Report - progressie.click/control_greenlant/?login=ksuarez@slurpmail.net

Report Overview

Submitted URL
progressie.click/control_greenlant/?login=ksuarez@slurpmail.net
IP
188.114.97.1
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-07 23:18:02
Access
public
Website Title
SLURPMAIL VALIDATION SERVER
Final URL
jupita.top/_phoenix_delta/?login=ksuarez@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
Tags
suspicious
urlquery detections
Suspicious - Anti-debugging code

Detections

urlquery
3
Network Intrusion Detection
0
Threat Detection Systems
10

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-05-07	860 B	118 kB	142.250.74.138
jupita.top	unknown	2024-02-10	2024-02-12	2024-02-13	3.6 kB	72 kB	104.21.23.6
www.google.com	7	1997-09-15	2015-05-10	2024-03-23	874 B	1.6 kB	142.250.74.132
t0.gstatic.com	unknown	2008-02-11	2013-05-06	2024-05-07	3.0 kB	9.2 kB	142.250.74.132
progressie.click	unknown	unknown	No data	No data	517 B	7.1 kB	188.114.96.1
wakandos.top	unknown	2024-01-12	2024-01-12	2024-04-12	508 B	0 B	0.0.0.0
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2024-05-07	5.0 kB	308 kB	104.17.3.184

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-07	medium	jupita.top	Sinkholed
2024-05-07	medium	jupita.top	Sinkholed
2024-05-07	medium	jupita.top	Sinkholed
2024-05-07	medium	jupita.top	Sinkholed
2024-05-07	medium	jupita.top	Sinkholed

ThreatFox

No alerts detected

JavaScript (15)

	URL	Size	First Seen	Last Seen
	ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.js	289 kB	2023-03-07	2024-05-19
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.js IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:59 Last Seen2024-05-19 15:05:05 Times Seen5961 Hash 2849239b95f5a9a2aea3f6ed9420bb88 af32f706407ab08f800c5e697cce92466e735847 1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239 Loading...

	jupita.top/_phoenix_delta/?login=ksuarez@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null	770 B	2024-05-08	2024-05-08
Pretty URL jupita.top/_phoenix_delta/?login=ksuarez@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null IP 104.21.23.6 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-08 01:18:08 Last Seen2024-05-08 01:18:08 Times Seen1 Hash 291219dc9762325eb7c75557a45dedfa e82dc3ec7374b45e1d2140986da5e432025c14b5 86c587bedbbcf019b1b47d1e71234d504dc25ee7543ff8227882f2668ac6fafc Loading...

	jupita.top/_phoenix_delta/?login=ksuarez@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null	4.6 kB	2024-05-08	2024-05-08
Pretty URL jupita.top/_phoenix_delta/?login=ksuarez@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null IP 104.21.23.6 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-08 01:18:08 Last Seen2024-05-08 01:18:08 Times Seen1 Hash c0b26f66fd4c3acdca38c19ce72638f1 5699a21c4e01b5201ea707dee9d32fac49532ad3 54f741d2193e02ec1a225c47d6c38cb33841ebbfeee4b4bb8042251d7c14cd9a Loading...

	unknown	286 B	2023-11-23	2024-05-14
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2023-11-23 20:51:09 Last Seen2024-05-14 22:13:47 Times Seen46 Hash 19f117322afd1c16df419c8e2b3fecbe c2b3516d2d479fc5fd6d85225628392f7693e2e5 904336137915b56c184b3e411b0e3bd715129ca453ca07c453d8d2fc94682f12 Loading...

	jupita.top/_phoenix_delta/?login=ksuarez@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null	3.3 kB	2023-11-27	2024-05-15
Pretty URL jupita.top/_phoenix_delta/?login=ksuarez@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null IP 104.21.23.6 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-27 12:26:41 Last Seen2024-05-15 00:01:13 Times Seen72 Hash 610e169f49420d6ecd4a5d01a0fa0067 b54ab7b4308e9871a26780aabd7f55a063ea5247 00795e94566047ee75ea7bf8b47ae8c31cd69acd630257d2d779d82826325095 Loading...

	jupita.top/_phoenix_delta/?login=ksuarez@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null	801 B	2023-11-30	2024-05-15
Pretty URL jupita.top/_phoenix_delta/?login=ksuarez@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null IP 104.21.23.6 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-30 14:59:27 Last Seen2024-05-15 00:01:13 Times Seen67 Hash 6c271dfc7e3137a7723aae64b1b329ef 6a9a54bd0392eef3ace7b62369af871e6423d2b3 76887040e2867d2a6b677f57fd36f0ecf85954911ddc0a584ca549dd153d9b2b Loading...

	jupita.top/_phoenix_delta/?login=ksuarez@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null	3.6 kB	2024-02-12	2024-05-15
Pretty URL jupita.top/_phoenix_delta/?login=ksuarez@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null IP 104.21.23.6 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-12 08:59:27 Last Seen2024-05-15 00:01:13 Times Seen45 Hash 551cf70b40dbcf27fde509c02fdbd20d c93a4f8ee53042b94d2eb5c97d503bbd95a30c38 b977154685e009ce68b497f4f18c0aa3715ce6893f5f57dacd4b2a1e0ae15ae3 Loading...

	jupita.top/_phoenix_delta/?login=ksuarez@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null	164 B	2023-09-21	2024-05-15
Pretty URL jupita.top/_phoenix_delta/?login=ksuarez@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null IP 104.21.23.6 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-21 04:40:49 Last Seen2024-05-15 00:01:13 Times Seen107 Hash 96b36f7056f826a9c56b58f55209e794 7527670b480831c52ac5e937b947165c068af7b8 d117e0f32484b25a090d43594ea2b402631eb26a9b54644b8370aa53ecf47af3 Loading...

	jupita.top/_phoenix_delta/?login=ksuarez@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null	505 B	2023-09-21	2024-05-15
Pretty URL jupita.top/_phoenix_delta/?login=ksuarez@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null IP 104.21.23.6 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-21 04:40:49 Last Seen2024-05-15 00:01:13 Times Seen107 Hash d448320e57b792a64d70313976f5289d 3bcc06ab5e68132d2f23f7a987e62da38678737d aed1faff5be5d21a70535423e23cff580204c8ffaec4b6d584d9b112b5f5b0f2 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07	2024-05-19
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-05-19 22:24:44 Times Seen353125 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#2 Eval - 1d49c64853400308eef3100ef958c17f	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 01:18:08 Last Seen2024-05-08 01:18:08 Times Seen1 Hash 1d49c64853400308eef3100ef958c17f c27b488c1c6f4001da79a0d11b3b72ff519e2f22 884a093cfe9642eea3102d621c9a3fcf1b459be5fe64376289be63ef9599cfc0 Loading...

	#3 Eval - a4e185a5cb50c96871d0adae09e1ae10	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 01:18:08 Last Seen2024-05-08 01:18:08 Times Seen1 Hash a4e185a5cb50c96871d0adae09e1ae10 28b86c8ce843b76505c0164d95f9167dadef0951 dd68ffb4f04b1a18b07735cc85848f1da6c875690e852016202c22c4559b17cf Loading...

	#4 Eval - c3bdf694efc06f3c7ef82cf7ab86afc6	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 01:18:08 Last Seen2024-05-08 01:18:08 Times Seen1 Hash c3bdf694efc06f3c7ef82cf7ab86afc6 eb133b9700728f9c0dfd1447794c3c9ea1d4ade0 75d49a5c0b28245de6fe3f9daf2f6cec2695bc1b08168fcdc4b41ae8f68864b8 Loading...

	#5 Eval - 44ce9c2b5dbdc0f28d7037c070550b74	62 B	2024-05-03	2024-05-09
Pretty Observations First Seen2024-05-03 14:37:29 Last Seen2024-05-09 15:26:38 Times Seen386 Hash 44ce9c2b5dbdc0f28d7037c070550b74 a9d8ff605c113bef81e606ea0bb2d8b0d65bd13e b87899b17160a1ab0138f3ff2eacc0c7c9107f22f6ab3ad6e9d9973b98deb26d Loading...

	#6 Eval - 8647f80d74a0922d00e2fe6ed9e735f5	28 B	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 01:18:08 Last Seen2024-05-08 01:18:08 Times Seen1 Hash 8647f80d74a0922d00e2fe6ed9e735f5 a950c3a1ccc62b028f5c9744d9ee44a3d321fbc6 0c44c30433de874f95502a26520dfebaa96862cb20be52798dc557d8c6b6edcb Loading...

HTTP Transactions (25)

URL IP Response Size

challenges.cloudflare.com/turnstile/v0/api.js

104.17.3.184

0 B

URL
challenges.cloudflare.com/turnstile/v0/api.js
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jupita.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 07 May 2024 23:17:37 GMT
content-length: 0
cross-origin-resource-policy: cross-origin
location: /turnstile/v0/b/ce7818f50e39/api.js
cache-control: max-age=300, public
access-control-allow-origin: *
vary: Accept-Encoding
server: cloudflare
cf-ray: 8804ecad3dcdb4ff-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js

142.250.74.138

31 kB

URL
ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js
IP
142.250.74.138:0
ASN
#15169 GOOGLE

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (31191 bytes)
Hash
cf2fbbf84281d9ecbffb4993203d543b
832a6a4e86daf38b1975d705c5de5d9e5f5844bc
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

HTTP Headers

GET /ajax/libs/jquery/3.6.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jupita.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:01:09 GMT
expires: Fri, 02 May 2025 02:01:09 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Wed, 11 Jan 2023 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 508588
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

challenges.cloudflare.com/turnstile/v0/b/ce7818f50e39/api.js

104.17.3.184

15 kB

URL
challenges.cloudflare.com/turnstile/v0/b/ce7818f50e39/api.js
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (42565)
Size
15 kB (14741 bytes)
Hash
a5b92920e25651d2058f4982a108347b
caeeadd68d38fdb681c52006c68880abc2e8a1a6
49a5abedf03eb8ad9a66eca7c5ccb8e59a440e06958e1e7b71d078f494178dc5

HTTP Headers

GET /turnstile/v0/b/ce7818f50e39/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jupita.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 07 May 2024 23:17:37 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=604800, public
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
vary: Accept-Encoding
server: cloudflare
cf-ray: 8804ecad5df7b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

jupita.top/cdn-cgi/challenge-platform/scripts/jsd/main.js

104.21.23.6

0 B

URL
jupita.top/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
104.21.23.6:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: jupita.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Tue, 07 May 2024 23:17:37 GMT
content-length: 0
cache-control: max-age=300, public
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6YZxClkmdPXCFSQaEK5OS%2BvIgY8MZqKee0751usiPw%2FjtSYivk9MFMBAkuEWPE0wQ1NGQvq3Hn7D%2BaLdNQE8YBL4qOgWb8ypDxYd8xWfbDUDPPMlMa97MixvuZVY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8804ecaefd9156be-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D

104.17.3.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/6vk9q/0x4AAAAAAAXjXiXiV7KvBpAv/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 23:17:37 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 8804ecafb84bb521-OSL
alt-svc: h3=":443"; ma=86400

jupita.top/cdn-cgi/challenge-platform/h/b/jsd/r/8804ecab09c7569a

104.21.23.6

0 B

URL
jupita.top/cdn-cgi/challenge-platform/h/b/jsd/r/8804ecab09c7569a
IP
104.21.23.6:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/jsd/r/8804ecab09c7569a HTTP/1.1
Host: jupita.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12311
Origin: https://jupita.top
DNT: 1
Connection: keep-alive
Referer: https://jupita.top/_phoenix_delta/?login=ksuarez@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 23:17:37 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=xHtBO9PfX3TKb5f775e6lYNYcZdgPOQbbK2d1URanTY-1715123857-1.0.1.1-00GYIDIY7C0i.aJKKrzJceB3BECgOMrOhZ_4.1FNukV1hFYnarWXPhzYdy14kYBae.zqaGYDZzYi2AlDed3Uow; path=/; expires=Wed, 07-May-25 23:17:37 GMT; domain=.jupita.top; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T7KcggAVRMvLTEMoVt09LHDd0dU%2BI60JL4HyoaJn2C76ul%2FXXXKAS4mLGJyF3rT2oVTCMh1wftgKWur4Fs2mkWLA4w64qTwrXVYSZzb%2FT0xQ3Rmyn8Fj0B1Xl9uH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804ecb00e7156be-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8804ecaf0803b521/1715123858163/RsYNiWjWuxE5ruy

104.17.3.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/8804ecaf0803b521/1715123858163/RsYNiWjWuxE5ruy
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 40 x 63, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
1fc382691e6e7d4ed5561f9d46f97fc2
541b8109e7296dec71a7ea6fb01043b91ae45d45
a908ee12e18da79e880f37d75469c0cf4ad8d14ed71daf7bd8e3689f8e0ce843

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/i/8804ecaf0803b521/1715123858163/RsYNiWjWuxE5ruy HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/6vk9q/0x4AAAAAAAXjXiXiV7KvBpAv/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 23:17:39 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 8804ecba8d4bb521-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/8804ecaf0803b521/1715123858172/e652566c3716a0430313d20cbe02177276d2cc7c2e012d5b567d9822f180ce70/UMUkofQNJvHwZIq

104.17.3.184

1 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/8804ecaf0803b521/1715123858172/e652566c3716a0430313d20cbe02177276d2cc7c2e012d5b567d9822f180ce70/UMUkofQNJvHwZIq
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/pat/8804ecaf0803b521/1715123858172/e652566c3716a0430313d20cbe02177276d2cc7c2e012d5b567d9822f180ce70/UMUkofQNJvHwZIq HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/6vk9q/0x4AAAAAAAXjXiXiV7KvBpAv/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 401 Unauthorized
date: Tue, 07 May 2024 23:17:39 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20g5lJWbDcWoEMDE9IMvgIXcnbSzHwuAS1bVn2YIvGAznAAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAwJNLx-F--HQ4G6w81Lqhm55Wqle9iE4E64E37YL7QkK_ylJ-Dsmf1v3knq_MpBi8JncpUaWMssdL2Aha6xVtTuit-n3zEDZCW0VR_73N-Mc6DxdptQ_jsmIxis7apwux2f5L0gN0Z4K9C36tRcIL-chm-gijHvxrbhcCYusNwrgAlFaiqNWBqxKTiuPduHX4CNzNb7BAiNPz7ppY7Xn1WjmxSB-BaqSVLCYtDy-Mw41UBzE3QEcVUcRH9er-MksFvohzvhlnTTonFaMyAUYx3d_uCdDannmVQhRsm-aJs_P_GGe1TX3e9g5Sy-NmhGrro0kncbPlfTwFxa8SwJ5-8QIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIOZSVmw3FqBDAxPSDL4CF3J20sx8LgEtW1Z9mCLxgM5wABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAi_Bv1vvWWnyuOfVJgRV-AQLxEJECUUmMRrMnYz-gJA-oMd79ajvP3atoTZqB_EsZIq7SMmpbCRFhPolqzIrtXh7AF1Q-ZWY2RoRVRgKr7d6iJMZ49iZUmbz837eqBZJrEMuXftZmY35str5sb0GjzklF8z_hcQJC9vancYXncsYoiMDaROW0tLwSQA9BGfbmA6GlbVj4XH8DH19cKifxmO6RlIPPKlL1KmZbrRakkpuqvJO2-x1Zc2S5GCpponuvQTqJQH8Ud9loZLI75e-Xa9KAUNtBTM0t9WSEsv8cSJLV1BPBVTy1lOnwghofw4fqmlYv6CXClzAUqWouSTJ7uwIDAQAB", max-age=20
server: cloudflare
cf-ray: 8804ecbc2e2ab521-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/153296884:1715121053:ZCL2Ag0l3L47TdMyJSjXFaC42Naq7GtusIpHMnA9_9k/8804ecaf0803b521/2294db2796a789f

104.17.3.184

108 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/153296884:1715121053:ZCL2Ag0l3L47TdMyJSjXFaC42Naq7GtusIpHMnA9_9k/8804ecaf0803b521/2294db2796a789f
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
108 kB (108034 bytes)
Hash
330ce1477ba843127e904d66ebc35180
581ea648ba4ab654696908fa99720c79050a5587
c049f64246dc39bedc53bf74a00aa32264ccd303840c236e70ab74e7fc7c3b3a

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/153296884:1715121053:ZCL2Ag0l3L47TdMyJSjXFaC42Naq7GtusIpHMnA9_9k/8804ecaf0803b521/2294db2796a789f HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/6vk9q/0x4AAAAAAAXjXiXiV7KvBpAv/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 2294db2796a789f
Content-Length: 2767
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 23:17:38 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: 9aCpTvNsuhhIz2ZJTB5a8k4nnOnXJJeYSwmpnJ7pUse3al7FoeAOZ2KMJuN2vgPQwVgf0MlZJGx0572Na5vNzwoLGlAi1C/aeqln0giqjfjTVx7NQTBh2smIr2Zx95F1VDTo9Szl3ANPcpVKgqB7YwYAVDgcjwQa3sFt0eKmzIOSfBWUg8z7G0c0V4X5rnAvJ+0NpCBGuG/A3GWDaVEZU34CyPx1crxUTINrcT4CgQuy09PpCF9/sIsja001wla09cMjt23tQIeok/7JWQEvuggR+g6VHdFW5nC/oRhueOLQ6eEQNSjJCXSZFMo1XlbR0HqL60rnglr0Zw3HIuo81THAL2NXZ24KvPd0UWmeJ4npELNJzj0M2fHsCt72MIE6+yRt8nymRYJVZzRCXleOI1diBm/Ee7lnOQED8jy4O0hL/xqz0oe/mick5fAnkKW4IdT8zEZpBZ7X8rK9o8hWxg==$BmwqlDj4d7m1vUCxteVQbw==
vary: accept-encoding
server: cloudflare
cf-ray: 8804ecb16906b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.js

142.250.74.138

200 OK

85 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.js
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://jupita.top/_phoenix_delta/?login=ksuarez@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
JavaScript source, ASCII text
Size
85 kB (85110 bytes)
Hash
2849239b95f5a9a2aea3f6ed9420bb88
af32f706407ab08f800c5e697cce92466e735847
1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239

HTTP Headers

GET /ajax/libs/jquery/3.6.0/jquery.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jupita.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 85110
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 05:06:55 GMT
expires: Sat, 03 May 2025 05:06:55 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 411045
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

jupita.top/_phoenix_delta/functions/spinner.gif

104.21.23.6

200 OK

46 kB

URL GET HTTP/3
jupita.top/_phoenix_delta/functions/spinner.gif
IP
104.21.23.6:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jupita.top/_phoenix_delta/?login=ksuarez@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
Certificate
IssuerLet's Encrypt
Subjectjupita.top
Fingerprint9E:5B:A3:A8:86:17:B2:D3:02:73:C1:56:80:93:96:CC:EA:89:5C:6D
ValidityThu, 18 Apr 2024 20:57:05 GMT - Wed, 17 Jul 2024 20:57:04 GMT

File type
GIF image data, version 89a, 48 x 48
Size
46 kB (46341 bytes)
Hash
bab0ad7ce20e911217791c00bcd4e35b
0822ac44951def4349090998b9ecb153128f03d5
bd750f550a5db2901c0bd52ec564da6adfbad55562b862b1f125d96d9d62b026

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_phoenix_delta/functions/spinner.gif HTTP/1.1
Host: jupita.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jupita.top/_phoenix_delta/?login=ksuarez@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
Cookie: cf_clearance=C3q6X_cOscXMinxc00MjUOJoHCw7wbGUvI.pmjEq7DU-1715123860-1.0.1.1-tP2bVmAuB8gPesK4z5qufNzzJkG3pE6KCx5.wReJv.YE76ylhit5BxWbKMky2NeDd.W36KLV7QjzKEBUfO9Rng; captcha=1; PHPSESSID=lgc0tn7gclqt4rcsnn766kgtre
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 23:17:40 GMT
content-type: image/gif
content-length: 46341
last-modified: Wed, 07 Oct 2020 21:45:56 GMT
etag: "b505-5b11ba3eced00"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zlzAZ78Bc5%2F8m9QYCqrNTnt1qsqvYkxJ6N%2FqdfjaygBL9oRzNmYCckFEH6r5a9nswfHGjHylx2tzIbaH2npdG41JGUAd7%2FKRJk1PJjBLNz4JnWX0zvzyV78Ru1B4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8804ecc19c3f56be-OSL
alt-svc: h3=":443"; ma=86400

www.google.com/s2/favicons?domain=slurpmail.net

142.250.74.132

301 Moved Permanently

333 B

URL GET HTTP/2
www.google.com/s2/favicons?domain=slurpmail.net
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://jupita.top/_phoenix_delta/?login=ksuarez@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintC6:A2:DC:31:5A:53:FA:DD:55:71:A3:F4:DD:43:3D:16:71:B8:B3:99
ValidityTue, 16 Apr 2024 04:20:32 GMT - Tue, 09 Jul 2024 04:20:31 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
333 B (333 bytes)
Hash
aede2ea9056de4f18b940a3adb51b8c3
8cf481af0227a2eaae4a337a249e37441aca2b04
b35430a6095ebb71b24a21d7ac242ac6803b4696d77508b8a659329d64a4cdb6

HTTP Headers

GET /s2/favicons?domain=slurpmail.net HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jupita.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 07 May 2024 23:17:41 GMT
expires: Tue, 07 May 2024 23:47:41 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 333
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/153296884:1715121053:ZCL2Ag0l3L47TdMyJSjXFaC42Naq7GtusIpHMnA9_9k/8804ecaf0803b521/2294db2796a789f

104.17.3.184

4.8 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/153296884:1715121053:ZCL2Ag0l3L47TdMyJSjXFaC42Naq7GtusIpHMnA9_9k/8804ecaf0803b521/2294db2796a789f
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (4400), with no line terminators
Size
4.8 kB (4756 bytes)
Hash
744603c22a85eb7c8a43e4cd399ff3e5
52f94c1e299b1cc2e4f00dba675abfa0f687d01d
535fe5d68782db0826695a7a66404ab822f6db08fdc64f409959bade97e02a41

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/153296884:1715121053:ZCL2Ag0l3L47TdMyJSjXFaC42Naq7GtusIpHMnA9_9k/8804ecaf0803b521/2294db2796a789f HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/6vk9q/0x4AAAAAAAXjXiXiV7KvBpAv/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 2294db2796a789f
Content-Length: 28033
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 23:17:40 GMT
content-type: text/html; charset=UTF-8
cf-chl-out: ZW5PkcDQiUjxy9ecEYSNf3SsJwD2xLiUPIL7k/QaLV4LZWroBeVpDkyiXKb9Sn0uQc9YvGXajae9JAnnTZU8U5wiX5fcMwtcx1y3ruMw9B1xjyAPhdeWJo97NxFRK2Sw$NMT/B+Vhd5kM0Xvsmv0ccg==
cf-chl-out-s: YZ71lDzcjFUVelAG33NXfA==$b3RrghZAEZbMkHohPKE7Rg==
vary: accept-encoding
server: cloudflare
cf-ray: 8804ecbd0e87b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.google.com/s2/favicons?domain=slurpmail.net

142.250.74.132

301 Moved Permanently

333 B

URL GET HTTP/2
www.google.com/s2/favicons?domain=slurpmail.net
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://jupita.top/_phoenix_delta/?login=ksuarez@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintC6:A2:DC:31:5A:53:FA:DD:55:71:A3:F4:DD:43:3D:16:71:B8:B3:99
ValidityTue, 16 Apr 2024 04:20:32 GMT - Tue, 09 Jul 2024 04:20:31 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
333 B (333 bytes)
Hash
aede2ea9056de4f18b940a3adb51b8c3
8cf481af0227a2eaae4a337a249e37441aca2b04
b35430a6095ebb71b24a21d7ac242ac6803b4696d77508b8a659329d64a4cdb6

HTTP Headers

GET /s2/favicons?domain=slurpmail.net HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jupita.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16
x-content-type-options: nosniff
server: sffe
content-length: 333
x-xss-protection: 0
date: Tue, 07 May 2024 23:17:41 GMT
expires: Tue, 07 May 2024 23:47:41 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16

142.250.74.132

734 B

URL
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
734 B (734 bytes)
Hash
b864010428c077910c5ca240cf245bb6
f9715aa21b66802df7df8d5cb7d567b90542c042
dd7125f39db361fa801a74d09c1f48800926bfdbd241c67152cfcfa04402d665

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jupita.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
content-type: image/png
content-location: http://slurpmail.net/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 734
date: Tue, 07 May 2024 23:17:41 GMT
expires: Tue, 14 May 2024 23:17:41 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16

142.250.74.132

734 B

URL
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
734 B (734 bytes)
Hash
b864010428c077910c5ca240cf245bb6
f9715aa21b66802df7df8d5cb7d567b90542c042
dd7125f39db361fa801a74d09c1f48800926bfdbd241c67152cfcfa04402d665

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jupita.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
content-location: http://slurpmail.net/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 734
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 May 2024 23:17:41 GMT
expires: Tue, 14 May 2024 23:17:41 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16

142.250.74.132

734 B

URL
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
734 B (734 bytes)
Hash
b864010428c077910c5ca240cf245bb6
f9715aa21b66802df7df8d5cb7d567b90542c042
dd7125f39db361fa801a74d09c1f48800926bfdbd241c67152cfcfa04402d665

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jupita.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
content-location: http://slurpmail.net/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 734
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 May 2024 23:17:41 GMT
expires: Tue, 14 May 2024 23:17:41 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8804ecaf0803b521

104.17.3.184

177 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8804ecaf0803b521
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
177 kB (176657 bytes)
Hash
2e3f4d97bf55c26906e6ea81eff73815
1c239e5498d2f7407d727dc1e4d15e0e7f93bf1a
6f58e94ecb5b7fdb8b88c38b5d210b68a58b69528530849cb113c7e9ace0af2a

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=8804ecaf0803b521 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/6vk9q/0x4AAAAAAAXjXiXiV7KvBpAv/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 23:17:37 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
server: cloudflare
cf-ray: 8804ecafc851b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

progressie.click/control_greenlant/?login=ksuarez@slurpmail.net

188.114.96.1

6.5 kB

URL
progressie.click/control_greenlant/?login=ksuarez@slurpmail.net
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with CRLF line terminators
Size
6.5 kB (6504 bytes)
Hash
81109942e52a4296bb9ba432d06d0962
ad25561e12979ed6b624b56cf66e78a2da9fc71c
7949cb6831f6200090d8bb2b1eb50b9c398bb47e8c57afccf0d86d17d1f1683e

HTTP Headers

GET /control_greenlant/?login=ksuarez@slurpmail.net HTTP/1.1
Host: progressie.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 23:17:36 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.30
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xjZUa0FrHvQ7p07ySaSKpuSMpZ89BbXfrEgJ0TNbQrpAWx2ZdlH5d4lwoa%2Fn2Sy0ddhsH3Qi30Wnsx3S1RRuKDlC5npWPXS7y8JMl2Q5g%2FHpoSlo7aRWlEXgpOFU3yHGOKWU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804eca51f585685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

wakandos.top/usp_Enigma_premium_users/admin/kfud_loader.php?login=ksuarez@slurpmail.net&page=null&hide_email=true

0.0.0.0

0 B

URL GET
wakandos.top/usp_Enigma_premium_users/admin/kfud_loader.php?login=ksuarez@slurpmail.net&page=null&hide_email=true
IP
0.0.0.0:0
ASN
#0

Requested by
https://jupita.top/_phoenix_delta/?login=ksuarez@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /usp_Enigma_premium_users/admin/kfud_loader.php?login=ksuarez@slurpmail.net&page=null&hide_email=true HTTP/1.1
Host: wakandos.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jupita.top
DNT: 1
Connection: keep-alive
Referer: https://jupita.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16

142.250.74.132

200 OK

734 B

URL GET HTTP/3
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://jupita.top/_phoenix_delta/?login=ksuarez@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
734 B (734 bytes)
Hash
b864010428c077910c5ca240cf245bb6
f9715aa21b66802df7df8d5cb7d567b90542c042
dd7125f39db361fa801a74d09c1f48800926bfdbd241c67152cfcfa04402d665

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jupita.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
content-location: http://slurpmail.net/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 734
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 May 2024 23:17:41 GMT
expires: Tue, 14 May 2024 23:17:41 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

jupita.top/favicon.ico

104.21.23.6

404 Not Found

297 B

URL GET HTTP/3
jupita.top/favicon.ico
IP
104.21.23.6:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jupita.top/_phoenix_delta/?login=ksuarez@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
Certificate
IssuerLet's Encrypt
Subjectjupita.top
Fingerprint9E:5B:A3:A8:86:17:B2:D3:02:73:C1:56:80:93:96:CC:EA:89:5C:6D
ValidityThu, 18 Apr 2024 20:57:05 GMT - Wed, 17 Jul 2024 20:57:04 GMT

File type
HTML document, ASCII text, with very long lines (308), with no line terminators
Size
297 B (297 bytes)
Hash
7326a5f603b201994351a570417f6b60
c930416a03575409c05b0b30f5ee5fd48293a289
63e7e5940f92b8dc2808c4207712e7db4da75fcba737666f8e22cefeca3b855e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: jupita.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jupita.top/_phoenix_delta/?login=ksuarez@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
Cookie: cf_clearance=C3q6X_cOscXMinxc00MjUOJoHCw7wbGUvI.pmjEq7DU-1715123860-1.0.1.1-tP2bVmAuB8gPesK4z5qufNzzJkG3pE6KCx5.wReJv.YE76ylhit5BxWbKMky2NeDd.W36KLV7QjzKEBUfO9Rng; captcha=1; PHPSESSID=lgc0tn7gclqt4rcsnn766kgtre
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Tue, 07 May 2024 23:17:40 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: HIT
age: 3
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T2KeJPaBSI8iNGuS%2Fg0A0hI57jljPCE63UbQzkD5WIhFCcBjcAML48Z0kao%2FCITn8IRb19P004ctwfoYodGIE8OFwWq%2BrZVzGR6ZwaLfnx3vkUlN05Td0sUYpKH0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8804ecc2dd5756be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

jupita.top/_phoenix_delta/?login=ksuarez@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null

104.21.23.6

200 OK

22 kB

URL User Request GET HTTP/3
jupita.top/_phoenix_delta/?login=ksuarez@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
IP
104.21.23.6:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectjupita.top
Fingerprint9E:5B:A3:A8:86:17:B2:D3:02:73:C1:56:80:93:96:CC:EA:89:5C:6D
ValidityThu, 18 Apr 2024 20:57:05 GMT - Wed, 17 Jul 2024 20:57:04 GMT

File type
JavaScript source, ASCII text, with very long lines (317), with CR, LF line terminators
Size
22 kB (21598 bytes)
Hash
56bb8a8147831d741404657ad0595f6d
bef9556110c61c33f4625d25d27fb88de8934f84
7ee9c0a8cee7a2fd5a08dcf3f78aa6b9e5a1a466edae9d838896e1cc387c600c

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - Anti-debugging code
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_phoenix_delta/?login=ksuarez@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null HTTP/1.1
Host: jupita.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://progressie.click/
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=C3q6X_cOscXMinxc00MjUOJoHCw7wbGUvI.pmjEq7DU-1715123860-1.0.1.1-tP2bVmAuB8gPesK4z5qufNzzJkG3pE6KCx5.wReJv.YE76ylhit5BxWbKMky2NeDd.W36KLV7QjzKEBUfO9Rng; captcha=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 23:17:40 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.30
set-cookie: PHPSESSID=lgc0tn7gclqt4rcsnn766kgtre; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NdNh5DlhMdGDAjIlYu6tXF7wFczMGOEIGC%2BCgBflNHNiGQWrSwKVsaFaNpSmMp1Y4iYSG97661Tq15Sge45WC2aR5UGgUJsndKibF%2F7Ub0eqUmaHSQMH%2FvgclMec"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8804ecc0aba456be-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16

142.250.74.132

200 OK

734 B

URL GET HTTP/3
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://jupita.top/_phoenix_delta/?login=ksuarez@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
734 B (734 bytes)
Hash
b864010428c077910c5ca240cf245bb6
f9715aa21b66802df7df8d5cb7d567b90542c042
dd7125f39db361fa801a74d09c1f48800926bfdbd241c67152cfcfa04402d665

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jupita.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
content-type: image/png
content-location: http://slurpmail.net/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 734
date: Tue, 07 May 2024 23:17:41 GMT
expires: Tue, 14 May 2024 23:17:41 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16

142.250.74.132

200 OK

734 B

URL GET HTTP/3
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://jupita.top/_phoenix_delta/?login=ksuarez@slurpmail.net&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
734 B (734 bytes)
Hash
b864010428c077910c5ca240cf245bb6
f9715aa21b66802df7df8d5cb7d567b90542c042
dd7125f39db361fa801a74d09c1f48800926bfdbd241c67152cfcfa04402d665

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jupita.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
content-location: http://slurpmail.net/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 734
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 May 2024 23:17:41 GMT
expires: Tue, 14 May 2024 23:17:41 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL