Report - 220.169.107.3:1266/frzx/article/showclass.asp?classid=3/

Report Overview

Submitted URL
220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
IP
220.169.107.3
ASN
#4134 Chinanet
Submitted
2024-05-07 18:16:20
Access
public
Website Title
动态校园 [芙蓉中学]
Final URL
220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
72

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
220.169.107.3:1266	unknown	unknown	No data	No data	18 kB	481 kB	220.169.107.3

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-07	medium	220.169.107.3	Sinkholed
2024-05-07	medium	220.169.107.3	Sinkholed
2024-05-07	medium	220.169.107.3	Sinkholed
2024-05-07	medium	220.169.107.3	Sinkholed
2024-05-07	medium	220.169.107.3	Sinkholed
2024-05-07	medium	220.169.107.3	Sinkholed
2024-05-07	medium	220.169.107.3	Sinkholed
2024-05-07	medium	220.169.107.3	Sinkholed
2024-05-07	medium	220.169.107.3	Sinkholed
2024-05-07	medium	220.169.107.3	Sinkholed
2024-05-07	medium	220.169.107.3	Sinkholed
2024-05-07	medium	220.169.107.3	Sinkholed
2024-05-07	medium	220.169.107.3	Sinkholed
2024-05-07	medium	220.169.107.3	Sinkholed
2024-05-07	medium	220.169.107.3	Sinkholed
2024-05-07	medium	220.169.107.3	Sinkholed
2024-05-07	medium	220.169.107.3	Sinkholed
2024-05-07	medium	220.169.107.3	Sinkholed
2024-05-07	medium	220.169.107.3	Sinkholed
2024-05-07	medium	220.169.107.3	Sinkholed
2024-05-07	medium	220.169.107.3	Sinkholed
2024-05-07	medium	220.169.107.3	Sinkholed
2024-05-07	medium	220.169.107.3	Sinkholed
2024-05-07	medium	220.169.107.3	Sinkholed
2024-05-07	medium	220.169.107.3	Sinkholed
2024-05-07	medium	220.169.107.3	Sinkholed
2024-05-07	medium	220.169.107.3	Sinkholed
2024-05-07	medium	220.169.107.3	Sinkholed
2024-05-07	medium	220.169.107.3	Sinkholed
2024-05-07	medium	220.169.107.3	Sinkholed
2024-05-07	medium	220.169.107.3	Sinkholed
2024-05-07	medium	220.169.107.3	Sinkholed
2024-05-07	medium	220.169.107.3	Sinkholed
2024-05-07	medium	220.169.107.3	Sinkholed
2024-05-07	medium	220.169.107.3	Sinkholed
2024-05-07	medium	220.169.107.3	Sinkholed

ThreatFox

No alerts detected

JavaScript (15)

	URL	Size	First Seen	Last Seen
	220.169.107.3:1266/frzx/inc/js/stm31.js	36 kB	2023-03-07	2024-05-07
Pretty URL 220.169.107.3:1266/frzx/inc/js/stm31.js IP 220.169.107.3 ASN #4134 Chinanet Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:18 Last Seen2024-05-07 20:16:26 Times Seen3 Hash 208ad7ae118322ad6a6bd5e34806020f 2669f69327e871321af3418d9965f23e225578cb 2711eb522d87ba375c9f1b6f37988e3c3ed96f70e912254a15a47accc3676419 Loading...

	220.169.107.3:1266/frzx/inc/js/Font.js	13 kB	2023-03-07	2024-05-07
Pretty URL 220.169.107.3:1266/frzx/inc/js/Font.js IP 220.169.107.3 ASN #4134 Chinanet Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:18 Last Seen2024-05-07 20:16:26 Times Seen4 Hash d5f2c667c468faf6eca27c81435ee999 b39fbbf1e9470979161d970ca4629eebb5b849aa c3cca726eec65a798ca661d5aef08939007fe774737ef067edef1eeb997d82f0 Loading...

	220.169.107.3:1266/frzx/inc/js/Ajax.js	5.7 kB	2023-03-07	2024-05-07
Pretty URL 220.169.107.3:1266/frzx/inc/js/Ajax.js IP 220.169.107.3 ASN #4134 Chinanet Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:18 Last Seen2024-05-07 20:16:26 Times Seen3 Hash 7a9d03868ca0819c50e3d20d0a418b0c 0d591bb6bca43166c2825d80df8d5673961c0b6b c76e0dc4b809532b5a317726743347cfd8acd3861a1c313815f755a2433acb7d Loading...

	220.169.107.3:1266/frzx/article/showclass.asp?classid=3/	2.6 kB	2024-05-07	2024-05-07
Pretty URL 220.169.107.3:1266/frzx/article/showclass.asp?classid=3/ IP 220.169.107.3 ASN #4134 Chinanet Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-07 20:16:26 Last Seen2024-05-07 20:16:26 Times Seen1 Hash bc0b67dc0648658624c7d37bf9ba9470 940da6dea2a229c314f5bff73d01d628f02b76fe 4440dac318ee762f9b2817889899287a0a8716f1a9495f7e0078bd8f20fe5547 Loading...

	220.169.107.3:1266/frzx/Count.asp?style=online2	95 B	2024-05-07	2024-05-07
Pretty URL 220.169.107.3:1266/frzx/Count.asp?style=online2 IP 220.169.107.3 ASN #4134 Chinanet Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 20:16:26 Last Seen2024-05-07 20:16:26 Times Seen1 Hash 7700365c73fdd84853757919b466d5d9 23b8b7c0562dbf2d4f187f6c49c7f90ebb7a1d19 033ef4a09fbd5d7385265951b529bbc96333dfe639e53b7b161c0977975071bc Loading...

	220.169.107.3:1266/frzx/Count.asp?style=online	221 B	2024-05-07	2024-05-07
Pretty URL 220.169.107.3:1266/frzx/Count.asp?style=online IP 220.169.107.3 ASN #4134 Chinanet Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 20:16:26 Last Seen2024-05-07 20:16:26 Times Seen1 Hash 14c79da178b0d54f9af54acc462bc811 2a3d883f0f9f59a2f0d17c5f57bdbad16867dd30 1f1cd5a508043ca06d76cc7dd31ed9fce0a975595859da9f117066113730b588 Loading...

		Size	First Seen	Last Seen
	#1 Write - 3568bd19053550ec521b1d562f301ec3	183 B	2023-12-03	2024-05-07
Pretty Observations First Seen2023-12-03 15:31:54 Last Seen2024-05-07 20:16:26 Times Seen2 Hash 3568bd19053550ec521b1d562f301ec3 c9f481952fd3d2f0dc5c1436a96e6c81a090e8bf c3db735b3e37fe1dab82143682c31be32bfe3d6a11e91b9c802d61f4c94bc023 Loading...

	#2 Write - 6e0056aeb53f08c57341dfe0cf1819c5	690 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 20:16:26 Last Seen2024-05-07 20:16:26 Times Seen1 Hash 6e0056aeb53f08c57341dfe0cf1819c5 d79e1c34cc87c198898bce5d6d969a8b3e03c49b 77f7c1f12ff05f5566fcd968afbde090155d4e73915c0f25c5f65451a06b429f Loading...

	#3 Write - a145d98a317fe961cc8c526ab65a4466	9 B	2023-03-07	2024-05-15
Pretty Observations First Seen2023-03-07 12:11:56 Last Seen2024-05-15 11:43:16 Times Seen169 Hash a145d98a317fe961cc8c526ab65a4466 bb6567de30c7d6965495e8d2929cfe348b292295 196c7c813d82c026b1111acb891087e8f52e9e7c936a6ea3edd38fcf0eea3a3e Loading...

	#4 Write - d8b1223194adc785ad2031c8af2f943c	55 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 20:16:27 Last Seen2024-05-07 20:16:27 Times Seen1 Hash d8b1223194adc785ad2031c8af2f943c e9afa60a8affa51f4802439a492ce06959a8aa0f c787829b3ca99527a1165263139047e56654a2ca85337231d2b6c69c538db72e Loading...

	#5 Write - b89a9eb0de770bba8773fe240b72e0b5	344 B	2023-03-07	2024-05-07
Pretty Observations First Seen2023-03-07 12:04:18 Last Seen2024-05-07 20:16:27 Times Seen4 Hash b89a9eb0de770bba8773fe240b72e0b5 659e8df5db06837c2ed32f4d22b5b2f5d5a97a19 6dce7dc6b5af28ba073a770de1195dff350cdb09dbd6c13e44f4200aeb03b179 Loading...

	#6 Write - cb87f2ce1f38c3ad833939718ffac895	89 B	2023-12-03	2024-05-07
Pretty Observations First Seen2023-12-03 15:31:54 Last Seen2024-05-07 20:16:27 Times Seen2 Hash cb87f2ce1f38c3ad833939718ffac895 f6fa51ef153141b5b3fafd442ab332a81c19838b 659788d48bc6311907e436b60bbeebcadf890f0c24385528be9ca4fe3ee00c97 Loading...

	#7 Write - 5ebfb1998b20ace40e6ce5b16f4f1e09	68 B	2023-12-03	2024-05-07
Pretty Observations First Seen2023-12-03 15:31:54 Last Seen2024-05-07 20:16:27 Times Seen2 Hash 5ebfb1998b20ace40e6ce5b16f4f1e09 313b6199a4bbbd43b14962ca704ca97b0f22b529 8f986b10ec634f105bb45e22e135c99454f7481eb38ef061cd1bdead11d569d5 Loading...

	#8 Write - 042bc65345286f1fb3ab198c01b621f9	724 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 20:16:27 Last Seen2024-05-07 20:16:27 Times Seen1 Hash 042bc65345286f1fb3ab198c01b621f9 2ddf7f734f75717227ce3f4131732e7b80a6e4e5 f2cc6b04f4ed66430dcac43250bb32c562f093afd076ece8ada099a5fd834185 Loading...

	#9 Write - 86fa91580ef4fd3dbcb54ce6e93cf7e3	177 B	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 20:16:27 Last Seen2024-05-07 20:16:27 Times Seen1 Hash 86fa91580ef4fd3dbcb54ce6e93cf7e3 860b81656ae7c02eaf031d2c8e42d7b316e44e2a c408bf65e7021bd593c562898ddbe527b5198196f094782a6315128cb1cb379d Loading...

HTTP Transactions (36)

URL IP Response Size

220.169.107.3:1266/frzx/article/Photo.scr

220.169.107.3

404 Not Found

1.3 kB

URL GET HTTP/1.1
220.169.107.3:1266/frzx/article/Photo.scr
IP
220.169.107.3:1266
ASN
#4134 Chinanet

Requested by
http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/

File type
HTML document, ISO-8859 text, with CRLF line terminators
Size
1.3 kB (1308 bytes)
Hash
2923b250a3660c034aa7831d5e6d7f3c
646f109012bac000fe1bc58f40d112f77483f22a
e682dfcdde010f6e15bae0d843696f6ae8d5a85e75441660b782789ee747f075

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frzx/article/Photo.scr HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Content-Length: 1308
Content-Type: text/html
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:51 GMT

220.169.107.3:1266/frzx/article/showclass.asp?classid=3/

220.169.107.3

200 OK

31 kB

URL User Request GET HTTP/1.1
220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
IP
220.169.107.3:1266
ASN
#4134 Chinanet

File type
HTML document, ISO-8859 text, with very long lines (518), with CRLF line terminators
Size
31 kB (30952 bytes)
Hash
7946848493c0f62ec37fd5c6ec342564
f97bd31d7369d6e445ab4800d2e515d2c165d7bd
9c681e6686b8713b12fb70eddc3dad50555c03987d535fc70a0ecfbb43779c74

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frzx/article/showclass.asp?classid=3/ HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 18:15:51 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 30952
Content-Type: text/html
Set-Cookie: YNAGZH=GuestSID=091090042154899; expires=Tue, 07-May-2024 19:15:50 GMT; path=/
ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ; path=/
Cache-control: private

220.169.107.3:1266/frzx/inc/js/Ajax.js

220.169.107.3

200 OK

5.6 kB

URL GET HTTP/1.1
220.169.107.3:1266/frzx/inc/js/Ajax.js
IP
220.169.107.3:1266
ASN
#4134 Chinanet

Requested by
http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/

File type
ISO-8859 text, with CRLF line terminators
Size
5.6 kB (5622 bytes)
Hash
1bba268b8e79e28747b59c3cb41597a5
13cd50972bd96b6bf3489b945774629327224da1
b8782b4ed5b4783e83ad9f12df94bb3795ea534538d680c1d81cefa1aa41210d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frzx/inc/js/Ajax.js HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 5622
Content-Type: application/x-javascript
Last-Modified: Fri, 05 Oct 2007 11:14:00 GMT
Accept-Ranges: bytes
ETag: "0c3bd4407c81:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:51 GMT

220.169.107.3:1266/frzx/inc/js/Font.js

220.169.107.3

200 OK

9.4 kB

URL GET HTTP/1.1
220.169.107.3:1266/frzx/inc/js/Font.js
IP
220.169.107.3:1266
ASN
#4134 Chinanet

Requested by
http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/

File type
Non-ISO extended-ASCII text, with very long lines (3729), with CRLF, NEL line terminators
Size
9.4 kB (9433 bytes)
Hash
da93336706fb9c0953e3c9f4a0de2097
084c1c9d6614be432134dd3f88835dba169c1543
cec019eb7ac8a1f961c3e6aae92f7ccd764bd27f5b1fdb510c10c5c41cdf05fb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frzx/inc/js/Font.js HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 9433
Content-Type: application/x-javascript
Last-Modified: Thu, 01 Sep 2005 08:49:00 GMT
Accept-Ranges: bytes
ETag: "0667ffd1aec51:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:51 GMT

220.169.107.3:1266/frzx/skins/Css/css12.css

220.169.107.3

200 OK

12 kB

URL GET HTTP/1.1
220.169.107.3:1266/frzx/skins/Css/css12.css
IP
220.169.107.3:1266
ASN
#4134 Chinanet

Requested by
http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/

File type
ISO-8859 text, with very long lines (315), with CRLF line terminators
Size
12 kB (12361 bytes)
Hash
bb60c9949bf257958ccfcbeacb313495
ec7ff82d87d6a8ae9de7d479cfe8c9a818470242
4c6b4057556b17fd0317905ca7b1c44d87f4a875b4153b2e89d72dc9ae24b392

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frzx/skins/Css/css12.css HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 12361
Content-Type: text/css
Last-Modified: Mon, 22 Apr 2013 07:09:00 GMT
Accept-Ranges: bytes
ETag: "08e4243283fce1:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:51 GMT

220.169.107.3:1266/frzx/Count.asp?style=online

220.169.107.3

200 OK

207 B

URL GET HTTP/1.1
220.169.107.3:1266/frzx/Count.asp?style=online
IP
220.169.107.3:1266
ASN
#4134 Chinanet

Requested by
http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/

File type
ISO-8859 text, with no line terminators
Size
207 B (207 bytes)
Hash
8aaf37353fd9212ed977c320837a4387
f198879596c4081067193798298c76e5dd76fd6f
ecd103d315607d0c5c6f649c42cb23c1f3da30aae0df943c4722eb0e4fe5d6d1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frzx/Count.asp?style=online HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 18:15:52 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 207
Content-Type: text/html
Cache-control: private

220.169.107.3:1266/frzx/Count.asp?style=online2

220.169.107.3

200 OK

77 B

URL GET HTTP/1.1
220.169.107.3:1266/frzx/Count.asp?style=online2
IP
220.169.107.3:1266
ASN
#4134 Chinanet

Requested by
http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/

File type
ISO-8859 text, with no line terminators
Size
77 B (77 bytes)
Hash
5bce3d7fcdbb2a2ccdac10fd1c23d985
bf8397aa75d1742e6098b16e4e63c5a4bff7b71f
2c8c36c3b988f56b413885431d4b3c71eb18d72ec8d45602a9d5c0a4344ba347

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frzx/Count.asp?style=online2 HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 18:15:52 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 77
Content-Type: text/html
Cache-control: private

220.169.107.3:1266/frzx/skins/rmyy/top-3.gif

220.169.107.3

200 OK

816 B

URL GET HTTP/1.1
220.169.107.3:1266/frzx/skins/rmyy/top-3.gif
IP
220.169.107.3:1266
ASN
#4134 Chinanet

Requested by
http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/

File type
GIF image data, version 89a, 66 x 113
Size
816 B (816 bytes)
Hash
2e93e017c4034542be7108c6d2ef167f
3f66fb57fec6c8ecb8042cf421ca02136bfa7494
166ccce1a8671870d26097463ad8b37b99a04e9833c83fcd9e0dc1ebcc7f247e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frzx/skins/rmyy/top-3.gif HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 816
Content-Type: image/gif
Last-Modified: Wed, 07 Sep 2011 06:52:22 GMT
Accept-Ranges: bytes
ETag: "01772b12a6dcc1:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:52 GMT

220.169.107.3:1266/frzx/skins/rmyy/top-4.gif

220.169.107.3

200 OK

826 B

URL GET HTTP/1.1
220.169.107.3:1266/frzx/skins/rmyy/top-4.gif
IP
220.169.107.3:1266
ASN
#4134 Chinanet

Requested by
http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/

File type
GIF image data, version 89a, 66 x 113
Size
826 B (826 bytes)
Hash
43cc6a50671da7231736b5ce94b33c50
7d990d65987322d04a9ca1bb9d1cd0026c3b8714
77c6dcf80b46b7cb8fdf4ba843809248b7b8ea48804c3e08f429a44229da405e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frzx/skins/rmyy/top-4.gif HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 826
Content-Type: image/gif
Last-Modified: Thu, 05 Nov 2009 06:25:26 GMT
Accept-Ranges: bytes
ETag: "0cfdc3e05dca1:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:52 GMT

220.169.107.3:1266/frzx/skins/rmyy/logintop.gif

220.169.107.3

200 OK

2.3 kB

URL GET HTTP/1.1
220.169.107.3:1266/frzx/skins/rmyy/logintop.gif
IP
220.169.107.3:1266
ASN
#4134 Chinanet

Requested by
http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/

File type
GIF image data, version 89a, 227 x 39
Size
2.3 kB (2314 bytes)
Hash
987fb418a1f626b3c7585b74bce693c0
572faff0588b8cdfdc1df0c6ec88e75d8bb5cf72
e646897ace2ad7212487cf92ff25883b54bb15301eceebc23d2db070f5859b35

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frzx/skins/rmyy/logintop.gif HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 2314
Content-Type: image/gif
Last-Modified: Thu, 05 Nov 2009 03:31:30 GMT
Accept-Ranges: bytes
ETag: "095b676c85dca1:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:52 GMT

220.169.107.3:1266/frzx/Images/logo_Blue.gif

220.169.107.3

200 OK

3.9 kB

URL GET HTTP/1.1
220.169.107.3:1266/frzx/Images/logo_Blue.gif
IP
220.169.107.3:1266
ASN
#4134 Chinanet

Requested by
http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/

File type
GIF image data, version 89a, 147 x 90
Size
3.9 kB (3900 bytes)
Hash
fa7804dd3effe0493eb47587340a7f1f
b389be63d4db25bc6e32eec8dd06c5889cee8762
e7d202dee721eb22688a633bad40f4db0618e50bd7f3adf3963cdc43ac83955e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frzx/Images/logo_Blue.gif HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 3900
Content-Type: image/gif
Last-Modified: Thu, 05 Nov 2009 05:12:30 GMT
Accept-Ranges: bytes
ETag: "033c192d65dca1:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:52 GMT

220.169.107.3:1266/frzx/inc/js/stm31.js

220.169.107.3

200 OK

36 kB

URL GET HTTP/1.1
220.169.107.3:1266/frzx/inc/js/stm31.js
IP
220.169.107.3:1266
ASN
#4134 Chinanet

Requested by
http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/

File type
HTML document, ISO-8859 text, with CRLF line terminators
Size
36 kB (35981 bytes)
Hash
c3ddaa63204093433f08be778cb6d4f3
e8e657ff6e10033b865815fa7a7cdf8637e2f591
c5d5589487646d3e84c62c6e1b710eee686380645bc222869b300066aac7db24

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frzx/inc/js/stm31.js HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 35981
Content-Type: application/x-javascript
Last-Modified: Thu, 25 Oct 2007 13:59:00 GMT
Accept-Ranges: bytes
ETag: "02a5a31f17c81:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:51 GMT

220.169.107.3:1266/frzx/skins/rmyy/lefttt.gif

220.169.107.3

200 OK

1.7 kB

URL GET HTTP/1.1
220.169.107.3:1266/frzx/skins/rmyy/lefttt.gif
IP
220.169.107.3:1266
ASN
#4134 Chinanet

Requested by
http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/

File type
GIF image data, version 89a, 229 x 39
Size
1.7 kB (1690 bytes)
Hash
1754e17b6d3b22ca14e1f82536002ba1
5fe3e685554ca491be129fdeda29a21a82b3a59f
c3d66de7cb8b6e4ef0b9509e8222e6e0ef591fda11292b835caa0db2b1fb7d79

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frzx/skins/rmyy/lefttt.gif HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 1690
Content-Type: image/gif
Last-Modified: Thu, 05 Nov 2009 12:10:28 GMT
Accept-Ranges: bytes
ETag: "05268f6105eca1:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:52 GMT

220.169.107.3:1266/frzx/skins/rmyy/000a.gif

220.169.107.3

200 OK

899 B

URL GET HTTP/1.1
220.169.107.3:1266/frzx/skins/rmyy/000a.gif
IP
220.169.107.3:1266
ASN
#4134 Chinanet

Requested by
http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/

File type
GIF image data, version 89a, 92 x 7
Size
899 B (899 bytes)
Hash
7546ce70c40506c694908f92270a91a8
617d35e3174be2b4acfd83b31de97fc57c60dfe1
fa8b43d5be22597df8e4721abd72196f1e79fcbe53bfeb64acf20cfaae40ad25

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frzx/skins/rmyy/000a.gif HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 899
Content-Type: image/gif
Last-Modified: Fri, 06 Nov 2009 02:53:42 GMT
Accept-Ranges: bytes
ETag: "0ff4a598c5eca1:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:52 GMT

220.169.107.3:1266/frzx/skins/rmyy/split1.gif

220.169.107.3

200 OK

36 B

URL GET HTTP/1.1
220.169.107.3:1266/frzx/skins/rmyy/split1.gif
IP
220.169.107.3:1266
ASN
#4134 Chinanet

Requested by
http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/

File type
GIF image data, version 89a, 1 x 12
Size
36 B (36 bytes)
Hash
71f2e2410ecd2fd6d8e3c054ae8c1b06
3e14b5915cc398b6b74785258bb4c08809484253
f1cb2e3bb2ff0ccb0f8af270576878eab24e9b23ef11fcc4f119509b813516a4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frzx/skins/rmyy/split1.gif HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 36
Content-Type: image/gif
Last-Modified: Fri, 09 May 2008 01:38:36 GMT
Accept-Ranges: bytes
ETag: "076f66575b1c81:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:52 GMT

220.169.107.3:1266/frzx/skins/rmyy/sp.gif

220.169.107.3

200 OK

328 B

URL GET HTTP/1.1
220.169.107.3:1266/frzx/skins/rmyy/sp.gif
IP
220.169.107.3:1266
ASN
#4134 Chinanet

Requested by
http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/

File type
GIF image data, version 89a, 11 x 11
Size
328 B (328 bytes)
Hash
54d243f15694a94623da744ddfb292f7
aad50e5dbf9a014fc49fdca18a926edbd12f2ba7
e032ba52a306e5daf49f541cc9bc372d37635c2bd4cefa24918a5c3af4e7baee

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frzx/skins/rmyy/sp.gif HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 328
Content-Type: image/gif
Last-Modified: Mon, 19 May 2008 03:18:16 GMT
Accept-Ranges: bytes
ETag: "08c73fa5eb9c81:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:52 GMT

220.169.107.3:1266/frzx/Images/Banner.gif

220.169.107.3

200 OK

9.0 kB

URL GET HTTP/1.1
220.169.107.3:1266/frzx/Images/Banner.gif
IP
220.169.107.3:1266
ASN
#4134 Chinanet

Requested by
http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/

File type
GIF image data, version 89a, 437 x 90
Size
9.0 kB (8957 bytes)
Hash
b5f518b0c7152c50a2829f090a780736
673a055c8559471248d0bbc50017004a96d3702a
e8afe8af0db739c0a4e540e13b0fb2095f8b138d0a8916700fb74dbef7372e66

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frzx/Images/Banner.gif HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 8957
Content-Type: image/gif
Last-Modified: Thu, 05 Nov 2009 05:11:52 GMT
Accept-Ranges: bytes
ETag: "0dc1a7cd65dca1:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:52 GMT

220.169.107.3:1266/frzx/Images/articleCommon.gif

220.169.107.3

200 OK

560 B

URL GET HTTP/1.1
220.169.107.3:1266/frzx/Images/articleCommon.gif
IP
220.169.107.3:1266
ASN
#4134 Chinanet

Requested by
http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/

File type
GIF image data, version 89a, 11 x 16
Size
560 B (560 bytes)
Hash
67fdce85f30bc6d7e807188a08e086cb
6af1d38652078b7efa7e441ca34924f9604222c8
4e5de1d84aa10d6ecb3645285dddd7ccc4c1e966ced7db00c00a3af0fa68b5e2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frzx/Images/articleCommon.gif HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 560
Content-Type: image/gif
Last-Modified: Fri, 27 Jul 2007 09:29:02 GMT
Accept-Ranges: bytes
ETag: "036a9130d0c71:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:52 GMT

220.169.107.3:1266/frzx/skins/rmyy/top-1.gif

220.169.107.3

200 OK

369 B

URL GET HTTP/1.1
220.169.107.3:1266/frzx/skins/rmyy/top-1.gif
IP
220.169.107.3:1266
ASN
#4134 Chinanet

Requested by
http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/

File type
GIF image data, version 89a, 66 x 113
Size
369 B (369 bytes)
Hash
ec54b348126cfee3782d4c55dea071e1
42e8e96e53eaf843c75ab8c7cab3ec3045ffab04
eff5195525db7d98c43781243c4fb10087c992840e1376596edc48bf640d2fc2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frzx/skins/rmyy/top-1.gif HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 369
Content-Type: image/gif
Last-Modified: Thu, 05 Nov 2009 05:52:24 GMT
Accept-Ranges: bytes
ETag: "09cb025dc5dca1:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:52 GMT

220.169.107.3:1266/frzx/skins/rmyy/top-2.gif

220.169.107.3

200 OK

344 B

URL GET HTTP/1.1
220.169.107.3:1266/frzx/skins/rmyy/top-2.gif
IP
220.169.107.3:1266
ASN
#4134 Chinanet

Requested by
http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/

File type
GIF image data, version 89a, 66 x 113
Size
344 B (344 bytes)
Hash
fc882591932de55c3feb54d5b1cb5396
7d9e0884e9e6e8f5c8e4460ea2d4fb8e02decb93
4b74ef701320c5e4f194b80701f70ed5351691e684e52d5a6d4203eb9b4328c8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frzx/skins/rmyy/top-2.gif HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 344
Content-Type: image/gif
Last-Modified: Thu, 05 Nov 2009 05:57:56 GMT
Accept-Ranges: bytes
ETag: "0ca93ebdc5dca1:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:52 GMT

220.169.107.3:1266/frzx/skins/rmyy/menubg.gif

220.169.107.3

200 OK

258 B

URL GET HTTP/1.1
220.169.107.3:1266/frzx/skins/rmyy/menubg.gif
IP
220.169.107.3:1266
ASN
#4134 Chinanet

Requested by
http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/

File type
GIF image data, version 89a, 1 x 33
Size
258 B (258 bytes)
Hash
2c8d1ad533246d8bcc838f523de77e14
01a7ce9f521d7024492c29c36c07fb234a961193
5d230d9d5f650e99cebcf7fbb72bc410d408631066a5668afa948fdd0f4621b7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frzx/skins/rmyy/menubg.gif HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 258
Content-Type: image/gif
Last-Modified: Wed, 04 Nov 2009 12:04:58 GMT
Accept-Ranges: bytes
ETag: "0914c7475dca1:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:52 GMT

220.169.107.3:1266/frzx/skins/rmyy/menudevid.gif

220.169.107.3

200 OK

258 B

URL GET HTTP/1.1
220.169.107.3:1266/frzx/skins/rmyy/menudevid.gif
IP
220.169.107.3:1266
ASN
#4134 Chinanet

Requested by
http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/

File type
GIF image data, version 89a, 1 x 33
Size
258 B (258 bytes)
Hash
2c8d1ad533246d8bcc838f523de77e14
01a7ce9f521d7024492c29c36c07fb234a961193
5d230d9d5f650e99cebcf7fbb72bc410d408631066a5668afa948fdd0f4621b7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frzx/skins/rmyy/menudevid.gif HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 258
Content-Type: image/gif
Last-Modified: Fri, 24 Sep 2010 08:12:46 GMT
Accept-Ranges: bytes
ETag: "013545c05bcb1:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:52 GMT

220.169.107.3:1266/frzx/skins/rmyy/menunowbg.gif

220.169.107.3

200 OK

258 B

URL GET HTTP/1.1
220.169.107.3:1266/frzx/skins/rmyy/menunowbg.gif
IP
220.169.107.3:1266
ASN
#4134 Chinanet

Requested by
http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/

File type
GIF image data, version 89a, 1 x 33
Size
258 B (258 bytes)
Hash
2c8d1ad533246d8bcc838f523de77e14
01a7ce9f521d7024492c29c36c07fb234a961193
5d230d9d5f650e99cebcf7fbb72bc410d408631066a5668afa948fdd0f4621b7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frzx/skins/rmyy/menunowbg.gif HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 258
Content-Type: image/gif
Last-Modified: Wed, 04 Nov 2009 12:05:16 GMT
Accept-Ranges: bytes
ETag: "026712475dca1:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:52 GMT

220.169.107.3:1266/frzx/skins/rmyy/navbg.gif

220.169.107.3

200 OK

60 B

URL GET HTTP/1.1
220.169.107.3:1266/frzx/skins/rmyy/navbg.gif
IP
220.169.107.3:1266
ASN
#4134 Chinanet

Requested by
http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/

File type
GIF image data, version 89a, 20 x 26
Size
60 B (60 bytes)
Hash
f512c095822f71207d592629902a5e4e
54ce205bb62f42f0ea3b40bdde00e65dfe5ea785
8795939af686704eed1785f8f405f2e3f7ead06c9b5a891ac10e020ba001495b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frzx/skins/rmyy/navbg.gif HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 60
Content-Type: image/gif
Last-Modified: Fri, 16 May 2008 08:50:24 GMT
Accept-Ranges: bytes
ETag: "0c839e131b7c81:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:52 GMT

220.169.107.3:1266/frzx/skins/rmyy/centerbg.gif

220.169.107.3

200 OK

49 B

URL GET HTTP/1.1
220.169.107.3:1266/frzx/skins/rmyy/centerbg.gif
IP
220.169.107.3:1266
ASN
#4134 Chinanet

Requested by
http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/

File type
GIF image data, version 89a, 1 x 2
Size
49 B (49 bytes)
Hash
968ad17699ad7df5c56ddfea235ce345
240ea6b36d944515337476ccb1b9c2dd4ba3abe7
1d2335a42199cbc6f423ea3636aa045d6dff94b7052ee780821ae3e183e0234c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frzx/skins/rmyy/centerbg.gif HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 49
Content-Type: image/gif
Last-Modified: Thu, 05 Nov 2009 15:58:44 GMT
Accept-Ranges: bytes
ETag: "012dcd9305eca1:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:52 GMT

220.169.107.3:1266/frzx/skins/rmyy/logintop2.gif

220.169.107.3

200 OK

58 B

URL GET HTTP/1.1
220.169.107.3:1266/frzx/skins/rmyy/logintop2.gif
IP
220.169.107.3:1266
ASN
#4134 Chinanet

Requested by
http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/

File type
GIF image data, version 89a, 1 x 157
Size
58 B (58 bytes)
Hash
94d357e2c4dc8976f8a5b447d769638e
d376783a2382b4323b03f60ff4647180497c53f2
7e43b1ac96fee04536ec5041adeef378cffceacb01f8a5040cdbff8f470fc535

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frzx/skins/rmyy/logintop2.gif HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 58
Content-Type: image/gif
Last-Modified: Thu, 05 Nov 2009 02:42:22 GMT
Accept-Ranges: bytes
ETag: "07b9199c15dca1:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:52 GMT

220.169.107.3:1266/frzx/skins/rmyy/leftbg.gif

220.169.107.3

200 OK

73 B

URL GET HTTP/1.1
220.169.107.3:1266/frzx/skins/rmyy/leftbg.gif
IP
220.169.107.3:1266
ASN
#4134 Chinanet

Requested by
http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/

File type
GIF image data, version 89a, 229 x 1
Size
73 B (73 bytes)
Hash
0467970a2b9dceb9708befb2e99280ae
a60892cdde721e7f01d01e48a4a93402e6ad24f9
ee260097653946a6e49c3a458f28d1882d14a35251b7f2b06e0a99f84c18e156

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frzx/skins/rmyy/leftbg.gif HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 73
Content-Type: image/gif
Last-Modified: Thu, 05 Nov 2009 07:10:10 GMT
Accept-Ranges: bytes
ETag: "0b5d72e75dca1:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:52 GMT

220.169.107.3:1266/frzx/skins/rmyy/leftt.gif

220.169.107.3

200 OK

1.4 kB

URL GET HTTP/1.1
220.169.107.3:1266/frzx/skins/rmyy/leftt.gif
IP
220.169.107.3:1266
ASN
#4134 Chinanet

Requested by
http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/

File type
GIF image data, version 89a, 209 x 38
Size
1.4 kB (1381 bytes)
Hash
ac9f6daeaab5ef60f0f7367a2b2bed95
76cc466b98645f2e02e1f4535b977191c66c7445
3a7d4ae8f62b26134878179ffcdb224418c7f96461c90d79bd4d562ac172343f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frzx/skins/rmyy/leftt.gif HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 1381
Content-Type: image/gif
Last-Modified: Sat, 07 Nov 2009 15:46:02 GMT
Accept-Ranges: bytes
ETag: "0997f68c15fca1:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:54 GMT

220.169.107.3:1266/frzx/skins/rmyy/tbg.jpg

220.169.107.3

200 OK

8.1 kB

URL GET HTTP/1.1
220.169.107.3:1266/frzx/skins/rmyy/tbg.jpg
IP
220.169.107.3:1266
ASN
#4134 Chinanet

Requested by
http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2007:05:24 10:28:12], progressive, precision 8, 15x33, components 3
Size
8.1 kB (8077 bytes)
Hash
52777a262565eae2d6b3c1499d0548e1
b72729aba51966b5e224dade7395ecf1a0cfd020
a80598208a42605d73d6d1aef077f7b16b3d48129b099e1513d9801df6b85dd7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frzx/skins/rmyy/tbg.jpg HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 8077
Content-Type: image/jpeg
Last-Modified: Mon, 19 May 2008 03:18:16 GMT
Accept-Ranges: bytes
ETag: "08c73fa5eb9c81:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:54 GMT

220.169.107.3:1266/frzx/skins/rmyy/smenuv2.jpg

220.169.107.3

200 OK

18 kB

URL GET HTTP/1.1
220.169.107.3:1266/frzx/skins/rmyy/smenuv2.jpg
IP
220.169.107.3:1266
ASN
#4134 Chinanet

Requested by
http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2009:11:05 20:22:50], baseline, precision 8, 180x36, components 3
Size
18 kB (18149 bytes)
Hash
a6aa5476a9a81fdbc57cd7275c154133
f2b6b0d6f2ed09c9ebb7ddd65d036993f6e39bd9
944f966ae8ec1c6a0807df4cb1ab9ad42346815a7cf07c8800e0c80cb5f0d3ef

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frzx/skins/rmyy/smenuv2.jpg HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 18149
Content-Type: image/jpeg
Last-Modified: Thu, 05 Nov 2009 12:22:52 GMT
Accept-Ranges: bytes
ETag: "0b6ddb1125eca1:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:52 GMT

220.169.107.3:1266/frzx/skins/rmyy/vvv.gif

220.169.107.3

200 OK

262 B

URL GET HTTP/1.1
220.169.107.3:1266/frzx/skins/rmyy/vvv.gif
IP
220.169.107.3:1266
ASN
#4134 Chinanet

Requested by
http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/

File type
GIF image data, version 89a, 1 x 38
Size
262 B (262 bytes)
Hash
fe5949ad8c3a7691e6d5b50c826ed353
c64baa5eba541c5e25150966e6a8f602a1d00fde
b4bd81bf61b9b34a7a41e98329c84120288a010c6ff88205d81fb916799fceca

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frzx/skins/rmyy/vvv.gif HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 262
Content-Type: image/gif
Last-Modified: Fri, 06 Nov 2009 06:51:10 GMT
Accept-Ranges: bytes
ETag: "043c385ad5eca1:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:54 GMT

220.169.107.3:1266/frzx/article/Photo.scr

220.169.107.3

404 Not Found

1.3 kB

URL GET HTTP/1.1
220.169.107.3:1266/frzx/article/Photo.scr
IP
220.169.107.3:1266
ASN
#4134 Chinanet

Requested by
http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/

File type
HTML document, ISO-8859 text, with CRLF line terminators
Size
1.3 kB (1308 bytes)
Hash
2923b250a3660c034aa7831d5e6d7f3c
646f109012bac000fe1bc58f40d112f77483f22a
e682dfcdde010f6e15bae0d843696f6ae8d5a85e75441660b782789ee747f075

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frzx/article/Photo.scr HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Content-Length: 1308
Content-Type: text/html
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:54 GMT

220.169.107.3:1266/frzx/skins/rmyy/1.jpg

220.169.107.3

200 OK

111 kB

URL GET HTTP/1.1
220.169.107.3:1266/frzx/skins/rmyy/1.jpg
IP
220.169.107.3:1266
ASN
#4134 Chinanet

Requested by
http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2012:10:17 19:16:22], baseline, precision 8, 980x175, components 3
Size
111 kB (110562 bytes)
Hash
a09deb698ff8c70d3c7ce3392af828e3
8b5c3060e4938d05e3b7d197a929fd7c058ba4f1
b744a9a4bf41efcd5984f80f4e405ba322e84a32145548fa2de7463025943dc5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frzx/skins/rmyy/1.jpg HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 110562
Content-Type: image/jpeg
Last-Modified: Wed, 17 Oct 2012 11:16:34 GMT
Accept-Ranges: bytes
ETag: "0d5afdd58accd1:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:52 GMT

220.169.107.3:1266/frzx/skins/rmyy/ye.jpg

220.169.107.3

200 OK

102 kB

URL GET HTTP/1.1
220.169.107.3:1266/frzx/skins/rmyy/ye.jpg
IP
220.169.107.3:1266
ASN
#4134 Chinanet

Requested by
http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2009:11:05 22:17:21], baseline, precision 8, 980x97, components 3
Size
102 kB (102111 bytes)
Hash
fc2460cc7116b7c3bc5e4f4e956ac362
3e94132d71058df579ebfff3b971de563b8580c1
692efe6d069ed0c2bd1c64879c5ecd89a249227f1bdaf3763526412595c74cdf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frzx/skins/rmyy/ye.jpg HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 102111
Content-Type: image/jpeg
Last-Modified: Thu, 05 Nov 2009 14:17:22 GMT
Accept-Ranges: bytes
ETag: "085b4b0225eca1:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:52 GMT

220.169.107.3:1266/favicon.ico

220.169.107.3

404 Not Found

1.3 kB

URL GET HTTP/1.1
220.169.107.3:1266/favicon.ico
IP
220.169.107.3:1266
ASN
#4134 Chinanet

Requested by
http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/

File type
HTML document, ISO-8859 text, with CRLF line terminators
Size
1.3 kB (1308 bytes)
Hash
2923b250a3660c034aa7831d5e6d7f3c
646f109012bac000fe1bc58f40d112f77483f22a
e682dfcdde010f6e15bae0d843696f6ae8d5a85e75441660b782789ee747f075

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Content-Length: 1308
Content-Type: text/html
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:55 GMT

220.169.107.3:1266/frzx/skins/rmyy/2.jpg

220.169.107.3

200 OK

111 kB

URL GET HTTP/1.1
220.169.107.3:1266/frzx/skins/rmyy/2.jpg
IP
220.169.107.3:1266
ASN
#4134 Chinanet

Requested by
http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2009:11:08 15:58:08], baseline, precision 8, 980x175, components 3
Size
111 kB (111012 bytes)
Hash
85e274c0a1f5e294e4225466a7895dc3
44a86710ba0620233c561912e1a46b41d8eca0be
cb7c33f43d520e7ec0c759ba55a90592ecd4e20bbe00fb246802731730e93f90

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frzx/skins/rmyy/2.jpg HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 111012
Content-Type: image/jpeg
Last-Modified: Sun, 08 Nov 2009 07:58:14 GMT
Accept-Ranges: bytes
ETag: "06f14394960ca1:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:54 GMT

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash