| emailportal.domainlander.top/cdn-cgi/challenge-platform/h/b/rc/92760cdefcd756c7 |  104.21.84.146 | 200 OK | 0 B |
URL POST emailportal.domainlander.top/cdn-cgi/challenge-platform/h/b/rc/92760cdefcd756c7 IP104.21.84.146:443
Requested byhttps://emailportal.domainlander.top/_sophosm_oxy/?login=michael.nienkemper@slurpmail.net CertificateIssuerGoogle Trust Services Subjectdomainlander.top FingerprintC0:4F:37:6D:67:38:0C:78:A6:EA:70:44:72:AB:AA:52:C2:C4:40:D9 ValiditySun, 09 Feb 2025 21:33:40 GMT - Sat, 10 May 2025 22:31:21 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/challenge-platform/h/b/rc/92760cdefcd756c7 HTTP/1.1
Host: emailportal.domainlander.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://emailportal.domainlander.top/_sophosm_oxy/?login=michael.nienkemper@slurpmail.net
Content-Type: application/json
Content-Length: 1002
Origin: https://emailportal.domainlander.top
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=jVe.0LxG0utsbmOTi2GLhzIomtxkoVokIWQShYB8aBs-1743153612-1.2.1.1-LkBLhu5ut8iIz3vOQJZh_OXko6zNbALh0Ie75Dhb_V.ClZlngoOUeXQhhJ0JteJpKOZU1ZNTQmoXEaK_7vC0IH9DdCwfPOygb1N4Sg.Zm62BBc18v4IQLvwFAkCgqNR0S1lM8ZDq.GD0iF2P3OPe.8JmvS0sL7Tn1RDgcUNP5fVQDky8Ghg1bE3DywLT660ozr6Al6.KRqEhJJqo.xtzBnc0Z1fKxon4L554lvVtYwyVpfD2radlz9AiIOXNowsnQOqpTF.DiNuEQ6IPZ_iYNDeCLewng1krw4BIn0x0xcSbgQS7UwbDXLE5YQwoVHg0vx8.EMX0POld4vT2ZmjK2fu3a5od.TxviS96bRC36fg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 28 Mar 2025 09:20:17 GMT
content-length: 0
set-cookie: cf_clearance=; Path=/; Expires=Thu, 01-Jan-70 00:00:00 GMT; Domain=domainlander.top; HttpOnly; Secure; SameSite=None
cf_clearance=iDdHZwvWwTJaI5ZY._F.1JJnPDrT4.EcKfMd8SP2sdw-1743153617-1.2.1.1-_Rrh3ejQQN1DyP.VdSNsVZE9uNiG3ZLOVcS7bCTma55SED2q.T7XDSft8Tmi_ng2ZuOXuztC30ETBVaAyRFtVBZdnDbL7wByIl2tWRYOo.OIIv8K4KT_.Dz3xi.jNssQahkI3eUDGfOWMQMIP.XHeU1BhhzHTTOeH7g13irgSvn9118uAccEaJDxsDs.JsnDqLvreJX442tjMCoRwBqbqU7TwsyTD78S9eUVn6DFw0j4H2OmPHUMH2o4nGRSde80KaFGDHBsbcguuzjNj0pRY4XZMy6xd_dPfmtLag6l0HVpxXiZs5U8uqmIfgpHTgD5C2.W5PeHcHjWYh3MtuB_lO95S_6grQOyMckaZeHRJnd7lmveGUanM7g.ttqLlwHU7cGzEwlMuBCvr7LGCi07eg6LwWc79nBORMMVyMW5AFQ; Path=/; Expires=Sat, 28-Mar-26 09:20:17 GMT; Domain=domainlander.top; HttpOnly; Secure; SameSite=None; Partitioned
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 92760cfece7b92c7-CPH
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2FBjC%2FZcIU6Rl1d2HuOy%2F7uF%2BpMae%2BNmDz%2BZuDonzQOJkKjoISb%2FKw5RTcwSfoJsWOLuMWm%2FvJjyGCH5f4JM%2BQspp2sqyb%2FMK5BGKEvlggKEdtgo0CuV3vIrIBG%2B%2FpkVN2FrFxaqASSV8YbSKNC4"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.js |  142.250.74.106 | 200 OK | 289 kB |
URL GET ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.js IP142.250.74.106:443
Requested byhttps://emailportal.domainlander.top/_sophosm_oxy/?login=michael.nienkemper@slurpmail.net CertificateIssuerGoogle Trust Services Subjectupload.video.google.com Fingerprint69:99:38:F9:7C:82:8E:AC:7D:DA:EA:3E:1C:E4:7F:52:1B:36:41:AA ValidityMon, 10 Mar 2025 08:37:02 GMT - Mon, 02 Jun 2025 08:37:01 GMT
File typeJavaScript source, ASCII text Size289 kB (288580 bytes) Hash2849239b95f5a9a2aea3f6ed9420bb88 af32f706407ab08f800c5e697cce92466e735847 1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239
GET /ajax/libs/jquery/3.6.0/jquery.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://emailportal.domainlander.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 85110
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 27 Mar 2025 18:10:48 GMT
expires: Fri, 27 Mar 2026 18:10:48 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 54570
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.google.com/s2/favicons?domain=slurpmail.net | 142.250.178.100 | 301 Moved Permanently | 734 B |
URL GET www.google.com/s2/favicons?domain=slurpmail.net IP142.250.178.100:443
Requested byhttps://emailportal.domainlander.top/_sophosm_oxy/?login=michael.nienkemper@slurpmail.net CertificateIssuerGoogle Trust Services Subjectwww.google.com Fingerprint2F:CC:05:C5:14:C4:CD:A4:26:05:31:F9:67:40:7C:D3:39:74:34:0C ValidityMon, 10 Mar 2025 08:37:46 GMT - Mon, 02 Jun 2025 08:37:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/favicons?domain=slurpmail.net HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://emailportal.domainlander.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16
x-content-type-options: nosniff
server: sffe
content-length: 333
x-xss-protection: 0
date: Fri, 28 Mar 2025 09:18:24 GMT
expires: Fri, 28 Mar 2025 09:48:24 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 114
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg | 142.250.178.67 | 200 OK | 6.2 kB |
URL GET fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg IP142.250.178.67:443
Requested byhttps://emailportal.domainlander.top/_sophosm_oxy/?login=michael.nienkemper@slurpmail.net CertificateIssuerGoogle Trust Services Subject*.gstatic.com Fingerprint63:D6:50:6F:98:C5:59:D1:5A:FF:9D:8D:C3:C1:04:A1:B9:1A:3E:6B ValidityMon, 10 Mar 2025 08:37:01 GMT - Mon, 02 Jun 2025 08:37:00 GMT
File typeSVG Scalable Vector Graphics image Hasha1a4ffbc52fa4bd18e2f9f7c45ba71fc 0df81f908c859204ae9748c21ad2a4219381b2e4 151e69c94e1f500a46c405df3a0c60043651b22aec7b4ae33d5df3bc9fd82737
GET /s/i/productlogos/translate/v14/24px.svg HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://emailportal.domainlander.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 3340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 22 Mar 2025 14:14:37 GMT
expires: Sun, 22 Mar 2026 14:14:37 GMT
cache-control: public, max-age=31536000
age: 500741
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| floring.testlinkservermain.com/wp-assets/dffa4.php/#michael.nienkemper@slurpmail.net | 192.250.227.100 | 302 Found | 4.2 kB |
URL User Request GET floring.testlinkservermain.com/wp-assets/dffa4.php/#michael.nienkemper@slurpmail.net IP192.250.227.100:443 ASN#36454 WHG Hosting Services Ltd
CertificateIssuerLet's Encrypt Subjectwww.floring.testlinkservermain.com FingerprintEA:58:11:84:EA:67:D8:18:CA:EC:F2:2D:5E:74:9D:30:8D:27:2F:B3 ValiditySat, 08 Feb 2025 23:55:35 GMT - Fri, 09 May 2025 23:55:34 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Microsoft Outlook |
GET /wp-assets/dffa4.php/ HTTP/1.1
Host: floring.testlinkservermain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://5057dcc22085613ffe6c709068311359.corridastiopatinhas.com.br/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
location: https://emailway.dubwebs.click/rr/index.html
content-type: text/html; charset=UTF-8
content-length: 0
date: Fri, 28 Mar 2025 09:20:11 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
vary: User-Agent
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
|
|
| emailway.dubwebs.click/cdn-cgi/challenge-platform/scripts/jsd/main.js | 0.0.0.0 | | 0 B |
URL GET emailway.dubwebs.click/cdn-cgi/challenge-platform/scripts/jsd/main.js IP0.0.0.0:0
Requested byhttps://emailway.dubwebs.click/rr/index.html#michael.nienkemper@slurpmail.net CertificateIssuerGoogle Trust Services Subjectdubwebs.click FingerprintBB:61:2F:7D:86:FD:19:78:3C:27:39:D5:46:EA:0D:0F:ED:E2:3D:36 ValidityFri, 21 Mar 2025 13:28:54 GMT - Thu, 19 Jun 2025 14:27:32 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: emailway.dubwebs.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
|
|
| emailportal.domainlander.top/favicon.ico | 104.21.84.146 | 404 Not Found | 315 B |
URL GET emailportal.domainlander.top/favicon.ico IP104.21.84.146:443
Requested byhttps://emailportal.domainlander.top/_sophosm_oxy/?login=michael.nienkemper@slurpmail.net CertificateIssuerGoogle Trust Services Subjectdomainlander.top FingerprintC0:4F:37:6D:67:38:0C:78:A6:EA:70:44:72:AB:AA:52:C2:C4:40:D9 ValiditySun, 09 Feb 2025 21:33:40 GMT - Sat, 10 May 2025 22:31:21 GMT
File typeHTML document, ASCII text, with very long lines (326), with no line terminators Hashfd0762d2536adbb0a04e6569e06a4a5f 872f2a4c95d58908f606058af975b96e0db30dd4 a7aca91e9a9eafa3cde1e910b57242f1bf3b5eb8c952c3094acdf4609f20c78b
GET /favicon.ico HTTP/1.1
Host: emailportal.domainlander.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://emailportal.domainlander.top/_sophosm_oxy/?login=michael.nienkemper@slurpmail.net
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Fri, 28 Mar 2025 09:20:12 GMT
content-type: text/html; charset=iso-8859-1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3lr9%2B%2FQ372PpaE8%2B1bmEkdJC9GvCptF6QfOUuw0SoNOMwLaHctQA6CfvxAlTTC5VmCs4fTAEA2sZmNN7n%2BN77QZYS0ZqYzp%2BEITune0m8el%2Fv%2BLdvUEnTkdhXErixck8JzdrhndBfGzQ7p1aI9bM"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-cache-status: EXPIRED
content-encoding: br
cf-ray: 92760cdedc3992c7-CPH
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
|
|
| emailportal.domainlander.top/cdn-cgi/challenge-platform/h/b/jsd/r/0.8180780210668519:1743150289:l0f5hmDKBn6xWYW8NbLEM0bt5GaRzaM7Cuj25W2tSAE/92760cdbad73abcc | 104.21.84.146 | 200 OK | 0 B |
URL POST emailportal.domainlander.top/cdn-cgi/challenge-platform/h/b/jsd/r/0.8180780210668519:1743150289:l0f5hmDKBn6xWYW8NbLEM0bt5GaRzaM7Cuj25W2tSAE/92760cdbad73abcc IP104.21.84.146:443
Requested byhttps://emailportal.domainlander.top/_sophosm_oxy/?login=michael.nienkemper@slurpmail.net CertificateIssuerGoogle Trust Services Subjectdomainlander.top FingerprintC0:4F:37:6D:67:38:0C:78:A6:EA:70:44:72:AB:AA:52:C2:C4:40:D9 ValiditySun, 09 Feb 2025 21:33:40 GMT - Sat, 10 May 2025 22:31:21 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/challenge-platform/h/b/jsd/r/0.8180780210668519:1743150289:l0f5hmDKBn6xWYW8NbLEM0bt5GaRzaM7Cuj25W2tSAE/92760cdbad73abcc HTTP/1.1
Host: emailportal.domainlander.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 12163
Origin: https://emailportal.domainlander.top
DNT: 1
Connection: keep-alive
Referer: https://emailportal.domainlander.top/_sophosm_oxy/?login=michael.nienkemper@slurpmail.net
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 28 Mar 2025 09:20:12 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=; Path=/; Expires=Thu, 01-Jan-70 00:00:00 GMT; Domain=domainlander.top; HttpOnly; Secure; SameSite=None
cf_clearance=jVe.0LxG0utsbmOTi2GLhzIomtxkoVokIWQShYB8aBs-1743153612-1.2.1.1-LkBLhu5ut8iIz3vOQJZh_OXko6zNbALh0Ie75Dhb_V.ClZlngoOUeXQhhJ0JteJpKOZU1ZNTQmoXEaK_7vC0IH9DdCwfPOygb1N4Sg.Zm62BBc18v4IQLvwFAkCgqNR0S1lM8ZDq.GD0iF2P3OPe.8JmvS0sL7Tn1RDgcUNP5fVQDky8Ghg1bE3DywLT660ozr6Al6.KRqEhJJqo.xtzBnc0Z1fKxon4L554lvVtYwyVpfD2radlz9AiIOXNowsnQOqpTF.DiNuEQ6IPZ_iYNDeCLewng1krw4BIn0x0xcSbgQS7UwbDXLE5YQwoVHg0vx8.EMX0POld4vT2ZmjK2fu3a5od.TxviS96bRC36fg; Path=/; Expires=Sat, 28-Mar-26 09:20:12 GMT; Domain=domainlander.top; HttpOnly; Secure; SameSite=None; Partitioned
cf-ray: 92760ce08c6292c7-CPH
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O0j7h6QajcNbU529Rub3AJePsthopOQzpPOri%2FqsBgTtiqxLnC5RmpynoBvhWfGYzBVVCjeun5PBUcSrHnoOaAvRRtdCMbOOJvk%2F%2F%2F0fAHQu5%2B4XSKJIDTEoNNkbtUi3fUl45SE%2Bfddn945teRXp"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
|
|
| www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_68x28dp.png | 142.250.74.99 | 200 OK | 1.6 kB |
URL GET www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_68x28dp.png IP142.250.74.99:443
Requested byhttps://emailportal.domainlander.top/_sophosm_oxy/?login=michael.nienkemper@slurpmail.net CertificateIssuerGoogle Trust Services Subject*.gstatic.com Fingerprint63:D6:50:6F:98:C5:59:D1:5A:FF:9D:8D:C3:C1:04:A1:B9:1A:3E:6B ValidityMon, 10 Mar 2025 08:37:01 GMT - Mon, 02 Jun 2025 08:37:00 GMT
File typePNG image data, 68 x 28, 8-bit/color RGBA, non-interlaced Hashc4a931d597decd2553aac6634b766cf2 6ec84fb4a2745b4b71520241be77db1fd1013830 f56402b127698db4b4dc611a97a6f081d04c4691c60522c5912d189e37c94a9e
GET /images/branding/googlelogo/1x/googlelogo_color_68x28dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://emailportal.domainlander.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1597
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 27 Mar 2025 18:10:45 GMT
expires: Fri, 27 Mar 2026 18:10:45 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
content-type: image/png
vary: Origin
age: 54574
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| emailportal.domainlander.top/_sophosm_oxy/?login=michael.nienkemper@slurpmail.net | 104.21.84.146 | 404 Not Found | 1.7 kB |
URL User Request GET emailportal.domainlander.top/_sophosm_oxy/?login=michael.nienkemper@slurpmail.net IP104.21.84.146:443
CertificateIssuerGoogle Trust Services Subjectdomainlander.top FingerprintC0:4F:37:6D:67:38:0C:78:A6:EA:70:44:72:AB:AA:52:C2:C4:40:D9 ValiditySun, 09 Feb 2025 21:33:40 GMT - Sat, 10 May 2025 22:31:21 GMT
File typeJavaScript source, ASCII text, with very long lines (1696), with no line terminators Hash4107acd46bb15a026b3f77b7cde6b73b b6355842bbbc8bf7da4794cfa7051f305e0c146c 3162a83ec49f4830081d98a359fc9cf7d944f30813ee64cf48532c78f8eb520b
GET /_sophosm_oxy/?login=michael.nienkemper@slurpmail.net HTTP/1.1
Host: emailportal.domainlander.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://emailway.dubwebs.click/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Fri, 28 Mar 2025 09:20:12 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.30
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rk1x3S9%2FaMXC5te1bFpUuac3EpylSOQYPDbGppuC0UR9nHyLzJ8VWDkDodvRCukldL7J%2FbFDjoPwD2oRq495UHdsWWu4BN50AgENXNTZZdvx1zq9d6rRMVjhF4kbRF3dLOFVTRZEVf4uqQLvXtlF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 92760cdbad73abcc-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=27745&min_rtt=21805&rtt_var=14408&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3209&recv_bytes=1197&delivery_rate=197850&cwnd=254&unsent_bytes=0&cid=0aef7dfa71b83849&ts=112&x=0"
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/d/92760cdefcd756c7/1743153613201/ZI7qExMi3wK2aK3 | 104.18.94.41 | 200 OK | 61 B |
URL GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/d/92760cdefcd756c7/1743153613201/ZI7qExMi3wK2aK3 IP104.18.94.41:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/7hokv/0x4AAAAAAAeT97zv7RuMp8kB/auto/fbE/new/normal/auto/ CertificateIssuerGoogle Trust Services Subjectchallenges.cloudflare.com Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28 ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT
File typePNG image data, 42 x 9, 8-bit/color RGB, non-interlaced Hashcb150569ad07f5ac33feee2d012ef51e a7c449e376006e1c9e3307e3466512b314d7089d fe482f54502324b13c39a6cd6abbaf3636caea89ee9fe9b99163180f10242b44
GET /cdn-cgi/challenge-platform/h/b/d/92760cdefcd756c7/1743153613201/ZI7qExMi3wK2aK3 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/7hokv/0x4AAAAAAAeT97zv7RuMp8kB/auto/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 28 Mar 2025 09:20:16 GMT
content-type: image/png
content-length: 61
priority: u=4,i=?0
server: cloudflare
cf-ray: 92760cf67f8356c7-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| emailportal.domainlander.top/_sophosm_oxy/?login=michael.nienkemper@slurpmail.net | 104.21.84.146 | 200 OK | 23 kB |
URL User Request GET emailportal.domainlander.top/_sophosm_oxy/?login=michael.nienkemper@slurpmail.net IP104.21.84.146:443
CertificateIssuerGoogle Trust Services Subjectdomainlander.top FingerprintC0:4F:37:6D:67:38:0C:78:A6:EA:70:44:72:AB:AA:52:C2:C4:40:D9 ValiditySun, 09 Feb 2025 21:33:40 GMT - Sat, 10 May 2025 22:31:21 GMT
File typeJavaScript source, ASCII text, with very long lines (317) Hashee8ae70682072b174bb490e17773f4dc 3baaf5565ba690514706bc04f266e65c6ac9aa2f fc7ddbd1538025e259d26aa30f4858df409bd57489788f8ae8323d4d565a11cd
GET /_sophosm_oxy/?login=michael.nienkemper@slurpmail.net HTTP/1.1
Host: emailportal.domainlander.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://emailway.dubwebs.click/
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=iDdHZwvWwTJaI5ZY._F.1JJnPDrT4.EcKfMd8SP2sdw-1743153617-1.2.1.1-_Rrh3ejQQN1DyP.VdSNsVZE9uNiG3ZLOVcS7bCTma55SED2q.T7XDSft8Tmi_ng2ZuOXuztC30ETBVaAyRFtVBZdnDbL7wByIl2tWRYOo.OIIv8K4KT_.Dz3xi.jNssQahkI3eUDGfOWMQMIP.XHeU1BhhzHTTOeH7g13irgSvn9118uAccEaJDxsDs.JsnDqLvreJX442tjMCoRwBqbqU7TwsyTD78S9eUVn6DFw0j4H2OmPHUMH2o4nGRSde80KaFGDHBsbcguuzjNj0pRY4XZMy6xd_dPfmtLag6l0HVpxXiZs5U8uqmIfgpHTgD5C2.W5PeHcHjWYh3MtuB_lO95S_6grQOyMckaZeHRJnd7lmveGUanM7g.ttqLlwHU7cGzEwlMuBCvr7LGCi07eg6LwWc79nBORMMVyMW5AFQ; captcha=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 28 Mar 2025 09:20:18 GMT
content-type: text/html; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oA6nxwnMRndK6k%2FliuJ4bG0rh4jfDJQf22Dx7PD67yKX4b5ryLlu%2BITA1bQY4ObBvy6SQTHbIrAZ%2FBV6yoPkFBSOFrSC57SbNm1NE2axfCYcAdhVuX4pAWEX3AyZT2GUYc6%2BjnKlfeqWUb%2FuiJ7a"}],"group":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.30
set-cookie: PHPSESSID=9qk8addurkn7pm4jtltsd5dhpg; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 92760d00feb692c7-CPH
server: cloudflare
alt-svc: h3=":443"; ma=86400
|
|
| emailportal.domainlander.top/_sophosm_oxy/functions/spinner.gif | 104.21.84.146 | 200 OK | 46 kB |
URL GET emailportal.domainlander.top/_sophosm_oxy/functions/spinner.gif IP104.21.84.146:443
Requested byhttps://emailportal.domainlander.top/_sophosm_oxy/?login=michael.nienkemper@slurpmail.net CertificateIssuerGoogle Trust Services Subjectdomainlander.top FingerprintC0:4F:37:6D:67:38:0C:78:A6:EA:70:44:72:AB:AA:52:C2:C4:40:D9 ValiditySun, 09 Feb 2025 21:33:40 GMT - Sat, 10 May 2025 22:31:21 GMT
File typeGIF image data, version 89a, 48 x 48 Hashbab0ad7ce20e911217791c00bcd4e35b 0822ac44951def4349090998b9ecb153128f03d5 bd750f550a5db2901c0bd52ec564da6adfbad55562b862b1f125d96d9d62b026
GET /_sophosm_oxy/functions/spinner.gif HTTP/1.1
Host: emailportal.domainlander.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://emailportal.domainlander.top/_sophosm_oxy/?login=michael.nienkemper@slurpmail.net
Cookie: cf_clearance=iDdHZwvWwTJaI5ZY._F.1JJnPDrT4.EcKfMd8SP2sdw-1743153617-1.2.1.1-_Rrh3ejQQN1DyP.VdSNsVZE9uNiG3ZLOVcS7bCTma55SED2q.T7XDSft8Tmi_ng2ZuOXuztC30ETBVaAyRFtVBZdnDbL7wByIl2tWRYOo.OIIv8K4KT_.Dz3xi.jNssQahkI3eUDGfOWMQMIP.XHeU1BhhzHTTOeH7g13irgSvn9118uAccEaJDxsDs.JsnDqLvreJX442tjMCoRwBqbqU7TwsyTD78S9eUVn6DFw0j4H2OmPHUMH2o4nGRSde80KaFGDHBsbcguuzjNj0pRY4XZMy6xd_dPfmtLag6l0HVpxXiZs5U8uqmIfgpHTgD5C2.W5PeHcHjWYh3MtuB_lO95S_6grQOyMckaZeHRJnd7lmveGUanM7g.ttqLlwHU7cGzEwlMuBCvr7LGCi07eg6LwWc79nBORMMVyMW5AFQ; captcha=1; PHPSESSID=9qk8addurkn7pm4jtltsd5dhpg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 28 Mar 2025 09:20:18 GMT
content-type: image/gif
content-length: 46341
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3nsl99srxrR8TPmlreh47ZzAJ3qBO2GQI9OXJBlF5nhJfDJPBeY0bb4Hw184veTNxHLlzcCSsLcwMqH%2BlEr3TTYE5f6rHYly%2BjVHm7s2Xq19yn3djRwsSSUOOiYbUIsKq58jvLe%2Biapu50DvI%2FOI"}],"group":"cf-nel","max_age":604800}
last-modified: Wed, 07 Oct 2020 17:45:56 GMT
etag: "b505-5b118499e5d00"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1060
accept-ranges: bytes
cf-ray: 92760d01bec092c7-CPH
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
|
|
| emailportal.domainlander.top/favicon.ico | 0.0.0.0 | | 0 B |
URL GET emailportal.domainlander.top/favicon.ico IP0.0.0.0:0
Requested byhttps://emailportal.domainlander.top/_sophosm_oxy/?login=michael.nienkemper@slurpmail.net CertificateIssuerGoogle Trust Services Subjectdomainlander.top FingerprintC0:4F:37:6D:67:38:0C:78:A6:EA:70:44:72:AB:AA:52:C2:C4:40:D9 ValiditySun, 09 Feb 2025 21:33:40 GMT - Sat, 10 May 2025 22:31:21 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: emailportal.domainlander.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://emailportal.domainlander.top/_sophosm_oxy/?login=michael.nienkemper@slurpmail.net
Cookie: cf_clearance=iDdHZwvWwTJaI5ZY._F.1JJnPDrT4.EcKfMd8SP2sdw-1743153617-1.2.1.1-_Rrh3ejQQN1DyP.VdSNsVZE9uNiG3ZLOVcS7bCTma55SED2q.T7XDSft8Tmi_ng2ZuOXuztC30ETBVaAyRFtVBZdnDbL7wByIl2tWRYOo.OIIv8K4KT_.Dz3xi.jNssQahkI3eUDGfOWMQMIP.XHeU1BhhzHTTOeH7g13irgSvn9118uAccEaJDxsDs.JsnDqLvreJX442tjMCoRwBqbqU7TwsyTD78S9eUVn6DFw0j4H2OmPHUMH2o4nGRSde80KaFGDHBsbcguuzjNj0pRY4XZMy6xd_dPfmtLag6l0HVpxXiZs5U8uqmIfgpHTgD5C2.W5PeHcHjWYh3MtuB_lO95S_6grQOyMckaZeHRJnd7lmveGUanM7g.ttqLlwHU7cGzEwlMuBCvr7LGCi07eg6LwWc79nBORMMVyMW5AFQ; captcha=1; PHPSESSID=9qk8addurkn7pm4jtltsd5dhpg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
|
|
| www.google.com/s2/favicons?domain=slurpmail.net | 142.250.178.100 | 301 Moved Permanently | 734 B |
URL GET www.google.com/s2/favicons?domain=slurpmail.net IP142.250.178.100:443
Requested byhttps://emailportal.domainlander.top/_sophosm_oxy/?login=michael.nienkemper@slurpmail.net CertificateIssuerGoogle Trust Services Subjectwww.google.com Fingerprint2F:CC:05:C5:14:C4:CD:A4:26:05:31:F9:67:40:7C:D3:39:74:34:0C ValidityMon, 10 Mar 2025 08:37:46 GMT - Mon, 02 Jun 2025 08:37:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/favicons?domain=slurpmail.net HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://emailportal.domainlander.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16
x-content-type-options: nosniff
server: sffe
content-length: 333
x-xss-protection: 0
date: Fri, 28 Mar 2025 09:18:24 GMT
expires: Fri, 28 Mar 2025 09:48:24 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 114
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.420aGcKD8sw.L.F4.O/am=AAY/d=0/rs=AN8SPfpDPomKLlRjz0jYgLjosyLSbUir8w/m=el_main_css | 142.250.74.99 | 200 OK | 20 kB |
URL GET www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.420aGcKD8sw.L.F4.O/am=AAY/d=0/rs=AN8SPfpDPomKLlRjz0jYgLjosyLSbUir8w/m=el_main_css IP142.250.74.99:443
Requested byhttps://emailportal.domainlander.top/_sophosm_oxy/?login=michael.nienkemper@slurpmail.net CertificateIssuerGoogle Trust Services Subject*.gstatic.com Fingerprint63:D6:50:6F:98:C5:59:D1:5A:FF:9D:8D:C3:C1:04:A1:B9:1A:3E:6B ValidityMon, 10 Mar 2025 08:37:01 GMT - Mon, 02 Jun 2025 08:37:00 GMT
File typeASCII text, with very long lines (20367), with no line terminators Hash72d3a735ccca1027f6b3afba2c93e3a7 67f8eff8d17334c59c28fc1753bf451527c7490d c8c845f55e2346b89894ce0df8185ee182359e096bf29987d5cf1f8a7391bef1
GET /_/translate_http/_/ss/k=translate_http.tr.420aGcKD8sw.L.F4.O/am=AAY/d=0/rs=AN8SPfpDPomKLlRjz0jYgLjosyLSbUir8w/m=el_main_css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://emailportal.domainlander.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3960
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 27 Mar 2025 17:55:45 GMT
expires: Fri, 27 Mar 2026 17:55:45 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 25 Feb 2025 22:10:27 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
age: 55474
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| challenges.cloudflare.com/turnstile/v0/b/708f7a809116/api.js | 104.18.94.41 | 200 OK | 48 kB |
URL GET challenges.cloudflare.com/turnstile/v0/b/708f7a809116/api.js IP104.18.94.41:443
Requested byhttps://emailportal.domainlander.top/_sophosm_oxy/?login=michael.nienkemper@slurpmail.net CertificateIssuerGoogle Trust Services Subjectchallenges.cloudflare.com Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28 ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT
File typeJavaScript source, ASCII text, with very long lines (48122) Hashea38bda3c117e2fe01bd862003357394 767ccb3589e3067ee1b348df2426a9e2e32cee5c 719423c7b70ac911f76d00b3ae514d108a8315ea60a80519820be50c0e4c96ef
GET /turnstile/v0/b/708f7a809116/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://emailportal.domainlander.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 28 Mar 2025 09:20:12 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 18 Mar 2025 12:36:20 GMT
cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 92760cdd2cf6b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| emailportal.domainlander.top/cdn-cgi/challenge-platform/scripts/jsd/main.js | 104.21.84.146 | 302 Found | 8.5 kB |
URL GET emailportal.domainlander.top/cdn-cgi/challenge-platform/scripts/jsd/main.js IP104.21.84.146:443
Requested byhttps://emailportal.domainlander.top/_sophosm_oxy/?login=michael.nienkemper@slurpmail.net CertificateIssuerGoogle Trust Services Subjectdomainlander.top FingerprintC0:4F:37:6D:67:38:0C:78:A6:EA:70:44:72:AB:AA:52:C2:C4:40:D9 ValiditySun, 09 Feb 2025 21:33:40 GMT - Sat, 10 May 2025 22:31:21 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: emailportal.domainlander.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Fri, 28 Mar 2025 09:20:12 GMT
content-length: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kLFIDnOH7sbWu8IEGSmPHbZFt4xlflehxmGYS7AKpLBKvj%2BzeLRRb9dcufElaRMxQHzRwnrFyXQLMgGnBL%2BG0GqRumKTUc9AuuAJr4ivcOKn3SelluJr55nBNCOV%2Bpv6nF%2FjdrxqLyGgwSBhQ%2FJ7"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/708f7a809116/main.js?
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
access-control-allow-origin: *
cf-ray: 92760cdeec3a92c7-CPH
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/716069403:1743150309:EnVKHo0zP1oomx9KmdWbQhjcqKATpsdGVLO-F8-c2Bk/92760cdefcd756c7/PspTlJQl4Ro1F6k05JI.PRy0Vs4yT7DNrW4y6_LFC8E-1743153612-1.1.1.1-U5fiiU8h5kyMUUc2Az_QqVc8JlNCyz8szPOYb0bGoCojRqbll_gQArTtCcFeOFZ0 | 104.18.94.41 | 200 OK | 6.6 kB |
URL POST challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/716069403:1743150309:EnVKHo0zP1oomx9KmdWbQhjcqKATpsdGVLO-F8-c2Bk/92760cdefcd756c7/PspTlJQl4Ro1F6k05JI.PRy0Vs4yT7DNrW4y6_LFC8E-1743153612-1.1.1.1-U5fiiU8h5kyMUUc2Az_QqVc8JlNCyz8szPOYb0bGoCojRqbll_gQArTtCcFeOFZ0 IP104.18.94.41:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/7hokv/0x4AAAAAAAeT97zv7RuMp8kB/auto/fbE/new/normal/auto/ CertificateIssuerGoogle Trust Services Subjectchallenges.cloudflare.com Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28 ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT
File typeASCII text, with very long lines (6568), with no line terminators Hashd23214ca88e60b25f48409ca12c17e11 07460f836eb8726c32488a571c612a5ac768eff5 552b3dbacbe690990b46a4d87d612eba3420a4f05993022dc167ac72a1cbe40c
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/716069403:1743150309:EnVKHo0zP1oomx9KmdWbQhjcqKATpsdGVLO-F8-c2Bk/92760cdefcd756c7/PspTlJQl4Ro1F6k05JI.PRy0Vs4yT7DNrW4y6_LFC8E-1743153612-1.1.1.1-U5fiiU8h5kyMUUc2Az_QqVc8JlNCyz8szPOYb0bGoCojRqbll_gQArTtCcFeOFZ0 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/7hokv/0x4AAAAAAAeT97zv7RuMp8kB/auto/fbE/new/normal/auto/
cf-chl: PspTlJQl4Ro1F6k05JI.PRy0Vs4yT7DNrW4y6_LFC8E-1743153612-1.1.1.1-U5fiiU8h5kyMUUc2Az_QqVc8JlNCyz8szPOYb0bGoCojRqbll_gQArTtCcFeOFZ0
cf-chl-ra: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 34024
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 28 Mar 2025 09:20:17 GMT
content-type: text/html; charset=UTF-8
cf-chl-out: MTgLdNtLT437whEcMlWJ3ifOZB9/auw41ngrODwm93EvrQu/8/sYvFMjJKbyHwKiHYGqz70NIJAK5eScf89rtQ==$u2JDN5/x1J5b4c81ULDijg==
cf-chl-out-s: uO5Iat1zRV0TJWsGRBbH8UEEyappEgjyxTvmHaqdZ/ymr65xwjhYilYcDR3ieW7h+BPDb0P54Qck8l7uhvfHHWYYhKIEl+5tOSyMOcFOge1OAfAFcewJszGH2Q0ag23mpSCfCSubSzLjxnXLVc0u+hBvgZsKbawfpNmJoojbjT1ey5fer4AFBjchOvvTFVbVr5dh1c708vcf99lwlU6G/CvDTxVicsyMdeeGXj17+KtjvT6Q0yDnQkzUOKHsKSDynbnN2CQG5aCRwsdrKfZUCz7lOdJH36vnIYcnnVczFWrCS2edNFeDYZuDTJL+nsiGn5FHlEMt7tXu8Y1KnbYS80p/LHWQkUBokmUYcUjdrn2zQw5c/tUHBPESr2J3KVfApygAChHLvfOQss7o9C0ffo2LugtGmMxil7DKek92+32U6pK5YXzlD2ycMiAx7SG5qcU8sTdPGO7Z1HRqB+j6V3qHGJCGn4XNZN8lz/7WZfq/CiKc/AA20usVZoE/JbXJ7xnYmUhhc5ZJncJHP8sPiEbLPHtbk08951gaac5vcjSHCrtQQ4SHQ/I5k5f+A68T1cGDI2wwJH2RJYX7bP66NH//HkSXmrpbpyTUTuCutICJ0fyfcWBFyO3C3OUiGFLW03c5FGjFLvwYMY7P5HnnUJ1YrU2fxZXvWVZuyWSF4x0=$ca1JMkjeurcDsl8XZC+DfA==
priority: u=3,i=?0
server: cloudflare
cf-ray: 92760cfdfd2956c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| www.google.com/s2/favicons?domain=slurpmail.net | 142.250.178.100 | 301 Moved Permanently | 734 B |
URL GET www.google.com/s2/favicons?domain=slurpmail.net IP142.250.178.100:443
Requested byhttps://emailportal.domainlander.top/_sophosm_oxy/?login=michael.nienkemper@slurpmail.net CertificateIssuerGoogle Trust Services Subjectwww.google.com Fingerprint2F:CC:05:C5:14:C4:CD:A4:26:05:31:F9:67:40:7C:D3:39:74:34:0C ValidityMon, 10 Mar 2025 08:37:46 GMT - Mon, 02 Jun 2025 08:37:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/favicons?domain=slurpmail.net HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://emailportal.domainlander.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16
x-content-type-options: nosniff
server: sffe
content-length: 333
x-xss-protection: 0
date: Fri, 28 Mar 2025 09:18:24 GMT
expires: Fri, 28 Mar 2025 09:48:24 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 114
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 5057dcc22085613ffe6c709068311359.corridastiopatinhas.com.br/kdubrasvqg/xrwyavdhe/hwbaiekh/bWljaGFlbC5uaWVua2VtcGVyQHNsdXJwbWFpbC5uZXQ= | 108.179.193.79 | 200 OK | 158 B |
URL User Request GET 5057dcc22085613ffe6c709068311359.corridastiopatinhas.com.br/kdubrasvqg/xrwyavdhe/hwbaiekh/bWljaGFlbC5uaWVua2VtcGVyQHNsdXJwbWFpbC5uZXQ= IP108.179.193.79:443 ASN#19871 NETWORK-SOLUTIONS-HOSTING
CertificateIssuerLet's Encrypt Subject*.corridastiopatinhas.com.br Fingerprint75:92:26:6C:42:E1:FD:AD:BE:E9:D0:65:91:C6:07:B8:EF:7E:61:7D ValiditySun, 02 Mar 2025 05:50:12 GMT - Sat, 31 May 2025 05:50:11 GMT
File typeHTML document, ASCII text, with no line terminators Hash4f88725a4bcac5bdb65e527cec04ff94 22dd54188ee8818611fd1c75d88b8f3e78b31e61 32df64d12e38422a695b235c10403cde7ab833ec22a793df0778e0922cac6c1a
| Analyzer | Verdict | Alert |
|---|
| urlquery | phishing | Phishing - Microsoft Outlook |
GET /kdubrasvqg/xrwyavdhe/hwbaiekh/bWljaGFlbC5uaWVua2VtcGVyQHNsdXJwbWFpbC5uZXQ= HTTP/1.1
Host: 5057dcc22085613ffe6c709068311359.corridastiopatinhas.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Fri, 28 Mar 2025 09:20:10 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| emailway.dubwebs.click/favicon.ico | 0.0.0.0 | | 0 B |
URL GET emailway.dubwebs.click/favicon.ico IP0.0.0.0:0
Requested byhttps://emailway.dubwebs.click/rr/index.html#michael.nienkemper@slurpmail.net CertificateIssuerGoogle Trust Services Subjectdubwebs.click FingerprintBB:61:2F:7D:86:FD:19:78:3C:27:39:D5:46:EA:0D:0F:ED:E2:3D:36 ValidityFri, 21 Mar 2025 13:28:54 GMT - Thu, 19 Jun 2025 14:27:32 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: emailway.dubwebs.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://emailway.dubwebs.click/rr/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
|
|
| www.gstatic.com/images/branding/product/2x/translate_24dp.png | 142.250.74.99 | 200 OK | 1.8 kB |
URL GET www.gstatic.com/images/branding/product/2x/translate_24dp.png IP142.250.74.99:443
Requested byhttps://emailportal.domainlander.top/_sophosm_oxy/?login=michael.nienkemper@slurpmail.net CertificateIssuerGoogle Trust Services Subject*.gstatic.com Fingerprint63:D6:50:6F:98:C5:59:D1:5A:FF:9D:8D:C3:C1:04:A1:B9:1A:3E:6B ValidityMon, 10 Mar 2025 08:37:01 GMT - Mon, 02 Jun 2025 08:37:00 GMT
File typePNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced Hashc69c796362406f9e11c7f4bf5bb628da e489ce95ab56208090868882113d7416abf46775 4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.420aGcKD8sw.L.F4.O/am=AAY/d=0/rs=AN8SPfpDPomKLlRjz0jYgLjosyLSbUir8w/m=el_main_css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 27 Mar 2025 10:34:55 GMT
expires: Fri, 27 Mar 2026 10:34:55 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
vary: Origin
age: 81923
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.420aGcKD8sw.L.F4.O/am=AAY/d=0/rs=AN8SPfpDPomKLlRjz0jYgLjosyLSbUir8w/m=el_main_css | 142.250.74.99 | 200 OK | 20 kB |
URL GET www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.420aGcKD8sw.L.F4.O/am=AAY/d=0/rs=AN8SPfpDPomKLlRjz0jYgLjosyLSbUir8w/m=el_main_css IP142.250.74.99:443
Requested byhttps://emailportal.domainlander.top/_sophosm_oxy/?login=michael.nienkemper@slurpmail.net CertificateIssuerGoogle Trust Services Subject*.gstatic.com Fingerprint63:D6:50:6F:98:C5:59:D1:5A:FF:9D:8D:C3:C1:04:A1:B9:1A:3E:6B ValidityMon, 10 Mar 2025 08:37:01 GMT - Mon, 02 Jun 2025 08:37:00 GMT
File typeASCII text, with very long lines (20367), with no line terminators Hash72d3a735ccca1027f6b3afba2c93e3a7 67f8eff8d17334c59c28fc1753bf451527c7490d c8c845f55e2346b89894ce0df8185ee182359e096bf29987d5cf1f8a7391bef1
GET /_/translate_http/_/ss/k=translate_http.tr.420aGcKD8sw.L.F4.O/am=AAY/d=0/rs=AN8SPfpDPomKLlRjz0jYgLjosyLSbUir8w/m=el_main_css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://emailportal.domainlander.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3960
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 27 Mar 2025 17:55:45 GMT
expires: Fri, 27 Mar 2026 17:55:45 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 25 Feb 2025 22:10:27 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
age: 55474
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.google.com/images/cleardot.gif | 142.250.178.100 | 200 OK | 43 B |
URL GET www.google.com/images/cleardot.gif IP142.250.178.100:443
Requested byhttps://emailportal.domainlander.top/_sophosm_oxy/?login=michael.nienkemper@slurpmail.net CertificateIssuerGoogle Trust Services Subject*.google.com FingerprintB5:4D:C5:27:B4:49:22:F3:21:DF:88:3D:E6:05:D6:A1:02:98:C7:E2 ValidityMon, 10 Mar 2025 08:35:59 GMT - Mon, 02 Jun 2025 08:35:58 GMT
File typeGIF image data, version 89a, 1 x 1 Hashfc94fb0c3ed8a8f909dbc7630a0987ff 56d45f8a17f5078a20af9962c992ca4678450765 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /images/cleardot.gif HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://emailportal.domainlander.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-type: image/gif
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 43
date: Fri, 28 Mar 2025 09:20:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0 | 142.250.74.106 | 200 OK | 0 B |
URL OPTIONS translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0 IP142.250.74.106:443
Requested byhttps://emailportal.domainlander.top/_sophosm_oxy/?login=michael.nienkemper@slurpmail.net CertificateIssuerGoogle Trust Services Subjectupload.video.google.com Fingerprint69:99:38:F9:7C:82:8E:AC:7D:DA:EA:3E:1C:E4:7F:52:1B:36:41:AA ValidityMon, 10 Mar 2025 08:37:02 GMT - Mon, 02 Jun 2025 08:37:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://emailportal.domainlander.top/
Origin: https://emailportal.domainlander.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
access-control-allow-origin: https://emailportal.domainlander.top
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 28 Mar 2025 09:20:28 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| challenges.cloudflare.com/turnstile/v0/api.js | 104.18.94.41 | 302 Found | 48 kB |
URL GET challenges.cloudflare.com/turnstile/v0/api.js IP104.18.94.41:443
Requested byhttps://emailportal.domainlander.top/_sophosm_oxy/?login=michael.nienkemper@slurpmail.net CertificateIssuerGoogle Trust Services Subjectchallenges.cloudflare.com Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28 ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://emailportal.domainlander.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 28 Mar 2025 09:20:12 GMT
content-length: 0
access-control-allow-origin: *
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
cross-origin-resource-policy: cross-origin
location: /turnstile/v0/b/708f7a809116/api.js
vary: Accept-Encoding
server: cloudflare
cf-ray: 92760cdd0cb6b518-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| emailportal.domainlander.top/cdn-cgi/challenge-platform/h/b/scripts/jsd/708f7a809116/main.js? | 104.21.84.146 | 200 OK | 8.5 kB |
URL GET emailportal.domainlander.top/cdn-cgi/challenge-platform/h/b/scripts/jsd/708f7a809116/main.js? IP104.21.84.146:443
Requested byhttps://emailportal.domainlander.top/_sophosm_oxy/?login=michael.nienkemper@slurpmail.net CertificateIssuerGoogle Trust Services Subjectdomainlander.top FingerprintC0:4F:37:6D:67:38:0C:78:A6:EA:70:44:72:AB:AA:52:C2:C4:40:D9 ValiditySun, 09 Feb 2025 21:33:40 GMT - Sat, 10 May 2025 22:31:21 GMT
File typeJavaScript source, ASCII text, with very long lines (8478), with no line terminators Hashafbd95ec2f4400da7790d3146c1b70c1 118fdd1600638a87729c2a1d7760edc5822bee74 aab41051010728d3b746d75c09344443cacf2c2cf837668daf6a57884a54dbfd
GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/708f7a809116/main.js? HTTP/1.1
Host: emailportal.domainlander.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 28 Mar 2025 09:20:12 GMT
content-type: application/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZiDgOVNOfxNihbUHNhTsRySsu6AhmJfqfzKbGJd0diEqtJ7rWLirCC71pnczrXeb6NkM3LVNrE8snFGEoKkE7a8PD7VFIPczjne%2FvvuC3tqZf8XuOxTkkeCdX8mwyumM8eBioSSEYlmuIqHw9Gmv"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
x-content-type-options: nosniff
content-encoding: br
cf-ray: 92760cdf3c3d92c7-CPH
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
|
|
| t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 | 142.250.178.36 | 200 OK | 734 B |
URL GET t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 IP142.250.178.36:443
Requested byhttps://emailportal.domainlander.top/_sophosm_oxy/?login=michael.nienkemper@slurpmail.net CertificateIssuerGoogle Trust Services Subject*.gstatic.com Fingerprint63:D6:50:6F:98:C5:59:D1:5A:FF:9D:8D:C3:C1:04:A1:B9:1A:3E:6B ValidityMon, 10 Mar 2025 08:37:01 GMT - Mon, 02 Jun 2025 08:37:00 GMT
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hashb864010428c077910c5ca240cf245bb6 f9715aa21b66802df7df8d5cb7d567b90542c042 dd7125f39db361fa801a74d09c1f48800926bfdbd241c67152cfcfa04402d665
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://emailportal.domainlander.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-location: http://slurpmail.net/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 734
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 22 Mar 2025 18:28:45 GMT
expires: Sat, 29 Mar 2025 18:28:45 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
content-type: image/png
age: 485494
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| translate.google.com/gen204?sl=en&nca=te_ap&client=te&logld=vTE_20250324 | 142.250.74.142 | 204 No Content | 0 B |
URL GET translate.google.com/gen204?sl=en&nca=te_ap&client=te&logld=vTE_20250324 IP142.250.74.142:443
Requested byhttps://emailportal.domainlander.top/_sophosm_oxy/?login=michael.nienkemper@slurpmail.net CertificateIssuerGoogle Trust Services Subject*.google.com FingerprintB5:4D:C5:27:B4:49:22:F3:21:DF:88:3D:E6:05:D6:A1:02:98:C7:E2 ValidityMon, 10 Mar 2025 08:35:59 GMT - Mon, 02 Jun 2025 08:35:58 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gen204?sl=en&nca=te_ap&client=te&logld=vTE_20250324 HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://emailportal.domainlander.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 204 No Content
content-type: image/gif; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 28 Mar 2025 09:20:19 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport, script-src 'nonce-KNyRgmR2t4JWVWG6cwKQiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
reporting-endpoints: default="/_/TranslateApiHttp/web-reports?context=eJzj4tDikmII1JBiEOLmuHx55n42gQ0LDvArKSXlF8aXFCXmFecklqQWpxaVpRbFGxkYmRoYG5npGZjFFxgAAAKnEhw"
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: __Secure-ENID=26.SE=tXXRBqu7ZTikaTJOtdDD880rTc5MCxExbFlTuR_xWZ_Io71c5b66qT-iSEbc4du4cRR1fBH8Oyc7q7yHrtRk4sC3TkZiEpxGGyxVrT8whyy6OA7hMr1XJ39uFv3Eon4VUBtienm8gNmrVo70xwmsI10IEFMXTACfC6OkN3pr4MbkUSDlwcN_OsgqU9ZwQSD_ookZyWG_LnVG-8TCB3azeGjS8XJd-0tB_NIFGWhQYIMCqK0; expires=Tue, 28-Apr-2026 01:38:37 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| translate.google.com/translate_a/element.js?cb=googleTranslateElementInit | 142.250.74.142 | 200 OK | 80 kB |
URL GET translate.google.com/translate_a/element.js?cb=googleTranslateElementInit IP142.250.74.142:443
Requested byhttps://emailportal.domainlander.top/_sophosm_oxy/?login=michael.nienkemper@slurpmail.net CertificateIssuerGoogle Trust Services Subject*.google.com FingerprintB5:4D:C5:27:B4:49:22:F3:21:DF:88:3D:E6:05:D6:A1:02:98:C7:E2 ValidityMon, 10 Mar 2025 08:35:59 GMT - Mon, 02 Jun 2025 08:35:58 GMT
File typeJavaScript source, ASCII text, with very long lines (2148) Hash99a05811dea025c41fd7da9253325ad1 8d5dcc190ec3927e916661bd029249bb88685666 e158d127b098f2155efa409d73fbdd13337803b823819eb25f3a457d3eb73448
GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://emailportal.domainlander.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 28 Mar 2025 09:20:18 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png | 142.250.74.99 | 200 OK | 910 B |
URL GET www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png IP142.250.74.99:443
Requested byhttps://emailportal.domainlander.top/_sophosm_oxy/?login=michael.nienkemper@slurpmail.net CertificateIssuerGoogle Trust Services Subject*.gstatic.com Fingerprint63:D6:50:6F:98:C5:59:D1:5A:FF:9D:8D:C3:C1:04:A1:B9:1A:3E:6B ValidityMon, 10 Mar 2025 08:37:01 GMT - Mon, 02 Jun 2025 08:37:00 GMT
File typePNG image data, 42 x 16, 8-bit/color RGBA, non-interlaced Hashefa6bb2bfe459bc6f4bdafa3db0383f6 52d15ce52fe50643e542c17812de43f4ed1b6ee0 6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
GET /images/branding/googlelogo/1x/googlelogo_color_42x16dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://emailportal.domainlander.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 910
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 27 Mar 2025 09:17:09 GMT
expires: Fri, 27 Mar 2026 09:17:09 GMT
cache-control: public, max-age=31536000
age: 86589
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| emailway.dubwebs.click/rr/index.html#michael.nienkemper@slurpmail.net | 172.67.134.117 | 200 OK | 4.2 kB |
URL User Request GET emailway.dubwebs.click/rr/index.html#michael.nienkemper@slurpmail.net IP172.67.134.117:443
CertificateIssuerGoogle Trust Services Subjectdubwebs.click FingerprintBB:61:2F:7D:86:FD:19:78:3C:27:39:D5:46:EA:0D:0F:ED:E2:3D:36 ValidityFri, 21 Mar 2025 13:28:54 GMT - Thu, 19 Jun 2025 14:27:32 GMT
File typeHTML document, ASCII text, with very long lines (4603), with no line terminators Hash59e5a45da9490d8906e7305f51fea014 82ad35ce4a0fdb737e69e8c8d88ed1e14a07c4ca dc5452999a5744cc24bbe64fb9368e62473c06837738456bfb72d55aeb206729
GET /rr/index.html HTTP/1.1
Host: emailway.dubwebs.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://5057dcc22085613ffe6c709068311359.corridastiopatinhas.com.br/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 28 Mar 2025 09:20:11 GMT
content-type: text/html
last-modified: Sun, 23 Mar 2025 21:43:46 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nzauKMAs0ZdQSNBkNvy7uPKSbgNB6gZsJahOHjK9Raa7S%2F9OhbCXu%2FdQAfcMB02QlfuggFy6D%2Fugbq2FX380qdre6xTkV%2FQvWeCHebycoyDrzxYnrifPw3Br7xRPOu%2BDzG0YrkQhx5NV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 92760cd91c5792c2-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=30643&min_rtt=21786&rtt_var=17783&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3278&recv_bytes=1325&delivery_rate=157642&cwnd=254&unsent_bytes=0&cid=bc55c0b2dfb2ed19&ts=150&x=0"
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/716069403:1743150309:EnVKHo0zP1oomx9KmdWbQhjcqKATpsdGVLO-F8-c2Bk/92760cdefcd756c7/PspTlJQl4Ro1F6k05JI.PRy0Vs4yT7DNrW4y6_LFC8E-1743153612-1.1.1.1-U5fiiU8h5kyMUUc2Az_QqVc8JlNCyz8szPOYb0bGoCojRqbll_gQArTtCcFeOFZ0 | 104.18.94.41 | 200 OK | 230 kB |
URL POST challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/716069403:1743150309:EnVKHo0zP1oomx9KmdWbQhjcqKATpsdGVLO-F8-c2Bk/92760cdefcd756c7/PspTlJQl4Ro1F6k05JI.PRy0Vs4yT7DNrW4y6_LFC8E-1743153612-1.1.1.1-U5fiiU8h5kyMUUc2Az_QqVc8JlNCyz8szPOYb0bGoCojRqbll_gQArTtCcFeOFZ0 IP104.18.94.41:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/7hokv/0x4AAAAAAAeT97zv7RuMp8kB/auto/fbE/new/normal/auto/ CertificateIssuerGoogle Trust Services Subjectchallenges.cloudflare.com Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28 ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size230 kB (229536 bytes) Hash168d2bae00da3d906ef0c6676f2e8e9a fa47f6578d743de46b1b9e67cb92931664efe554 90123870cf4a93411d2239a32a943b849c9f6a5e2d601b6f76fb46b31e70f557
POST /cdn-cgi/challenge-platform/h/b/flow/ov1/716069403:1743150309:EnVKHo0zP1oomx9KmdWbQhjcqKATpsdGVLO-F8-c2Bk/92760cdefcd756c7/PspTlJQl4Ro1F6k05JI.PRy0Vs4yT7DNrW4y6_LFC8E-1743153612-1.1.1.1-U5fiiU8h5kyMUUc2Az_QqVc8JlNCyz8szPOYb0bGoCojRqbll_gQArTtCcFeOFZ0 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/7hokv/0x4AAAAAAAeT97zv7RuMp8kB/auto/fbE/new/normal/auto/
cf-chl: PspTlJQl4Ro1F6k05JI.PRy0Vs4yT7DNrW4y6_LFC8E-1743153612-1.1.1.1-U5fiiU8h5kyMUUc2Az_QqVc8JlNCyz8szPOYb0bGoCojRqbll_gQArTtCcFeOFZ0
cf-chl-ra: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 3251
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 28 Mar 2025 09:20:13 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: R1vbQNF2D8g/+VVGQJjFlVattqbR6kFAtDCuNku2gasNKso8NddY/EaL/VHeVM6BMeKIN5DXjSE1TVy9HjDcMbzPjBtPAhiGa4trPaZmfAFKX2asoqhTUcmbgXTM22+WLBF48Dyjv43UYERm4p/Am1jgwTFxi9z2NT4WNrCAPu9Xav6NNK/q2tkYodLiVTgLG/lWmnk29giFfmUtlNg1eeHNQukMDx3K3P3Z7RE3GCchLxEivSCWVhbe1Sxro6J/4QtMcHfPqIVN4Mo6Yk6xLsG0Mhzcdgv30mGGz7whomKF0vOZ8Rwr4vIkuKD+IJBhCK6gETUSTxNYt4XYBs180zc2P8R+wcB4npcvNDSE2zTEBQkvUPLTmEYNLj8hILS9yqYD7iMeS3f8FggXoG0NEF20g29r28sGdkWULhaEkKbe/wjMQXp8VUvd+rRcMqcd+cFZBHphjPrwZRHaXXOKnbu96XGa6/1IwgII7nQgpyLJ05g5SLiMxzkEIyxkSD8Ag2ZSThE2tz7HDkkwl7vACrORzsVkVMbjODBdsdt4HlKJw6yW7Tty2fOgIIhsOWe8FXCw70sPXF5v2xCjZXNoI6kQlX+vRG9FJq3vX0s3L0Slqti1I1/wPnfBVu8vvEtsca3MSAAUmPjHESTT8Ozdtm40W5nwhoPiG3eOQpbLbms3y6quXnLAbCQv/l60oRTOI26GMNKWZZSqX03FaUsxQltELqU44UM4ApAUTf/FcDkFB+ivO+jH2MPD693Kc0GFiO8PiErOU44xBVB7STatBA==$PF0Ptd9pDf9Mxv7yVRBBKg==
priority: u=3,i=?0
server: cloudflare
cf-ray: 92760ce21a7d56c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/92760cdefcd756c7/1743153613198/a984bbaac5dbe28ce4be3b917b7ef1dea983033dcadfb219b0ae56fdf021b767/uXJUQS9DiUSund8 | 104.18.94.41 | 401 Unauthorized | 1 B |
URL GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/92760cdefcd756c7/1743153613198/a984bbaac5dbe28ce4be3b917b7ef1dea983033dcadfb219b0ae56fdf021b767/uXJUQS9DiUSund8 IP104.18.94.41:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/7hokv/0x4AAAAAAAeT97zv7RuMp8kB/auto/fbE/new/normal/auto/ CertificateIssuerGoogle Trust Services Subjectchallenges.cloudflare.com Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28 ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT
File typevery short file (no magic) Hashff44570aca8241914870afbc310cdb85 58668e7669fd564d99db5d581fcdb6a5618440b5 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
GET /cdn-cgi/challenge-platform/h/b/pat/92760cdefcd756c7/1743153613198/a984bbaac5dbe28ce4be3b917b7ef1dea983033dcadfb219b0ae56fdf021b767/uXJUQS9DiUSund8 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/7hokv/0x4AAAAAAAeT97zv7RuMp8kB/auto/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 401 Unauthorized
date: Fri, 28 Mar 2025 09:20:15 GMT
content-type: text/plain; charset=utf-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gqYS7qsXb4ozkvjuRe37x3qmDAz3K37IZsK5W_fAht2cAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAscjm_UO_k901rNdCKgLw5bvI4i6M_jDNCIXpfs2LRbtxwLOrUyplqVvML_hVlB5tIDMuj0ihhaOFHose-Y0_UjQnNUGE_vol46VvGgscTMtTjU4xINriap8AMTIygvljEBt6my-nBwkUGhY3U9v5iKC-eWR5bTfvrqFsuIVxafkSfhHqDXB4KLGNjvOOV71GGJ9x4yxA-C2OcULZ1uDDKuvAaMhuiWdF6OzSTXruP9yPg1vmuteavOW1re0YDbCbtK16PhHdSzWym7v_FrvId-2zf26j50FlTd_vl_DcKNDVCgWDoU0uX3cU6V3rSQoVXREEqPr-2ywSGru8ZuXRoQIDAQAB", max-age=20, PrivateToken challenge="AAIAHXNhdC5wYXQtaXNzdWVyLmNsb3VkZmxhcmUuY29tIKmEu6rF2-KM5L47kXt-8d6pgwM9yt-yGbCuVv3wIbdnABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAsLS4HBnLGydwK-bLQGRCaoyMsrXBRrDgQVmxS06j3UF0nYSd6GdTGCKIu1WV60eg-tJtTttfEVq7wHVQf4vzjYBidmCh88ebzxKv2GB6PESSodf5MsEup9xd5dxpkYScgL1CCJq89kRrOQ_CS61bvkL_oGyZf4ffqG5THgaOsopqj8dFLH6_SMy9yf8EgMYqpyjxfKsD-1_qb1m1DRjJEKPWKIGwmHXIKQJUqsxZFm4_Inwkxx7QMpVP4GyqlTxFVz7stWwJRSkMLHjEM_IWLUYfPhuwIUVqmRjGsY1n8flA1bRfxaWHNDxoi25-M2BKTP9NkNNJBbTKErhrZ9LGywIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIKmEu6rF2-KM5L47kXt-8d6pgwM9yt-yGbCuVv3wIbdnABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA8WJgxqVwts3CABR8W8de7CZzn589SvR4_GgNfCqIxTv1u2xuxGKJ0auei0t6k1J1s6MgWW7cnqUVpCdVhMGbQht9FKQOybdXBn57266e98ZMxht1OmyAx5dTfZvM7dajH0DJRf6IlTaWWWeNiU_NEQC4jf5R-PXSEVHsn-1fmoGUXuexzQ69XRR-RCUJE1A3A3pDVwmY19tNYCHeJUHDb1CtWFJ57pDisYmb6TUZcTRuuVZrJyeMxgLj_NKoxsw_2_UOP7Z0pbp9dzm5rE1rfBD_tQv-s1kF0G_1B0s6fKJqBISknxSlLJsa1oLjLOBCVcSCNTBzMoA7BJxOzpMEVwIDAQAB", max-age=20
priority: u=4,i=?0
server: cloudflare
cf-ray: 92760cf2c95456c7-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| emailportal.domainlander.top/_sophosm_oxy/validate.php | 104.21.84.146 | 200 OK | 1 B |
URL POST emailportal.domainlander.top/_sophosm_oxy/validate.php IP104.21.84.146:443
Requested byhttps://emailportal.domainlander.top/_sophosm_oxy/?login=michael.nienkemper@slurpmail.net CertificateIssuerGoogle Trust Services Subjectdomainlander.top FingerprintC0:4F:37:6D:67:38:0C:78:A6:EA:70:44:72:AB:AA:52:C2:C4:40:D9 ValiditySun, 09 Feb 2025 21:33:40 GMT - Sat, 10 May 2025 22:31:21 GMT
File typevery short file (no magic) Hash7215ee9c7d9dc229d2921a40e899ec5f b858cb282617fb0956d960215c8e84d1ccf909c6 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
POST /_sophosm_oxy/validate.php HTTP/1.1
Host: emailportal.domainlander.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 966
Origin: https://emailportal.domainlander.top
DNT: 1
Connection: keep-alive
Referer: https://emailportal.domainlander.top/_sophosm_oxy/?login=michael.nienkemper@slurpmail.net
Cookie: cf_clearance=iDdHZwvWwTJaI5ZY._F.1JJnPDrT4.EcKfMd8SP2sdw-1743153617-1.2.1.1-_Rrh3ejQQN1DyP.VdSNsVZE9uNiG3ZLOVcS7bCTma55SED2q.T7XDSft8Tmi_ng2ZuOXuztC30ETBVaAyRFtVBZdnDbL7wByIl2tWRYOo.OIIv8K4KT_.Dz3xi.jNssQahkI3eUDGfOWMQMIP.XHeU1BhhzHTTOeH7g13irgSvn9118uAccEaJDxsDs.JsnDqLvreJX442tjMCoRwBqbqU7TwsyTD78S9eUVn6DFw0j4H2OmPHUMH2o4nGRSde80KaFGDHBsbcguuzjNj0pRY4XZMy6xd_dPfmtLag6l0HVpxXiZs5U8uqmIfgpHTgD5C2.W5PeHcHjWYh3MtuB_lO95S_6grQOyMckaZeHRJnd7lmveGUanM7g.ttqLlwHU7cGzEwlMuBCvr7LGCi07eg6LwWc79nBORMMVyMW5AFQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 28 Mar 2025 09:20:18 GMT
content-type: text/html; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jx0dFcNXiVYmJRl1xh5uv8Xsof1lxwnv7nEk%2FauF6VWin7NCWPgRRcWCjLvsQj8vj75Ox%2FxvKE4hvUdbBVjcjEKTzQR96YnQ3JAOBGTGE0uOy4Kvnxma4XQoqRfokH0EtbWFOYxJlKICjGPoE1A6"}],"group":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.30
access-control-allow-origin: *
set-cookie: captcha=1; expires=Fri, 28-Mar-2025 09:50:18 GMT; Max-Age=1800; path=/
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 92760cff8e8592c7-CPH
server: cloudflare
alt-svc: h3=":443"; ma=86400
|
|
| t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 | 142.250.178.36 | 200 OK | 734 B |
URL GET t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 IP142.250.178.36:443
Requested byhttps://emailportal.domainlander.top/_sophosm_oxy/?login=michael.nienkemper@slurpmail.net CertificateIssuerGoogle Trust Services Subject*.gstatic.com Fingerprint63:D6:50:6F:98:C5:59:D1:5A:FF:9D:8D:C3:C1:04:A1:B9:1A:3E:6B ValidityMon, 10 Mar 2025 08:37:01 GMT - Mon, 02 Jun 2025 08:37:00 GMT
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hashb864010428c077910c5ca240cf245bb6 f9715aa21b66802df7df8d5cb7d567b90542c042 dd7125f39db361fa801a74d09c1f48800926bfdbd241c67152cfcfa04402d665
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://emailportal.domainlander.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-location: http://slurpmail.net/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 734
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 22 Mar 2025 18:28:45 GMT
expires: Sat, 29 Mar 2025 18:28:45 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
content-type: image/png
age: 485493
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0 | 142.250.74.106 | 200 OK | 131 B |
URL POST translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0 IP142.250.74.106:443
Requested byhttps://emailportal.domainlander.top/_sophosm_oxy/?login=michael.nienkemper@slurpmail.net CertificateIssuerGoogle Trust Services Subjectupload.video.google.com Fingerprint69:99:38:F9:7C:82:8E:AC:7D:DA:EA:3E:1C:E4:7F:52:1B:36:41:AA ValidityMon, 10 Mar 2025 08:37:02 GMT - Mon, 02 Jun 2025 08:37:01 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash4928468ff9f752fe3ddf481c1e2f1282 988c036163ea4b95e4cec093bd2da5974c084dd1 66f1113291b30076f0933ab7cc82b4a553753db51681ca344af7c20f7cc14f5d
POST /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://emailportal.domainlander.top/
X-Goog-AuthUser: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 1181
Origin: https://emailportal.domainlander.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
access-control-allow-origin: https://emailportal.domainlander.top
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Fri, 28 Mar 2025 09:20:28 GMT
server: Playlog
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1 | 104.18.94.41 | 200 OK | 61 B |
URL GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1 IP104.18.94.41:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/7hokv/0x4AAAAAAAeT97zv7RuMp8kB/auto/fbE/new/normal/auto/ CertificateIssuerGoogle Trust Services Subjectchallenges.cloudflare.com Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28 ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT
File typePNG image data, 2 x 2, 8-bit/color RGB, non-interlaced Hash9246cca8fc3c00f50035f28e9f6b7f7d 3aa538440f70873b574f40cd793060f53ec17a5d c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84
GET /cdn-cgi/challenge-platform/h/b/cmg/1 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/7hokv/0x4AAAAAAAeT97zv7RuMp8kB/auto/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 28 Mar 2025 09:20:12 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
priority: u=4,i=?0
server: cloudflare
cf-ray: 92760cdf8ddf56c7-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.420aGcKD8sw.L.F4.O/am=AAY/d=0/rs=AN8SPfpDPomKLlRjz0jYgLjosyLSbUir8w/m=el_main_css | 142.250.74.99 | 200 OK | 20 kB |
URL GET www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.420aGcKD8sw.L.F4.O/am=AAY/d=0/rs=AN8SPfpDPomKLlRjz0jYgLjosyLSbUir8w/m=el_main_css IP142.250.74.99:443
Requested byhttps://emailportal.domainlander.top/_sophosm_oxy/?login=michael.nienkemper@slurpmail.net CertificateIssuerGoogle Trust Services Subject*.gstatic.com Fingerprint63:D6:50:6F:98:C5:59:D1:5A:FF:9D:8D:C3:C1:04:A1:B9:1A:3E:6B ValidityMon, 10 Mar 2025 08:37:01 GMT - Mon, 02 Jun 2025 08:37:00 GMT
File typeASCII text, with very long lines (20367), with no line terminators Hash72d3a735ccca1027f6b3afba2c93e3a7 67f8eff8d17334c59c28fc1753bf451527c7490d c8c845f55e2346b89894ce0df8185ee182359e096bf29987d5cf1f8a7391bef1
GET /_/translate_http/_/ss/k=translate_http.tr.420aGcKD8sw.L.F4.O/am=AAY/d=0/rs=AN8SPfpDPomKLlRjz0jYgLjosyLSbUir8w/m=el_main_css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://emailportal.domainlander.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3960
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 27 Mar 2025 17:55:45 GMT
expires: Fri, 27 Mar 2026 17:55:45 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 25 Feb 2025 22:10:27 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
age: 55473
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 | 142.250.178.36 | 200 OK | 734 B |
URL GET t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 IP142.250.178.36:443
Requested byhttps://emailportal.domainlander.top/_sophosm_oxy/?login=michael.nienkemper@slurpmail.net CertificateIssuerGoogle Trust Services Subject*.gstatic.com Fingerprint63:D6:50:6F:98:C5:59:D1:5A:FF:9D:8D:C3:C1:04:A1:B9:1A:3E:6B ValidityMon, 10 Mar 2025 08:37:01 GMT - Mon, 02 Jun 2025 08:37:00 GMT
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hashb864010428c077910c5ca240cf245bb6 f9715aa21b66802df7df8d5cb7d567b90542c042 dd7125f39db361fa801a74d09c1f48800926bfdbd241c67152cfcfa04402d665
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://slurpmail.net&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://emailportal.domainlander.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-location: http://slurpmail.net/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 734
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 22 Mar 2025 18:28:45 GMT
expires: Sat, 29 Mar 2025 18:28:45 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
content-type: image/png
age: 485493
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| translate.googleapis.com/translate_static/img/loading.gif | 142.250.74.106 | 200 OK | 702 B |
URL GET translate.googleapis.com/translate_static/img/loading.gif IP142.250.74.106:443
Requested byhttps://emailportal.domainlander.top/_sophosm_oxy/?login=michael.nienkemper@slurpmail.net CertificateIssuerGoogle Trust Services Subjectupload.video.google.com Fingerprint69:99:38:F9:7C:82:8E:AC:7D:DA:EA:3E:1C:E4:7F:52:1B:36:41:AA ValidityMon, 10 Mar 2025 08:37:02 GMT - Mon, 02 Jun 2025 08:37:01 GMT
File typeGIF image data, version 89a, 16 x 16 Hasheefaa072b284a305c12c06608333abc2 58272721ccc1efda26eaa22354022c7c793edbb6 fb6b7bcc1ab09f27db17bcbdf5239ce1d52af34f1fc5125b3fc8528a07848d21
GET /translate_static/img/loading.gif HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://emailportal.domainlander.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 702
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 27 Mar 2025 17:57:38 GMT
expires: Fri, 27 Mar 2026 17:57:38 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
content-type: image/gif
age: 55361
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js | 142.250.74.106 | 200 OK | 90 kB |
URL GET ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js IP142.250.74.106:443
Requested byhttps://emailportal.domainlander.top/_sophosm_oxy/?login=michael.nienkemper@slurpmail.net CertificateIssuerGoogle Trust Services Subjectupload.video.google.com Fingerprint69:99:38:F9:7C:82:8E:AC:7D:DA:EA:3E:1C:E4:7F:52:1B:36:41:AA ValidityMon, 10 Mar 2025 08:37:02 GMT - Mon, 02 Jun 2025 08:37:01 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hashcf2fbbf84281d9ecbffb4993203d543b 832a6a4e86daf38b1975d705c5de5d9e5f5844bc a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
GET /ajax/libs/jquery/3.6.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://emailportal.domainlander.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 27 Mar 2025 18:08:03 GMT
expires: Fri, 27 Mar 2026 18:08:03 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Wed, 11 Jan 2023 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 54729
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/7hokv/0x4AAAAAAAeT97zv7RuMp8kB/auto/fbE/new/normal/auto/ | 104.18.94.41 | 200 OK | 28 kB |
URL GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/7hokv/0x4AAAAAAAeT97zv7RuMp8kB/auto/fbE/new/normal/auto/ IP104.18.94.41:443
Requested byhttps://emailportal.domainlander.top/_sophosm_oxy/?login=michael.nienkemper@slurpmail.net CertificateIssuerGoogle Trust Services Subjectchallenges.cloudflare.com Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28 ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT
File typeHTML document, ASCII text, with very long lines (22104) Hashdde536a77e22b6f15b545bff6891edff 5578a7fbec45ab08949df07f7c91b7c6258cabaa cf89fb13fb4937eabf2adc89686d034f6ca4118209ea15fdff6af869d6630ad4
GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/7hokv/0x4AAAAAAAeT97zv7RuMp8kB/auto/fbE/new/normal/auto/ HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://emailportal.domainlander.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 28 Mar 2025 09:20:12 GMT
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
content-security-policy: default-src 'none'; script-src 'nonce-iY9E37a9oEvWiD6B' 'unsafe-eval'; script-src-attr 'none'; worker-src blob:; style-src 'unsafe-inline'; img-src 'self'; connect-src 'self'; frame-src 'self' blob:; child-src 'self' blob:; form-action 'none'; base-uri 'self'; sandbox allow-same-origin allow-scripts allow-popups allow-forms
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
origin-agent-cluster: ?1
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
referrer-policy: same-origin
document-policy: js-profiling
priority: u=4,i=?0
server: cloudflare
cf-ray: 92760cdefcd756c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=92760cdefcd756c7&lang=auto | 104.18.94.41 | 200 OK | 122 kB |
URL GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=92760cdefcd756c7&lang=auto IP104.18.94.41:443
Requested byhttps://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/7hokv/0x4AAAAAAAeT97zv7RuMp8kB/auto/fbE/new/normal/auto/ CertificateIssuerGoogle Trust Services Subjectchallenges.cloudflare.com Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28 ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size122 kB (122080 bytes) Hashf288e3f34233ea64a4a724d417136d28 bc6fc0dcd6089352172e7945131ce388a0fcf89f 1dd1aceac39289a2bff2a3282011d5ac34012b0813a4109a425abd32f1762c91
GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=92760cdefcd756c7&lang=auto HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/7hokv/0x4AAAAAAAeT97zv7RuMp8kB/auto/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 28 Mar 2025 09:20:12 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
priority: u=3,i=?0
server: cloudflare
cf-ray: 92760cdfae0f56c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.fJOnaP0jscc.O/am=ACA/d=1/exm=el_conf/ed=1/rs=AN8SPfqv2zXhQAfrcC_9KQWUqEZ9Jks8Ag/m=el_main | 142.250.74.106 | 200 OK | 218 kB |
URL GET translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.fJOnaP0jscc.O/am=ACA/d=1/exm=el_conf/ed=1/rs=AN8SPfqv2zXhQAfrcC_9KQWUqEZ9Jks8Ag/m=el_main IP142.250.74.106:443
Requested byhttps://emailportal.domainlander.top/_sophosm_oxy/?login=michael.nienkemper@slurpmail.net CertificateIssuerGoogle Trust Services Subjectupload.video.google.com Fingerprint69:99:38:F9:7C:82:8E:AC:7D:DA:EA:3E:1C:E4:7F:52:1B:36:41:AA ValidityMon, 10 Mar 2025 08:37:02 GMT - Mon, 02 Jun 2025 08:37:01 GMT
File typeJavaScript source, ASCII text, with very long lines (2403) Size218 kB (218335 bytes) Hash196563abd567557ce7900f356df9048c 7c140ff50c164d5901faa4c4e74fcb11482b9c32 eadb2140c433b64ca74a8e25665b4f80a54a4183c3cb01da578e7426fbae95c8
GET /_/translate_http/_/js/k=translate_http.tr.no.fJOnaP0jscc.O/am=ACA/d=1/exm=el_conf/ed=1/rs=AN8SPfqv2zXhQAfrcC_9KQWUqEZ9Jks8Ag/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://emailportal.domainlander.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 75224
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 27 Mar 2025 18:02:31 GMT
expires: Fri, 27 Mar 2026 18:02:31 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 21 Mar 2025 23:10:30 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 55067
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
0.0.0.0