| zerossl.ocsp.sectigo.com/ | 172.64.149.23 | | 314 B |
URL zerossl.ocsp.sectigo.com/ IP172.64.149.23:0
Hash978df26ad5c56893ddf4cf17700c37ef 99d447f29601e34a192173baa1c225dff1c16f19 5bc44e8aff11c48e18c33b01363b8bcf4f28a459c36a117f75e32a4fb0430339
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 19:26:01 GMT
Content-Type: application/ocsp-response
Content-Length: 314
Connection: keep-alive
Last-Modified: Mon, 06 May 2024 11:45:03 GMT
Expires: Mon, 13 May 2024 11:45:02 GMT
Etag: "99d447f29601e34a192173baa1c225dff1c16f19"
Cache-Control: max-age=403740,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 880bd6ccac045696-OSL
|
|
| | 196.245.55.20 | 301 Moved Permanently | 231 B |
URL User Request GET HTTP/2IP196.245.55.20:443 ASN#58065 Orion Network Limited
CertificateIssuerZeroSSL Subjectgantuk.net FingerprintB8:7D:8B:82:16:37:34:00:14:E0:54:4C:A5:9C:80:12:83:74:3E:1E ValidityMon, 06 May 2024 00:00:00 GMT - Sun, 04 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text Hashb00a7888c09844a63c64cc8b6c0e0b58 0a6ead89a0e52a7e77ec47ed657b1a5a91cc310a 88856b9180cae0b70e25112f57cf630b592e2f39cfbfaf1331fc1faffebe97a5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: gantuk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 08 May 2024 19:26:02 GMT
content-type: text/html; charset=iso-8859-1
content-length: 231
location: https://www.gantuk.net/
X-Firefox-Spdy: h2
|
|
| | 196.245.55.20 | 200 OK | 8.3 kB |
URL User Request GET HTTP/2IP196.245.55.20:443 ASN#58065 Orion Network Limited
CertificateIssuerZeroSSL Subjectgantuk.net FingerprintB8:7D:8B:82:16:37:34:00:14:E0:54:4C:A5:9C:80:12:83:74:3E:1E ValidityMon, 06 May 2024 00:00:00 GMT - Sun, 04 Aug 2024 23:59:59 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (2218) Hash80179bfbeaa9307d31f6a923fef3ab46 36e02c54d34baac49c6280d12633280293a56ba9 49e37a76935f37751df36fb948deaa0d6f71ac0b509171eff546251622d5e1d1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: www.gantuk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:26:02 GMT
content-type: text/html; charset=utf-8
content-length: 8341
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
set-cookie: zenid=khr5669bed1bsefpc2p53c5bcr; path=/; domain=.www.gantuk.net; secure; HttpOnly; SameSite=lax
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.gantuk.net/images/loader.gif | 196.245.55.20 | 200 OK | 35 kB |
URL GET HTTP/2www.gantuk.net/images/loader.gif IP196.245.55.20:443 ASN#58065 Orion Network Limited
CertificateIssuerZeroSSL Subjectgantuk.net FingerprintB8:7D:8B:82:16:37:34:00:14:E0:54:4C:A5:9C:80:12:83:74:3E:1E ValidityMon, 06 May 2024 00:00:00 GMT - Sun, 04 Aug 2024 23:59:59 GMT
File typeGIF image data, version 89a, 128 x 38 Hash362e988184d842aea3a0b5d09a64d13e e4ab705fb063ffd2645ce8a25e59e889e98f211c 82656f23517068a7b3d92badc8c29716e53654cd2574d330b08823ca7f7b8fa4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/loader.gif HTTP/1.1
Host: www.gantuk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Cookie: zenid=khr5669bed1bsefpc2p53c5bcr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:26:03 GMT
content-type: image/gif
content-length: 35011
last-modified: Thu, 09 Jun 2022 03:23:04 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "62a16798-88c3"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.gantuk.net/includes/templates/gantuk/images/logo.svg | 196.245.55.20 | 200 OK | 477 B |
URL GET HTTP/2www.gantuk.net/includes/templates/gantuk/images/logo.svg IP196.245.55.20:443 ASN#58065 Orion Network Limited
CertificateIssuerZeroSSL Subjectgantuk.net FingerprintB8:7D:8B:82:16:37:34:00:14:E0:54:4C:A5:9C:80:12:83:74:3E:1E ValidityMon, 06 May 2024 00:00:00 GMT - Sun, 04 Aug 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash7d99d386e8ab49ee5cb4883ef40fc228 5d70140043920858829d294a782c33922d1904dc 45fff2dd564cab2b9578a7d0bb80a3bbc4bab23ac23a0133c2ed835d974d4651
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/gantuk/images/logo.svg HTTP/1.1
Host: www.gantuk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Cookie: zenid=khr5669bed1bsefpc2p53c5bcr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:26:03 GMT
content-type: image/svg+xml
content-length: 477
x-accel-version: 0.01
accept-ranges: bytes
cache-control: max-age=864000, public, must-revalidate
expires: Wed, 08 May 2024 19:31:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.gantuk.net/includes/templates/gantuk/jscript/jscript_cookies.js | 196.245.55.20 | 200 OK | 430 B |
URL GET HTTP/2www.gantuk.net/includes/templates/gantuk/jscript/jscript_cookies.js IP196.245.55.20:443 ASN#58065 Orion Network Limited
CertificateIssuerZeroSSL Subjectgantuk.net FingerprintB8:7D:8B:82:16:37:34:00:14:E0:54:4C:A5:9C:80:12:83:74:3E:1E ValidityMon, 06 May 2024 00:00:00 GMT - Sun, 04 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (745), with no line terminators Hash65807f4bee7bcb4f6af769919ee805d3 c75e394f474f9238cb539f8b7ef9708cc083eff2 6979054ef7300efc7abcaefb0168e095f82adc208a00837ae1a95e0f72e2b598
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/gantuk/jscript/jscript_cookies.js HTTP/1.1
Host: www.gantuk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Cookie: zenid=khr5669bed1bsefpc2p53c5bcr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:26:03 GMT
content-type: application/javascript
content-length: 430
x-accel-version: 0.01
last-modified: Thu, 08 Jun 2023 02:43:32 GMT
accept-ranges: bytes
cache-control: max-age=300
expires: Wed, 08 May 2024 19:31:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.gantuk.net/includes/templates/gantuk/jscript/jscript_extend.js | 196.245.55.20 | 200 OK | 302 B |
URL GET HTTP/2www.gantuk.net/includes/templates/gantuk/jscript/jscript_extend.js IP196.245.55.20:443 ASN#58065 Orion Network Limited
CertificateIssuerZeroSSL Subjectgantuk.net FingerprintB8:7D:8B:82:16:37:34:00:14:E0:54:4C:A5:9C:80:12:83:74:3E:1E ValidityMon, 06 May 2024 00:00:00 GMT - Sun, 04 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text Hashc8066c428aa37568d993688d7632e7f2 19094c44934483104346acefa04211617da1aefd fefd341651da17fa0a4265b6bd2ab7d63c92701d2001690cc7a90eeeb6c07fa8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/gantuk/jscript/jscript_extend.js HTTP/1.1
Host: www.gantuk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Cookie: zenid=khr5669bed1bsefpc2p53c5bcr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:26:03 GMT
content-type: application/javascript
content-length: 302
x-accel-version: 0.01
last-modified: Thu, 08 Jun 2023 02:43:34 GMT
accept-ranges: bytes
cache-control: max-age=300
expires: Wed, 08 May 2024 19:31:03 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.gantuk.net/images/women/clothing/sweats/UK_GANT_Women_Icon_G_Essential_Crew_Neck_Sweatshirt_Eucalyptus_Green_0Z48711.jpg | 196.245.55.20 | 200 OK | 22 kB |
URL GET HTTP/2www.gantuk.net/images/women/clothing/sweats/UK_GANT_Women_Icon_G_Essential_Crew_Neck_Sweatshirt_Eucalyptus_Green_0Z48711.jpg IP196.245.55.20:443 ASN#58065 Orion Network Limited
CertificateIssuerZeroSSL Subjectgantuk.net FingerprintB8:7D:8B:82:16:37:34:00:14:E0:54:4C:A5:9C:80:12:83:74:3E:1E ValidityMon, 06 May 2024 00:00:00 GMT - Sun, 04 Aug 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 545x681, components 3 Hash113ecb688ac2fb27ede61336b5b2e373 b1069a946eedc02e2cd50fb4bb7c35d6759b25e1 6942e12841bf456804801491e0e0885dee08a767c9225fc1c9a3dff236f01eb4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/women/clothing/sweats/UK_GANT_Women_Icon_G_Essential_Crew_Neck_Sweatshirt_Eucalyptus_Green_0Z48711.jpg HTTP/1.1
Host: www.gantuk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Cookie: zenid=khr5669bed1bsefpc2p53c5bcr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:26:03 GMT
content-type: image/jpeg
content-length: 21536
last-modified: Wed, 07 Jun 2023 08:32:36 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "648040a4-5420"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.gantuk.net/images/women/clothing/pants/UK_GANT_Women_Relaxed_Fit_Icon_G_Essential_Sweatpants_Ebony_Black_0Z48713.jpg | 196.245.55.20 | 200 OK | 16 kB |
URL GET HTTP/2www.gantuk.net/images/women/clothing/pants/UK_GANT_Women_Relaxed_Fit_Icon_G_Essential_Sweatpants_Ebony_Black_0Z48713.jpg IP196.245.55.20:443 ASN#58065 Orion Network Limited
CertificateIssuerZeroSSL Subjectgantuk.net FingerprintB8:7D:8B:82:16:37:34:00:14:E0:54:4C:A5:9C:80:12:83:74:3E:1E ValidityMon, 06 May 2024 00:00:00 GMT - Sun, 04 Aug 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 545x681, components 3 Hash8e9883fc866d80cf8bb112db799e9beb 65c1188df1a569b0ef75c34457bff1328602a6f9 55011930c1c2f97b5486a9894a49a6eb7b31fab84a3fdd3712d452caae8b7fe7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/women/clothing/pants/UK_GANT_Women_Relaxed_Fit_Icon_G_Essential_Sweatpants_Ebony_Black_0Z48713.jpg HTTP/1.1
Host: www.gantuk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Cookie: zenid=khr5669bed1bsefpc2p53c5bcr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:26:03 GMT
content-type: image/jpeg
content-length: 16520
last-modified: Wed, 07 Jun 2023 08:32:44 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "648040ac-4088"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.gantuk.net/images/women/clothing/pants/UK_GANT_Women_Relaxed_Fit_Icon_G_Essential_Sweatpants_Eucalyptus_Green_0Z48714.jpg | 196.245.55.20 | 200 OK | 18 kB |
URL GET HTTP/2www.gantuk.net/images/women/clothing/pants/UK_GANT_Women_Relaxed_Fit_Icon_G_Essential_Sweatpants_Eucalyptus_Green_0Z48714.jpg IP196.245.55.20:443 ASN#58065 Orion Network Limited
CertificateIssuerZeroSSL Subjectgantuk.net FingerprintB8:7D:8B:82:16:37:34:00:14:E0:54:4C:A5:9C:80:12:83:74:3E:1E ValidityMon, 06 May 2024 00:00:00 GMT - Sun, 04 Aug 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 545x681, components 3 Hasha0175dfb3ccfa9271755427cadc00199 ef2ebaeeb840a4d24df0d82394b948c981fb4d91 cb9908780d83f523c50e64d94704ea84cf0668d9444412637c5a23a0267ea094
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/women/clothing/pants/UK_GANT_Women_Relaxed_Fit_Icon_G_Essential_Sweatpants_Eucalyptus_Green_0Z48714.jpg HTTP/1.1
Host: www.gantuk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Cookie: zenid=khr5669bed1bsefpc2p53c5bcr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:26:03 GMT
content-type: image/jpeg
content-length: 17988
last-modified: Wed, 07 Jun 2023 08:32:48 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "648040b0-4644"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.gantuk.net/images/women/clothing/sweats/UK_GANT_Women_Archive_Shield_Full_Zip_Hoodie_Hazelwood_Beige_0Z48718.jpg | 196.245.55.20 | 200 OK | 23 kB |
URL GET HTTP/2www.gantuk.net/images/women/clothing/sweats/UK_GANT_Women_Archive_Shield_Full_Zip_Hoodie_Hazelwood_Beige_0Z48718.jpg IP196.245.55.20:443 ASN#58065 Orion Network Limited
CertificateIssuerZeroSSL Subjectgantuk.net FingerprintB8:7D:8B:82:16:37:34:00:14:E0:54:4C:A5:9C:80:12:83:74:3E:1E ValidityMon, 06 May 2024 00:00:00 GMT - Sun, 04 Aug 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 545x681, components 3 Hashbf43fc556dd3bd54f9c08855667cd845 e8e46c90a8c3c861facd0182fb8306fa55407e4b a593c926d604b3f660a92c5ffbe41c5c8772a36ec8fe868e50749ecd05319fe7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/women/clothing/sweats/UK_GANT_Women_Archive_Shield_Full_Zip_Hoodie_Hazelwood_Beige_0Z48718.jpg HTTP/1.1
Host: www.gantuk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Cookie: zenid=khr5669bed1bsefpc2p53c5bcr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:26:03 GMT
content-type: image/jpeg
content-length: 23331
last-modified: Wed, 07 Jun 2023 08:33:02 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "648040be-5b23"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.gantuk.net/images/women/clothing/sweats/UK_GANT_Women_Icon_G_Essential_Hoodie_Eucalyptus_Green_0Z48716.jpg | 196.245.55.20 | 200 OK | 26 kB |
URL GET HTTP/2www.gantuk.net/images/women/clothing/sweats/UK_GANT_Women_Icon_G_Essential_Hoodie_Eucalyptus_Green_0Z48716.jpg IP196.245.55.20:443 ASN#58065 Orion Network Limited
CertificateIssuerZeroSSL Subjectgantuk.net FingerprintB8:7D:8B:82:16:37:34:00:14:E0:54:4C:A5:9C:80:12:83:74:3E:1E ValidityMon, 06 May 2024 00:00:00 GMT - Sun, 04 Aug 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 545x681, components 3 Hash086c1b0551acd107c6552dd9bd183fd7 4ccc38e0413b5177a8175f5bc03a18fddef000d8 53a59daf05ccc90c78b3186543813c87c136185f8ee4d8a90a3bf5902f3fd855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/women/clothing/sweats/UK_GANT_Women_Icon_G_Essential_Hoodie_Eucalyptus_Green_0Z48716.jpg HTTP/1.1
Host: www.gantuk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Cookie: zenid=khr5669bed1bsefpc2p53c5bcr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:26:03 GMT
content-type: image/jpeg
content-length: 25492
last-modified: Wed, 07 Jun 2023 08:32:55 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "648040b7-6394"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.gantuk.net/images/women/clothing/sweats/UK_GANT_Women_Icon_G_Essential_Crew_Neck_Sweatshirt_Ebony_Black_0Z48717.jpg | 196.245.55.20 | 200 OK | 19 kB |
URL GET HTTP/2www.gantuk.net/images/women/clothing/sweats/UK_GANT_Women_Icon_G_Essential_Crew_Neck_Sweatshirt_Ebony_Black_0Z48717.jpg IP196.245.55.20:443 ASN#58065 Orion Network Limited
CertificateIssuerZeroSSL Subjectgantuk.net FingerprintB8:7D:8B:82:16:37:34:00:14:E0:54:4C:A5:9C:80:12:83:74:3E:1E ValidityMon, 06 May 2024 00:00:00 GMT - Sun, 04 Aug 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 545x681, components 3 Hashed586ecb04d933106f154383ce87e542 3330df770ff2af795e55b5b36fe7d1f583f56079 dbf71a2456107e174f12b69a284456c2b627b8525170ef85bb3d5f68f75e069d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/women/clothing/sweats/UK_GANT_Women_Icon_G_Essential_Crew_Neck_Sweatshirt_Ebony_Black_0Z48717.jpg HTTP/1.1
Host: www.gantuk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Cookie: zenid=khr5669bed1bsefpc2p53c5bcr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:26:03 GMT
content-type: image/jpeg
content-length: 18701
last-modified: Wed, 07 Jun 2023 08:32:59 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "648040bb-490d"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.gantuk.net/images/women/clothing/sweats/UK_GANT_Women_Tonal_Crew_Neck_Sweater_Evening_Blue_0Z48710.jpg | 196.245.55.20 | 200 OK | 22 kB |
URL GET HTTP/2www.gantuk.net/images/women/clothing/sweats/UK_GANT_Women_Tonal_Crew_Neck_Sweater_Evening_Blue_0Z48710.jpg IP196.245.55.20:443 ASN#58065 Orion Network Limited
CertificateIssuerZeroSSL Subjectgantuk.net FingerprintB8:7D:8B:82:16:37:34:00:14:E0:54:4C:A5:9C:80:12:83:74:3E:1E ValidityMon, 06 May 2024 00:00:00 GMT - Sun, 04 Aug 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 545x681, components 3 Hash89ffc8ada459a0e7dc756a1b68b1bf0e b1c4cfb53a88adb1d5d50b174583714ac1b49040 fe2283430dab0b12d01ad065f30a7834acf1d8606f02d2d7bb756c5127b036d4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/women/clothing/sweats/UK_GANT_Women_Tonal_Crew_Neck_Sweater_Evening_Blue_0Z48710.jpg HTTP/1.1
Host: www.gantuk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Cookie: zenid=khr5669bed1bsefpc2p53c5bcr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:26:03 GMT
content-type: image/jpeg
content-length: 22314
last-modified: Wed, 07 Jun 2023 08:32:32 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "648040a0-572a"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.gantuk.net/images/women/clothing/sweats/UK_GANT_Women_Icon_G_Essential_Hoodie_Ebony_Black_0Z48715.jpg | 196.245.55.20 | 200 OK | 23 kB |
URL GET HTTP/2www.gantuk.net/images/women/clothing/sweats/UK_GANT_Women_Icon_G_Essential_Hoodie_Ebony_Black_0Z48715.jpg IP196.245.55.20:443 ASN#58065 Orion Network Limited
CertificateIssuerZeroSSL Subjectgantuk.net FingerprintB8:7D:8B:82:16:37:34:00:14:E0:54:4C:A5:9C:80:12:83:74:3E:1E ValidityMon, 06 May 2024 00:00:00 GMT - Sun, 04 Aug 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 545x681, components 3 Hash4931a87eb036ea772424c089f8b341ec 0a9d56257b4c2c9aec538a36451e02acdbc505d6 092974db169ad20c6cfad7b87df890a2d2a5fd7e733f884f45f5fc90ffcd871a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/women/clothing/sweats/UK_GANT_Women_Icon_G_Essential_Hoodie_Ebony_Black_0Z48715.jpg HTTP/1.1
Host: www.gantuk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Cookie: zenid=khr5669bed1bsefpc2p53c5bcr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:26:03 GMT
content-type: image/jpeg
content-length: 22780
last-modified: Wed, 07 Jun 2023 08:32:52 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "648040b4-58fc"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.gantuk.net/images/women/clothing/sweats/UK_GANT_Women_American_Luxe_Crew_Neck_Sweater_Cocoa_Bean_0Z48712.jpg | 196.245.55.20 | 200 OK | 39 kB |
URL GET HTTP/2www.gantuk.net/images/women/clothing/sweats/UK_GANT_Women_American_Luxe_Crew_Neck_Sweater_Cocoa_Bean_0Z48712.jpg IP196.245.55.20:443 ASN#58065 Orion Network Limited
CertificateIssuerZeroSSL Subjectgantuk.net FingerprintB8:7D:8B:82:16:37:34:00:14:E0:54:4C:A5:9C:80:12:83:74:3E:1E ValidityMon, 06 May 2024 00:00:00 GMT - Sun, 04 Aug 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 545x681, components 3 Hashc65538ba018073ac376f736d39fa0c13 4dce68ba16f5bc883033aa0858c22769731e9075 653200a9e59878ae1ac9aa788b9a60f0524d75c2542addd6656ba41dcfad7986
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/women/clothing/sweats/UK_GANT_Women_American_Luxe_Crew_Neck_Sweater_Cocoa_Bean_0Z48712.jpg HTTP/1.1
Host: www.gantuk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Cookie: zenid=khr5669bed1bsefpc2p53c5bcr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:26:03 GMT
content-type: image/jpeg
content-length: 38814
last-modified: Wed, 07 Jun 2023 08:32:40 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "648040a8-979e"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.gantuk.net/images/men/clothing/underwear/UK_GANT_Men_3_Pack_Trunks_Evening_Blue_0Z48540.jpg | 196.245.55.20 | 200 OK | 19 kB |
URL GET HTTP/2www.gantuk.net/images/men/clothing/underwear/UK_GANT_Men_3_Pack_Trunks_Evening_Blue_0Z48540.jpg IP196.245.55.20:443 ASN#58065 Orion Network Limited
CertificateIssuerZeroSSL Subjectgantuk.net FingerprintB8:7D:8B:82:16:37:34:00:14:E0:54:4C:A5:9C:80:12:83:74:3E:1E ValidityMon, 06 May 2024 00:00:00 GMT - Sun, 04 Aug 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 545x681, components 3 Hash272eeda128f000769b18d52078933391 edfc4fa36bda773b002a1530f7163f6504c1f8ac 1b3eb612a03cd3fae5e44094dc4cb8b229287fa9f3f224b659a1c751f7693b5b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/men/clothing/underwear/UK_GANT_Men_3_Pack_Trunks_Evening_Blue_0Z48540.jpg HTTP/1.1
Host: www.gantuk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Cookie: zenid=khr5669bed1bsefpc2p53c5bcr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:26:03 GMT
content-type: image/jpeg
content-length: 19433
last-modified: Wed, 07 Jun 2023 08:22:51 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "64803e5b-4be9"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.gantuk.net/images/men/clothing/socks/UK_GANT_Men_Argyle_Socks_Rich_Brown_0Z48535.jpg | 196.245.55.20 | 200 OK | 15 kB |
URL GET HTTP/2www.gantuk.net/images/men/clothing/socks/UK_GANT_Men_Argyle_Socks_Rich_Brown_0Z48535.jpg IP196.245.55.20:443 ASN#58065 Orion Network Limited
CertificateIssuerZeroSSL Subjectgantuk.net FingerprintB8:7D:8B:82:16:37:34:00:14:E0:54:4C:A5:9C:80:12:83:74:3E:1E ValidityMon, 06 May 2024 00:00:00 GMT - Sun, 04 Aug 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 545x681, components 3 Hashf761dab962fd6d610e1db9fcdd0a88cf 893eb56d691776e7ddddf87aae27f2fad6f563f5 e2db026441a2e29cbb1660e7b2699f94d343b68035b725ff867fd900bdbcb672
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/men/clothing/socks/UK_GANT_Men_Argyle_Socks_Rich_Brown_0Z48535.jpg HTTP/1.1
Host: www.gantuk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Cookie: zenid=khr5669bed1bsefpc2p53c5bcr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:26:03 GMT
content-type: image/jpeg
content-length: 14581
last-modified: Wed, 07 Jun 2023 08:22:39 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "64803e4f-38f5"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.gantuk.net/images/men/clothing/socks/UK_GANT_Men_2_Pack_Solid_And_Dot_Socks_Burgundy_0Z48534.jpg | 196.245.55.20 | 200 OK | 18 kB |
URL GET HTTP/2www.gantuk.net/images/men/clothing/socks/UK_GANT_Men_2_Pack_Solid_And_Dot_Socks_Burgundy_0Z48534.jpg IP196.245.55.20:443 ASN#58065 Orion Network Limited
CertificateIssuerZeroSSL Subjectgantuk.net FingerprintB8:7D:8B:82:16:37:34:00:14:E0:54:4C:A5:9C:80:12:83:74:3E:1E ValidityMon, 06 May 2024 00:00:00 GMT - Sun, 04 Aug 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 545x681, components 3 Hash8d52e0953ec2c1818947b0782b562562 cfe8c543783890c2bdd04b8ff2241bbc6a15839f beab30e889b0784c4873ba1bf4e4a6fcccae9cc386c770d63bf907ef3b1dca5c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/men/clothing/socks/UK_GANT_Men_2_Pack_Solid_And_Dot_Socks_Burgundy_0Z48534.jpg HTTP/1.1
Host: www.gantuk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Cookie: zenid=khr5669bed1bsefpc2p53c5bcr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:26:03 GMT
content-type: image/jpeg
content-length: 18197
last-modified: Wed, 07 Jun 2023 08:22:37 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "64803e4d-4715"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.gantuk.net/images/men/clothing/underwear/UK_GANT_Men_3_Pack_Wide_Stripe_Trunks_Evening_Blue_0Z48542.jpg | 196.245.55.20 | 200 OK | 24 kB |
URL GET HTTP/2www.gantuk.net/images/men/clothing/underwear/UK_GANT_Men_3_Pack_Wide_Stripe_Trunks_Evening_Blue_0Z48542.jpg IP196.245.55.20:443 ASN#58065 Orion Network Limited
CertificateIssuerZeroSSL Subjectgantuk.net FingerprintB8:7D:8B:82:16:37:34:00:14:E0:54:4C:A5:9C:80:12:83:74:3E:1E ValidityMon, 06 May 2024 00:00:00 GMT - Sun, 04 Aug 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 545x681, components 3 Hashe67141357570e11963c455a855917475 86efc2639b86c68092f3d716d6c922ac64d9bfa7 ce033564bc50a922237505ed4b090d13243fafe0b7aa35a91f404de7f60d3c18
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/men/clothing/underwear/UK_GANT_Men_3_Pack_Wide_Stripe_Trunks_Evening_Blue_0Z48542.jpg HTTP/1.1
Host: www.gantuk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Cookie: zenid=khr5669bed1bsefpc2p53c5bcr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:26:03 GMT
content-type: image/jpeg
content-length: 23908
last-modified: Wed, 07 Jun 2023 08:22:56 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "64803e60-5d64"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.gantuk.net/images/men/clothing/underwear/UK_GANT_Men_Check_Pajama_Set_Classic_Blue_0Z48541.jpg | 196.245.55.20 | 200 OK | 28 kB |
URL GET HTTP/2www.gantuk.net/images/men/clothing/underwear/UK_GANT_Men_Check_Pajama_Set_Classic_Blue_0Z48541.jpg IP196.245.55.20:443 ASN#58065 Orion Network Limited
CertificateIssuerZeroSSL Subjectgantuk.net FingerprintB8:7D:8B:82:16:37:34:00:14:E0:54:4C:A5:9C:80:12:83:74:3E:1E ValidityMon, 06 May 2024 00:00:00 GMT - Sun, 04 Aug 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 545x681, components 3 Hashc0d73350e9fdc2eb4e28e7bcf55af80e a66424345a6b2ba48747e5f360196c366aaf044c dfdc8287181b95648e7c640d7df41208fe62aca2cd8c170baeec4d1e1a9a890a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/men/clothing/underwear/UK_GANT_Men_Check_Pajama_Set_Classic_Blue_0Z48541.jpg HTTP/1.1
Host: www.gantuk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Cookie: zenid=khr5669bed1bsefpc2p53c5bcr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:26:03 GMT
content-type: image/jpeg
content-length: 28208
last-modified: Wed, 07 Jun 2023 08:22:53 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "64803e5d-6e30"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.gantuk.net/images/men/clothing/underwear/UK_GANT_Men_TRUNK_3_PACK_Navy_0Z48543.jpg | 196.245.55.20 | 200 OK | 20 kB |
URL GET HTTP/2www.gantuk.net/images/men/clothing/underwear/UK_GANT_Men_TRUNK_3_PACK_Navy_0Z48543.jpg IP196.245.55.20:443 ASN#58065 Orion Network Limited
CertificateIssuerZeroSSL Subjectgantuk.net FingerprintB8:7D:8B:82:16:37:34:00:14:E0:54:4C:A5:9C:80:12:83:74:3E:1E ValidityMon, 06 May 2024 00:00:00 GMT - Sun, 04 Aug 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 545x681, components 3 Hash631f1451c709fa456f343b5d15996d60 d29cafa1ee42ebb3758f7d45ce3ff5fc48c733da 49d38f1a5e6c33608d453de4ba61d5d5e8a8f4b0bfca161999753d0b03cda8d0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/men/clothing/underwear/UK_GANT_Men_TRUNK_3_PACK_Navy_0Z48543.jpg HTTP/1.1
Host: www.gantuk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Cookie: zenid=khr5669bed1bsefpc2p53c5bcr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:26:03 GMT
content-type: image/jpeg
content-length: 20031
last-modified: Wed, 07 Jun 2023 08:22:58 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "64803e62-4e3f"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.gantuk.net/images/men/clothing/socks/UK_GANT_Men_2_Pack_Invisible_Socks_Black_0Z48539.jpg | 196.245.55.20 | 200 OK | 16 kB |
URL GET HTTP/2www.gantuk.net/images/men/clothing/socks/UK_GANT_Men_2_Pack_Invisible_Socks_Black_0Z48539.jpg IP196.245.55.20:443 ASN#58065 Orion Network Limited
CertificateIssuerZeroSSL Subjectgantuk.net FingerprintB8:7D:8B:82:16:37:34:00:14:E0:54:4C:A5:9C:80:12:83:74:3E:1E ValidityMon, 06 May 2024 00:00:00 GMT - Sun, 04 Aug 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 545x681, components 3 Hashd04e2aa89bf982922b5da30f99a67b19 d04966ebf80a61d042094073847a8e7696325e60 b51201a3a47c0c49e3330b2be1d35fb750e2ddc95a24fe3a293d700a28dabe8b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/men/clothing/socks/UK_GANT_Men_2_Pack_Invisible_Socks_Black_0Z48539.jpg HTTP/1.1
Host: www.gantuk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Cookie: zenid=khr5669bed1bsefpc2p53c5bcr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:26:03 GMT
content-type: image/jpeg
content-length: 16353
last-modified: Wed, 07 Jun 2023 08:22:48 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "64803e58-3fe1"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.gantuk.net/images/men/clothing/socks/UK_GANT_Men_2_Pack_Solid_And_Dot_Socks_Roasted_Walnut_0Z48536.jpg | 196.245.55.20 | 200 OK | 20 kB |
URL GET HTTP/2www.gantuk.net/images/men/clothing/socks/UK_GANT_Men_2_Pack_Solid_And_Dot_Socks_Roasted_Walnut_0Z48536.jpg IP196.245.55.20:443 ASN#58065 Orion Network Limited
CertificateIssuerZeroSSL Subjectgantuk.net FingerprintB8:7D:8B:82:16:37:34:00:14:E0:54:4C:A5:9C:80:12:83:74:3E:1E ValidityMon, 06 May 2024 00:00:00 GMT - Sun, 04 Aug 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 545x681, components 3 Hashe1077b164c125a616f9112f945fa4ba2 60cb07581a9772338462a358e8dc95d10b207070 5dd6c0da377bd42b6cddf5c65511e05965ed49d0fd462250697ce9aa4baf42e3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/men/clothing/socks/UK_GANT_Men_2_Pack_Solid_And_Dot_Socks_Roasted_Walnut_0Z48536.jpg HTTP/1.1
Host: www.gantuk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Cookie: zenid=khr5669bed1bsefpc2p53c5bcr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:26:03 GMT
content-type: image/jpeg
content-length: 20007
last-modified: Wed, 07 Jun 2023 08:22:41 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "64803e51-4e27"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.gantuk.net/images/men/clothing/socks/UK_GANT_Men_3_Pack_Soft_Cotton_Socks_Autumn_Sunset_0Z48538.jpg | 196.245.55.20 | 200 OK | 20 kB |
URL GET HTTP/2www.gantuk.net/images/men/clothing/socks/UK_GANT_Men_3_Pack_Soft_Cotton_Socks_Autumn_Sunset_0Z48538.jpg IP196.245.55.20:443 ASN#58065 Orion Network Limited
CertificateIssuerZeroSSL Subjectgantuk.net FingerprintB8:7D:8B:82:16:37:34:00:14:E0:54:4C:A5:9C:80:12:83:74:3E:1E ValidityMon, 06 May 2024 00:00:00 GMT - Sun, 04 Aug 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 545x681, components 3 Hash87c6a418b0a751d1da854412d2e0826f 7f2edf1e38bcd238ac4231044deb4eb2f225733c 6dd2017245cf68ca314012050e6a6244b7c83864562e380705e3c52e04486272
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/men/clothing/socks/UK_GANT_Men_3_Pack_Soft_Cotton_Socks_Autumn_Sunset_0Z48538.jpg HTTP/1.1
Host: www.gantuk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Cookie: zenid=khr5669bed1bsefpc2p53c5bcr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:26:03 GMT
content-type: image/jpeg
content-length: 19661
last-modified: Wed, 07 Jun 2023 08:22:46 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "64803e56-4ccd"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.gantuk.net/images/men/clothing/underwear/UK_GANT_Men_BRIEF_3_PACK_Grey_Melange_0Z48544.jpg | 196.245.55.20 | 200 OK | 19 kB |
URL GET HTTP/2www.gantuk.net/images/men/clothing/underwear/UK_GANT_Men_BRIEF_3_PACK_Grey_Melange_0Z48544.jpg IP196.245.55.20:443 ASN#58065 Orion Network Limited
CertificateIssuerZeroSSL Subjectgantuk.net FingerprintB8:7D:8B:82:16:37:34:00:14:E0:54:4C:A5:9C:80:12:83:74:3E:1E ValidityMon, 06 May 2024 00:00:00 GMT - Sun, 04 Aug 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 545x681, components 3 Hash4870bb30b5e11671d28de57c2dc3215a 4a86b0d278c573826a8c2796962d435a3a9d6895 a93553a7c5efa1626be1e440df8c8021770c2bbe431884abf70caf6f8a579999
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/men/clothing/underwear/UK_GANT_Men_BRIEF_3_PACK_Grey_Melange_0Z48544.jpg HTTP/1.1
Host: www.gantuk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Cookie: zenid=khr5669bed1bsefpc2p53c5bcr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:26:03 GMT
content-type: image/jpeg
content-length: 19271
last-modified: Wed, 07 Jun 2023 08:23:01 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "64803e65-4b47"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.gantuk.net/images/men/clothing/underwear/UK_GANT_Men_TRUNK_3_PACK_Black_0Z48545.jpg | 196.245.55.20 | 200 OK | 19 kB |
URL GET HTTP/2www.gantuk.net/images/men/clothing/underwear/UK_GANT_Men_TRUNK_3_PACK_Black_0Z48545.jpg IP196.245.55.20:443 ASN#58065 Orion Network Limited
CertificateIssuerZeroSSL Subjectgantuk.net FingerprintB8:7D:8B:82:16:37:34:00:14:E0:54:4C:A5:9C:80:12:83:74:3E:1E ValidityMon, 06 May 2024 00:00:00 GMT - Sun, 04 Aug 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 545x681, components 3 Hashe0cedd7eb5dfb844b2e0595ad90fce18 d1f66a27db4b011ce3a6c10d0992cfff3ddc445f 5088cfcac081ff4594ed3e801ff89a219ba609d7bd0aa3c9d0b6848683c7e753
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/men/clothing/underwear/UK_GANT_Men_TRUNK_3_PACK_Black_0Z48545.jpg HTTP/1.1
Host: www.gantuk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Cookie: zenid=khr5669bed1bsefpc2p53c5bcr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:26:03 GMT
content-type: image/jpeg
content-length: 18571
last-modified: Wed, 07 Jun 2023 08:23:03 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "64803e67-488b"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.gantuk.net/images/men/clothing/socks/UK_GANT_Men_6_Pack_Soft_Cotton_Socks_Marine_0Z48537.jpg | 196.245.55.20 | 200 OK | 18 kB |
URL GET HTTP/2www.gantuk.net/images/men/clothing/socks/UK_GANT_Men_6_Pack_Soft_Cotton_Socks_Marine_0Z48537.jpg IP196.245.55.20:443 ASN#58065 Orion Network Limited
CertificateIssuerZeroSSL Subjectgantuk.net FingerprintB8:7D:8B:82:16:37:34:00:14:E0:54:4C:A5:9C:80:12:83:74:3E:1E ValidityMon, 06 May 2024 00:00:00 GMT - Sun, 04 Aug 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 545x681, components 3 Hash8664be7494560e1b818872758f77560a 0e1cc4a0f28b26324d0d63ba1d158763515f1b8b 744c3bb71abb13d873b678965a2d516188ee051a8ff51f90f7eb990eca64e848
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/men/clothing/socks/UK_GANT_Men_6_Pack_Soft_Cotton_Socks_Marine_0Z48537.jpg HTTP/1.1
Host: www.gantuk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Cookie: zenid=khr5669bed1bsefpc2p53c5bcr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:26:03 GMT
content-type: image/jpeg
content-length: 17980
last-modified: Wed, 07 Jun 2023 08:22:43 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "64803e53-463c"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.gantuk.net/images/payment.png | 196.245.55.20 | 200 OK | 6.2 kB |
URL GET HTTP/2www.gantuk.net/images/payment.png IP196.245.55.20:443 ASN#58065 Orion Network Limited
CertificateIssuerZeroSSL Subjectgantuk.net FingerprintB8:7D:8B:82:16:37:34:00:14:E0:54:4C:A5:9C:80:12:83:74:3E:1E ValidityMon, 06 May 2024 00:00:00 GMT - Sun, 04 Aug 2024 23:59:59 GMT
File typePNG image data, 248 x 26, 8-bit/color RGBA, non-interlaced Hash1fb5f66cada185d72ccefaeb9e9a2963 584108601272e3ed07abe10b4c3ca2f6b200d552 ef645db0e0a9a267fda954e584782b888929b2827548ecaef07600656022535b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images/payment.png HTTP/1.1
Host: www.gantuk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Cookie: zenid=khr5669bed1bsefpc2p53c5bcr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:26:03 GMT
content-type: image/png
content-length: 6248
last-modified: Thu, 09 Jun 2022 03:19:36 GMT
cache-control: max-age=864000, public, must-revalidate
etag: "62a166c8-1868"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.gantuk.net/includes/templates/gantuk/images/gant/banner1d.jpg | 196.245.55.20 | 200 OK | 233 kB |
URL GET HTTP/2www.gantuk.net/includes/templates/gantuk/images/gant/banner1d.jpg IP196.245.55.20:443 ASN#58065 Orion Network Limited
CertificateIssuerZeroSSL Subjectgantuk.net FingerprintB8:7D:8B:82:16:37:34:00:14:E0:54:4C:A5:9C:80:12:83:74:3E:1E ValidityMon, 06 May 2024 00:00:00 GMT - Sun, 04 Aug 2024 23:59:59 GMT
File typeJPEG image data, baseline, precision 8, 1440x1440, components 3 Size233 kB (233310 bytes) Hash987ae0a80af1f79edea52057f5e940d3 a352c1dc40feece820e2a117972b1d82b5804d37 fb7105b81f2701bc78a3b37d4ec8d3affff522f92b3e729a9cd17e8b95579568
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/gantuk/images/gant/banner1d.jpg HTTP/1.1
Host: www.gantuk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Cookie: zenid=khr5669bed1bsefpc2p53c5bcr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:26:03 GMT
content-type: image/jpeg
content-length: 233310
last-modified: Thu, 08 Jun 2023 02:44:49 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Fri, 07 Jun 2024 19:26:03 GMT
etag: "648140a1-38f5e"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.gantuk.net/includes/templates/gantuk/images/gant/banner2d.jpg | 196.245.55.20 | 200 OK | 214 kB |
URL GET HTTP/2www.gantuk.net/includes/templates/gantuk/images/gant/banner2d.jpg IP196.245.55.20:443 ASN#58065 Orion Network Limited
CertificateIssuerZeroSSL Subjectgantuk.net FingerprintB8:7D:8B:82:16:37:34:00:14:E0:54:4C:A5:9C:80:12:83:74:3E:1E ValidityMon, 06 May 2024 00:00:00 GMT - Sun, 04 Aug 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1440x1440, components 3 Size214 kB (214312 bytes) Hashe6d4745fa19629b34093a834a3adc0a7 5f6f8c5f8c6f6c5ec409f4fe62e3ded91a49b6ba 51533479d937438100b562f8255a729db86a34888632a7ee0c4def931d8b1d4a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/gantuk/images/gant/banner2d.jpg HTTP/1.1
Host: www.gantuk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Cookie: zenid=khr5669bed1bsefpc2p53c5bcr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:26:03 GMT
content-type: image/jpeg
content-length: 214312
last-modified: Thu, 08 Jun 2023 02:44:49 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Fri, 07 Jun 2024 19:26:03 GMT
etag: "648140a1-34528"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.gantuk.net/includes/templates/gantuk/jscript/jquery.min.js | 196.245.55.20 | 200 OK | 36 kB |
URL GET HTTP/2www.gantuk.net/includes/templates/gantuk/jscript/jquery.min.js IP196.245.55.20:443 ASN#58065 Orion Network Limited
CertificateIssuerZeroSSL Subjectgantuk.net FingerprintB8:7D:8B:82:16:37:34:00:14:E0:54:4C:A5:9C:80:12:83:74:3E:1E ValidityMon, 06 May 2024 00:00:00 GMT - Sun, 04 Aug 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hash05fd201247df64ae2017402981748ac4 048816e6a3e87c8350725ba49a5e65db98227228 ec5baa1283485332f4904abea295732e19a317d3f5eaa032418f71469f6bb02e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/gantuk/jscript/jquery.min.js HTTP/1.1
Host: www.gantuk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Cookie: zenid=khr5669bed1bsefpc2p53c5bcr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:26:03 GMT
content-type: application/javascript
last-modified: Thu, 08 Jun 2023 02:43:33 GMT
vary: Accept-Encoding
cache-control: max-age=300
expires: Wed, 08 May 2024 19:31:03 GMT
etag: W/"64814055-15d9d"
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.gantuk.net/includes/templates/gantuk/fonts/annimex-icons.ttf?teavmy | 196.245.55.20 | 200 OK | 141 kB |
URL GET HTTP/2www.gantuk.net/includes/templates/gantuk/fonts/annimex-icons.ttf?teavmy IP196.245.55.20:443 ASN#58065 Orion Network Limited
CertificateIssuerZeroSSL Subjectgantuk.net FingerprintB8:7D:8B:82:16:37:34:00:14:E0:54:4C:A5:9C:80:12:83:74:3E:1E ValidityMon, 06 May 2024 00:00:00 GMT - Sun, 04 Aug 2024 23:59:59 GMT
File typeTrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, adorn-icons Size141 kB (140608 bytes) Hash7d3c0284348a1f07b4cd6ff41354551b 6ff4eb286a7b3c980866382a40dd9279c99cb9cd 924025d175bc0292a137b2b46a4ee48e77c8618c3ea19e44214b6abf30f16005
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/gantuk/fonts/annimex-icons.ttf?teavmy HTTP/1.1
Host: www.gantuk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/includes/templates/gantuk/css/style_plugins.css
Cookie: zenid=khr5669bed1bsefpc2p53c5bcr
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:26:04 GMT
content-type: application/x-font-ttf
content-length: 140608
last-modified: Thu, 08 Jun 2023 02:42:58 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Wed, 08 May 2024 19:31:04 GMT
etag: "64814032-22540"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 | 142.250.74.163 | 200 OK | 7.8 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 IP142.250.74.163:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7840, version 1.0 Hash8d91ec1ca2d8b56640a47117e313a3e9 a9e9bafe64666f4595051a0e895b47a5fa39e67e 78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
GET /s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.gantuk.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 21:56:25 GMT
expires: Fri, 02 May 2025 21:56:25 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:02:55 GMT
content-type: font/woff2
age: 509379
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 | 142.250.74.163 | 200 OK | 7.9 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 IP142.250.74.163:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7884, version 1.0 Hash9212f6f9860f9fc6c69b02fedf6db8c3 ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.gantuk.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:01:02 GMT
expires: Fri, 02 May 2025 02:01:02 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
content-type: font/woff2
age: 581102
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 | 142.250.74.163 | 200 OK | 8.0 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 IP142.250.74.163:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 8000, version 1.0 Hash72993dddf88a63e8f226656f7de88e57 179f97ec0275f09603a8db94d4380eb584d81cd5 f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.gantuk.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 02:15:02 GMT
expires: Sat, 03 May 2025 02:15:02 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:00:59 GMT
content-type: font/woff2
age: 493862
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 | 142.250.74.163 | 200 OK | 7.7 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 IP142.250.74.163:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7748, version 1.0 Hasha09f2fccfee35b7247b08a1a266f0328 0da2d17e738f46d2a09e6fb7969da451719a9820 cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.gantuk.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 04:42:48 GMT
expires: Sat, 03 May 2025 04:42:48 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 00:01:14 GMT
content-type: font/woff2
age: 484996
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.gantuk.net/includes/templates/gantuk/images/favicon.ico | 196.245.55.20 | 200 OK | 4.3 kB |
URL GET HTTP/2www.gantuk.net/includes/templates/gantuk/images/favicon.ico IP196.245.55.20:443 ASN#58065 Orion Network Limited
CertificateIssuerZeroSSL Subjectgantuk.net FingerprintB8:7D:8B:82:16:37:34:00:14:E0:54:4C:A5:9C:80:12:83:74:3E:1E ValidityMon, 06 May 2024 00:00:00 GMT - Sun, 04 Aug 2024 23:59:59 GMT
File typeMS Windows icon resource - 1 icon, 32x32, 32 bits/pixel Hash85e00ec771f18eed209c62bd5a5c61eb 282c3a11978b88264ae229ec823598a5fdf48657 f39649161530d0fb9c9a9a731cf253e4e1e4d21b1d203bb3e682dd9910d7f076
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/gantuk/images/favicon.ico HTTP/1.1
Host: www.gantuk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Cookie: zenid=khr5669bed1bsefpc2p53c5bcr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:26:04 GMT
content-type: image/x-icon
content-length: 4286
last-modified: Thu, 08 Jun 2023 02:43:18 GMT
cache-control: max-age=864000, public, must-revalidate
expires: Thu, 09 May 2024 19:26:04 GMT
etag: "64814046-10be"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.gantuk.net/includes/templates/gantuk/jscript/jscript_plugins.js | 196.245.55.20 | 200 OK | 96 kB |
URL GET HTTP/2www.gantuk.net/includes/templates/gantuk/jscript/jscript_plugins.js IP196.245.55.20:443 ASN#58065 Orion Network Limited
CertificateIssuerZeroSSL Subjectgantuk.net FingerprintB8:7D:8B:82:16:37:34:00:14:E0:54:4C:A5:9C:80:12:83:74:3E:1E ValidityMon, 06 May 2024 00:00:00 GMT - Sun, 04 Aug 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hash835da634f2fab9546de4275c9b249502 a71e7337195be10f9853b3ebc301a27b77bc7e21 a9ba362501cbbda1c80388b88fb30427e21cc8fcb18a58a9da29679742ca9cef
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/gantuk/jscript/jscript_plugins.js HTTP/1.1
Host: www.gantuk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Cookie: zenid=khr5669bed1bsefpc2p53c5bcr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:26:03 GMT
content-type: application/javascript
last-modified: Thu, 08 Jun 2023 02:43:35 GMT
vary: Accept-Encoding
cache-control: max-age=300
expires: Wed, 08 May 2024 19:31:03 GMT
etag: W/"64814057-42b72"
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Libre+Franklin:wght@100;200;300;400;500;600;700;800;900&display=swap | 142.250.74.170 | 200 OK | 11 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Libre+Franklin:wght@100;200;300;400;500;600;700;800;900&display=swap IP142.250.74.170:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
Hasheb9023562ab1966f30dc99199c862e99 c61e56985a7df5262657c080393142f4f3e674b0 23daa07b4cbfa8e9a4a4aa17f77ebab31297e8dcd5f1c082dc21f284ab5dd03a
GET /css2?family=Libre+Franklin:wght@100;200;300;400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 19:26:03 GMT
date: Wed, 08 May 2024 19:26:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Poppins:wght@200;300;400;500;600;700;800;900&display=swap | 142.250.74.170 | 200 OK | 6.3 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Poppins:wght@200;300;400;500;600;700;800;900&display=swap IP142.250.74.170:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (6448), with no line terminators Hash5597ed8188a3994391b999f6caf0d0ec a647507c2dfaa80293672a339035e11335a7509b 40f0d46e2291b1365735633e70f2aac322fb4741fa001a7e8485692d660bb740
GET /css2?family=Poppins:wght@200;300;400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 19:26:03 GMT
date: Wed, 08 May 2024 19:26:03 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Arima+Madurai:wght@300;400;500;700;800;900&display=swap | 142.250.74.170 | 200 OK | 9.3 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Arima+Madurai:wght@300;400;500;700;800;900&display=swap IP142.250.74.170:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (9530), with no line terminators Hashc5939125786ce6b5ed8c4f0a2bedcf52 528777daa60c7b5d52e78018151ba873c94d640e 819fb2fbdc024c04b03c88da5d5c7e0bdb4616630d72ab65491cbaab120f46ec
GET /css2?family=Arima+Madurai:wght@300;400;500;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 19:26:03 GMT
date: Wed, 08 May 2024 19:26:03 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.gantuk.net/includes/templates/gantuk/css/style_zp.css | 196.245.55.20 | 200 OK | 16 kB |
URL GET HTTP/2www.gantuk.net/includes/templates/gantuk/css/style_zp.css IP196.245.55.20:443 ASN#58065 Orion Network Limited
CertificateIssuerZeroSSL Subjectgantuk.net FingerprintB8:7D:8B:82:16:37:34:00:14:E0:54:4C:A5:9C:80:12:83:74:3E:1E ValidityMon, 06 May 2024 00:00:00 GMT - Sun, 04 Aug 2024 23:59:59 GMT
Hashabd78472318498b003e7314deac9f6e6 b4a4586d923daa8bb4b82a3ca6f84e9b7a4087a6 29835e3f4026df14814ae72fc3861658f9e9bc04c45bf22e50fa3130d7e454d5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/gantuk/css/style_zp.css HTTP/1.1
Host: www.gantuk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Cookie: zenid=khr5669bed1bsefpc2p53c5bcr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:26:03 GMT
content-type: text/css
last-modified: Thu, 08 Jun 2023 02:42:53 GMT
vary: Accept-Encoding
cache-control: max-age=3600
expires: Wed, 08 May 2024 20:26:03 GMT
etag: W/"6481402d-4032"
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Alata&display=swap | 142.250.74.170 | 200 OK | 1.2 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Alata&display=swap IP142.250.74.170:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (1179), with no line terminators Hash1f9ff1758f44a8354f9be6ccf531cb8a 7fd5c0f675262d59736c063d0569dd7fab71256f 37dfb66736045e51980abc5c9c002b3a658a8fadc626f4a0aacf957fe90b6809
GET /css2?family=Alata&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 19:26:03 GMT
date: Wed, 08 May 2024 19:26:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.gantuk.net/includes/templates/gantuk/css/style_plugins.css | 196.245.55.20 | 200 OK | 221 kB |
URL GET HTTP/2www.gantuk.net/includes/templates/gantuk/css/style_plugins.css IP196.245.55.20:443 ASN#58065 Orion Network Limited
CertificateIssuerZeroSSL Subjectgantuk.net FingerprintB8:7D:8B:82:16:37:34:00:14:E0:54:4C:A5:9C:80:12:83:74:3E:1E ValidityMon, 06 May 2024 00:00:00 GMT - Sun, 04 Aug 2024 23:59:59 GMT
Size221 kB (220793 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/gantuk/css/style_plugins.css HTTP/1.1
Host: www.gantuk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Cookie: zenid=khr5669bed1bsefpc2p53c5bcr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:26:03 GMT
content-type: text/css
last-modified: Thu, 08 Jun 2023 02:42:50 GMT
vary: Accept-Encoding
cache-control: max-age=3600
expires: Wed, 08 May 2024 20:26:03 GMT
etag: W/"6481402a-35e79"
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Archivo+Narrow:wght@400;500;600;700&display=swap | 142.250.74.170 | 200 OK | 5.0 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Archivo+Narrow:wght@400;500;600;700&display=swap IP142.250.74.170:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (5076), with no line terminators Hash48d4822accd8873d2852967645115cef 1b20048c205fa24b4fff0afa458ee1fa2c45612f 27b1f874ce4c14645ec6df13bdf94d9a3381db78c5e4720903dd20d0e4bbc0b7
GET /css2?family=Archivo+Narrow:wght@400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 19:26:03 GMT
date: Wed, 08 May 2024 19:26:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Quicksand:wght@400;500;600;700&display=swap | 142.250.74.170 | 200 OK | 4.8 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Quicksand:wght@400;500;600;700&display=swap IP142.250.74.170:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (4884), with no line terminators Hashb600e1e7a6306ebd12e31c84c6e1f1e1 f60eb78fc60e2436151e80ef892f5058a4fdf874 bf93d7866220f1f029dbd4d40e9c34c92f92b6ccc5cdd2fe091e2518941cb663
GET /css2?family=Quicksand:wght@400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 19:26:03 GMT
date: Wed, 08 May 2024 19:26:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Glegoo:wght@400;700&display=swap | 142.250.74.170 | 200 OK | 2.3 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Glegoo:wght@400;700&display=swap IP142.250.74.170:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (2310), with no line terminators Hash5cf712cf2b0969e17db3030c359175fe a6bd8bc94377508e45d8b0708c67057efd7ec40d 2590d0359a53a2ba40a5f4074121465e36893f365cf2a67f7c803249cbad479e
GET /css2?family=Glegoo:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 19:26:03 GMT
date: Wed, 08 May 2024 19:26:03 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,200;0,300;0,400;0,600;0,800;0,900;1,700&display=swap | 142.250.74.170 | 200 OK | 16 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,200;0,300;0,400;0,600;0,800;0,900;1,700&display=swap IP142.250.74.170:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
Hash56e4df90a29f863f6faa6ccb7567e401 9f3f0306cb0054763e377c6f456890e33f546cd9 165c919c26eb19e053a7cf522566f7cfa686a2782e252b7cd39e15e5d8b4bf15
GET /css2?family=Nunito+Sans:ital,wght@0,200;0,300;0,400;0,600;0,800;0,900;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 19:26:03 GMT
date: Wed, 08 May 2024 19:26:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Playfair+Display:wght@400;500;600;700;800;900&display=swap | 142.250.74.170 | 200 OK | 9.5 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Playfair+Display:wght@400;500;600;700;800;900&display=swap IP142.250.74.170:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (9708), with no line terminators Hashcbb724e5f0c70cc680b0a3cf208a602e 7bb23f4e0d2a2306ce2a8c44b5c29778235d4580 533e25ed8b776dfe43e6cfb857fa5feee61b4e554dead3ec80cbaf2afa928d21
GET /css2?family=Playfair+Display:wght@400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 19:26:03 GMT
date: Wed, 08 May 2024 19:26:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap | 142.250.74.170 | 200 OK | 7.6 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap IP142.250.74.170:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (7812), with no line terminators Hashea047ba198aaa7637f27cf64c74fa8be 52329f1f70a60957c92db2a590bb97b25796dc19 11a942088d049579ba79db59d72e631d2e26f1fc2b12ee0dba2e2e3ff65d2477
GET /css2?family=Roboto+Condensed:wght@300;400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 19:26:03 GMT
date: Wed, 08 May 2024 19:26:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.gantuk.net/includes/templates/gantuk/css/style_zo.css | 196.245.55.20 | 200 OK | 154 kB |
URL GET HTTP/2www.gantuk.net/includes/templates/gantuk/css/style_zo.css IP196.245.55.20:443 ASN#58065 Orion Network Limited
CertificateIssuerZeroSSL Subjectgantuk.net FingerprintB8:7D:8B:82:16:37:34:00:14:E0:54:4C:A5:9C:80:12:83:74:3E:1E ValidityMon, 06 May 2024 00:00:00 GMT - Sun, 04 Aug 2024 23:59:59 GMT
File typeassembler source, ASCII text, with very long lines (536) Size154 kB (154305 bytes) Hash6e960a6831aada7abc2ff96c7f0bfb48 714c81b2be525f31dfef74ec9f996f64ec82f788 a0ffcba9f1c433099299dc14f8c942bf35172a9640ae35aa70ddca60d1c20f24
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/gantuk/css/style_zo.css HTTP/1.1
Host: www.gantuk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Cookie: zenid=khr5669bed1bsefpc2p53c5bcr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:26:03 GMT
content-type: text/css
last-modified: Thu, 08 Jun 2023 02:42:52 GMT
vary: Accept-Encoding
cache-control: max-age=3600
expires: Wed, 08 May 2024 20:26:03 GMT
etag: W/"6481402c-25ac1"
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Staatliches&display=swap | 142.250.74.170 | 200 OK | 808 B |
URL GET HTTP/2fonts.googleapis.com/css2?family=Staatliches&display=swap IP142.250.74.170:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (826), with no line terminators Hashda420df8479f8779cde5fc034d4cc67b 40e95fcf89bfd02023345af67b83dd45543c29d9 21c8c585a8724114950fa78cb426dd7ff797cab8c34cb44231ea087c6c515d61
GET /css2?family=Staatliches&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 19:26:03 GMT
date: Wed, 08 May 2024 19:26:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700;800&display=swap | 142.250.74.170 | 200 OK | 11 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700;800&display=swap IP142.250.74.170:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
Hash0f3106ce705bbf98161187fc94d15542 99688690db95c115bbc142ac516d7aa8d8bfade8 376aa716f5acbcefc1b0a7684a56f4d642f23bf6534917d787d163c2ad81ebb4
GET /css2?family=Montserrat:wght@300;400;500;600;700;800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 19:26:03 GMT
date: Wed, 08 May 2024 19:26:03 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Jost:wght@300;400;500;600;700;800&display=swap | 142.250.74.170 | 200 OK | 6.3 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Jost:wght@300;400;500;600;700;800&display=swap IP142.250.74.170:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (6420), with no line terminators Hash74a37b69a4c15801b8edcc9cd42c503c 23d843eff81be41b551ff2ab24a550017f77207f d706baa7aa0457db3dc2bbb3af441adb4dc2cf87f8c3611c85a281ddbe939ec7
GET /css2?family=Jost:wght@300;400;500;600;700;800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 19:26:03 GMT
date: Wed, 08 May 2024 19:26:03 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Crimson+Pro:wght@200;300;400;500;600;700;800;900&display=swap | 142.250.74.170 | 200 OK | 9.7 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Crimson+Pro:wght@200;300;400;500;600;700;800;900&display=swap IP142.250.74.170:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (9912), with no line terminators Hash40698f9f19b1a609d2636f5eef9a3e30 46ff448bbf2fb3b30ecc73402877f8845445f8ba f3f7baade7af0f0b4587523c53317642d7c18c2501e70aaae37b93e7ee9a6545
GET /css2?family=Crimson+Pro:wght@200;300;400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 19:26:03 GMT
date: Wed, 08 May 2024 19:26:03 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.gantuk.net/includes/templates/gantuk/jscript/jscript_zmain.js | 196.245.55.20 | 200 OK | 54 kB |
URL GET HTTP/2www.gantuk.net/includes/templates/gantuk/jscript/jscript_zmain.js IP196.245.55.20:443 ASN#58065 Orion Network Limited
CertificateIssuerZeroSSL Subjectgantuk.net FingerprintB8:7D:8B:82:16:37:34:00:14:E0:54:4C:A5:9C:80:12:83:74:3E:1E ValidityMon, 06 May 2024 00:00:00 GMT - Sun, 04 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (528) Hash42d3be9aafe60479523ad3eb7214db73 ebbb491aeaf34f14838b8aa8a98dc6e3d9b8983d 704b77327d1608db4f812eff01873e261312ef45a6077660276e75a6658141e6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/gantuk/jscript/jscript_zmain.js HTTP/1.1
Host: www.gantuk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Cookie: zenid=khr5669bed1bsefpc2p53c5bcr
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:26:03 GMT
content-type: application/javascript
last-modified: Thu, 08 Jun 2023 02:43:36 GMT
vary: Accept-Encoding
cache-control: max-age=300
expires: Wed, 08 May 2024 19:31:03 GMT
etag: W/"64814058-d34a"
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Libre+Baskerville:ital,wght@0,400;0,700;1,400&display=swap | 142.250.74.170 | 200 OK | 2.6 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Libre+Baskerville:ital,wght@0,400;0,700;1,400&display=swap IP142.250.74.170:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (2605), with no line terminators Hashd7e91faccd8b5b75c6794babc60413e9 490a3fe1bc93ea7dd9cff81c80eca5ea6cad68b3 8d4ecadfe561b26cf0addd9f7e39055b19844488449e0091a936a77fdff727d9
GET /css2?family=Libre+Baskerville:ital,wght@0,400;0,700;1,400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 19:26:03 GMT
date: Wed, 08 May 2024 19:26:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap | 142.250.74.170 | 200 OK | 14 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700;900&display=swap IP142.250.74.170:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
Hash9c12b57a25710853b762d48b28545b5c 57a79d40792f42232b317bd9529c98efa29fc315 35ae53cd6f0cde71e622f6e54dc576bb82ffab56c9e41b1298f932eebf963eb9
GET /css2?family=Roboto:wght@100;300;400;500;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 19:26:03 GMT
date: Wed, 08 May 2024 19:26:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/icon?family=Material+Icons | 142.250.74.170 | 200 OK | 565 B |
URL GET HTTP/2fonts.googleapis.com/icon?family=Material+Icons IP142.250.74.170:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (588), with no line terminators Hash959a533a3dc02649e0cc3f8f67d942af 34db49ff64aed8b51beaba5b9928ad504a4df335 24864ed3ee6fab66640980d4c24640e579e5583764a8ee8c4f09decf27977247
GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 19:26:03 GMT
date: Wed, 08 May 2024 19:26:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Merienda:wght@400;700&display=swap | 142.250.74.170 | 200 OK | 2.4 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Merienda:wght@400;700&display=swap IP142.250.74.170:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (2424), with no line terminators Hash4c11106146294a0f2e0f9a7cd792e1d2 53f4815a87a769d098f64ad9dfafc157f7d572d1 66f67ff9a9b48f878ba4db2df85dcb68e5640e189ecc19cb7a4a8604b7412e94
GET /css2?family=Merienda:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 19:26:03 GMT
date: Wed, 08 May 2024 19:26:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.gantuk.net/includes/templates/gantuk/css/stylesheet.css | 196.245.55.20 | 200 OK | 60 kB |
URL GET HTTP/2www.gantuk.net/includes/templates/gantuk/css/stylesheet.css IP196.245.55.20:443 ASN#58065 Orion Network Limited
CertificateIssuerZeroSSL Subjectgantuk.net FingerprintB8:7D:8B:82:16:37:34:00:14:E0:54:4C:A5:9C:80:12:83:74:3E:1E ValidityMon, 06 May 2024 00:00:00 GMT - Sun, 04 Aug 2024 23:59:59 GMT
File typeASCII text, with very long lines (349) Hash094e7eae4bf70dfd6bbaaadad55f516e 934e75aa36c75974721560eba62ec7483f328920 3fb99db8a5a19ffe18c0bf6870b06d82664b03cffc8853049c8b1b3da0b4953f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /includes/templates/gantuk/css/stylesheet.css HTTP/1.1
Host: www.gantuk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gantuk.net/
Cookie: zenid=khr5669bed1bsefpc2p53c5bcr
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 19:26:03 GMT
content-type: text/css
last-modified: Thu, 08 Jun 2023 02:42:50 GMT
vary: Accept-Encoding
cache-control: max-age=3600
expires: Wed, 08 May 2024 20:26:03 GMT
etag: W/"6481402a-ec83"
content-encoding: gzip
X-Firefox-Spdy: h2
|
|