Report - giuvns.top/

Report Overview

Submitted URL
giuvns.top/
IP
172.67.150.152
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-26 07:29:57
Access
public
Website Title
Free Hajj Sponsorship 2024
Final URL
giuvns.top/#1714116572045
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
i.imgur.com	5110	2009-01-09	2012-05-21	2024-04-25	428 B	93 kB	151.101.244.193
tj.657g.xyz	unknown	2023-07-13	2023-12-07	2024-04-18	870 B	2.9 kB	188.114.97.1
hm.baidu.com	8254	1999-10-11	2012-05-26	2024-04-25	1.1 kB	12 kB	14.215.183.79
giuvns.top	unknown	unknown	No data	No data	902 B	19 kB	172.67.150.152
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-04-25	426 B	34 kB	142.250.74.170

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-03-19	medium	tj.657g.xyz/	PayPal Inc.
2024-03-26	medium	giuvns.top/	Generic/Spear Phishing
2024-03-19	medium	tj.657g.xyz/	PayPal Inc.
2024-03-26	medium	giuvns.top/	Generic/Spear Phishing

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	giuvns.top/	2.6 kB	2024-04-26	2024-04-26
Pretty URL giuvns.top/ IP 172.67.150.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 09:30:04 Last Seen2024-04-26 09:30:04 Times Seen1 Hash 94bdea4bfec1277e83113b98ae97d22d a2c862f7b9e135f25d29daea0bdbf1867a06e735 32fa78de6ce4879ebaf4db4c6c230df0e064a4ef07648875d7f2f7c387920479 Loading...

	tj.657g.xyz/js/script.js	1.3 kB	2023-05-22	2024-05-06
Pretty URL tj.657g.xyz/js/script.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-22 17:22:24 Last Seen2024-05-06 22:33:16 Times Seen3311 Hash abd4e2373b2e8c4dac2e80159641c5f1 e273656e58ca934d873204e68dd35670fde657ed 021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94 Loading...

	unknown	290 B	2024-04-26	2024-04-26
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-04-26 09:30:04 Last Seen2024-04-26 09:30:04 Times Seen1 Hash 1f4fe5e352698aa89b9ee1ba38370b8c 322023096707feebb8a761e7016951c18d71355e 98c27dd2a50461b123a3899fabcd2be3e66bb788e63033211c9c5fff733be32d Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js	96 kB	2023-03-07	2024-05-06
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-06 22:13:42 Times Seen47082 Hash 8101d596b2b8fa35fe3a634ea342d7c3 d6c1f41972de07b09bfa63d2e50f9ab41ec372bd 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441 Loading...

	giuvns.top/	345 B	2023-12-13	2024-05-04
Pretty URL giuvns.top/ IP 172.67.150.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-13 18:56:14 Last Seen2024-05-04 17:31:33 Times Seen39 Hash ecffbe366e1b36e55da681315cda4e78 4932abca38dc9d841be2c4cd52207207b29c2714 214f1274f0b94b658764f6179e2de89e09de88248f35e3d9bf506ce9049c5a14 Loading...

	hm.baidu.com/hm.js?8d809470ffc8bd20b0e6fbe36435c751	30 kB	2024-04-26	2024-04-26
Pretty URL hm.baidu.com/hm.js?8d809470ffc8bd20b0e6fbe36435c751 IP 14.215.183.79 ASN #4134 Chinanet Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 09:30:04 Last Seen2024-04-26 09:30:04 Times Seen2 Hash 8762d58888f1b8ce2d9d9b13c1ea3785 bfd424b8ec3dac0357e61557069fae05ebf32e5f 617c32c2edb6981043deb3020348438fc958bf6b27aa5cf1fa3f2cb32263e60e Loading...

	unknown	37 B	2023-04-11	2024-05-06
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:49:14 Last Seen2024-05-06 05:43:26 Times Seen22291 Hash 1c5c9160600df2d96d69a4ea16cec7ed 3cf678c9135cc952ba6970ef545035bb757a443f a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808 Loading...

	giuvns.top/	228 B	2024-01-22	2024-05-04
Pretty URL giuvns.top/ IP 172.67.150.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-22 18:55:06 Last Seen2024-05-04 17:31:33 Times Seen20 Hash 2768b69fa39beebc2afa7874bf5482e3 aff70fe363268c0b9d68b4580e998a68bf051c34 7a4a9bdcb8e68e6ad5628d6460333092224e7db0c7fa7425127050393238b580 Loading...

	unknown	315 B	2024-01-28	2024-04-26
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2024-01-28 15:36:44 Last Seen2024-04-26 09:30:04 Times Seen3 Hash d367ee2d3576a74675adbefe775d6850 acd0115a2913e9b7daa608198901a7413a6752df d9fc964bb1921bc29895d0ccfe2b281d8959bc149e590c2f694a4fd7b7c03eab Loading...

HTTP Transactions (8)

URL IP Response Size

ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

142.250.74.170

200 OK

33 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://giuvns.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT

File type
JavaScript source, ASCII text, with very long lines (32086)
Size
33 kB (33434 bytes)
Hash
8101d596b2b8fa35fe3a634ea342d7c3
d6c1f41972de07b09bfa63d2e50f9ab41ec372bd
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

HTTP Headers

GET /ajax/libs/jquery/1.11.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://giuvns.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33434
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 17:46:16 GMT
expires: Fri, 25 Apr 2025 17:46:16 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 49395
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

i.imgur.com/cxWZlD1.jpeg

151.101.244.193

200 OK

92 kB

URL GET HTTP/2
i.imgur.com/cxWZlD1.jpeg
IP
151.101.244.193:443
ASN
#54113 FASTLY

Requested by
https://giuvns.top/
Certificate
IssuerSectigo Limited
Subject*.imgur.com
Fingerprint39:5B:E1:0D:4A:FC:A4:C7:F3:71:DE:C4:5C:12:69:F9:5F:58:9F:42
ValidityThu, 15 Feb 2024 00:00:00 GMT - Fri, 14 Feb 2025 23:59:59 GMT

File type
JPEG image data, baseline, precision 8, 1024x683, components 3
Size
92 kB (92046 bytes)
Hash
8b958409eedbde0cbb74c018f6eb2281
3c41e716436af9346ff2eea012536c22c9c4d8a9
c7de315d5b1b3d33ca7367e7ded889b690901a1eb5c41c531ea286ed8e916607

HTTP Headers

GET /cxWZlD1.jpeg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://giuvns.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
last-modified: Tue, 23 Apr 2024 09:21:54 GMT
etag: "8b958409eedbde0cbb74c018f6eb2281"
x-amz-server-side-encryption: AES256
x-amz-cf-pop: IAD89-P1
x-amz-cf-id: 8_ZsJIGh-YzIIgauEPc6poYvm9HWr-IgQbDTbdrQrgLMu_xCXrpcdg==
cache-control: public, max-age=31536000
accept-ranges: bytes
age: 252458
date: Fri, 26 Apr 2024 07:29:32 GMT
x-served-by: cache-iad-kcgs7200173-IAD, cache-hel1410034-HEL
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 20, 0
x-timer: S1714116572.028650,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 92046
X-Firefox-Spdy: h2

tj.657g.xyz/api/event

188.114.97.1

202 Accepted

2 B

URL POST HTTP/3
tj.657g.xyz/api/event
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://giuvns.top/
Certificate
IssuerGoogle Trust Services LLC
Subject657g.xyz
Fingerprint50:D6:E0:11:AD:45:D4:13:FA:D4:11:BC:81:A3:03:88:0B:91:49:F4
ValidityTue, 05 Mar 2024 08:51:58 GMT - Mon, 03 Jun 2024 08:51:57 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	PayPal Inc.

HTTP Headers

POST /api/event HTTP/1.1
Host: tj.657g.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 80
Origin: https://giuvns.top
DNT: 1
Connection: keep-alive
Referer: https://giuvns.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 202 Accepted
date: Fri, 26 Apr 2024 07:29:32 GMT
content-type: text/plain; charset=utf-8
content-length: 2
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: 
cache-control: max-age=0, private, must-revalidate
x-request-id: F8nEEC77bSZR48YM-yrB
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M%2FGT5dKkAue3Qj0ClzJgZqgX3cqFHdWka8%2FGG002%2FASMH4KCvpV4upVd6E50fk90w4ubtXAEnYbiq9Gds4hMCzrC6EWnlVnOu3t7zZ2%2B3No4OrvHciVRukaVEeakNw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a4dcbf9def5685-OSL
alt-svc: h3=":443"; ma=86400

hm.baidu.com/hm.js?8d809470ffc8bd20b0e6fbe36435c751

14.215.183.79

200 OK

11 kB

URL GET HTTP/1.1
hm.baidu.com/hm.js?8d809470ffc8bd20b0e6fbe36435c751
IP
14.215.183.79:443
ASN
#4134 Chinanet

Requested by
https://giuvns.top/
Certificate
IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT

File type
JavaScript source, ASCII text, with very long lines (617)
Size
11 kB (11255 bytes)
Hash
8762d58888f1b8ce2d9d9b13c1ea3785
bfd424b8ec3dac0357e61557069fae05ebf32e5f
617c32c2edb6981043deb3020348438fc958bf6b27aa5cf1fa3f2cb32263e60e

HTTP Headers

GET /hm.js?8d809470ffc8bd20b0e6fbe36435c751 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://giuvns.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11255
Content-Type: application/javascript
Date: Fri, 26 Apr 2024 07:29:33 GMT
Etag: 076fcaa593c0c5a1e31e62fb691dfc28
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=774D3AA2A9D2B15B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=2070370420&si=8d809470ffc8bd20b0e6fbe36435c751&v=1.3.0&lv=1&sn=48649&r=0&ww=1280&u=https%3A%2F%2Fgiuvns.top%2F%231714116572045&tt=Free%20Hajj%20Sponsorship%202024

14.215.183.79

200 OK

43 B

URL GET HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=2070370420&si=8d809470ffc8bd20b0e6fbe36435c751&v=1.3.0&lv=1&sn=48649&r=0&ww=1280&u=https%3A%2F%2Fgiuvns.top%2F%231714116572045&tt=Free%20Hajj%20Sponsorship%202024
IP
14.215.183.79:443
ASN
#4134 Chinanet

Requested by
https://giuvns.top/
Certificate
IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=2070370420&si=8d809470ffc8bd20b0e6fbe36435c751&v=1.3.0&lv=1&sn=48649&r=0&ww=1280&u=https%3A%2F%2Fgiuvns.top%2F%231714116572045&tt=Free%20Hajj%20Sponsorship%202024 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://giuvns.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 26 Apr 2024 07:29:34 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=1B39F2FF322D8FAE; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

giuvns.top/

172.67.150.152

200 OK

18 kB

URL User Request GET HTTP/2
giuvns.top/
IP
172.67.150.152:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectgiuvns.top
FingerprintF8:73:BA:22:29:2A:F1:43:05:1E:33:A3:2F:0B:3C:8A:AA:99:4B:FF
ValidityThu, 29 Feb 2024 12:52:39 GMT - Wed, 29 May 2024 12:52:38 GMT

File type

Size
18 kB (17967 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing

HTTP Headers

GET / HTTP/1.1
Host: giuvns.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 07:29:31 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: loclang=en; expires=Sat, 27-Apr-2024 07:29:31 GMT; Max-Age=86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n8UJQHSsyXOD2GCOTYCfanSU4aFKgibBTnstV%2FUCC5%2BWPB9GPlf9iTAr3WmjeeeAEx%2F%2FbReARtwj9SW4FWdac8AZAIxmwvAxvphBn2NcXyPAJAOBmNqoJ1Y0sw3A"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a4dcbaae1956bf-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

tj.657g.xyz/js/script.js

188.114.97.1

200 OK

1.3 kB

URL GET HTTP/2
tj.657g.xyz/js/script.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://giuvns.top/
Certificate
IssuerGoogle Trust Services LLC
Subject657g.xyz
Fingerprint50:D6:E0:11:AD:45:D4:13:FA:D4:11:BC:81:A3:03:88:0B:91:49:F4
ValidityTue, 05 Mar 2024 08:51:58 GMT - Mon, 03 Jun 2024 08:51:57 GMT

File type
ASCII text, with very long lines (1384), with no line terminators
Size
1.3 kB (1346 bytes)
Hash
16cfd1982a40489c41a52add24d36b85
344f1896d895c5d0a7c4caecafcf1942603cd026
72073aacecd145e525b16c4c845c07bff5798e813eeed702dff748a18b6186ce

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	PayPal Inc.

HTTP Headers

GET /js/script.js HTTP/1.1
Host: tj.657g.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://giuvns.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 07:29:31 GMT
content-type: application/javascript
cf-bgj: minify
expires: Fri, 26 Apr 2024 18:48:21 GMT
vary: Accept-Encoding
x-cache: HIT
access-control-allow-origin: *
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2605
last-modified: Fri, 26 Apr 2024 06:46:06 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=07clvEnROdSn6mjJoGTfpjCWUFT%2BMa3wCK2XhUwX5dvWilW%2BgylzBIgjWUGetk6j%2Fn1nSsAvJGvs7ltnhQ%2BCXX2lLnosb5gbLSp0f2FM6vhdRyxlxlnIhHaVdTMiSA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a4dcbebad0569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

giuvns.top/favicon.ico

172.67.150.152

404 Not Found

146 B

URL GET HTTP/3
giuvns.top/favicon.ico
IP
172.67.150.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://giuvns.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectgiuvns.top
FingerprintF8:73:BA:22:29:2A:F1:43:05:1E:33:A3:2F:0B:3C:8A:AA:99:4B:FF
ValidityThu, 29 Feb 2024 12:52:39 GMT - Wed, 29 May 2024 12:52:38 GMT

File type
HTML document, ASCII text, with no line terminators
Size
146 B (146 bytes)
Hash
40b3fc14254227ec5012d996bf90c4e1
b0dd06eb5a779151151101337889ff09953f8ac0
740816c1b61e4a8443c26d30d3eecfea04815fca8cd605a142f9d8a35f86ceca

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: giuvns.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://giuvns.top/
Cookie: loclang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Fri, 26 Apr 2024 07:29:32 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4nUgzWrMad1i64CrtnoQyc0Owws05p%2F7O3HpcBjWTtioacmwbfdJ2sNJJOSZqLIOeWJH%2BSPJWKP1tSmBYTKnWoKSEgVbVg1BuDUyL%2B00Yh4Afl7eGXuYtIXGgVwx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a4dcc15ffd56bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash