Report - glitkoqer.top/

Report Overview

Visited public
2023-12-08 04:24:59
Tags
URL
glitkoqer.top/
Finishing URL
glitkoqer.top/vote7241/
IP / ASN
188.114.96.1
#13335 CLOUDFLARENET
Title
Oнлaйн голoсовaния

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-07 07:16:25	448 B	2.8 kB	142.250.74.170
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18 02:37:31	2023-12-07 07:59:32	1.0 kB	96 kB	104.18.11.207
glitkoqer.top	unknown	unknown	No data	No data	10 kB	293 kB	188.114.97.1
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-07 07:59:33	1.6 kB	72 kB	216.58.207.227

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-12-08 04:24:48	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile
2023-12-08 04:24:48	medium	Client IP	188.114.97.1	ET INFO HTTP Request to a *.top domain

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-12-07	medium	glitkoqer.top/	VKontakte
2023-12-07	medium	glitkoqer.top/	VKontakte
2023-12-07	medium	glitkoqer.top/	VKontakte
2023-12-07	medium	glitkoqer.top/	VKontakte
2023-12-07	medium	glitkoqer.top/	VKontakte
2023-12-07	medium	glitkoqer.top/	VKontakte
2023-12-07	medium	glitkoqer.top/	VKontakte
2023-12-07	medium	glitkoqer.top/	VKontakte
2023-12-07	medium	glitkoqer.top/	VKontakte
2023-12-07	medium	glitkoqer.top/	VKontakte
2023-12-07	medium	glitkoqer.top/	VKontakte
2023-12-07	medium	glitkoqer.top/	VKontakte
2023-12-07	medium	glitkoqer.top/	VKontakte
2023-12-07	medium	glitkoqer.top/	VKontakte
2023-12-07	medium	glitkoqer.top/	VKontakte
2023-12-07	medium	glitkoqer.top/	VKontakte
2023-12-07	medium	glitkoqer.top/	VKontakte
2023-12-07	medium	glitkoqer.top/	VKontakte
2023-12-07	medium	glitkoqer.top/	VKontakte
2023-12-07	medium	glitkoqer.top/	VKontakte
2023-12-07	medium	glitkoqer.top/	VKontakte

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-08	medium	glitkoqer.top	Sinkholed
2023-12-08	medium	glitkoqer.top	Sinkholed
2023-12-08	medium	glitkoqer.top	Sinkholed
2023-12-08	medium	glitkoqer.top	Sinkholed
2023-12-08	medium	glitkoqer.top	Sinkholed
2023-12-08	medium	glitkoqer.top	Sinkholed
2023-12-08	medium	glitkoqer.top	Sinkholed
2023-12-08	medium	glitkoqer.top	Sinkholed
2023-12-08	medium	glitkoqer.top	Sinkholed
2023-12-08	medium	glitkoqer.top	Sinkholed
2023-12-08	medium	glitkoqer.top	Sinkholed
2023-12-08	medium	glitkoqer.top	Sinkholed
2023-12-08	medium	glitkoqer.top	Sinkholed
2023-12-08	medium	glitkoqer.top	Sinkholed
2023-12-08	medium	glitkoqer.top	Sinkholed
2023-12-08	medium	glitkoqer.top	Sinkholed
2023-12-08	medium	glitkoqer.top	Sinkholed
2023-12-08	medium	glitkoqer.top	Sinkholed
2023-12-08	medium	glitkoqer.top	Sinkholed
2023-12-08	medium	glitkoqer.top	Sinkholed
2023-12-08	medium	glitkoqer.top	Sinkholed

ThreatFox

No alerts detected

JavaScript (8)

	URL	From	Size	First Seen	Last Seen
	glitkoqer.top/vote7241/skel.min.js	ScriptElement	9.1 kB	2023-03-07	2025-04-28
Pretty URL glitkoqer.top/vote7241/skel.min.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42 Last Seen2025-04-28 14:08 Times Seen186 Hash df4f8930f3747bbadcdeb7dfe326ed73 475a99682e46ad061915a11a9adb3fad82258d3c afa9ae8eec6cb530d00256d71c700f9f0d72d298bd50f3af7f4450aa9aed2c98 Loading...

	glitkoqer.top/vote7241/util.js	ScriptElement	6.5 kB	2023-03-08	2025-01-19
Pretty URL glitkoqer.top/vote7241/util.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:42 Last Seen2025-01-19 01:36 Times Seen38 Hash 55458e51b39bc778bd4a85777e78c1dd e9b2b21224786879159dae8280ce3d526cc8e8f2 a6c7a302569d54495823de9410cb5262a1d989fcd3478114213fdbd46ced17b6 Loading...

	glitkoqer.top/vote7241/main.js	ScriptElement	1.4 kB	2023-03-08	2025-01-19
Pretty URL glitkoqer.top/vote7241/main.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:42 Last Seen2025-01-19 01:36 Times Seen33 Hash 6574e785eb7b27dbc23f80ca31b73132 d872222b83a4cb5f15461502ef997acf0bcd1ba8 a2789dab6d8622ce419c24ab49416ce8f71ffd33c4d67942617aaa518da5e7e2 Loading...

	glitkoqer.top/vote7241/	ScriptElement	0 B	0001-01-01	2025-05-10
Pretty URL glitkoqer.top/vote7241/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-10 11:48 Times Seen4643429 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	glitkoqer.top/vote7241/jquery.min.js	ScriptElement	96 kB	2023-03-07	2025-05-10
Pretty URL glitkoqer.top/vote7241/jquery.min.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-10 04:20 Times Seen6117 Hash 895323ed2f7258af4fae2c738c8aea49 276c87ff3e1e3155679c318938e74e5c1b76d809 ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8 Loading...

	glitkoqer.top/vote7241/jquery.dropotron.min.js	ScriptElement	5.1 kB	2023-03-07	2025-05-02
Pretty URL glitkoqer.top/vote7241/jquery.dropotron.min.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:47 Last Seen2025-05-02 12:59 Times Seen57 Hash 19a18a4d6c0f6d063e932a316f18c626 4155dae7acded6cf5b9e8f91f8032fc0b43fa981 662b6b7e9c3daad368e3614b6ba5b965654e9746cc3f37f03521ddd9346c1e86 Loading...

	glitkoqer.top/vote7241/jquery.scrolly.min.js	ScriptElement	830 B	2023-03-07	2025-04-28
Pretty URL glitkoqer.top/vote7241/jquery.scrolly.min.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10 Last Seen2025-04-28 14:00 Times Seen141 Hash cdaa947ce14cf917fd3fbb34bbf69292 6807fda8e44d95117e7007563a4db951818df82b 08d27f460466e4b36d9eb2cfef27e442ca206f87d6cbb157f98c16704c999a2a Loading...

	glitkoqer.top/vote7241/jquery.scrollgress.min.js	ScriptElement	2.9 kB	2023-03-08	2025-01-19
Pretty URL glitkoqer.top/vote7241/jquery.scrollgress.min.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:42 Last Seen2025-01-19 01:36 Times Seen34 Hash 9b3337224da04896f96e811d6c1d37cc 4b4f4525ab2c2c4eee4ff765003fe177447a3871 72f987a3c92b96f54124a9473b6286febb417fd968dff2fe976c8a3c606b8606 Loading...

HTTP Transactions (27)

URL IP Response Size

glitkoqer.top/vote7241/

188.114.97.1

200 OK

0 B

URL User Request GET HTTP/3
glitkoqer.top/vote7241/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectglitkoqer.top
FingerprintBF:90:ED:4A:0A:D0:44:D9:6A:BA:8E:3B:A3:EF:E7:AA:2F:F6:A8:80
ValiditySun, 29 Oct 2023 09:03:10 GMT - Sat, 27 Jan 2024 09:03:09 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	VKontakte
Quad9 DNS	malicious	Sinkholed

NIDS	Severity	Alert
suricata	medium	ET INFO HTTP Request to a *.top domain

HTTP Headers

GET /vote7241/ HTTP/1.1
Host: glitkoqer.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=9q04nkaakmrd6tcdrqm4pjr5pn
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Fri, 08 Dec 2023 04:24:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 08 Dec 2023 05:24:41 GMT
Location: https://glitkoqer.top/vote7241/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4tOBC1cp0uLQqz2iSLO%2F%2BtUF3tsf2f1W9wsFqTUq9oB8pYSdZpSespNdob2Ha6xuz2BX8M09hm%2FjMr1MaTlfdm51cYhKMAliVG7r8ab94ulC1w4uq%2BPgXa1zMnk8Zcyo"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 83223d7defd94e16-HEL
alt-svc: h2=":443"; ma=60

glitkoqer.top/vote7241/banner.jpg

188.114.97.1

200 OK

12 kB

URL GET HTTP/3
glitkoqer.top/vote7241/banner.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://glitkoqer.top/vote7241/
Certificate
IssuerGoogle Trust Services LLC
Subjectglitkoqer.top
FingerprintBF:90:ED:4A:0A:D0:44:D9:6A:BA:8E:3B:A3:EF:E7:AA:2F:F6:A8:80
ValiditySun, 29 Oct 2023 09:03:10 GMT - Sat, 27 Jan 2024 09:03:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 512x288, components 3\012- data
Size
12 kB (12434 bytes)
Hash
6fb0806aac252ca78c9321b07bc7adbe
f08f09fcac3cf60ed14126d56ca7a511fafb3c23
98eee85ce2c473ebe7b4d4d205258d7228245b982f8c3d8d0fbe361d2553c810

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	VKontakte
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /vote7241/banner.jpg HTTP/1.1
Host: glitkoqer.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glitkoqer.top/vote7241/main.css
Cookie: PHPSESSID=9q04nkaakmrd6tcdrqm4pjr5pn
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 08 Dec 2023 04:24:43 GMT
content-type: image/jpeg
content-length: 12434
last-modified: Tue, 02 May 2023 14:11:26 GMT
etag: "64511a0e-3092"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ycAQG1UUVHQf08QOrv4jQ8%2FSdytRKy2TS%2BV2u3U5qLe6mUOScgCmd1PEunyDOPuidheZ4%2B3J90og9IQR8JzkpaZSmNWMzO9k8Q28slKjlDkrXZHa6nonZ3YvoUC5ZYC%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83223d858e344e13-HEL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

216.58.207.227

200 OK

24 kB

URL GET HTTP/2
fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://glitkoqer.top/vote7241/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Size
24 kB (23580 bytes)
Hash
e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

HTTP Headers

GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://glitkoqer.top
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:40:33 GMT
expires: Fri, 06 Dec 2024 15:40:33 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
age: 45850
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

glitkoqer.top/vote7241/overlay.png

188.114.97.1

200 OK

16 kB

URL GET HTTP/3
glitkoqer.top/vote7241/overlay.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://glitkoqer.top/vote7241/
Certificate
IssuerGoogle Trust Services LLC
Subjectglitkoqer.top
FingerprintBF:90:ED:4A:0A:D0:44:D9:6A:BA:8E:3B:A3:EF:E7:AA:2F:F6:A8:80
ValiditySun, 29 Oct 2023 09:03:10 GMT - Sat, 27 Jan 2024 09:03:09 GMT

File type
PNG image data, 256 x 256, 4-bit colormap, non-interlaced\012- data
Size
16 kB (15620 bytes)
Hash
05de3a777f6afda2a1033307e2cc957c
540fa346aa22e783266d3fb513da2edbd85f3be9
a853f133d41b7e44f3b9d4642eaa7732ece2aa889d650193e966def70b992483

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	VKontakte
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /vote7241/overlay.png HTTP/1.1
Host: glitkoqer.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glitkoqer.top/vote7241/main.css
Cookie: PHPSESSID=9q04nkaakmrd6tcdrqm4pjr5pn
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 08 Dec 2023 04:24:43 GMT
content-type: image/png
content-length: 15620
last-modified: Tue, 02 May 2023 14:11:24 GMT
etag: "64511a0c-3d04"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=05T0ZUz3LuPtNzjLLMYwaToODhHFGnN8xoN%2F86o%2FP102%2FBGhDAgkcjRwV3Rux8XyLh9qbi%2Fzdxn2jYBRbFi13G81i1m61uJvYNw6DS0E6xuN5%2F96lm5d1uoed3c50XBA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83223d858e314e13-HEL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2

216.58.207.227

200 OK

23 kB

URL GET HTTP/2
fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://glitkoqer.top/vote7241/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23236, version 1.0\012- data
Size
23 kB (23236 bytes)
Hash
716309aab2bca045f9627f63ad79d0bf
38804233a29aaf975d557fe14e762c627bef76e0
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

HTTP Headers

GET /s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://glitkoqer.top
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:42:53 GMT
expires: Fri, 06 Dec 2024 15:42:53 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:08:26 GMT
content-type: font/woff2
age: 45710
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2

216.58.207.227

200 OK

22 kB

URL GET HTTP/2
fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://glitkoqer.top/vote7241/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 22504, version 1.0\012- data
Size
22 kB (22504 bytes)
Hash
1c6c65523675abc6fcd78e804325bd77
898d9808304dc157f5dcb18ca169ec6e2b96b3d7
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

HTTP Headers

GET /s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://glitkoqer.top
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22504
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 06 Dec 2023 21:37:20 GMT
expires: Thu, 05 Dec 2024 21:37:20 GMT
cache-control: public, max-age=31536000
age: 110843
last-modified: Tue, 02 May 2023 15:12:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

glitkoqer.top/vote7241/font-awesome.min.css

188.114.97.1

200 OK

73 kB

URL GET HTTP/3
glitkoqer.top/vote7241/font-awesome.min.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://glitkoqer.top/vote7241/
Certificate
IssuerGoogle Trust Services LLC
Subjectglitkoqer.top
FingerprintBF:90:ED:4A:0A:D0:44:D9:6A:BA:8E:3B:A3:EF:E7:AA:2F:F6:A8:80
ValiditySun, 29 Oct 2023 09:03:10 GMT - Sat, 27 Jan 2024 09:03:09 GMT

File type
ASCII text, with very long lines (28882)
Size
73 kB (73226 bytes)
Hash
ae7a7d6495adb150d00ca2c45566e880
8c4ceab17ca104a8a9ef7d2a940e0449b85d7d37
1f4082bc4d525c198936b8e7b8bda99929537de890c143e5e35fca4ac23b2a26

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	VKontakte
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /vote7241/font-awesome.min.css HTTP/1.1
Host: glitkoqer.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glitkoqer.top/vote7241/main.css
Cookie: PHPSESSID=9q04nkaakmrd6tcdrqm4pjr5pn
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 08 Dec 2023 04:24:43 GMT
content-type: text/css
last-modified: Tue, 02 May 2023 14:11:26 GMT
vary: Accept-Encoding
etag: W/"64511a0e-7175"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FNR%2FWAURwjH0C4niumVZMjjxhAyqfla2WmFNY%2Fb4oIxwUS8R2AL3V7cby5d62lQYncAkEKGQcP%2FdNI2E5Qiuow3lK2ufXHVHj30ghTh5wemXH6m53Wi%2FeieBrSUe3pLH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83223d846bf44e13-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400

glitkoqer.top/vote7241

188.114.97.1

301 Moved Permanently

5.5 kB

URL User Request GET HTTP/2
glitkoqer.top/vote7241
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectglitkoqer.top
FingerprintBF:90:ED:4A:0A:D0:44:D9:6A:BA:8E:3B:A3:EF:E7:AA:2F:F6:A8:80
ValiditySun, 29 Oct 2023 09:03:10 GMT - Sat, 27 Jan 2024 09:03:09 GMT

File type

Size
5.5 kB (5525 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	VKontakte
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /vote7241 HTTP/1.1
Host: glitkoqer.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=9q04nkaakmrd6tcdrqm4pjr5pn
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Fri, 08 Dec 2023 04:24:41 GMT
content-type: text/html
location: http://glitkoqer.top/vote7241/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rQSeU8g5BvSHptUqI6G9Fr%2FaVdb44akFsms85bu4EfXRj8MKC7Ix%2F9mp5oG2SUk0CDn0kspQOjSNkDrW5LixnJjHWzRPgu30Fdb%2FcKGYftnmCgUOu1yInYJu%2F40CfhZz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83223d7d6f74d94f-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

glitkoqer.top/vote7241/jquery.min.js

188.114.97.1

200 OK

96 kB

URL GET HTTP/3
glitkoqer.top/vote7241/jquery.min.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://glitkoqer.top/vote7241/
Certificate
IssuerGoogle Trust Services LLC
Subjectglitkoqer.top
FingerprintBF:90:ED:4A:0A:D0:44:D9:6A:BA:8E:3B:A3:EF:E7:AA:2F:F6:A8:80
ValiditySun, 29 Oct 2023 09:03:10 GMT - Sat, 27 Jan 2024 09:03:09 GMT

File type
ASCII text, with very long lines (32038)
Size
96 kB (95957 bytes)
Hash
895323ed2f7258af4fae2c738c8aea49
276c87ff3e1e3155679c318938e74e5c1b76d809
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	VKontakte
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /vote7241/jquery.min.js HTTP/1.1
Host: glitkoqer.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glitkoqer.top/vote7241/
Cookie: PHPSESSID=9q04nkaakmrd6tcdrqm4pjr5pn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 08 Dec 2023 04:24:42 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 02 May 2023 14:11:24 GMT
vary: Accept-Encoding
etag: W/"64511a0c-176d5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9AW20FgSjqI51SWDgZEq%2FDwYWeWU7MZVLcXpMjQW9RJ%2Bse7xzcbEJX%2FeFAq6vtkSebE0cd8T8jRjPFgW9o0k8IJA7iuOlitPdM1wBE64tTkmMqjpV90yL%2FD2skXxCfT2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83223d839a144e13-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400

glitkoqer.top/vote7241/main.css

188.114.97.1

200 OK

40 kB

URL GET HTTP/3
glitkoqer.top/vote7241/main.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://glitkoqer.top/vote7241/
Certificate
IssuerGoogle Trust Services LLC
Subjectglitkoqer.top
FingerprintBF:90:ED:4A:0A:D0:44:D9:6A:BA:8E:3B:A3:EF:E7:AA:2F:F6:A8:80
ValiditySun, 29 Oct 2023 09:03:10 GMT - Sat, 27 Jan 2024 09:03:09 GMT

File type
ASCII text, with very long lines (756)
Size
40 kB (40316 bytes)
Hash
249f4e27fbe6684589b886598d1170fc
4ef8b473ca675714d9b5a4febb0b57f81911f200
9db87291353250890f667f20f5d7dae2c1e354818e6ccd271a0ebf93eb3bb377

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	VKontakte
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /vote7241/main.css HTTP/1.1
Host: glitkoqer.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glitkoqer.top/vote7241/
Cookie: PHPSESSID=9q04nkaakmrd6tcdrqm4pjr5pn
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 08 Dec 2023 04:24:42 GMT
content-type: text/css
last-modified: Tue, 02 May 2023 14:11:28 GMT
vary: Accept-Encoding
etag: W/"64511a10-9d7c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y0c61DsqftK6SLJillv5CwPD35nok6vyZVYskyK1lwZ%2B7a0OnhEB2GlzJaS956DSQfwugK%2FUMYN18FTyD0NRIsqP2TJB4v%2BITDvbeXlHzwFCZP9OPmYWxM98gqo6iY81"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83223d838a094e13-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400

glitkoqer.top/vote7241/dark-tl.svg

188.114.97.1

200 OK

616 B

URL GET HTTP/3
glitkoqer.top/vote7241/dark-tl.svg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://glitkoqer.top/vote7241/
Certificate
IssuerGoogle Trust Services LLC
Subjectglitkoqer.top
FingerprintBF:90:ED:4A:0A:D0:44:D9:6A:BA:8E:3B:A3:EF:E7:AA:2F:F6:A8:80
ValiditySun, 29 Oct 2023 09:03:10 GMT - Sat, 27 Jan 2024 09:03:09 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (730), with no line terminators
Size
616 B (616 bytes)
Hash
601b133ac7f1d132b61e927af34a0ea4
54dea0b2eafbd10f074fe2eb9634951af424b8d1
f703536b78f73feadca1c49ba2682ef0d20621d4a16b0bbfccbdc9457519739c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	VKontakte
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /vote7241/dark-tl.svg HTTP/1.1
Host: glitkoqer.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glitkoqer.top/vote7241/main.css
Cookie: PHPSESSID=9q04nkaakmrd6tcdrqm4pjr5pn
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 08 Dec 2023 04:24:43 GMT
content-type: image/svg+xml
last-modified: Tue, 02 May 2023 14:11:24 GMT
etag: W/"64511a0c-268"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xEz%2FU4%2F6clR1JuwjXsBTrrLy3POc5pz2CSpCf0NDSNkfVvtN5M8R5QnxgsE%2BXj4ntj4rfbXN%2FS89HKvyQn8i7ihVvC2B2ELh9qpceG%2F09%2FcZMpAcpo2XsGnwE2bKX4R8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83223d858e394e13-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css?family=Lato:300,400,900

142.250.74.170

200 OK

2.2 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Lato:300,400,900
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://glitkoqer.top/vote7241/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (2215), with no line terminators
Size
2.2 kB (2167 bytes)
Hash
059c09f433f988565f2e4684e4c05a8e
4507dcaf33a7eed04a2939615e16c1c4d03e9477
23a577281577369e797a5ad5a488febb60bfa5f4310ba9dfad97fcf9b019a2d3

HTTP Headers

GET /css?family=Lato:300,400,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glitkoqer.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 08 Dec 2023 04:24:43 GMT
date: Fri, 08 Dec 2023 04:24:43 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

glitkoqer.top/vote7241/light-bl.svg

188.114.97.1

200 OK

634 B

URL GET HTTP/3
glitkoqer.top/vote7241/light-bl.svg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://glitkoqer.top/vote7241/
Certificate
IssuerGoogle Trust Services LLC
Subjectglitkoqer.top
FingerprintBF:90:ED:4A:0A:D0:44:D9:6A:BA:8E:3B:A3:EF:E7:AA:2F:F6:A8:80
ValiditySun, 29 Oct 2023 09:03:10 GMT - Sat, 27 Jan 2024 09:03:09 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (748), with no line terminators
Size
634 B (634 bytes)
Hash
cc104dfcd5596814e6badbc06463cb1f
9b968dd6f6f7e6507665f2ed6644822b3461d8bb
281d056fea63e5c83dc7e287acbb038bbe5285f18694b34ee4dca369dc6e34b4

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	VKontakte
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /vote7241/light-bl.svg HTTP/1.1
Host: glitkoqer.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glitkoqer.top/vote7241/main.css
Cookie: PHPSESSID=9q04nkaakmrd6tcdrqm4pjr5pn
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 08 Dec 2023 04:24:43 GMT
content-type: image/svg+xml
last-modified: Tue, 02 May 2023 14:11:28 GMT
etag: W/"64511a10-27a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yMjprK6bruTi2G0BgHfD5s8nK5xfklwMTIGSnUy1LtPSh4nRv%2FTSLJh434QRviVbcLKlMANDSuObMcLv4G0G4VIQYTyHq8AfgaDASmFFE3yyNJfaknyc0Lc73FjYsWDK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83223d857e2a4e13-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400

maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0

104.18.11.207

200 OK

67 kB

URL GET HTTP/3
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://glitkoqer.top/vote7241/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint34:BC:91:5F:B9:EC:32:2C:D9:73:C7:88:C3:6C:FB:77:E7:70:8D:04
ValidityThu, 30 Nov 2023 00:15:17 GMT - Wed, 28 Feb 2024 00:15:16 GMT

File type
Web Open Font Format (Version 2), TrueType, length 66624, version 4.262\012- data
Size
67 kB (66624 bytes)
Hash
db812d8a70a4e88e888744c1c9a27e89
638c652d623280a58144f93e7b552c66d1667a11
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

HTTP Headers

GET /font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://glitkoqer.top
DNT: 1
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 08 Dec 2023 04:24:43 GMT
content-type: font/woff2
content-length: 66624
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "db812d8a70a4e88e888744c1c9a27e89"
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 10/31/2023 18:48:08
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 3358596eb6dcf4d3a4464d35d912ccb9
cdn-cache: HIT
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 83223d85eaab2d6f-ARN
alt-svc: h3=":443"; ma=86400

glitkoqer.top/vote7241/main.js

188.114.97.1

200 OK

1.4 kB

URL GET HTTP/3
glitkoqer.top/vote7241/main.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://glitkoqer.top/vote7241/
Certificate
IssuerGoogle Trust Services LLC
Subjectglitkoqer.top
FingerprintBF:90:ED:4A:0A:D0:44:D9:6A:BA:8E:3B:A3:EF:E7:AA:2F:F6:A8:80
ValiditySun, 29 Oct 2023 09:03:10 GMT - Sat, 27 Jan 2024 09:03:09 GMT

File type
HTML document, ASCII text, with very long lines (1427), with no line terminators
Size
1.4 kB (1415 bytes)
Hash
fe252d66328166698a7777cdace608ab
d1294b2344fbb71c8cd49fabd5cb51ff0d38078f
a99154a0bc4e52c5469ca89e02da46a54b0843410737c2f596588414cda642a2

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	VKontakte
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /vote7241/main.js HTTP/1.1
Host: glitkoqer.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glitkoqer.top/vote7241/
Cookie: PHPSESSID=9q04nkaakmrd6tcdrqm4pjr5pn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 08 Dec 2023 04:24:42 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 02 May 2023 14:11:28 GMT
vary: Accept-Encoding
etag: W/"64511a10-587"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HdxNGC53eOvQjJyDtbMW2vcf6nEoPpMDxXRGb0DTYCyy%2BiQs5oaaW9fpPFicLcorQ1p6292aLLhg8yaX8mNTwHxn6hCGA%2BqH8JAK2Iz20VNCnY29BFyBmcYNezRYBoBk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83223d839a224e13-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400

glitkoqer.top/vote7241/dark-bl.svg

188.114.97.1

200 OK

630 B

URL GET HTTP/3
glitkoqer.top/vote7241/dark-bl.svg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://glitkoqer.top/vote7241/
Certificate
IssuerGoogle Trust Services LLC
Subjectglitkoqer.top
FingerprintBF:90:ED:4A:0A:D0:44:D9:6A:BA:8E:3B:A3:EF:E7:AA:2F:F6:A8:80
ValiditySun, 29 Oct 2023 09:03:10 GMT - Sat, 27 Jan 2024 09:03:09 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (744), with no line terminators
Size
630 B (630 bytes)
Hash
ba5d8b007e3030c7ca1163526eb0b1fc
c110331e6ce93b796d7c31274acf7d8c6f432ffa
051359430e961ba1c5eb832a007de80bc7029006e07feea4b824bce4199a35df

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	VKontakte
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /vote7241/dark-bl.svg HTTP/1.1
Host: glitkoqer.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glitkoqer.top/vote7241/main.css
Cookie: PHPSESSID=9q04nkaakmrd6tcdrqm4pjr5pn
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 08 Dec 2023 04:24:43 GMT
content-type: image/svg+xml
last-modified: Tue, 02 May 2023 14:11:24 GMT
etag: W/"64511a0c-276"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fw1Ve4WaMmUPOz8tXHjHWsgExoNbgGep56w9o7BFICcNIJ9ve0aVtlS9q4F1NLTLxyWxG7Fl%2Fznmn9GC4Zu8Kd0lJLiCmuNi24b%2B7xLiCAqcezHYIwnJoRHL%2F4cF%2BqVG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83223d859e444e13-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400

glitkoqer.top/vote7241/dark-br.svg

188.114.97.1

200 OK

644 B

URL GET HTTP/3
glitkoqer.top/vote7241/dark-br.svg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://glitkoqer.top/vote7241/
Certificate
IssuerGoogle Trust Services LLC
Subjectglitkoqer.top
FingerprintBF:90:ED:4A:0A:D0:44:D9:6A:BA:8E:3B:A3:EF:E7:AA:2F:F6:A8:80
ValiditySun, 29 Oct 2023 09:03:10 GMT - Sat, 27 Jan 2024 09:03:09 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (758), with no line terminators
Size
644 B (644 bytes)
Hash
970ba90ff0c299f8922721db03087a62
7958245dff46c77465d715df06d6688ced71db5f
2d60ce8b976895628372ba280b5a3a242d6dd1256aebeec859b2fa09abd08e4a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	VKontakte
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /vote7241/dark-br.svg HTTP/1.1
Host: glitkoqer.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glitkoqer.top/vote7241/main.css
Cookie: PHPSESSID=9q04nkaakmrd6tcdrqm4pjr5pn
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 08 Dec 2023 04:24:43 GMT
content-type: image/svg+xml
last-modified: Tue, 02 May 2023 14:11:26 GMT
etag: W/"64511a0e-284"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N1Y6AE1L9ylHF62Mesqqoly%2Fm4TXMUi7oLRnVnXtM31va0r%2BweFOicDC06Bi%2FIpcOJUFcma1OYtSp2QzXY1Rf32nUcTcep%2B6MDldH5R8Qyzp3XI37yaRafnt3UO%2FRCMc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83223d859e454e13-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400

glitkoqer.top/vote7241/jquery.dropotron.min.js

188.114.97.1

200 OK

5.1 kB

URL GET HTTP/3
glitkoqer.top/vote7241/jquery.dropotron.min.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://glitkoqer.top/vote7241/
Certificate
IssuerGoogle Trust Services LLC
Subjectglitkoqer.top
FingerprintBF:90:ED:4A:0A:D0:44:D9:6A:BA:8E:3B:A3:EF:E7:AA:2F:F6:A8:80
ValiditySun, 29 Oct 2023 09:03:10 GMT - Sat, 27 Jan 2024 09:03:09 GMT

File type
ASCII text, with very long lines (5338), with no line terminators
Size
5.1 kB (5105 bytes)
Hash
cd8326b261e32d7a4cf0a5593ea3db0f
e8070b96196980fe426cf525b1b9f66d88414f71
7959273555966774ef44b458185c36d55670d4f735a5d2b4cbb5ecc557ae9e3d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	VKontakte
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /vote7241/jquery.dropotron.min.js HTTP/1.1
Host: glitkoqer.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glitkoqer.top/vote7241/
Cookie: PHPSESSID=9q04nkaakmrd6tcdrqm4pjr5pn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 08 Dec 2023 04:24:42 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 02 May 2023 14:11:26 GMT
vary: Accept-Encoding
etag: W/"64511a0e-13f1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CZPwQMyyPEajTlOfa3yPp48uh4EysBVVhKhEvb95LJ98h9GDKbkRXktgQvFFVDye9avW3Bripq3p7TiTUqKNp7JWTSI28Y3E8j8WSM0SVu25B4L3qSz%2F92mTeb5uvNGl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83223d839a164e13-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400

glitkoqer.top/vote7241/light-br.svg

188.114.97.1

200 OK

648 B

URL GET HTTP/3
glitkoqer.top/vote7241/light-br.svg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://glitkoqer.top/vote7241/
Certificate
IssuerGoogle Trust Services LLC
Subjectglitkoqer.top
FingerprintBF:90:ED:4A:0A:D0:44:D9:6A:BA:8E:3B:A3:EF:E7:AA:2F:F6:A8:80
ValiditySun, 29 Oct 2023 09:03:10 GMT - Sat, 27 Jan 2024 09:03:09 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (762), with no line terminators
Size
648 B (648 bytes)
Hash
566235d81ceff78dd09f7b7370507c2c
fa748bd29f639dc3b669a8defde3d3d256e0125b
88347e5e6ac67817cb3149ca5d3046718828ba41525386a21c1e1587936e4797

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	VKontakte
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /vote7241/light-br.svg HTTP/1.1
Host: glitkoqer.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glitkoqer.top/vote7241/main.css
Cookie: PHPSESSID=9q04nkaakmrd6tcdrqm4pjr5pn
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 08 Dec 2023 04:24:43 GMT
content-type: image/svg+xml
last-modified: Tue, 02 May 2023 14:11:28 GMT
etag: W/"64511a10-288"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SpMuUS%2BI%2F0xx%2F647I2JnVzLjasK36rZi%2FlZxPGP4wtlAtKHARf5i9VTuf7XS%2F%2F%2BG%2FauwC4nrm5nRSvlrgnsfsskw7MBZsd0MT0%2FHexNUvHKsu6nq5MRML%2B8byAGuNW6m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83223d858e2b4e13-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400

glitkoqer.top/

188.114.97.1

302 Found

5.5 kB

URL User Request GET HTTP/2
glitkoqer.top/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectglitkoqer.top
FingerprintBF:90:ED:4A:0A:D0:44:D9:6A:BA:8E:3B:A3:EF:E7:AA:2F:F6:A8:80
ValiditySun, 29 Oct 2023 09:03:10 GMT - Sat, 27 Jan 2024 09:03:09 GMT

File type

Size
5.5 kB (5525 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	VKontakte
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: glitkoqer.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 08 Dec 2023 04:24:41 GMT
content-type: text/html; charset=utf-8
location: https://glitkoqer.top/vote7241
set-cookie: PHPSESSID=9q04nkaakmrd6tcdrqm4pjr5pn; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OFwwBZwQekzov5uq0s31bgt58p%2B32yZS6P1BsI67Nddx%2BM3Mofc%2BukUFzeNRGxeyetApZUwJTdWAi9I3zH2tS9GwyMUrQfH38HRlTunqotXVTLS1bsUnkMQfHZ0ltB5M"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83223d7c9de2d94f-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

104.18.11.207

200 OK

28 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://glitkoqer.top/vote7241/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint34:BC:91:5F:B9:EC:32:2C:D9:73:C7:88:C3:6C:FB:77:E7:70:8D:04
ValidityThu, 30 Nov 2023 00:15:17 GMT - Wed, 28 Feb 2024 00:15:16 GMT

File type
ASCII text, with very long lines (27303)
Size
28 kB (27466 bytes)
Hash
4fbd15cb6047af93373f4f895639c8bf
12d6861075de8e293265ff6ff03b1f3adcb44c76
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

HTTP Headers

GET /font-awesome/4.5.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glitkoqer.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 08 Dec 2023 04:24:42 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 565, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-06-08 19:04:20
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: e9a84d03a1f7c6aa17012c712a6e5dd5
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 3120527
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 83223d83ece4991a-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

glitkoqer.top/vote7241/jquery.scrollgress.min.js

188.114.97.1

200 OK

2.9 kB

URL GET HTTP/3
glitkoqer.top/vote7241/jquery.scrollgress.min.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://glitkoqer.top/vote7241/
Certificate
IssuerGoogle Trust Services LLC
Subjectglitkoqer.top
FingerprintBF:90:ED:4A:0A:D0:44:D9:6A:BA:8E:3B:A3:EF:E7:AA:2F:F6:A8:80
ValiditySun, 29 Oct 2023 09:03:10 GMT - Sat, 27 Jan 2024 09:03:09 GMT

File type
ASCII text, with very long lines (2958), with no line terminators
Size
2.9 kB (2893 bytes)
Hash
c382118c9e79265f2f0e614bbd5542cc
252e45772ac4c2b0d769f9457b23959318f3dc02
a2311731b90bafab5a56e249a458ab4bb72108391af9df4456cd1bfa55240add

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	VKontakte
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /vote7241/jquery.scrollgress.min.js HTTP/1.1
Host: glitkoqer.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glitkoqer.top/vote7241/
Cookie: PHPSESSID=9q04nkaakmrd6tcdrqm4pjr5pn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 08 Dec 2023 04:24:42 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 02 May 2023 14:11:28 GMT
vary: Accept-Encoding
etag: W/"64511a10-b4d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bITJ%2BfQt86fngiMDR4eMHhk9pvGxV391o9uQiS70gWEWoh9gby%2BziXNuiNjEjtyU%2FIJxlDViRdSm0sBIHfyl%2Bglo%2F1d6JDoKtJt4n6t6xj8g1lhU9XVsGcPhvnXmx56T"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83223d839a194e13-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400

glitkoqer.top/vote7241/skel.min.js

188.114.97.1

200 OK

9.1 kB

URL GET HTTP/3
glitkoqer.top/vote7241/skel.min.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://glitkoqer.top/vote7241/
Certificate
IssuerGoogle Trust Services LLC
Subjectglitkoqer.top
FingerprintBF:90:ED:4A:0A:D0:44:D9:6A:BA:8E:3B:A3:EF:E7:AA:2F:F6:A8:80
ValiditySun, 29 Oct 2023 09:03:10 GMT - Sat, 27 Jan 2024 09:03:09 GMT

File type
ASCII text, with very long lines (9336), with no line terminators
Size
9.1 kB (9084 bytes)
Hash
8583eb7c296f368701ddf4ac2bc2fe14
483b22e3df220e13bc5a263597cb46189d3af2f2
b0937cde0c1e3e427200ea2fef465e3332106d6aee0684f4e7212e0e39817ceb

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	VKontakte
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /vote7241/skel.min.js HTTP/1.1
Host: glitkoqer.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glitkoqer.top/vote7241/
Cookie: PHPSESSID=9q04nkaakmrd6tcdrqm4pjr5pn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 08 Dec 2023 04:24:42 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 02 May 2023 14:11:28 GMT
vary: Accept-Encoding
etag: W/"64511a10-237c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NaUxNjJWI2kUu6owG8PUDBNZVQG7Pw4o9fjNIvkC8eamkjbbViwhYJzjMe7I075xCpag75mkMipiRxWRJiB3GF4WzV85jlVSnGg54loj7MKWoxlNJVLm3X%2FobfR4Mj0Y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83223d839a1a4e13-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400

glitkoqer.top/vote7241/fav_logo.ico

188.114.97.1

200 OK

302 B

URL GET HTTP/3
glitkoqer.top/vote7241/fav_logo.ico
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://glitkoqer.top/vote7241/
Certificate
IssuerGoogle Trust Services LLC
Subjectglitkoqer.top
FingerprintBF:90:ED:4A:0A:D0:44:D9:6A:BA:8E:3B:A3:EF:E7:AA:2F:F6:A8:80
ValiditySun, 29 Oct 2023 09:03:10 GMT - Sat, 27 Jan 2024 09:03:09 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
302 B (302 bytes)
Hash
db4602e825059025d5e340263cf5c68c
9f742500bc92e4afae41d8375bbde4c23d0266fe
5a42896e6f577f9994d762ea131bcd8d264a95542383f62faf051f80806d7182

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	VKontakte
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /vote7241/fav_logo.ico HTTP/1.1
Host: glitkoqer.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glitkoqer.top/vote7241/
Cookie: PHPSESSID=9q04nkaakmrd6tcdrqm4pjr5pn
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 08 Dec 2023 04:24:43 GMT
content-type: image/x-icon
last-modified: Tue, 02 May 2023 14:11:22 GMT
etag: W/"64511a0a-12e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IHBB9j7NnmnY5irQY7bpI4Q01McHCfOUrzKTMYgPD2IGaH6csKC%2BQR%2BPM3rXjo8ECgV%2F4iEOcuWhXj3DtMb3PPuLUnGdUCPOct40bvKfKDDioy6hVaRkVB8x0Xa5R%2F4l"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83223d86e8ad4e13-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400

glitkoqer.top/vote7241/jquery.scrolly.min.js

188.114.97.1

200 OK

830 B

URL GET HTTP/3
glitkoqer.top/vote7241/jquery.scrolly.min.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://glitkoqer.top/vote7241/
Certificate
IssuerGoogle Trust Services LLC
Subjectglitkoqer.top
FingerprintBF:90:ED:4A:0A:D0:44:D9:6A:BA:8E:3B:A3:EF:E7:AA:2F:F6:A8:80
ValiditySun, 29 Oct 2023 09:03:10 GMT - Sat, 27 Jan 2024 09:03:09 GMT

File type
ASCII text, with very long lines (851), with no line terminators
Size
830 B (830 bytes)
Hash
ba55ff9ead5aafe623ffb63d0514cd5a
10cabfa35760d7102dca95a6979986c2e76d8e35
d44f8be5ab3845bb7af6437929907cddc77e7d2b316ee8deb36f99e96b0501a6

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	VKontakte
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /vote7241/jquery.scrolly.min.js HTTP/1.1
Host: glitkoqer.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glitkoqer.top/vote7241/
Cookie: PHPSESSID=9q04nkaakmrd6tcdrqm4pjr5pn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 08 Dec 2023 04:24:42 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 02 May 2023 14:11:26 GMT
etag: W/"64511a0e-33e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2YYwMxYogv5mVttgqdnX3D62LZ%2Bfe%2FGXgzOontQg%2BrVYm0AtZRGxGMi1x0ki0dMQMizJAGk0fYd%2BN246FZhS3psAsvT0mUCbC6iFGr%2BR3rpM1gGxfV3ew8LNaU%2BFXKdl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83223d839a174e13-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400

glitkoqer.top/vote7241/util.js

188.114.97.1

200 OK

6.5 kB

URL GET HTTP/3
glitkoqer.top/vote7241/util.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://glitkoqer.top/vote7241/
Certificate
IssuerGoogle Trust Services LLC
Subjectglitkoqer.top
FingerprintBF:90:ED:4A:0A:D0:44:D9:6A:BA:8E:3B:A3:EF:E7:AA:2F:F6:A8:80
ValiditySun, 29 Oct 2023 09:03:10 GMT - Sat, 27 Jan 2024 09:03:09 GMT

File type
ASCII text, with very long lines (6483), with no line terminators
Size
6.5 kB (6464 bytes)
Hash
4028af0bb265f77bfcbf6bdda10c1dd9
3c74433d5f93927048331f8ea7a5fb6ddf4ccdb7
900bb525fc62a5985954e045b21b8371483a0c20142962292cd1c71267504dbf

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	VKontakte
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /vote7241/util.js HTTP/1.1
Host: glitkoqer.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glitkoqer.top/vote7241/
Cookie: PHPSESSID=9q04nkaakmrd6tcdrqm4pjr5pn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 08 Dec 2023 04:24:42 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 02 May 2023 14:11:22 GMT
vary: Accept-Encoding
etag: W/"64511a0a-1940"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vLY9r5geK3v%2B4a9G3ZgNX1%2BF96%2BJP5Im0YkuPFhGdlnwtFYXupjq4TVeK61CduOjPUaDmWwAS2itYFrvBXqMKhs5Q3fCjRR562ziVT9ImzZw9BKYl9Va6S3rKuxH3Jn7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83223d839a1d4e13-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400

glitkoqer.top/vote7241/dark-tr.svg

188.114.97.1

200 OK

630 B

URL GET HTTP/3
glitkoqer.top/vote7241/dark-tr.svg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://glitkoqer.top/vote7241/
Certificate
IssuerGoogle Trust Services LLC
Subjectglitkoqer.top
FingerprintBF:90:ED:4A:0A:D0:44:D9:6A:BA:8E:3B:A3:EF:E7:AA:2F:F6:A8:80
ValiditySun, 29 Oct 2023 09:03:10 GMT - Sat, 27 Jan 2024 09:03:09 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (744), with no line terminators
Size
630 B (630 bytes)
Hash
2a6eaa30fb258d95807bbefa79b10d93
229ecc75fcedda188c64edbf2c7ff4b1b8f5747a
6b8546927febce4c16d6aef40d6bad46e7ebbd76ab9c1d4ea3ec26a0d6c5b3fd

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	VKontakte
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /vote7241/dark-tr.svg HTTP/1.1
Host: glitkoqer.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glitkoqer.top/vote7241/main.css
Cookie: PHPSESSID=9q04nkaakmrd6tcdrqm4pjr5pn
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 08 Dec 2023 04:24:43 GMT
content-type: image/svg+xml
last-modified: Tue, 02 May 2023 14:11:26 GMT
etag: W/"64511a0e-276"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2B8PttY61hDulnqCWo8jIvzKCx51fD%2BJ6uDoO98aX2bB%2B6pv6ZQ2LdClUCM7oDetqVm18bX8vKvRnaTpn4f1p6Bd7krz%2FYAU0%2Bd9h1tnW5bof7Mlxjk%2BDuEW4bsf3vnR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83223d858e434e13-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (27)

URL User Request GET HTTP/3

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3