Report - nftstorage.link/ipfs/bafkreicttsttm5orbqigi6lx6kbjcrc5rixitb5mcgdvnff5qlhlcomu24?login=ZmFjZWJvb2tAZ29vZ2xlLmNvbQ====&pcnt=2&vcnt=2

Report Overview

Submitted URL
nftstorage.link/ipfs/bafkreicttsttm5orbqigi6lx6kbjcrc5rixitb5mcgdvnff5qlhlcomu24?login=ZmFjZWJvb2tAZ29vZ2xlLmNvbQ====&pcnt=2&vcnt=2
IP
172.64.146.216
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-19 01:46:29
Access
public
Website Title
Gmail
Final URL
atlantos.top/_cloudseven_meta/zure/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=2&no_psplash=null&pmax=null
Tags
suspicious
urlquery detections
Suspicious - Anti-debugging code

Detections

urlquery
3
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2024-04-18	3.1 kB	91 kB	104.17.2.184
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-04-18	1.3 kB	204 kB	142.250.74.74
www.google.com	7	1997-09-15	2015-05-10	2024-03-23	872 B	1.6 kB	142.250.74.164
t3.gstatic.com	unknown	2008-02-11	2013-05-06	2024-04-18	1.5 kB	3.8 kB	142.250.74.100
wakandos.top	unknown	2024-01-12	2024-01-12	2024-03-22	508 B	14 kB	104.21.17.82
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-18	1.5 kB	61 kB	216.58.207.227
webso.click	unknown	unknown	No data	No data	1.3 kB	4.5 kB	13.53.213.162
bafkreicttsttm5orbqigi6lx6kbjcrc5rixitb5mcgdvnff5qlhlcomu24.ipfs.nftstorage.link	unknown	unknown	No data	No data	586 B	3.0 kB	172.64.146.216
atlantos.top	unknown	2024-02-02	2024-02-29	2024-04-18	9.5 kB	539 kB	172.67.191.184
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-04-18	991 B	26 kB	104.17.25.14
nftstorage.link	unknown	2022-02-11	2022-02-12	2024-03-21	585 B	430 B	172.64.146.216

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (13)

	URL	Size	First Seen	Last Seen
	atlantos.top/_cloudseven_meta/zure/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=2&no_psplash=null&pmax=null	556 B	2024-02-29	2024-04-30
Pretty URL atlantos.top/_cloudseven_meta/zure/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=2&no_psplash=null&pmax=null IP 172.67.191.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-29 04:10:54 Last Seen2024-04-30 03:55:58 Times Seen4 Hash 65c45ca7805f53dc84e5d8a4c53f73e0 a978038e476bc1b2e6ca46720e25ca1f8409b711 d03e3a530d13ce886d4dbb6345d12309feca550d3091c803b9a39f46303cb70f Loading...

	atlantos.top/_cloudseven_meta/zure/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=2&no_psplash=null&pmax=null	509 B	2024-02-29	2024-04-30
Pretty URL atlantos.top/_cloudseven_meta/zure/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=2&no_psplash=null&pmax=null IP 172.67.191.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-29 04:10:54 Last Seen2024-04-30 03:55:58 Times Seen4 Hash f6d26e80e615ea84180a5dd2685cea96 66c060cb45f79491671d60ccfcd50ec12cb3e183 49e363462134b6dead00e976b49b98155393696343e5cad1e6c213be9b28e53c Loading...

	atlantos.top/_cloudseven_meta/zure/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=2&no_psplash=null&pmax=null	6.6 kB	2024-02-29	2024-04-30
Pretty URL atlantos.top/_cloudseven_meta/zure/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=2&no_psplash=null&pmax=null IP 172.67.191.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-29 04:10:54 Last Seen2024-04-30 03:55:58 Times Seen4 Hash e37ac93d2a62947b4d8ce352bd450002 bb8cecfe7bdeca7f75ac6aefaffdd5976b15f587 57fb5e9bf42240255abc489b88aa43349277067b11f3d4802fbf0a8a4ad2d022 Loading...

	atlantos.top/_cloudseven_meta/zure/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=2&no_psplash=null&pmax=null	480 B	2024-02-29	2024-04-30
Pretty URL atlantos.top/_cloudseven_meta/zure/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=2&no_psplash=null&pmax=null IP 172.67.191.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-29 04:10:54 Last Seen2024-04-30 03:55:58 Times Seen4 Hash d66e46f5614bcac41467b113248310bf 4389775d11730c3858e85ea461e0c9759a85cc31 eb892250949c9085d74e8502e20844a2151722923c5881cb09af5222c1060ecb Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.js	289 kB	2023-03-07	2024-05-02
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.js IP 142.250.74.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:59 Last Seen2024-05-02 05:23:45 Times Seen5807 Hash 2849239b95f5a9a2aea3f6ed9420bb88 af32f706407ab08f800c5e697cce92466e735847 1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239 Loading...

	atlantos.top/_cloudseven_meta/zure/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=2&no_psplash=null&pmax=null	963 B	2024-02-29	2024-04-30
Pretty URL atlantos.top/_cloudseven_meta/zure/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=2&no_psplash=null&pmax=null IP 172.67.191.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-29 04:10:54 Last Seen2024-04-30 03:55:58 Times Seen4 Hash 671dfd258385c29b0f6916b9e5f5613f aed2a50da83d6ac76b88ff195b0b83b9b376d50f 6a0e671bb21d6a33ffe88d8ec118a4e1710f78019e990fcf37a104f4a7bdcf74 Loading...

		Size	First Seen	Last Seen
	#1 Eval - d2342682ee49a486b010ccd670d6ea18	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 03:46:36 Last Seen2024-04-19 03:46:36 Times Seen1 Hash d2342682ee49a486b010ccd670d6ea18 b9fa0803a499e2b5024f43fb7d1939bdfedfc4db 1b5b6186ae1e59a38445d1e696b569c788252c43c4c307f0e02b1d3620a19293 Loading...

	#2 Eval - f0dc45eb4903483d5b6a5e745b4630f7	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 03:46:36 Last Seen2024-04-19 03:46:36 Times Seen1 Hash f0dc45eb4903483d5b6a5e745b4630f7 e44a11bc908ae054e818a2bbb33e6936731f0ba5 3edea98e207a54d8162adbd288cf9615c440c90000a0bf1d9ce4a2155f76f7ab Loading...

	#3 Eval - f9d62ba5b3f1177e94564a1f00986f0b	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 03:46:36 Last Seen2024-04-19 03:46:36 Times Seen1 Hash f9d62ba5b3f1177e94564a1f00986f0b c1d7f7a4078c99120520cb55f1a42c1a9d91b7bf 9008a34f97bd0d10adafff9db3e7d6d7ba1e1b4f1c63895ecbf79bbffd36aa33 Loading...

	#4 Eval - 9fba386b83419a08ff1faa8007dd23a1	60 B	2024-04-17	2024-04-19
Pretty Observations First Seen2024-04-17 14:11:25 Last Seen2024-04-19 12:29:21 Times Seen535 Hash 9fba386b83419a08ff1faa8007dd23a1 c6148c7d249ddcfe37f49e99ac7cb60fe3bd43f2 a197c137af56d7b49dd589ed67e397152047dea7b7a147b0403d07bd1c6d59ee Loading...

	#5 Eval - f6e5e8b05f66d6027ad6a8087059214c	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 03:46:36 Last Seen2024-04-19 03:46:36 Times Seen1 Hash f6e5e8b05f66d6027ad6a8087059214c a58da8c94e9d04b97ce5e8deacdb4869110723bb 4b7f0be108788dad99c86f88e3aa5bc6ceb94411672d46e13f3c7cc3b433822e Loading...

	#6 Eval - 7229f0b9aaca741b338daaa7baf62211	28 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 03:46:36 Last Seen2024-04-19 03:46:36 Times Seen1 Hash 7229f0b9aaca741b338daaa7baf62211 c91dcda5bdaf3e713c55159387914aca79258c62 bbe1e24ea2239c95f518353343a5c8076d844a145083bf94491d5f300e17fe27 Loading...

	#7 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07	2024-05-02
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-05-02 05:43:03 Times Seen351070 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

HTTP Transactions (36)

URL IP Response Size

nftstorage.link/ipfs/bafkreicttsttm5orbqigi6lx6kbjcrc5rixitb5mcgdvnff5qlhlcomu24?login=ZmFjZWJvb2tAZ29vZ2xlLmNvbQ====&pcnt=2&vcnt=2

172.64.146.216

0 B

URL
nftstorage.link/ipfs/bafkreicttsttm5orbqigi6lx6kbjcrc5rixitb5mcgdvnff5qlhlcomu24?login=ZmFjZWJvb2tAZ29vZ2xlLmNvbQ====&pcnt=2&vcnt=2
IP
172.64.146.216:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ipfs/bafkreicttsttm5orbqigi6lx6kbjcrc5rixitb5mcgdvnff5qlhlcomu24?login=ZmFjZWJvb2tAZ29vZ2xlLmNvbQ====&pcnt=2&vcnt=2 HTTP/1.1
Host: nftstorage.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Fri, 19 Apr 2024 01:46:02 GMT
content-length: 0
location: https://bafkreicttsttm5orbqigi6lx6kbjcrc5rixitb5mcgdvnff5qlhlcomu24.ipfs.nftstorage.link/?login=ZmFjZWJvb2tAZ29vZ2xlLmNvbQ====&pcnt=2&vcnt=2
access-control-allow-origin: *
access-control-expose-headers: Link
server-timing: request;dur=0
vary: Accept-Encoding
server: cloudflare
cf-ray: 876937f63fad5696-OSL
X-Firefox-Spdy: h2

bafkreicttsttm5orbqigi6lx6kbjcrc5rixitb5mcgdvnff5qlhlcomu24.ipfs.nftstorage.link/?login=ZmFjZWJvb2tAZ29vZ2xlLmNvbQ====&pcnt=2&vcnt=2

172.64.146.216

1.7 kB

URL
bafkreicttsttm5orbqigi6lx6kbjcrc5rixitb5mcgdvnff5qlhlcomu24.ipfs.nftstorage.link/?login=ZmFjZWJvb2tAZ29vZ2xlLmNvbQ====&pcnt=2&vcnt=2
IP
172.64.146.216:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with CRLF line terminators
Size
1.7 kB (1672 bytes)
Hash
68e7adf5236f5a012d429294a5d98360
c479b95dd0f7b6e246de855d90c3cd53fcc46db1
539ca73675d10c10647977f28291445d8a2e8987ac11875694bd82ceb13994d7

HTTP Headers

GET /?login=ZmFjZWJvb2tAZ29vZ2xlLmNvbQ====&pcnt=2&vcnt=2 HTTP/1.1
Host: bafkreicttsttm5orbqigi6lx6kbjcrc5rixitb5mcgdvnff5qlhlcomu24.ipfs.nftstorage.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 01:46:03 GMT
content-type: text/html; charset=ISO-8859-1
cf-ray: 876937f6d89556c5-OSL
access-control-allow-origin: *
cache-control: public, max-age=29030400, immutable
etag: W/"bafkreicttsttm5orbqigi6lx6kbjcrc5rixitb5mcgdvnff5qlhlcomu24"
vary: Accept-Encoding
access-control-allow-methods: GET
access-control-expose-headers: Link
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: https://*.w3s.link https://*.nftstorage.link https://*.dweb.link https://ipfs.io/ipfs/ https://*.githubusercontent.com https://polygon-rpc.com https://rpc.testnet.fantom.network ; form-action 'self'; navigate-to 'self'; connect-src 'self' blob: data: https://*.w3s.link https://*.nftstorage.link https://*.dweb.link https://ipfs.io/ipfs/ https://*.githubusercontent.com https://polygon-rpc.com https://rpc.testnet.fantom.network ; report-to csp-endpoint ; report-uri https://csp-report-to.web3.storage
reporting-endpoints: csp-endpoint="https://csp-report-to.web3.storage"
server-timing: request;dur=833
x-dotstorage-anchor: ccf7071397eb5af1368580d4feb52c5e4644887e56cf2a89deb53133abb59570
x-dotstorage-resolution-id: https://freeway.dag.haus
x-dotstorage-resolution-layer: dotstorage-race
x-freeway-version: 2.15.0
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

webso.click/

13.53.213.162

59 B

URL
webso.click/
IP
13.53.213.162:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text, with CRLF line terminators
Size
59 B (59 bytes)
Hash
f280f4c1a42e1c453a50a469bf74320f
ac362a3f43dfeff149e70a566322366d0f1e9343
d809eda212f0d0564e78c97d84e6e131776aac276f37f6ae7876b41334bdd481

HTTP Headers

GET / HTTP/1.1
Host: webso.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 01:46:06 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.30
X-Powered-By: PHP/7.4.30
Connection: keep-alive, Keep-Alive
Content-Length: 59
Keep-Alive: timeout=5, max=100
Content-Type: text/html; charset=UTF-8

webso.click/control_xxxzone/?login=ZmFjZWJvb2tAZ29vZ2xlLmNvbQ====&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=2&no_psplash=null&pmax=null&vcnt=2&use_cdtimr=null

13.53.213.162

3.4 kB

URL
webso.click/control_xxxzone/?login=ZmFjZWJvb2tAZ29vZ2xlLmNvbQ====&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=2&no_psplash=null&pmax=null&vcnt=2&use_cdtimr=null
IP
13.53.213.162:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text, with CRLF line terminators
Size
3.4 kB (3407 bytes)
Hash
19ec2d5ca3771616c893e3f5d1b04b6f
0660aadfaee08af8da3dbdd2f4d61a2d722bc4c8
c23354c8f08787e466942ad538ae6eec002a9cb3156d7a7375dceb16bfc46851

HTTP Headers

GET /control_xxxzone/?login=ZmFjZWJvb2tAZ29vZ2xlLmNvbQ====&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=2&no_psplash=null&pmax=null&vcnt=2&use_cdtimr=null HTTP/1.1
Host: webso.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 01:46:06 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.30
X-Powered-By: PHP/7.4.30
Connection: keep-alive, Keep-Alive
Content-Length: 3407
Keep-Alive: timeout=5, max=100
Content-Type: text/html; charset=UTF-8

webso.click/favicon.ico

13.53.213.162

298 B

URL
webso.click/favicon.ico
IP
13.53.213.162:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text
Size
298 B (298 bytes)
Hash
019d8a1e006a1153ad7e90238f100cda
0328cee280d5ec6f3ca9ff4e42b24e47ea0b7096
d18b8938bba111d23e66810f4ace8645ea4567f3561f8d5ad1e731f1b6aff4be

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: webso.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://webso.click/control_xxxzone/?login=ZmFjZWJvb2tAZ29vZ2xlLmNvbQ====&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=2&no_psplash=null&pmax=null&vcnt=2&use_cdtimr=null
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Fri, 19 Apr 2024 01:46:07 GMT
Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1p PHP/7.4.30
Content-Length: 298
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

challenges.cloudflare.com/turnstile/v0/api.js

104.17.2.184

0 B

URL
challenges.cloudflare.com/turnstile/v0/api.js
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://atlantos.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 19 Apr 2024 01:46:07 GMT
content-length: 0
cache-control: max-age=300, public
location: /turnstile/v0/g/54ea73d52131/api.js
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 87693817ecf8b51e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js

142.250.74.74

31 kB

URL
ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (31191 bytes)
Hash
cf2fbbf84281d9ecbffb4993203d543b
832a6a4e86daf38b1975d705c5de5d9e5f5844bc
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

HTTP Headers

GET /ajax/libs/jquery/3.6.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://atlantos.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 23:06:59 GMT
expires: Tue, 15 Apr 2025 23:06:59 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 268749
last-modified: Wed, 11 Jan 2023 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D

104.17.2.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/rh4lc/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 19 Apr 2024 01:46:08 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 8769381a4e6d56a5-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/87693819be3e56a5/1713491168677/c73d1384c2eb58543441b098f7551aec665741a972364854c8375c9c3765d0d9/Oi9jCkmJdtyepaB

104.17.2.184

1 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/87693819be3e56a5/1713491168677/c73d1384c2eb58543441b098f7551aec665741a972364854c8375c9c3765d0d9/Oi9jCkmJdtyepaB
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/pat/87693819be3e56a5/1713491168677/c73d1384c2eb58543441b098f7551aec665741a972364854c8375c9c3765d0d9/Oi9jCkmJdtyepaB HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/rh4lc/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 401 Unauthorized
date: Fri, 19 Apr 2024 01:46:09 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gxz0ThMLrWFQ0QbCY91Ua7GZXQalyNkhUyDdcnDdl0NkAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEArny_u1wyrVg8e-Kmwxyfb2WoiwwZ2VR7QAnot_CrcySq56Rui-jZM9090K9_dW6HmpAKhOjYXLCJ7g4U74G4z6SRM_YRj-GLp3EaBxay798DZIeAtv_N7Z9CHI_0VTYiqNXVm2z1bF5VtFasnv3JDaWb4yIjBd8vMfNUM4Y4nXXIeMIyXdVK2hlzVO8VxBkXca7UzhCq51WDKlSYPWUy9ieZTdwNf5Q49DwdF9woTnuKPY26TxVlEHMcf8JJiXLUR2bbdG-Qv1fqbwQloSjintj5uXWLsZd84bMpNedRNJBV22T0PgKNeip6oalvdYbaiHiyDATsKlA6-8KJ-CUQTQIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIMc9E4TC61hUNEGwmPdVGuxmV0GpcjZIVMg3XJw3ZdDZABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA1FEYykHcK8H9rb_u0aFz3CmWgYloQw4YhedoEOAjJ0vy2Axa4f9UG9Dzs4uXS34_h8l6MDo2nRCvLI9lvebilMnTjCn-6D77bewqYxJKUFZW1z2jBIdu03TrETczfEg7kxgKtJE9NXGDjYJcF_iMgzgNA0PEAVM89tUYXXlFy4cUAGlqU2mPpIEOxm5ARsXC-zlLK60fkJ4cOsZRkZa6EExdhmgdwQ0fEJuSOHrBO_-zJn4hUP8q9g4yqkxW2UrfJgD07F4HaHGBEiei06sGDvH2NEPvswEl5dTGxutNrxlU7W24iYhNa2nhjlc53nNb0mKtszv-czVE9UhXyJ7-RQIDAQAB", max-age=20
server: cloudflare
cf-ray: 8769381ecfcc56a5-OSL
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/87693819be3e56a5/1713491168678/02ta-Wgcz3Cz0JQ

104.17.2.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/87693819be3e56a5/1713491168678/02ta-Wgcz3Cz0JQ
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 61 x 64, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
1979ae968be60ceca7e7022fbd1379d4
1db9455ba63ca79b4fc355180b9431c181e92180
f1ef14299a3f4c7959602533ff383739d3e1726ffd7dd9201ad73d60c6f7011b

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/i/87693819be3e56a5/1713491168678/02ta-Wgcz3Cz0JQ HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/rh4lc/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 19 Apr 2024 01:46:09 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 87693823a9a556a5-OSL
alt-svc: h3=":443"; ma=86400

atlantos.top/cdn-cgi/challenge-platform/h/g/rc/87693819be3e56a5

172.67.191.184

21 B

URL
atlantos.top/cdn-cgi/challenge-platform/h/g/rc/87693819be3e56a5
IP
172.67.191.184:0
ASN
#13335 CLOUDFLARENET

File type
JSON text data
Size
21 B (21 bytes)
Hash
018598ff9794435b440d1bbf293cc10f
9129b0ca1a4febdf97636946a1fe7be8abf11890
898a24300baa285e173627eb7801c18db52748bb2119f56a71dcce0a5f8c8063

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/rc/87693819be3e56a5 HTTP/1.1
Host: atlantos.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://atlantos.top/_cloudseven_meta/?login=ZmFjZWJvb2tAZ29vZ2xlLmNvbQ====&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=2&no_psplash=null&pmax=null&vcnt=2&use_cdtimr=null
Content-Type: application/json
Content-Length: 596
Origin: https://atlantos.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 19 Apr 2024 01:46:10 GMT
content-type: application/json
content-length: 21
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
set-cookie: cf_clearance=fMCO.EeBnHke7AWoBUnn88d4aPvvIJigbOEVRoPFnCg-1713491170-1.0.1.1-RwCWu6A5d_4.ELGuBwKKa5qFciONDXlk3VF7uQFZ2ve4_XZcVBpVwa91et53zbPrX.EnS2Kc9CvNL.Kr2oSYKw; path=/; expires=Sat, 19-Apr-25 01:46:10 GMT; domain=.atlantos.top; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fm9hByFRp%2B3YNxk753vsq7gCXfMN5rUJCFbq4huslmpFMtNE0%2FNjGUH4HZHl9xDpQyzIbS4WrlxAZDbhMHObQWFGAS0KB2UO4Dzwx8B8vZAN8WtRhyEb8lPwJKJywHo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87693826d9d91c0e-OSL
alt-svc: h3=":443"; ma=86400

atlantos.top/_cloudseven_meta/?login=ZmFjZWJvb2tAZ29vZ2xlLmNvbQ====&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=2&no_psplash=null&pmax=null&vcnt=2&use_cdtimr=null

172.67.191.184

7.9 kB

URL
atlantos.top/_cloudseven_meta/?login=ZmFjZWJvb2tAZ29vZ2xlLmNvbQ====&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=2&no_psplash=null&pmax=null&vcnt=2&use_cdtimr=null
IP
172.67.191.184:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (729), with no line terminators
Size
7.9 kB (7850 bytes)
Hash
38284349c7e45876dd1e507faf539629
ae1fdcac1811b433754fd7684d2d9981f13f2826
59e7cbc4e743db72cf74522cdc4e49b788cb832b698246115e5b539e105b62bb

HTTP Headers

GET /_cloudseven_meta/?login=ZmFjZWJvb2tAZ29vZ2xlLmNvbQ====&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=2&no_psplash=null&pmax=null&vcnt=2&use_cdtimr=null HTTP/1.1
Host: atlantos.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://webso.click/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Fri, 19 Apr 2024 01:46:07 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0K%2B0RwrayyJXwVR%2FEmlmyQ9PwJkoY4D2SzJn98MJI4tzyYK4GNRlpBvfBh1t5TZDXM3MZfAR1EOJ7K6TOufXutEoiEbR3EwOn8m8AIyN5xozOQlIpEbZJwRMUylZKJo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876938139d0356c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.js

142.250.74.74

200 OK

85 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.js
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://atlantos.top/_cloudseven_meta/zure/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=2&no_psplash=null&pmax=null
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
JavaScript source, ASCII text
Size
85 kB (85110 bytes)
Hash
2849239b95f5a9a2aea3f6ed9420bb88
af32f706407ab08f800c5e697cce92466e735847
1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239

HTTP Headers

GET /ajax/libs/jquery/3.6.0/jquery.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://atlantos.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 85110
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 11:15:11 GMT
expires: Wed, 16 Apr 2025 11:15:11 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 225060
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

atlantos.top/_cloudseven_meta/functions/spinner.gif

172.67.191.184

46 kB

URL
atlantos.top/_cloudseven_meta/functions/spinner.gif
IP
172.67.191.184:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 48 x 48
Size
46 kB (46341 bytes)
Hash
bab0ad7ce20e911217791c00bcd4e35b
0822ac44951def4349090998b9ecb153128f03d5
bd750f550a5db2901c0bd52ec564da6adfbad55562b862b1f125d96d9d62b026

HTTP Headers

GET /_cloudseven_meta/functions/spinner.gif HTTP/1.1
Host: atlantos.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://atlantos.top/_cloudseven_meta/?login=ZmFjZWJvb2tAZ29vZ2xlLmNvbQ====&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=2&no_psplash=null&pmax=null&vcnt=2&use_cdtimr=null
Cookie: cf_clearance=fMCO.EeBnHke7AWoBUnn88d4aPvvIJigbOEVRoPFnCg-1713491170-1.0.1.1-RwCWu6A5d_4.ELGuBwKKa5qFciONDXlk3VF7uQFZ2ve4_XZcVBpVwa91et53zbPrX.EnS2Kc9CvNL.Kr2oSYKw; captcha=1; PHPSESSID=qlf6k31l1u726uekc1r8bnmg73
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 19 Apr 2024 01:46:11 GMT
content-type: image/gif
content-length: 46341
last-modified: Wed, 07 Oct 2020 21:45:56 GMT
etag: "b505-5b11ba3eced00"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QeIKtypGSNrrgawRleAuqcSIFdgdeplJayOn9VfsF7hqbFs6mAef1iy%2F3sVgazBP8hjtzPt1pSC7Z%2B3mfmvCMUGMf3KCF4TXOowJh15PeYoe3wtvZ%2BXY69SZxYNk6Sg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8769382b3a901c0e-OSL
alt-svc: h3=":443"; ma=86400

www.google.com/s2/favicons?domain=google.com

142.250.74.164

330 B

URL
www.google.com/s2/favicons?domain=google.com
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
330 B (330 bytes)
Hash
fa31efb2a302ef2be44b3664d8322c6e
72d3e47ceb425741f49395b2e74028b734570439
a3e8e526bf365cb7e3c7e01c31e0825bb74fcd8ee25d234809fbfacbe85b2258

HTTP Headers

GET /s2/favicons?domain=google.com HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://atlantos.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://google.com&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 19 Apr 2024 01:46:11 GMT
expires: Fri, 19 Apr 2024 02:16:11 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 330
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

atlantos.top/favicon.ico

172.67.191.184

404 Not Found

556 B

URL GET HTTP/3
atlantos.top/favicon.ico
IP
172.67.191.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://atlantos.top/_cloudseven_meta/zure/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=2&no_psplash=null&pmax=null
Certificate
IssuerLet's Encrypt
Subjectatlantos.top
Fingerprint10:31:C1:F3:6E:4B:0B:16:4B:8A:AA:CD:ED:25:A4:3A:99:C7:BB:6E
ValidityWed, 28 Feb 2024 23:39:33 GMT - Tue, 28 May 2024 23:39:32 GMT

File type
HTML document, ASCII text
Size
556 B (556 bytes)
Hash
c764fd7b33a160e20e9446d6d7b1daa4
3937daa4b5b101109441c0b33f42b2040839a095
e24318f25929d5cf78cc5f41f9c285098e3047a716cada9bd9d27c7e715c4808

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: atlantos.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://atlantos.top/_cloudseven_meta/?login=ZmFjZWJvb2tAZ29vZ2xlLmNvbQ====&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=2&no_psplash=null&pmax=null&vcnt=2&use_cdtimr=null
Cookie: cf_clearance=fMCO.EeBnHke7AWoBUnn88d4aPvvIJigbOEVRoPFnCg-1713491170-1.0.1.1-RwCWu6A5d_4.ELGuBwKKa5qFciONDXlk3VF7uQFZ2ve4_XZcVBpVwa91et53zbPrX.EnS2Kc9CvNL.Kr2oSYKw; captcha=1; PHPSESSID=qlf6k31l1u726uekc1r8bnmg73
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Fri, 19 Apr 2024 01:46:11 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: HIT
age: 3
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mk4%2BtTL0q%2BqbFr4T2n8QSDbVyrInUSppWgk0xQNye2%2BkOGVPOJSl3aA5vch2AnwEM4Wk4CLVquKdhI1YFnKBewf2%2BCv0wVIvsd7vCzWhQahBCxfOz0xwp7edFag27p8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8769382cbad11c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.google.com/s2/favicons?domain=google.com

142.250.74.164

330 B

URL
www.google.com/s2/favicons?domain=google.com
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
330 B (330 bytes)
Hash
fa31efb2a302ef2be44b3664d8322c6e
72d3e47ceb425741f49395b2e74028b734570439
a3e8e526bf365cb7e3c7e01c31e0825bb74fcd8ee25d234809fbfacbe85b2258

HTTP Headers

GET /s2/favicons?domain=google.com HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://atlantos.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://google.com&size=16
x-content-type-options: nosniff
server: sffe
content-length: 330
x-xss-protection: 0
date: Fri, 19 Apr 2024 01:46:11 GMT
expires: Fri, 19 Apr 2024 02:16:11 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/989184409:1713489939:XFAASVu90hehNel1S5OiWekh-A55NpRo1MXK_laTEzE/87693819be3e56a5/f7c50abdcb9fc9c

104.17.2.184

88 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/989184409:1713489939:XFAASVu90hehNel1S5OiWekh-A55NpRo1MXK_laTEzE/87693819be3e56a5/f7c50abdcb9fc9c
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
88 kB (87799 bytes)
Hash
e53b3d2f42402416e2d4dd96bb900b46
9f819db8f2bb2dbdf55bf3d32164127a0831af05
d2ace4c7c62ad96cabaf1e4ff82cf0e266a92d6c8bcd42b843c444c43a67a95a

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/989184409:1713489939:XFAASVu90hehNel1S5OiWekh-A55NpRo1MXK_laTEzE/87693819be3e56a5/f7c50abdcb9fc9c HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/rh4lc/0x4AAAAAAAQ0ZHmKholC9bE1/auto/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: f7c50abdcb9fc9c
Content-Length: 2754
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 19 Apr 2024 01:46:08 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: IOXrGEFOi86EvDBxqjjm243t23cXOP8JXIbM3QoLiHjlbfWx6jantgIjK4tFx6Ml6UDXLPFtLFHAXc9iqW6eaXays/nuNFcY4vdhGUbvNbs9/ohsZOQTf8x54KJRQLUCkzdVeR6D6nUzGn4UCZa7LZb1jrulE51YG6Um+U9A6hES6LK/3gJFwQhQJJ7Mi4iKhWwUd8HztydVfrsD4dX7L2qurSqVf4jpPYjy7ol9AtdG6z5V20DXmsEBee014PXlBLd9Ia5xs+6FaHpH+yAqf7KnOG6yTi89en+8ClYmglFeFx/UZM/J0zuwfAR0/psF4kSBf0I7bEbnMS1iKapd05r+Ci9tV6fflVO4spIX96xAebksGIlEQ+r1avwQbbMr$yt+fTqezEE5mxk+yYU37nQ==
vary: accept-encoding
server: cloudflare
cf-ray: 8769381c2f0556a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://google.com&size=16

142.250.74.100

400 B

URL
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://google.com&size=16
IP
142.250.74.100:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced
Size
400 B (400 bytes)
Hash
ad6a9230add1febf1060c544f9a19690
8bb1f3c585ea9614f10ed239fe59dbc07680c6f3
22e711f0e036325e547946a55cf86f27e601c5192191afba7943dd15de8adc28

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://google.com&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://atlantos.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-location: https://www.google.com/images/branding/product/1x/gsa_android_144dp.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 400
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 14:53:07 GMT
expires: Thu, 25 Apr 2024 14:53:07 GMT
cache-control: public, max-age=604800
age: 39184
last-modified: Tue, 17 Mar 2020 17:44:59 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://google.com&size=16

142.250.74.100

400 B

URL
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://google.com&size=16
IP
142.250.74.100:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced
Size
400 B (400 bytes)
Hash
ad6a9230add1febf1060c544f9a19690
8bb1f3c585ea9614f10ed239fe59dbc07680c6f3
22e711f0e036325e547946a55cf86f27e601c5192191afba7943dd15de8adc28

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://google.com&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://atlantos.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-location: https://www.google.com/images/branding/product/1x/gsa_android_144dp.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 400
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 14:53:07 GMT
expires: Thu, 25 Apr 2024 14:53:07 GMT
cache-control: public, max-age=604800
age: 39184
last-modified: Tue, 17 Mar 2020 17:44:59 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://google.com&size=16

142.250.74.100

400 B

URL
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://google.com&size=16
IP
142.250.74.100:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced
Size
400 B (400 bytes)
Hash
ad6a9230add1febf1060c544f9a19690
8bb1f3c585ea9614f10ed239fe59dbc07680c6f3
22e711f0e036325e547946a55cf86f27e601c5192191afba7943dd15de8adc28

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://google.com&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://atlantos.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-location: https://www.google.com/images/branding/product/1x/gsa_android_144dp.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 400
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 14:53:07 GMT
expires: Thu, 25 Apr 2024 14:53:07 GMT
cache-control: public, max-age=604800
age: 39184
last-modified: Tue, 17 Mar 2020 17:44:59 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css

104.17.25.14

200 OK

10 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://atlantos.top/_cloudseven_meta/zure/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=2&no_psplash=null&pmax=null
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (58392)
Size
10 kB (10301 bytes)
Hash
76cb46c10b6c0293433b371bae2414b2
0038dc97c79451578b7bd48af60ba62282b4082b
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84

HTTP Headers

GET /ajax/libs/font-awesome/5.13.0/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://atlantos.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 01:46:13 GMT
content-type: text/css; charset=utf-8
content-length: 10301
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e60-e4d2"
last-modified: Mon, 04 May 2020 16:10:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3025544
expires: Wed, 09 Apr 2025 01:46:13 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qRUfsIBJAJehLtBZRrLRtpEt5k1Qe4Adm3cpz5miU5AVwdOtNyFfMPiIaiNakiPhCKg8nSws%2Bir2CMmJp4z5gfxtW2FemmGBxm%2FWKV2mrWsZSqVl2X5Xn5Cl%2BmwyDj4q4uUQwBtA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87693838a937569d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.js

142.250.74.74

200 OK

85 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.js
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://atlantos.top/_cloudseven_meta/zure/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=2&no_psplash=null&pmax=null
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
JavaScript source, ASCII text
Size
85 kB (85110 bytes)
Hash
2849239b95f5a9a2aea3f6ed9420bb88
af32f706407ab08f800c5e697cce92466e735847
1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239

HTTP Headers

GET /ajax/libs/jquery/3.6.0/jquery.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://atlantos.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 85110
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 11:15:11 GMT
expires: Wed, 16 Apr 2025 11:15:11 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 225062
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

atlantos.top/_cloudseven_meta/zure/de01c1d48db6c321c637457113ed80d5/login_files/unnamed.png

172.67.191.184

200 OK

593 B

URL GET HTTP/3
atlantos.top/_cloudseven_meta/zure/de01c1d48db6c321c637457113ed80d5/login_files/unnamed.png
IP
172.67.191.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://atlantos.top/_cloudseven_meta/zure/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=2&no_psplash=null&pmax=null
Certificate
IssuerLet's Encrypt
Subjectatlantos.top
Fingerprint10:31:C1:F3:6E:4B:0B:16:4B:8A:AA:CD:ED:25:A4:3A:99:C7:BB:6E
ValidityWed, 28 Feb 2024 23:39:33 GMT - Tue, 28 May 2024 23:39:32 GMT

File type
PNG image data, 128 x 128, 8-bit colormap, non-interlaced
Size
593 B (593 bytes)
Hash
05d5d874ae9330459ea2edf61d780356
4ff030ddbd66b442c9ef28d548a147541f3f93c4
03fdba476bf32618c3a56462d7b8ace915deeb85a16bdc5f84a8abf97dc27ae8

HTTP Headers

GET /_cloudseven_meta/zure/de01c1d48db6c321c637457113ed80d5/login_files/unnamed.png HTTP/1.1
Host: atlantos.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://atlantos.top/
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=fMCO.EeBnHke7AWoBUnn88d4aPvvIJigbOEVRoPFnCg-1713491170-1.0.1.1-RwCWu6A5d_4.ELGuBwKKa5qFciONDXlk3VF7uQFZ2ve4_XZcVBpVwa91et53zbPrX.EnS2Kc9CvNL.Kr2oSYKw; captcha=1; PHPSESSID=qlf6k31l1u726uekc1r8bnmg73
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 19 Apr 2024 01:46:13 GMT
content-type: image/png
content-length: 593
last-modified: Sun, 15 Jan 2023 18:19:18 GMT
etag: "251-5f251813bb580"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tEMCQQpgjXr0hWn3AH04Ml747tlp1X2y0V1ATNHz%2BIN86vynftV4QpkWokQ%2Bj7HVWPINXyrXzpVY%2BWgv3YxNXNyfgB3UxThG68inaIIkwjN5rrnN5xMFXczBkO3ijZw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876938389ce11c0e-OSL
alt-svc: h3=":443"; ma=86400

wakandos.top/usp_Enigma_premium_users/admin/kfud_loader.php?login=facebook@google.com&page=null&hide_email=true

104.21.17.82

14 kB

URL
wakandos.top/usp_Enigma_premium_users/admin/kfud_loader.php?login=facebook@google.com&page=null&hide_email=true
IP
104.21.17.82:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
14 kB (13628 bytes)
Hash
23900adb01a970ee0c1022f2e7a590fe
146a277eb259a1dd76f0e3635ef19dc245c927ec
21232737c70d3d4e0ab5ce7f07c787a79eee972d227c7728fd3f41df1ebfaf88

HTTP Headers

GET /usp_Enigma_premium_users/admin/kfud_loader.php?login=facebook@google.com&page=null&hide_email=true HTTP/1.1
Host: wakandos.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://atlantos.top
DNT: 1
Connection: keep-alive
Referer: https://atlantos.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 01:46:11 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.30
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hV7Q3a%2FQFSiJJcVYDM3daTT%2B%2B30HKZTWyMo04zlySD9c1OEaYpY84%2B4qy3iUNPJ1It2o9GW0tH7JcnKJJ5AHWzc1XbEy74H%2F3seCTECVQf53HJHS1LoIX1CEEWeI1Gg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8769382dca04b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

216.58.207.227

200 OK

22 kB

URL GET HTTP/2
fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://atlantos.top/_cloudseven_meta/zure/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=2&no_psplash=null&pmax=null
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 21464, version 1.0
Size
22 kB (21464 bytes)
Hash
923a543cc619ea568f91b723d9fb1ef0
6f4ade25559645c741d7327c6e16521e43d7e1f9
bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd

HTTP Headers

GET /s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://atlantos.top
DNT: 1
Connection: keep-alive
Referer: https://atlantos.top/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21464
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:38:03 GMT
expires: Fri, 18 Apr 2025 02:38:03 GMT
cache-control: public, max-age=31536000
age: 83291
last-modified: Mon, 22 Apr 2019 23:42:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://atlantos.top/_cloudseven_meta/zure/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=2&no_psplash=null&pmax=null
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://atlantos.top
DNT: 1
Connection: keep-alive
Referer: https://atlantos.top/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:43:03 GMT
expires: Fri, 18 Apr 2025 02:43:03 GMT
cache-control: public, max-age=31536000
age: 82991
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

atlantos.top/_cloudseven_meta/?login=ZmFjZWJvb2tAZ29vZ2xlLmNvbQ====&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=2&no_psplash=null&pmax=null&vcnt=2&use_cdtimr=null

172.67.191.184

28 kB

URL
atlantos.top/_cloudseven_meta/?login=ZmFjZWJvb2tAZ29vZ2xlLmNvbQ====&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=2&no_psplash=null&pmax=null&vcnt=2&use_cdtimr=null
IP
172.67.191.184:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (317)
Size
28 kB (27806 bytes)
Hash
2067dc83e4981ce31affe9b51dbdb4a7
01c85ebe6f60267c89b53c548061d164771f718e
cc9ca2063db78b2faac6ec9cd9dbf610981f4c118ad37d03177c02d3cbc5be24

HTTP Headers

GET /_cloudseven_meta/?login=ZmFjZWJvb2tAZ29vZ2xlLmNvbQ====&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=2&no_psplash=null&pmax=null&vcnt=2&use_cdtimr=null HTTP/1.1
Host: atlantos.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://webso.click/
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=fMCO.EeBnHke7AWoBUnn88d4aPvvIJigbOEVRoPFnCg-1713491170-1.0.1.1-RwCWu6A5d_4.ELGuBwKKa5qFciONDXlk3VF7uQFZ2ve4_XZcVBpVwa91et53zbPrX.EnS2Kc9CvNL.Kr2oSYKw; captcha=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 19 Apr 2024 01:46:11 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
set-cookie: PHPSESSID=qlf6k31l1u726uekc1r8bnmg73; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4dMQURvWePHULUt4%2B4MVsjo%2B6t7D1N3LrshAwrFm4RWGEJUyaPh0b7sfE%2BBdczc7m60DX8fWs7y7i5zLmKscfphFbuZzckXxPaILAlnZEb7FmWCNFNfCOR6Ec3Kh5Bo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8769382a4a5d1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

atlantos.top/favicon.ico

172.67.191.184

404 Not Found

7.2 kB

URL GET HTTP/3
atlantos.top/favicon.ico
IP
172.67.191.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://atlantos.top/_cloudseven_meta/zure/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=2&no_psplash=null&pmax=null
Certificate
IssuerLet's Encrypt
Subjectatlantos.top
Fingerprint10:31:C1:F3:6E:4B:0B:16:4B:8A:AA:CD:ED:25:A4:3A:99:C7:BB:6E
ValidityWed, 28 Feb 2024 23:39:33 GMT - Tue, 28 May 2024 23:39:32 GMT

File type
HTML document, ASCII text
Size
7.2 kB (7208 bytes)
Hash
c764fd7b33a160e20e9446d6d7b1daa4
3937daa4b5b101109441c0b33f42b2040839a095
e24318f25929d5cf78cc5f41f9c285098e3047a716cada9bd9d27c7e715c4808

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: atlantos.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://atlantos.top/
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=fMCO.EeBnHke7AWoBUnn88d4aPvvIJigbOEVRoPFnCg-1713491170-1.0.1.1-RwCWu6A5d_4.ELGuBwKKa5qFciONDXlk3VF7uQFZ2ve4_XZcVBpVwa91et53zbPrX.EnS2Kc9CvNL.Kr2oSYKw; captcha=1; PHPSESSID=qlf6k31l1u726uekc1r8bnmg73
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Fri, 19 Apr 2024 01:46:14 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: HIT
age: 6
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P5%2FUJjNpaZND5PuEUZq4t88HnJm3oWPES34Y%2BzxHo8FYUeAZLQsToI9wHjxWf8pjavEfPlwF1klOl0qwFvmQshyezwPVhy2worKMkyrZ1QlbPjlTHLaMl68NebfsyX0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87693840fe211c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

atlantos.top/_cloudseven_meta/zure/de01c1d48db6c321c637457113ed80d5/login_files/gcss3.css

172.67.191.184

200 OK

40 kB

URL GET HTTP/3
atlantos.top/_cloudseven_meta/zure/de01c1d48db6c321c637457113ed80d5/login_files/gcss3.css
IP
172.67.191.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://atlantos.top/_cloudseven_meta/zure/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=2&no_psplash=null&pmax=null
Certificate
IssuerLet's Encrypt
Subjectatlantos.top
Fingerprint10:31:C1:F3:6E:4B:0B:16:4B:8A:AA:CD:ED:25:A4:3A:99:C7:BB:6E
ValidityWed, 28 Feb 2024 23:39:33 GMT - Tue, 28 May 2024 23:39:32 GMT

File type
ASCII text, with very long lines (39464), with no line terminators
Size
40 kB (39464 bytes)
Hash
e74979dc37f37c1b319b4371d8fd6d52
c7e4f35c3aa8719bbdb77a20b68b39b0621a39af
726b54d9fce44442579ac916092de54f3a0e4bdd26f3eda35486fdaba4b53afb

HTTP Headers

GET /_cloudseven_meta/zure/de01c1d48db6c321c637457113ed80d5/login_files/gcss3.css HTTP/1.1
Host: atlantos.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://atlantos.top/
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=fMCO.EeBnHke7AWoBUnn88d4aPvvIJigbOEVRoPFnCg-1713491170-1.0.1.1-RwCWu6A5d_4.ELGuBwKKa5qFciONDXlk3VF7uQFZ2ve4_XZcVBpVwa91et53zbPrX.EnS2Kc9CvNL.Kr2oSYKw; captcha=1; PHPSESSID=qlf6k31l1u726uekc1r8bnmg73
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 19 Apr 2024 01:46:13 GMT
content-type: text/css
last-modified: Sun, 15 Jan 2023 19:45:46 GMT
etag: W/"9a28-5f252b6764e80"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HDWmsFYzOrXSiNEOUycRgjnXqCxfZG5ISZaXTq89RiP1gTKEn1v2QAl92UuJtdrgMlLcfSdyjMZj5ZJZyklDWCTNej5Aq2LTTYVKXciebMa6exrvVrVfFCHY6Ecqim0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876938389cdd1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

atlantos.top/_cloudseven_meta/zure/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=2&no_psplash=null&pmax=null

172.67.191.184

200 OK

40 kB

URL User Request GET HTTP/3
atlantos.top/_cloudseven_meta/zure/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=2&no_psplash=null&pmax=null
IP
172.67.191.184:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectatlantos.top
Fingerprint10:31:C1:F3:6E:4B:0B:16:4B:8A:AA:CD:ED:25:A4:3A:99:C7:BB:6E
ValidityWed, 28 Feb 2024 23:39:33 GMT - Tue, 28 May 2024 23:39:32 GMT

File type

Size
40 kB (39763 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - Anti-debugging code

HTTP Headers

GET /_cloudseven_meta/zure/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=2&no_psplash=null&pmax=null HTTP/1.1
Host: atlantos.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://atlantos.top/_cloudseven_meta/zure/de01c1d48db6c321c637457113ed80d5/index.php?login=ZmFjZWJvb2tAZ29vZ2xlLmNvbQ==&request_type=null&page_bg=null&no_redrct=null&pcnt=2&no_psplash=null&pmax=null
Cookie: cf_clearance=fMCO.EeBnHke7AWoBUnn88d4aPvvIJigbOEVRoPFnCg-1713491170-1.0.1.1-RwCWu6A5d_4.ELGuBwKKa5qFciONDXlk3VF7uQFZ2ve4_XZcVBpVwa91et53zbPrX.EnS2Kc9CvNL.Kr2oSYKw; captcha=1; PHPSESSID=qlf6k31l1u726uekc1r8bnmg73
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 19 Apr 2024 01:46:13 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7SotqrFv9%2FivRv1OpmEyRx0M4b%2BMkUXidA5A8EPBKaPyNKW66WkQ47YaYrW5mUGVtfY7DZfgT%2FZcyi3Y8RgigBLhsHORYF2jwxuGrLzbxwVwz2Z9qpK0EcVhF5qwYQ4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876938375cb71c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

atlantos.top/_cloudseven_meta/zure/de01c1d48db6c321c637457113ed80d5/login_files/gcss2.css

172.67.191.184

200 OK

22 kB

URL GET HTTP/3
atlantos.top/_cloudseven_meta/zure/de01c1d48db6c321c637457113ed80d5/login_files/gcss2.css
IP
172.67.191.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://atlantos.top/_cloudseven_meta/zure/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=2&no_psplash=null&pmax=null
Certificate
IssuerLet's Encrypt
Subjectatlantos.top
Fingerprint10:31:C1:F3:6E:4B:0B:16:4B:8A:AA:CD:ED:25:A4:3A:99:C7:BB:6E
ValidityWed, 28 Feb 2024 23:39:33 GMT - Tue, 28 May 2024 23:39:32 GMT

File type
ASCII text, with very long lines (10938), with CRLF line terminators
Size
22 kB (21880 bytes)
Hash
97053076bd28694bf51a024325e6e1a3
fe34bbace3b586b00962cb8312c825dd9d46b1df
1d01183202d53a2fdc646e8c5dd75ee52fedfad6dd344b20ec3914271ae60597

HTTP Headers

GET /_cloudseven_meta/zure/de01c1d48db6c321c637457113ed80d5/login_files/gcss2.css HTTP/1.1
Host: atlantos.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://atlantos.top/
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=fMCO.EeBnHke7AWoBUnn88d4aPvvIJigbOEVRoPFnCg-1713491170-1.0.1.1-RwCWu6A5d_4.ELGuBwKKa5qFciONDXlk3VF7uQFZ2ve4_XZcVBpVwa91et53zbPrX.EnS2Kc9CvNL.Kr2oSYKw; captcha=1; PHPSESSID=qlf6k31l1u726uekc1r8bnmg73
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 19 Apr 2024 01:46:13 GMT
content-type: text/css
last-modified: Sun, 15 Jan 2023 18:35:38 GMT
etag: W/"5578-5f251bba55280"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VKlCDL29bgsC4ufzqWeC2J5lIWdKlxs35OaiTOONFPGm3ipWdnZ493YPJ5ALSGguWlNvd2trqEcQk1kJJVgrHgXaT%2B6seuxIiz1akbRXupZPFLvqoJPzfZFYL7LVnpQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876938389cda1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

216.58.207.227

200 OK

22 kB

URL GET HTTP/2
fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://atlantos.top/_cloudseven_meta/zure/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=2&no_psplash=null&pmax=null
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 21700, version 1.0
Size
22 kB (21700 bytes)
Hash
7d75a9eb3b38b5dd04b8a7ce4f1b87cc
68f598c84936c9720c5ffd6685294f5c94000dff
6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7

HTTP Headers

GET /s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://atlantos.top
DNT: 1
Connection: keep-alive
Referer: https://atlantos.top/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21700
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 03:15:25 GMT
expires: Wed, 16 Apr 2025 03:15:25 GMT
cache-control: public, max-age=31536000
age: 253849
last-modified: Mon, 22 Apr 2019 23:43:33 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

atlantos.top/_cloudseven_meta/zure/de01c1d48db6c321c637457113ed80d5/login_files/gcss.css

172.67.191.184

200 OK

338 kB

URL GET HTTP/3
atlantos.top/_cloudseven_meta/zure/de01c1d48db6c321c637457113ed80d5/login_files/gcss.css
IP
172.67.191.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://atlantos.top/_cloudseven_meta/zure/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=2&no_psplash=null&pmax=null
Certificate
IssuerLet's Encrypt
Subjectatlantos.top
Fingerprint10:31:C1:F3:6E:4B:0B:16:4B:8A:AA:CD:ED:25:A4:3A:99:C7:BB:6E
ValidityWed, 28 Feb 2024 23:39:33 GMT - Tue, 28 May 2024 23:39:32 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
338 kB (337586 bytes)
Hash
50807450ed3159ca319158c86219cd42
c3950d098c603e34619783d2c41765c3774a8697
3f51d95fb3e28490694cb6898be2e46d0c5a5076eae9d943fb65f26dd1dc2f7f

HTTP Headers

GET /_cloudseven_meta/zure/de01c1d48db6c321c637457113ed80d5/login_files/gcss.css HTTP/1.1
Host: atlantos.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://atlantos.top/
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=fMCO.EeBnHke7AWoBUnn88d4aPvvIJigbOEVRoPFnCg-1713491170-1.0.1.1-RwCWu6A5d_4.ELGuBwKKa5qFciONDXlk3VF7uQFZ2ve4_XZcVBpVwa91et53zbPrX.EnS2Kc9CvNL.Kr2oSYKw; captcha=1; PHPSESSID=qlf6k31l1u726uekc1r8bnmg73
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 19 Apr 2024 01:46:14 GMT
content-type: text/css
last-modified: Sun, 15 Jan 2023 18:33:38 GMT
etag: W/"526b2-5f251b47e4480"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EDUYI6Wk2vtgRW41wcCtMa8fnpCNUGJ%2BL8hUY2wXHirJGEwBnFNoazh7UxCwCIZZEgHLFs1nRcYkMLs2ActRMjAOv42qgGB45mxCRE21hdbjAZt5fH1RlEkFLIUKv58%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876938388cd91c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

atlantos.top/_cloudseven_meta/zure/de01c1d48db6c321c637457113ed80d5/index.php?login=ZmFjZWJvb2tAZ29vZ2xlLmNvbQ==&request_type=null&page_bg=null&no_redrct=null&pcnt=2&no_psplash=null&pmax=null

172.67.191.184

200 OK

2.5 kB

URL User Request GET HTTP/3
atlantos.top/_cloudseven_meta/zure/de01c1d48db6c321c637457113ed80d5/index.php?login=ZmFjZWJvb2tAZ29vZ2xlLmNvbQ==&request_type=null&page_bg=null&no_redrct=null&pcnt=2&no_psplash=null&pmax=null
IP
172.67.191.184:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectatlantos.top
Fingerprint10:31:C1:F3:6E:4B:0B:16:4B:8A:AA:CD:ED:25:A4:3A:99:C7:BB:6E
ValidityWed, 28 Feb 2024 23:39:33 GMT - Tue, 28 May 2024 23:39:32 GMT

File type
JavaScript source, ASCII text, with very long lines (2779), with no line terminators
Size
2.5 kB (2477 bytes)
Hash
c04d7e21e8ba6d1ee20240f8b6fe90b7
49be3d0511a7836b3a8de3c74cb571968041be76
d621e24ee5602f7f3b5f25a04619e7f84ec9331c0db66121cf6e14571486b9f9

HTTP Headers

GET /_cloudseven_meta/zure/de01c1d48db6c321c637457113ed80d5/index.php?login=ZmFjZWJvb2tAZ29vZ2xlLmNvbQ==&request_type=null&page_bg=null&no_redrct=null&pcnt=2&no_psplash=null&pmax=null HTTP/1.1
Host: atlantos.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://atlantos.top/_cloudseven_meta/?login=ZmFjZWJvb2tAZ29vZ2xlLmNvbQ====&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=2&no_psplash=null&pmax=null&vcnt=2&use_cdtimr=null
Cookie: cf_clearance=fMCO.EeBnHke7AWoBUnn88d4aPvvIJigbOEVRoPFnCg-1713491170-1.0.1.1-RwCWu6A5d_4.ELGuBwKKa5qFciONDXlk3VF7uQFZ2ve4_XZcVBpVwa91et53zbPrX.EnS2Kc9CvNL.Kr2oSYKw; captcha=1; PHPSESSID=qlf6k31l1u726uekc1r8bnmg73
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 19 Apr 2024 01:46:12 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=etv3KQBKi%2BqqsgQYNqhOi7Z3ZkM6KiDe7KUdqIDtE2%2FaAyBDlFHKe30yKgD5NrKXnKS%2FV1EMUT%2FL0oTwyWJ%2Fr9MBWW%2FB9QHyfvuiDVos2lOLikwSQGbUChKw0D%2BAjcU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876938364c971c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/webfonts/fa-regular-400.woff2

104.17.25.14

200 OK

14 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/webfonts/fa-regular-400.woff2
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://atlantos.top/_cloudseven_meta/zure/de01c1d48db6c321c637457113ed80d5/login.php?login&_x_tr_sl=auto&_x_tr_tl=null&_x_tr_hl=null&_x_tr_pto=wapp&request_type=null&no_redrct=null&pcnt=2&no_psplash=null&pmax=null
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 13584, version 331.524
Size
14 kB (13584 bytes)
Hash
c20b5b7362d8d7bb7eddf94344ace33e
260bb01acd44d88dcb7f501a238ab968f86bef9e
6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65

HTTP Headers

GET /ajax/libs/font-awesome/5.13.0/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://atlantos.top
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 19 Apr 2024 01:46:14 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 13584
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e60-3510"
last-modified: Mon, 04 May 2020 16:10:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 291942
expires: Wed, 09 Apr 2025 01:46:14 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TkCixghgRx4Gnyv9nu6E3stZDcFFoktJ%2BVyZxmlXHI%2BTc9rBG5Irt551SrKxO2esepRk6JJ%2FkIxmGgUzFv9gJTl92eCb5I43TGD5s8WndOfswV0AaCCQ7t3%2FTP%2BUve%2F9nFlW7DLb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 876938405b131c02-OSL
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash