phoenix_delta/?login=mflores@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
Content-Type: application/json
Content-Length: 596
Origin: https://jupita.top
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=Gd2Kyfm3WW8Jr72120RRIUh5QFTzUwCPbdAxM47vmTk-1715135811-1.0.1.1-wH7BHG.CrnjISmlnw_shRs98auOFv6GbLU9IoDC3cNBPaNY9v_QYrG3D8cpv0ygADNrPewKcRYaDyEHCwaxVdQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 02:36:53 GMT
content-type: application/json
content-length: 21
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
set-cookie: cf_clearance=SyG3YQpS2l48iKTIqbNvlV9fpfMoB.57_weyh2yEyOI-1715135813-1.0.1.1-BmCwBt9kilU7gTPHLHYTrviKR6L93HupHdJDbjCCDlMh6Ydd1VP3xtp5gb7E5SqftuMFhVF.cPbYfEKO519zNw; Path=/; Expires=Thu, 08-May-25 02:36:53 GMT; Domain=.jupita.top; HttpOnly; Secure; SameSite=None; Partitioned
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ERnEH8D2rg9weOIgTavPJMPdxeqrw1656Y%2F1xNU9JHyjOSryXE2MEzlgaTvGByuVCTktCWs8NY4dKzkCTwsfMT4Gy9PCdKCWXVtPiwRP5Q0pHYsJLZAavMCt%2F1Xc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88061091fe0db4ee-OSL
alt-svc: h3=":443"; ma=86400

jupita.top/_phoenix_delta/functions/spinner.gif

172.67.208.46

200 OK

46 kB

URL GET HTTP/3
jupita.top/_phoenix_delta/functions/spinner.gif
IP
172.67.208.46:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jupita.top/_phoenix_delta/?login=mflores@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
Certificate
IssuerLet's Encrypt
Subjectjupita.top
Fingerprint9E:5B:A3:A8:86:17:B2:D3:02:73:C1:56:80:93:96:CC:EA:89:5C:6D
ValidityThu, 18 Apr 2024 20:57:05 GMT - Wed, 17 Jul 2024 20:57:04 GMT

File type
GIF image data, version 89a, 48 x 48
Size
46 kB (46341 bytes)
Hash
bab0ad7ce20e911217791c00bcd4e35b
0822ac44951def4349090998b9ecb153128f03d5
bd750f550a5db2901c0bd52ec564da6adfbad55562b862b1f125d96d9d62b026

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_phoenix_delta/functions/spinner.gif HTTP/1.1
Host: jupita.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jupita.top/_phoenix_delta/?login=mflores@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
Cookie: cf_clearance=SyG3YQpS2l48iKTIqbNvlV9fpfMoB.57_weyh2yEyOI-1715135813-1.0.1.1-BmCwBt9kilU7gTPHLHYTrviKR6L93HupHdJDbjCCDlMh6Ydd1VP3xtp5gb7E5SqftuMFhVF.cPbYfEKO519zNw; captcha=1; PHPSESSID=1m3eb96c3pg35349glog3m8kr2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 02:36:54 GMT
content-type: image/gif
content-length: 46341
last-modified: Wed, 07 Oct 2020 21:45:56 GMT
etag: "b505-5b11ba3eced00"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1775
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z8wLqrv7ze%2Bd3050DeYyBH02MResOloAeku%2B9fIGpIgZzDRdibuqOsrA7wOHvjXxZ1cGtIbPeOZ7kNRCLRL5BUKs%2F5JwaXETZGW%2BJBGTV9wkxoWFaT8O9rcOymY5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880610962880b4ee-OSL
alt-svc: h3=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.js

216.58.207.202

200 OK

85 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.js
IP
216.58.207.202:443
ASN
#15169 GOOGLE

Requested by
https://jupita.top/_phoenix_delta/?login=mflores@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
JavaScript source, ASCII text
Size
85 kB (85110 bytes)
Hash
2849239b95f5a9a2aea3f6ed9420bb88
af32f706407ab08f800c5e697cce92466e735847
1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239

HTTP Headers

GET /ajax/libs/jquery/3.6.0/jquery.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jupita.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 85110
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 05:06:55 GMT
expires: Sat, 03 May 2025 05:06:55 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 422999
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/s2/favicons?domain=slurpmail.net

142.250.74.164

301 Moved Permanently

333 B

URL GET HTTP/2
www.google.com/s2/favicons?domain=slurpmail.net
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://jupita.top/_phoenix_delta/?login=mflores@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintC6:A2:DC:31:5A:53:FA:DD:55:71:A3:F4:DD:43:3D:16:71:B8:B3:99
ValidityTue, 16 Apr 2024 04:20:32 GMT - Tue, 09 Jul 2024 04:20:31 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
333 B (333 bytes)
Hash
163cb133e2886f3b6eaabea5f70739f7
7082b58b9cb2152535d72da185a146d054f759db
259357199437e9fdeafa2666b61863857dcee43bf0d6e48aea77f2f7d4a142f2

HTTP Headers

GET /s2/favicons?domain=slurpmail.net HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jupita.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 08 May 2024 02:36:54 GMT
expires: Wed, 08 May 2024 03:06:54 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 333
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/s2/favicons?domain=slurpmail.net

142.250.74.164

301 Moved Permanently

333 B

URL GET HTTP/2
www.google.com/s2/favicons?domain=slurpmail.net
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://jupita.top/_phoenix_delta/?login=mflores@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintC6:A2:DC:31:5A:53:FA:DD:55:71:A3:F4:DD:43:3D:16:71:B8:B3:99
ValidityTue, 16 Apr 2024 04:20:32 GMT - Tue, 09 Jul 2024 04:20:31 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
333 B (333 bytes)
Hash
163cb133e2886f3b6eaabea5f70739f7
7082b58b9cb2152535d72da185a146d054f759db
259357199437e9fdeafa2666b61863857dcee43bf0d6e48aea77f2f7d4a142f2

HTTP Headers

GET /s2/favicons?domain=slurpmail.net HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jupita.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 301 Moved Permanently
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16
x-content-type-options: nosniff
server: sffe
content-length: 333
x-xss-protection: 0
date: Wed, 08 May 2024 02:36:54 GMT
expires: Wed, 08 May 2024 03:06:54 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/s2/favicons?domain=slurpmail.net

142.250.74.164

301 Moved Permanently

333 B

URL GET HTTP/2
www.google.com/s2/favicons?domain=slurpmail.net
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://jupita.top/_phoenix_delta/?login=mflores@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintC6:A2:DC:31:5A:53:FA:DD:55:71:A3:F4:DD:43:3D:16:71:B8:B3:99
ValidityTue, 16 Apr 2024 04:20:32 GMT - Tue, 09 Jul 2024 04:20:31 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
333 B (333 bytes)
Hash
163cb133e2886f3b6eaabea5f70739f7
7082b58b9cb2152535d72da185a146d054f759db
259357199437e9fdeafa2666b61863857dcee43bf0d6e48aea77f2f7d4a142f2

HTTP Headers

GET /s2/favicons?domain=slurpmail.net HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jupita.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 301 Moved Permanently
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16
x-content-type-options: nosniff
server: sffe
content-length: 333
x-xss-protection: 0
date: Wed, 08 May 2024 02:36:54 GMT
expires: Wed, 08 May 2024 03:06:54 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16

142.250.74.100

734 B

URL
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16
IP
142.250.74.100:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
734 B (734 bytes)
Hash
b864010428c077910c5ca240cf245bb6
f9715aa21b66802df7df8d5cb7d567b90542c042
dd7125f39db361fa801a74d09c1f48800926bfdbd241c67152cfcfa04402d665

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jupita.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-location: http://slurpmail.net/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 734
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 08 May 2024 02:07:19 GMT
expires: Wed, 15 May 2024 02:07:19 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
content-type: image/png
age: 1775
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16

142.250.74.100

734 B

URL
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16
IP
142.250.74.100:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
734 B (734 bytes)
Hash
b864010428c077910c5ca240cf245bb6
f9715aa21b66802df7df8d5cb7d567b90542c042
dd7125f39db361fa801a74d09c1f48800926bfdbd241c67152cfcfa04402d665

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jupita.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-location: http://slurpmail.net/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 734
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 08 May 2024 02:07:19 GMT
expires: Wed, 15 May 2024 02:07:19 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
content-type: image/png
age: 1775
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16

142.250.74.100

734 B

URL
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16
IP
142.250.74.100:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
734 B (734 bytes)
Hash
b864010428c077910c5ca240cf245bb6
f9715aa21b66802df7df8d5cb7d567b90542c042
dd7125f39db361fa801a74d09c1f48800926bfdbd241c67152cfcfa04402d665

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jupita.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-location: http://slurpmail.net/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 734
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 08 May 2024 02:07:19 GMT
expires: Wed, 15 May 2024 02:07:19 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
content-type: image/png
age: 1775
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16

142.250.74.100

200 OK

734 B

URL GET HTTP/2
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16
IP
142.250.74.100:443
ASN
#15169 GOOGLE

Requested by
https://jupita.top/_phoenix_delta/?login=mflores@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
734 B (734 bytes)
Hash
b864010428c077910c5ca240cf245bb6
f9715aa21b66802df7df8d5cb7d567b90542c042
dd7125f39db361fa801a74d09c1f48800926bfdbd241c67152cfcfa04402d665

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jupita.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-location: http://slurpmail.net/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 734
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 08 May 2024 02:07:19 GMT
expires: Wed, 15 May 2024 02:07:19 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
content-type: image/png
age: 1775
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

jupita.top/favicon.ico

172.67.208.46

404 Not Found

297 B

URL GET HTTP/3
jupita.top/favicon.ico
IP
172.67.208.46:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jupita.top/_phoenix_delta/?login=mflores@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
Certificate
IssuerLet's Encrypt
Subjectjupita.top
Fingerprint9E:5B:A3:A8:86:17:B2:D3:02:73:C1:56:80:93:96:CC:EA:89:5C:6D
ValidityThu, 18 Apr 2024 20:57:05 GMT - Wed, 17 Jul 2024 20:57:04 GMT

File type
HTML document, ASCII text, with very long lines (308), with no line terminators
Size
297 B (297 bytes)
Hash
7326a5f603b201994351a570417f6b60
c930416a03575409c05b0b30f5ee5fd48293a289
63e7e5940f92b8dc2808c4207712e7db4da75fcba737666f8e22cefeca3b855e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: jupita.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jupita.top/_phoenix_delta/?login=mflores@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
Cookie: cf_clearance=SyG3YQpS2l48iKTIqbNvlV9fpfMoB.57_weyh2yEyOI-1715135813-1.0.1.1-BmCwBt9kilU7gTPHLHYTrviKR6L93HupHdJDbjCCDlMh6Ydd1VP3xtp5gb7E5SqftuMFhVF.cPbYfEKO519zNw; captcha=1; PHPSESSID=1m3eb96c3pg35349glog3m8kr2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Wed, 08 May 2024 02:36:54 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: HIT
age: 3
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fSXC64jxeyHTvXWEjQebbqRi2CKzWlFZRCx8Wg5KFdUfR0UuSo%2F%2Bp5KTrTwRLaCYCDY%2FhUoo4ozPmTFknt7iOmLE3Be45iyNt9JanAI%2FEOFXVj85inbGNAd%2Be8%2Fg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88061097092eb4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16

142.250.74.100

200 OK

734 B

URL GET HTTP/2
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16
IP
142.250.74.100:443
ASN
#15169 GOOGLE

Requested by
https://jupita.top/_phoenix_delta/?login=mflores@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
734 B (734 bytes)
Hash
b864010428c077910c5ca240cf245bb6
f9715aa21b66802df7df8d5cb7d567b90542c042
dd7125f39db361fa801a74d09c1f48800926bfdbd241c67152cfcfa04402d665

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jupita.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-location: http://slurpmail.net/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 734
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 08 May 2024 02:07:19 GMT
expires: Wed, 15 May 2024 02:07:19 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
content-type: image/png
age: 1775
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

wakandos.top/usp_Enigma_premium_users/admin/kfud_loader.php?login=mflores@slurpmail.net&page=null&hide_email=true

0.0.0.0

0 B

URL GET
wakandos.top/usp_Enigma_premium_users/admin/kfud_loader.php?login=mflores@slurpmail.net&page=null&hide_email=true
IP
0.0.0.0:0
ASN
#0

Requested by
https://jupita.top/_phoenix_delta/?login=mflores@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /usp_Enigma_premium_users/admin/kfud_loader.php?login=mflores@slurpmail.net&page=null&hide_email=true HTTP/1.1
Host: wakandos.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jupita.top
DNT: 1
Connection: keep-alive
Referer: https://jupita.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16

142.250.74.100

200 OK

734 B

URL GET HTTP/2
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16
IP
142.250.74.100:443
ASN
#15169 GOOGLE

Requested by
https://jupita.top/_phoenix_delta/?login=mflores@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
734 B (734 bytes)
Hash
b864010428c077910c5ca240cf245bb6
f9715aa21b66802df7df8d5cb7d567b90542c042
dd7125f39db361fa801a74d09c1f48800926bfdbd241c67152cfcfa04402d665

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jupita.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-location: http://slurpmail.net/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 734
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 08 May 2024 02:07:19 GMT
expires: Wed, 15 May 2024 02:07:19 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
content-type: image/png
age: 1775
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (16)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL