agjka2323-kitsusea.16-b.it Open in urlscan Pro
65.52.121.135  Malicious Activity! Public Scan

URL: https://agjka2323-kitsusea.16-b.it/invite.php
Submission: On September 18 via automatic, source openphish — Scanned from DE

Summary

This website contacted 9 IPs in 4 countries across 9 domains to perform 29 HTTP transactions. The main IP is 65.52.121.135, located in San Jose, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is agjka2323-kitsusea.16-b.it.
TLS certificate: Issued by R3 on September 12th 2021. Valid for: 3 months.
This is the only time agjka2323-kitsusea.16-b.it was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: WhatsApp (Instant Messenger)

Domain & IP information

IP Address AS Autonomous System
2 5 65.52.121.135 8075 (MICROSOFT...)
5 104.16.19.94 13335 (CLOUDFLAR...)
2 142.250.186.170 15169 (GOOGLE)
2 104.75.88.209 16625 (AKAMAI-AS)
9 152.228.223.13 16276 (OVH)
4 104.21.234.231 13335 (CLOUDFLAR...)
1 69.16.175.10 20446 (HIGHWINDS3)
1 185.199.109.133 54113 (FASTLY)
2 142.250.186.131 15169 (GOOGLE)
29 9
Domain Requested by
9 i.ibb.co agjka2323-kitsusea.16-b.it
5 cdnjs.cloudflare.com agjka2323-kitsusea.16-b.it
cdnjs.cloudflare.com
5 agjka2323-kitsusea.16-b.it 2 redirects agjka2323-kitsusea.16-b.it
4 rawcdn.githack.com agjka2323-kitsusea.16-b.it
2 fonts.gstatic.com fonts.googleapis.com
2 i.pinimg.com agjka2323-kitsusea.16-b.it
2 fonts.googleapis.com agjka2323-kitsusea.16-b.it
1 cloud.githubusercontent.com agjka2323-kitsusea.16-b.it
1 code.jquery.com agjka2323-kitsusea.16-b.it
29 9

This site contains no links.

Subject Issuer Validity Valid
agjka2323-kitsusea.16-b.it
R3
2021-09-12 -
2021-12-11
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-10-21 -
2021-10-20
a year crt.sh
upload.video.google.com
GTS CA 1O1
2021-08-30 -
2021-11-22
3 months crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1
2021-07-26 -
2022-08-05
a year crt.sh
ibb.co
R3
2021-08-06 -
2021-11-04
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2021-07-14 -
2022-08-14
a year crt.sh
www.github.com
DigiCert SHA2 High Assurance Server CA
2020-05-06 -
2022-04-14
2 years crt.sh
*.gstatic.com
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh

This page contains 1 frames:

Primary Page: https://agjka2323-kitsusea.16-b.it/invite.php
Frame ID: C76353B71B2915274EBEF4AEA3D55FC0
Requests: 29 HTTP requests in this frame

Screenshot

Page Title

Undangan Grup WhatsApp

Page URL History Show full URLs

  1. https://agjka2323-kitsusea.16-b.it/invite.php HTTP 302
    https://agjka2323-kitsusea.16-b.it/index.php Page URL
  2. https://agjka2323-kitsusea.16-b.it/invite.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
  • /([\d.]+)/jquery(?:\.min)?\.js

Page Statistics

29
Requests

100 %
HTTPS

0 %
IPv6

9
Domains

9
Subdomains

9
IPs

4
Countries

759 kB
Transfer

1061 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://agjka2323-kitsusea.16-b.it/invite.php HTTP 302
    https://agjka2323-kitsusea.16-b.it/index.php Page URL
  2. https://agjka2323-kitsusea.16-b.it/invite.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://agjka2323-kitsusea.16-b.it/invite.php HTTP 302
  • https://agjka2323-kitsusea.16-b.it/index.php
Request Chain 25
  • https://agjka2323-kitsusea.16-b.it/invite.php HTTP 302
  • https://agjka2323-kitsusea.16-b.it/index.php

29 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
index.php
agjka2323-kitsusea.16-b.it/
Redirect Chain
  • https://agjka2323-kitsusea.16-b.it/invite.php
  • https://agjka2323-kitsusea.16-b.it/index.php
2 KB
609 B
Document
General
Full URL
https://agjka2323-kitsusea.16-b.it/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.52.121.135 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
454aca938f1d697b34fa6f099a90d06baa7ce4ce398c9e0b46d76a2670a99f46

Request headers

:method
GET
:authority
agjka2323-kitsusea.16-b.it
:scheme
https
:path
/index.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=UTF-8
content-length
571
content-encoding
br
vary
Accept-Encoding
date
Sat, 18 Sep 2021 13:14:27 GMT
server
LiteSpeed

Redirect headers

location
index.php
content-type
text/html; charset=UTF-8
content-length
17050
content-encoding
br
vary
Accept-Encoding
date
Sat, 18 Sep 2021 13:14:27 GMT
server
LiteSpeed
cache-control
no-cache, no-store, must-revalidate, max-age=0
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
Primary Request invite.php
agjka2323-kitsusea.16-b.it/
81 KB
17 KB
Document
General
Full URL
https://agjka2323-kitsusea.16-b.it/invite.php
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
65.52.121.135 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
b18fbbc30fe4a27a2e1955a3bea178e5a65798d8edd01fdeadaf70c7ee359f2b

Request headers

:method
POST
:authority
agjka2323-kitsusea.16-b.it
:scheme
https
:path
/invite.php
content-length
17
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://agjka2323-kitsusea.16-b.it
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://agjka2323-kitsusea.16-b.it/index.php
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
Origin
https://agjka2323-kitsusea.16-b.it
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://agjka2323-kitsusea.16-b.it/index.php

Response headers

content-type
text/html; charset=UTF-8
content-length
17050
content-encoding
br
vary
Accept-Encoding
date
Sat, 18 Sep 2021 13:14:28 GMT
server
LiteSpeed
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/
30 KB
6 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: agjka2323-kitsusea.16-b.it
URL: https://agjka2323-kitsusea.16-b.it/invite.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://agjka2323-kitsusea.16-b.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 13:14:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
702372
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5631
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GPW5AIcL3YXlRbm4i8CXo03VLHdBrY26ugL19gj31fatqzGDmwrbBnAxqEPpiTwrkAjkSI4PYfqJwyTIof6ZRKBwu%2F9s82p4voI8Yq%2BUEHUt6SLgAAXxxmuGXbW3bflqZoGltQcl"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
690ad666fdb32151-DUS
expires
Thu, 08 Sep 2022 13:14:28 GMT
css
fonts.googleapis.com/
6 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700,300
Requested by
Host: agjka2323-kitsusea.16-b.it
URL: https://agjka2323-kitsusea.16-b.it/invite.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
ESF /
Resource Hash
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://agjka2323-kitsusea.16-b.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 18 Sep 2021 12:39:40 GMT
server
ESF
date
Sat, 18 Sep 2021 13:14:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 18 Sep 2021 13:14:28 GMT
material-design-iconic-font.min.css
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.1.2/css/
67 KB
6 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.1.2/css/material-design-iconic-font.min.css
Requested by
Host: agjka2323-kitsusea.16-b.it
URL: https://agjka2323-kitsusea.16-b.it/invite.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6daf416f915e77243b8b68baada9eae0fff34cffb447300f114757c9b488a704
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://agjka2323-kitsusea.16-b.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 13:14:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
686616
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5630
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:12:09 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ed9-10ad7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ho2Cx7VX4daAiIGCKApjuUfC1rlVTGIuU0t4mZ6Sp3DkztD4kBwLqbyxP2fmbmxAx%2FKFX%2B8R%2FVj3%2FY4A36cB2TVLMm54JbZj41IoIXjoFtLLPDBBEMMav6JFTc1g5vX2tBpdXCHh"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
690ad666fdb52151-DUS
expires
Thu, 08 Sep 2022 13:14:28 GMT
css2
fonts.googleapis.com/
1 KB
519 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Yantramanav&display=swap
Requested by
Host: agjka2323-kitsusea.16-b.it
URL: https://agjka2323-kitsusea.16-b.it/invite.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
ESF /
Resource Hash
39cda5e7a819fe468455d1daf68a545fbe8eb07d1d9c3f0dc95c0e5b8f7c2341
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 18 Sep 2021 13:14:28 GMT
server
ESF
date
Sat, 18 Sep 2021 13:14:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 18 Sep 2021 13:14:28 GMT
dfeb51e22c076b269470dea421c58bcd.jpg
i.pinimg.com/750x/df/eb/51/
80 KB
80 KB
Image
General
Full URL
https://i.pinimg.com/750x/df/eb/51/dfeb51e22c076b269470dea421c58bcd.jpg
Requested by
Host: agjka2323-kitsusea.16-b.it
URL: https://agjka2323-kitsusea.16-b.it/invite.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
33c678d15e22f448d9ab8064dea7a88cb537d35a9204d9861d188a88799bce83

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://agjka2323-kitsusea.16-b.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-cdn
akamai
akamai-grn
0.916656b8.1631970868.c83fdf32
etag
"3583a42d57d3139b49e81738d55ed2ee"
vary
Origin
content-type
image/jpeg
cache-control
immutable, max-age=31536000
accept-ranges
bytes
content-length
82034
20210127-024850.png
i.ibb.co/R3CdPDw/
1 KB
1 KB
Image
General
Full URL
https://i.ibb.co/R3CdPDw/20210127-024850.png
Requested by
Host: agjka2323-kitsusea.16-b.it
URL: https://agjka2323-kitsusea.16-b.it/invite.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
152.228.223.13 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190386.ip-152-228-223.eu
Software
nginx /
Resource Hash
383267c9f5ee8f68d2aa68642d500e0f471463d4781205ba8f22fa01af34f5e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://agjka2323-kitsusea.16-b.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 13:14:28 GMT
server
nginx
content-length
1157
content-type
image/png
Screenshot-408.png
i.ibb.co/qx6q9GT/
1 KB
1 KB
Image
General
Full URL
https://i.ibb.co/qx6q9GT/Screenshot-408.png
Requested by
Host: agjka2323-kitsusea.16-b.it
URL: https://agjka2323-kitsusea.16-b.it/invite.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
152.228.223.13 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190386.ip-152-228-223.eu
Software
nginx /
Resource Hash
383267c9f5ee8f68d2aa68642d500e0f471463d4781205ba8f22fa01af34f5e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://agjka2323-kitsusea.16-b.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 13:14:28 GMT
server
nginx
content-length
1157
content-type
image/png
Screenshot-405.png
i.ibb.co/CwDsXX3/
1 KB
1 KB
Image
General
Full URL
https://i.ibb.co/CwDsXX3/Screenshot-405.png
Requested by
Host: agjka2323-kitsusea.16-b.it
URL: https://agjka2323-kitsusea.16-b.it/invite.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
152.228.223.13 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190386.ip-152-228-223.eu
Software
nginx /
Resource Hash
383267c9f5ee8f68d2aa68642d500e0f471463d4781205ba8f22fa01af34f5e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://agjka2323-kitsusea.16-b.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 13:14:28 GMT
server
nginx
content-length
1157
content-type
image/png
Screenshot-409.png
i.ibb.co/qJBTccY/
1 KB
1 KB
Image
General
Full URL
https://i.ibb.co/qJBTccY/Screenshot-409.png
Requested by
Host: agjka2323-kitsusea.16-b.it
URL: https://agjka2323-kitsusea.16-b.it/invite.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
152.228.223.13 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190386.ip-152-228-223.eu
Software
nginx /
Resource Hash
383267c9f5ee8f68d2aa68642d500e0f471463d4781205ba8f22fa01af34f5e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://agjka2323-kitsusea.16-b.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 13:14:28 GMT
server
nginx
content-length
1157
content-type
image/png
Screenshot-407.png
i.ibb.co/Rgw81cF/
1 KB
1 KB
Image
General
Full URL
https://i.ibb.co/Rgw81cF/Screenshot-407.png
Requested by
Host: agjka2323-kitsusea.16-b.it
URL: https://agjka2323-kitsusea.16-b.it/invite.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
152.228.223.13 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190386.ip-152-228-223.eu
Software
nginx /
Resource Hash
383267c9f5ee8f68d2aa68642d500e0f471463d4781205ba8f22fa01af34f5e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://agjka2323-kitsusea.16-b.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 13:14:28 GMT
server
nginx
content-length
1157
content-type
image/png
Screenshot-406.png
i.ibb.co/8zsJZ1L/
1 KB
1 KB
Image
General
Full URL
https://i.ibb.co/8zsJZ1L/Screenshot-406.png
Requested by
Host: agjka2323-kitsusea.16-b.it
URL: https://agjka2323-kitsusea.16-b.it/invite.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
152.228.223.13 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190386.ip-152-228-223.eu
Software
nginx /
Resource Hash
383267c9f5ee8f68d2aa68642d500e0f471463d4781205ba8f22fa01af34f5e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://agjka2323-kitsusea.16-b.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 13:14:28 GMT
server
nginx
content-length
1157
content-type
image/png
Screenshot-410.png
i.ibb.co/MNpDDYZ/
1 KB
1 KB
Image
General
Full URL
https://i.ibb.co/MNpDDYZ/Screenshot-410.png
Requested by
Host: agjka2323-kitsusea.16-b.it
URL: https://agjka2323-kitsusea.16-b.it/invite.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
152.228.223.13 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190386.ip-152-228-223.eu
Software
nginx /
Resource Hash
383267c9f5ee8f68d2aa68642d500e0f471463d4781205ba8f22fa01af34f5e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://agjka2323-kitsusea.16-b.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 13:14:28 GMT
server
nginx
content-length
1157
content-type
image/png
0-pt-DX0-Hf-JCYpo9-Pcs.gif
i.ibb.co/XYqVZyc/
1 KB
1 KB
Image
General
Full URL
https://i.ibb.co/XYqVZyc/0-pt-DX0-Hf-JCYpo9-Pcs.gif
Requested by
Host: agjka2323-kitsusea.16-b.it
URL: https://agjka2323-kitsusea.16-b.it/invite.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
152.228.223.13 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190386.ip-152-228-223.eu
Software
nginx /
Resource Hash
383267c9f5ee8f68d2aa68642d500e0f471463d4781205ba8f22fa01af34f5e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://agjka2323-kitsusea.16-b.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 13:14:28 GMT
server
nginx
content-length
1157
content-type
image/png
facebook-text.png
i.ibb.co/gW6VhCg/
1 KB
1 KB
Image
General
Full URL
https://i.ibb.co/gW6VhCg/facebook-text.png
Requested by
Host: agjka2323-kitsusea.16-b.it
URL: https://agjka2323-kitsusea.16-b.it/invite.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
152.228.223.13 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190386.ip-152-228-223.eu
Software
nginx /
Resource Hash
383267c9f5ee8f68d2aa68642d500e0f471463d4781205ba8f22fa01af34f5e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://agjka2323-kitsusea.16-b.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 13:14:28 GMT
server
nginx
content-length
1157
content-type
image/png
580b57fcd9996e24bc43c543.png
rawcdn.githack.com/AlexHostX/all.asset/c529c239acac01cd8bc1a76f349f7c3caebba766/
149 KB
150 KB
Image
General
Full URL
https://rawcdn.githack.com/AlexHostX/all.asset/c529c239acac01cd8bc1a76f349f7c3caebba766/580b57fcd9996e24bc43c543.png
Requested by
Host: agjka2323-kitsusea.16-b.it
URL: https://agjka2323-kitsusea.16-b.it/invite.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.234.231 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d15c880b55b3ed610b5af0bddb63b50e386da5d32658e069dac8d8c512f801e8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://agjka2323-kitsusea.16-b.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-fastly-request-id
7f81e01a8789b2bc6f797096965e78391043afd7
date
Sat, 18 Sep 2021 13:14:28 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
347695
source-age
0
x-cache
MISS
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
152291
x-served-by
cache-bma1679-BMA
x-robots-tag
none
server
cloudflare
x-github-request-id
56DE:13FBB:158960E:16B80EA:614083A2
x-timer
S1631617954.417637,VS0,VE193
etag
W/"05133d1767c973ae3b28fd4172eac3c0366a76ff7266b4413841f9e8442ebc42"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Authorization,Accept-Encoding,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wUgopgqAT%2FdMhaEDStpwdmnQCO0TJIopirnlTvjc%2B0W3lSzF1R2hb65WP9xiYSz%2BjzgnX78A5eWNncFnX6f57IP%2BKC5AoBFN0YwuHDEYHxfHA3gymjxMqbU4hDAE%2BgcvQZyewWk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
x-githack-cache-status
STALE
cache-control
max-age=315360000, public, immutable
accept-ranges
bytes
cf-ray
690ad667b998cd9b-CDG
x-cache-hits
0
moment.min.js
cdnjs.cloudflare.com/ajax/libs/moment.js/2.13.0/
46 KB
14 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.13.0/moment.min.js
Requested by
Host: agjka2323-kitsusea.16-b.it
URL: https://agjka2323-kitsusea.16-b.it/invite.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e411c99fe4a486db34e801a53392ae86f8659eccc438944b5a062c9aaba25be
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://agjka2323-kitsusea.16-b.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 13:14:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1282735
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
13886
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:13:26 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f26-b635"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BKUmRVhS5qDyXKJ2spnCVx%2F98f73DrF7Drnf0vK4GFOL7lfN9bmNrKCeZw0RDQqXaZ7E16JaNU59YFxytSm0YLzv0p6Fa%2F5y%2FxAFzuWr2VGlPao4Vmn2plN5ryn6hZxNZRXUNyBa"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
690ad6677d7021b7-DUS
expires
Thu, 08 Sep 2022 13:14:28 GMT
jquery-3.5.1.min.js
code.jquery.com/
87 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.5.1.min.js
Requested by
Host: agjka2323-kitsusea.16-b.it
URL: https://agjka2323-kitsusea.16-b.it/invite.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://agjka2323-kitsusea.16-b.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 13:14:28 GMT
content-encoding
gzip
last-modified
Mon, 04 May 2020 23:02:39 GMT
server
nginx
etag
W/"5eb09f0f-15d84"
vary
Accept-Encoding
x-hw
1631970868.dop229.am5.t,1631970868.cds289.am5.hn,1631970868.cds203.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30879
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/
85 KB
28 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: agjka2323-kitsusea.16-b.it
URL: https://agjka2323-kitsusea.16-b.it/invite.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://agjka2323-kitsusea.16-b.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 13:14:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
229765
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
27433
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-1538f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LcLNyy%2Bp5f2BY88xQ6NM9aB6HlUCyJeHr3f7ZNGKe4qBh%2BRBsa3nCiiqpwigwCyQI3LBHYi%2FAUsQr4oeqkk%2BQFNahGWhk8ezNmPGkMmkYmj4MbogaOADm8%2FLKav%2BM2dIBXIuUpHe"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
690ad6677d6c21b7-DUS
expires
Thu, 08 Sep 2022 13:14:28 GMT
input-exception.js
rawcdn.githack.com/AlexHostX/protect/aaa1462a19b8d8b6cbd68101a5ac89f4955b49de/
9 KB
1 KB
Script
General
Full URL
https://rawcdn.githack.com/AlexHostX/protect/aaa1462a19b8d8b6cbd68101a5ac89f4955b49de/input-exception.js
Requested by
Host: agjka2323-kitsusea.16-b.it
URL: https://agjka2323-kitsusea.16-b.it/invite.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.234.231 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96df2f4735650bfe911e983781783284646ff7cc8109e0dfeb6de8056f1a7654
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://agjka2323-kitsusea.16-b.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-fastly-request-id
bb74b03f89c53f65903a1e8d041e0e9b5f40578b
date
Sat, 18 Sep 2021 13:14:28 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5440270
source-age
0
x-cache
MISS
expires
Thu, 31 Dec 2037 23:55:55 GMT
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-hel6824-HEL
x-robots-tag
none
server
cloudflare
x-github-request-id
F2BA:79D6:FFA086:118317E:60F011DA
x-timer
S1626345947.698282,VS0,VE218
etag
W/"7efc1fe69d2bae7cf5f7f6503e53cd6825675b937514a5660fadff678c23ad05"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Authorization,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hr2lKY3jD1kuLIy8SAB1uHB75rxnTVTgVocZkjvFRGE8QtcN33pwUxzKAgbiYBiDVQbqV3p6bUrcjA3jtsYZ8pbr1DLvuZ22BpxrOa1T4s8pGXSfCOBl4qkkbbaJ4%2BhsQT8RsJE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-githack-cache-status
STALE
cache-control
max-age=315360000, public, immutable
cf-ray
690ad667b994cd9b-CDG
x-cache-hits
0
watermark.css
rawcdn.githack.com/AlexHostX/protect/a64076479559076b6e31356a0fb6188d291204ce/
105 B
1 KB
Stylesheet
General
Full URL
https://rawcdn.githack.com/AlexHostX/protect/a64076479559076b6e31356a0fb6188d291204ce/watermark.css
Requested by
Host: agjka2323-kitsusea.16-b.it
URL: https://agjka2323-kitsusea.16-b.it/invite.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.234.231 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03845ae6fc5097c5f107ffc206c3fe329a962d045b23151188b6dab3ef4fbcc5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://agjka2323-kitsusea.16-b.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-fastly-request-id
dcc029460b7079d0408d67398975352052220bdd
date
Sat, 18 Sep 2021 13:14:28 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5284953
source-age
0
x-cache
MISS
expires
Thu, 31 Dec 2037 23:55:55 GMT
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-hel6832-HEL
x-robots-tag
none
server
cloudflare
x-github-request-id
B0CA:2D34:506660:5736D3:60F00525
x-timer
S1626345774.807742,VS0,VE197
etag
W/"8cbc601be6a6a4a8de11e874a08f4635bb2103954e29be8f44a2287251cf89b8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Authorization,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wOiLSp4fPGM%2F1fT8SXPDfjg7rrLJvBg8jBNn0pAEcfPvPCKzTO7XcGcTC5Ek3c7%2BjlgnCLOyEFyzgEPWexVGbSqATOkJ8l9kNGt9GVBcbrc2Ly0YWtHctOmVfayvA%2FjDQVc2JOU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-githack-cache-status
STALE
cache-control
max-age=315360000, public, immutable
cf-ray
690ad667b996cd9b-CDG
x-cache-hits
0
4e765036-1639-11e6-9201-67e728e86f39.jpg
cloud.githubusercontent.com/assets/398893/15136779/
220 KB
220 KB
Image
General
Full URL
https://cloud.githubusercontent.com/assets/398893/15136779/4e765036-1639-11e6-9201-67e728e86f39.jpg
Requested by
Host: agjka2323-kitsusea.16-b.it
URL: https://agjka2323-kitsusea.16-b.it/invite.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-133.github.com
Software
GitHub Cloud /
Resource Hash
a7c76505efe4da19696e3365b1a211614d3a0d80abea92539d316ea2df2ccea3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://agjka2323-kitsusea.16-b.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-fastly-request-id
716629e488eb35390a5020af57e03029072b811f
date
Sat, 18 Sep 2021 13:14:28 GMT
via
1.1 varnish
age
2036278
x-cache
HIT
content-length
224922
x-served-by
cache-hhn4021-HHN
last-modified
Tue, 10 May 2016 05:56:48 GMT
server
GitHub Cloud
x-timer
S1631970868.423191,VS0,VE1
etag
"f9cebf245b82051cf1e25a5c190de77d"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
https://github.com
x-cache-hits
1
Material-Design-Iconic-Font.woff2
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.1.2/fonts/
38 KB
39 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.1.2/fonts/Material-Design-Iconic-Font.woff2?v=2.1.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.1.2/css/material-design-iconic-font.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
435daf8bcdfc48055767f023bbdb91fb312d6555e9f4e6b5a15712ea3beed530
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.1.2/css/material-design-iconic-font.min.css
Origin
https://agjka2323-kitsusea.16-b.it
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 13:14:28 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
838329
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
38812
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:12:09 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ed9-979c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N8dC%2Feh%2F3%2BNF%2FyWFGmrHQJbtiGw%2BNO8zpxiTr5%2FLIR%2BYRR7bXv0cuGRRPlTxC5pnu8iY269%2F0QT4YkIoTGT2nxnit5dhYqKcrqopKCMM2LBpexlI8Qpmpa%2FNKS3OiKyV4AzwkJ6e"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
690ad6677dc3fae5-DUS
expires
Thu, 08 Sep 2022 13:14:28 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://agjka2323-kitsusea.16-b.it
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 10:50:07 GMT
x-content-type-options
nosniff
age
440661
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Sep 2022 10:50:07 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://agjka2323-kitsusea.16-b.it
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 08:46:15 GMT
x-content-type-options
nosniff
age
275293
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 15 Sep 2022 08:46:15 GMT
index.php
agjka2323-kitsusea.16-b.it/
Redirect Chain
  • https://agjka2323-kitsusea.16-b.it/invite.php
  • https://agjka2323-kitsusea.16-b.it/index.php
2 KB
2 KB
Image
General
Full URL
https://agjka2323-kitsusea.16-b.it/index.php
Requested by
Host: agjka2323-kitsusea.16-b.it
URL: https://agjka2323-kitsusea.16-b.it/invite.php
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
65.52.121.135 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/index.php
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
agjka2323-kitsusea.16-b.it
referer
https://agjka2323-kitsusea.16-b.it/invite.php
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://agjka2323-kitsusea.16-b.it/invite.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 13:14:28 GMT
content-encoding
br
server
LiteSpeed
content-length
571
vary
Accept-Encoding
content-type
text/html; charset=UTF-8

Redirect headers

date
Sat, 18 Sep 2021 13:14:28 GMT
content-encoding
br
server
LiteSpeed
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
location
index.php
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-length
17050
dfeb51e22c076b269470dea421c58bcd.jpg
i.pinimg.com/750x/df/eb/51/
80 KB
80 KB
Image
General
Full URL
https://i.pinimg.com/750x/df/eb/51/dfeb51e22c076b269470dea421c58bcd.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
33c678d15e22f448d9ab8064dea7a88cb537d35a9204d9861d188a88799bce83

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://agjka2323-kitsusea.16-b.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-cdn
akamai
akamai-grn
0.916656b8.1631970869.c83fef6c
etag
"3583a42d57d3139b49e81738d55ed2ee"
vary
Origin
content-type
image/jpeg
cache-control
immutable, max-age=31536000
accept-ranges
bytes
content-length
82034
AlexHostWA.ttf
rawcdn.githack.com/AlexHostX/all.asset/38984972fb20a70d711e86ac3e6f19e60ea8adc3/
39 KB
40 KB
Font
General
Full URL
https://rawcdn.githack.com/AlexHostX/all.asset/38984972fb20a70d711e86ac3e6f19e60ea8adc3/AlexHostWA.ttf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.231 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d8c329264275748c586498a45884c20faa1f726a5fc694c6303c72258c3f5a6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://agjka2323-kitsusea.16-b.it/
Origin
https://agjka2323-kitsusea.16-b.it
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-fastly-request-id
ba41e8129fa00577195354f1ccbeb59305468fd6
date
Sat, 18 Sep 2021 13:14:29 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
source-age
0
x-cache
MISS
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
39656
x-served-by
cache-bma1637-BMA
x-robots-tag
none
server
cloudflare
x-github-request-id
AEA6:2C25:29E52E:38A1AA:6133338F
x-timer
S1630766823.682625,VS0,VE197
etag
W/"a826496c94be0f40691957e2482d0e7cfa7fbe969bc57b7d17f58dc604b562d5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Authorization,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dPO4t47Kl5tcBViZBr75M6%2Fa3F4DZ3gC7lLO5%2BP32YlMvF1sOQegaWpO626J37syLSWB9gDwy5AdtU9rAyuFPLBaN1acft4Knrrvf7jzmBL%2FP7UbSIKI9kBY4eICg0qi%2BbawruA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-font-ttf
access-control-allow-origin
*
x-githack-cache-status
STALE
cache-control
max-age=315360000, public, immutable
accept-ranges
bytes
cf-ray
690ad66e88f539c3-CDG
x-cache-hits
0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: WhatsApp (Instant Messenger)

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| memes object| random function| myFunction object| HUB_EVENTS object| CP function| moment object| messageTime object| form object| conversation function| newMessage function| buildMessage function| animateMessage function| $ function| jQuery function| AlexHosting object| desc object| more object| _0x768a

1 Cookies

Domain/Path Name / Value
.githack.com/ Name: __cf_bm
Value: fec43e7a557596b0190bbaa803a6b9a05ab3c186-1631970868-0-Aeg6y/+tu0pXjsiz5kFlK89FFGdLcZVv4jRg2XdFVtT53WwVX3Oe1ACrHthb995eyzwRJGM26IHGZ89TreQtS44=

9 Console Messages

Source Level URL
Text
network error URL: https://i.ibb.co/R3CdPDw/20210127-024850.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://i.ibb.co/qx6q9GT/Screenshot-408.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://i.ibb.co/CwDsXX3/Screenshot-405.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://i.ibb.co/qJBTccY/Screenshot-409.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://i.ibb.co/8zsJZ1L/Screenshot-406.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://i.ibb.co/Rgw81cF/Screenshot-407.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://i.ibb.co/MNpDDYZ/Screenshot-410.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://i.ibb.co/XYqVZyc/0-pt-DX0-Hf-JCYpo9-Pcs.gif
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://i.ibb.co/gW6VhCg/facebook-text.png
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

agjka2323-kitsusea.16-b.it
cdnjs.cloudflare.com
cloud.githubusercontent.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
i.ibb.co
i.pinimg.com
rawcdn.githack.com
104.16.19.94
104.21.234.231
104.75.88.209
142.250.186.131
142.250.186.170
152.228.223.13
185.199.109.133
65.52.121.135
69.16.175.10
03845ae6fc5097c5f107ffc206c3fe329a962d045b23151188b6dab3ef4fbcc5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
33c678d15e22f448d9ab8064dea7a88cb537d35a9204d9861d188a88799bce83
383267c9f5ee8f68d2aa68642d500e0f471463d4781205ba8f22fa01af34f5e0
39cda5e7a819fe468455d1daf68a545fbe8eb07d1d9c3f0dc95c0e5b8f7c2341
435daf8bcdfc48055767f023bbdb91fb312d6555e9f4e6b5a15712ea3beed530
454aca938f1d697b34fa6f099a90d06baa7ce4ce398c9e0b46d76a2670a99f46
4e411c99fe4a486db34e801a53392ae86f8659eccc438944b5a062c9aaba25be
6daf416f915e77243b8b68baada9eae0fff34cffb447300f114757c9b488a704
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7d8c329264275748c586498a45884c20faa1f726a5fc694c6303c72258c3f5a6
96df2f4735650bfe911e983781783284646ff7cc8109e0dfeb6de8056f1a7654
a7c76505efe4da19696e3365b1a211614d3a0d80abea92539d316ea2df2ccea3
b18fbbc30fe4a27a2e1955a3bea178e5a65798d8edd01fdeadaf70c7ee359f2b
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d15c880b55b3ed610b5af0bddb63b50e386da5d32658e069dac8d8c512f801e8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549