| 3k.820424.xyz/static/css/chunk-vendors.74c992d4.css |  104.21.71.143 | 403 Forbidden | 43 B |
URL GET HTTP/33k.820424.xyz/static/css/chunk-vendors.74c992d4.css IP104.21.71.143:443
CertificateIssuerLet's Encrypt Subject820424.xyz Fingerprint98:0E:81:A1:B1:63:2F:8F:79:79:D3:90:F9:51:81:1A:CA:0D:0A:C1 ValidityThu, 18 Apr 2024 13:06:48 GMT - Wed, 17 Jul 2024 13:06:47 GMT
File typeASCII text, with no line terminators Hash191da67531bd94f34f70b22c7af60817 7b7a8d94c6021684f8d365ad58b56c2c3b5fb479 4cf4a95247a8229a15a7cabd62837431d81a1079eb77e6aaf4d3d3df5eb5e098
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | NetEase |
GET /static/css/chunk-vendors.74c992d4.css HTTP/1.1
Host: 3k.820424.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://3k.820424.xyz/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=7nlcse6sqfn26p3uo0itr3ma83; cr-browser-token-ts=1713627463; cr-browser-token=080cf2f3b3b7b2ddd4e2486bfa258036; cr-psid=7nlcse6sqfn26p3uo0itr3ma83
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
date: Sat, 20 Apr 2024 15:37:45 GMT
content-type: text/plain;charset=UTF-8
content-length: 43
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AQfHDMpeU%2FMZTSbzNvzSxYNh3pm6tJMttNPTQZy%2Bk6T8OZgw%2Bx7M7OQJNj930DVUfX1bfquLRMCWtCkq83tMbpq8Xykl52ZkORQLkRr1xfbmjSWYA2ey%2FLra72u2WQEL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 877637a1fac9b51e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 3k.820424.xyz/static/js/chunk-vendors.8a124ece.js | 104.21.71.143 | 404 Not Found | 7.1 kB |
URL GET HTTP/33k.820424.xyz/static/js/chunk-vendors.8a124ece.js IP104.21.71.143:443
CertificateIssuerLet's Encrypt Subject820424.xyz Fingerprint98:0E:81:A1:B1:63:2F:8F:79:79:D3:90:F9:51:81:1A:CA:0D:0A:C1 ValidityThu, 18 Apr 2024 13:06:48 GMT - Wed, 17 Jul 2024 13:06:47 GMT
File typeASCII text, with no line terminators Hash243b104bd3ab7579f0e014159f3e9490 f0c5a04052a2f39e06ab1035d91dfde9060978dd 49a73503d71d92412ee10080f6de5a06e754b45a426edc56920d4e5f05130753
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | NetEase |
GET /static/js/chunk-vendors.8a124ece.js HTTP/1.1
Host: 3k.820424.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://3k.820424.xyz/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=7nlcse6sqfn26p3uo0itr3ma83; cr-browser-token-ts=1713627463; cr-browser-token=080cf2f3b3b7b2ddd4e2486bfa258036; cr-psid=7nlcse6sqfn26p3uo0itr3ma83
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Sat, 20 Apr 2024 15:37:45 GMT
content-type: application/javascript
cf-ray: 877637a1facdb51e-OSL
cf-cache-status: BYPASS
cache-control: no-cache, no-store, must-revalidate
expires: 0
set-cookie: acw_tc=2760779417136274652017323e927a20a06d5bff83c3487f9b564b16ec3176;path=/;HttpOnly;Max-Age=1800
strict-transport-security: max-age=31536000
vary: Accept-Encoding
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SRkyOw2Xnu%2FJM5J642VIWiK%2B5EhigzDZ7W02X2JWLOKhgT7c9NzMxOEXcwQRmvcexxrDYttcuL2A6cOZj%2FpUV96jnV2sXf%2F%2Bf0eVekGmQtDQx0%2BcjkFxiP69AY8TJzSr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 3k.820424.xyz/static/css/app.22afdbee.css | 104.21.71.143 | 522 No Reason Phrase | 7.1 kB |
URL GET HTTP/33k.820424.xyz/static/css/app.22afdbee.css IP104.21.71.143:443
CertificateIssuerLet's Encrypt Subject820424.xyz Fingerprint98:0E:81:A1:B1:63:2F:8F:79:79:D3:90:F9:51:81:1A:CA:0D:0A:C1 ValidityThu, 18 Apr 2024 13:06:48 GMT - Wed, 17 Jul 2024 13:06:47 GMT
File typeHTML document, ASCII text, with very long lines (460) Hashae428c868a4e745f94408c7802eb825c 2a3d3909852f58a39105359e232161c9c45e5869 f79bacdff3e4442632527092cc9bab41957ddc260a6275c10cb51f0ac8082c26
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | NetEase |
GET /static/css/app.22afdbee.css HTTP/1.1
Host: 3k.820424.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://3k.820424.xyz/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=7nlcse6sqfn26p3uo0itr3ma83; cr-browser-token-ts=1713627463; cr-browser-token=080cf2f3b3b7b2ddd4e2486bfa258036; cr-psid=7nlcse6sqfn26p3uo0itr3ma83
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 522 No Reason Phrase
date: Sat, 20 Apr 2024 15:38:02 GMT
content-type: text/html; charset=UTF-8
content-length: 7055
cf-ray: 877637a1fac8b51e-OSL
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
vary: Accept-Encoding
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ph0a%2FnlWVTOJP0ouKoImFOIdkyQgHoZxrJ7R8U9H%2FeQg6lBl1vLxRUMfhRm9ROyW4tmhB6tulEYc7FLRVOvBHNTu5Xfc4YUK1ldlxMVseiRlhFxzoQ1T36LLNv%2Frm2RD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
|
|
| 3k.820424.xyz/static/css/archives~article~crgovideo~live~news~test~traffic.93c55854.css | 104.21.71.143 | 403 Forbidden | 41 B |
URL GET HTTP/33k.820424.xyz/static/css/archives~article~crgovideo~live~news~test~traffic.93c55854.css IP104.21.71.143:443
CertificateIssuerLet's Encrypt Subject820424.xyz Fingerprint98:0E:81:A1:B1:63:2F:8F:79:79:D3:90:F9:51:81:1A:CA:0D:0A:C1 ValidityThu, 18 Apr 2024 13:06:48 GMT - Wed, 17 Jul 2024 13:06:47 GMT
File typeASCII text, with no line terminators Hash0879cf9383cbc7fd6d36d038149757b6 8f444adaa06bd0e0d8da67d1bb9d58a72f717f41 edddb76c0ba37e273fa2ec0a91bc72c1efdb285e933f320fd475acf859350b8c
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | NetEase |
GET /static/css/archives~article~crgovideo~live~news~test~traffic.93c55854.css HTTP/1.1
Host: 3k.820424.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://3k.820424.xyz/
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=7nlcse6sqfn26p3uo0itr3ma83; cr-browser-token-ts=1713627463; cr-browser-token=080cf2f3b3b7b2ddd4e2486bfa258036; cr-psid=7nlcse6sqfn26p3uo0itr3ma83; acw_tc=2760779417136274652017323e927a20a06d5bff83c3487f9b564b16ec3176
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
date: Sat, 20 Apr 2024 15:38:02 GMT
content-type: text/plain;charset=UTF-8
content-length: 41
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TAaeQ2tJ6aa4tFQQMJ3PWsNlkLhDo57zmXv1NqQAwdPAa4jRf4U%2BtDogONxn9uAkY38KOMAe37vUg2YAFHyIOoDt7R8n9%2Bpo2TJSxb8DGl19o5sJkBSyP89Tlnnve2PF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 877638131b23b51e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 3k.820424.xyz/static/css/archives.88af18f1.css | 104.21.71.143 | 403 Forbidden | 44 B |
URL GET HTTP/33k.820424.xyz/static/css/archives.88af18f1.css IP104.21.71.143:443
CertificateIssuerLet's Encrypt Subject820424.xyz Fingerprint98:0E:81:A1:B1:63:2F:8F:79:79:D3:90:F9:51:81:1A:CA:0D:0A:C1 ValidityThu, 18 Apr 2024 13:06:48 GMT - Wed, 17 Jul 2024 13:06:47 GMT
File typeASCII text, with no line terminators Hash2386017cab459c7f7658524d8a4747cd 60b59df562b3bc393c2f282421f20c44e4f038a7 0d12a27253dfda80192317f0e509a6deadcdd7d21fd3c139fabb7b8b9cfce39a
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | NetEase |
GET /static/css/archives.88af18f1.css HTTP/1.1
Host: 3k.820424.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://3k.820424.xyz/
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=7nlcse6sqfn26p3uo0itr3ma83; cr-browser-token-ts=1713627463; cr-browser-token=080cf2f3b3b7b2ddd4e2486bfa258036; cr-psid=7nlcse6sqfn26p3uo0itr3ma83; acw_tc=2760779417136274652017323e927a20a06d5bff83c3487f9b564b16ec3176
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
date: Sat, 20 Apr 2024 15:38:03 GMT
content-type: text/plain;charset=UTF-8
content-length: 44
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mDW2sCSFiw3Y9wB%2B4ExwD6UJSd%2B%2Fr9QcNtfT0yzAGVhyqbm7uMOybtfw%2Bagrip3iqp86LY87qLDfoMI2uUjOgJtEYm5MIocXKH11FV363pMMSu%2B06l5UcSPPzqgIZf0C"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 877638131b20b51e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 3k.820424.xyz/static/css/article~crgovideo~test.8206b78b.css | 104.21.71.143 | 403 Forbidden | 41 B |
URL GET HTTP/33k.820424.xyz/static/css/article~crgovideo~test.8206b78b.css IP104.21.71.143:443
CertificateIssuerLet's Encrypt Subject820424.xyz Fingerprint98:0E:81:A1:B1:63:2F:8F:79:79:D3:90:F9:51:81:1A:CA:0D:0A:C1 ValidityThu, 18 Apr 2024 13:06:48 GMT - Wed, 17 Jul 2024 13:06:47 GMT
File typeASCII text, with no line terminators Hash0879cf9383cbc7fd6d36d038149757b6 8f444adaa06bd0e0d8da67d1bb9d58a72f717f41 edddb76c0ba37e273fa2ec0a91bc72c1efdb285e933f320fd475acf859350b8c
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | NetEase |
GET /static/css/article~crgovideo~test.8206b78b.css HTTP/1.1
Host: 3k.820424.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://3k.820424.xyz/
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=7nlcse6sqfn26p3uo0itr3ma83; cr-browser-token-ts=1713627463; cr-browser-token=080cf2f3b3b7b2ddd4e2486bfa258036; cr-psid=7nlcse6sqfn26p3uo0itr3ma83; acw_tc=2760779417136274652017323e927a20a06d5bff83c3487f9b564b16ec3176
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
date: Sat, 20 Apr 2024 15:38:04 GMT
content-type: text/plain;charset=UTF-8
content-length: 41
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FzCJv2YL9NK7M4U2jZZdk5I0YdatIzuMErLLqjwyv7AQcGIhbO1RerCaYMWyF8vPzkp5z1FP3SK9ngYu6%2FPyLZwsc7LlYF2Y%2Frb0N9O6jQddkv0%2BE6F31lC8j7tc4W4q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87763818e835b51e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 3k.820424.xyz/static/js/app.672147b6.js | 104.21.71.143 | 526 No Reason Phrase | 7.1 kB |
URL GET HTTP/33k.820424.xyz/static/js/app.672147b6.js IP104.21.71.143:443
CertificateIssuerLet's Encrypt Subject820424.xyz Fingerprint98:0E:81:A1:B1:63:2F:8F:79:79:D3:90:F9:51:81:1A:CA:0D:0A:C1 ValidityThu, 18 Apr 2024 13:06:48 GMT - Wed, 17 Jul 2024 13:06:47 GMT
File typeHTML document, ASCII text, with very long lines (7418), with no line terminators Hasha7f4c352184212515e3f3059e703bf1e ab0598cfe66626c8da831b6f6ef7c90ceedd68f7 3a20df1f9ae6be774b3b04a1f99c490e3071a949408172c3fc1edbe024f749f4
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | NetEase |
GET /static/js/app.672147b6.js HTTP/1.1
Host: 3k.820424.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://3k.820424.xyz/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=7nlcse6sqfn26p3uo0itr3ma83; cr-browser-token-ts=1713627463; cr-browser-token=080cf2f3b3b7b2ddd4e2486bfa258036; cr-psid=7nlcse6sqfn26p3uo0itr3ma83; acw_tc=2760779417136274652017323e927a20a06d5bff83c3487f9b564b16ec3176
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 526 No Reason Phrase
date: Sat, 20 Apr 2024 15:37:46 GMT
content-type: text/html; charset=UTF-8
content-length: 7089
cf-ray: 877637aabb53b51e-OSL
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
vary: Accept-Encoding
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NlBPvq%2BF1pExDumvkCu4HRMwc44Ieox5FObyo2yEKzM8OSxST5eGqD4fcW8hM%2FrGYaTP62VDb2Q4MqkQdL033ltcBzFfaEaVmnids3FNUXeXaZhI9soLCMMTrWhcmQPg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
|
|
| 3k.820424.xyz/static/css/chunk-swiper.c412edf5.css | 0.0.0.0 | | 0 B |
URL GET 3k.820424.xyz/static/css/chunk-swiper.c412edf5.css IP0.0.0.0:0
CertificateIssuerLet's Encrypt Subject820424.xyz Fingerprint98:0E:81:A1:B1:63:2F:8F:79:79:D3:90:F9:51:81:1A:CA:0D:0A:C1 ValidityThu, 18 Apr 2024 13:06:48 GMT - Wed, 17 Jul 2024 13:06:47 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | NetEase |
GET /static/css/chunk-swiper.c412edf5.css HTTP/1.1
Host: 3k.820424.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://3k.820424.xyz/
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=7nlcse6sqfn26p3uo0itr3ma83; cr-browser-token-ts=1713627463; cr-browser-token=080cf2f3b3b7b2ddd4e2486bfa258036; cr-psid=7nlcse6sqfn26p3uo0itr3ma83; acw_tc=2760779417136274652017323e927a20a06d5bff83c3487f9b564b16ec3176; acw_sc__v2=6623e15a2ae84eda8c8dae4e611ef1d6fcf607de; x-waf-captcha-referer=https%3A%2F%2Fwww.google.com%2Fsearch%3Fq%3Dedtunnel
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
|
|
| 3k.820424.xyz/static/css/crowdfundcantopopcorn.20f72deb.css | 0.0.0.0 | | 0 B |
URL GET 3k.820424.xyz/static/css/crowdfundcantopopcorn.20f72deb.css IP0.0.0.0:0
CertificateIssuerLet's Encrypt Subject820424.xyz Fingerprint98:0E:81:A1:B1:63:2F:8F:79:79:D3:90:F9:51:81:1A:CA:0D:0A:C1 ValidityThu, 18 Apr 2024 13:06:48 GMT - Wed, 17 Jul 2024 13:06:47 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | NetEase |
GET /static/css/crowdfundcantopopcorn.20f72deb.css HTTP/1.1
Host: 3k.820424.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://3k.820424.xyz/
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=7nlcse6sqfn26p3uo0itr3ma83; cr-browser-token-ts=1713627463; cr-browser-token=080cf2f3b3b7b2ddd4e2486bfa258036; cr-psid=7nlcse6sqfn26p3uo0itr3ma83; acw_tc=2760779417136274652017323e927a20a06d5bff83c3487f9b564b16ec3176; acw_sc__v2=6623e15a2ae84eda8c8dae4e611ef1d6fcf607de; x-waf-captcha-referer=https%3A%2F%2Fwww.google.com%2Fsearch%3Fq%3Dedtunnel; route=951a4646d54c4caa48543f5077f867db
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
|
|
| 3k.820424.xyz/static/css/adService.08caea3c.css | 104.21.71.143 | 404 Not Found | 2.8 kB |
URL GET HTTP/33k.820424.xyz/static/css/adService.08caea3c.css IP104.21.71.143:443
CertificateIssuerLet's Encrypt Subject820424.xyz Fingerprint98:0E:81:A1:B1:63:2F:8F:79:79:D3:90:F9:51:81:1A:CA:0D:0A:C1 ValidityThu, 18 Apr 2024 13:06:48 GMT - Wed, 17 Jul 2024 13:06:47 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (2867), with no line terminators Hash0d95d55bb2425adb7e02d210e62c5367 1eb230bd95c26ea16a3e2666fc47bd44655cc045 dd53a120ecaacedcd779830d2ecd261ea556fc4dbf6a10adbd326017b9f759a6
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | NetEase |
GET /static/css/adService.08caea3c.css HTTP/1.1
Host: 3k.820424.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://3k.820424.xyz/
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=7nlcse6sqfn26p3uo0itr3ma83; cr-browser-token-ts=1713627463; cr-browser-token=080cf2f3b3b7b2ddd4e2486bfa258036; cr-psid=7nlcse6sqfn26p3uo0itr3ma83; acw_tc=2760779417136274652017323e927a20a06d5bff83c3487f9b564b16ec3176
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Sat, 20 Apr 2024 15:38:05 GMT
content-type: text/html; charset=GBK
cf-ray: 877638131b1eb51e-OSL
cf-cache-status: MISS
cache-control: max-age=14400
expires: Sat, 20 Apr 2024 15:48:05 GMT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BU%2Bbrfiryp6KnDARY2l22euR%2BdX5dkV9gCSA26GlKuWGDChtaKSMf472ai%2BLc2FNPIemX%2Fk8bRZ6VGlMwrIdFM5R5kKxo5GKtIXRyFbAv5fuZUiZLf6OmPJSqGeDq1SY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 3k.820424.xyz/static/css/contactUs.8eae7dfc.css | 104.21.71.143 | 404 Not Found | 14 kB |
URL GET HTTP/33k.820424.xyz/static/css/contactUs.8eae7dfc.css IP104.21.71.143:443
CertificateIssuerLet's Encrypt Subject820424.xyz Fingerprint98:0E:81:A1:B1:63:2F:8F:79:79:D3:90:F9:51:81:1A:CA:0D:0A:C1 ValidityThu, 18 Apr 2024 13:06:48 GMT - Wed, 17 Jul 2024 13:06:47 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | NetEase |
GET /static/css/contactUs.8eae7dfc.css HTTP/1.1
Host: 3k.820424.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://3k.820424.xyz/
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=7nlcse6sqfn26p3uo0itr3ma83; cr-browser-token-ts=1713627463; cr-browser-token=080cf2f3b3b7b2ddd4e2486bfa258036; cr-psid=7nlcse6sqfn26p3uo0itr3ma83; acw_tc=2760779417136274652017323e927a20a06d5bff83c3487f9b564b16ec3176; acw_sc__v2=6623e15a2ae84eda8c8dae4e611ef1d6fcf607de; x-waf-captcha-referer=https%3A%2F%2Fwww.google.com%2Fsearch%3Fq%3Dedtunnel
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Sat, 20 Apr 2024 15:38:05 GMT
content-type: text/html;charset=utf-8
cf-ray: 8776381fcea9b51e-OSL
cf-cache-status: BYPASS
cache-control: no-cache,no-store,max-age=0,s-maxage=0
content-language: en-US
set-cookie: route=951a4646d54c4caa48543f5077f867db; Path=/
vary: Accept-Encoding
via: cache93.czmp,cache05.hsct02
x-bdcdn-cache-status: TCP_MISS,TCP_MISS
x-powered-by: SNMW-WEB1.0
x-request-id: 9517db8f71ebc87e22d0866580b9f368
x-request-ip: 162.158.222.196
x-response-cache: miss
x-response-cinfo: 162.158.222.196
x-tt-trace-tag: id=5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1271NJpI2nRjOlZDcMY7kWAd4yy6qDyORk9ZNr%2FLe90E%2FhrFKdt0JavEl1%2FX0sPehy0Kc9ydYsc2twILzE5MflikSg55APkdoJUUh0BaRNcsxCvMQecSgFn8Fwn0gpcg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 3k.820424.xyz/static/css/article.03a72cb4.css | 104.21.71.143 | 307 Temporary Redirect | 209 B |
URL GET HTTP/33k.820424.xyz/static/css/article.03a72cb4.css IP104.21.71.143:443
CertificateIssuerLet's Encrypt Subject820424.xyz Fingerprint98:0E:81:A1:B1:63:2F:8F:79:79:D3:90:F9:51:81:1A:CA:0D:0A:C1 ValidityThu, 18 Apr 2024 13:06:48 GMT - Wed, 17 Jul 2024 13:06:47 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | NetEase |
GET /static/css/article.03a72cb4.css HTTP/1.1
Host: 3k.820424.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://3k.820424.xyz/
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=7nlcse6sqfn26p3uo0itr3ma83; cr-browser-token-ts=1713627463; cr-browser-token=080cf2f3b3b7b2ddd4e2486bfa258036; cr-psid=7nlcse6sqfn26p3uo0itr3ma83; acw_tc=2760779417136274652017323e927a20a06d5bff83c3487f9b564b16ec3176
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 307 Temporary Redirect
date: Sat, 20 Apr 2024 15:38:03 GMT
content-type: text/html
location: /static/css/article.03a72cb4.css
cf-ray: 877638132b30b51e-OSL
cf-cache-status: BYPASS
cache-control: no-cache, no-store
set-cookie: acw_sc__v2=6623e15a2ae84eda8c8dae4e611ef1d6fcf607de;path=/;HttpOnly;Max-Age=1800
vary: Accept-Encoding
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RrQ9dVYE6cadxKrPgMHAIPuo5xZK%2FWlYZE0E%2BY3y54uWdvHCRUXpwaJQMr%2FRKPAGINM211Uu7FOGbNs0YFcXrWcxaOB1nzjbwC1YBeCXqmYO0oV2bCQ%2FGoec0VJqI3mN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
|
|
| 3k.820424.xyz/static/css/article_list.9bfa27d0.css | 104.21.71.143 | 404 Not Found | 168 B |
URL GET HTTP/33k.820424.xyz/static/css/article_list.9bfa27d0.css IP104.21.71.143:443
CertificateIssuerLet's Encrypt Subject820424.xyz Fingerprint98:0E:81:A1:B1:63:2F:8F:79:79:D3:90:F9:51:81:1A:CA:0D:0A:C1 ValidityThu, 18 Apr 2024 13:06:48 GMT - Wed, 17 Jul 2024 13:06:47 GMT
File typeHTML document, ASCII text, with no line terminators Hash6bad00742c8b9ee7afe3fd459f6ead91 e8cc4584fd3c1dc19ebf3a9fe01757cf703ab51f cc5179420fba6302886ade8054948780cbba895adfd416e7e82e31e4ad07f9f7
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | NetEase |
GET /static/css/article_list.9bfa27d0.css HTTP/1.1
Host: 3k.820424.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://3k.820424.xyz/
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=7nlcse6sqfn26p3uo0itr3ma83; cr-browser-token-ts=1713627463; cr-browser-token=080cf2f3b3b7b2ddd4e2486bfa258036; cr-psid=7nlcse6sqfn26p3uo0itr3ma83; acw_tc=2760779417136274652017323e927a20a06d5bff83c3487f9b564b16ec3176
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Sat, 20 Apr 2024 15:38:04 GMT
content-type: text/html
cf-ray: 877638133b33b51e-OSL
cf-cache-status: MISS
cache-control: max-age=14400
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XTt8kOgUGYuH4K577s6DPlE8tNpbBygXcEFb%2Bcbt7UP9wOl1melaDiOT0wNRsTFellETVlomXQHW25Lq4k%2Fhws0Q5r%2BqtcVUIFYJLpnE7bO0nZ1HIU3bKeYXmEYNtI4j"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 3k.820424.xyz/static/css/article.03a72cb4.css | 104.21.71.143 | 202 Accepted | 209 B |
URL GET HTTP/33k.820424.xyz/static/css/article.03a72cb4.css IP104.21.71.143:443
CertificateIssuerLet's Encrypt Subject820424.xyz Fingerprint98:0E:81:A1:B1:63:2F:8F:79:79:D3:90:F9:51:81:1A:CA:0D:0A:C1 ValidityThu, 18 Apr 2024 13:06:48 GMT - Wed, 17 Jul 2024 13:06:47 GMT
File typeHTML document, ASCII text, with no line terminators Hashd88faa19633c76a9f661b3d9bc878c76 27dff72196f73c059c873658f3436c6531f80693 f831a36e69d83f92800767957dd2f0bbb23ac1d0c8721cd98c82a44d0ec2372f
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | NetEase |
GET /static/css/article.03a72cb4.css HTTP/1.1
Host: 3k.820424.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Referer: https://3k.820424.xyz/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=7nlcse6sqfn26p3uo0itr3ma83; cr-browser-token-ts=1713627463; cr-browser-token=080cf2f3b3b7b2ddd4e2486bfa258036; cr-psid=7nlcse6sqfn26p3uo0itr3ma83; acw_tc=2760779417136274652017323e927a20a06d5bff83c3487f9b564b16ec3176; acw_sc__v2=6623e15a2ae84eda8c8dae4e611ef1d6fcf607de
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 202 Accepted
date: Sat, 20 Apr 2024 15:38:03 GMT
content-type: text/html; charset=utf-8
cf-ray: 8776381998d1b51e-OSL
cf-cache-status: BYPASS
cache-control: no-store
set-cookie: x-waf-captcha-referer=https%3A%2F%2Fwww.google.com%2Fsearch%3Fq%3Dedtunnel; Path=/; Max-Age=60;
strict-transport-security: max-age=31536000;
vary: Accept-Encoding
pragma: no-cache
x-cache-lookup: Cache Miss
x-nws-log-uuid: 18292016112825898120
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IZXKSp4lmV7HWaeiwT2%2FgEAsVw21xIyewi5Od8N7E3yVruPg1nOcBzMpJHbN3hozQADCKkkXMZlqTc1C%2BaXtAFn%2Bf89AmNQn77VOuAi1FRrnSTQwffgzaKXaR2crBZRK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
|
|
| | 104.21.71.143 | 200 OK | 72 kB |
URL User Request GET HTTP/2IP104.21.71.143:443
CertificateIssuerLet's Encrypt Subject820424.xyz Fingerprint98:0E:81:A1:B1:63:2F:8F:79:79:D3:90:F9:51:81:1A:CA:0D:0A:C1 ValidityThu, 18 Apr 2024 13:06:48 GMT - Wed, 17 Jul 2024 13:06:47 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | NetEase |
GET / HTTP/1.1
Host: 3k.820424.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 Apr 2024 15:37:43 GMT
content-type: text/html; charset=UTF-8
cf-ray: 8776379c5b8bb503-OSL
cf-cache-status: DYNAMIC
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT
strict-transport-security: max-age=86400; preload;
vary: Accept-Encoding
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
set-cookie: PHPSESSID=7nlcse6sqfn26p3uo0itr3ma83; path=/; secure; HttpOnly
cr-browser-token=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; HttpOnly
cr-browser-token-ts=1713627463; expires=Mon, 05-May-2025 15:37:43 GMT; Max-Age=32832000; path=/; secure; HttpOnly
cr-browser-token=080cf2f3b3b7b2ddd4e2486bfa258036; expires=Mon, 05-May-2025 15:37:43 GMT; Max-Age=32832000; path=/; secure
cr-psid=7nlcse6sqfn26p3uo0itr3ma83; path=/; SameSite=None; secure; HttpOnly
x-amz-cf-id: Q6IWvs55nOqphBrymUt6s3aI9zTZB5Qq6mQU6LI-Zs2KLr7Iq8oY3A==
x-amz-cf-pop: OSL50-C1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1;mode=block
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qWJv6AzgDbA8Cds2Voysyzex7XubT4GzEdPx%2BYzG6XqMGg5hU74be6U2XkUm0IVDHZ0EyX6jrL3oNGIYDRkWfw0IHUSyeSSnWwV9P5Ch%2Bv5E4Te6dPcVPItnNoI0VjgK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 3k.820424.xyz/static/js/app.672147b6.js | 104.21.71.143 | 404 Not Found | 0 B |
URL GET HTTP/33k.820424.xyz/static/js/app.672147b6.js IP104.21.71.143:443
CertificateIssuerLet's Encrypt Subject820424.xyz Fingerprint98:0E:81:A1:B1:63:2F:8F:79:79:D3:90:F9:51:81:1A:CA:0D:0A:C1 ValidityThu, 18 Apr 2024 13:06:48 GMT - Wed, 17 Jul 2024 13:06:47 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | NetEase |
GET /static/js/app.672147b6.js HTTP/1.1
Host: 3k.820424.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://3k.820424.xyz/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=7nlcse6sqfn26p3uo0itr3ma83; cr-browser-token-ts=1713627463; cr-browser-token=080cf2f3b3b7b2ddd4e2486bfa258036; cr-psid=7nlcse6sqfn26p3uo0itr3ma83
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Sat, 20 Apr 2024 15:37:44 GMT
content-type: text/html; charset=utf-8
cf-ray: 877637a1facab51e-OSL
cf-cache-status: MISS
cache-control: max-age=14400
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: cache32.l2nm125-4[108,0], cache11.ru3[409,0]
access-control-allow-credentials: true
content-security-policy: upgrade-insecure-requests ;report-uri https://i.snssdk.com/log/sentry/v2/api/slardar/main/?ev_type=csp&bid=douyin_inapp
content-security-policy-report-only: default-src 'self' blob: data: 'unsafe-inline' 'unsafe-eval' *.bytednsdoc.com *.zijieimg.com *.zjurl.cn *.pstatp.com *.bytecdn.cn *.isnssdk.com *.365yg.com *.ipstatp.com *.amemv.com *.ibytedtos.com *.ixigua.com *.ixiguavideo.com *.hypstarcdn.com *.tiktokcdn.com *.topbuzzcdn.com *.muscdn.com *.huoshanzhibo.com *.huoshanxiaoshipin.cn *.huoshanxiaoshipin.net *.huoshanvideo.cn *.huoshanvideo.net *.ieshuodong.cn *.ieshuodong.net *.byteoversea.com *.byted.org *.bytedance.net *.bytescm.com *.bytedance.com *.toutiaocloud.com *.snssdk.com *.toutiao.com *.huoshan.com *.douyin.com *.douyincdn.com *.jinritemai.com *.chengzijianzhan.com *.baike.com *.ribaoapi.com *.bytexservice.com *.pglstatp-toutiao.com *.oceanengine.com *.dyvideotape.com at.alicdn.com g.alicdn.com *.iesdouyin.com *.byteimg.com *.zjcdn.com bytedance: android-webview-video-poster: snssdk1128: *.bytednsdoc.com *.douyinpic.com *.douyinstatic.com *.bdxiguaimg.com *.bdxiguastatic.com *.bytegoofy.com unpkg.com unpkg.byted-static.com *.draftstatic.com *.bytetcc.com;img-src 'self' blob: data: android-webview-video-poster: 'unsafe-inline' 'unsafe-eval' *.douyin.com *.pstatp.com *.byteimg.com *.douyincdn.com *.toutiao.com *.snssdk.com *.pglstatp-toutiao.com *.byted.org *.oceanengine.com *.feiliao.com *.ixigua.com *.bdxiguaimg.com *.bdxiguastatic.com *.iesdouyin.com *.bytecdn.cn *.ribaoapi.com *.365yg.com *.bytexservice.com *.tiktokcdn.com *.douyinpic.com *.douyinstatic.com *.bytedance.net *.bytescm.com *.bytednsdoc.com *.bytegoofy.com;media-src 'self' blob: data: 'unsafe-inline' 'unsafe-eval' *.ixigua.com *.snssdk.com *.pstatp.com *.zjcdn.com *.365yg.com *.bytecdn.cn *.douyinvod.com *.bytedance.net *.bytescm.com *.bytegoofy.com *.bytednsdoc.com;upgrade-insecure-requests ;report-uri https://i.snssdk.com/log/sentry/v2/api/slardar/main/?ev_type=csp&bid=douyin_inapp
eagleid: 2ff6029f17136274641197681e
server-timing: inner; dur=101, cdn-cache;desc=MISS,edge;dur=301,origin;dur=108
timing-allow-origin: *
x-alicdn-da-ups-status: endOs,0,404
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-tt-logid: 202404202337447B2400F5652C82DD4BCA
x-tt-trace-host: 01ae3485c412db67097a2fefa88ba0f972fbf7277fde091450a74c6e52021da4e95070149e1df882a1cb17b4d83b033e5a0dff2013a390b5e404870057e676683683f5466a3d65e84c270db03bd924183e8981dcc2b1b7da29ec6c460c61eb41c642adceb5109bfb16a7f62b384eaf8abea23de331afd0aa1deeb2043ff78ee160
x-tt-trace-id: 00-2404202337447B2400F5652C82DD4BCA-0BFB486D5C5FC92E-00
x-tt-trace-tag: id=03;cdn-cache=miss;type=dyn
x-xss-protection: 1; mode=block
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wLO5skJVczay1gan2X2vnpAp%2BBPbAWuSUd%2BiuzDOjAa2NSjDb5xmO1A%2B26TVpYf1RBp%2FVNZMjEfBKvGIwWC3t4CB8DhqR%2F0xqslf%2FA0cBGMI0BTHF5KZwMvNI8ZLUl3x"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 3k.820424.xyz/favicon.ico | 104.21.71.143 | 200 OK | 0 B |
URL GET HTTP/33k.820424.xyz/favicon.ico IP104.21.71.143:443
CertificateIssuerLet's Encrypt Subject820424.xyz Fingerprint98:0E:81:A1:B1:63:2F:8F:79:79:D3:90:F9:51:81:1A:CA:0D:0A:C1 ValidityThu, 18 Apr 2024 13:06:48 GMT - Wed, 17 Jul 2024 13:06:47 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | NetEase |
GET /favicon.ico HTTP/1.1
Host: 3k.820424.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://3k.820424.xyz/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=7nlcse6sqfn26p3uo0itr3ma83; cr-browser-token-ts=1713627463; cr-browser-token=080cf2f3b3b7b2ddd4e2486bfa258036; cr-psid=7nlcse6sqfn26p3uo0itr3ma83; acw_tc=2760779417136274652017323e927a20a06d5bff83c3487f9b564b16ec3176
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 20 Apr 2024 15:37:47 GMT
content-type: image/vnd.microsoft.icon
cf-ray: 877637b77ef7b51e-OSL
cf-cache-status: MISS
cache-control: public, max-age=31536000
etag: W/"0-5ce377aff5ee6"
last-modified: Wed, 13 Oct 2021 08:09:25 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
akamai-x-true-cache-ttl: 31536000
content-security-policy: frame-ancestors 'self' www.stumbleupon.com stumbleupon.com;, upgrade-insecure-requests;
mpulse_cdn_cache: HIT
mpulse_origin_time: 0
x-frame-options: SAMEORIGIN
x-tmg-pref-exists: false
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6BC0wQaU4KyeuUbGeLJOMWSoSQplTsqtTJWVuLi7vulcN56HijSrIomQtkEfFTXX1hj09Z%2FgKdlrUdN5O1iAw%2BObNvbDCBeQj%2F3fMGjY9VXWi0XhKWm15LOdwVsciGDk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 3k.820424.xyz/static/css/bilingual.a4db5e55.css | 0.0.0.0 | | 0 B |
URL GET 3k.820424.xyz/static/css/bilingual.a4db5e55.css IP0.0.0.0:0
CertificateIssuerLet's Encrypt Subject820424.xyz Fingerprint98:0E:81:A1:B1:63:2F:8F:79:79:D3:90:F9:51:81:1A:CA:0D:0A:C1 ValidityThu, 18 Apr 2024 13:06:48 GMT - Wed, 17 Jul 2024 13:06:47 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | NetEase |
GET /static/css/bilingual.a4db5e55.css HTTP/1.1
Host: 3k.820424.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://3k.820424.xyz/
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=7nlcse6sqfn26p3uo0itr3ma83; cr-browser-token-ts=1713627463; cr-browser-token=080cf2f3b3b7b2ddd4e2486bfa258036; cr-psid=7nlcse6sqfn26p3uo0itr3ma83; acw_tc=2760779417136274652017323e927a20a06d5bff83c3487f9b564b16ec3176; acw_sc__v2=6623e15a2ae84eda8c8dae4e611ef1d6fcf607de
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
|
|
| 3k.820424.xyz/static/css/crgovideo.b01fa1d6.css | 0.0.0.0 | | 0 B |
URL GET 3k.820424.xyz/static/css/crgovideo.b01fa1d6.css IP0.0.0.0:0
CertificateIssuerLet's Encrypt Subject820424.xyz Fingerprint98:0E:81:A1:B1:63:2F:8F:79:79:D3:90:F9:51:81:1A:CA:0D:0A:C1 ValidityThu, 18 Apr 2024 13:06:48 GMT - Wed, 17 Jul 2024 13:06:47 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | NetEase |
GET /static/css/crgovideo.b01fa1d6.css HTTP/1.1
Host: 3k.820424.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://3k.820424.xyz/
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=7nlcse6sqfn26p3uo0itr3ma83; cr-browser-token-ts=1713627463; cr-browser-token=080cf2f3b3b7b2ddd4e2486bfa258036; cr-psid=7nlcse6sqfn26p3uo0itr3ma83; acw_tc=2760779417136274652017323e927a20a06d5bff83c3487f9b564b16ec3176; acw_sc__v2=6623e15a2ae84eda8c8dae4e611ef1d6fcf607de; x-waf-captcha-referer=https%3A%2F%2Fwww.google.com%2Fsearch%3Fq%3Dedtunnel; route=951a4646d54c4caa48543f5077f867db
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
|
|
| 3k.820424.xyz/static/css/crowdfundcantopopcorn~member~productsalescampaign.9f2793b8.css | 0.0.0.0 | | 0 B |
URL GET 3k.820424.xyz/static/css/crowdfundcantopopcorn~member~productsalescampaign.9f2793b8.css IP0.0.0.0:0
CertificateIssuerLet's Encrypt Subject820424.xyz Fingerprint98:0E:81:A1:B1:63:2F:8F:79:79:D3:90:F9:51:81:1A:CA:0D:0A:C1 ValidityThu, 18 Apr 2024 13:06:48 GMT - Wed, 17 Jul 2024 13:06:47 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | NetEase |
GET /static/css/crowdfundcantopopcorn~member~productsalescampaign.9f2793b8.css HTTP/1.1
Host: 3k.820424.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://3k.820424.xyz/
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=7nlcse6sqfn26p3uo0itr3ma83; cr-browser-token-ts=1713627463; cr-browser-token=080cf2f3b3b7b2ddd4e2486bfa258036; cr-psid=7nlcse6sqfn26p3uo0itr3ma83; acw_tc=2760779417136274652017323e927a20a06d5bff83c3487f9b564b16ec3176; acw_sc__v2=6623e15a2ae84eda8c8dae4e611ef1d6fcf607de; x-waf-captcha-referer=https%3A%2F%2Fwww.google.com%2Fsearch%3Fq%3Dedtunnel; route=951a4646d54c4caa48543f5077f867db
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
|
|
| 3k.820424.xyz/static/css/archives~member~newsCategory~recentNews~songchart~trafficNews.7de2173c.css | 104.21.71.143 | 200 OK | 5.9 kB |
URL GET HTTP/33k.820424.xyz/static/css/archives~member~newsCategory~recentNews~songchart~trafficNews.7de2173c.css IP104.21.71.143:443
CertificateIssuerLet's Encrypt Subject820424.xyz Fingerprint98:0E:81:A1:B1:63:2F:8F:79:79:D3:90:F9:51:81:1A:CA:0D:0A:C1 ValidityThu, 18 Apr 2024 13:06:48 GMT - Wed, 17 Jul 2024 13:06:47 GMT
File typeASCII text, with very long lines (5887), with no line terminators Hashb027c133a9e711179bc1758b2f3facbc a2139f5cc5cdeb82f9978d2039c52f35659dec76 a7733cdf12a7b41c77962491013979c15566c378af3028e37a0f04d111c7afa7
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | NetEase |
GET /static/css/archives~member~newsCategory~recentNews~songchart~trafficNews.7de2173c.css HTTP/1.1
Host: 3k.820424.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://3k.820424.xyz/
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=7nlcse6sqfn26p3uo0itr3ma83; cr-browser-token-ts=1713627463; cr-browser-token=080cf2f3b3b7b2ddd4e2486bfa258036; cr-psid=7nlcse6sqfn26p3uo0itr3ma83; acw_tc=2760779417136274652017323e927a20a06d5bff83c3487f9b564b16ec3176
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 20 Apr 2024 15:38:03 GMT
content-type: text/css
cf-ray: 877638132b2db51e-OSL
cf-cache-status: MISS
cache-control: public, max-age=31536000, must-revalidate, proxy-revalidate
etag: W/"6621d8dd-4b9"
expires: Sun, 20 Apr 2025 15:38:02 GMT
last-modified: Fri, 19 Apr 2024 02:37:17 GMT
strict-transport-security: max-age=86400; preload;
vary: Accept-Encoding
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
x-amz-cf-id: ytDF53lxXTLl3jeGqVwmEo0T5MSwkhvj02YQdYeEp-G86fV16ntVZw==
x-amz-cf-pop: OSL50-C1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1;mode=block
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aGRZ5gEhkVThkpB0NkP7olhD6hMEdhFLo9zn8W0wbL6YZ1l6dzcoVl1QIDXWELv%2FhhX%2BX0X%2FMq5U8hKQ6rPmvd1krELQCtZm7apiRoUSLp%2BMBrDMuj7GvkRzk37n9R7R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 3k.820424.xyz/static/css/articles.77f23c95.css | 104.21.71.143 | 404 Not Found | 4.9 kB |
URL GET HTTP/33k.820424.xyz/static/css/articles.77f23c95.css IP104.21.71.143:443
CertificateIssuerLet's Encrypt Subject820424.xyz Fingerprint98:0E:81:A1:B1:63:2F:8F:79:79:D3:90:F9:51:81:1A:CA:0D:0A:C1 ValidityThu, 18 Apr 2024 13:06:48 GMT - Wed, 17 Jul 2024 13:06:47 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (5122), with no line terminators Hash752597750ffb3afccbf53aaee7e10236 0f3b1fddf0fe1413d4f54a1e366578ba374fdf5d b2a415f892b08e9a7da3fa98f4cc14698fae274639eee51622606eeb4d877b28
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | NetEase |
GET /static/css/articles.77f23c95.css HTTP/1.1
Host: 3k.820424.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://3k.820424.xyz/
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=7nlcse6sqfn26p3uo0itr3ma83; cr-browser-token-ts=1713627463; cr-browser-token=080cf2f3b3b7b2ddd4e2486bfa258036; cr-psid=7nlcse6sqfn26p3uo0itr3ma83; acw_tc=2760779417136274652017323e927a20a06d5bff83c3487f9b564b16ec3176
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Sat, 20 Apr 2024 15:38:05 GMT
content-type: text/html
cf-ray: 877638158d25b51e-OSL
cf-cache-status: MISS
cache-control: max-age=14400
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ELWOQn%2BmD4w3xca%2BdQFvSUNB6LYTsBKJ8tu5KqWDDk5LRsuNyvZmjIvxtENngiQMdClZ9pw6eSX29d%2FBIaJ22r0cacG4f4KzzmEoyWDAWxnPTY0yoyRcPy4%2FhkPNhrsT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 3k.820424.xyz/static/css/chart.a4c378f4.css | 0.0.0.0 | | 0 B |
URL GET 3k.820424.xyz/static/css/chart.a4c378f4.css IP0.0.0.0:0
CertificateIssuerLet's Encrypt Subject820424.xyz Fingerprint98:0E:81:A1:B1:63:2F:8F:79:79:D3:90:F9:51:81:1A:CA:0D:0A:C1 ValidityThu, 18 Apr 2024 13:06:48 GMT - Wed, 17 Jul 2024 13:06:47 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | NetEase |
GET /static/css/chart.a4c378f4.css HTTP/1.1
Host: 3k.820424.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://3k.820424.xyz/
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=7nlcse6sqfn26p3uo0itr3ma83; cr-browser-token-ts=1713627463; cr-browser-token=080cf2f3b3b7b2ddd4e2486bfa258036; cr-psid=7nlcse6sqfn26p3uo0itr3ma83; acw_tc=2760779417136274652017323e927a20a06d5bff83c3487f9b564b16ec3176; acw_sc__v2=6623e15a2ae84eda8c8dae4e611ef1d6fcf607de; x-waf-captcha-referer=https%3A%2F%2Fwww.google.com%2Fsearch%3Fq%3Dedtunnel
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
|
|