ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
142.250.74.170200 OK 33 kB URL GET HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
IP 142.250.74.170:443
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File type JavaScript source, ASCII text, with very long lines (32086)
Hash 8101d596b2b8fa35fe3a634ea342d7c3
d6c1f41972de07b09bfa63d2e50f9ab41ec372bd
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
GET /ajax/libs/jquery/1.11.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://giuvns.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33434
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 17:46:16 GMT
expires: Fri, 25 Apr 2025 17:46:16 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 49395
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
i.imgur.com/cxWZlD1.jpeg
151.101.244.193200 OK 92 kB IP 151.101.244.193:443
Certificate IssuerSectigo Limited
Subject*.imgur.com
Fingerprint39:5B:E1:0D:4A:FC:A4:C7:F3:71:DE:C4:5C:12:69:F9:5F:58:9F:42
ValidityThu, 15 Feb 2024 00:00:00 GMT - Fri, 14 Feb 2025 23:59:59 GMT
File type JPEG image data, baseline, precision 8, 1024x683, components 3
Hash 8b958409eedbde0cbb74c018f6eb2281
3c41e716436af9346ff2eea012536c22c9c4d8a9
c7de315d5b1b3d33ca7367e7ded889b690901a1eb5c41c531ea286ed8e916607
GET /cxWZlD1.jpeg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://giuvns.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
last-modified: Tue, 23 Apr 2024 09:21:54 GMT
etag: "8b958409eedbde0cbb74c018f6eb2281"
x-amz-server-side-encryption: AES256
x-amz-cf-pop: IAD89-P1
x-amz-cf-id: 8_ZsJIGh-YzIIgauEPc6poYvm9HWr-IgQbDTbdrQrgLMu_xCXrpcdg==
cache-control: public, max-age=31536000
accept-ranges: bytes
age: 252458
date: Fri, 26 Apr 2024 07:29:32 GMT
x-served-by: cache-iad-kcgs7200173-IAD, cache-hel1410034-HEL
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 20, 0
x-timer: S1714116572.028650,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 92046
X-Firefox-Spdy: h2
tj.657g.xyz/api/event
188.114.97.1202 Accepted 2 B IP 188.114.97.1:443
Certificate IssuerGoogle Trust Services LLC
Subject657g.xyz
Fingerprint50:D6:E0:11:AD:45:D4:13:FA:D4:11:BC:81:A3:03:88:0B:91:49:F4
ValidityTue, 05 Mar 2024 08:51:58 GMT - Mon, 03 Jun 2024 08:51:57 GMT
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Analyzer Verdict Alert OpenPhish phishing PayPal Inc.
POST /api/event HTTP/1.1
Host: tj.657g.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 80
Origin: https://giuvns.top
DNT: 1
Connection: keep-alive
Referer: https://giuvns.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 202 Accepted
date: Fri, 26 Apr 2024 07:29:32 GMT
content-type: text/plain; charset=utf-8
content-length: 2
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
x-request-id: F8nEEC77bSZR48YM-yrB
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M%2FGT5dKkAue3Qj0ClzJgZqgX3cqFHdWka8%2FGG002%2FASMH4KCvpV4upVd6E50fk90w4ubtXAEnYbiq9Gds4hMCzrC6EWnlVnOu3t7zZ2%2B3No4OrvHciVRukaVEeakNw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a4dcbf9def5685-OSL
alt-svc: h3=":443"; ma=86400
hm.baidu.com/hm.js?8d809470ffc8bd20b0e6fbe36435c751
14.215.183.79200 OK 11 kB URL GET HTTP/1.1 hm.baidu.com/hm.js?8d809470ffc8bd20b0e6fbe36435c751
IP 14.215.183.79:443
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type JavaScript source, ASCII text, with very long lines (617)
Hash 8762d58888f1b8ce2d9d9b13c1ea3785
bfd424b8ec3dac0357e61557069fae05ebf32e5f
617c32c2edb6981043deb3020348438fc958bf6b27aa5cf1fa3f2cb32263e60e
GET /hm.js?8d809470ffc8bd20b0e6fbe36435c751 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://giuvns.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11255
Content-Type: application/javascript
Date: Fri, 26 Apr 2024 07:29:33 GMT
Etag: 076fcaa593c0c5a1e31e62fb691dfc28
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=774D3AA2A9D2B15B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=2070370420&si=8d809470ffc8bd20b0e6fbe36435c751&v=1.3.0&lv=1&sn=48649&r=0&ww=1280&u=https%3A%2F%2Fgiuvns.top%2F%231714116572045&tt=Free%20Hajj%20Sponsorship%202024
14.215.183.79200 OK 43 B URL GET HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=2070370420&si=8d809470ffc8bd20b0e6fbe36435c751&v=1.3.0&lv=1&sn=48649&r=0&ww=1280&u=https%3A%2F%2Fgiuvns.top%2F%231714116572045&tt=Free%20Hajj%20Sponsorship%202024
IP 14.215.183.79:443
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=2070370420&si=8d809470ffc8bd20b0e6fbe36435c751&v=1.3.0&lv=1&sn=48649&r=0&ww=1280&u=https%3A%2F%2Fgiuvns.top%2F%231714116572045&tt=Free%20Hajj%20Sponsorship%202024 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://giuvns.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 26 Apr 2024 07:29:34 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=1B39F2FF322D8FAE; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
172.67.150.152200 OK 18 kB URL User Request GET HTTP/2 IP 172.67.150.152:443
Certificate IssuerGoogle Trust Services LLC
Subjectgiuvns.top
FingerprintF8:73:BA:22:29:2A:F1:43:05:1E:33:A3:2F:0B:3C:8A:AA:99:4B:FF
ValidityThu, 29 Feb 2024 12:52:39 GMT - Wed, 29 May 2024 12:52:38 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert OpenPhish phishing Generic/Spear Phishing
GET / HTTP/1.1
Host: giuvns.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 07:29:31 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: loclang=en; expires=Sat, 27-Apr-2024 07:29:31 GMT; Max-Age=86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n8UJQHSsyXOD2GCOTYCfanSU4aFKgibBTnstV%2FUCC5%2BWPB9GPlf9iTAr3WmjeeeAEx%2F%2FbReARtwj9SW4FWdac8AZAIxmwvAxvphBn2NcXyPAJAOBmNqoJ1Y0sw3A"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a4dcbaae1956bf-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
tj.657g.xyz/js/script.js
188.114.97.1200 OK 1.3 kB IP 188.114.97.1:443
Certificate IssuerGoogle Trust Services LLC
Subject657g.xyz
Fingerprint50:D6:E0:11:AD:45:D4:13:FA:D4:11:BC:81:A3:03:88:0B:91:49:F4
ValidityTue, 05 Mar 2024 08:51:58 GMT - Mon, 03 Jun 2024 08:51:57 GMT
File type ASCII text, with very long lines (1384), with no line terminators
Hash 16cfd1982a40489c41a52add24d36b85
344f1896d895c5d0a7c4caecafcf1942603cd026
72073aacecd145e525b16c4c845c07bff5798e813eeed702dff748a18b6186ce
Analyzer Verdict Alert OpenPhish phishing PayPal Inc.
GET /js/script.js HTTP/1.1
Host: tj.657g.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://giuvns.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 07:29:31 GMT
content-type: application/javascript
cf-bgj: minify
expires: Fri, 26 Apr 2024 18:48:21 GMT
vary: Accept-Encoding
x-cache: HIT
access-control-allow-origin: *
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2605
last-modified: Fri, 26 Apr 2024 06:46:06 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=07clvEnROdSn6mjJoGTfpjCWUFT%2BMa3wCK2XhUwX5dvWilW%2BgylzBIgjWUGetk6j%2Fn1nSsAvJGvs7ltnhQ%2BCXX2lLnosb5gbLSp0f2FM6vhdRyxlxlnIhHaVdTMiSA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a4dcbebad0569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
giuvns.top/favicon.ico
172.67.150.152404 Not Found 146 B IP 172.67.150.152:443
Certificate IssuerGoogle Trust Services LLC
Subjectgiuvns.top
FingerprintF8:73:BA:22:29:2A:F1:43:05:1E:33:A3:2F:0B:3C:8A:AA:99:4B:FF
ValidityThu, 29 Feb 2024 12:52:39 GMT - Wed, 29 May 2024 12:52:38 GMT
File type HTML document, ASCII text, with no line terminators
Hash 40b3fc14254227ec5012d996bf90c4e1
b0dd06eb5a779151151101337889ff09953f8ac0
740816c1b61e4a8443c26d30d3eecfea04815fca8cd605a142f9d8a35f86ceca
Analyzer Verdict Alert OpenPhish phishing Generic/Spear Phishing
GET /favicon.ico HTTP/1.1
Host: giuvns.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://giuvns.top/
Cookie: loclang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Fri, 26 Apr 2024 07:29:32 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4nUgzWrMad1i64CrtnoQyc0Owws05p%2F7O3HpcBjWTtioacmwbfdJ2sNJJOSZqLIOeWJH%2BSPJWKP1tSmBYTKnWoKSEgVbVg1BuDUyL%2B00Yh4Afl7eGXuYtIXGgVwx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a4dcc15ffd56bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400