xsuiit.com Open in urlscan Pro
2a06:98c1:3120::3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://xsuiit.com/service-violate.inc
Effective URL:
https://xsuiit.com/service-violate.inc
Submission: On February 29 via manual (February 29th 2024, 2:33:02 pm UTC) from US — Scanned from NL

Summary HTTP 20 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 20 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is xsuiit.com.
TLS certificate: Issued by E1 on January 26th 2024. Valid for: 3 months.

This is the only time xsuiit.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

	IP Address	AS Autonomous System
2 6	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:303... 2606:4700:3038::6815:eaea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2606:4700:303... 2606:4700:3032::ac43:958f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	3

6 2a06:98c1:3120::3 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

xsuiit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3038::6815:eaea (United States)

ASN13335 (CLOUDFLARENET, US)

rsms.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:3032::ac43:958f (United States)

ASN13335 (CLOUDFLARENET, US)

login.gungratestore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	gungratestore.com login.gungratestore.com	638 KB
6	xsuiit.com 2 redirects xsuiit.com	12 KB
4	rsms.me rsms.me — Cisco Umbrella Rank: 10068	330 KB
20	3

	Domain	Requested by
12	login.gungratestore.com	xsuiit.com
6	xsuiit.com	2 redirects xsuiit.com
4	rsms.me	xsuiit.com rsms.me
20	3

This site contains links to these domains. Also see Links.

Domain
login.gungratestore.com

Subject Issuer	Validity	Valid
xsuiit.com E1	`2024-01-26` - `2024-04-25`	3 months	crt.sh
rsms.me E1	`2024-02-26` - `2024-05-26`	3 months	crt.sh
gungratestore.com GTS CA 1P5	`2024-01-29` - `2024-04-28`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://xsuiit.com/service-violate.inc
Frame ID: 99A9A30D0E4E6BF7EC13B4FEFC914FCC
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Not found - Link Management

Page URL History Show full URLs

http://xsuiit.com/service-violate.inc Page URL
http://xsuiit.com/cdn-cgi/phish-bypass?atok=E9qwNvz0bSFWh6Oyv2wPlIO7_kXT6tkbhmsqHB0jel0-170921... HTTP 301
http://xsuiit.com/service-violate.inc HTTP 301
https://xsuiit.com/service-violate.inc Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

85 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

979 kB
Transfer

2125 kB
Size

2
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://login.gungratestore.com/

Search URL Search Domain Scan URL

URL: https://login.gungratestore.com/login
Title: Login

Search URL Search Domain Scan URL

URL: https://login.gungratestore.com/
Title: Switch to Dark Mode

Search URL Search Domain Scan URL

URL: https://login.gungratestore.com/page/terms-and-conditions
Title: Terms and Conditions URL

Search URL Search Domain Scan URL

URL: https://login.gungratestore.com/page/privacy-policy-url
Title: Privacy Policy URL

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://xsuiit.com/service-violate.inc Page URL
http://xsuiit.com/cdn-cgi/phish-bypass?atok=E9qwNvz0bSFWh6Oyv2wPlIO7_kXT6tkbhmsqHB0jel0-1709217171-0.0-%2Fservice-violate.inc HTTP 301
http://xsuiit.com/service-violate.inc HTTP 301
https://xsuiit.com/service-violate.inc Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK service-violate.inc Show response
xsuiit.com/ 4 KB
2 KB 378ms
121ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://xsuiit.com/service-violate.inc

Protocol

HTTP/1.1

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2573ba5a19beaa4957617255124d3813a5d153b014fa8036bcd25fb538fa691

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

CF-RAY: 85d19e7ca8e7425b-EWR
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 29 Feb 2024 14:32:51 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9G4utFT0xznu54ENI96ha3qFw4etxPwfWLihGxjUbH5SgCjL1Is2gNkeVmySuTjEjbvxeXEixDkJnwfcEw%2FW3PFjEOmwc3V%2FjvriIwAJ16erv903efyY%2FjKBbBqWppBRh%2BxS1J0G81fy"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK cf.errors.css
xsuiit.com/cdn-cgi/styles/ 24 KB
5 KB 100ms
100ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://xsuiit.com/cdn-cgi/styles/cf.errors.css

Requested by

Host: xsuiit.com
URL: http://xsuiit.com/service-violate.inc

Protocol

HTTP/1.1

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://xsuiit.com/service-violate.inc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Thu, 29 Feb 2024 14:32:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 23 Feb 2024 17:10:29 GMT
Server: cloudflare
ETag: W/"65d8d185-5e44"
Transfer-Encoding: chunked
X-Frame-Options: DENY
Content-Type: text/css
Vary: Accept-Encoding
Cache-Control: max-age=7200, public
Connection: keep-alive
CF-RAY: 85d19e7d69f4425b-EWR
Expires: Thu, 29 Feb 2024 16:32:52 GMT

GET
H/1.1 200
OK icon-exclamation.png
xsuiit.com/cdn-cgi/images/ 452 B
889 B 100ms
100ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://xsuiit.com/cdn-cgi/images/icon-exclamation.png?1376755637

Requested by

Host: xsuiit.com
URL: http://xsuiit.com/cdn-cgi/styles/cf.errors.css

Protocol

HTTP/1.1

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://xsuiit.com/cdn-cgi/styles/cf.errors.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Thu, 29 Feb 2024 14:32:52 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 23 Feb 2024 17:10:29 GMT
Server: cloudflare
ETag: "65d8d185-1c4"
X-Frame-Options: DENY
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=7200, public
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 85d19e7e1aac425b-EWR
Content-Length: 452
Expires: Thu, 29 Feb 2024 16:32:52 GMT

GET
H2

404

Primary Request service-violate.inc Show response
xsuiit.com/
Redirect Chain

http://xsuiit.com/cdn-cgi/phish-bypass?atok=E9qwNvz0bSFWh6Oyv2wPlIO7_kXT6tkbhmsqHB0jel0-1709217171-0.0-%2Fservice-violate.inc
http://xsuiit.com/service-violate.inc
https://xsuiit.com/service-violate.inc

8 KB
3 KB

861ms
790ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xsuiit.com/service-violate.inc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

340189818ae213a7508ed7c46aa57b0f89ea89ba8a1eb5e456752583358d14e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://xsuiit.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 85d19e9eef7d6eb4-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 29 Feb 2024 14:32:58 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FVhYiGNo5ODuMW4wqmL%2FhkiLYOw62uRglEW8hXjmkuwGrKkTcI0cfSB3HPnbRrJGT1YkzJgCXjEGPCBHmxE1UXm%2BXlGE9Uu9KSlsOsefa1MTb95O9qz0%2F8mWqMQdDkGBIQrR6WakU7v5"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-powered-by: Niagahoster
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block

Redirect headers

CF-RAY: 85d19e9e0e43425b-EWR
Cache-Control: max-age=3600
Connection: keep-alive
Date: Thu, 29 Feb 2024 14:32:57 GMT
Expires: Thu, 29 Feb 2024 15:32:57 GMT
Location: https://xsuiit.com/service-violate.inc
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wPgHWVOI%2BvRJH3HD1RDpe5id307GApuwpcqQtN%2FqTEjmdb%2BevkFDymhBC0jHMnk%2FK4AZq%2Fa8FbwyPfUg8yJuASvHnc4N4o%2F3vnfKHEjyJUL0YM2JdMvcNo1SyxJ%2BS94xvA1JCxmzqua%2F"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 inter.css
rsms.me/inter/ 7 KB
1 KB 84ms
25ms Stylesheet
text/css 2606:4700:3038::6815:eaea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/inter.css
Requested by: Host: xsuiit.com
URL: https://xsuiit.com/service-violate.inc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eaea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fedfb7def1421aa9d58d1732be7164e33eec27b9c87193e010b9ddaa67b6a18

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsuiit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-fastly-request-id: 5ab76182e3363cd8b27401b351cbb4ccf6d9778c
date: Thu, 29 Feb 2024 14:32:58 GMT
via: 1.1 varnish
content-encoding: br
expires: Fri, 02 Feb 2024 01:14:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 93
x-cache: HIT
x-proxy-cache: MISS
alt-svc: h3=":443"; ma=86400
x-served-by: cache-ams21065-AMS
last-modified: Mon, 20 Nov 2023 16:23:05 GMT
server: cloudflare
x-github-request-id: 8AAE:FBCB:DB28F6:DECB40:656069B8
x-timer: S1701140103.604291,VS0,VE0
etag: W/"655b87e9-1b8d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e6%2BWsIwdhXINYsB5z6rVZQfuprk6sREAgb57U8kyoah3WwYuI2CjcqMueU6Btmx%2BzpGvOB0ucHqSky4ekN%2F6n%2B5Ab7iqas%2Fxpb%2FngvuvdET%2FXBk1i0kayaMtxWQ7WFAy%2B5RzD%2BK9"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-origin-cache: HIT
cf-ray: 85d19ea42c590e10-AMS
x-cache-hits: 2

GET
H2 200 bootstrap.min.css
login.gungratestore.com/themes/altum/assets/css/ 215 KB
32 KB 157ms
74ms Stylesheet
text/css 2606:4700:3032::ac43:958f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.gungratestore.com/themes/altum/assets/css/bootstrap.min.css?v=930

Requested by

Host: xsuiit.com
URL: https://xsuiit.com/service-violate.inc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:958f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

9da0a6de68a4f44f78d8c73b7a1b75b168f53b3742fa8e29455d1474452f5cc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsuiit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 14:32:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 199405
x-powered-by: Niagahoster
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 04 May 2022 03:15:31 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2FzMxKPF3r18T6CqzfPKZdKarBWwwOfw8IC3qHBN7f7OR4sqKXlib1cGe9Onn0Hdrcpwf6zjH0r%2FKyapfaBJwd%2B0gq9X3VE46JxM7SLQKGQF8Jr5H1NpKYRuBu2%2B5Ga9Gfrr01X%2BxkmNzGq4t88uiahHAT6CtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 85d19ea45af1d0b5-AMS
expires: Thu, 28 Mar 2024 07:09:33 GMT

GET
H2 200 custom.css
login.gungratestore.com/themes/altum/assets/css/ 16 KB
5 KB 123ms
40ms Stylesheet
text/css 2606:4700:3032::ac43:958f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.gungratestore.com/themes/altum/assets/css/custom.css?v=930

Requested by

Host: xsuiit.com
URL: https://xsuiit.com/service-violate.inc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:958f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

7ea506b2685aca6788a82ae1b808c338af0b1972f643aad0b1d38bf2601289b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsuiit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 14:32:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 940624
x-powered-by: Niagahoster
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 04 May 2022 03:15:31 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xxytYdIACTxH73FbeAqJbYsIuh9eyjgYLeWceZJ3JzgzzKSoN3JXOkWljSLx5q%2BG4ALZiC44vuXVxq4C26etqJNn84Bq6HAnuWVtC%2F%2BqDD6RNZ8u%2Fu8RZfnxY6NBwzNiByZ46BXtey9fLrbFZCSsqsFGUv33FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 85d19ea45ae9d0b5-AMS
expires: Tue, 19 Mar 2024 17:15:53 GMT

GET
H2 200 link-custom.css
login.gungratestore.com/themes/altum/assets/css/ 3 KB
1 KB 121ms
39ms Stylesheet
text/css 2606:4700:3032::ac43:958f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.gungratestore.com/themes/altum/assets/css/link-custom.css?v=930

Requested by

Host: xsuiit.com
URL: https://xsuiit.com/service-violate.inc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:958f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

d50accc4c059a8c01d58849f2e319665785f72d4c6e5a3c0f3baeeb4a06439aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsuiit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 14:32:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 199405
x-powered-by: Niagahoster
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 04 May 2022 03:15:31 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eCN%2FSY%2BoDB08lAlpGtJtAkjYjCNY%2Btn5XiJR5ULpqoQJdIMTE0n2B8hs5qm3lDs9LasiGE%2BCLfIAmLdv7e8%2Fy9XWdIhuZtznF1xRaIj%2BQKjYxlg3g0FsPBgUd483IejqH1F6Aj7jPKxEcoupAN%2BpsU1BmxG7qA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 85d19ea45aefd0b5-AMS
expires: Thu, 28 Mar 2024 07:09:33 GMT

GET
H2 200 animate.min.css
login.gungratestore.com/themes/altum/assets/css/ 70 KB
6 KB 128ms
45ms Stylesheet
text/css 2606:4700:3032::ac43:958f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.gungratestore.com/themes/altum/assets/css/animate.min.css?v=930

Requested by

Host: xsuiit.com
URL: https://xsuiit.com/service-violate.inc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:958f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

721fd25fad2ceea766b483f7692fc840097de75bb54185273920adf62da63e15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsuiit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 14:32:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 199405
x-powered-by: Niagahoster
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 04 May 2022 03:15:31 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ozAu%2BJ9NNBE8dHhNKio5%2FwGhBWO%2FHlNujlrCMdB4Ne0107i%2Ftj8hh4weu5naPUWak3LvGY6jUSl4NvzmjPLNnYZ9wu020MbEkxdjTF%2BqvtIJP5kakGuNzhh9RB5DU009yKGzZchsrlpA%2FPuVi4%2BDT%2BFhd8ac4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 85d19ea45aedd0b5-AMS
expires: Thu, 28 Mar 2024 07:09:33 GMT

GET
H2 200 d7bc703b7d0251417c2eda561e150983.png
login.gungratestore.com/uploads/logo/ 113 KB
114 KB 136ms
53ms Image
image/png 2606:4700:3032::ac43:958f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.gungratestore.com/uploads/logo/d7bc703b7d0251417c2eda561e150983.png

Requested by

Host: xsuiit.com
URL: https://xsuiit.com/service-violate.inc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:958f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

019b8c4c199effeee69daf0b82489e5e2ea64dd78097e8955ddf0513d24af04a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsuiit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 14:32:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 939802
x-powered-by: Niagahoster
alt-svc: h3=":443"; ma=86400
content-length: 116019
x-xss-protection: 1; mode=block
last-modified: Fri, 25 Nov 2022 11:27:06 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ntYC5InlKNM6vBcl%2FpVtJ11lAsDqmKUqecMasukxPTXLG2QldX%2FBTcuxQ5MWMPdE3cwiXZz55V1pY5SCeQmFoDi2c71MPwcMequeVOSoPzv%2Bx1svQFAr78RAFo%2B%2FDEueBFVWGo934LtHweNdKCEH5gCz9v3xMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85d19ea45af3d0b5-AMS
expires: Mon, 17 Feb 2025 17:29:36 GMT

GET
H2 200 jquery.min.js Show response
login.gungratestore.com/themes/altum/assets/js/libraries/ 87 KB
32 KB 132ms
50ms Script
application/javascript 2606:4700:3032::ac43:958f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.gungratestore.com/themes/altum/assets/js/libraries/jquery.min.js?v=930

Requested by

Host: xsuiit.com
URL: https://xsuiit.com/service-violate.inc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:958f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsuiit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 14:32:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1714203
x-powered-by: Niagahoster
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 04 May 2022 03:15:31 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K21m9vDlgTx%2FvOcHl915T%2F8ewD%2FnBsVazFbusY8PHJ2%2BS0WVRTXmy0%2FjIZXXOqSc8lgd2vrNSRkAiH3KCSIP4fCagXy1nclCmBj3Jo8pjKK97et2fpkEiQsphjn%2FJ2FY5bC%2FDZJezgxOcLuRm8z8vjqtUKAFiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 85d19ea45af4d0b5-AMS
expires: Sun, 10 Mar 2024 18:22:54 GMT

GET
H2 200 popper.min.js Show response
login.gungratestore.com/themes/altum/assets/js/libraries/ 19 KB
7 KB 72ms
71ms Script
application/javascript 2606:4700:3032::ac43:958f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.gungratestore.com/themes/altum/assets/js/libraries/popper.min.js?v=930

Requested by

Host: xsuiit.com
URL: https://xsuiit.com/service-violate.inc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:958f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

3675f226f985b64eea6ae8544d5496a32d19993aae1ac4a3fa101263ef3206f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsuiit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 14:32:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 199405
x-powered-by: Niagahoster
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 04 May 2022 03:15:31 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bl66DM8XPkcWrZz30pca2JuPz%2BEVXEznrbZYH1mCU7GO0LYwNRDHIPGp2z3L47whB%2BLSsL4ihziKF4DmIleRuOCaAdk9TweACo8hvhPzolVmzfTXvyeUyKRBTCiXYas2N0Uhn6AdfZk7IePTZzmVzaLdcxhCHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 85d19ea46af9d0b5-AMS
expires: Thu, 28 Mar 2024 07:09:33 GMT

GET
H2 200 bootstrap.min.js Show response
login.gungratestore.com/themes/altum/assets/js/libraries/ 62 KB
16 KB 71ms
71ms Script
application/javascript 2606:4700:3032::ac43:958f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.gungratestore.com/themes/altum/assets/js/libraries/bootstrap.min.js?v=930

Requested by

Host: xsuiit.com
URL: https://xsuiit.com/service-violate.inc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:958f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

aef771d2e517167fe65b281ebbd263d11f079c3a07e91d022a7d1e79d558d7c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsuiit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 14:32:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 239607
x-powered-by: Niagahoster
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 04 May 2022 03:15:31 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kJsEYXGQqUMdCaiLHdj%2Bb59OcmSWsu3wUhnEfFFjXpS73DMjTBbpQZArqAayNKgMJS669vs5ZrAzLrSNBx7GZ63DnbDKCZAtUOyksIisucaGOzOL9WveVCk7auvVxq7Co9Ycl6ZYJKuW%2BYXE%2Bx3aVfEGv%2BJn3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 85d19ea46afbd0b5-AMS
expires: Wed, 27 Mar 2024 19:59:31 GMT

GET
H2 200 main.js Show response
login.gungratestore.com/themes/altum/assets/js/ 904 B
712 B 72ms
72ms Script
application/javascript 2606:4700:3032::ac43:958f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.gungratestore.com/themes/altum/assets/js/main.js?v=930

Requested by

Host: xsuiit.com
URL: https://xsuiit.com/service-violate.inc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:958f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

e3498b6be8619df30f2e8be1ac532ab0c1bc87866b42ea3959c31e22cd027bd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsuiit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 14:32:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 199405
x-powered-by: Niagahoster
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 04 May 2022 03:15:31 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2FGnFpsQohQ6oHRl3DzatmM0HIsNNVDTnLrPgZU7bO4uwwrcCw0Nq7MDxXgzTtzIAtzQnByRZnZY6m49bv4xrYntfMSYwpdlh8u%2Bupy9yovbosHxzO66Aa6hMxSxliSRleKgio86uWUAzBsj%2B7dZJjV6kikvRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 85d19ea47b30d0b5-AMS
expires: Thu, 28 Mar 2024 07:09:33 GMT

GET
H2 200 functions.js Show response
login.gungratestore.com/themes/altum/assets/js/ 4 KB
2 KB 71ms
71ms Script
application/javascript 2606:4700:3032::ac43:958f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.gungratestore.com/themes/altum/assets/js/functions.js?v=930

Requested by

Host: xsuiit.com
URL: https://xsuiit.com/service-violate.inc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:958f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

309ec6422c4075eca25dda5f41000ba3ae17614a208cdae60bedc71efc021ed0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsuiit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 14:32:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1697
x-powered-by: Niagahoster
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 04 May 2022 03:15:31 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6jKjsXvvLYbepYaKcojmktgu6rUbts5inFoHW1sFRpgcEHOFZeye8N3I6DTq7R6WRDQvpSWZYbM1EHJXan9YzA%2FHuAurejM9tHpjtptiMTEEsPlW5Y1T62gecgOdPc%2BvhCfdj6TkfD4aMaiTgWeboLIrPJBuLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 85d19ea47b34d0b5-AMS
expires: Sat, 30 Mar 2024 14:04:40 GMT

GET
H2 200 fontawesome.min.js Show response
login.gungratestore.com/themes/altum/assets/js/libraries/ 1 MB
419 KB 77ms
77ms Script
application/javascript 2606:4700:3032::ac43:958f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.gungratestore.com/themes/altum/assets/js/libraries/fontawesome.min.js?v=930

Requested by

Host: xsuiit.com
URL: https://xsuiit.com/service-violate.inc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:958f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

6400eee2b8c5684876c8ff8664f471d93bee91ca18ab48b3d669856918f14811

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsuiit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 14:32:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1191884
x-powered-by: Niagahoster
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 04 May 2022 03:15:31 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jNyDueQw6iOjp5ypfw4GULfqSg5ea07aHmrB4e%2FwFcd8IXE1rS%2BbdZbHXDJcDorKw90%2FJ88jYQfRE%2F11y9fkV5euLpebwm%2FL97ISGq4tSi8nhp%2Fc0Qsk7jFIMnhTYxtHFzY41o1KZt77p%2BIOBXnoG%2BmfcgsGLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 85d19ea47b37d0b5-AMS
expires: Sat, 16 Mar 2024 19:28:14 GMT

GET
H2 200 clipboard.min.js Show response
login.gungratestore.com/themes/altum/assets/js/libraries/ 11 KB
4 KB 71ms
71ms Script
application/javascript 2606:4700:3032::ac43:958f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.gungratestore.com/themes/altum/assets/js/libraries/clipboard.min.js?v=930

Requested by

Host: xsuiit.com
URL: https://xsuiit.com/service-violate.inc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:958f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

1626706afc88d95ebe1173b553ec732c6dc82a576989315fdf5e7779af738a44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsuiit.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 14:32:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 199405
x-powered-by: Niagahoster
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 04 May 2022 03:15:31 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BSMVao3Hsnhgq%2BJopDolfQrQoePGHPe%2FGc7WLpWaXC342w%2FVcuLQAADa%2FmhYBwdwHSeP4gHgSvoxBuyBMLxBd3QbvDOnR0JMAJI9B9C8Zctjncu8pBzbbXhPYo94bHAQhhrPQ5YurYWbCcWpugidkOUroyVtqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 85d19ea47b39d0b5-AMS
expires: Thu, 28 Mar 2024 07:09:33 GMT

GET
H2 200 Inter-Regular.woff2
rsms.me/inter/font-files/ 106 KB
106 KB 76ms
43ms Font
font/woff2 2606:4700:3038::6815:eaea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/font-files/Inter-Regular.woff2?v=4.0
Requested by: Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eaea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6f9db9e45be20f3c1312c97fbee7ec36b7d8280f8caa4d53c9ba0408cc9997a

Request headers

Referer: https://rsms.me/inter/inter.css
Origin: https://xsuiit.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-fastly-request-id: 23553c61543ba1d98b6df0cc024ce4d8a26502a9
date: Thu, 29 Feb 2024 14:32:58 GMT
via: 1.1 varnish
expires: Fri, 26 Jan 2024 04:24:29 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache: MISS
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 108488
x-served-by: cache-ams21028-AMS
last-modified: Mon, 20 Nov 2023 16:23:03 GMT
server: cloudflare
x-github-request-id: 169C:57096:28F66B2:29ECAC8:65B331A1
x-timer: S1709217178.436062,VS0,VE0
etag: "655b87e7-1a7c8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vq8oRVESeEVRdZSkL%2BAlacrF9rkZJFCUDiZzhy86gx1xveAeXxq4I0ua%2F0kRRpR3b8BhdTva9fyh8748%2Bs8fcy2CcrB1PnCyhaoPBmylM61fOiKeAijzXVjDlPCuYA0YUMs81JVg"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
x-origin-cache: HIT
cf-ray: 85d19ea52f4d0eb4-AMS
x-cache-hits: 6

GET
H2 200 Inter-Medium.woff2
rsms.me/inter/font-files/ 109 KB
110 KB 61ms
28ms Font
font/woff2 2606:4700:3038::6815:eaea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/font-files/Inter-Medium.woff2?v=4.0
Requested by: Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eaea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8458f8afa67b5691c1fcbe51607a2dafb53a9839e48131c608a186b65415d96d

Request headers

Referer: https://rsms.me/inter/inter.css
Origin: https://xsuiit.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-fastly-request-id: 5b41b31f746d1ce9113997a87357a4c0552324fd
date: Thu, 29 Feb 2024 14:32:58 GMT
via: 1.1 varnish
expires: Wed, 07 Feb 2024 02:24:32 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache: MISS
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 111380
x-served-by: cache-ams21067-AMS
last-modified: Mon, 20 Nov 2023 16:23:03 GMT
server: cloudflare
x-github-request-id: 5C52:11E155:63D69B:662622:65C2E788
x-timer: S1709217178.435426,VS0,VE1
etag: "655b87e7-1b314"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dpgJxogeZzi3nPfMduY4CZo%2FqF67zSjFsD4qzZxCCx0BKllHEpbphIEsSP5EjwaCS1N3xFee%2FkudpBpcpsNxYTTW4CehhJ32m8rl7al%2FaPDrfWCTBJepEt8e5YSqIXIQGgLreK7W"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
x-origin-cache: HIT
cf-ray: 85d19ea52f4f0eb4-AMS
x-cache-hits: 5

GET
H2 200 Inter-Italic.woff2
rsms.me/inter/font-files/ 112 KB
112 KB 74ms
43ms Font
font/woff2 2606:4700:3038::6815:eaea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/font-files/Inter-Italic.woff2?v=4.0
Requested by: Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eaea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 708b7baa59a80d80465229b74f1dcb599d3ee76515a93d304337b92efb964afe

Request headers

Referer: https://rsms.me/inter/inter.css
Origin: https://xsuiit.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-fastly-request-id: b444bd927dffb01a9b9944cae996b2d997cdcabf
date: Thu, 29 Feb 2024 14:32:58 GMT
via: 1.1 varnish
expires: Thu, 01 Feb 2024 04:19:46 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache: MISS
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 114576
x-served-by: cache-ams21063-AMS
last-modified: Mon, 20 Nov 2023 16:23:03 GMT
server: cloudflare
x-github-request-id: C5BC:0DDE:2B5BA02:2C42474:65BB198A
x-timer: S1709217178.435948,VS0,VE4
etag: "655b87e7-1bf90"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VZttIqJkz%2BdQY1D3Y3n4BWAcrerNJDJdcp4JMkzxsUb3F9wK9aXX0XRSwm43H34RFMDxj%2FR9NHXT%2BccHh7nGMXepG0PxTao8QI4JrrOBFZaaIeScEDgD0vatzinZ8XqLafTTkkkG"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
x-origin-cache: HIT
cf-ray: 85d19ea52f4e0eb4-AMS
x-cache-hits: 4

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.xsuiit.com/	1970-01-20 18:48:23	Name: __cf_mw_byp Value: E9qwNvz0bSFWh6Oyv2wPlIO7_kXT6tkbhmsqHB0jel0-1709217171-0.0-/service-violate.inc
			xsuiit.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: e6d1d00d6d1c6d5eca3f5a0b40abc4f2

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://xsuiit.com/service-violate.inc Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

login.gungratestore.com
rsms.me
xsuiit.com
2606:4700:3032::ac43:958f
2606:4700:3038::6815:eaea
2a06:98c1:3120::3
019b8c4c199effeee69daf0b82489e5e2ea64dd78097e8955ddf0513d24af04a
1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b
1626706afc88d95ebe1173b553ec732c6dc82a576989315fdf5e7779af738a44
309ec6422c4075eca25dda5f41000ba3ae17614a208cdae60bedc71efc021ed0
340189818ae213a7508ed7c46aa57b0f89ea89ba8a1eb5e456752583358d14e8
3675f226f985b64eea6ae8544d5496a32d19993aae1ac4a3fa101263ef3206f7
6400eee2b8c5684876c8ff8664f471d93bee91ca18ab48b3d669856918f14811
708b7baa59a80d80465229b74f1dcb599d3ee76515a93d304337b92efb964afe
721fd25fad2ceea766b483f7692fc840097de75bb54185273920adf62da63e15
7ea506b2685aca6788a82ae1b808c338af0b1972f643aad0b1d38bf2601289b6
8458f8afa67b5691c1fcbe51607a2dafb53a9839e48131c608a186b65415d96d
8fedfb7def1421aa9d58d1732be7164e33eec27b9c87193e010b9ddaa67b6a18
9da0a6de68a4f44f78d8c73b7a1b75b168f53b3742fa8e29455d1474452f5cc0
aef771d2e517167fe65b281ebbd263d11f079c3a07e91d022a7d1e79d558d7c6
b6f9db9e45be20f3c1312c97fbee7ec36b7d8280f8caa4d53c9ba0408cc9997a
d2573ba5a19beaa4957617255124d3813a5d153b014fa8036bcd25fb538fa691
d50accc4c059a8c01d58849f2e319665785f72d4c6e5a3c0f3baeeb4a06439aa
e3498b6be8619df30f2e8be1ac532ab0c1bc87866b42ea3959c31e22cd027bd5
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

xsuiit.com Open in urlscan Pro 2a06:98c1:3120::3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

85 %HTTPS

100 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

979 kBTransfer

2125 kBSize

2 Cookies

5 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

9 JavaScript Global Variables

2 Cookies

1 Console Messages

Security Headers

Indicators

xsuiit.com Open in urlscan Pro
2a06:98c1:3120::3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

85 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

979 kB
Transfer

2125 kB
Size

2
Cookies

20 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!