Report - moored-horn-sawfish.glitch.me/#ZmFjZWJvb2tAZ29vZ2xlLmNvbQ==

Report Overview

Submitted URL
moored-horn-sawfish.glitch.me/#ZmFjZWJvb2tAZ29vZ2xlLmNvbQ==
IP
54.234.253.124
ASN
#14618 AMAZON-AES
Submitted
2024-04-19 04:35:41
Access
public
Website Title
Gmail
Final URL
zambezi.top/_newsos_oxy/zone/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Tags
suspicious
urlquery detections
Suspicious - Anti-debugging code

Detections

urlquery
3
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
nftstorage.link	unknown	2022-02-11	2022-02-12	2024-03-21	583 B	379 B	172.64.146.216
somodis.click	unknown	unknown	No data	No data	806 B	4.0 kB	3.133.80.192
zambezi.top	unknown	2024-02-10	2024-02-11	2024-04-17	7.5 kB	208 kB	104.21.75.154
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-04-18	1.0 kB	26 kB	104.17.24.14
moored-horn-sawfish.glitch.me	unknown	unknown	No data	No data	949 B	5.7 kB	54.234.253.124
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-04-18	1.3 kB	204 kB	142.250.74.170
www.google.com	7	1997-09-15	2015-05-10	2024-03-23	1.3 kB	2.5 kB	216.58.211.4
t0.gstatic.com	unknown	2008-02-11	2013-05-06	2024-04-18	1.5 kB	3.8 kB	216.58.211.4
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-18	1.6 kB	61 kB	216.58.207.227
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2024-04-18	2.5 kB	108 kB	104.17.2.184

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (15)

	URL	Size	First Seen	Last Seen
	ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.js	289 kB	2023-03-07	2024-05-02
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:59 Last Seen2024-05-02 07:51:34 Times Seen5809 Hash 2849239b95f5a9a2aea3f6ed9420bb88 af32f706407ab08f800c5e697cce92466e735847 1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239 Loading...

	zambezi.top/_newsos_oxy/zone/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null	556 B	2024-02-29	2024-04-30
Pretty URL zambezi.top/_newsos_oxy/zone/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null IP 104.21.75.154 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-29 04:10:54 Last Seen2024-04-30 03:55:58 Times Seen4 Hash 65c45ca7805f53dc84e5d8a4c53f73e0 a978038e476bc1b2e6ca46720e25ca1f8409b711 d03e3a530d13ce886d4dbb6345d12309feca550d3091c803b9a39f46303cb70f Loading...

	zambezi.top/_newsos_oxy/zone/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null	509 B	2024-02-29	2024-04-30
Pretty URL zambezi.top/_newsos_oxy/zone/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null IP 104.21.75.154 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-29 04:10:54 Last Seen2024-04-30 03:55:58 Times Seen4 Hash f6d26e80e615ea84180a5dd2685cea96 66c060cb45f79491671d60ccfcd50ec12cb3e183 49e363462134b6dead00e976b49b98155393696343e5cad1e6c213be9b28e53c Loading...

	zambezi.top/_newsos_oxy/zone/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null	6.6 kB	2024-02-29	2024-04-30
Pretty URL zambezi.top/_newsos_oxy/zone/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null IP 104.21.75.154 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-29 04:10:54 Last Seen2024-04-30 03:55:58 Times Seen4 Hash e37ac93d2a62947b4d8ce352bd450002 bb8cecfe7bdeca7f75ac6aefaffdd5976b15f587 57fb5e9bf42240255abc489b88aa43349277067b11f3d4802fbf0a8a4ad2d022 Loading...

	zambezi.top/_newsos_oxy/zone/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null	480 B	2024-02-29	2024-04-30
Pretty URL zambezi.top/_newsos_oxy/zone/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null IP 104.21.75.154 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-29 04:10:54 Last Seen2024-04-30 03:55:58 Times Seen4 Hash d66e46f5614bcac41467b113248310bf 4389775d11730c3858e85ea461e0c9759a85cc31 eb892250949c9085d74e8502e20844a2151722923c5881cb09af5222c1060ecb Loading...

	zambezi.top/_newsos_oxy/zone/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null	963 B	2024-02-29	2024-04-30
Pretty URL zambezi.top/_newsos_oxy/zone/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null IP 104.21.75.154 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-29 04:10:54 Last Seen2024-04-30 03:55:58 Times Seen4 Hash 671dfd258385c29b0f6916b9e5f5613f aed2a50da83d6ac76b88ff195b0b83b9b376d50f 6a0e671bb21d6a33ffe88d8ec118a4e1710f78019e990fcf37a104f4a7bdcf74 Loading...

		Size	First Seen	Last Seen
	#1 Eval - cddd900f687708954b4005282cce221f	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 06:35:48 Last Seen2024-04-19 06:35:48 Times Seen1 Hash cddd900f687708954b4005282cce221f 96bb2943dbfeff9ce8a347c0bd263292e62fe209 b32372bba456b84314c1ac1e57de9bde2488772787b3e9dc972f7c51718a265c Loading...

	#2 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07	2024-05-02
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-05-02 13:59:35 Times Seen351111 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#3 Eval - d7e13207a93760b594de140d4961cff8	161 B	2024-04-17	2024-04-19
Pretty Observations First Seen2024-04-17 14:30:15 Last Seen2024-04-19 09:43:07 Times Seen102 Hash d7e13207a93760b594de140d4961cff8 b62363a5d48a4d8c812c41c546852919ffd608bb 30a8a2ad53b8f62af74a96fbda1a34d23391bdcf90e9060af04d31a1834cf7de Loading...

	#4 Eval - f06999c85f7e940a78398b383dc0aa5b	417 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 06:35:48 Last Seen2024-04-19 06:35:48 Times Seen1 Hash f06999c85f7e940a78398b383dc0aa5b 185a931cd396c60d62e22985e35101f78d5cda58 64f979aa01532635430edf302a142f1ddf760c998011f00f8433bbbf72bc59a8 Loading...

	#5 Eval - 9fba386b83419a08ff1faa8007dd23a1	60 B	2024-04-17	2024-04-19
Pretty Observations First Seen2024-04-17 14:11:25 Last Seen2024-04-19 12:29:21 Times Seen535 Hash 9fba386b83419a08ff1faa8007dd23a1 c6148c7d249ddcfe37f49e99ac7cb60fe3bd43f2 a197c137af56d7b49dd589ed67e397152047dea7b7a147b0403d07bd1c6d59ee Loading...

	#6 Eval - 6deb100315fe3b95f88da4e643b0190a	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 06:35:48 Last Seen2024-04-19 06:35:48 Times Seen1 Hash 6deb100315fe3b95f88da4e643b0190a a236c01d3e5923f522e43c4cb8949596a648ea3c 5f391b05092ba9ed1d6fae144cb42da3aa3649e84db3217de2fea6d1060b531c Loading...

	#7 Eval - ef1e370c240b7ede2dd0346dc2638f09	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 06:35:48 Last Seen2024-04-19 06:35:48 Times Seen1 Hash ef1e370c240b7ede2dd0346dc2638f09 58e098fe2088b04c910e2d4d17a9f3070bdbb138 127e1fe3e73e4db575da53e2185369e32c0b31473b6b80a749cd4ae9082f51d2 Loading...

	#8 Eval - bdb86254073cac8153177bc767ccbddb	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 06:35:48 Last Seen2024-04-19 06:35:48 Times Seen1 Hash bdb86254073cac8153177bc767ccbddb fc10b67983d6a39688e7d63d8f7ee573be136842 6685e66feb98e0ca79f2da21f5bdb9e97414952358dacbf6297209894eb52bfb Loading...

	#9 Eval - 301aeb3ecd2980a3e109292dc7fd0b53	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 06:35:48 Last Seen2024-04-19 06:35:48 Times Seen1 Hash 301aeb3ecd2980a3e109292dc7fd0b53 b1c87cf14cc870dbab4e5d9328b38dbf40159235 44fa8616d75d6244e6e1893c364c64a17993e299d75160ca2e7d0f94fdb89559 Loading...

HTTP Transactions (33)

URL IP Response Size

moored-horn-sawfish.glitch.me/

54.234.253.124

1.4 kB

URL
moored-horn-sawfish.glitch.me/
IP
54.234.253.124:0
ASN
#14618 AMAZON-AES

File type
HTML document, ASCII text
Size
1.4 kB (1375 bytes)
Hash
0ab9b4a85a13335a76fa44e1debda4c3
4f286ca452a06a9672da12d1572618bf7f76af0b
705416f21c2b343662726c4cde69158ce42f5ba288ec82348ad73e07e14dbd98

HTTP Headers

GET / HTTP/1.1
Host: moored-horn-sawfish.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 04:35:16 GMT
content-type: text/html; charset=utf-8
content-length: 1375
x-amz-id-2: ZWqTX/Vz0JEa7osehfBVsHYbD3HU8Yp4/GN3VyYA1LZmAzsS1g2zc8BH/q2jtgAe+ofHk6AAXJY=
x-amz-request-id: TPD1G5EWXDV50FM7
last-modified: Thu, 18 Apr 2024 22:48:26 GMT
etag: "0ab9b4a85a13335a76fa44e1debda4c3"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: 9QLxC__lSpqsLs6zVcPKA4YpZV8tQ48T
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

nftstorage.link/ipfs/bafkreigih4xieoadchmrie6bm3cxucthzxm26xdb6cjpkmy6lvqc5mtazm

172.64.146.216

0 B

URL
nftstorage.link/ipfs/bafkreigih4xieoadchmrie6bm3cxucthzxm26xdb6cjpkmy6lvqc5mtazm
IP
172.64.146.216:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ipfs/bafkreigih4xieoadchmrie6bm3cxucthzxm26xdb6cjpkmy6lvqc5mtazm HTTP/1.1
Host: nftstorage.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://moored-horn-sawfish.glitch.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Fri, 19 Apr 2024 04:35:16 GMT
content-length: 0
location: https://bafkreigih4xieoadchmrie6bm3cxucthzxm26xdb6cjpkmy6lvqc5mtazm.ipfs.nftstorage.link/
access-control-allow-origin: *
access-control-expose-headers: Link
server-timing: request;dur=0
vary: Accept-Encoding
server: cloudflare
cf-ray: 876a2fdbcb975695-OSL
X-Firefox-Spdy: h2

moored-horn-sawfish.glitch.me/favicon.ico

54.234.253.124

3.7 kB

URL
moored-horn-sawfish.glitch.me/favicon.ico
IP
54.234.253.124:0
ASN
#14618 AMAZON-AES

File type
HTML document, ASCII text
Size
3.7 kB (3674 bytes)
Hash
ce0366d3c0ef2d5187efc621c5e7fb00
83f60d035e88968d24178360639a8ad6cc08dc26
2784f6ffefbd5fcae302d112e1629907deed1e36f9c2050ea6d7038eec3f649c

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: moored-horn-sawfish.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://moored-horn-sawfish.glitch.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Fri, 19 Apr 2024 04:35:16 GMT
content-length: 3674
cache-control: max-age=0
X-Firefox-Spdy: h2

somodis.click/

3.133.80.192

59 B

URL
somodis.click/
IP
3.133.80.192:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text, with CRLF line terminators
Size
59 B (59 bytes)
Hash
f280f4c1a42e1c453a50a469bf74320f
ac362a3f43dfeff149e70a566322366d0f1e9343
d809eda212f0d0564e78c97d84e6e131776aac276f37f6ae7876b41334bdd481

HTTP Headers

GET / HTTP/1.1
Host: somodis.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 04:35:20 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.30
X-Powered-By: PHP/7.4.30
Connection: keep-alive, Keep-Alive
Content-Length: 59
Keep-Alive: timeout=5, max=100
Content-Type: text/html; charset=UTF-8

somodis.click/control_vyrus/?login=facebook@google.com&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null

3.133.80.192

3.4 kB

URL
somodis.click/control_vyrus/?login=facebook@google.com&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
IP
3.133.80.192:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text, with CRLF line terminators
Size
3.4 kB (3401 bytes)
Hash
d9fa5d68d02c621c81cf744f0c5f13ab
da62e441513ff6f07b319da503e9601333858a9c
894bac113a6728a210d7c3c0ed04493905851d63789d6e4336c070d306003cdd

HTTP Headers

GET /control_vyrus/?login=facebook@google.com&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null HTTP/1.1
Host: somodis.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 04:35:21 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.30
X-Powered-By: PHP/7.4.30
Connection: keep-alive, Keep-Alive
Content-Length: 3401
Keep-Alive: timeout=5, max=100
Content-Type: text/html; charset=UTF-8

challenges.cloudflare.com/turnstile/v0/api.js

104.17.2.184

0 B

URL
challenges.cloudflare.com/turnstile/v0/api.js
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zambezi.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 19 Apr 2024 04:35:22 GMT
content-length: 0
cache-control: max-age=300, public
location: /turnstile/v0/g/54ea73d52131/api.js
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
vary: Accept-Encoding
server: cloudflare
cf-ray: 876a2fff3e3c56aa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js

142.250.74.170

31 kB

URL
ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js
IP
142.250.74.170:0
ASN
#15169 GOOGLE

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (31191 bytes)
Hash
cf2fbbf84281d9ecbffb4993203d543b
832a6a4e86daf38b1975d705c5de5d9e5f5844bc
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

HTTP Headers

GET /ajax/libs/jquery/3.6.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zambezi.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 05:54:13 GMT
expires: Wed, 16 Apr 2025 05:54:13 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 254469
last-modified: Wed, 11 Jan 2023 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

zambezi.top/cdn-cgi/challenge-platform/scripts/jsd/main.js

104.21.75.154

0 B

URL
zambezi.top/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
104.21.75.154:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: zambezi.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Fri, 19 Apr 2024 04:35:22 GMT
content-length: 0
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/54ea73d52131/main.js
cache-control: max-age=300, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n5asuOkC7EgGytP8wIOHkvpHU3Y8DFerEsND16QKllZV88G41IayxtRV%2FNfR%2BHHusu28JAvWKGWZ7L6cZYFh8e7pG82uBzF7b3%2BA1uVywXQpoWhvVqzHAyNm43HXuA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876a30007959b51e-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D

104.17.2.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/ysror/0x4AAAAAAADzWzgyzZH-kqvo/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 19 Apr 2024 04:35:22 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 876a300138d0b521-OSL
alt-svc: h3=":443"; ma=86400

zambezi.top/cdn-cgi/challenge-platform/h/g/jsd/r/876a2ffcca9c5693

104.21.75.154

0 B

URL
zambezi.top/cdn-cgi/challenge-platform/h/g/jsd/r/876a2ffcca9c5693
IP
104.21.75.154:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/jsd/r/876a2ffcca9c5693 HTTP/1.1
Host: zambezi.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12308
Origin: https://zambezi.top
DNT: 1
Connection: keep-alive
Referer: https://zambezi.top/_newsos_oxy/?login=facebook@google.com&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 19 Apr 2024 04:35:22 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=vkV.9g4BV76.IMH.BtSVpUGO8GUAcbcXnbDPjfjNxIE-1713501322-1.0.1.1-XJlzsJ_iIVqsPIqNCKMdrsYN5c9xhkZH7Dk5q7y1rbnzYDA6.gCWAztL7g7.6esmeI3MOBceML7M_yz2VhByeA; path=/; expires=Sat, 19-Apr-25 04:35:22 GMT; domain=.zambezi.top; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F4ws9K6F0xTx%2BB5z3NnP%2FIGGs0sSnkFhSShmSodYbXIVTkikwYj9uZXdx5qMx22CGx5Vo3MZEmfZE0LPpiE1TCkhASHpPDDAiAqYL5aFI5NkBLRFilWsvPi8prZ81g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876a30016a04b51e-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/611217891:1713497412:i7xVlDog918xiKPRWGD7aST7jdceNgTLbac2PhiC8QI/876a3000988cb521/67f80940193e71a

104.17.2.184

105 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/611217891:1713497412:i7xVlDog918xiKPRWGD7aST7jdceNgTLbac2PhiC8QI/876a3000988cb521/67f80940193e71a
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
105 kB (104892 bytes)
Hash
778f5e7f676aee535adf95df0b115799
71cabed19491bc50385bae5b4ec1ffbc10a324ba
2817e349d78795f1ca3bee6e4632c00cc1d15ca4e08fafd117af4e63aada87d5

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/611217891:1713497412:i7xVlDog918xiKPRWGD7aST7jdceNgTLbac2PhiC8QI/876a3000988cb521/67f80940193e71a HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/ysror/0x4AAAAAAADzWzgyzZH-kqvo/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: 67f80940193e71a
Content-Length: 2780
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 19 Apr 2024 04:35:22 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: 7X6z27xJO+zEW5HKXXedBafNnxIKwq24XXSgEID0bo9PwizA7V74JwDrMwyn8k2JHNtjsaVH6ecMJipMAokHvOJf5xCwKv+dqrZ9cqbTDqnqHDmhVTu8HDDqZPJupN63FVSyD6hPE87la+55S0/BbUczTMmLGaM7tdeNuOoHe5vhBi/pcnPjiHZ3nipoHOnjPeEFEx6ImI5u9g4kk58gjo2aefCu78z42+ecl36OOUa4QzDkXTc5mN9FPD1d2bsCuBtq7PwqyOa6i0AwFUp+l89Sag3rUMPuciWly1xlBH67VxeLS+VMrWeQD+r4gHY7M++j/p39q3YUrW37fIlRykSjmwhh1uq/sQo+jhIRFfGnyBw6ksg0XqMi4mhiyQ0jzqSSpO6nnGJEOV0hwL1EU75NRq/VwXAZEPAJMKC0I8wcU3SSwA13y1eqLEd2keFyC3KU8L3jk22JUj2GXyu3VqYdpY30CBr5L2M5SJ21tZmQfaIdQWwb1xc+O+0N404Vxb4C5EODxEoQDIrgec4pL8ez1hjvkU15ee6aq12xU80=$krDYgHCUfO3kX4GpjR3eJA==
vary: accept-encoding
server: cloudflare
cf-ray: 876a3002f9a8b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/876a3000988cb521/1713501322729/e0ad45591e156f04c6bf958ed10816f34e55d24f5af6c7033a40867378176ae0/-slfqlh8sBLxxap

104.17.2.184

1 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/876a3000988cb521/1713501322729/e0ad45591e156f04c6bf958ed10816f34e55d24f5af6c7033a40867378176ae0/-slfqlh8sBLxxap
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/pat/876a3000988cb521/1713501322729/e0ad45591e156f04c6bf958ed10816f34e55d24f5af6c7033a40867378176ae0/-slfqlh8sBLxxap HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/ysror/0x4AAAAAAADzWzgyzZH-kqvo/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 401 Unauthorized
date: Fri, 19 Apr 2024 04:35:23 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20g4K1FWR4VbwTGv5WO0QgW805V0k9a9scDOkCGc3gXauAAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEArny_u1wyrVg8e-Kmwxyfb2WoiwwZ2VR7QAnot_CrcySq56Rui-jZM9090K9_dW6HmpAKhOjYXLCJ7g4U74G4z6SRM_YRj-GLp3EaBxay798DZIeAtv_N7Z9CHI_0VTYiqNXVm2z1bF5VtFasnv3JDaWb4yIjBd8vMfNUM4Y4nXXIeMIyXdVK2hlzVO8VxBkXca7UzhCq51WDKlSYPWUy9ieZTdwNf5Q49DwdF9woTnuKPY26TxVlEHMcf8JJiXLUR2bbdG-Qv1fqbwQloSjintj5uXWLsZd84bMpNedRNJBV22T0PgKNeip6oalvdYbaiHiyDATsKlA6-8KJ-CUQTQIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIOCtRVkeFW8Exr-VjtEIFvNOVdJPWvbHAzpAhnN4F2rgABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1FEYykHcK8H9rb_u0aFz3CmWgYloQw4YhedoEOAjJ0vy2Axa4f9UG9Dzs4uXS34_h8l6MDo2nRCvLI9lvebilMnTjCn-6D77bewqYxJKUFZW1z2jBIdu03TrETczfEg7kxgKtJE9NXGDjYJcF_iMgzgNA0PEAVM89tUYXXlFy4cUAGlqU2mPpIEOxm5ARsXC-zlLK60fkJ4cOsZRkZa6EExdhmgdwQ0fEJuSOHrBO_-zJn4hUP8q9g4yqkxW2UrfJgD07F4HaHGBEiei06sGDvH2NEPvswEl5dTGxutNrxlU7W24iYhNa2nhjlc53nNb0mKtszv-czVE9UhXyJ7-RQIDAQAB", max-age=20
server: cloudflare
cf-ray: 876a300a7e3db521-OSL
alt-svc: h3=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.js

142.250.74.170

200 OK

85 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.js
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://zambezi.top/_newsos_oxy/zone/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
JavaScript source, ASCII text
Size
85 kB (85110 bytes)
Hash
2849239b95f5a9a2aea3f6ed9420bb88
af32f706407ab08f800c5e697cce92466e735847
1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239

HTTP Headers

GET /ajax/libs/jquery/3.6.0/jquery.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zambezi.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 85110
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 23:05:31 GMT
expires: Tue, 15 Apr 2025 23:05:31 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 278993
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/s2/favicons?domain=google.com

216.58.211.4

330 B

URL
www.google.com/s2/favicons?domain=google.com
IP
216.58.211.4:0
ASN
#15169 GOOGLE

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
330 B (330 bytes)
Hash
9342b2252e9d80592e94e450492b2867
c543fd98d0b7e49a860c177e0f50599d939e67b6
dfd65733c0484a8e6e86644b3c1193a10b5b1fdded4dcd92fe4d8ab1b70112d1

HTTP Headers

GET /s2/favicons?domain=google.com HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zambezi.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://google.com&size=16
x-content-type-options: nosniff
server: sffe
content-length: 330
x-xss-protection: 0
date: Fri, 19 Apr 2024 04:17:06 GMT
expires: Fri, 19 Apr 2024 04:47:06 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1099
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/s2/favicons?domain=google.com

216.58.211.4

330 B

URL
www.google.com/s2/favicons?domain=google.com
IP
216.58.211.4:0
ASN
#15169 GOOGLE

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
330 B (330 bytes)
Hash
9342b2252e9d80592e94e450492b2867
c543fd98d0b7e49a860c177e0f50599d939e67b6
dfd65733c0484a8e6e86644b3c1193a10b5b1fdded4dcd92fe4d8ab1b70112d1

HTTP Headers

GET /s2/favicons?domain=google.com HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zambezi.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://google.com&size=16
x-content-type-options: nosniff
server: sffe
content-length: 330
x-xss-protection: 0
date: Fri, 19 Apr 2024 04:17:06 GMT
expires: Fri, 19 Apr 2024 04:47:06 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1099
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/s2/favicons?domain=google.com

216.58.211.4

330 B

URL
www.google.com/s2/favicons?domain=google.com
IP
216.58.211.4:0
ASN
#15169 GOOGLE

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
330 B (330 bytes)
Hash
9342b2252e9d80592e94e450492b2867
c543fd98d0b7e49a860c177e0f50599d939e67b6
dfd65733c0484a8e6e86644b3c1193a10b5b1fdded4dcd92fe4d8ab1b70112d1

HTTP Headers

GET /s2/favicons?domain=google.com HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zambezi.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://google.com&size=16
x-content-type-options: nosniff
server: sffe
content-length: 330
x-xss-protection: 0
date: Fri, 19 Apr 2024 04:17:06 GMT
expires: Fri, 19 Apr 2024 04:47:06 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1099
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://google.com&size=16

216.58.211.4

400 B

URL
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://google.com&size=16
IP
216.58.211.4:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced
Size
400 B (400 bytes)
Hash
ad6a9230add1febf1060c544f9a19690
8bb1f3c585ea9614f10ed239fe59dbc07680c6f3
22e711f0e036325e547946a55cf86f27e601c5192191afba7943dd15de8adc28

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://google.com&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zambezi.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-location: https://www.google.com/images/branding/product/1x/gsa_android_144dp.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 400
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 03:16:36 GMT
expires: Thu, 25 Apr 2024 03:16:36 GMT
cache-control: public, max-age=604800
age: 91129
last-modified: Tue, 17 Mar 2020 17:44:59 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

zambezi.top/_newsos_oxy/functions/spinner.gif

104.21.75.154

46 kB

URL
zambezi.top/_newsos_oxy/functions/spinner.gif
IP
104.21.75.154:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 48 x 48
Size
46 kB (46341 bytes)
Hash
bab0ad7ce20e911217791c00bcd4e35b
0822ac44951def4349090998b9ecb153128f03d5
bd750f550a5db2901c0bd52ec564da6adfbad55562b862b1f125d96d9d62b026

HTTP Headers

GET /_newsos_oxy/functions/spinner.gif HTTP/1.1
Host: zambezi.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zambezi.top/_newsos_oxy/?login=facebook@google.com&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
Cookie: cf_clearance=vkV.9g4BV76.IMH.BtSVpUGO8GUAcbcXnbDPjfjNxIE-1713501322-1.0.1.1-XJlzsJ_iIVqsPIqNCKMdrsYN5c9xhkZH7Dk5q7y1rbnzYDA6.gCWAztL7g7.6esmeI3MOBceML7M_yz2VhByeA; captcha=1; PHPSESSID=qokvruiuf7131o13su59e15kpj
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 19 Apr 2024 04:35:25 GMT
content-type: image/gif
content-length: 46341
last-modified: Wed, 07 Oct 2020 17:45:56 GMT
etag: "b505-5b118499e5d00"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LlUcptLjqwsbFCyv0wD8IhEtDQATdD51ItYPVJLCEEW2iUO86ldlzX%2BMbTmiUbZJuX7WqCUwsX1iPL3Bw3CNDzc%2BTDCSbHzTot6KOHRN8DmjjBogbrYn0KdsM%2BQVVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876a30107be6b51e-OSL
alt-svc: h3=":443"; ma=86400

t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://google.com&size=16

216.58.211.4

400 B

URL
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://google.com&size=16
IP
216.58.211.4:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced
Size
400 B (400 bytes)
Hash
ad6a9230add1febf1060c544f9a19690
8bb1f3c585ea9614f10ed239fe59dbc07680c6f3
22e711f0e036325e547946a55cf86f27e601c5192191afba7943dd15de8adc28

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://google.com&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zambezi.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
content-location: https://www.google.com/images/branding/product/1x/gsa_android_144dp.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 400
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 03:16:36 GMT
expires: Thu, 25 Apr 2024 03:16:36 GMT
cache-control: public, max-age=604800
age: 91129
last-modified: Tue, 17 Mar 2020 17:44:59 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://google.com&size=16

216.58.211.4

400 B

URL
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://google.com&size=16
IP
216.58.211.4:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced
Size
400 B (400 bytes)
Hash
ad6a9230add1febf1060c544f9a19690
8bb1f3c585ea9614f10ed239fe59dbc07680c6f3
22e711f0e036325e547946a55cf86f27e601c5192191afba7943dd15de8adc28

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://google.com&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zambezi.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
content-location: https://www.google.com/images/branding/product/1x/gsa_android_144dp.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 400
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 03:16:36 GMT
expires: Thu, 25 Apr 2024 03:16:36 GMT
cache-control: public, max-age=604800
age: 91129
last-modified: Tue, 17 Mar 2020 17:44:59 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.js

142.250.74.170

200 OK

85 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.js
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://zambezi.top/_newsos_oxy/zone/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
JavaScript source, ASCII text
Size
85 kB (85110 bytes)
Hash
2849239b95f5a9a2aea3f6ed9420bb88
af32f706407ab08f800c5e697cce92466e735847
1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239

HTTP Headers

GET /ajax/libs/jquery/3.6.0/jquery.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zambezi.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 85110
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 23:05:31 GMT
expires: Tue, 15 Apr 2025 23:05:31 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 278995
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css

104.17.24.14

200 OK

10 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zambezi.top/_newsos_oxy/zone/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (58392)
Size
10 kB (10301 bytes)
Hash
76cb46c10b6c0293433b371bae2414b2
0038dc97c79451578b7bd48af60ba62282b4082b
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84

HTTP Headers

GET /ajax/libs/font-awesome/5.13.0/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zambezi.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 04:35:26 GMT
content-type: text/css; charset=utf-8
content-length: 10301
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e60-e4d2"
last-modified: Mon, 04 May 2020 16:10:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3035697
expires: Wed, 09 Apr 2025 04:35:26 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VRnANkEk8R2eAL6lKesjmuYDAWgq0ByaBtnKUsLMhPK%2BPcOQ1fO6XPq2qeLkbsqToHUJFlTwtqDiYAG3hHD4cgsKfJ4cVFz9dkgYKWAKZo89wNdCPHMSpqWp9VBXznm7Z43HWcAf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 876a301d3f4f0b31-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

zambezi.top/_newsos_oxy/zone/de01c1d48db6c321c637457113ed80d5/login_files/unnamed.png

104.21.75.154

200 OK

593 B

URL GET HTTP/3
zambezi.top/_newsos_oxy/zone/de01c1d48db6c321c637457113ed80d5/login_files/unnamed.png
IP
104.21.75.154:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zambezi.top/_newsos_oxy/zone/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Certificate
IssuerGoogle Trust Services LLC
Subjectzambezi.top
FingerprintB1:91:9F:E2:BD:2F:4B:DC:A2:06:93:8E:BA:84:01:E4:B0:D4:55:9C
ValidityMon, 11 Mar 2024 10:01:02 GMT - Sun, 09 Jun 2024 10:01:01 GMT

File type
PNG image data, 128 x 128, 8-bit colormap, non-interlaced
Size
593 B (593 bytes)
Hash
05d5d874ae9330459ea2edf61d780356
4ff030ddbd66b442c9ef28d548a147541f3f93c4
03fdba476bf32618c3a56462d7b8ace915deeb85a16bdc5f84a8abf97dc27ae8

HTTP Headers

GET /_newsos_oxy/zone/de01c1d48db6c321c637457113ed80d5/login_files/unnamed.png HTTP/1.1
Host: zambezi.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zambezi.top/
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=vkV.9g4BV76.IMH.BtSVpUGO8GUAcbcXnbDPjfjNxIE-1713501322-1.0.1.1-XJlzsJ_iIVqsPIqNCKMdrsYN5c9xhkZH7Dk5q7y1rbnzYDA6.gCWAztL7g7.6esmeI3MOBceML7M_yz2VhByeA; captcha=1; PHPSESSID=qokvruiuf7131o13su59e15kpj
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 19 Apr 2024 04:35:27 GMT
content-type: image/png
content-length: 593
last-modified: Sun, 15 Jan 2023 13:19:18 GMT
etag: "251-5f24d50598180"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7qZYASq907P1muD1ANNhO%2BEoOzx3Wykj1fFOVfb9GuW7zt%2Buh5DrKwFc%2Bcv2qykjkpTJoKjW0Zir66oSuymR%2BZOQZhjop3r3YcPteB9Dkw9QAD%2BAc5QI7o8NEoANHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876a301d2baeb51e-OSL
alt-svc: h3=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/webfonts/fa-regular-400.woff2

104.17.24.14

200 OK

14 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/webfonts/fa-regular-400.woff2
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zambezi.top/_newsos_oxy/zone/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 13584, version 331.524
Size
14 kB (13584 bytes)
Hash
c20b5b7362d8d7bb7eddf94344ace33e
260bb01acd44d88dcb7f501a238ab968f86bef9e
6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65

HTTP Headers

GET /ajax/libs/font-awesome/5.13.0/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zambezi.top
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 19 Apr 2024 04:35:27 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 13584
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e60-3510"
last-modified: Mon, 04 May 2020 16:10:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 302095
expires: Wed, 09 Apr 2025 04:35:27 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iQTVza1o0yi%2BevkbsUaTfajdvq9DmaVVlcf6Ea%2BtwVHMj8hFkpkVEyZy0EhNYQKiGHM2G07vYlpswwkM%2FV75j%2F4MeXho2arvTJNLxD9UvW7B%2FkIuiPY8VTlSW1JN%2F2qgirFdyVCU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 876a3022bc290b02-OSL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

216.58.207.227

200 OK

22 kB

URL GET HTTP/2
fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://zambezi.top/_newsos_oxy/zone/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 21464, version 1.0
Size
22 kB (21464 bytes)
Hash
923a543cc619ea568f91b723d9fb1ef0
6f4ade25559645c741d7327c6e16521e43d7e1f9
bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd

HTTP Headers

GET /s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zambezi.top
DNT: 1
Connection: keep-alive
Referer: https://zambezi.top/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21464
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:38:03 GMT
expires: Fri, 18 Apr 2025 02:38:03 GMT
cache-control: public, max-age=31536000
age: 93444
last-modified: Mon, 22 Apr 2019 23:42:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

zambezi.top/_newsos_oxy/zone/de01c1d48db6c321c637457113ed80d5/login_files/gcss.css

104.21.75.154

200 OK

51 kB

URL GET HTTP/3
zambezi.top/_newsos_oxy/zone/de01c1d48db6c321c637457113ed80d5/login_files/gcss.css
IP
104.21.75.154:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zambezi.top/_newsos_oxy/zone/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Certificate
IssuerGoogle Trust Services LLC
Subjectzambezi.top
FingerprintB1:91:9F:E2:BD:2F:4B:DC:A2:06:93:8E:BA:84:01:E4:B0:D4:55:9C
ValidityMon, 11 Mar 2024 10:01:02 GMT - Sun, 09 Jun 2024 10:01:01 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
51 kB (50553 bytes)
Hash
50807450ed3159ca319158c86219cd42
c3950d098c603e34619783d2c41765c3774a8697
3f51d95fb3e28490694cb6898be2e46d0c5a5076eae9d943fb65f26dd1dc2f7f

HTTP Headers

GET /_newsos_oxy/zone/de01c1d48db6c321c637457113ed80d5/login_files/gcss.css HTTP/1.1
Host: zambezi.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zambezi.top/
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=vkV.9g4BV76.IMH.BtSVpUGO8GUAcbcXnbDPjfjNxIE-1713501322-1.0.1.1-XJlzsJ_iIVqsPIqNCKMdrsYN5c9xhkZH7Dk5q7y1rbnzYDA6.gCWAztL7g7.6esmeI3MOBceML7M_yz2VhByeA; captcha=1; PHPSESSID=qokvruiuf7131o13su59e15kpj
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 19 Apr 2024 04:35:27 GMT
content-type: text/css
last-modified: Sun, 15 Jan 2023 13:33:37 GMT
etag: W/"526b2-5f24d838cce40"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xCKC9Rv84EOIziwAxKtZhJaDIPoenEAxmRcVYciEEbEe%2BTuzWLJNpvyaZMtQ69PkyAk9WQtw7iivFrDd07MKwQ16Xp%2FORUY04W%2BLMVjQGFw%2BS5yS8kzThOP1L2GVRA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876a301d0ba0b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

216.58.207.227

200 OK

22 kB

URL GET HTTP/2
fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://zambezi.top/_newsos_oxy/zone/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 21700, version 1.0
Size
22 kB (21700 bytes)
Hash
7d75a9eb3b38b5dd04b8a7ce4f1b87cc
68f598c84936c9720c5ffd6685294f5c94000dff
6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7

HTTP Headers

GET /s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zambezi.top
DNT: 1
Connection: keep-alive
Referer: https://zambezi.top/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21700
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 03:15:25 GMT
expires: Wed, 16 Apr 2025 03:15:25 GMT
cache-control: public, max-age=31536000
age: 264002
last-modified: Mon, 22 Apr 2019 23:43:33 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

zambezi.top/_newsos_oxy/zone/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null

104.21.75.154

200 OK

40 kB

URL User Request GET HTTP/3
zambezi.top/_newsos_oxy/zone/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
IP
104.21.75.154:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectzambezi.top
FingerprintB1:91:9F:E2:BD:2F:4B:DC:A2:06:93:8E:BA:84:01:E4:B0:D4:55:9C
ValidityMon, 11 Mar 2024 10:01:02 GMT - Sun, 09 Jun 2024 10:01:01 GMT

File type

Size
40 kB (39763 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - Anti-debugging code

HTTP Headers

GET /_newsos_oxy/zone/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null HTTP/1.1
Host: zambezi.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zambezi.top/_newsos_oxy/zone/de01c1d48db6c321c637457113ed80d5/index.php?login=ZmFjZWJvb2tAZ29vZ2xlLmNvbQ==&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Cookie: cf_clearance=vkV.9g4BV76.IMH.BtSVpUGO8GUAcbcXnbDPjfjNxIE-1713501322-1.0.1.1-XJlzsJ_iIVqsPIqNCKMdrsYN5c9xhkZH7Dk5q7y1rbnzYDA6.gCWAztL7g7.6esmeI3MOBceML7M_yz2VhByeA; captcha=1; PHPSESSID=qokvruiuf7131o13su59e15kpj
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 19 Apr 2024 04:35:26 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.30
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=roe%2FBrVcvH0KkgN8fIrVMUo10IXi54DOvyURzD7udZmYOMKQ%2BajPlsvpFwwxwFq%2BVel%2BhFA8JXA21uFkp393MZMasjnVm2hzL%2BIEWWJfrxMgelxk%2BykhVN0fWhRgWw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876a301beae4b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

zambezi.top/_newsos_oxy/zone/de01c1d48db6c321c637457113ed80d5/login_files/gcss3.css

104.21.75.154

200 OK

40 kB

URL GET HTTP/3
zambezi.top/_newsos_oxy/zone/de01c1d48db6c321c637457113ed80d5/login_files/gcss3.css
IP
104.21.75.154:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zambezi.top/_newsos_oxy/zone/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Certificate
IssuerGoogle Trust Services LLC
Subjectzambezi.top
FingerprintB1:91:9F:E2:BD:2F:4B:DC:A2:06:93:8E:BA:84:01:E4:B0:D4:55:9C
ValidityMon, 11 Mar 2024 10:01:02 GMT - Sun, 09 Jun 2024 10:01:01 GMT

File type
ASCII text, with very long lines (39464), with no line terminators
Size
40 kB (39464 bytes)
Hash
e74979dc37f37c1b319b4371d8fd6d52
c7e4f35c3aa8719bbdb77a20b68b39b0621a39af
726b54d9fce44442579ac916092de54f3a0e4bdd26f3eda35486fdaba4b53afb

HTTP Headers

GET /_newsos_oxy/zone/de01c1d48db6c321c637457113ed80d5/login_files/gcss3.css HTTP/1.1
Host: zambezi.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zambezi.top/
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=vkV.9g4BV76.IMH.BtSVpUGO8GUAcbcXnbDPjfjNxIE-1713501322-1.0.1.1-XJlzsJ_iIVqsPIqNCKMdrsYN5c9xhkZH7Dk5q7y1rbnzYDA6.gCWAztL7g7.6esmeI3MOBceML7M_yz2VhByeA; captcha=1; PHPSESSID=qokvruiuf7131o13su59e15kpj
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 19 Apr 2024 04:35:27 GMT
content-type: text/css
last-modified: Sun, 15 Jan 2023 14:45:46 GMT
etag: W/"9a28-5f24e85941a80"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yxGUh7%2Fj4%2FGqcngPYnb1EFwLW9sKxT0so9Bfmd8A0gppUbhq0muIAvrXzj51w4bJeSgQIcrnfq6oseN10IK4v52%2BF%2Fkzy1v%2FTL21s5Bb7OQc4L%2FJXrSpBiC5i8dOUA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876a301d0ba2b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

zambezi.top/favicon.ico

104.21.75.154

404 Not Found

298 B

URL GET HTTP/3
zambezi.top/favicon.ico
IP
104.21.75.154:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zambezi.top/_newsos_oxy/zone/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Certificate
IssuerGoogle Trust Services LLC
Subjectzambezi.top
FingerprintB1:91:9F:E2:BD:2F:4B:DC:A2:06:93:8E:BA:84:01:E4:B0:D4:55:9C
ValidityMon, 11 Mar 2024 10:01:02 GMT - Sun, 09 Jun 2024 10:01:01 GMT

File type
HTML document, ASCII text, with very long lines (309), with no line terminators
Size
298 B (298 bytes)
Hash
10053380ab2f9990afa6129a76f6b316
e291195daf72d476cabd7d450b47084ee167b00e
fadc3bfbf69d371541e6826f09951a37fe3a902ab9c5f08ac40e29320289385d

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: zambezi.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zambezi.top/
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=vkV.9g4BV76.IMH.BtSVpUGO8GUAcbcXnbDPjfjNxIE-1713501322-1.0.1.1-XJlzsJ_iIVqsPIqNCKMdrsYN5c9xhkZH7Dk5q7y1rbnzYDA6.gCWAztL7g7.6esmeI3MOBceML7M_yz2VhByeA; captcha=1; PHPSESSID=qokvruiuf7131o13su59e15kpj
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Fri, 19 Apr 2024 04:35:27 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: HIT
age: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3TZb7kmqBkyseNOwC1miuxG3%2FbtHAw7JAlHPT1pB0aqjapWkE%2FXgQwuBwK0cDE9vd5SQtfgXfPShaseW9t9IvqwRFxDCwkZU9Arj%2FmOSebHQqye0cztNjp7HJmmUlw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876a3023df86b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

zambezi.top/_newsos_oxy/zone/de01c1d48db6c321c637457113ed80d5/index.php?login=ZmFjZWJvb2tAZ29vZ2xlLmNvbQ==&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null

104.21.75.154

200 OK

2.5 kB

URL User Request GET HTTP/3
zambezi.top/_newsos_oxy/zone/de01c1d48db6c321c637457113ed80d5/index.php?login=ZmFjZWJvb2tAZ29vZ2xlLmNvbQ==&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
IP
104.21.75.154:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectzambezi.top
FingerprintB1:91:9F:E2:BD:2F:4B:DC:A2:06:93:8E:BA:84:01:E4:B0:D4:55:9C
ValidityMon, 11 Mar 2024 10:01:02 GMT - Sun, 09 Jun 2024 10:01:01 GMT

File type
JavaScript source, ASCII text, with very long lines (2779), with no line terminators
Size
2.5 kB (2477 bytes)
Hash
c04d7e21e8ba6d1ee20240f8b6fe90b7
49be3d0511a7836b3a8de3c74cb571968041be76
d621e24ee5602f7f3b5f25a04619e7f84ec9331c0db66121cf6e14571486b9f9

HTTP Headers

GET /_newsos_oxy/zone/de01c1d48db6c321c637457113ed80d5/index.php?login=ZmFjZWJvb2tAZ29vZ2xlLmNvbQ==&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null HTTP/1.1
Host: zambezi.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zambezi.top/_newsos_oxy/?login=facebook@google.com&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=null
Cookie: cf_clearance=vkV.9g4BV76.IMH.BtSVpUGO8GUAcbcXnbDPjfjNxIE-1713501322-1.0.1.1-XJlzsJ_iIVqsPIqNCKMdrsYN5c9xhkZH7Dk5q7y1rbnzYDA6.gCWAztL7g7.6esmeI3MOBceML7M_yz2VhByeA; captcha=1; PHPSESSID=qokvruiuf7131o13su59e15kpj
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 19 Apr 2024 04:35:26 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.30
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=COSrx37qi%2FPYfhcbfRKUjUan0THTJYXt99rFnfel9syjbt05FBo3WbQSKIwVVn42c85x%2BbBe%2B7bM91aKozEtIVTzdZwPd62NagvkOy1RtH0akzxFBKGY1jbyEzlZ%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876a301ada1eb51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://zambezi.top/_newsos_oxy/zone/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zambezi.top
DNT: 1
Connection: keep-alive
Referer: https://zambezi.top/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:43:03 GMT
expires: Fri, 18 Apr 2025 02:43:03 GMT
cache-control: public, max-age=31536000
age: 93144
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

zambezi.top/_newsos_oxy/zone/de01c1d48db6c321c637457113ed80d5/login_files/gcss2.css

104.21.75.154

200 OK

22 kB

URL GET HTTP/3
zambezi.top/_newsos_oxy/zone/de01c1d48db6c321c637457113ed80d5/login_files/gcss2.css
IP
104.21.75.154:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zambezi.top/_newsos_oxy/zone/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null
Certificate
IssuerGoogle Trust Services LLC
Subjectzambezi.top
FingerprintB1:91:9F:E2:BD:2F:4B:DC:A2:06:93:8E:BA:84:01:E4:B0:D4:55:9C
ValidityMon, 11 Mar 2024 10:01:02 GMT - Sun, 09 Jun 2024 10:01:01 GMT

File type
ASCII text, with very long lines (10938), with CRLF line terminators
Size
22 kB (21880 bytes)
Hash
97053076bd28694bf51a024325e6e1a3
fe34bbace3b586b00962cb8312c825dd9d46b1df
1d01183202d53a2fdc646e8c5dd75ee52fedfad6dd344b20ec3914271ae60597

HTTP Headers

GET /_newsos_oxy/zone/de01c1d48db6c321c637457113ed80d5/login_files/gcss2.css HTTP/1.1
Host: zambezi.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zambezi.top/
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=vkV.9g4BV76.IMH.BtSVpUGO8GUAcbcXnbDPjfjNxIE-1713501322-1.0.1.1-XJlzsJ_iIVqsPIqNCKMdrsYN5c9xhkZH7Dk5q7y1rbnzYDA6.gCWAztL7g7.6esmeI3MOBceML7M_yz2VhByeA; captcha=1; PHPSESSID=qokvruiuf7131o13su59e15kpj
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 19 Apr 2024 04:35:27 GMT
content-type: text/css
last-modified: Sun, 15 Jan 2023 13:35:37 GMT
etag: W/"5578-5f24d8ab3dc40"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sjz841UkEvul3qTJWh93TEs2np99pU6RsRFRD6clEffn4tIABTVPJ8enNg6JqPGijAhQp19ZrqkZUTnhA7uYvxhhFzis7I9MLgUopIX2tbQRmvCYg4Piu%2BAVM8IFMA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876a301d0ba1b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash