headsh0t.shell.oddprotocol.org Open in urlscan Pro
198.251.89.91  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response headsh0t.shell.oddprotocol.org/	34 KB 34 KB	1291ms 108ms	Document text/html	198.251.89.91 PONYNET
General Check archive.org Show headers Download Go to Full URL https://headsh0t.shell.oddprotocol.org/ Protocol HTTP/1.1 Security TLS 1.3, , CHACHA20_POLY1305 Server 198.251.89.91 Luxembourg, Luxembourg, ASN53667 (PONYNET, US), Reverse DNS shell.oddprotocol.org Software OpenBSD httpd / Resource Hash a6e839e076f00e75a9944fa4dd73a2a34861f523907f7f612cd1bd23df457127 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Connection close Content-Length 34393 Content-Type text/html Date Wed, 06 Mar 2024 14:01:32 GMT Last-Modified Fri, 04 Mar 2022 11:30:02 GMT Server OpenBSD httpd
GET H/1.1	200 OK	nicepage.css headsh0t.shell.oddprotocol.org/	873 KB 873 KB	536ms 109ms	Stylesheet text/css	198.251.89.91 PONYNET
General Check archive.org Show headers Download Go to Full URL https://headsh0t.shell.oddprotocol.org/nicepage.css Requested by Host: headsh0t.shell.oddprotocol.org URL: https://headsh0t.shell.oddprotocol.org/ Protocol HTTP/1.1 Security TLS 1.3, , CHACHA20_POLY1305 Server 198.251.89.91 Luxembourg, Luxembourg, ASN53667 (PONYNET, US), Reverse DNS shell.oddprotocol.org Software OpenBSD httpd / Resource Hash 593e4ed0fb8770a3dbf4a61e4069d23a5048361f1367e9bb3d15387b6c1f2534 Request headers accept-language en-US,en;q=0.9 Referer https://headsh0t.shell.oddprotocol.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Wed, 06 Mar 2024 14:01:33 GMT Last-Modified Wed, 02 Sep 2020 19:50:24 GMT Server OpenBSD httpd Connection close Content-Length 893451 Content-Type text/css
GET H/1.1	200 OK	Page-1.css headsh0t.shell.oddprotocol.org/	11 KB 12 KB	545ms 111ms	Stylesheet text/css	198.251.89.91 PONYNET
General Check archive.org Show headers Download Go to Full URL https://headsh0t.shell.oddprotocol.org/Page-1.css Requested by Host: headsh0t.shell.oddprotocol.org URL: https://headsh0t.shell.oddprotocol.org/ Protocol HTTP/1.1 Security TLS 1.3, , CHACHA20_POLY1305 Server 198.251.89.91 Luxembourg, Luxembourg, ASN53667 (PONYNET, US), Reverse DNS shell.oddprotocol.org Software OpenBSD httpd / Resource Hash 55810d14a60867feefa6a38914068feb7b7fa04b141628bc4df91e655881a182 Request headers accept-language en-US,en;q=0.9 Referer https://headsh0t.shell.oddprotocol.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Wed, 06 Mar 2024 14:01:33 GMT Last-Modified Wed, 02 Sep 2020 19:49:06 GMT Server OpenBSD httpd Connection close Content-Length 11729 Content-Type text/css
GET H/1.1	200 OK	jquery.js Show response headsh0t.shell.oddprotocol.org/	90 KB 91 KB	561ms 109ms	Script application/javascript	198.251.89.91 PONYNET
General Check archive.org Show headers Download Go to Full URL https://headsh0t.shell.oddprotocol.org/jquery.js Requested by Host: headsh0t.shell.oddprotocol.org URL: https://headsh0t.shell.oddprotocol.org/ Protocol HTTP/1.1 Security TLS 1.3, , CHACHA20_POLY1305 Server 198.251.89.91 Luxembourg, Luxembourg, ASN53667 (PONYNET, US), Reverse DNS shell.oddprotocol.org Software OpenBSD httpd / Resource Hash 389b2539668e2778162893bfe351fc68ff8d433fbc2df5b6b216cc4852799846 Request headers accept-language en-US,en;q=0.9 Referer https://headsh0t.shell.oddprotocol.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Wed, 06 Mar 2024 14:01:33 GMT Last-Modified Wed, 02 Sep 2020 19:50:05 GMT Server OpenBSD httpd Connection close Content-Length 92660 Content-Type application/javascript
GET H/1.1	200 OK	nicepage.js Show response headsh0t.shell.oddprotocol.org/	138 KB 138 KB	562ms 111ms	Script application/javascript	198.251.89.91 PONYNET
General Check archive.org Show headers Download Go to Full URL https://headsh0t.shell.oddprotocol.org/nicepage.js Requested by Host: headsh0t.shell.oddprotocol.org URL: https://headsh0t.shell.oddprotocol.org/ Protocol HTTP/1.1 Security TLS 1.3, , CHACHA20_POLY1305 Server 198.251.89.91 Luxembourg, Luxembourg, ASN53667 (PONYNET, US), Reverse DNS shell.oddprotocol.org Software OpenBSD httpd / Resource Hash 3fd634558787a333f6dca5fc22fcdec0352e375bef79df40c117bc94b8302f6a Request headers accept-language en-US,en;q=0.9 Referer https://headsh0t.shell.oddprotocol.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Date Wed, 06 Mar 2024 14:01:33 GMT Last-Modified Wed, 02 Sep 2020 19:50:38 GMT Server OpenBSD httpd Connection close Content-Length 141292 Content-Type application/javascript
GET H2	200	css fonts.googleapis.com/	81 KB 3 KB	107ms 45ms	Stylesheet text/css	2607:f8b0:4006:816::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i|Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i Requested by Host: headsh0t.shell.oddprotocol.org URL: https://headsh0t.shell.oddprotocol.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:816::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash a6dbd8ee53f621b0e770fd487bf3d5dea24a2c804fa468de5f218305420ff120 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://headsh0t.shell.oddprotocol.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 06 Mar 2024 14:01:33 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 06 Mar 2024 14:01:33 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 06 Mar 2024 14:01:33 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v40/	47 KB 48 KB	198ms 24ms	Font font/woff2	2607:f8b0:4006:820::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i|Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://headsh0t.shell.oddprotocol.org accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Wed, 06 Mar 2024 09:14:01 GMT x-content-type-options nosniff age 17253 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48236 x-xss-protection 0 last-modified Thu, 14 Dec 2023 02:08:40 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 06 Mar 2025 09:14:01 GMT
GET DATA	200 OK	truncated /	266 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	228ms 59ms	Font font/woff2	2607:f8b0:4006:820::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i|Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://headsh0t.shell.oddprotocol.org accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Wed, 06 Mar 2024 08:53:01 GMT x-content-type-options nosniff age 18513 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 06 Mar 2025 08:53:01 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 15 KB	235ms 67ms	Font font/woff2	2607:f8b0:4006:820::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i|Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://headsh0t.shell.oddprotocol.org accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Wed, 06 Mar 2024 09:04:28 GMT x-content-type-options nosniff age 17826 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 06 Mar 2025 09:04:28 GMT
GET H2	200	memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 fonts.gstatic.com/s/opensans/v40/	49 KB 49 KB	240ms 74ms	Font font/woff2	2607:f8b0:4006:820::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i|Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://headsh0t.shell.oddprotocol.org accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Wed, 06 Mar 2024 09:06:17 GMT x-content-type-options nosniff age 17717 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 50296 x-xss-protection 0 last-modified Thu, 14 Dec 2023 02:10:01 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 06 Mar 2025 09:06:17 GMT

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| ResponsiveMenu function| MailChimpForm object| jQuery19105149768068418856 object| bootstrap function| loadMapsContent function| mapIframeApiReady object| MapsLoader object| Utils object| Const object| Wait function| Lightbox object| Utility object| skrollr function| Waypoint function| WaypointAdapter function| AnimationInfo function| CountUp function| CountUpAdapter function| CounterAnimation function| AnimateCssAnimation object| AnimationFactory object| AnimationEventScroll function| AnimationEventSlider object| WillChangeHint object| _npScrollAnchor function| _npScrollSpyInit function| TabsControl function| _npTabsInit object| lazySizes object| _npLazyImages object| lazySizesConfig object| _responsive

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
headsh0t.shell.oddprotocol.org
198.251.89.91
2607:f8b0:4006:816::200a
2607:f8b0:4006:820::2003
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
389b2539668e2778162893bfe351fc68ff8d433fbc2df5b6b216cc4852799846
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3fd634558787a333f6dca5fc22fcdec0352e375bef79df40c117bc94b8302f6a
55810d14a60867feefa6a38914068feb7b7fa04b141628bc4df91e655881a182
593e4ed0fb8770a3dbf4a61e4069d23a5048361f1367e9bb3d15387b6c1f2534
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
a6dbd8ee53f621b0e770fd487bf3d5dea24a2c804fa468de5f218305420ff120
a6e839e076f00e75a9944fa4dd73a2a34861f523907f7f612cd1bd23df457127
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615