agjka2323-kitsusea.16-b.it Open in urlscan Pro
65.52.121.135 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://agjka2323-kitsusea.16-b.it/invite.php
Submission: On September 18 via automatic, source openphish (September 18th 2021, 1:14:33 pm UTC) — Scanned from DE

Summary HTTP 29 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 9 domains to perform 29 HTTP transactions. The main IP is 65.52.121.135, located in San Jose, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is agjka2323-kitsusea.16-b.it.
TLS certificate: Issued by R3 on September 12th 2021. Valid for: 3 months.

This is the only time agjka2323-kitsusea.16-b.it was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: WhatsApp (Instant Messenger)

Domain & IP information

	IP Address	AS Autonomous System
2 5	65.52.121.135 65.52.121.135	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	104.16.19.94 104.16.19.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.186.170 142.250.186.170	15169 (GOOGLE) (GOOGLE)
2	104.75.88.209 104.75.88.209	16625 (AKAMAI-AS) (AKAMAI-AS)
9	152.228.223.13 152.228.223.13	16276 (OVH) (OVH)
4	104.21.234.231 104.21.234.231	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	69.16.175.10 69.16.175.10	20446 (HIGHWINDS3) (HIGHWINDS3)
1	185.199.109.133 185.199.109.133	54113 (FASTLY) (FASTLY)
2	142.250.186.131 142.250.186.131	15169 (GOOGLE) (GOOGLE)
29	9

5 65.52.121.135 (San Jose, United States) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

agjka2323-kitsusea.16-b.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.16.19.94 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.75.88.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-209.deploy.static.akamaitechnologies.com

i.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 152.228.223.13 (France)

ASN16276 (OVH, FR)
PTR: ns3190386.ip-152-228-223.eu

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.21.234.231 (None, )

ASN13335 (CLOUDFLARENET, US)

rawcdn.githack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.175.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.199.109.133 (United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-109-133.github.com

cloud.githubusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	ibb.co i.ibb.co	11 KB
5	cloudflare.com cdnjs.cloudflare.com	93 KB
5	16-b.it 2 redirects agjka2323-kitsusea.16-b.it	19 KB
4	githack.com rawcdn.githack.com	192 KB
2	gstatic.com fonts.gstatic.com	32 KB
2	pinimg.com i.pinimg.com	161 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	githubusercontent.com cloud.githubusercontent.com	220 KB
1	jquery.com code.jquery.com	30 KB
29	9

	Domain	Requested by
9	i.ibb.co	agjka2323-kitsusea.16-b.it
5	cdnjs.cloudflare.com	agjka2323-kitsusea.16-b.it cdnjs.cloudflare.com
5	agjka2323-kitsusea.16-b.it	2 redirects agjka2323-kitsusea.16-b.it
4	rawcdn.githack.com	agjka2323-kitsusea.16-b.it
2	fonts.gstatic.com	fonts.googleapis.com
2	i.pinimg.com	agjka2323-kitsusea.16-b.it
2	fonts.googleapis.com	agjka2323-kitsusea.16-b.it
1	cloud.githubusercontent.com	agjka2323-kitsusea.16-b.it
1	code.jquery.com	agjka2323-kitsusea.16-b.it
29	9

This site contains no links.

Subject Issuer	Validity	Valid
agjka2323-kitsusea.16-b.it R3	`2021-09-12` - `2021-12-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-05`	a year	crt.sh
ibb.co R3	`2021-08-06` - `2021-11-04`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
www.github.com DigiCert SHA2 High Assurance Server CA	`2020-05-06` - `2022-04-14`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://agjka2323-kitsusea.16-b.it/invite.php
Frame ID: C76353B71B2915274EBEF4AEA3D55FC0
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Undangan Grup WhatsApp

Page URL History Show full URLs

https://agjka2323-kitsusea.16-b.it/invite.php HTTP 302
https://agjka2323-kitsusea.16-b.it/index.php Page URL
https://agjka2323-kitsusea.16-b.it/invite.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
/([\d.]+)/jquery(?:\.min)?\.js

Page Statistics

29
Requests

100 %
HTTPS

0 %
IPv6

9
Domains

9
Subdomains

9
IPs

4
Countries

759 kB
Transfer

1061 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://agjka2323-kitsusea.16-b.it/invite.php HTTP 302
https://agjka2323-kitsusea.16-b.it/index.php Page URL
https://agjka2323-kitsusea.16-b.it/invite.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://agjka2323-kitsusea.16-b.it/invite.php HTTP 302
https://agjka2323-kitsusea.16-b.it/index.php

Request Chain 25

https://agjka2323-kitsusea.16-b.it/invite.php HTTP 302
https://agjka2323-kitsusea.16-b.it/index.php

29 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

index.php Show response
agjka2323-kitsusea.16-b.it/
Redirect Chain

https://agjka2323-kitsusea.16-b.it/invite.php
https://agjka2323-kitsusea.16-b.it/index.php

2 KB
609 B

179ms
179ms

Document
text/html

65.52.121.135
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://agjka2323-kitsusea.16-b.it/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.52.121.135 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 454aca938f1d697b34fa6f099a90d06baa7ce4ce398c9e0b46d76a2670a99f46

Request headers

:method: GET
:authority: agjka2323-kitsusea.16-b.it
:scheme: https
:path: /index.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
content-length: 571
content-encoding: br
vary: Accept-Encoding
date: Sat, 18 Sep 2021 13:14:27 GMT
server: LiteSpeed

Redirect headers

location: index.php
content-type: text/html; charset=UTF-8
content-length: 17050
content-encoding: br
vary: Accept-Encoding
date: Sat, 18 Sep 2021 13:14:27 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000

POST
H3-Q050 200 Primary Request invite.php Show response
agjka2323-kitsusea.16-b.it/ 81 KB
17 KB 294ms
171ms Document
text/html 65.52.121.135
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://agjka2323-kitsusea.16-b.it/invite.php
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 65.52.121.135 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: b18fbbc30fe4a27a2e1955a3bea178e5a65798d8edd01fdeadaf70c7ee359f2b

Request headers

:method: POST
:authority: agjka2323-kitsusea.16-b.it
:scheme: https
:path: /invite.php
content-length: 17
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://agjka2323-kitsusea.16-b.it
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://agjka2323-kitsusea.16-b.it/index.php
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: https://agjka2323-kitsusea.16-b.it
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://agjka2323-kitsusea.16-b.it/index.php

Response headers

content-type: text/html; charset=UTF-8
content-length: 17050
content-encoding: br
vary: Accept-Encoding
date: Sat, 18 Sep 2021 13:14:28 GMT
server: LiteSpeed

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 40ms
16ms Stylesheet
text/css 104.16.19.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: agjka2323-kitsusea.16-b.it
URL: https://agjka2323-kitsusea.16-b.it/invite.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://agjka2323-kitsusea.16-b.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 13:14:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 702372
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5631
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GPW5AIcL3YXlRbm4i8CXo03VLHdBrY26ugL19gj31fatqzGDmwrbBnAxqEPpiTwrkAjkSI4PYfqJwyTIof6ZRKBwu%2F9s82p4voI8Yq%2BUEHUt6SLgAAXxxmuGXbW3bflqZoGltQcl"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 690ad666fdb32151-DUS
expires: Thu, 08 Sep 2022 13:14:28 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 80ms
31ms Stylesheet
text/css 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700,300

Requested by

Host: agjka2323-kitsusea.16-b.it
URL: https://agjka2323-kitsusea.16-b.it/invite.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f10.1e100.net

Software

ESF /

Resource Hash

fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://agjka2323-kitsusea.16-b.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 18 Sep 2021 12:39:40 GMT
server: ESF
date: Sat, 18 Sep 2021 13:14:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 18 Sep 2021 13:14:28 GMT

GET
H2 200 material-design-iconic-font.min.css
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.1.2/css/ 67 KB
6 KB 41ms
17ms Stylesheet
text/css 104.16.19.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.1.2/css/material-design-iconic-font.min.css

Requested by

Host: agjka2323-kitsusea.16-b.it
URL: https://agjka2323-kitsusea.16-b.it/invite.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6daf416f915e77243b8b68baada9eae0fff34cffb447300f114757c9b488a704

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://agjka2323-kitsusea.16-b.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 13:14:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 686616
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5630
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:12:09 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed9-10ad7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ho2Cx7VX4daAiIGCKApjuUfC1rlVTGIuU0t4mZ6Sp3DkztD4kBwLqbyxP2fmbmxAx%2FKFX%2B8R%2FVj3%2FY4A36cB2TVLMm54JbZj41IoIXjoFtLLPDBBEMMav6JFTc1g5vX2tBpdXCHh"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 690ad666fdb52151-DUS
expires: Thu, 08 Sep 2022 13:14:28 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
519 B 88ms
39ms Stylesheet
text/css 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Yantramanav&display=swap

Requested by

Host: agjka2323-kitsusea.16-b.it
URL: https://agjka2323-kitsusea.16-b.it/invite.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f10.1e100.net

Software

ESF /

Resource Hash

39cda5e7a819fe468455d1daf68a545fbe8eb07d1d9c3f0dc95c0e5b8f7c2341

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 18 Sep 2021 13:14:28 GMT
server: ESF
date: Sat, 18 Sep 2021 13:14:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 18 Sep 2021 13:14:28 GMT

GET
H2 200 dfeb51e22c076b269470dea421c58bcd.jpg
i.pinimg.com/750x/df/eb/51/ 80 KB
80 KB 274ms
143ms Image
image/jpeg 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/750x/df/eb/51/dfeb51e22c076b269470dea421c58bcd.jpg
Requested by: Host: agjka2323-kitsusea.16-b.it
URL: https://agjka2323-kitsusea.16-b.it/invite.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-209.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 33c678d15e22f448d9ab8064dea7a88cb537d35a9204d9861d188a88799bce83

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://agjka2323-kitsusea.16-b.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-cdn: akamai
akamai-grn: 0.916656b8.1631970868.c83fdf32
etag: "3583a42d57d3139b49e81738d55ed2ee"
vary: Origin
content-type: image/jpeg
cache-control: immutable, max-age=31536000
accept-ranges: bytes
content-length: 82034

GET
H2 404 20210127-024850.png
i.ibb.co/R3CdPDw/ 1 KB
1 KB 47ms
14ms Image
image/png 152.228.223.13
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/R3CdPDw/20210127-024850.png
Requested by: Host: agjka2323-kitsusea.16-b.it
URL: https://agjka2323-kitsusea.16-b.it/invite.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 152.228.223.13 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190386.ip-152-228-223.eu
Software: nginx /
Resource Hash: 383267c9f5ee8f68d2aa68642d500e0f471463d4781205ba8f22fa01af34f5e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://agjka2323-kitsusea.16-b.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 13:14:28 GMT
server: nginx
content-length: 1157
content-type: image/png

GET
H2 404 Screenshot-408.png
i.ibb.co/qx6q9GT/ 1 KB
1 KB 47ms
14ms Image
image/png 152.228.223.13
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/qx6q9GT/Screenshot-408.png
Requested by: Host: agjka2323-kitsusea.16-b.it
URL: https://agjka2323-kitsusea.16-b.it/invite.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 152.228.223.13 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190386.ip-152-228-223.eu
Software: nginx /
Resource Hash: 383267c9f5ee8f68d2aa68642d500e0f471463d4781205ba8f22fa01af34f5e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://agjka2323-kitsusea.16-b.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 13:14:28 GMT
server: nginx
content-length: 1157
content-type: image/png

GET
H2 404 Screenshot-405.png
i.ibb.co/CwDsXX3/ 1 KB
1 KB 47ms
15ms Image
image/png 152.228.223.13
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/CwDsXX3/Screenshot-405.png
Requested by: Host: agjka2323-kitsusea.16-b.it
URL: https://agjka2323-kitsusea.16-b.it/invite.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 152.228.223.13 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190386.ip-152-228-223.eu
Software: nginx /
Resource Hash: 383267c9f5ee8f68d2aa68642d500e0f471463d4781205ba8f22fa01af34f5e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://agjka2323-kitsusea.16-b.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 13:14:28 GMT
server: nginx
content-length: 1157
content-type: image/png

GET
H2 404 Screenshot-409.png
i.ibb.co/qJBTccY/ 1 KB
1 KB 47ms
15ms Image
image/png 152.228.223.13
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/qJBTccY/Screenshot-409.png
Requested by: Host: agjka2323-kitsusea.16-b.it
URL: https://agjka2323-kitsusea.16-b.it/invite.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 152.228.223.13 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190386.ip-152-228-223.eu
Software: nginx /
Resource Hash: 383267c9f5ee8f68d2aa68642d500e0f471463d4781205ba8f22fa01af34f5e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://agjka2323-kitsusea.16-b.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 13:14:28 GMT
server: nginx
content-length: 1157
content-type: image/png

GET
H2 404 Screenshot-407.png
i.ibb.co/Rgw81cF/ 1 KB
1 KB 47ms
15ms Image
image/png 152.228.223.13
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/Rgw81cF/Screenshot-407.png
Requested by: Host: agjka2323-kitsusea.16-b.it
URL: https://agjka2323-kitsusea.16-b.it/invite.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 152.228.223.13 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190386.ip-152-228-223.eu
Software: nginx /
Resource Hash: 383267c9f5ee8f68d2aa68642d500e0f471463d4781205ba8f22fa01af34f5e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://agjka2323-kitsusea.16-b.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 13:14:28 GMT
server: nginx
content-length: 1157
content-type: image/png

GET
H2 404 Screenshot-406.png
i.ibb.co/8zsJZ1L/ 1 KB
1 KB 47ms
15ms Image
image/png 152.228.223.13
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/8zsJZ1L/Screenshot-406.png
Requested by: Host: agjka2323-kitsusea.16-b.it
URL: https://agjka2323-kitsusea.16-b.it/invite.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 152.228.223.13 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190386.ip-152-228-223.eu
Software: nginx /
Resource Hash: 383267c9f5ee8f68d2aa68642d500e0f471463d4781205ba8f22fa01af34f5e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://agjka2323-kitsusea.16-b.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 13:14:28 GMT
server: nginx
content-length: 1157
content-type: image/png

GET
H2 404 Screenshot-410.png
i.ibb.co/MNpDDYZ/ 1 KB
1 KB 15ms
14ms Image
image/png 152.228.223.13
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/MNpDDYZ/Screenshot-410.png
Requested by: Host: agjka2323-kitsusea.16-b.it
URL: https://agjka2323-kitsusea.16-b.it/invite.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 152.228.223.13 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190386.ip-152-228-223.eu
Software: nginx /
Resource Hash: 383267c9f5ee8f68d2aa68642d500e0f471463d4781205ba8f22fa01af34f5e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://agjka2323-kitsusea.16-b.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 13:14:28 GMT
server: nginx
content-length: 1157
content-type: image/png

GET
H2 404 0-pt-DX0-Hf-JCYpo9-Pcs.gif
i.ibb.co/XYqVZyc/ 1 KB
1 KB 15ms
15ms Image
image/png 152.228.223.13
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/XYqVZyc/0-pt-DX0-Hf-JCYpo9-Pcs.gif
Requested by: Host: agjka2323-kitsusea.16-b.it
URL: https://agjka2323-kitsusea.16-b.it/invite.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 152.228.223.13 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190386.ip-152-228-223.eu
Software: nginx /
Resource Hash: 383267c9f5ee8f68d2aa68642d500e0f471463d4781205ba8f22fa01af34f5e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://agjka2323-kitsusea.16-b.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 13:14:28 GMT
server: nginx
content-length: 1157
content-type: image/png

GET
H2 404 facebook-text.png
i.ibb.co/gW6VhCg/ 1 KB
1 KB 19ms
19ms Image
image/png 152.228.223.13
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/gW6VhCg/facebook-text.png
Requested by: Host: agjka2323-kitsusea.16-b.it
URL: https://agjka2323-kitsusea.16-b.it/invite.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 152.228.223.13 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190386.ip-152-228-223.eu
Software: nginx /
Resource Hash: 383267c9f5ee8f68d2aa68642d500e0f471463d4781205ba8f22fa01af34f5e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://agjka2323-kitsusea.16-b.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 13:14:28 GMT
server: nginx
content-length: 1157
content-type: image/png

GET
H2 200 580b57fcd9996e24bc43c543.png
rawcdn.githack.com/AlexHostX/all.asset/c529c239acac01cd8bc1a76f349f7c3caebba766/ 149 KB
150 KB 69ms
29ms Image
image/png 104.21.234.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rawcdn.githack.com/AlexHostX/all.asset/c529c239acac01cd8bc1a76f349f7c3caebba766/580b57fcd9996e24bc43c543.png

Requested by

Host: agjka2323-kitsusea.16-b.it
URL: https://agjka2323-kitsusea.16-b.it/invite.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.234.231 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d15c880b55b3ed610b5af0bddb63b50e386da5d32658e069dac8d8c512f801e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://agjka2323-kitsusea.16-b.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-fastly-request-id: 7f81e01a8789b2bc6f797096965e78391043afd7
date: Sat, 18 Sep 2021 13:14:28 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 347695
source-age: 0
x-cache: MISS
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 152291
x-served-by: cache-bma1679-BMA
x-robots-tag: none
server: cloudflare
x-github-request-id: 56DE:13FBB:158960E:16B80EA:614083A2
x-timer: S1631617954.417637,VS0,VE193
etag: W/"05133d1767c973ae3b28fd4172eac3c0366a76ff7266b4413841f9e8442ebc42"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Authorization,Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wUgopgqAT%2FdMhaEDStpwdmnQCO0TJIopirnlTvjc%2B0W3lSzF1R2hb65WP9xiYSz%2BjzgnX78A5eWNncFnX6f57IP%2BKC5AoBFN0YwuHDEYHxfHA3gymjxMqbU4hDAE%2BgcvQZyewWk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
x-githack-cache-status: STALE
cache-control: max-age=315360000, public, immutable
accept-ranges: bytes
cf-ray: 690ad667b998cd9b-CDG
x-cache-hits: 0

GET
H3 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.13.0/ 46 KB
14 KB 50ms
37ms Script
application/javascript 104.16.19.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.13.0/moment.min.js

Requested by

Host: agjka2323-kitsusea.16-b.it
URL: https://agjka2323-kitsusea.16-b.it/invite.php

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e411c99fe4a486db34e801a53392ae86f8659eccc438944b5a062c9aaba25be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://agjka2323-kitsusea.16-b.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 13:14:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1282735
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13886
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-b635"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BKUmRVhS5qDyXKJ2spnCVx%2F98f73DrF7Drnf0vK4GFOL7lfN9bmNrKCeZw0RDQqXaZ7E16JaNU59YFxytSm0YLzv0p6Fa%2F5y%2FxAFzuWr2VGlPao4Vmn2plN5ryn6hZxNZRXUNyBa"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 690ad6677d7021b7-DUS
expires: Thu, 08 Sep 2022 13:14:28 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 47ms
17ms Script
application/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: agjka2323-kitsusea.16-b.it
URL: https://agjka2323-kitsusea.16-b.it/invite.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://agjka2323-kitsusea.16-b.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 13:14:28 GMT
content-encoding: gzip
last-modified: Mon, 04 May 2020 23:02:39 GMT
server: nginx
etag: W/"5eb09f0f-15d84"
vary: Accept-Encoding
x-hw: 1631970868.dop229.am5.t,1631970868.cds289.am5.hn,1631970868.cds203.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 85 KB
28 KB 31ms
26ms Script
application/javascript 104.16.19.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: agjka2323-kitsusea.16-b.it
URL: https://agjka2323-kitsusea.16-b.it/invite.php

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://agjka2323-kitsusea.16-b.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 13:14:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 229765
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 27433
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1538f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LcLNyy%2Bp5f2BY88xQ6NM9aB6HlUCyJeHr3f7ZNGKe4qBh%2BRBsa3nCiiqpwigwCyQI3LBHYi%2FAUsQr4oeqkk%2BQFNahGWhk8ezNmPGkMmkYmj4MbogaOADm8%2FLKav%2BM2dIBXIuUpHe"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 690ad6677d6c21b7-DUS
expires: Thu, 08 Sep 2022 13:14:28 GMT

GET
H2 200 input-exception.js Show response
rawcdn.githack.com/AlexHostX/protect/aaa1462a19b8d8b6cbd68101a5ac89f4955b49de/ 9 KB
1 KB 102ms
47ms Script
application/javascript 104.21.234.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawcdn.githack.com/AlexHostX/protect/aaa1462a19b8d8b6cbd68101a5ac89f4955b49de/input-exception.js

Requested by

Host: agjka2323-kitsusea.16-b.it
URL: https://agjka2323-kitsusea.16-b.it/invite.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.234.231 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96df2f4735650bfe911e983781783284646ff7cc8109e0dfeb6de8056f1a7654

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://agjka2323-kitsusea.16-b.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-fastly-request-id: bb74b03f89c53f65903a1e8d041e0e9b5f40578b
date: Sat, 18 Sep 2021 13:14:28 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5440270
source-age: 0
x-cache: MISS
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-hel6824-HEL
x-robots-tag: none
server: cloudflare
x-github-request-id: F2BA:79D6:FFA086:118317E:60F011DA
x-timer: S1626345947.698282,VS0,VE218
etag: W/"7efc1fe69d2bae7cf5f7f6503e53cd6825675b937514a5660fadff678c23ad05"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Authorization,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hr2lKY3jD1kuLIy8SAB1uHB75rxnTVTgVocZkjvFRGE8QtcN33pwUxzKAgbiYBiDVQbqV3p6bUrcjA3jtsYZ8pbr1DLvuZ22BpxrOa1T4s8pGXSfCOBl4qkkbbaJ4%2BhsQT8RsJE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-githack-cache-status: STALE
cache-control: max-age=315360000, public, immutable
cf-ray: 690ad667b994cd9b-CDG
x-cache-hits: 0

GET
H2 200 watermark.css
rawcdn.githack.com/AlexHostX/protect/a64076479559076b6e31356a0fb6188d291204ce/ 105 B
1 KB 78ms
24ms Stylesheet
text/css 104.21.234.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawcdn.githack.com/AlexHostX/protect/a64076479559076b6e31356a0fb6188d291204ce/watermark.css

Requested by

Host: agjka2323-kitsusea.16-b.it
URL: https://agjka2323-kitsusea.16-b.it/invite.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.234.231 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03845ae6fc5097c5f107ffc206c3fe329a962d045b23151188b6dab3ef4fbcc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://agjka2323-kitsusea.16-b.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-fastly-request-id: dcc029460b7079d0408d67398975352052220bdd
date: Sat, 18 Sep 2021 13:14:28 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5284953
source-age: 0
x-cache: MISS
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-hel6832-HEL
x-robots-tag: none
server: cloudflare
x-github-request-id: B0CA:2D34:506660:5736D3:60F00525
x-timer: S1626345774.807742,VS0,VE197
etag: W/"8cbc601be6a6a4a8de11e874a08f4635bb2103954e29be8f44a2287251cf89b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Authorization,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wOiLSp4fPGM%2F1fT8SXPDfjg7rrLJvBg8jBNn0pAEcfPvPCKzTO7XcGcTC5Ek3c7%2BjlgnCLOyEFyzgEPWexVGbSqATOkJ8l9kNGt9GVBcbrc2Ly0YWtHctOmVfayvA%2FjDQVc2JOU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-githack-cache-status: STALE
cache-control: max-age=315360000, public, immutable
cf-ray: 690ad667b996cd9b-CDG
x-cache-hits: 0

GET
H2 200 4e765036-1639-11e6-9201-67e728e86f39.jpg
cloud.githubusercontent.com/assets/398893/15136779/ 220 KB
220 KB 40ms
8ms Image
image/jpeg 185.199.109.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloud.githubusercontent.com/assets/398893/15136779/4e765036-1639-11e6-9201-67e728e86f39.jpg
Requested by: Host: agjka2323-kitsusea.16-b.it
URL: https://agjka2323-kitsusea.16-b.it/invite.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.109.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-109-133.github.com
Software: GitHub Cloud /
Resource Hash: a7c76505efe4da19696e3365b1a211614d3a0d80abea92539d316ea2df2ccea3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://agjka2323-kitsusea.16-b.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-fastly-request-id: 716629e488eb35390a5020af57e03029072b811f
date: Sat, 18 Sep 2021 13:14:28 GMT
via: 1.1 varnish
age: 2036278
x-cache: HIT
content-length: 224922
x-served-by: cache-hhn4021-HHN
last-modified: Tue, 10 May 2016 05:56:48 GMT
server: GitHub Cloud
x-timer: S1631970868.423191,VS0,VE1
etag: "f9cebf245b82051cf1e25a5c190de77d"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: https://github.com
x-cache-hits: 1

GET
H3 200 Material-Design-Iconic-Font.woff2
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.1.2/fonts/ 38 KB
39 KB 34ms
19ms Font
application/octet-stream 104.16.19.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.1.2/fonts/Material-Design-Iconic-Font.woff2?v=2.1.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.1.2/css/material-design-iconic-font.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

435daf8bcdfc48055767f023bbdb91fb312d6555e9f4e6b5a15712ea3beed530

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.1.2/css/material-design-iconic-font.min.css
Origin: https://agjka2323-kitsusea.16-b.it
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 13:14:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 838329
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 38812
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:12:09 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed9-979c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N8dC%2Feh%2F3%2BNF%2FyWFGmrHQJbtiGw%2BNO8zpxiTr5%2FLIR%2BYRR7bXv0cuGRRPlTxC5pnu8iY269%2F0QT4YkIoTGT2nxnit5dhYqKcrqopKCMM2LBpexlI8Qpmpa%2FNKS3OiKyV4AzwkJ6e"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 690ad6677dc3fae5-DUS
expires: Thu, 08 Sep 2022 13:14:28 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
16 KB 82ms
25ms Font
font/woff2 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://agjka2323-kitsusea.16-b.it
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 10:50:07 GMT
x-content-type-options: nosniff
age: 440661
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Sep 2022 10:50:07 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
16 KB 104ms
47ms Font
font/woff2 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://agjka2323-kitsusea.16-b.it
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 08:46:15 GMT
x-content-type-options: nosniff
age: 275293
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Sep 2022 08:46:15 GMT

GET
H3-Q050

200

index.php
agjka2323-kitsusea.16-b.it/
Redirect Chain

https://agjka2323-kitsusea.16-b.it/invite.php
https://agjka2323-kitsusea.16-b.it/index.php

2 KB
2 KB

182ms
182ms

Image
text/html

65.52.121.135
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agjka2323-kitsusea.16-b.it/index.php
Requested by: Host: agjka2323-kitsusea.16-b.it
URL: https://agjka2323-kitsusea.16-b.it/invite.php
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 65.52.121.135 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /index.php
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: agjka2323-kitsusea.16-b.it
referer: https://agjka2323-kitsusea.16-b.it/invite.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://agjka2323-kitsusea.16-b.it/invite.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 13:14:28 GMT
content-encoding: br
server: LiteSpeed
content-length: 571
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

Redirect headers

date: Sat, 18 Sep 2021 13:14:28 GMT
content-encoding: br
server: LiteSpeed
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
location: index.php
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-length: 17050

GET
H2 200 dfeb51e22c076b269470dea421c58bcd.jpg
i.pinimg.com/750x/df/eb/51/ 80 KB
80 KB 28ms
28ms Image
image/jpeg 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/750x/df/eb/51/dfeb51e22c076b269470dea421c58bcd.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-209.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 33c678d15e22f448d9ab8064dea7a88cb537d35a9204d9861d188a88799bce83

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://agjka2323-kitsusea.16-b.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-cdn: akamai
akamai-grn: 0.916656b8.1631970869.c83fef6c
etag: "3583a42d57d3139b49e81738d55ed2ee"
vary: Origin
content-type: image/jpeg
cache-control: immutable, max-age=31536000
accept-ranges: bytes
content-length: 82034

GET
H3 200 AlexHostWA.ttf
rawcdn.githack.com/AlexHostX/all.asset/38984972fb20a70d711e86ac3e6f19e60ea8adc3/ 39 KB
40 KB 166ms
145ms Font
application/x-font-ttf 104.21.234.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawcdn.githack.com/AlexHostX/all.asset/38984972fb20a70d711e86ac3e6f19e60ea8adc3/AlexHostWA.ttf

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.234.231 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d8c329264275748c586498a45884c20faa1f726a5fc694c6303c72258c3f5a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://agjka2323-kitsusea.16-b.it/
Origin: https://agjka2323-kitsusea.16-b.it
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-fastly-request-id: ba41e8129fa00577195354f1ccbeb59305468fd6
date: Sat, 18 Sep 2021 13:14:29 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
source-age: 0
x-cache: MISS
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 39656
x-served-by: cache-bma1637-BMA
x-robots-tag: none
server: cloudflare
x-github-request-id: AEA6:2C25:29E52E:38A1AA:6133338F
x-timer: S1630766823.682625,VS0,VE197
etag: W/"a826496c94be0f40691957e2482d0e7cfa7fbe969bc57b7d17f58dc604b562d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Authorization,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dPO4t47Kl5tcBViZBr75M6%2Fa3F4DZ3gC7lLO5%2BP32YlMvF1sOQegaWpO626J37syLSWB9gDwy5AdtU9rAyuFPLBaN1acft4Knrrvf7jzmBL%2FP7UbSIKI9kBY4eICg0qi%2BbawruA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-font-ttf
access-control-allow-origin: *
x-githack-cache-status: STALE
cache-control: max-age=315360000, public, immutable
accept-ranges: bytes
cf-ray: 690ad66e88f539c3-CDG
x-cache-hits: 0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: WhatsApp (Instant Messenger)

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.githack.com/	1970-01-19 21:19:32	Name: __cf_bm Value: fec43e7a557596b0190bbaa803a6b9a05ab3c186-1631970868-0-Aeg6y/+tu0pXjsiz5kFlK89FFGdLcZVv4jRg2XdFVtT53WwVX3Oe1ACrHthb995eyzwRJGM26IHGZ89TreQtS44=

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://i.ibb.co/R3CdPDw/20210127-024850.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://i.ibb.co/qx6q9GT/Screenshot-408.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://i.ibb.co/CwDsXX3/Screenshot-405.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://i.ibb.co/qJBTccY/Screenshot-409.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://i.ibb.co/8zsJZ1L/Screenshot-406.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://i.ibb.co/Rgw81cF/Screenshot-407.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://i.ibb.co/MNpDDYZ/Screenshot-410.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://i.ibb.co/XYqVZyc/0-pt-DX0-Hf-JCYpo9-Pcs.gif Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://i.ibb.co/gW6VhCg/facebook-text.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

agjka2323-kitsusea.16-b.it
cdnjs.cloudflare.com
cloud.githubusercontent.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
i.ibb.co
i.pinimg.com
rawcdn.githack.com
104.16.19.94
104.21.234.231
104.75.88.209
142.250.186.131
142.250.186.170
152.228.223.13
185.199.109.133
65.52.121.135
69.16.175.10
03845ae6fc5097c5f107ffc206c3fe329a962d045b23151188b6dab3ef4fbcc5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
33c678d15e22f448d9ab8064dea7a88cb537d35a9204d9861d188a88799bce83
383267c9f5ee8f68d2aa68642d500e0f471463d4781205ba8f22fa01af34f5e0
39cda5e7a819fe468455d1daf68a545fbe8eb07d1d9c3f0dc95c0e5b8f7c2341
435daf8bcdfc48055767f023bbdb91fb312d6555e9f4e6b5a15712ea3beed530
454aca938f1d697b34fa6f099a90d06baa7ce4ce398c9e0b46d76a2670a99f46
4e411c99fe4a486db34e801a53392ae86f8659eccc438944b5a062c9aaba25be
6daf416f915e77243b8b68baada9eae0fff34cffb447300f114757c9b488a704
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7d8c329264275748c586498a45884c20faa1f726a5fc694c6303c72258c3f5a6
96df2f4735650bfe911e983781783284646ff7cc8109e0dfeb6de8056f1a7654
a7c76505efe4da19696e3365b1a211614d3a0d80abea92539d316ea2df2ccea3
b18fbbc30fe4a27a2e1955a3bea178e5a65798d8edd01fdeadaf70c7ee359f2b
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d15c880b55b3ed610b5af0bddb63b50e386da5d32658e069dac8d8c512f801e8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549

agjka2323-kitsusea.16-b.it Open in urlscan Pro 65.52.121.135 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

29 Requests

100 %HTTPS

0 %IPv6

9 Domains

9 Subdomains

9 IPs

4 Countries

759 kBTransfer

1061 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

agjka2323-kitsusea.16-b.it Open in urlscan Pro
65.52.121.135 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

100 %
HTTPS

0 %
IPv6

9
Domains

9
Subdomains

9
IPs

4
Countries

759 kB
Transfer

1061 kB
Size

1
Cookies

29 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!