Report - coolber.s3.ap-southeast-2.amazonaws.com/control_pushpz.html?login=steffen.herzog@slurpmail.net&pcnt=3&no_redrct=no_redrct&request

Report Overview

Submitted URL
coolber.s3.ap-southeast-2.amazonaws.com/control_pushpz.html?login=steffen.herzog@slurpmail.net&pcnt=3&no_redrct=no_redrct&request_type=load
IP
3.5.165.125
ASN
#16509 AMAZON-02
Submitted
2024-04-25 07:24:20
Access
public
Website Title
SLURPMAIL VALIDATION SERVER
Final URL
jupita.top/_bahamas_delta/?login=steffen.herzog@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=no_redrct&pcnt=3&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
Tags
phishing microsoft outlook suspicious
urlquery detections
Phishing - Microsoft Outlook
Suspicious - Anti-debugging code

Detections

urlquery
5
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
jubvib.click	unknown	unknown	No data	No data	816 B	4.0 kB	13.237.218.132
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2024-04-24	3.4 kB	364 kB	104.17.3.184
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-04-24	848 B	322 kB	142.250.74.42
jupita.top	unknown	unknown	No data	No data	2.7 kB	54 kB	172.67.208.46
www.google.com	7	1997-09-15	2015-05-10	2024-03-23	1.3 kB	2.5 kB	142.250.74.164
t2.gstatic.com	unknown	2008-02-11	2013-05-07	2024-04-22	3.0 kB	9.4 kB	142.250.74.100
wakandos.top	unknown	2024-01-12	2024-01-12	2024-04-17	515 B	0 B	0.0.0.0
coolber.s3.ap-southeast-2.amazonaws.com	unknown	unknown	No data	No data	883 B	4.3 kB	52.95.134.94

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (15)

	URL	Size	First Seen	Last Seen
	jupita.top/_bahamas_delta/?login=steffen.herzog@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=no_redrct&pcnt=3&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null	777 B	2024-04-25	2024-04-25
Pretty URL jupita.top/_bahamas_delta/?login=steffen.herzog@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=no_redrct&pcnt=3&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null IP 172.67.208.46 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-25 09:24:27 Last Seen2024-04-25 09:24:27 Times Seen1 Hash c341edbb61b6b4fbe793876c042cdc68 d9ebca73129306c45e4076cc06ccf0f87f0e4dbe 16b1b1f6bcbd008cb7372e104044db42b8dff02a69e98fc9c4c24a25f84e9ec7 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.js	289 kB	2023-03-07	2024-05-04
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.js IP 142.250.74.42 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:59 Last Seen2024-05-04 08:51:17 Times Seen5826 Hash 2849239b95f5a9a2aea3f6ed9420bb88 af32f706407ab08f800c5e697cce92466e735847 1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239 Loading...

	jupita.top/_bahamas_delta/?login=steffen.herzog@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=no_redrct&pcnt=3&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null	4.6 kB	2024-04-25	2024-04-25
Pretty URL jupita.top/_bahamas_delta/?login=steffen.herzog@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=no_redrct&pcnt=3&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null IP 172.67.208.46 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-25 09:24:27 Last Seen2024-04-25 09:24:27 Times Seen1 Hash b88264993440a5d6bf24f9515f4b3cfd f1fa539be5c4a43b3e1c0d9cfc69f7c15939d502 98f87ca3a045bb7928c172301bf7b60345805591d304c9c9084499e0c9d6a625 Loading...

	jupita.top/_bahamas_delta/?login=steffen.herzog@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=no_redrct&pcnt=3&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null	3.3 kB	2023-11-27	2024-04-29
Pretty URL jupita.top/_bahamas_delta/?login=steffen.herzog@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=no_redrct&pcnt=3&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null IP 172.67.208.46 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-27 12:26:41 Last Seen2024-04-29 18:50:28 Times Seen64 Hash 610e169f49420d6ecd4a5d01a0fa0067 b54ab7b4308e9871a26780aabd7f55a063ea5247 00795e94566047ee75ea7bf8b47ae8c31cd69acd630257d2d779d82826325095 Loading...

	jupita.top/_bahamas_delta/?login=steffen.herzog@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=no_redrct&pcnt=3&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null	801 B	2023-11-30	2024-04-29
Pretty URL jupita.top/_bahamas_delta/?login=steffen.herzog@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=no_redrct&pcnt=3&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null IP 172.67.208.46 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-30 14:59:27 Last Seen2024-04-29 18:50:28 Times Seen59 Hash 6c271dfc7e3137a7723aae64b1b329ef 6a9a54bd0392eef3ace7b62369af871e6423d2b3 76887040e2867d2a6b677f57fd36f0ecf85954911ddc0a584ca549dd153d9b2b Loading...

	jupita.top/_bahamas_delta/?login=steffen.herzog@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=no_redrct&pcnt=3&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null	3.6 kB	2024-02-12	2024-04-29
Pretty URL jupita.top/_bahamas_delta/?login=steffen.herzog@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=no_redrct&pcnt=3&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null IP 172.67.208.46 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-12 08:59:27 Last Seen2024-04-29 18:50:28 Times Seen37 Hash 551cf70b40dbcf27fde509c02fdbd20d c93a4f8ee53042b94d2eb5c97d503bbd95a30c38 b977154685e009ce68b497f4f18c0aa3715ce6893f5f57dacd4b2a1e0ae15ae3 Loading...

	unknown	285 B	2023-11-30	2024-04-25
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2023-11-30 14:59:27 Last Seen2024-04-25 09:24:27 Times Seen22 Hash 7db86efbf698afe9a5f4b15e21d3ac79 d8d8ecd20c4aa7c80bbe4da0c4a0b0e4a82c2cce 8d0051c30ea11384e4ea83eb026292b89fe9fca2dd14c01ff60515d9af4f3bbb Loading...

	jupita.top/_bahamas_delta/?login=steffen.herzog@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=no_redrct&pcnt=3&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null	164 B	2023-09-21	2024-04-29
Pretty URL jupita.top/_bahamas_delta/?login=steffen.herzog@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=no_redrct&pcnt=3&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null IP 172.67.208.46 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-21 04:40:49 Last Seen2024-04-29 18:50:28 Times Seen99 Hash 96b36f7056f826a9c56b58f55209e794 7527670b480831c52ac5e937b947165c068af7b8 d117e0f32484b25a090d43594ea2b402631eb26a9b54644b8370aa53ecf47af3 Loading...

	jupita.top/_bahamas_delta/?login=steffen.herzog@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=no_redrct&pcnt=3&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null	505 B	2023-09-21	2024-04-29
Pretty URL jupita.top/_bahamas_delta/?login=steffen.herzog@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=no_redrct&pcnt=3&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null IP 172.67.208.46 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-21 04:40:49 Last Seen2024-04-29 18:50:28 Times Seen99 Hash d448320e57b792a64d70313976f5289d 3bcc06ab5e68132d2f23f7a987e62da38678737d aed1faff5be5d21a70535423e23cff580204c8ffaec4b6d584d9b112b5f5b0f2 Loading...

		Size	First Seen	Last Seen
	#1 Eval - fc8778c4bd1f913ea90ac7c5522098ce	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 09:24:27 Last Seen2024-04-25 09:24:27 Times Seen1 Hash fc8778c4bd1f913ea90ac7c5522098ce 7e86e4f939e000936c5d3f3436c83eecee957431 6b07e527039ac292c1b8d7c9660f8f422e402ba5ec02c5df56876d7662ded266 Loading...

	#2 Eval - 0a7d9dfe4a9cff831debfe9134c85a18	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 09:24:27 Last Seen2024-04-25 09:24:27 Times Seen1 Hash 0a7d9dfe4a9cff831debfe9134c85a18 be639cc86834c7a2b5a897d5f2ae957b9c068a3b 5d6fb53b7f701ba509862bddd9371917a78e6b770e58931c9e693ddbc8a2e32d Loading...

	#3 Eval - 7f3d8f7fdb9fb623d69b451f429ba85c	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 09:24:27 Last Seen2024-04-25 09:24:27 Times Seen1 Hash 7f3d8f7fdb9fb623d69b451f429ba85c fd08a8f8b2a0d46459b20da2570f0868684cfb89 ee7c244042e6d393e44888c6f440f7a217fd02873bed131bee868b520f329313 Loading...

	#4 Eval - 41dcc21cb915aea113d3dceb54c77feb	28 B	2024-04-25	2024-04-25
Pretty Observations First Seen2024-04-25 09:24:27 Last Seen2024-04-25 09:24:27 Times Seen1 Hash 41dcc21cb915aea113d3dceb54c77feb b777d319b47e4ccc03c2a6943f09c281d5cf959a dc9398ae88dedab52f0b0cbef7a3bf6d9a761364929fdd1ae4edfc25a1c467e8 Loading...

	#5 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07	2024-05-04
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-05-04 15:43:19 Times Seen351476 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#6 Eval - 43c81e43a6e7d9140033055ff3e04983	62 B	2024-04-18	2024-04-29
Pretty Observations First Seen2024-04-18 21:08:51 Last Seen2024-04-29 16:17:50 Times Seen2736 Hash 43c81e43a6e7d9140033055ff3e04983 b0eca03913678cb38c488c7c79cc4f9d2755ea17 3f7ef931c657c4333a401c40e8b0b8d1ff3b164542af45e14242314c0ec39f34 Loading...

HTTP Transactions (26)

URL IP Response Size

coolber.s3.ap-southeast-2.amazonaws.com/

52.95.134.94

243 B

URL
coolber.s3.ap-southeast-2.amazonaws.com/
IP
52.95.134.94:0
ASN
#16509 AMAZON-02

File type
XML 1.0 document, ASCII text
Size
243 B (243 bytes)
Hash
5ef36d5feff6ec711ebfc8476dbd01fa
89429d7ce8ba5895a9083ae4792e85fbdb236d27
1e288c1cfa7e99a205b78fa0ed9ef786e253be1da95c7f96be7af28f6ee857c0

HTTP Headers

GET / HTTP/1.1
Host: coolber.s3.ap-southeast-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
x-amz-bucket-region: ap-southeast-2
x-amz-request-id: 5FCDXPE8E6Z66CDZ
x-amz-id-2: tQ18tu3Lsj1PKA4n31ml4xdBfAYsOAaSWQw7NWii9fvamfpxk68jXg/1gQue7LKbC5vVmmThfCE=
Content-Type: application/xml
Transfer-Encoding: chunked
Date: Thu, 25 Apr 2024 07:23:57 GMT
Server: AmazonS3

coolber.s3.ap-southeast-2.amazonaws.com/control_pushpz.html?login=steffen.herzog@slurpmail.net&pcnt=3&no_redrct=no_redrct&request_type=load

52.95.130.130

3.4 kB

URL
coolber.s3.ap-southeast-2.amazonaws.com/control_pushpz.html?login=steffen.herzog@slurpmail.net&pcnt=3&no_redrct=no_redrct&request_type=load
IP
52.95.130.130:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text, with CRLF line terminators
Size
3.4 kB (3404 bytes)
Hash
164aca923fe2a79fe5edf79f4bff0523
1a2c002adee3c47d66ea1de2660760982b26d06a
2da09c1594832e721b2806aa3cb4d4d3b80464e070506f676468896c671daf5e

HTTP Headers

GET /control_pushpz.html?login=steffen.herzog@slurpmail.net&pcnt=3&no_redrct=no_redrct&request_type=load HTTP/1.1
Host: coolber.s3.ap-southeast-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: BhlGg0Az55o22j+jpjw/6ESAQVAS4pTlEhikZXu5tc+iu1FojqU16X7QptWMl66mbsg1Foim57I=
x-amz-request-id: 5FCA6P4SMMF3QHR3
Date: Thu, 25 Apr 2024 07:23:59 GMT
Last-Modified: Wed, 24 Apr 2024 11:50:12 GMT
ETag: "164aca923fe2a79fe5edf79f4bff0523"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/html
Server: AmazonS3
Content-Length: 3404

jubvib.click/

13.237.218.132

59 B

URL
jubvib.click/
IP
13.237.218.132:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text, with CRLF line terminators
Size
59 B (59 bytes)
Hash
f280f4c1a42e1c453a50a469bf74320f
ac362a3f43dfeff149e70a566322366d0f1e9343
d809eda212f0d0564e78c97d84e6e131776aac276f37f6ae7876b41334bdd481

HTTP Headers

GET / HTTP/1.1
Host: jubvib.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 07:24:03 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.30
X-Powered-By: PHP/7.4.30
Connection: keep-alive, Keep-Alive
Content-Length: 59
Keep-Alive: timeout=5, max=100
Content-Type: text/html; charset=UTF-8

jubvib.click/control_pushpz/?login=steffen.herzog@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=no_redrct&pcnt=3&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null

13.237.218.132

3.4 kB

URL
jubvib.click/control_pushpz/?login=steffen.herzog@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=no_redrct&pcnt=3&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
IP
13.237.218.132:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text, with CRLF line terminators
Size
3.4 kB (3403 bytes)
Hash
98f536bc223e59a8405f41715bb5b69c
12d9f2f2d0548969c0b687674a6d61b866b9fc40
6dc4d7c0238dc11eba35ef6dbcb05b65d2773b447ad075d65c76cf8c5b9c0569

HTTP Headers

GET /control_pushpz/?login=steffen.herzog@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=no_redrct&pcnt=3&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null HTTP/1.1
Host: jubvib.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 07:24:07 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.30
X-Powered-By: PHP/7.4.30
Connection: keep-alive, Keep-Alive
Content-Length: 3403
Keep-Alive: timeout=5, max=100
Content-Type: text/html; charset=UTF-8

challenges.cloudflare.com/turnstile/v0/api.js

104.17.3.184

0 B

URL
challenges.cloudflare.com/turnstile/v0/api.js
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jupita.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 25 Apr 2024 07:24:08 GMT
content-length: 0
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
location: /turnstile/v0/b/471dc2adc340/api.js
cache-control: max-age=300, public
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c97769dd1569a-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js

142.250.74.42

31 kB

URL
ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js
IP
142.250.74.42:0
ASN
#15169 GOOGLE

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (31191 bytes)
Hash
cf2fbbf84281d9ecbffb4993203d543b
832a6a4e86daf38b1975d705c5de5d9e5f5844bc
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

HTTP Headers

GET /ajax/libs/jquery/3.6.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jupita.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 Apr 2024 06:26:29 GMT
expires: Sun, 20 Apr 2025 06:26:29 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Wed, 11 Jan 2023 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 435459
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

jupita.top/_bahamas_delta/?login=steffen.herzog@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=no_redrct&pcnt=3&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null

172.67.208.46

200 OK

832 B

URL User Request GET HTTP/3
jupita.top/_bahamas_delta/?login=steffen.herzog@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=no_redrct&pcnt=3&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
IP
172.67.208.46:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectjupita.top
Fingerprint9E:5B:A3:A8:86:17:B2:D3:02:73:C1:56:80:93:96:CC:EA:89:5C:6D
ValidityThu, 18 Apr 2024 20:57:05 GMT - Wed, 17 Jul 2024 20:57:04 GMT

File type
HTML document, ASCII text, with very long lines (1847), with no line terminators
Size
832 B (832 bytes)
Hash
ae724a78ad41eaad57a3ef360916add2
39db727d2dd26755e327db4c52060994083dc9e0
461466553597dca69a16a121befebf3253aa297a6d8c180c5604accbebbbb068

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook
urlquery	suspicious	Suspicious - Anti-debugging code

HTTP Headers

GET /_bahamas_delta/?login=steffen.herzog@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=no_redrct&pcnt=3&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null HTTP/1.1
Host: jupita.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://jubvib.click/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Thu, 25 Apr 2024 07:24:07 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.30
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=02zhYxzXtZIn4XSv3MEDKHxflkoUy1jbWacojn7Bb3p42ez35iMWOqBq3JkRPYcZyK4MZ%2FxHhk3bhoOdsB1BGS%2FRcrirnVArDotcLuU1MYRj4Jkk%2Fo9uuazLzC%2Bd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c97741d09569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D

104.17.3.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/xrlgc/0x4AAAAAAAXjXiXiV7KvBpAv/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 07:24:08 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 879c97786e06b4ed-OSL
alt-svc: h3=":443"; ma=86400

jupita.top/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js

172.67.208.46

3.8 kB

URL
jupita.top/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
IP
172.67.208.46:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectjupita.top
Fingerprint9E:5B:A3:A8:86:17:B2:D3:02:73:C1:56:80:93:96:CC:EA:89:5C:6D
ValidityThu, 18 Apr 2024 20:57:05 GMT - Wed, 17 Jul 2024 20:57:04 GMT

File type
JavaScript source, ASCII text, with very long lines (7920), with no line terminators
Size
3.8 kB (3782 bytes)
Hash
fffdb87029fbb164a3c2fe29614042c2
bf8b7daa856608be060af177280a84707237298c
a6e871f93c4f63e07bf718a4f42ea4793c5ac3e154a38577b7eb276eeb20179c

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js HTTP/1.1
Host: jupita.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 07:24:08 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-content-type-options: nosniff
vary: accept-encoding
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oU7vcjDP8D8TNqcPNYB%2FB3sqeTnHTLcInTDRRDsY8OXiwwIfu7ca0fJgwS580YAvIOh%2B4sCdCFXrSqktJ8EBcKK6TkbJR18tGHszolzQOnm2cBmUaXt1Ea5%2FbZLg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c9777aecc569a-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/879c9777bd47b4ed/1714029848733/0fd0341a216848fd78329337d561e7ac8d4696e84b41703d2ea5b6ed0bc1b7b5/ts1hcZQkZ1TGpuA

104.17.3.184

1 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/879c9777bd47b4ed/1714029848733/0fd0341a216848fd78329337d561e7ac8d4696e84b41703d2ea5b6ed0bc1b7b5/ts1hcZQkZ1TGpuA
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/pat/879c9777bd47b4ed/1714029848733/0fd0341a216848fd78329337d561e7ac8d4696e84b41703d2ea5b6ed0bc1b7b5/ts1hcZQkZ1TGpuA HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/xrlgc/0x4AAAAAAAXjXiXiV7KvBpAv/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 401 Unauthorized
date: Thu, 25 Apr 2024 07:24:09 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gD9A0GiFoSP14MpM31WHnrI1GluhLQXA9LqW27QvBt7UAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEApc5PUXcXSrXwpeNe3kT6EaAJPDsPBMfFZc7M608yW3JV6YSHiGBLoFiLtNHD3Yj8UsOtWbQeFa2uvS_dYz5MBsoSW4-RbOY-WCB2aGEB-eoRbXl4lJRl0UNGi00lNBgNTil_mTTSNV3ssSkmSY8kwM-5GqBNfJ2kmJPKo02MWiXn1pwc4YXbeATUrYDRvvXUXYZrgaarjDyvHFhnYpD3mqr5qOj_TS_1SCUZ0HIp8ywDX06Xc59cKjzFHEUzD3gWutoK4apMxNt9bWWxcH3D_UL1a1llCxh-knMwTxgvRXS-XHap_ymO2zCuAPNgo1SDCTl4lTQZbVX7VvpDZwMaiQIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIA_QNBohaEj9eDKTN9Vh56yNRpboS0FwPS6ltu0Lwbe1ABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1FEYykHcK8H9rb_u0aFz3CmWgYloQw4YhedoEOAjJ0vy2Axa4f9UG9Dzs4uXS34_h8l6MDo2nRCvLI9lvebilMnTjCn-6D77bewqYxJKUFZW1z2jBIdu03TrETczfEg7kxgKtJE9NXGDjYJcF_iMgzgNA0PEAVM89tUYXXlFy4cUAGlqU2mPpIEOxm5ARsXC-zlLK60fkJ4cOsZRkZa6EExdhmgdwQ0fEJuSOHrBO_-zJn4hUP8q9g4yqkxW2UrfJgD07F4HaHGBEiei06sGDvH2NEPvswEl5dTGxutNrxlU7W24iYhNa2nhjlc53nNb0mKtszv-czVE9UhXyJ7-RQIDAQAB", max-age=20
server: cloudflare
cf-ray: 879c977d0ae2b4ed-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/879c9777bd47b4ed/1714029848738/cScleqGVmuWksKg

104.17.3.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/879c9777bd47b4ed/1714029848738/cScleqGVmuWksKg
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 45 x 36, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
939e1fedd10d3df6e5868b666c941c46
469cadb303f46f352e330aaf246a848dd14ddbb9
ec914125f2d1fc093beb6cabc981048b3fdb7bab44b26b1c0798d50719c8a06b

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/i/879c9777bd47b4ed/1714029848738/cScleqGVmuWksKg HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/xrlgc/0x4AAAAAAAXjXiXiV7KvBpAv/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 07:24:09 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 879c97812843b4ed-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/turnstile/v0/b/471dc2adc340/api.js

104.17.3.184

14 kB

URL
challenges.cloudflare.com/turnstile/v0/b/471dc2adc340/api.js
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (42414)
Size
14 kB (14292 bytes)
Hash
f94a2211ce789a95a7c67e8c660d63e8
f1fc19b6bcb96d0a905bf3192aaff0885ff9f36f
926dc3302f99ec05e4206e965ddeb7250f5910a8c38e82c7beafb724bbaaf37b

HTTP Headers

GET /turnstile/v0/b/471dc2adc340/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jupita.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 25 Apr 2024 07:24:08 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c9776adeb569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879c9777bd47b4ed

104.17.3.184

347 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879c9777bd47b4ed
IP
104.17.3.184:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
347 kB (347003 bytes)
Hash
e421400306689658a709ead8bf7d0375
e0a2fafd420f2b6e663973cc26bd2739e0ac2a6b
de5f4429438a8dd5c8fce1026a3d2033917aec2b93297caf30a783e0f185590b

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=879c9777bd47b4ed HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/xrlgc/0x4AAAAAAAXjXiXiV7KvBpAv/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 07:24:08 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
vary: accept-encoding
server: cloudflare
cf-ray: 879c97787e0db4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

jupita.top/_bahamas_delta/functions/spinner.gif

172.67.208.46

200 OK

46 kB

URL GET HTTP/3
jupita.top/_bahamas_delta/functions/spinner.gif
IP
172.67.208.46:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jupita.top/_bahamas_delta/?login=steffen.herzog@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=no_redrct&pcnt=3&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
Certificate
IssuerLet's Encrypt
Subjectjupita.top
Fingerprint9E:5B:A3:A8:86:17:B2:D3:02:73:C1:56:80:93:96:CC:EA:89:5C:6D
ValidityThu, 18 Apr 2024 20:57:05 GMT - Wed, 17 Jul 2024 20:57:04 GMT

File type
GIF image data, version 89a, 48 x 48
Size
46 kB (46341 bytes)
Hash
bab0ad7ce20e911217791c00bcd4e35b
0822ac44951def4349090998b9ecb153128f03d5
bd750f550a5db2901c0bd52ec564da6adfbad55562b862b1f125d96d9d62b026

HTTP Headers

GET /_bahamas_delta/functions/spinner.gif HTTP/1.1
Host: jupita.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jupita.top/_bahamas_delta/?login=steffen.herzog@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=no_redrct&pcnt=3&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
Cookie: cf_clearance=wC9jKKDr74E_SDJi8DcWlSGs2bqP6PGtzVZHXOu2xEQ-1714029850-1.0.1.1-we16gUIqnyDJ975VmoI9n8f0bkJG4BJIT4Ff3iNs81z7MZJo7jvgnbO4qP9VCPbMvsvo86_SkeNbNlJfiXF1WQ; captcha=1; PHPSESSID=ms3l8tgpusiu5ers4r0pksuith
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 07:24:11 GMT
content-type: image/gif
content-length: 46341
last-modified: Wed, 07 Oct 2020 21:45:56 GMT
etag: "b505-5b11ba3eced00"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GZGtBQYmZkaPDPL4GJGS3aPA83lDbPGCKv6ebSZeqlYwaQYlRVtyiNDz1eHjeYyQDDzvovYl7pq01O5%2B8rOvFWuTBoybiu8M3clX08q5dSUoEai7XX1unjdc9U1b"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c9787987e569a-OSL
alt-svc: h3=":443"; ma=86400

www.google.com/s2/favicons?domain=slurpmail.net

142.250.74.164

301 Moved Permanently

333 B

URL GET HTTP/2
www.google.com/s2/favicons?domain=slurpmail.net
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://jupita.top/_bahamas_delta/?login=steffen.herzog@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=no_redrct&pcnt=3&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintCD:48:2A:0C:60:1D:37:5A:D4:D5:A9:F7:DE:A0:2B:5E:2F:29:76:73
ValidityMon, 18 Mar 2024 20:38:49 GMT - Mon, 10 Jun 2024 20:38:48 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
333 B (333 bytes)
Hash
de05e6e271047c6cd0f73ac5a5500761
da9208d9cefdd11ef97682963c5ea7aadd1ba1db
661d8f04c6980f6136e0d2696fdd24f0fe9cc411e9a97eecd630fb80e8dce225

HTTP Headers

GET /s2/favicons?domain=slurpmail.net HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jupita.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 25 Apr 2024 07:24:11 GMT
expires: Thu, 25 Apr 2024 07:54:11 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 333
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/s2/favicons?domain=slurpmail.net

142.250.74.164

301 Moved Permanently

333 B

URL GET HTTP/2
www.google.com/s2/favicons?domain=slurpmail.net
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://jupita.top/_bahamas_delta/?login=steffen.herzog@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=no_redrct&pcnt=3&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintCD:48:2A:0C:60:1D:37:5A:D4:D5:A9:F7:DE:A0:2B:5E:2F:29:76:73
ValidityMon, 18 Mar 2024 20:38:49 GMT - Mon, 10 Jun 2024 20:38:48 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
333 B (333 bytes)
Hash
de05e6e271047c6cd0f73ac5a5500761
da9208d9cefdd11ef97682963c5ea7aadd1ba1db
661d8f04c6980f6136e0d2696fdd24f0fe9cc411e9a97eecd630fb80e8dce225

HTTP Headers

GET /s2/favicons?domain=slurpmail.net HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jupita.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 301 Moved Permanently
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16
x-content-type-options: nosniff
server: sffe
content-length: 333
x-xss-protection: 0
date: Thu, 25 Apr 2024 07:24:11 GMT
expires: Thu, 25 Apr 2024 07:54:11 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/s2/favicons?domain=slurpmail.net

142.250.74.164

301 Moved Permanently

333 B

URL GET HTTP/2
www.google.com/s2/favicons?domain=slurpmail.net
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://jupita.top/_bahamas_delta/?login=steffen.herzog@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=no_redrct&pcnt=3&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintCD:48:2A:0C:60:1D:37:5A:D4:D5:A9:F7:DE:A0:2B:5E:2F:29:76:73
ValidityMon, 18 Mar 2024 20:38:49 GMT - Mon, 10 Jun 2024 20:38:48 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
333 B (333 bytes)
Hash
de05e6e271047c6cd0f73ac5a5500761
da9208d9cefdd11ef97682963c5ea7aadd1ba1db
661d8f04c6980f6136e0d2696fdd24f0fe9cc411e9a97eecd630fb80e8dce225

HTTP Headers

GET /s2/favicons?domain=slurpmail.net HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jupita.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 301 Moved Permanently
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16
x-content-type-options: nosniff
server: sffe
content-length: 333
x-xss-protection: 0
date: Thu, 25 Apr 2024 07:24:11 GMT
expires: Thu, 25 Apr 2024 07:54:11 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16

142.250.74.100

734 B

URL
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16
IP
142.250.74.100:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
734 B (734 bytes)
Hash
b864010428c077910c5ca240cf245bb6
f9715aa21b66802df7df8d5cb7d567b90542c042
dd7125f39db361fa801a74d09c1f48800926bfdbd241c67152cfcfa04402d665

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jupita.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
content-location: http://slurpmail.net/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 734
date: Thu, 25 Apr 2024 07:24:11 GMT
expires: Thu, 02 May 2024 07:24:11 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16

142.250.74.100

734 B

URL
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16
IP
142.250.74.100:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
734 B (734 bytes)
Hash
b864010428c077910c5ca240cf245bb6
f9715aa21b66802df7df8d5cb7d567b90542c042
dd7125f39db361fa801a74d09c1f48800926bfdbd241c67152cfcfa04402d665

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jupita.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-location: http://slurpmail.net/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 734
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 07:24:11 GMT
expires: Thu, 02 May 2024 07:24:11 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16

142.250.74.100

734 B

URL
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16
IP
142.250.74.100:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
734 B (734 bytes)
Hash
b864010428c077910c5ca240cf245bb6
f9715aa21b66802df7df8d5cb7d567b90542c042
dd7125f39db361fa801a74d09c1f48800926bfdbd241c67152cfcfa04402d665

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jupita.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-location: http://slurpmail.net/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 734
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 07:24:11 GMT
expires: Thu, 02 May 2024 07:24:11 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

jupita.top/favicon.ico

172.67.208.46

404 Not Found

297 B

URL GET HTTP/3
jupita.top/favicon.ico
IP
172.67.208.46:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jupita.top/_bahamas_delta/?login=steffen.herzog@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=no_redrct&pcnt=3&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
Certificate
IssuerLet's Encrypt
Subjectjupita.top
Fingerprint9E:5B:A3:A8:86:17:B2:D3:02:73:C1:56:80:93:96:CC:EA:89:5C:6D
ValidityThu, 18 Apr 2024 20:57:05 GMT - Wed, 17 Jul 2024 20:57:04 GMT

File type
HTML document, ASCII text, with very long lines (308), with no line terminators
Size
297 B (297 bytes)
Hash
7326a5f603b201994351a570417f6b60
c930416a03575409c05b0b30f5ee5fd48293a289
63e7e5940f92b8dc2808c4207712e7db4da75fcba737666f8e22cefeca3b855e

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: jupita.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jupita.top/_bahamas_delta/?login=steffen.herzog@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=no_redrct&pcnt=3&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
Cookie: cf_clearance=wC9jKKDr74E_SDJi8DcWlSGs2bqP6PGtzVZHXOu2xEQ-1714029850-1.0.1.1-we16gUIqnyDJ975VmoI9n8f0bkJG4BJIT4Ff3iNs81z7MZJo7jvgnbO4qP9VCPbMvsvo86_SkeNbNlJfiXF1WQ; captcha=1; PHPSESSID=ms3l8tgpusiu5ers4r0pksuith
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Thu, 25 Apr 2024 07:24:11 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: HIT
age: 3
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r1IUsBo%2FmlM9veYBjNIE5n5CKeoksG%2ByWpcxnr4KjiJJxMB9Ef%2BTt1nUXoP%2FfWaELGlsMLfIjbOzPcrbM6FDLj%2B3W3SCE5u4%2F8f3lziqgbntalFrQhWm%2FNIqd5ss"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c978909f4569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16

142.250.74.100

200 OK

734 B

URL GET HTTP/2
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16
IP
142.250.74.100:443
ASN
#15169 GOOGLE

Requested by
https://jupita.top/_bahamas_delta/?login=steffen.herzog@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=no_redrct&pcnt=3&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
734 B (734 bytes)
Hash
b864010428c077910c5ca240cf245bb6
f9715aa21b66802df7df8d5cb7d567b90542c042
dd7125f39db361fa801a74d09c1f48800926bfdbd241c67152cfcfa04402d665

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jupita.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-location: http://slurpmail.net/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 734
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 07:24:11 GMT
expires: Thu, 02 May 2024 07:24:11 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16

142.250.74.100

200 OK

734 B

URL GET HTTP/2
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16
IP
142.250.74.100:443
ASN
#15169 GOOGLE

Requested by
https://jupita.top/_bahamas_delta/?login=steffen.herzog@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=no_redrct&pcnt=3&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
734 B (734 bytes)
Hash
b864010428c077910c5ca240cf245bb6
f9715aa21b66802df7df8d5cb7d567b90542c042
dd7125f39db361fa801a74d09c1f48800926bfdbd241c67152cfcfa04402d665

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jupita.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-location: http://slurpmail.net/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 734
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 07:24:11 GMT
expires: Thu, 02 May 2024 07:24:11 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.js

142.250.74.42

200 OK

289 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.js
IP
142.250.74.42:443
ASN
#15169 GOOGLE

Requested by
https://jupita.top/_bahamas_delta/?login=steffen.herzog@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=no_redrct&pcnt=3&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT

File type
JavaScript source, ASCII text
Size
289 kB (288580 bytes)
Hash
2849239b95f5a9a2aea3f6ed9420bb88
af32f706407ab08f800c5e697cce92466e735847
1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239

HTTP Headers

GET /ajax/libs/jquery/3.6.0/jquery.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jupita.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 85110
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 11:15:16 GMT
expires: Wed, 23 Apr 2025 11:15:16 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 158934
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16

142.250.74.100

200 OK

734 B

URL GET HTTP/2
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16
IP
142.250.74.100:443
ASN
#15169 GOOGLE

Requested by
https://jupita.top/_bahamas_delta/?login=steffen.herzog@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=no_redrct&pcnt=3&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
734 B (734 bytes)
Hash
b864010428c077910c5ca240cf245bb6
f9715aa21b66802df7df8d5cb7d567b90542c042
dd7125f39db361fa801a74d09c1f48800926bfdbd241c67152cfcfa04402d665

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jupita.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
content-location: http://slurpmail.net/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 734
date: Thu, 25 Apr 2024 07:24:11 GMT
expires: Thu, 02 May 2024 07:24:11 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

wakandos.top/usp_Enigma_premium_users/admin/kfud_loader.php?login=steffen.herzog@slurpmail.net&page=null&hide_email=true

0.0.0.0

0 B

URL GET
wakandos.top/usp_Enigma_premium_users/admin/kfud_loader.php?login=steffen.herzog@slurpmail.net&page=null&hide_email=true
IP
0.0.0.0:0
ASN
#0

Requested by
https://jupita.top/_bahamas_delta/?login=steffen.herzog@slurpmail.net&page=null&request_type=load&page_bg=null&no_redrct=no_redrct&pcnt=3&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /usp_Enigma_premium_users/admin/kfud_loader.php?login=steffen.herzog@slurpmail.net&page=null&hide_email=true HTTP/1.1
Host: wakandos.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jupita.top
DNT: 1
Connection: keep-alive
Referer: https://jupita.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL