Report - x21xx.com/

Report Overview

Visited public
2023-12-21 01:56:34
Tags
URL
x21xx.com/
Finishing URL
08d.imumetak.top/?s1=201768&s2=1926971&s3=1083&s5=backuser&click_id=75b938pxia1a23y9ec&iexpp=1&j1=1&utm_source=da57dc555e50572d
IP / ASN
178.33.33.187
#16276 OVH SAS
Title
08d.imumetak.top/?utm_source=da57dc555e50572d&s1=201768&s2=1926971&j1=1&click_id=75b938pxia1a23y9ec&s3=1083

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-20 09:42:33	483 B	35 kB	142.250.74.106
21d.bimuqq.top	unknown	unknown	No data	No data	593 B	4.6 kB	172.67.171.171
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-20 11:09:55	1.1 kB	30 kB	216.58.207.227
ttdomen.top	unknown	2022-06-11	2022-06-11 13:22:34	2023-09-06 22:13:42	512 B	1.6 kB	104.21.75.7
08d.imumetak.top	unknown	unknown	No data	No data	575 B	27 kB	104.21.34.167
x21xx.com	unknown	2023-11-10	2019-11-27 17:15:39	2023-11-30 01:10:02	790 B	670 B	178.33.33.187
cdn-dimi.akamaized.net	unknown	2014-03-18	2022-07-07 15:18:25	2023-12-20 22:08:56	7.6 kB	146 kB	88.221.27.128

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-12-21 01:55:01	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-21	medium	imumetak.top	Sinkholed

ThreatFox

No alerts detected

JavaScript (8)

	URL	From	Size	First Seen	Last Seen
	08d.imumetak.top/?utm_source=da57dc555e50572d&s1=201768&s2=1926971&j1=1&click_id=75b938pxia1a23y9ec&s3=1083	ScriptElement	2.2 kB	2024-08-20	2024-08-20
Pretty URL 08d.imumetak.top/?utm_source=da57dc555e50572d&s1=201768&s2=1926971&j1=1&click_id=75b938pxia1a23y9ec&s3=1083 IP 104.21.34.167 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 15:24 Last Seen2024-08-20 15:24 Times Seen1 Hash e5b73abb17cd83dbf5f11952c7fd6387 aa5c4fb42eeaa9aceefc79a1d3ec2c057a7c27ae 2fc75cbb41f1fa12fd250542e0fe6c7097aee3a22299a8f31d5ad2a18cb9883d Loading...

	08d.imumetak.top/?utm_source=da57dc555e50572d&s1=201768&s2=1926971&j1=1&click_id=75b938pxia1a23y9ec&s3=1083	ScriptElement	4.0 kB	2024-08-20	2024-08-20
Pretty URL 08d.imumetak.top/?utm_source=da57dc555e50572d&s1=201768&s2=1926971&j1=1&click_id=75b938pxia1a23y9ec&s3=1083 IP 104.21.34.167 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 15:24 Last Seen2024-08-20 15:24 Times Seen1 Hash df87e0878529fe08140d74e52739eb65 bf7c1758cbcd276d40524a45e00cb64ca2f14016 6c86ba29c3d3d09a467978cbc32fffc737c0141fddf00ac39c31eaaf1ea7c622 Loading...

	cdn-dimi.akamaized.net/landings/285203/1702915390/js/jquery.min.js?1702915390	ScriptElement	88 kB	2023-05-12	2025-05-03
Pretty URL cdn-dimi.akamaized.net/landings/285203/1702915390/js/jquery.min.js?1702915390 IP 88.221.27.128 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-12 23:07 Last Seen2025-05-03 00:04 Times Seen5963 Hash e6c2415c0ace414e5153670314ce99a9 5a9eeac34d86e92e5660e0f4f87204f1ed0c8ff6 d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8 Loading...

	cdn-dimi.akamaized.net/landings/285203/1702915390/js/translates.js?1702915390	ScriptElement	103 kB	2023-12-21	2024-12-30
Pretty URL cdn-dimi.akamaized.net/landings/285203/1702915390/js/translates.js?1702915390 IP 88.221.27.128 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-21 02:56 Last Seen2024-12-30 13:33 Times Seen20 Hash 9c8fe48c27705071996bd58fb035ed38 7464bc352133729e97c88ee0c7fb88d536a2266f e0da05718a787f3393d38df0d957ebb3242e1702094ca3bc0775519de8b23534 Loading...

	08d.imumetak.top/?s1=201768&s2=1926971&s3=1083&s5=backuser&click_id=75b938pxia1a23y9ec&iexpp=1&j1=1&utm_source=da57dc555e50572d	ScriptElement	0 B	0001-01-01	2025-05-03
Pretty URL 08d.imumetak.top/?s1=201768&s2=1926971&s3=1083&s5=backuser&click_id=75b938pxia1a23y9ec&iexpp=1&j1=1&utm_source=da57dc555e50572d IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-03 05:29 Times Seen4599701 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	08d.imumetak.top/?utm_source=da57dc555e50572d&s1=201768&s2=1926971&j1=1&click_id=75b938pxia1a23y9ec&s3=1083	ScriptElement	12 kB	2024-08-20	2024-08-20
Pretty URL 08d.imumetak.top/?utm_source=da57dc555e50572d&s1=201768&s2=1926971&j1=1&click_id=75b938pxia1a23y9ec&s3=1083 IP 104.21.34.167 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 15:24 Last Seen2024-08-20 15:24 Times Seen1 Hash 48c268584ab57566f321c4a4449985dd 535a6fc2426318a640d05c9b0872695832644625 56b99abea6440dc47d60b7a88c4ff627f4147d065c7ebf5c031c5f2b8d0826a4 Loading...

	08d.imumetak.top/?utm_source=da57dc555e50572d&s1=201768&s2=1926971&j1=1&click_id=75b938pxia1a23y9ec&s3=1083	ScriptElement	2.5 kB	2023-06-30	2025-05-01
Pretty URL 08d.imumetak.top/?utm_source=da57dc555e50572d&s1=201768&s2=1926971&j1=1&click_id=75b938pxia1a23y9ec&s3=1083 IP 104.21.34.167 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-30 16:46 Last Seen2025-05-01 23:03 Times Seen2030 Hash 78a93fba834e51562cc0c1643de4a304 2bf106e16eb1752230a8499285b73ae6d8dcbcc2 d684c6105ece5706298f7778d19bc9881449a39196f92c000254f4ce6fdd368e Loading...

	08d.imumetak.top/?utm_source=da57dc555e50572d&s1=201768&s2=1926971&j1=1&click_id=75b938pxia1a23y9ec&s3=1083	ScriptElement	324 B	2024-08-20	2024-08-20
Pretty URL 08d.imumetak.top/?utm_source=da57dc555e50572d&s1=201768&s2=1926971&j1=1&click_id=75b938pxia1a23y9ec&s3=1083 IP 104.21.34.167 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 15:24 Last Seen2024-08-20 15:24 Times Seen1 Hash 9a900b40995147571e74a152de38991a 27be6dabc1866740c9cf9b039e43c225a899506c 32738e24a400adcf4b97b2a79db7f22796241eb8205a42e8df43c734b502e507 Loading...

HTTP Transactions (23)

URL IP Response Size

x21xx.com/

178.33.33.187

0 B

URL User Request GET
x21xx.com/
IP
178.33.33.187:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: x21xx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: nginx/1.22.0
Date: Thu, 21 Dec 2023 01:56:08 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Location: http://x21xx.com/main29
X-Content-Type-Options: nosniff

x21xx.com/main29

178.33.33.187

302 Moved Temporarily

0 B

URL User Request GET HTTP/1.1
x21xx.com/main29
IP
178.33.33.187:80
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /main29 HTTP/1.1
Host: x21xx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: nginx/1.22.0
Date: Thu, 21 Dec 2023 01:56:08 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Set-Cookie: qwerty_main29=0; expires=Fri, 22-Dec-2023 01:56:08 GMT; Max-Age=86400; path=/
Location: https://ttdomen.top/click?a=1083&o=2&sub_id1=x21xx.com
X-Content-Type-Options: nosniff

cdn-dimi.akamaized.net/landings/285203/1702915390/css/reset.css?1702915390

88.221.27.128

200 OK

851 B

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/285203/1702915390/css/reset.css?1702915390
IP
88.221.27.128:443
ASN
#20940 Akamai International B.V.

Requested by
https://08d.imumetak.top/?utm_source=da57dc555e50572d&s1=201768&s2=1926971&j1=1&click_id=75b938pxia1a23y9ec&s3=1083
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
ASCII text
Size
851 B (851 bytes)
Hash
1fcaf69890f2b1a79e24da93908cc937
e0ee6c1a086a630600aa32640e7c268abcb3cf25
5a3f9dbc9648b73c846d1122b06ed45a98a7909e78c6686d007e2c28f192ba16

HTTP Headers

GET /landings/285203/1702915390/css/reset.css?1702915390 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://08d.imumetak.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: oAdtTrmGsn6m0t8foZex35J44w/MQ5KJ8qfzboj6SDOT2fUqF0DQW73ny/EfOaW0zuM9EQLv/Qc=
x-amz-request-id: 3GXXEC3MKEH078A5
Last-Modified: Mon, 18 Dec 2023 16:03:17 GMT
ETag: "1fcaf69890f2b1a79e24da93908cc937"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 21 Dec 2023 01:56:10 GMT
Content-Length: 851
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/285203/1702915390/css/style.css?1702915390

88.221.27.128

200 OK

2.4 kB

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/285203/1702915390/css/style.css?1702915390
IP
88.221.27.128:443
ASN
#20940 Akamai International B.V.

Requested by
https://08d.imumetak.top/?utm_source=da57dc555e50572d&s1=201768&s2=1926971&j1=1&click_id=75b938pxia1a23y9ec&s3=1083
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
ASCII text
Size
2.4 kB (2402 bytes)
Hash
fc9b7c5576d89bc5150e4b4dab271223
2f6ec41a492d950fadf106a420b4590a112642d9
2c25fb16125ab3835acc437543c28be775879ad2dd1ef9c79a748c233e816c14

HTTP Headers

GET /landings/285203/1702915390/css/style.css?1702915390 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://08d.imumetak.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: 66Ji26PZj31w7CDSbDLuTklYr5mfx5QIVJzJhkZuFDOzL6Kj+hq36opUGN77VM3FE3rNW7zGnsU=
x-amz-request-id: 3GXHRTNXN6KWAENX
Last-Modified: Mon, 18 Dec 2023 16:03:17 GMT
ETag: "fc9b7c5576d89bc5150e4b4dab271223"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 21 Dec 2023 01:56:10 GMT
Content-Length: 2402
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/285203/1702915390/js/translates.js?1702915390

88.221.27.128

200 OK

30 kB

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/285203/1702915390/js/translates.js?1702915390
IP
88.221.27.128:443
ASN
#20940 Akamai International B.V.

Requested by
https://08d.imumetak.top/?utm_source=da57dc555e50572d&s1=201768&s2=1926971&j1=1&click_id=75b938pxia1a23y9ec&s3=1083
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text
Size
30 kB (29553 bytes)
Hash
9c8fe48c27705071996bd58fb035ed38
7464bc352133729e97c88ee0c7fb88d536a2266f
e0da05718a787f3393d38df0d957ebb3242e1702094ca3bc0775519de8b23534

HTTP Headers

GET /landings/285203/1702915390/js/translates.js?1702915390 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://08d.imumetak.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: WJmRn/GRE+zE2OoqlsTPztsGKfUZ0VSmlbI39BN62V5OUq4aBqpwF4gzVvQOEryGPXpwY5mtj+E=
x-amz-request-id: 3GXMSQMEN4CVZC9G
Last-Modified: Mon, 18 Dec 2023 16:03:17 GMT
ETag: "9c8fe48c27705071996bd58fb035ed38"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 21 Dec 2023 01:56:10 GMT
Content-Length: 29553
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/285203/1702915390/js/jquery.min.js?1702915390

88.221.27.128

200 OK

30 kB

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/285203/1702915390/js/jquery.min.js?1702915390
IP
88.221.27.128:443
ASN
#20940 Akamai International B.V.

Requested by
https://08d.imumetak.top/?utm_source=da57dc555e50572d&s1=201768&s2=1926971&j1=1&click_id=75b938pxia1a23y9ec&s3=1083
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65447)
Size
30 kB (30386 bytes)
Hash
e6c2415c0ace414e5153670314ce99a9
5a9eeac34d86e92e5660e0f4f87204f1ed0c8ff6
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8

HTTP Headers

GET /landings/285203/1702915390/js/jquery.min.js?1702915390 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://08d.imumetak.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: fLiUPPIOe28kZK7Jvqk6QkjcUTMTR/VkxhCQg7jaRMbTLJYK//H9L96C8hzHY0BPEEOMX5tgwFM=
x-amz-request-id: 3GXT7JMC0EYYB9C0
Last-Modified: Mon, 18 Dec 2023 16:03:17 GMT
ETag: "e6c2415c0ace414e5153670314ce99a9"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 21 Dec 2023 01:56:10 GMT
Content-Length: 30386
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/285203/1702915390/images/glitch-1-d.png

88.221.27.128

200 OK

2.4 kB

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/285203/1702915390/images/glitch-1-d.png
IP
88.221.27.128:443
ASN
#20940 Akamai International B.V.

Requested by
https://08d.imumetak.top/?utm_source=da57dc555e50572d&s1=201768&s2=1926971&j1=1&click_id=75b938pxia1a23y9ec&s3=1083
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
PNG image data, 492 x 1080, 8-bit colormap, non-interlaced
Size
2.4 kB (2446 bytes)
Hash
bdf4aabd019eb40d0d534a1eeb17435c
b93f47c4b7eebafc90376c5cd5788da008eada50
93cf21212d8191aab029e75797007d923553de745441e26942c4221ebc317cd6

HTTP Headers

GET /landings/285203/1702915390/images/glitch-1-d.png HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://08d.imumetak.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: Bz4VBb5L+DC/0Y1y75nKozle1akkf69n8MGN6RCe/HC+SQDI/i6uBEWe/TtlMaLET6aWvGSoyuM=
x-amz-request-id: 3GXXXT2GX1YQ2V3Z
Last-Modified: Mon, 18 Dec 2023 16:03:16 GMT
ETag: "bdf4aabd019eb40d0d534a1eeb17435c"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 2446
Date: Thu, 21 Dec 2023 01:56:10 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/285203/1702915390/images/q1-d.png

88.221.27.128

200 OK

2.6 kB

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/285203/1702915390/images/q1-d.png
IP
88.221.27.128:443
ASN
#20940 Akamai International B.V.

Requested by
https://08d.imumetak.top/?utm_source=da57dc555e50572d&s1=201768&s2=1926971&j1=1&click_id=75b938pxia1a23y9ec&s3=1083
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
PNG image data, 900 x 300, 8-bit colormap, non-interlaced
Size
2.6 kB (2611 bytes)
Hash
e469b16fcb009ffdba22386571196291
4fff5d279c3716f370853c83d7d66a4f566b5f6a
488eb6d893686ff60861c24d00af983ef37d7ceb571cf10e3ef7434ca4667fb3

HTTP Headers

GET /landings/285203/1702915390/images/q1-d.png HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/landings/285203/1702915390/css/style.css?1702915390
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: p+SeXPhLfkmKFFbK676VzAgj/V421BIhqjo6wD/4sjP1DLYCMNVyDL2Og1ToFY9QqLHQDodRqQU=
x-amz-request-id: GXK58RFHX9V7A5SS
Last-Modified: Mon, 18 Dec 2023 16:03:17 GMT
ETag: "e469b16fcb009ffdba22386571196291"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 2611
Date: Thu, 21 Dec 2023 01:56:10 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

fonts.googleapis.com/css2?family=DotGothic16&family=Inconsolata&display=swap

142.250.74.106

200 OK

34 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=DotGothic16&family=Inconsolata&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://08d.imumetak.top/?utm_source=da57dc555e50572d&s1=201768&s2=1926971&j1=1&click_id=75b938pxia1a23y9ec&s3=1083
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint10:D0:ED:9A:F4:53:C8:99:DE:B6:5E:5C:04:E6:20:0B:68:7D:46:EC
ValidityMon, 20 Nov 2023 08:08:50 GMT - Mon, 12 Feb 2024 08:08:49 GMT

File type
gzip compressed data, max compression
Size
34 kB (34206 bytes)
Hash
3c322ae8118b00d5b05dbba894620784
3712add42e507f89b411e0252783f72af09bfcf6
3672490244485f92df9c5b811cb5ab66713fd58de5b12c4a78504b7f255e84a9

HTTP Headers

GET /css2?family=DotGothic16&family=Inconsolata&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 21 Dec 2023 01:56:10 GMT
date: Thu, 21 Dec 2023 01:56:10 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

21d.bimuqq.top/click.php?key=lav6t81woikcpgjtxpyd&externalid=26b8d0c238151ad5cd493e10a20c80bc&a=1083&landing=&sub_id1=x21xx.com

172.67.171.171

302 Found

3.1 kB

URL User Request GET HTTP/2
21d.bimuqq.top/click.php?key=lav6t81woikcpgjtxpyd&externalid=26b8d0c238151ad5cd493e10a20c80bc&a=1083&landing=&sub_id1=x21xx.com
IP
172.67.171.171:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectbimuqq.top
FingerprintE3:FA:5B:9F:6E:75:15:72:83:91:0F:9E:94:3E:97:D0:99:45:7F:BF
ValidityWed, 20 Dec 2023 20:41:16 GMT - Tue, 19 Mar 2024 20:41:15 GMT

File type
PNG image data, 900 x 300, 8-bit colormap, non-interlaced
Size
3.1 kB (3129 bytes)
Hash
b6ef4688a46be589bf5b4e1e5bdfdc35
384ed2487dd5e284d451d56575a9b4c7a40e4f29
dc6cd92237c78096fc8b81a794f5d24fd32fdf19ffb0c1da51282e70b60636de

HTTP Headers

GET /click.php?key=lav6t81woikcpgjtxpyd&externalid=26b8d0c238151ad5cd493e10a20c80bc&a=1083&landing=&sub_id1=x21xx.com HTTP/1.1
Host: 21d.bimuqq.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 21 Dec 2023 01:56:09 GMT
content-type: text/html; charset=UTF-8
location: https://08d.imumetak.top/?utm_source=da57dc555e50572d&s1=201768&s2=1926971&j1=1&click_id=75b938pxia1a23y9ec&s3=1083
set-cookie: uclick=8pxia1a28n; expires=Fri, 22-Dec-2023 01:56:09 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=8pxia1a28n-8pxia1a28n-fe-fe-wj-3y-6o-b6ebc7; expires=Fri, 22-Dec-2023 01:56:09 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclick=8pxia1a28n; expires=Fri, 22-Dec-2023 01:56:09 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=8pxia1a28n-8pxia1a2bl-i4-0-i4-2t-b4vr-0b7563; expires=Fri, 22-Dec-2023 01:56:09 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclick=8pxia1a28n; expires=Fri, 22-Dec-2023 01:56:09 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=8pxia1a28n-8pxia1a23y-vr-16bl-qdwj-syxr-17p2-a7f13a; expires=Fri, 22-Dec-2023 01:56:09 GMT; Max-Age=86400; path=/; secure; SameSite=none
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UexwDqp2W1recr6AY3L713EmvOpxZcktzYVE1cKNuJ5Js2vR%2B2DOaw9AWosDnv9iwfkouYz4BPkdznRLsm%2BQiOMoc75DzJcira%2Bb5OJK2qHuCD1CdzCbO9ARaYij8n06Cw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 838c81c64aae0b69-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn-dimi.akamaized.net/landings/285203/1702915390/images/q-fin-d.png

88.221.27.128

200 OK

5.2 kB

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/285203/1702915390/images/q-fin-d.png
IP
88.221.27.128:443
ASN
#20940 Akamai International B.V.

Requested by
https://08d.imumetak.top/?utm_source=da57dc555e50572d&s1=201768&s2=1926971&j1=1&click_id=75b938pxia1a23y9ec&s3=1083
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
PNG image data, 901 x 300, 8-bit/color RGBA, non-interlaced
Size
5.2 kB (5171 bytes)
Hash
a13e8bca59c83a3a451ac6a1c7072ea1
3dad7fe124e21e57c3ac626f41c40ab52488372b
c4c4e115d36f0e86bebaa0c7bce0703c8465ae69a8db0ee0e1769009351dc180

HTTP Headers

GET /landings/285203/1702915390/images/q-fin-d.png HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/landings/285203/1702915390/css/style.css?1702915390
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: u6uHiT19+JqUaIeqqx7sVQUAF1NKwky+/qy8KkzNc/sTkoT/umx6+Jlo9CmOykTHWEE0q2hv3Xc=
x-amz-request-id: P25AP7MRMW72EXVJ
Last-Modified: Mon, 18 Dec 2023 16:03:17 GMT
ETag: "a13e8bca59c83a3a451ac6a1c7072ea1"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 5171
Date: Thu, 21 Dec 2023 01:56:10 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/285203/1702915390/images/w-bar-m.svg

88.221.27.128

200 OK

2.8 kB

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/285203/1702915390/images/w-bar-m.svg
IP
88.221.27.128:443
ASN
#20940 Akamai International B.V.

Requested by
https://08d.imumetak.top/?utm_source=da57dc555e50572d&s1=201768&s2=1926971&j1=1&click_id=75b938pxia1a23y9ec&s3=1083
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
2.8 kB (2758 bytes)
Hash
dbea0c13d8a4d0aa30365c0765c1b081
76d6d2637be74029fc175579d7261ae297ffde6d
5ea97eb1b19f840ffe852445b82acccf15cf03ce2caed84fa0aaebbd3cc22610

HTTP Headers

GET /landings/285203/1702915390/images/w-bar-m.svg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/landings/285203/1702915390/css/style.css?1702915390
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: vQprASsjOYwUuHZpMxrYgscBkO/YDsn6niSIDdpQa9pElBte7PgyM3re8gIYBjuT4SzH0B22niA=
x-amz-request-id: Q76Q0XTAA1R7M9HF
Last-Modified: Mon, 18 Dec 2023 16:03:17 GMT
ETag: "dbea0c13d8a4d0aa30365c0765c1b081"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 2758
Date: Thu, 21 Dec 2023 01:56:10 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/285203/1702915390/images/status-first.svg

88.221.27.128

200 OK

1.9 kB

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/285203/1702915390/images/status-first.svg
IP
88.221.27.128:443
ASN
#20940 Akamai International B.V.

Requested by
https://08d.imumetak.top/?utm_source=da57dc555e50572d&s1=201768&s2=1926971&j1=1&click_id=75b938pxia1a23y9ec&s3=1083
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
1.9 kB (1928 bytes)
Hash
8abed11e85cdbdfeb01f1fd8f0976ddc
c60b46235609382bcc666edb5c1a59d8bb517fb0
27fe28e18318e724ec760f26207c700e2062534ab0b8eb6fbdfe4b9028ba1d00

HTTP Headers

GET /landings/285203/1702915390/images/status-first.svg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/landings/285203/1702915390/css/style.css?1702915390
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: zUttOEVwn5QIw7j2Q3MIknvEIT0kPmSMSbGmmf8cOhvBmhVNgLzmUTz5aPV3X6MbKfm0Z7sFzYM=
x-amz-request-id: Q76R2HN7S5850MTY
Last-Modified: Mon, 18 Dec 2023 16:03:17 GMT
ETag: "8abed11e85cdbdfeb01f1fd8f0976ddc"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 1928
Date: Thu, 21 Dec 2023 01:56:10 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/285203/1702915390/images/glitch-2-d.png

88.221.27.128

200 OK

6.6 kB

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/285203/1702915390/images/glitch-2-d.png
IP
88.221.27.128:443
ASN
#20940 Akamai International B.V.

Requested by
https://08d.imumetak.top/?utm_source=da57dc555e50572d&s1=201768&s2=1926971&j1=1&click_id=75b938pxia1a23y9ec&s3=1083
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
PNG image data, 1651 x 1080, 8-bit colormap, non-interlaced
Size
6.6 kB (6622 bytes)
Hash
223b108ad11b13b7ff55c3ce381bdde8
0b81ed4696bd1e6f6ec315d3d394bb1a158bde77
ece37820bb6052dbd46e415e8260032de0523821dd0c11c24bc75b1650ec6b38

HTTP Headers

GET /landings/285203/1702915390/images/glitch-2-d.png HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/landings/285203/1702915390/css/style.css?1702915390
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: xDmbquVtVkSYBhS0xu/H5sHyXZhoy7Oo2QnqtrJ6PIucrRyjhrReoLL2Hi9FtzREJC0zJQ4BjD8=
x-amz-request-id: P252PH0FV80G0N4T
Last-Modified: Mon, 18 Dec 2023 16:03:16 GMT
ETag: "223b108ad11b13b7ff55c3ce381bdde8"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 6622
Date: Thu, 21 Dec 2023 01:56:10 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

fonts.gstatic.com/s/dotgothic16/v17/v6-QGYjBJFKgyw5nSoDAGH7M6X8.woff2

216.58.207.227

200 OK

10 kB

URL GET HTTP/2
fonts.gstatic.com/s/dotgothic16/v17/v6-QGYjBJFKgyw5nSoDAGH7M6X8.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://08d.imumetak.top/?utm_source=da57dc555e50572d&s1=201768&s2=1926971&j1=1&click_id=75b938pxia1a23y9ec&s3=1083
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 10436, version 1.0
Size
10 kB (10436 bytes)
Hash
0ba4c4a713eedd7eca4889f38cac2b57
d5fa7fff8a50ffae2102c287810486c4f26a5397
2920aef4fb230c18d5090ca21aa8b3ebdf0e6645bd57f2840ac02061071181b9

HTTP Headers

GET /s/dotgothic16/v17/v6-QGYjBJFKgyw5nSoDAGH7M6X8.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://08d.imumetak.top
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10436
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 15 Dec 2023 07:55:57 GMT
expires: Sat, 14 Dec 2024 07:55:57 GMT
cache-control: public, max-age=31536000
age: 496813
last-modified: Thu, 24 Aug 2023 20:19:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/inconsolata/v32/QldgNThLqRwH-OJ1UHjlKENVzkWGVkL3GZQmAwLYxYWI2qfdm7Lpp4U8WR32lw.woff2

216.58.207.227

200 OK

18 kB

URL GET HTTP/2
fonts.gstatic.com/s/inconsolata/v32/QldgNThLqRwH-OJ1UHjlKENVzkWGVkL3GZQmAwLYxYWI2qfdm7Lpp4U8WR32lw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://08d.imumetak.top/?utm_source=da57dc555e50572d&s1=201768&s2=1926971&j1=1&click_id=75b938pxia1a23y9ec&s3=1083
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 17732, version 1.0
Size
18 kB (17732 bytes)
Hash
7973bdeda76b81f424923ddc348bd47c
a0405e22adf79575415fc2d74c8b4a7d4421e5a6
b8293f6a4b7a557268b083c68c43f190304a43f755b85af21a57221fd9805663

HTTP Headers

GET /s/inconsolata/v32/QldgNThLqRwH-OJ1UHjlKENVzkWGVkL3GZQmAwLYxYWI2qfdm7Lpp4U8WR32lw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://08d.imumetak.top
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17732
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 16 Dec 2023 17:19:10 GMT
expires: Sun, 15 Dec 2024 17:19:10 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Sep 2023 00:51:07 GMT
content-type: font/woff2
age: 376620
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ttdomen.top/click?a=1083&o=2&sub_id1=x21xx.com

104.21.75.7

302 Found

472 B

URL User Request GET HTTP/2
ttdomen.top/click?a=1083&o=2&sub_id1=x21xx.com
IP
104.21.75.7:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectttdomen.top
Fingerprint08:54:8F:A6:5A:71:19:AA:43:7B:C5:D1:21:7D:D7:16:03:97:2A:F5
ValiditySat, 04 Nov 2023 17:42:48 GMT - Fri, 02 Feb 2024 17:42:47 GMT

File type
data
Size
472 B (472 bytes)
Hash
a22a1616f1f2ed69554015913dd42f63
8b30b550b48856ce7c570fb8ec864e32eb7fbee1
4e42645ddf83e5a1bd0990720255299ea4cf904a9c6920053d2450a418f2f75d

HTTP Headers

GET /click?a=1083&o=2&sub_id1=x21xx.com HTTP/1.1
Host: ttdomen.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 21 Dec 2023 01:56:09 GMT
content-type: text/html; charset=UTF-8
location: https://21d.bimuqq.top/click.php?key=lav6t81woikcpgjtxpyd&externalid=26b8d0c238151ad5cd493e10a20c80bc&a=1083&landing=&sub_id1=x21xx.com
set-cookie: U-c81e728d9d4c2f636f067f89cc14862c=unique; expires=Sat, 20-Jan-2024 01:56:09 GMT; Max-Age=2592000; path=/; secure; SameSite=None
o_c81e728d9d4c2f636f067f89cc14862c=9e73d5cf-ae9b-47af-8556-5fdb4447957d; expires=Thu, 28-Dec-2023 01:56:09 GMT; Max-Age=604800; path=/; secure; SameSite=None
x-debug-tag: 65839b3923f88
x-debug-duration: 96
x-debug-link: /v-debugger/default/view?tag=65839b3923f88
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0KkYRkWuk24wgU5TQDn672XnAo2lbab%2BKJ5S3g3I9YjsrDBxyGaaixf%2F4shBn3Zs9ixg35GWrC0G1stfCTOL1R%2BgKLEX1E5XNIxMKo%2FKsNqoj2dvAxm7CYQr1Jnheg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 838c81c489475694-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn-dimi.akamaized.net/landings/285203/1702915390/images/bg-2-web.mp4

88.221.27.128

206 Partial Content

32 kB

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/285203/1702915390/images/bg-2-web.mp4
IP
88.221.27.128:443
ASN
#20940 Akamai International B.V.

Requested by
https://08d.imumetak.top/?utm_source=da57dc555e50572d&s1=201768&s2=1926971&j1=1&click_id=75b938pxia1a23y9ec&s3=1083
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
data
Size
32 kB (31921 bytes)
Hash
8a2bec40a62317e0c03f426240f6f84e
b896f338295653a0f01561bc7d6a61b7ed7ce762
79c88877646a177e98f791a13e3c49e0b612e3462d4707d0a040f3084e533eb5

HTTP Headers

GET /landings/285203/1702915390/images/bg-2-web.mp4 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=4685824-
DNT: 1
Connection: keep-alive
Referer: https://08d.imumetak.top/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 206 Partial Content
x-amz-id-2: MU90YnFg5jkxeXBjpQ6lHtqOR2a+ElCXwiqVlFEZRZnMC133yMpEdQgOGcxtbDdoWRklvo2Raiw=
x-amz-request-id: P25FHEJ1XEDYRF0B
Last-Modified: Mon, 18 Dec 2023 16:03:15 GMT
ETag: "5b93e2654818e3dbecf34fcf025d31da"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: video/mp4
Server: AmazonS3
Date: Thu, 21 Dec 2023 01:56:11 GMT
Content-Range: bytes 4685824-4717744/4717745
Content-Length: 31921
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/285203/1702915390/images/bg-web.mp4

88.221.27.128

206 Partial Content

11 kB

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/285203/1702915390/images/bg-web.mp4
IP
88.221.27.128:443
ASN
#20940 Akamai International B.V.

Requested by
https://08d.imumetak.top/?utm_source=da57dc555e50572d&s1=201768&s2=1926971&j1=1&click_id=75b938pxia1a23y9ec&s3=1083
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
data
Size
11 kB (11356 bytes)
Hash
dbdf46847ecebf3ff50be7da4472f6de
22bb1659beaa3efe6576045c2d37cbdd4210756c
5eb6ed02a9ed48961d636629a8596525bab3769d8179727da80e55af24d19010

HTTP Headers

GET /landings/285203/1702915390/images/bg-web.mp4 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=5734400-
DNT: 1
Connection: keep-alive
Referer: https://08d.imumetak.top/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 206 Partial Content
x-amz-id-2: Trs29dyOqeGywMIQN2jvHjHlKLqorJC3RBTB1Pw0bwc1U/CROyUUJNh4ohvy0fbQ6dGhMUqcX00=
x-amz-request-id: P259AC02ZP819ZV3
Last-Modified: Mon, 18 Dec 2023 16:03:13 GMT
ETag: "a282ee1bcefcd15ee835f55566e0283e-2"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: video/mp4
Server: AmazonS3
Date: Thu, 21 Dec 2023 01:56:11 GMT
Content-Range: bytes 5734400-5745755/5745756
Content-Length: 11356
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/images/favicon.ico

88.221.27.128

200 OK

4.1 kB

URL GET HTTP/1.1
cdn-dimi.akamaized.net/images/favicon.ico
IP
88.221.27.128:443
ASN
#20940 Akamai International B.V.

Requested by
https://08d.imumetak.top/?utm_source=da57dc555e50572d&s1=201768&s2=1926971&j1=1&click_id=75b938pxia1a23y9ec&s3=1083
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced
Size
4.1 kB (4103 bytes)
Hash
4cdf3256cd7b8ec3917adb79d6bf457e
bc615337e9223183a126c8fb649774866fb53e69
fbfff44a653dc193b93620f1035d221d3aaddf3238742270b3385482986ef7f0

HTTP Headers

GET /images/favicon.ico HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://08d.imumetak.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: 5BYso0zvwO1G7FAX7c0Uj7oal4dn1d39Ac9efFl8Uh40ypYXbOuBKVzcDbFG9ZPgLER5SY4kR/A=
x-amz-request-id: MWA1913WVHEF8Q34
Last-Modified: Wed, 07 Nov 2018 08:41:38 GMT
ETag: "4cdf3256cd7b8ec3917adb79d6bf457e"
Accept-Ranges: bytes
Content-Type: image/x-icon
Server: AmazonS3
Content-Length: 4103
Date: Thu, 21 Dec 2023 01:56:11 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/285203/1702915390/images/q2-d.png

88.221.27.128

200 OK

3.1 kB

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/285203/1702915390/images/q2-d.png
IP
88.221.27.128:443
ASN
#20940 Akamai International B.V.

Requested by
https://08d.imumetak.top/?utm_source=da57dc555e50572d&s1=201768&s2=1926971&j1=1&click_id=75b938pxia1a23y9ec&s3=1083
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
PNG image data, 900 x 300, 8-bit colormap, non-interlaced
Size
3.1 kB (3129 bytes)
Hash
b6ef4688a46be589bf5b4e1e5bdfdc35
384ed2487dd5e284d451d56575a9b4c7a40e4f29
dc6cd92237c78096fc8b81a794f5d24fd32fdf19ffb0c1da51282e70b60636de

HTTP Headers

GET /landings/285203/1702915390/images/q2-d.png HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/landings/285203/1702915390/css/style.css?1702915390
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: HYkXUYUwWnDLmlxZY2Q4HAVZiiX6Jadz0XvtL2xh5/H3oQmLMqM0EGaD0++1vtaNA/4w6PLr3/g=
x-amz-request-id: 0GF0Q792NAWW5SWC
Last-Modified: Mon, 18 Dec 2023 16:03:17 GMT
ETag: "b6ef4688a46be589bf5b4e1e5bdfdc35"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 3129
Date: Thu, 21 Dec 2023 01:56:10 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/285203/1702915390/images/q3-d.png

88.221.27.128

200 OK

3.3 kB

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/285203/1702915390/images/q3-d.png
IP
88.221.27.128:443
ASN
#20940 Akamai International B.V.

Requested by
https://08d.imumetak.top/?utm_source=da57dc555e50572d&s1=201768&s2=1926971&j1=1&click_id=75b938pxia1a23y9ec&s3=1083
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
PNG image data, 900 x 300, 8-bit colormap, non-interlaced
Size
3.3 kB (3266 bytes)
Hash
0cabbde2cebafbd2c2638bce2357fde2
61859dab2d6a3d7fe0dedf24afa5982d0671e2ac
bdf4cc2f50ed4029fc15ef4bb02b50bc82b6c34c83f45549aaff3ffe839545c8

HTTP Headers

GET /landings/285203/1702915390/images/q3-d.png HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/landings/285203/1702915390/css/style.css?1702915390
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: f+9XRXRVEIdyz2ep6GC8lwAY5S6O7XRjDcO9++rMqIXjfdqUflpA92x4lgoAieLagMNuI4DP4W8=
x-amz-request-id: 0GF64GB2X317WJH0
Last-Modified: Mon, 18 Dec 2023 16:03:17 GMT
ETag: "0cabbde2cebafbd2c2638bce2357fde2"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 3266
Date: Thu, 21 Dec 2023 01:56:10 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

08d.imumetak.top/?utm_source=da57dc555e50572d&s1=201768&s2=1926971&j1=1&click_id=75b938pxia1a23y9ec&s3=1083

104.21.34.167

200 OK

26 kB

URL User Request GET HTTP/2
08d.imumetak.top/?utm_source=da57dc555e50572d&s1=201768&s2=1926971&j1=1&click_id=75b938pxia1a23y9ec&s3=1083
IP
104.21.34.167:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectimumetak.top
Fingerprint8C:C9:A3:34:01:1A:A9:DD:E9:68:87:82:13:95:DD:24:CD:A3:2F:AD
ValidityFri, 08 Dec 2023 13:49:57 GMT - Thu, 07 Mar 2024 13:49:56 GMT

File type
HTML document, ASCII text, with very long lines (1091)
Size
26 kB (25649 bytes)
Hash
5134ca76d67c9c81e4f56be22efbde51
7e868feacae94afa168923e5749077f8285d6f8f
f1707b35944e8c9ab9c3ce18678479e1e698279aaf4fbec62fe47b4fa659ccac

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?utm_source=da57dc555e50572d&s1=201768&s2=1926971&j1=1&click_id=75b938pxia1a23y9ec&s3=1083 HTTP/1.1
Host: 08d.imumetak.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 21 Dec 2023 01:56:09 GMT
content-type: text/html; charset=utf-8
set-cookie: unique_id=658367d70004ff26; Path=/; Expires=Mon, 19 Feb 2024 01:56:09 GMT
unique_id2=658357e8000eccc4; Path=/; Expires=Wed, 20 Mar 2024 01:56:09 GMT
658357e8000eccc4_c=1; Path=/; Expires=Wed, 20 Mar 2024 01:56:09 GMT
ref_token=4326_201752_203033_208650_201768; Path=/; Expires=Sat, 20 Jan 2024 01:56:09 GMT
impression=; Path=/; Expires=Thu, 21 Dec 2023 01:56:09 GMT
658357e8000eccc4_sl=[285203]; Path=/; Expires=Thu, 04 Jan 2024 01:56:09 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FQ3hQ6AffDnwcgCCAdX9lWoFaefRmI6CEUgGNK3rJdTUlyLlttn9QnPgyJutIkREv0hPXvBBPKcWE8txA88O62Q8ee%2FeABvv4yafPbTk01FWIrREcOsyF2fpMDFO4DFH3HLI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 838c81c93e84b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (23)

URL User Request GET

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN