220.169.107.3:1266/frzx/article/Photo.scr
220.169.107.3404 Not Found 1.3 kB URL GET HTTP/1.1 220.169.107.3:1266/frzx/article/Photo.scr
IP 220.169.107.3:1266
Requested by http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
File type HTML document, ISO-8859 text, with CRLF line terminators
Hash 2923b250a3660c034aa7831d5e6d7f3c
646f109012bac000fe1bc58f40d112f77483f22a
e682dfcdde010f6e15bae0d843696f6ae8d5a85e75441660b782789ee747f075
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /frzx/article/Photo.scr HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Content-Length: 1308
Content-Type: text/html
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:51 GMT
220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
220.169.107.3200 OK 31 kB URL User Request GET HTTP/1.1 220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
IP 220.169.107.3:1266
File type HTML document, ISO-8859 text, with very long lines (518), with CRLF line terminators
Hash 7946848493c0f62ec37fd5c6ec342564
f97bd31d7369d6e445ab4800d2e515d2c165d7bd
9c681e6686b8713b12fb70eddc3dad50555c03987d535fc70a0ecfbb43779c74
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /frzx/article/showclass.asp?classid=3/ HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 18:15:51 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 30952
Content-Type: text/html
Set-Cookie: YNAGZH=GuestSID=091090042154899; expires=Tue, 07-May-2024 19:15:50 GMT; path=/
ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ; path=/
Cache-control: private
220.169.107.3:1266/frzx/inc/js/Ajax.js
220.169.107.3200 OK 5.6 kB URL GET HTTP/1.1 220.169.107.3:1266/frzx/inc/js/Ajax.js
IP 220.169.107.3:1266
Requested by http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
File type ISO-8859 text, with CRLF line terminators
Hash 1bba268b8e79e28747b59c3cb41597a5
13cd50972bd96b6bf3489b945774629327224da1
b8782b4ed5b4783e83ad9f12df94bb3795ea534538d680c1d81cefa1aa41210d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /frzx/inc/js/Ajax.js HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 5622
Content-Type: application/x-javascript
Last-Modified: Fri, 05 Oct 2007 11:14:00 GMT
Accept-Ranges: bytes
ETag: "0c3bd4407c81:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:51 GMT
220.169.107.3:1266/frzx/inc/js/Font.js
220.169.107.3200 OK 9.4 kB URL GET HTTP/1.1 220.169.107.3:1266/frzx/inc/js/Font.js
IP 220.169.107.3:1266
Requested by http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
File type Non-ISO extended-ASCII text, with very long lines (3729), with CRLF, NEL line terminators
Hash da93336706fb9c0953e3c9f4a0de2097
084c1c9d6614be432134dd3f88835dba169c1543
cec019eb7ac8a1f961c3e6aae92f7ccd764bd27f5b1fdb510c10c5c41cdf05fb
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /frzx/inc/js/Font.js HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 9433
Content-Type: application/x-javascript
Last-Modified: Thu, 01 Sep 2005 08:49:00 GMT
Accept-Ranges: bytes
ETag: "0667ffd1aec51:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:51 GMT
220.169.107.3:1266/frzx/skins/Css/css12.css
220.169.107.3200 OK 12 kB URL GET HTTP/1.1 220.169.107.3:1266/frzx/skins/Css/css12.css
IP 220.169.107.3:1266
Requested by http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
File type ISO-8859 text, with very long lines (315), with CRLF line terminators
Hash bb60c9949bf257958ccfcbeacb313495
ec7ff82d87d6a8ae9de7d479cfe8c9a818470242
4c6b4057556b17fd0317905ca7b1c44d87f4a875b4153b2e89d72dc9ae24b392
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /frzx/skins/Css/css12.css HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 12361
Content-Type: text/css
Last-Modified: Mon, 22 Apr 2013 07:09:00 GMT
Accept-Ranges: bytes
ETag: "08e4243283fce1:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:51 GMT
220.169.107.3:1266/frzx/Count.asp?style=online
220.169.107.3200 OK 207 B URL GET HTTP/1.1 220.169.107.3:1266/frzx/Count.asp?style=online
IP 220.169.107.3:1266
Requested by http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
File type ISO-8859 text, with no line terminators
Hash 8aaf37353fd9212ed977c320837a4387
f198879596c4081067193798298c76e5dd76fd6f
ecd103d315607d0c5c6f649c42cb23c1f3da30aae0df943c4722eb0e4fe5d6d1
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /frzx/Count.asp?style=online HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 18:15:52 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 207
Content-Type: text/html
Cache-control: private
220.169.107.3:1266/frzx/Count.asp?style=online2
220.169.107.3200 OK 77 B URL GET HTTP/1.1 220.169.107.3:1266/frzx/Count.asp?style=online2
IP 220.169.107.3:1266
Requested by http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
File type ISO-8859 text, with no line terminators
Hash 5bce3d7fcdbb2a2ccdac10fd1c23d985
bf8397aa75d1742e6098b16e4e63c5a4bff7b71f
2c8c36c3b988f56b413885431d4b3c71eb18d72ec8d45602a9d5c0a4344ba347
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /frzx/Count.asp?style=online2 HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 18:15:52 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 77
Content-Type: text/html
Cache-control: private
220.169.107.3:1266/frzx/skins/rmyy/top-3.gif
220.169.107.3200 OK 816 B URL GET HTTP/1.1 220.169.107.3:1266/frzx/skins/rmyy/top-3.gif
IP 220.169.107.3:1266
Requested by http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
File type GIF image data, version 89a, 66 x 113
Hash 2e93e017c4034542be7108c6d2ef167f
3f66fb57fec6c8ecb8042cf421ca02136bfa7494
166ccce1a8671870d26097463ad8b37b99a04e9833c83fcd9e0dc1ebcc7f247e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /frzx/skins/rmyy/top-3.gif HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 816
Content-Type: image/gif
Last-Modified: Wed, 07 Sep 2011 06:52:22 GMT
Accept-Ranges: bytes
ETag: "01772b12a6dcc1:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:52 GMT
220.169.107.3:1266/frzx/skins/rmyy/top-4.gif
220.169.107.3200 OK 826 B URL GET HTTP/1.1 220.169.107.3:1266/frzx/skins/rmyy/top-4.gif
IP 220.169.107.3:1266
Requested by http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
File type GIF image data, version 89a, 66 x 113
Hash 43cc6a50671da7231736b5ce94b33c50
7d990d65987322d04a9ca1bb9d1cd0026c3b8714
77c6dcf80b46b7cb8fdf4ba843809248b7b8ea48804c3e08f429a44229da405e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /frzx/skins/rmyy/top-4.gif HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 826
Content-Type: image/gif
Last-Modified: Thu, 05 Nov 2009 06:25:26 GMT
Accept-Ranges: bytes
ETag: "0cfdc3e05dca1:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:52 GMT
220.169.107.3:1266/frzx/skins/rmyy/logintop.gif
220.169.107.3200 OK 2.3 kB URL GET HTTP/1.1 220.169.107.3:1266/frzx/skins/rmyy/logintop.gif
IP 220.169.107.3:1266
Requested by http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
File type GIF image data, version 89a, 227 x 39
Hash 987fb418a1f626b3c7585b74bce693c0
572faff0588b8cdfdc1df0c6ec88e75d8bb5cf72
e646897ace2ad7212487cf92ff25883b54bb15301eceebc23d2db070f5859b35
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /frzx/skins/rmyy/logintop.gif HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 2314
Content-Type: image/gif
Last-Modified: Thu, 05 Nov 2009 03:31:30 GMT
Accept-Ranges: bytes
ETag: "095b676c85dca1:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:52 GMT
220.169.107.3:1266/frzx/Images/logo_Blue.gif
220.169.107.3200 OK 3.9 kB URL GET HTTP/1.1 220.169.107.3:1266/frzx/Images/logo_Blue.gif
IP 220.169.107.3:1266
Requested by http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
File type GIF image data, version 89a, 147 x 90
Hash fa7804dd3effe0493eb47587340a7f1f
b389be63d4db25bc6e32eec8dd06c5889cee8762
e7d202dee721eb22688a633bad40f4db0618e50bd7f3adf3963cdc43ac83955e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /frzx/Images/logo_Blue.gif HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 3900
Content-Type: image/gif
Last-Modified: Thu, 05 Nov 2009 05:12:30 GMT
Accept-Ranges: bytes
ETag: "033c192d65dca1:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:52 GMT
220.169.107.3:1266/frzx/inc/js/stm31.js
220.169.107.3200 OK 36 kB URL GET HTTP/1.1 220.169.107.3:1266/frzx/inc/js/stm31.js
IP 220.169.107.3:1266
Requested by http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
File type HTML document, ISO-8859 text, with CRLF line terminators
Hash c3ddaa63204093433f08be778cb6d4f3
e8e657ff6e10033b865815fa7a7cdf8637e2f591
c5d5589487646d3e84c62c6e1b710eee686380645bc222869b300066aac7db24
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /frzx/inc/js/stm31.js HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 35981
Content-Type: application/x-javascript
Last-Modified: Thu, 25 Oct 2007 13:59:00 GMT
Accept-Ranges: bytes
ETag: "02a5a31f17c81:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:51 GMT
220.169.107.3:1266/frzx/skins/rmyy/lefttt.gif
220.169.107.3200 OK 1.7 kB URL GET HTTP/1.1 220.169.107.3:1266/frzx/skins/rmyy/lefttt.gif
IP 220.169.107.3:1266
Requested by http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
File type GIF image data, version 89a, 229 x 39
Hash 1754e17b6d3b22ca14e1f82536002ba1
5fe3e685554ca491be129fdeda29a21a82b3a59f
c3d66de7cb8b6e4ef0b9509e8222e6e0ef591fda11292b835caa0db2b1fb7d79
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /frzx/skins/rmyy/lefttt.gif HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 1690
Content-Type: image/gif
Last-Modified: Thu, 05 Nov 2009 12:10:28 GMT
Accept-Ranges: bytes
ETag: "05268f6105eca1:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:52 GMT
220.169.107.3:1266/frzx/skins/rmyy/000a.gif
220.169.107.3200 OK 899 B URL GET HTTP/1.1 220.169.107.3:1266/frzx/skins/rmyy/000a.gif
IP 220.169.107.3:1266
Requested by http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
File type GIF image data, version 89a, 92 x 7
Hash 7546ce70c40506c694908f92270a91a8
617d35e3174be2b4acfd83b31de97fc57c60dfe1
fa8b43d5be22597df8e4721abd72196f1e79fcbe53bfeb64acf20cfaae40ad25
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /frzx/skins/rmyy/000a.gif HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 899
Content-Type: image/gif
Last-Modified: Fri, 06 Nov 2009 02:53:42 GMT
Accept-Ranges: bytes
ETag: "0ff4a598c5eca1:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:52 GMT
220.169.107.3:1266/frzx/skins/rmyy/split1.gif
220.169.107.3200 OK 36 B URL GET HTTP/1.1 220.169.107.3:1266/frzx/skins/rmyy/split1.gif
IP 220.169.107.3:1266
Requested by http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
File type GIF image data, version 89a, 1 x 12
Hash 71f2e2410ecd2fd6d8e3c054ae8c1b06
3e14b5915cc398b6b74785258bb4c08809484253
f1cb2e3bb2ff0ccb0f8af270576878eab24e9b23ef11fcc4f119509b813516a4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /frzx/skins/rmyy/split1.gif HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 36
Content-Type: image/gif
Last-Modified: Fri, 09 May 2008 01:38:36 GMT
Accept-Ranges: bytes
ETag: "076f66575b1c81:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:52 GMT
220.169.107.3:1266/frzx/skins/rmyy/sp.gif
220.169.107.3200 OK 328 B URL GET HTTP/1.1 220.169.107.3:1266/frzx/skins/rmyy/sp.gif
IP 220.169.107.3:1266
Requested by http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
File type GIF image data, version 89a, 11 x 11
Hash 54d243f15694a94623da744ddfb292f7
aad50e5dbf9a014fc49fdca18a926edbd12f2ba7
e032ba52a306e5daf49f541cc9bc372d37635c2bd4cefa24918a5c3af4e7baee
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /frzx/skins/rmyy/sp.gif HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 328
Content-Type: image/gif
Last-Modified: Mon, 19 May 2008 03:18:16 GMT
Accept-Ranges: bytes
ETag: "08c73fa5eb9c81:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:52 GMT
220.169.107.3:1266/frzx/Images/Banner.gif
220.169.107.3200 OK 9.0 kB URL GET HTTP/1.1 220.169.107.3:1266/frzx/Images/Banner.gif
IP 220.169.107.3:1266
Requested by http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
File type GIF image data, version 89a, 437 x 90
Hash b5f518b0c7152c50a2829f090a780736
673a055c8559471248d0bbc50017004a96d3702a
e8afe8af0db739c0a4e540e13b0fb2095f8b138d0a8916700fb74dbef7372e66
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /frzx/Images/Banner.gif HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 8957
Content-Type: image/gif
Last-Modified: Thu, 05 Nov 2009 05:11:52 GMT
Accept-Ranges: bytes
ETag: "0dc1a7cd65dca1:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:52 GMT
220.169.107.3:1266/frzx/Images/articleCommon.gif
220.169.107.3200 OK 560 B URL GET HTTP/1.1 220.169.107.3:1266/frzx/Images/articleCommon.gif
IP 220.169.107.3:1266
Requested by http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
File type GIF image data, version 89a, 11 x 16
Hash 67fdce85f30bc6d7e807188a08e086cb
6af1d38652078b7efa7e441ca34924f9604222c8
4e5de1d84aa10d6ecb3645285dddd7ccc4c1e966ced7db00c00a3af0fa68b5e2
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /frzx/Images/articleCommon.gif HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 560
Content-Type: image/gif
Last-Modified: Fri, 27 Jul 2007 09:29:02 GMT
Accept-Ranges: bytes
ETag: "036a9130d0c71:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:52 GMT
220.169.107.3:1266/frzx/skins/rmyy/top-1.gif
220.169.107.3200 OK 369 B URL GET HTTP/1.1 220.169.107.3:1266/frzx/skins/rmyy/top-1.gif
IP 220.169.107.3:1266
Requested by http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
File type GIF image data, version 89a, 66 x 113
Hash ec54b348126cfee3782d4c55dea071e1
42e8e96e53eaf843c75ab8c7cab3ec3045ffab04
eff5195525db7d98c43781243c4fb10087c992840e1376596edc48bf640d2fc2
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /frzx/skins/rmyy/top-1.gif HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 369
Content-Type: image/gif
Last-Modified: Thu, 05 Nov 2009 05:52:24 GMT
Accept-Ranges: bytes
ETag: "09cb025dc5dca1:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:52 GMT
220.169.107.3:1266/frzx/skins/rmyy/top-2.gif
220.169.107.3200 OK 344 B URL GET HTTP/1.1 220.169.107.3:1266/frzx/skins/rmyy/top-2.gif
IP 220.169.107.3:1266
Requested by http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
File type GIF image data, version 89a, 66 x 113
Hash fc882591932de55c3feb54d5b1cb5396
7d9e0884e9e6e8f5c8e4460ea2d4fb8e02decb93
4b74ef701320c5e4f194b80701f70ed5351691e684e52d5a6d4203eb9b4328c8
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /frzx/skins/rmyy/top-2.gif HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 344
Content-Type: image/gif
Last-Modified: Thu, 05 Nov 2009 05:57:56 GMT
Accept-Ranges: bytes
ETag: "0ca93ebdc5dca1:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:52 GMT
220.169.107.3:1266/frzx/skins/rmyy/menubg.gif
220.169.107.3200 OK 258 B URL GET HTTP/1.1 220.169.107.3:1266/frzx/skins/rmyy/menubg.gif
IP 220.169.107.3:1266
Requested by http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
File type GIF image data, version 89a, 1 x 33
Hash 2c8d1ad533246d8bcc838f523de77e14
01a7ce9f521d7024492c29c36c07fb234a961193
5d230d9d5f650e99cebcf7fbb72bc410d408631066a5668afa948fdd0f4621b7
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /frzx/skins/rmyy/menubg.gif HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 258
Content-Type: image/gif
Last-Modified: Wed, 04 Nov 2009 12:04:58 GMT
Accept-Ranges: bytes
ETag: "0914c7475dca1:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:52 GMT
220.169.107.3:1266/frzx/skins/rmyy/menudevid.gif
220.169.107.3200 OK 258 B URL GET HTTP/1.1 220.169.107.3:1266/frzx/skins/rmyy/menudevid.gif
IP 220.169.107.3:1266
Requested by http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
File type GIF image data, version 89a, 1 x 33
Hash 2c8d1ad533246d8bcc838f523de77e14
01a7ce9f521d7024492c29c36c07fb234a961193
5d230d9d5f650e99cebcf7fbb72bc410d408631066a5668afa948fdd0f4621b7
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /frzx/skins/rmyy/menudevid.gif HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 258
Content-Type: image/gif
Last-Modified: Fri, 24 Sep 2010 08:12:46 GMT
Accept-Ranges: bytes
ETag: "013545c05bcb1:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:52 GMT
220.169.107.3:1266/frzx/skins/rmyy/menunowbg.gif
220.169.107.3200 OK 258 B URL GET HTTP/1.1 220.169.107.3:1266/frzx/skins/rmyy/menunowbg.gif
IP 220.169.107.3:1266
Requested by http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
File type GIF image data, version 89a, 1 x 33
Hash 2c8d1ad533246d8bcc838f523de77e14
01a7ce9f521d7024492c29c36c07fb234a961193
5d230d9d5f650e99cebcf7fbb72bc410d408631066a5668afa948fdd0f4621b7
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /frzx/skins/rmyy/menunowbg.gif HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 258
Content-Type: image/gif
Last-Modified: Wed, 04 Nov 2009 12:05:16 GMT
Accept-Ranges: bytes
ETag: "026712475dca1:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:52 GMT
220.169.107.3:1266/frzx/skins/rmyy/navbg.gif
220.169.107.3200 OK 60 B URL GET HTTP/1.1 220.169.107.3:1266/frzx/skins/rmyy/navbg.gif
IP 220.169.107.3:1266
Requested by http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
File type GIF image data, version 89a, 20 x 26
Hash f512c095822f71207d592629902a5e4e
54ce205bb62f42f0ea3b40bdde00e65dfe5ea785
8795939af686704eed1785f8f405f2e3f7ead06c9b5a891ac10e020ba001495b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /frzx/skins/rmyy/navbg.gif HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 60
Content-Type: image/gif
Last-Modified: Fri, 16 May 2008 08:50:24 GMT
Accept-Ranges: bytes
ETag: "0c839e131b7c81:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:52 GMT
220.169.107.3:1266/frzx/skins/rmyy/centerbg.gif
220.169.107.3200 OK 49 B URL GET HTTP/1.1 220.169.107.3:1266/frzx/skins/rmyy/centerbg.gif
IP 220.169.107.3:1266
Requested by http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
File type GIF image data, version 89a, 1 x 2
Hash 968ad17699ad7df5c56ddfea235ce345
240ea6b36d944515337476ccb1b9c2dd4ba3abe7
1d2335a42199cbc6f423ea3636aa045d6dff94b7052ee780821ae3e183e0234c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /frzx/skins/rmyy/centerbg.gif HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 49
Content-Type: image/gif
Last-Modified: Thu, 05 Nov 2009 15:58:44 GMT
Accept-Ranges: bytes
ETag: "012dcd9305eca1:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:52 GMT
220.169.107.3:1266/frzx/skins/rmyy/logintop2.gif
220.169.107.3200 OK 58 B URL GET HTTP/1.1 220.169.107.3:1266/frzx/skins/rmyy/logintop2.gif
IP 220.169.107.3:1266
Requested by http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
File type GIF image data, version 89a, 1 x 157
Hash 94d357e2c4dc8976f8a5b447d769638e
d376783a2382b4323b03f60ff4647180497c53f2
7e43b1ac96fee04536ec5041adeef378cffceacb01f8a5040cdbff8f470fc535
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /frzx/skins/rmyy/logintop2.gif HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 58
Content-Type: image/gif
Last-Modified: Thu, 05 Nov 2009 02:42:22 GMT
Accept-Ranges: bytes
ETag: "07b9199c15dca1:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:52 GMT
220.169.107.3:1266/frzx/skins/rmyy/leftbg.gif
220.169.107.3200 OK 73 B URL GET HTTP/1.1 220.169.107.3:1266/frzx/skins/rmyy/leftbg.gif
IP 220.169.107.3:1266
Requested by http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
File type GIF image data, version 89a, 229 x 1
Hash 0467970a2b9dceb9708befb2e99280ae
a60892cdde721e7f01d01e48a4a93402e6ad24f9
ee260097653946a6e49c3a458f28d1882d14a35251b7f2b06e0a99f84c18e156
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /frzx/skins/rmyy/leftbg.gif HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 73
Content-Type: image/gif
Last-Modified: Thu, 05 Nov 2009 07:10:10 GMT
Accept-Ranges: bytes
ETag: "0b5d72e75dca1:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:52 GMT
220.169.107.3:1266/frzx/skins/rmyy/leftt.gif
220.169.107.3200 OK 1.4 kB URL GET HTTP/1.1 220.169.107.3:1266/frzx/skins/rmyy/leftt.gif
IP 220.169.107.3:1266
Requested by http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
File type GIF image data, version 89a, 209 x 38
Hash ac9f6daeaab5ef60f0f7367a2b2bed95
76cc466b98645f2e02e1f4535b977191c66c7445
3a7d4ae8f62b26134878179ffcdb224418c7f96461c90d79bd4d562ac172343f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /frzx/skins/rmyy/leftt.gif HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 1381
Content-Type: image/gif
Last-Modified: Sat, 07 Nov 2009 15:46:02 GMT
Accept-Ranges: bytes
ETag: "0997f68c15fca1:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:54 GMT
220.169.107.3:1266/frzx/skins/rmyy/tbg.jpg
220.169.107.3200 OK 8.1 kB URL GET HTTP/1.1 220.169.107.3:1266/frzx/skins/rmyy/tbg.jpg
IP 220.169.107.3:1266
Requested by http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2007:05:24 10:28:12], progressive, precision 8, 15x33, components 3
Hash 52777a262565eae2d6b3c1499d0548e1
b72729aba51966b5e224dade7395ecf1a0cfd020
a80598208a42605d73d6d1aef077f7b16b3d48129b099e1513d9801df6b85dd7
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /frzx/skins/rmyy/tbg.jpg HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 8077
Content-Type: image/jpeg
Last-Modified: Mon, 19 May 2008 03:18:16 GMT
Accept-Ranges: bytes
ETag: "08c73fa5eb9c81:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:54 GMT
220.169.107.3:1266/frzx/skins/rmyy/smenuv2.jpg
220.169.107.3200 OK 18 kB URL GET HTTP/1.1 220.169.107.3:1266/frzx/skins/rmyy/smenuv2.jpg
IP 220.169.107.3:1266
Requested by http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2009:11:05 20:22:50], baseline, precision 8, 180x36, components 3
Hash a6aa5476a9a81fdbc57cd7275c154133
f2b6b0d6f2ed09c9ebb7ddd65d036993f6e39bd9
944f966ae8ec1c6a0807df4cb1ab9ad42346815a7cf07c8800e0c80cb5f0d3ef
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /frzx/skins/rmyy/smenuv2.jpg HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 18149
Content-Type: image/jpeg
Last-Modified: Thu, 05 Nov 2009 12:22:52 GMT
Accept-Ranges: bytes
ETag: "0b6ddb1125eca1:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:52 GMT
220.169.107.3:1266/frzx/skins/rmyy/vvv.gif
220.169.107.3200 OK 262 B URL GET HTTP/1.1 220.169.107.3:1266/frzx/skins/rmyy/vvv.gif
IP 220.169.107.3:1266
Requested by http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
File type GIF image data, version 89a, 1 x 38
Hash fe5949ad8c3a7691e6d5b50c826ed353
c64baa5eba541c5e25150966e6a8f602a1d00fde
b4bd81bf61b9b34a7a41e98329c84120288a010c6ff88205d81fb916799fceca
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /frzx/skins/rmyy/vvv.gif HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 262
Content-Type: image/gif
Last-Modified: Fri, 06 Nov 2009 06:51:10 GMT
Accept-Ranges: bytes
ETag: "043c385ad5eca1:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:54 GMT
220.169.107.3:1266/frzx/article/Photo.scr
220.169.107.3404 Not Found 1.3 kB URL GET HTTP/1.1 220.169.107.3:1266/frzx/article/Photo.scr
IP 220.169.107.3:1266
Requested by http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
File type HTML document, ISO-8859 text, with CRLF line terminators
Hash 2923b250a3660c034aa7831d5e6d7f3c
646f109012bac000fe1bc58f40d112f77483f22a
e682dfcdde010f6e15bae0d843696f6ae8d5a85e75441660b782789ee747f075
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /frzx/article/Photo.scr HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Content-Length: 1308
Content-Type: text/html
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:54 GMT
220.169.107.3:1266/frzx/skins/rmyy/1.jpg
220.169.107.3200 OK 111 kB URL GET HTTP/1.1 220.169.107.3:1266/frzx/skins/rmyy/1.jpg
IP 220.169.107.3:1266
Requested by http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2012:10:17 19:16:22], baseline, precision 8, 980x175, components 3
Size 111 kB (110562 bytes)
Hash a09deb698ff8c70d3c7ce3392af828e3
8b5c3060e4938d05e3b7d197a929fd7c058ba4f1
b744a9a4bf41efcd5984f80f4e405ba322e84a32145548fa2de7463025943dc5
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /frzx/skins/rmyy/1.jpg HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 110562
Content-Type: image/jpeg
Last-Modified: Wed, 17 Oct 2012 11:16:34 GMT
Accept-Ranges: bytes
ETag: "0d5afdd58accd1:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:52 GMT
220.169.107.3:1266/frzx/skins/rmyy/ye.jpg
220.169.107.3200 OK 102 kB URL GET HTTP/1.1 220.169.107.3:1266/frzx/skins/rmyy/ye.jpg
IP 220.169.107.3:1266
Requested by http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2009:11:05 22:17:21], baseline, precision 8, 980x97, components 3
Size 102 kB (102111 bytes)
Hash fc2460cc7116b7c3bc5e4f4e956ac362
3e94132d71058df579ebfff3b971de563b8580c1
692efe6d069ed0c2bd1c64879c5ecd89a249227f1bdaf3763526412595c74cdf
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /frzx/skins/rmyy/ye.jpg HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 102111
Content-Type: image/jpeg
Last-Modified: Thu, 05 Nov 2009 14:17:22 GMT
Accept-Ranges: bytes
ETag: "085b4b0225eca1:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:52 GMT
220.169.107.3:1266/favicon.ico
220.169.107.3404 Not Found 1.3 kB URL GET HTTP/1.1 220.169.107.3:1266/favicon.ico
IP 220.169.107.3:1266
Requested by http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
File type HTML document, ISO-8859 text, with CRLF line terminators
Hash 2923b250a3660c034aa7831d5e6d7f3c
646f109012bac000fe1bc58f40d112f77483f22a
e682dfcdde010f6e15bae0d843696f6ae8d5a85e75441660b782789ee747f075
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /favicon.ico HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Content-Length: 1308
Content-Type: text/html
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:55 GMT
220.169.107.3:1266/frzx/skins/rmyy/2.jpg
220.169.107.3200 OK 111 kB URL GET HTTP/1.1 220.169.107.3:1266/frzx/skins/rmyy/2.jpg
IP 220.169.107.3:1266
Requested by http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2009:11:08 15:58:08], baseline, precision 8, 980x175, components 3
Size 111 kB (111012 bytes)
Hash 85e274c0a1f5e294e4225466a7895dc3
44a86710ba0620233c561912e1a46b41d8eca0be
cb7c33f43d520e7ec0c759ba55a90592ecd4e20bbe00fb246802731730e93f90
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /frzx/skins/rmyy/2.jpg HTTP/1.1
Host: 220.169.107.3:1266
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://220.169.107.3:1266/frzx/article/showclass.asp?classid=3/
Cookie: YNAGZH=GuestSID=091090042154899; ASPSESSIONIDCASQCDDS=FEAAAHMADADIHGPMOHGPDJHJ
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 111012
Content-Type: image/jpeg
Last-Modified: Sun, 08 Nov 2009 07:58:14 GMT
Accept-Ranges: bytes
ETag: "06f14394960ca1:11d7"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 07 May 2024 18:15:54 GMT