urlscan.io logo urlscan.io
SecurityTrails logo

away.bettershitecolumn.com Open in urlscan Pro
91.211.91.104  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://muslslaty.com/Web/webmail/home.php?reason=1&trk
Effective URL: https://away.bettershitecolumn.com/hit.php?nid=54889&yid=9554-66-457679-29
Submission Tags: falconsandbox
Submission: On September 27 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 20 HTTP transactions. The main IP is 91.211.91.104, located in and belongs to . The main domain is away.bettershitecolumn.com.
TLS certificate: Issued by R3 on August 31st 2022. Valid for: 3 months.
This is the only time away.bettershitecolumn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 2606:4700:303... 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 91.211.91.114 206638 (HOSTFORY)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 91.211.91.104 ()
20 6
8    2606:4700:3033::ac43:d074 (United States)

ASN13335 (CLOUDFLARENET, US)
muslslaty.com
4    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    91.211.91.114 (Ukraine)

ASN206638 (HOSTFORY, UA)
simple.cofounderspecials.com
cdn.weatherplllatform.com
2    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    91.211.91.104 (None, )

ASN- ()
away.bettershitecolumn.com
Apex Domain
Subdomains		 Transfer
8 muslslaty.com
muslslaty.com
69 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 209
195 KB
2 bettershitecolumn.com
away.bettershitecolumn.com Failed
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
20 KB
1 weatherplllatform.com
cdn.weatherplllatform.com — Cisco Umbrella Rank: 584511
2 KB
1 cofounderspecials.com
simple.cofounderspecials.com
818 B
0 cawanmyoropurka.gq Failed
cawanmyoropurka.gq Failed
20 7
Domain Requested by
8 muslslaty.com muslslaty.com
4 cdnjs.cloudflare.com muslslaty.com
cdnjs.cloudflare.com
2 away.bettershitecolumn.com cdn.weatherplllatform.com
2 www.google-analytics.com muslslaty.com
www.google-analytics.com
1 cdn.weatherplllatform.com muslslaty.com
1 simple.cofounderspecials.com muslslaty.com
0 cawanmyoropurka.gq Failed away.bettershitecolumn.com
20 7

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-23 -
2023-01-23		 a year crt.sh
simple.cofounderspecials.com
R3		 2022-08-20 -
2022-11-18		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
cdn.weatherplllatform.com
R3		 2022-09-14 -
2022-12-13		 3 months crt.sh
away.bettershitecolumn.com
R3		 2022-08-31 -
2022-11-29		 3 months crt.sh

This page contains 1 frames:

Frame: https://cawanmyoropurka.gq/help/?23071650902120
Frame ID: 9EFD5224E46DD658F5F88DB7362181AF
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://muslslaty.com/Web/webmail/home.php?reason=1&trk Page URL
  2. https://away.bettershitecolumn.com/hit.php?a=1311&b=334-1166-567334-46 HTTP 302
    https://away.bettershitecolumn.com/hit.php?nid=54889&yid=9554-66-457679-29 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

85 %
HTTPS

60 %
IPv6

7
Domains

7
Subdomains

6
IPs

3
Countries

288 kB
Transfer

696 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://muslslaty.com/Web/webmail/home.php?reason=1&trk Page URL
  2. https://away.bettershitecolumn.com/hit.php?a=1311&b=334-1166-567334-46 HTTP 302
    https://away.bettershitecolumn.com/hit.php?nid=54889&yid=9554-66-457679-29 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
home.php
muslslaty.com/Web/webmail/ 		25 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://muslslaty.com/Web/webmail/home.php?reason=1&trk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:d074 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a59c4ec14f240087b3c124d91d60ea45de9de350cb0e08ad93ee79306aba3b7a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
751285f98aa09096-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 27 Sep 2022 07:28:35 GMT
expires
Wed, 11 Jan 1984 05:00:00 GMT
link
<https://muslslaty.com/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FiCwpmc28pb%2FSPxRN7bR1FWelEH1n1asZkszcO14I8QYI1uRweWVgyOGaI5T1dIXJOxzRGJvzb5CA3LGVdGEPVV5x12%2FhbAhrlZpNAJ%2FTOGdjtzdYpPvKRhgh%2FYDLARjEAE5Mj9GpCKAmG5V"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
style-rtl.min.css
muslslaty.com/wp-includes/css/dist/block-library/ 		87 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://muslslaty.com/wp-includes/css/dist/block-library/style-rtl.min.css?ver=6.0.2
Requested by
Host: muslslaty.com
URL: https://muslslaty.com/Web/webmail/home.php?reason=1&trk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:d074 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
564f37c76d73946c72b6466889f189406262443e8fbab414b00579a2f7c579d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://muslslaty.com/Web/webmail/home.php?reason=1&trk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 07:28:35 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 12 Jul 2022 21:21:16 GMT
server
cloudflare
etag
W/"62cde5cc-15ac5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nwt8vhNbOExAVp%2FCSFL3MmzJw5dPHzDTv3KOFpuOpzc8EAKlAoJeErSLhHiBFWWjqBiwUfTtyCOg99EIJYocL%2BvC0UCHbzDuZyQCdVP6Phi2Pb9NDcY3dZQibBR%2BmaP5UEBwGf5YoKr8SVfO"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
751285fcbe549096-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
wp-emoji-release.min.js
muslslaty.com/wp-includes/js/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://muslslaty.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
Requested by
Host: muslslaty.com
URL: https://muslslaty.com/Web/webmail/home.php?reason=1&trk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:d074 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b85976dfe10ce7e71b07d02ecc20c145275419adb0358b7a56add6ba44e4fb6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://muslslaty.com/Web/webmail/home.php?reason=1&trk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 07:28:35 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 20 Aug 2022 10:23:08 GMT
server
cloudflare
etag
W/"6300b60c-4b7d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f20kcKatxPF8ZeoBo164lKKhoX3m3sYVeMf7BAQD2YbgZiFw1hje94PdjuAmJwAN3XRHd9QeJThqioQ%2FKzpw5DV9P%2Fe90evLINlToX75YKDBs2dTAFO6ngGekTtgZZDKiAZMAvBSQcJgKRdJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
751285fcdee49b7c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/ 		58 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Requested by
Host: muslslaty.com
URL: https://muslslaty.com/Web/webmail/home.php?reason=1&trk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://muslslaty.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 07:28:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1274747
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10491
timing-allow-origin
*
last-modified
Mon, 05 Oct 2020 17:43:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f7b5b5f-e7d0"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PSS%2FJLmViV80p1Q3jfeU%2FPCneL0GoFXFV7hOLZYo2Czepw6Jx2hjuoeIJ%2FaagUc3mHmFhN51ISp2BgU8CWgy65E5NftvbJiu1MO8b7VjZN6K9Cxvx7H4x2qob%2FUG5HxJhmLqqqOb0pWg0xJR6VWkVf0t"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
751285fd28966951-FRA
expires
Sun, 17 Sep 2023 07:28:35 GMT
bootstrap.rtl.min.css
muslslaty.com/wp-content/themes/boxnews/assets/css/ 		150 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://muslslaty.com/wp-content/themes/boxnews/assets/css/bootstrap.rtl.min.css
Requested by
Host: muslslaty.com
URL: https://muslslaty.com/Web/webmail/home.php?reason=1&trk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:d074 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b023b1d27287f33aa24ac8f77d5d5f2ca9688eba142a9656927bbd778894614

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://muslslaty.com/Web/webmail/home.php?reason=1&trk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 07:28:35 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 29 Mar 2021 10:04:02 GMT
server
cloudflare
etag
W/"6061a612-25680"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G4HCSxz4V%2FpEsZvriG4Du7e%2FSErpa8JkLiRVHOl%2FGKxF1Zy5QAf2C1BsNnN%2F1NUJX8wm6qWh%2FQsdLbdw9O6ClQWo6hCbeNlfuWEkGq3bOFWRVhAawlZaaKpe9s3luAc3w%2F3cFvZZKmI%2BpQIZ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
751285fcdee89b7c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
style.css
muslslaty.com/wp-content/themes/boxnews/ 		39 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://muslslaty.com/wp-content/themes/boxnews/style.css?ver=28.00
Requested by
Host: muslslaty.com
URL: https://muslslaty.com/Web/webmail/home.php?reason=1&trk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:d074 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1e8933e70e593da5ec6d95a383b04878d1b720b77777916cf8e7fe7431ef9d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://muslslaty.com/Web/webmail/home.php?reason=1&trk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 07:28:35 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 29 Mar 2021 10:04:02 GMT
server
cloudflare
etag
W/"6061a612-9d6e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lZVYMkFx9Qd2xYnpQ%2F%2FQpa44WNU9cVDQ%2Bj2H%2FaOccS%2FBuZzKPYX9zYkkPjUEP%2FI92P1IuUxPYGnXbs0OxAGmISWC5go5GbJhOGCIvXpIFEvDXtDUf37gCOMXYQhkqnsZH3GCn%2B%2BGwXBsKG%2FT"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
751285fcdeea9b7c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
Tajawal.woff2
muslslaty.com/wp-content/themes/boxnews/assets/fonts/ 		8 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://muslslaty.com/wp-content/themes/boxnews/assets/fonts/Tajawal.woff2
Requested by
Host: muslslaty.com
URL: https://muslslaty.com/Web/webmail/home.php?reason=1&trk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:d074 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0d3610919043227b56c8d5130e2ead271a067bb1b930678d5af24bbbae7c16f

Request headers

Referer
https://muslslaty.com/Web/webmail/home.php?reason=1&trk
Origin
https://muslslaty.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 07:28:35 GMT
cf-cache-status
MISS
last-modified
Mon, 29 Mar 2021 10:04:02 GMT
server
cloudflare
etag
"2128-5beaa00482880"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OKXVBOrnNik1T25Q2E5H7%2F96U4gk%2BagLUk83eI5bTtpZDcpAb3tYqSjWrw47sHH6Vr8BKb%2FJXds%2FhS4u%2FAf8SZQOsieiiW%2FDWavNU%2FbVAuyaJXzmwpS9vaNowzXMMi%2Bbx4bDxjDJH%2FyEdmAI"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
751285fcdeed9b7c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8488
cropped-logo-moslslaty.png
muslslaty.com/wp-content/uploads/2021/02/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://muslslaty.com/wp-content/uploads/2021/02/cropped-logo-moslslaty.png
Requested by
Host: muslslaty.com
URL: https://muslslaty.com/Web/webmail/home.php?reason=1&trk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:d074 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
213cd2a475302f6c7328a4b34b37594d04455ca8d01062f35bf1a5cf7d408f2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://muslslaty.com/Web/webmail/home.php?reason=1&trk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 07:28:35 GMT
cf-cache-status
MISS
last-modified
Fri, 19 Feb 2021 12:16:03 GMT
server
cloudflare
etag
"602fac03-903"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZmLEcOL6G%2BDDaudtYhbfJL9ONpeYnpTEPX0zCw62C%2BxRc9C8weHNQUn38MdLSy8WTiQBM%2BJ6qdQxIPmKus%2BZAQmoNYzgkngwsjjmZuYX0SGKZa7ldhjs%2FpqDZWZyS5B8GFMvNX1dbmQ9OIzX"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
751285fcdeee9b7c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2307
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: muslslaty.com
URL: https://muslslaty.com/Web/webmail/home.php?reason=1&trk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://muslslaty.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 07:28:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1274764
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27958
timing-allow-origin
*
last-modified
Mon, 04 May 2020 23:01:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb09ed3-15d84"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H4NuA7cvDsd1NZ8lf%2BPeOnhwsrLagEYD8GZaua8MYD%2BsRA4GgzYkUHP0v%2FJsIVV53KdUwgUlShIDlsF9JNYPJQR5FajnXYVyPYhu9hElGd%2FhSFpsKRc0QmPB6kud2ZQbAnhLUoYkz%2BBNTJoEirXHSwcd"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
751285fd28976951-FRA
expires
Sun, 17 Sep 2023 07:28:35 GMT
style.js
muslslaty.com/wp-content/themes/boxnews/assets/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://muslslaty.com/wp-content/themes/boxnews/assets/js/style.js?ver=28.00
Requested by
Host: muslslaty.com
URL: https://muslslaty.com/Web/webmail/home.php?reason=1&trk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:d074 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64a178adde6d8cc18712dda15643848bff2171a18a5d40dd1524d5f56d9d051e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://muslslaty.com/Web/webmail/home.php?reason=1&trk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 07:28:35 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 29 Mar 2021 10:04:02 GMT
server
cloudflare
etag
W/"6061a612-1c92"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7xIZxiHU5F8dNRgPwPtnfEyuo66InhWbdn17OK7ZvsOMtzP7uV5c57sKXbNgZWUt198X7XAMf2ymEMG1r61HQBERaHBzPfbx%2FQIZ%2BYelhI2HbzQooaImQ3nAZYx6qpHNORb1Z0bjNfwz9TOg"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
751285fcdef09b7c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
strong.js
simple.cofounderspecials.com/ 		2 KB
818 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simple.cofounderspecials.com/strong.js?v=3.00
Requested by
Host: muslslaty.com
URL: https://muslslaty.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.211.91.114 , Ukraine, ASN206638 (HOSTFORY, UA),
Reverse DNS
Software
nginx /
Resource Hash
f0af99595f5240b6c86b70a17902c4bf72bd4f356303dd8b732ade94ecb38d69
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://muslslaty.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 07:28:36 GMT
content-encoding
gzip
last-modified
Mon, 26 Sep 2022 14:52:14 GMT
server
nginx
etag
W/"6331bc9e-920"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
expires
Thu, 31 Dec 2037 23:55:55 GMT
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/ 		77 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7e82d9e917c569248435f4fc04d5d05b755a84ab795adcf89efe9783091b5f7
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Origin
https://muslslaty.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 07:28:35 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
374685
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
78460
timing-allow-origin
*
last-modified
Mon, 05 Oct 2020 17:43:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f7b5b5f-1327c"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p6TdETHmY038lRDyfCk75HXmZbwIpRlRc%2FE1YKEks%2FkGPKcXh2NoqlfRQgItLk5kd4wQPO3PrzsRDGklqMfZTTPSmxKoWft3Q7oIrJL0ALDXlB9nlt7QWFwEN6qKpABC4e3J0bT%2FO0t0EIysWraKJdrV"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
751285fe5af06934-FRA
expires
Sun, 17 Sep 2023 07:28:35 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de18f83fe5e106b0ff08097632c801d3b2a5744cb2040302314b3ed08d5c0c8e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Origin
https://muslslaty.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 07:28:35 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
8846713
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
80300
timing-allow-origin
*
last-modified
Mon, 05 Oct 2020 17:43:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f7b5b5f-139ac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kvUEwFA%2FQ6niakdXWanzvsF%2BiBie5DfnIKmvgRwUjQwpv4heEwipZaBodDNS62fmbtVuUHfogm0%2BqfFNS4NU8SnqgDv6wqlOXEFUwsZZ4GjW9JJ2jZppEYoPC6znpigZB79KqNDV8hpKSufpMnS3yp5L"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
751285fe5af26934-FRA
expires
Sun, 17 Sep 2023 07:28:35 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: muslslaty.com
URL: https://muslslaty.com/Web/webmail/home.php?reason=1&trk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://muslslaty.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 11 Sep 2022 13:50:09 GMT
server
Golfe2
age
1596
date
Tue, 27 Sep 2022 07:01:59 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19826
expires
Tue, 27 Sep 2022 09:01:59 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j97&a=348195926&t=pageview&_s=1&dl=https%3A%2F%2Fmuslslaty.com%2FWeb%2Fwebmail%2Fhome.php%3Freason%3D1%26trk&ul=en-us&de=UTF-8&dt=Page%20Not%20Found%20%7C%20%D9%85%D8%B3%D9%84%D8%B3%D9%84%D8%A7%D8%AA%D9%8A&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=440088939&gjid=2104808678&cid=26376030.1664263716&tid=G-ZSC43YZ6JV&_gid=1067455027.1664263716&_r=1&_slc=1&z=229438730
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://muslslaty.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 07:28:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://muslslaty.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
result.js
cdn.weatherplllatform.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.weatherplllatform.com/result.js?v=000
Requested by
Host: muslslaty.com
URL: https://muslslaty.com/Web/webmail/home.php?reason=1&trk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.211.91.114 , Ukraine, ASN206638 (HOSTFORY, UA),
Reverse DNS
Software
nginx /
Resource Hash
4b1238a1b9202c3d215ed7b3f05a6cf12fb71d520d2066f25bbda095603dc9dd
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://muslslaty.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 07:28:37 GMT
content-encoding
gzip
last-modified
Mon, 26 Sep 2022 14:46:59 GMT
server
nginx
etag
W/"6331bb63-182c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
strict-transport-security
max-age=15768000;
expires
Thu, 31 Dec 2037 23:55:55 GMT
hit.php
away.bettershitecolumn.com/ 		0
0
Primary Request hit.php
away.bettershitecolumn.com/
Redirect Chain
  • https://away.bettershitecolumn.com/hit.php?a=1311&b=334-1166-567334-46
  • https://away.bettershitecolumn.com/hit.php?nid=54889&yid=9554-66-457679-29
740 B
885 B 		Document
General
Check archive.org
Download Go to
Full URL
https://away.bettershitecolumn.com/hit.php?nid=54889&yid=9554-66-457679-29
Requested by
Host: cdn.weatherplllatform.com
URL: https://cdn.weatherplllatform.com/result.js?v=000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.211.91.104 -, , ASN (),
Reverse DNS
Software
nginx / PHP/7.3.33
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

Referer
https://muslslaty.com/Web/webmail/home.php?reason=1&trk
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
740
content-type
text/html; charset=UTF-8
date
Tue, 27 Sep 2022 07:28:39 GMT
server
nginx
strict-transport-security
max-age=15768000;
vary
Accept-Encoding
x-powered-by
PHP/7.3.33

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 27 Sep 2022 07:28:39 GMT
location
https://away.bettershitecolumn.com/hit.php?nid=54889&yid=9554-66-457679-29
server
nginx
strict-transport-security
max-age=15768000;
x-powered-by
PHP/7.3.33
/
cawanmyoropurka.gq/help/ 		0
0
/
cawanmyoropurka.gq/help/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
away.bettershitecolumn.com
URL
https://away.bettershitecolumn.com/hit.php?a=1311&b=334-1166-567334-46
Domain
cawanmyoropurka.gq
URL
https://cawanmyoropurka.gq/help/?23071650902120
Domain
cawanmyoropurka.gq
URL
https://cawanmyoropurka.gq/help/?23071650902120

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

3 Cookies

Domain/Path Name / Value
.muslslaty.com/ Name: _ga
Value: GA1.2.26376030.1664263716
.muslslaty.com/ Name: _gid
Value: GA1.2.1067455027.1664263716
.muslslaty.com/ Name: _gat
Value: 1

1 Console Messages

Source Level URL
Text
network error URL: https://muslslaty.com/Web/webmail/home.php?reason=1&trk
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

away.bettershitecolumn.com
cawanmyoropurka.gq
cdn.weatherplllatform.com
cdnjs.cloudflare.com
muslslaty.com
simple.cofounderspecials.com
www.google-analytics.com
away.bettershitecolumn.com
cawanmyoropurka.gq
2606:4700:3033::ac43:d074
2606:4700::6811:190e
2a00:1450:4001:810::200e
91.211.91.104
91.211.91.114
213cd2a475302f6c7328a4b34b37594d04455ca8d01062f35bf1a5cf7d408f2b
4b1238a1b9202c3d215ed7b3f05a6cf12fb71d520d2066f25bbda095603dc9dd
564f37c76d73946c72b6466889f189406262443e8fbab414b00579a2f7c579d4
5b023b1d27287f33aa24ac8f77d5d5f2ca9688eba142a9656927bbd778894614
64a178adde6d8cc18712dda15643848bff2171a18a5d40dd1524d5f56d9d051e
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a59c4ec14f240087b3c124d91d60ea45de9de350cb0e08ad93ee79306aba3b7a
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
b0d3610919043227b56c8d5130e2ead271a067bb1b930678d5af24bbbae7c16f
b85976dfe10ce7e71b07d02ecc20c145275419adb0358b7a56add6ba44e4fb6f
d1e8933e70e593da5ec6d95a383b04878d1b720b77777916cf8e7fe7431ef9d9
de18f83fe5e106b0ff08097632c801d3b2a5744cb2040302314b3ed08d5c0c8e
e7e82d9e917c569248435f4fc04d5d05b755a84ab795adcf89efe9783091b5f7
f0af99595f5240b6c86b70a17902c4bf72bd4f356303dd8b732ade94ecb38d69
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d