199.188.105.67200 OK 29 kB URL User Request GET HTTP/1.1 IP 199.188.105.67:80
File type HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (304), with CRLF, LF line terminators
Hash 42241d3f6fc3f3fcb7551ea2099153e3
f99a9e211af67c64b74054192d439b83ccb81707
521eec03dee21bb70e1a3f23fc5e7a4d43eedcd349fb14282eb3df824c2f8576
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET / HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:02 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
dozf.top/temp/31/static/js/top.js
199.188.105.67200 OK 5.0 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/top.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (14060), with no line terminators
Hash 1a0f98974e63b6ad4969e3866eaf2ca3
578052c08f483755311fec541e9925ea5839d9f4
71800e3fac2a56c558ba6bf86cb4b479084abb3210984412d186f359347007fb
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/top.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:02 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-36ec"
Expires: Thu, 25 Apr 2024 20:25:02 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/css/animate.min.css
199.188.105.67200 OK 4.9 kB URL GET HTTP/1.1 dozf.top/temp/31/static/css/animate.min.css
IP 199.188.105.67:80
File type ASCII text, with very long lines (52592), with CRLF line terminators
Hash 9c511ec765c315b3fef704e1ee13d1d9
2175b6a0071009446598f541e21a67b30fee32a2
3e16d0301ff30cec5585f5ac7a6ce428c3302a9ce84ebc5d9f1b4793a63b5f49
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/css/animate.min.css HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:02 GMT
Content-Type: text/css
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-ce2e"
Expires: Thu, 25 Apr 2024 20:25:02 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/constant.js
199.188.105.67200 OK 776 B URL GET HTTP/1.1 dozf.top/temp/31/static/js/constant.js
IP 199.188.105.67:80
File type ASCII text, with very long lines (776), with no line terminators
Hash 72d3b3dd90d48f24e6c8bcb18851d2bd
43e1eaec51c1089244db2e35570dfd5df7f887cb
da90ce66a63ca4e019ec204aa94922feb68a1efb140b9f8b61ec234071e12e87
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/constant.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:02 GMT
Content-Type: application/javascript
Content-Length: 776
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Connection: keep-alive
ETag: "6441f6e0-308"
Expires: Thu, 25 Apr 2024 20:25:02 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
dozf.top/temp/31/static/js/jquery.i18n.properties.min.js
199.188.105.67200 OK 2.5 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/jquery.i18n.properties.min.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (4926), with CRLF line terminators
Hash 180066afb0d53d40297af991c0a737d9
f16092fde04f92c676f1c1a8a8546912bf394d94
fa2892641af9d2e42b32354e773390d3a65a87c064507fb79bcf00a728a1e182
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/jquery.i18n.properties.min.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:02 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-15c1"
Expires: Thu, 25 Apr 2024 20:25:02 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/i18n.js
199.188.105.67200 OK 358 B URL GET HTTP/1.1 dozf.top/temp/31/static/js/i18n.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (358), with no line terminators
Hash db6a5f06deac4d03aee4359cfc3c9220
2aef07055c57f554be03977af21f672693a3a0ab
1537bfa37451c0c74b237edaceac54b79a1f3649a5790ba5e1589e3b8aca8f26
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/i18n.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:02 GMT
Content-Type: application/javascript
Content-Length: 358
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Connection: keep-alive
ETag: "6441f6e0-166"
Expires: Thu, 25 Apr 2024 20:25:02 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
dozf.top/temp/31/static/js/lhgdialog.min.js
199.188.105.67200 OK 10 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/lhgdialog.min.js
IP 199.188.105.67:80
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (17965), with CRLF line terminators
Hash 2e8fa135e4cbbc073cb4de8215c3d79a
8547a67692391d0b86210c35d12d49340685ae04
a06d9ea4e0b3a007fee504aa5a85dc841939403594326a0bde625bbb0b1901a8
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/lhgdialog.min.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:02 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-4df0"
Expires: Thu, 25 Apr 2024 20:25:02 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/css/site.css
199.188.105.67200 OK 31 kB URL GET HTTP/1.1 dozf.top/temp/31/static/css/site.css
IP 199.188.105.67:80
File type ASCII text, with very long lines (65536), with no line terminators
Hash c30fe190ffbc7b960be976af18f94bb6
51e1bd9769845b5c44d7a704708e6081d6bee82d
ed83043ddb39105c6000b72bfa863e2a91fc8dad712459dd9c46fae3185df4f9
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/css/site.css HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:02 GMT
Content-Type: text/css
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-1b633"
Expires: Thu, 25 Apr 2024 20:25:02 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/jquery.cookie.js
199.188.105.67200 OK 709 B URL GET HTTP/1.1 dozf.top/temp/31/static/js/jquery.cookie.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (1302), with no line terminators
Hash 513971b7e720860e15e240db85c1d106
598184243ba67acc06a3341c91aa7cd4a9ceb344
25699b04e11fb0a1ed972df8b0e5a384cf70ff41249ffc0b885ccfaa58b9503f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/jquery.cookie.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:02 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-516"
Expires: Thu, 25 Apr 2024 20:25:02 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/jquery-1.11.3.min.js
199.188.105.67200 OK 38 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/jquery-1.11.3.min.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (32038), with CRLF line terminators
Hash 8e67452f561a3b8ee8a82fdf57672cd5
44d980c8f4d21057018d80398d574fa72aea1bc7
4e7e1c16e351e7bfc80cddef9f98e99113ddb0d1e201be00d53955fe62f0e523
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/jquery-1.11.3.min.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:02 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-176fd"
Expires: Thu, 25 Apr 2024 20:25:02 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/public.js
199.188.105.67200 OK 21 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/public.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Hash 1862367fc61631f8c626b15e64cecf04
d4f0064bf8bb665bcd9abdeb20379c1b8832806c
3e38edff2f383f6d5f22f7646e1155abd7dc76e0cd334a84ac65706c438c58ac
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/public.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:02 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-1153c"
Expires: Thu, 25 Apr 2024 20:25:02 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/adobefont.js
199.188.105.67200 OK 647 B URL GET HTTP/1.1 dozf.top/temp/31/static/js/adobefont.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (647), with no line terminators
Hash 084141babdf91b3ede553b0ab7d02687
f23b4c3b65cb84e75de8f54a877d80f009eae91c
08aa3fda2a3fe1ca9cbbb9e527c21d7a59f50ed6f7b8d80175a05e2e68e110ac
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/adobefont.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:02 GMT
Content-Type: application/javascript
Content-Length: 647
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Connection: keep-alive
ETag: "6441f6e0-287"
Expires: Thu, 25 Apr 2024 20:25:02 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
dozf.top/temp/31/static/js/PcAjaxJson.js
199.188.105.67200 OK 1.2 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/PcAjaxJson.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (7251), with no line terminators
Hash d5806c7e50264ebd65aa003ec56fe805
927f6db451a4cdd1cdfdfa3cd2985b6f0c9c2f70
5801d0384ea130f38935cfd1f73ef5008aeb79a66c32054ffd8d4b8e4b191793
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/PcAjaxJson.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:02 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-1c53"
Expires: Thu, 25 Apr 2024 20:25:02 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/ajax.js
199.188.105.67200 OK 1.5 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/ajax.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (4019), with no line terminators
Hash d04cafc8343ab413a18e26fc9c61f771
193569283be1bbba648c296e5f2d4247379b5e12
3e024c78803ea6f52af53b98634bb86b53f2cea39874ce8f4f699891c462da76
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/ajax.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:02 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-fb3"
Expires: Thu, 25 Apr 2024 20:25:02 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/usermodel.js
199.188.105.67200 OK 805 B URL GET HTTP/1.1 dozf.top/temp/31/static/js/usermodel.js
IP 199.188.105.67:80
File type ASCII text, with very long lines (4066), with no line terminators
Hash e07256d9dfe02f5f71f307f869946d44
d1094da81cb43190cf4deb3e25a9e432e8e2d8e6
74e3c1d7c615a40573ef112bc464b56cebadc414366636a16665d48f04fc6ceb
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/usermodel.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:02 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-fe2"
Expires: Thu, 25 Apr 2024 20:25:02 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/patentenum.js
199.188.105.67200 OK 28 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/patentenum.js
IP 199.188.105.67:80
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1702632f848dced081eec813318e481d
455374c1d250ace1140e8d71a273b09f9b8d793d
3ecb8ccc9e116e31ae20b0b9f19ef13a4315360f6bf633df7a8ff8f0f3529086
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/patentenum.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:02 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-190b5"
Expires: Thu, 25 Apr 2024 20:25:02 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/userctrl.js
199.188.105.67200 OK 3.6 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/userctrl.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (13374), with no line terminators
Hash a5fe360266f38d844473e183b6bd8204
ff4963bd6d9339d07af26208cd0ca8374585b49d
9286cb1a8f3ad0b3e89696e8fa74d85631d1ec225a861b33201449cc37098218
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/userctrl.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:03 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-343e"
Expires: Thu, 25 Apr 2024 20:25:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/baiduhm.js
199.188.105.67200 OK 869 B URL GET HTTP/1.1 dozf.top/temp/31/static/js/baiduhm.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (869), with no line terminators
Hash 30705f79b7809d97add13fd76e538417
0082d9dc5f6e1f226d784ad6f5a190a6974407ca
f071e270ea57b80b083422d76c428f8127241213cbcad78f4b8501d217569fe7
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/baiduhm.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:03 GMT
Content-Type: application/javascript
Content-Length: 869
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Connection: keep-alive
ETag: "6441f6e0-365"
Expires: Thu, 25 Apr 2024 20:25:03 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
dozf.top/temp/31/static/css/banner.css
199.188.105.67200 OK 576 B URL GET HTTP/1.1 dozf.top/temp/31/static/css/banner.css
IP 199.188.105.67:80
File type ASCII text, with very long lines (1382), with no line terminators
Hash d56b4b805d6e547ea2d5032288c5bf93
6c531c8b756ab9caae7d4e80951b8370b4013e35
7fdef0d5de30588812454633b86bbc474404b065835c316a37301a0ce0c7122e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/css/banner.css HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:03 GMT
Content-Type: text/css
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-566"
Expires: Thu, 25 Apr 2024 20:25:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/css/index_service.css
199.188.105.67200 OK 1.8 kB URL GET HTTP/1.1 dozf.top/temp/31/static/css/index_service.css
IP 199.188.105.67:80
File type ASCII text, with very long lines (8778), with no line terminators
Hash 4e375cfe9f1de957351e7f9fc23d01cd
c60bd898a29b1c1309284d98eab9b390d1a740a6
c86a5d2d7fa8a59b3d14df90321db86b88b2a8733e20016575a04a487dfc5064
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/css/index_service.css HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:03 GMT
Content-Type: text/css
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-224a"
Expires: Thu, 25 Apr 2024 20:25:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/tongji.js?HnKF
199.188.105.67200 OK 424 B IP 199.188.105.67:80
File type HTML document, ASCII text, with very long lines (554)
Hash 2670717a4f5405f69e14291c7c42264e
257ccf0465b11ede72971fb2e04eaa0cd7e69d3e
90ad5b193f0d1cefd3b99b9214f14ff03e946ce43471459272c9e40275f9ec64
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /tongji.js?HnKF HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:03 GMT
Content-Type: application/javascript
Last-Modified: Sun, 31 Mar 2024 12:18:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6609549b-455"
Expires: Thu, 25 Apr 2024 20:25:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/baish.js?ph43mU
199.188.105.67200 OK 381 B IP 199.188.105.67:80
File type JavaScript source, ASCII text
Hash c54822212c05910c3af32d285d8434c9
4682b179821b08ba9076cbd0ea2b7e734b190ca4
bd87b277ab23a31f82c177ae878c76ec0f927129a20468de02850ea267d8e4e6
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /baish.js?ph43mU HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:03 GMT
Content-Type: application/javascript
Last-Modified: Sun, 03 Mar 2024 00:22:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65e3c2ca-56e"
Expires: Thu, 25 Apr 2024 20:25:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/baiss.js?vrF
199.188.105.67200 OK 1.0 kB IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (554)
Hash b1532a30ee430c2c3769c9b89f3b11d9
8e1e66d40ea487482904451aa5a7dc0b19520382
26e5a18730cdf3377b29995aea426f105fbe02129ccef6b06baa5ada420cb3bf
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /baiss.js?vrF HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:03 GMT
Content-Type: application/javascript
Last-Modified: Mon, 22 Apr 2024 09:56:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6626344e-97e"
Expires: Thu, 25 Apr 2024 20:25:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/css/top.css
199.188.105.67200 OK 1.8 kB URL GET HTTP/1.1 dozf.top/temp/31/static/css/top.css
IP 199.188.105.67:80
File type ASCII text, with very long lines (5890), with no line terminators
Hash b7c7d1797867c70ef05f7fbf2e1edf3f
436ae5b05fedcb88071c0b7d85d063b1eaabfe6d
d054d5c9ea86060f9b428cd62c42a30fabc0017332a91b2f55afd1ae34b354f0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/css/top.css HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:03 GMT
Content-Type: text/css
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-1702"
Expires: Thu, 25 Apr 2024 20:25:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/css/index.css
199.188.105.67200 OK 39 kB URL GET HTTP/1.1 dozf.top/temp/31/static/css/index.css
IP 199.188.105.67:80
File type ASCII text, with very long lines (65536), with no line terminators
Hash 458a682924be180e86c95c7f6d7377eb
02fed0cc8be4eba88679d3350b0903f9855b3cc1
08147f48c624abc1e59e793fb4a545e4f7b888d9fd3867a144d4e79aad670e85
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/css/index.css HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:03 GMT
Content-Type: text/css
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-1377e"
Expires: Thu, 25 Apr 2024 20:25:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/gomobilesite.js
199.188.105.67200 OK 528 B URL GET HTTP/1.1 dozf.top/temp/31/static/js/gomobilesite.js
IP 199.188.105.67:80
File type C source, ASCII text, with very long lines (1059), with no line terminators
Hash d05ce3ae99da5fa5a40177175e3217af
3c3d7bd7c16400d0ece76596b6bccf407e75b1d6
ff54cf288625c430d2bfc3d5a1b267ce2836bb29ef35c8fa233dea7da87ba734
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/gomobilesite.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:03 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-423"
Expires: Thu, 25 Apr 2024 20:25:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/css/bootstrap.min.css
199.188.105.67200 OK 24 kB URL GET HTTP/1.1 dozf.top/temp/31/static/css/bootstrap.min.css
IP 199.188.105.67:80
File type ASCII text, with very long lines (65367), with CRLF line terminators
Hash f26a787606baf622576953f2a6ed6012
32711edd7ff4997f09067977962ff3a54f591560
b6f9af7ea54aec472df3d1b9642e90a78ca0e45e074edd87d3cf465ff55812d9
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/css/bootstrap.min.css HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:03 GMT
Content-Type: text/css
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-1de87"
Expires: Thu, 25 Apr 2024 20:25:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/css/icon.css
199.188.105.67200 OK 15 kB URL GET HTTP/1.1 dozf.top/temp/31/static/css/icon.css
IP 199.188.105.67:80
File type ASCII text, with very long lines (35252), with no line terminators
Hash c346baed2321af29971f67eb61b2d51e
c6e8225866d9ff95283faaf22277a17b6051358b
eb2d67708082f9354d4724c11b1c6613d5d2fd6ee25481a559d00949259c1c7d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/css/icon.css HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:03 GMT
Content-Type: text/css
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-89b4"
Expires: Thu, 25 Apr 2024 20:25:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/css/public.css
199.188.105.67200 OK 13 kB URL GET HTTP/1.1 dozf.top/temp/31/static/css/public.css
IP 199.188.105.67:80
File type Unicode text, UTF-8 text, with very long lines (54326), with no line terminators
Hash 2a4f9e5d635615912a4f6686d5809103
51293b77746e8241471519eeac5b78c988b91ea0
54105adaf24974171a50bb004586d00624a55d9d3dffd82f65d24f4613cfbe34
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/css/public.css HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:03 GMT
Content-Type: text/css
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-d43a"
Expires: Thu, 25 Apr 2024 20:25:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/upload-1.0.js
199.188.105.67200 OK 3.0 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/upload-1.0.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (8640), with no line terminators
Hash 073dbe0549486b9fc3f7d7fe0d5a457b
bb04b103699588bdf1689eea0f911df0210748e2
ac37992e0475f316ad7071856949d6f115faf5b806592439ec84575a351cf41a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/upload-1.0.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:03 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-21c0"
Expires: Thu, 25 Apr 2024 20:25:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/myidea_dialog.js
199.188.105.67200 OK 1.4 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/myidea_dialog.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (3039), with no line terminators
Hash 530e1797c729896c7a1ca9ea7dc45217
9679d785ecf3ae8fa57a465a2e88a190a284a91d
4f35486b295c89ea5fa066760862a088aaa4c6e2d9d5e4f926ba4e05437bc464
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/myidea_dialog.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:03 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-bdf"
Expires: Thu, 25 Apr 2024 20:25:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/fixed.js
199.188.105.67200 OK 1.5 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/fixed.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (3561), with no line terminators
Hash b355ea7d57b1f89d7a1713847e9ea3b9
774829175626aed498e97b850e61bca1fc0463ca
e8ae3f56489e1e9100e6d9b34a79223d38272a4f695dbf5e1bf993f8b2dcbb59
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/fixed.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:03 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-de9"
Expires: Thu, 25 Apr 2024 20:25:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/channel.js
199.188.105.67200 OK 1.1 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/channel.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (2601), with no line terminators
Hash 2f457b2e111106ab08bbe291ea1dd2ea
d800963a167fcd856d74d5017c9ee9cd80b4b1c7
1ec4d6d2bb7899dd67c8a85ddad84c495e5dc2d490a86648ca7703103b8c03fd
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/channel.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:03 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-a29"
Expires: Thu, 25 Apr 2024 20:25:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/css/budget_dialog.css
199.188.105.67200 OK 1.3 kB URL GET HTTP/1.1 dozf.top/temp/31/static/css/budget_dialog.css
IP 199.188.105.67:80
File type ASCII text, with very long lines (3892), with no line terminators
Hash b37cbebf9bbb11df4bc2fcf953f269c8
2e0160864e15d4ca6acffb5e1581a084a8355666
163d3e3a8967c403ba39ab26c07eaf3931149ff58a2e82fea2d2232d368b34b0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/css/budget_dialog.css HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:03 GMT
Content-Type: text/css
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-f34"
Expires: Thu, 25 Apr 2024 20:25:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/css/common.css
199.188.105.67200 OK 1.8 kB URL GET HTTP/1.1 dozf.top/temp/31/static/css/common.css
IP 199.188.105.67:80
File type ASCII text, with very long lines (6353), with no line terminators
Hash e88fcd1cb35df778fd253daa713bd048
c3db3a481f5543b5705236c39edd46feba09713f
4278df57de1b9e4f53c05bb4d856505a0a75cee308e26acc29ff757a66c4680a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/css/common.css HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:03 GMT
Content-Type: text/css
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-18d1"
Expires: Thu, 25 Apr 2024 20:25:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/budget_dialog.js
199.188.105.67200 OK 3.0 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/budget_dialog.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (9868), with no line terminators
Hash c32de2f81d4f6d235edd40da09939c84
9978adbf9c60a36d7253be089e18003c9c076f17
c6d4c69e07066d220f0c747fb0470af0186c7e062c51b4b5aa78306c4d16ec35
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/budget_dialog.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:03 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-268c"
Expires: Thu, 25 Apr 2024 20:25:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/bootstrap.min.js
199.188.105.67200 OK 11 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/bootstrap.min.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (32034), with CRLF line terminators
Hash 4356df370bab29993ef606510fa13477
3e58d6768df39de00d80e064c274ef66ed7cd336
eac180d02ab055056d85eb64bd71be9435b2c54385cc737447817762c7ba22b7
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/bootstrap.min.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:03 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-8fda"
Expires: Thu, 25 Apr 2024 20:25:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/site.js
199.188.105.67200 OK 1.5 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/site.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (3598), with no line terminators
Hash fd8c2e2dc3ef727b08e4483713e7f856
ad56888fb6c8ca35989410baa9154845dad73de2
4c5bb7195b41f04167ad0b4c832a27a83c8733e95e0a78f044084b73f83f2544
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/site.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:03 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-e0e"
Expires: Thu, 25 Apr 2024 20:25:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/onlinetel.js
199.188.105.67200 OK 1.7 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/onlinetel.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (3966), with no line terminators
Hash 34d5ee03852ab774d6c004b37670d967
c4549688ee46fb6d9ed589ae16679fbcbe8f8af0
778f226538b9460d397bd7c449efdc1146766b0b6ae9d569241e3d6a46b35b60
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/onlinetel.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:03 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-f7e"
Expires: Thu, 25 Apr 2024 20:25:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/css/login-box.css
199.188.105.67200 OK 1.8 kB URL GET HTTP/1.1 dozf.top/temp/31/static/css/login-box.css
IP 199.188.105.67:80
File type Unicode text, UTF-8 text, with very long lines (6010), with no line terminators
Hash e943f614e4a31c614ff647361682aa6f
fdf33709b7f9e229a8155240beeeea60d271af41
df16002daf31b20199431c33a1d678d7801ec776c857753063f291f52eb70062
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/css/login-box.css HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:03 GMT
Content-Type: text/css
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-1784"
Expires: Thu, 25 Apr 2024 20:25:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/md5.js
199.188.105.67200 OK 1.5 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/md5.js
IP 199.188.105.67:80
File type ASCII text, with very long lines (3517), with no line terminators
Hash 3451d7a59c75837a891bfad2456b227d
f011cef3699309d0af388989a1a6b79774d2e707
e1b21c15e1e22e2d7a0ad606400baeeeba8f56c9e03c6ac304b43675509d7225
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/md5.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:03 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-dbd"
Expires: Thu, 25 Apr 2024 20:25:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/login-box.js
199.188.105.67200 OK 2.6 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/login-box.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (6941), with no line terminators
Hash 2403cb07fa3882702183290ac1ff9785
1255a381eccafb90e32cea4a901b676f8e40fcb5
1ebe83ef6efd7a0a0e61fc8334009c9df8f9efd152550162800199ac3ad46c4a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/login-box.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:03 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-1b1d"
Expires: Thu, 25 Apr 2024 20:25:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/placeholder.js
199.188.105.67200 OK 921 B URL GET HTTP/1.1 dozf.top/temp/31/static/js/placeholder.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (2656), with no line terminators
Hash b3300bc6b179f572aa7ff84334f6f060
788b5cdaf2f9948ac7107e03c3a1ef37d6c1b960
1ba79f87a78b4e037b64abe49af70e9967a50ce96bc38848863d4a5e260f8b98
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/placeholder.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:03 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-a60"
Expires: Thu, 25 Apr 2024 20:25:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/Math.uuid.js
199.188.105.67200 OK 707 B URL GET HTTP/1.1 dozf.top/temp/31/static/js/Math.uuid.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (707), with no line terminators
Hash 0d9460efc0f33af00aa1ffd87095c852
31109c0fea7402c3acb2861845f951da13d02d2a
778dd0219e31903bc495a546afaa306a58c1c6718af5331965d85beabfcff5b9
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/Math.uuid.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:03 GMT
Content-Type: application/javascript
Content-Length: 707
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Connection: keep-alive
ETag: "6441f6e0-2c3"
Expires: Thu, 25 Apr 2024 20:25:03 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
dozf.top/temp/31/static/js/countUp.js
199.188.105.67200 OK 1.4 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/countUp.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (3579), with no line terminators
Hash 2eed6206e893d6371474549b5b88bc59
bbab50b096df51855e968b78a50bb5a55fde0f5c
3e3ee06903afcde9116a7c3fd1c3c3b36e52269380dc4b6d647487cecfb76dd7
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/countUp.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:03 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-dfb"
Expires: Thu, 25 Apr 2024 20:25:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/indexsearch.js
199.188.105.67200 OK 2.6 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/indexsearch.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (7423), with no line terminators
Hash d2fa6cfcf48f2d21948bb088705d56b3
d2d9d86ad1498532186122d384eaa49eb2f11ee1
a25ff3fb68a6d0406cfa9bd07dec37566be81f268dddc20e83fe42c94117b471
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/indexsearch.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:03 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-1cff"
Expires: Thu, 25 Apr 2024 20:25:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/css/animations.css
199.188.105.67200 OK 6.2 kB URL GET HTTP/1.1 dozf.top/temp/31/static/css/animations.css
IP 199.188.105.67:80
File type ASCII text, with very long lines (55947), with CRLF line terminators
Hash 29e8241c4e42a036b44ce5cecbebc9dd
5913270d27db151e372766512699d227fe997793
7b1281b62daea5066cd02cac4f446e17d90f1010ca00c41515768a3a22a7d666
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/css/animations.css HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:03 GMT
Content-Type: text/css
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-df01"
Expires: Thu, 25 Apr 2024 20:25:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/animate-css3.js
199.188.105.67200 OK 621 B URL GET HTTP/1.1 dozf.top/temp/31/static/js/animate-css3.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (1286), with no line terminators
Hash 901d2d4c527e494ddf2b905d8ced152c
c3febcc9abbb46566952fcda6e019d37f5061f6f
26c2bc56fd150526fc43dc01ee0ddb64dc10dce70830e66cdc494a9a5ce112fc
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/animate-css3.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:03 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-506"
Expires: Thu, 25 Apr 2024 20:25:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/slider.js
199.188.105.67200 OK 768 B URL GET HTTP/1.1 dozf.top/temp/31/static/js/slider.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (1616), with no line terminators
Hash 1c09b1608a5ea47a0fa2e4a2d08d7c1f
e8cbc8dc1ac97e2f391a27f63f942eee9bd51ff9
4be32ffeb72a2be84a407396c79ebedc756663edd156ccd3624e8f48cb821b34
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/slider.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:03 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-650"
Expires: Thu, 25 Apr 2024 20:25:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/index.js
199.188.105.67200 OK 3.6 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/index.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (10091), with no line terminators
Hash 66ac60dd75a07a8ceaf316297c645373
3f90d17ed988481bdd47beff90aea5b5e59f319a
0c96a5988c4c4ac550956bef40a9b731b67bf864810b20a01af01a8c7837a4b9
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/index.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:03 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-276b"
Expires: Thu, 25 Apr 2024 20:25:03 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/skins/default.css
199.188.105.67404 Not Found 146 B URL GET HTTP/1.1 dozf.top/temp/31/static/js/skins/default.css
IP 199.188.105.67:80
File type HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/skins/default.css HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 25 Apr 2024 08:25:03 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
dozf.top/proxy/platform/platform/nowDate
199.188.105.67404 Not Found 146 B URL GET HTTP/1.1 dozf.top/proxy/platform/platform/nowDate
IP 199.188.105.67:80
File type HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /proxy/platform/platform/nowDate HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 25 Apr 2024 08:25:03 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
dozf.top/temp/31/static/picture/ico_jingdu_new.png
199.188.105.67200 OK 4.3 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/ico_jingdu_new.png
IP 199.188.105.67:80
File type PNG image data, 52 x 52, 8-bit/color RGBA, non-interlaced
Hash ab747697c5c01ed8c405826813c3337e
ef6faebd5402b53513f57c832777fc38c534f3c6
2e8bb0b25d4e54a1916ab12094e2352a178aba08c4cd56b05028f65cc4bb9223
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/ico_jingdu_new.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:04 GMT
Content-Type: image/png
Content-Length: 4286
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-10be"
Expires: Sat, 25 May 2024 08:25:04 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/gq_sea.png
199.188.105.67200 OK 20 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/gq_sea.png
IP 199.188.105.67:80
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2021:04:14 15:54:25], baseline, precision 8, 60x39, components 3
Hash 81856df0020c765d33d361f0257ad077
930cb06efe65c27ab6ab4927b4703d0bc6c18a81
4fdd03d32764a147c541dadafc30ec6d171f3229ac3b304fb340d3b9fbb948ee
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/gq_sea.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:04 GMT
Content-Type: image/png
Content-Length: 20334
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-4f6e"
Expires: Sat, 25 May 2024 08:25:04 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/gq_hk.png
199.188.105.67200 OK 2.4 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/gq_hk.png
IP 199.188.105.67:80
File type PNG image data, 60 x 39, 8-bit colormap, non-interlaced
Hash 9b5a22fb43fc700ab07c84fa20e2d9a6
c7e99a5b7dd94edecb3291803f15b406e1974101
bb27fed916e6ade930fecfaad18fe65a2d39a3660aab2253477f383fecf29faa
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/gq_hk.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:04 GMT
Content-Type: image/png
Content-Length: 2414
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-96e"
Expires: Sat, 25 May 2024 08:25:04 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/ico_morecountry.png
199.188.105.67200 OK 2.2 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/ico_morecountry.png
IP 199.188.105.67:80
File type PNG image data, 45 x 43, 8-bit/color RGBA, non-interlaced
Hash 2dddfb0d761597b7e6bf94cf7911cd0d
c0474d303e8234b2289bb44526fae4311c1e624b
a44436fae701e0070411ce99c44a2f4c2a4fb0e3beb9d1d3c65bd838f767f1e2
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/ico_morecountry.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:04 GMT
Content-Type: image/png
Content-Length: 2165
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-875"
Expires: Sat, 25 May 2024 08:25:04 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/gq_tw.png
199.188.105.67200 OK 3.9 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/gq_tw.png
IP 199.188.105.67:80
File type PNG image data, 60 x 39, 8-bit colormap, non-interlaced
Hash 2cdecc87feed8ae82363632ff9d94e56
50b496d357293587382639978ba0081829b93984
4006b68a5d6f04f44279ae1dcc016a338dead78274fb99e1faf5367a0e3c35dd
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/gq_tw.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:04 GMT
Content-Type: image/png
Content-Length: 3901
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-f3d"
Expires: Sat, 25 May 2024 08:25:04 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/gq_ch.png
199.188.105.67200 OK 1.9 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/gq_ch.png
IP 199.188.105.67:80
File type PNG image data, 60 x 39, 8-bit/color RGBA, non-interlaced
Hash c7135cebdf8176242a7e8a79992eaaa2
da21b21a186a24ab46e959eb6f769c2b2119af72
f7da5cca08385ebadced204f8ac4cb59648f09253f4582193b7ef280eb3b6c99
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/gq_ch.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:04 GMT
Content-Type: image/png
Content-Length: 1916
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-77c"
Expires: Sat, 25 May 2024 08:25:04 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/logo_slogan_blue.png
199.188.105.67200 OK 4.3 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/logo_slogan_blue.png
IP 199.188.105.67:80
File type PNG image data, 227 x 46, 8-bit colormap, non-interlaced
Hash f7545a747b5f749e23d734d111224e03
19152634fcadb6d79e50a9ae11b5cf7c90493eb7
208792f66bc271bd21aac518e2814773bb647841c0e4f2d17cc1459487a7240f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/logo_slogan_blue.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:04 GMT
Content-Type: image/png
Content-Length: 4335
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-10ef"
Expires: Sat, 25 May 2024 08:25:04 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/image/ico_home_Phone_gray.png
199.188.105.67200 OK 1.1 kB URL GET HTTP/1.1 dozf.top/temp/31/static/image/ico_home_Phone_gray.png
IP 199.188.105.67:80
File type PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced
Hash 820b5867cd5796269b110a56cf86e029
048ce7d2645687ec8d841e1d5a99cb85cc0abbdd
6272e81d9fc793df095e1e2016af76903fb36262d52ecd634b5f0ab17a7cfee1
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/image/ico_home_Phone_gray.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/static/css/site.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:04 GMT
Content-Type: image/png
Content-Length: 1115
Last-Modified: Fri, 21 Apr 2023 02:37:16 GMT
Connection: keep-alive
ETag: "6441f6dc-45b"
Expires: Sat, 25 May 2024 08:25:04 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/image/logo_slogan_gray.png
199.188.105.67200 OK 4.4 kB URL GET HTTP/1.1 dozf.top/temp/31/static/image/logo_slogan_gray.png
IP 199.188.105.67:80
File type PNG image data, 227 x 46, 8-bit colormap, non-interlaced
Hash e3564031d035c63dc9a18ec974a83860
ba5ce0254e973916e1083d4baa68f0e1ada3e10c
e0382465cd9b668e480951f7988a3d71a44087516c9e062eb0b4cf2b3b357fe2
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/image/logo_slogan_gray.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/static/css/index.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:04 GMT
Content-Type: image/png
Content-Length: 4374
Last-Modified: Fri, 21 Apr 2023 02:37:18 GMT
Connection: keep-alive
ETag: "6441f6de-1116"
Expires: Sat, 25 May 2024 08:25:04 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/image/ico_home_triangle_gray.png
199.188.105.67200 OK 955 B URL GET HTTP/1.1 dozf.top/temp/31/static/image/ico_home_triangle_gray.png
IP 199.188.105.67:80
File type PNG image data, 8 x 4, 8-bit/color RGBA, non-interlaced
Hash 683c122225f51e3612bd30e3bd5fad11
17f7dafe21acef9e3112fe0e6e94e61f84059999
c4c32af79f696383ccf8d7e351a555a3a52eba286343319377a9f9859d529113
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/image/ico_home_triangle_gray.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/static/css/site.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:04 GMT
Content-Type: image/png
Content-Length: 955
Last-Modified: Fri, 21 Apr 2023 02:37:16 GMT
Connection: keep-alive
ETag: "6441f6dc-3bb"
Expires: Sat, 25 May 2024 08:25:04 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/image/menu-hot.png
199.188.105.67200 OK 1.1 kB URL GET HTTP/1.1 dozf.top/temp/31/static/image/menu-hot.png
IP 199.188.105.67:80
File type PNG image data, 26 x 15, 8-bit colormap, non-interlaced
Hash 34e3fb312cd40d7dfc228909bb7abb2f
bc50f282bd3c379d17c9665c1e1bf6672e20d813
127abf8c38ec403a9b944d28740fe6c2c508375cfcfb22c5b11d61e6a254c151
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/image/menu-hot.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/static/css/site.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:04 GMT
Content-Type: image/png
Content-Length: 1146
Last-Modified: Fri, 21 Apr 2023 02:37:16 GMT
Connection: keep-alive
ETag: "6441f6dc-47a"
Expires: Sat, 25 May 2024 08:25:04 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/image/menu-fast.png
199.188.105.67200 OK 3.1 kB URL GET HTTP/1.1 dozf.top/temp/31/static/image/menu-fast.png
IP 199.188.105.67:80
File type PNG image data, 26 x 15, 8-bit/color RGBA, non-interlaced
Hash b2ad268c4da8b92631cde6951116abcf
180b9f0c0228b791857d9a75f599496a4e727f57
c384df28b1c24afa2b3c535e0f0b547142f755698c91b0ab18a2a50efd9746e9
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/image/menu-fast.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/static/css/site.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:04 GMT
Content-Type: image/png
Content-Length: 3115
Last-Modified: Fri, 21 Apr 2023 02:37:16 GMT
Connection: keep-alive
ETag: "6441f6dc-c2b"
Expires: Sat, 25 May 2024 08:25:04 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/proxy/platform/sysParam/listByName?random=0.34627271032951834&name=OFFICIAL_QR_CODE
199.188.105.67404 Not Found 146 B URL GET HTTP/1.1 dozf.top/proxy/platform/sysParam/listByName?random=0.34627271032951834&name=OFFICIAL_QR_CODE
IP 199.188.105.67:80
File type HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /proxy/platform/sysParam/listByName?random=0.34627271032951834&name=OFFICIAL_QR_CODE HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json
token: null
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 25 Apr 2024 08:25:04 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
dozf.top/scripts/lib/i18n/bundle/Messages.properties?_=1714033503519
199.188.105.67404 Not Found 146 B URL GET HTTP/1.1 dozf.top/scripts/lib/i18n/bundle/Messages.properties?_=1714033503519
IP 199.188.105.67:80
File type HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /scripts/lib/i18n/bundle/Messages.properties?_=1714033503519 HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/plain, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 25 Apr 2024 08:25:04 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
dozf.top/temp/31/static/image/new_menu.png
199.188.105.67200 OK 3.1 kB URL GET HTTP/1.1 dozf.top/temp/31/static/image/new_menu.png
IP 199.188.105.67:80
File type PNG image data, 26 x 15, 8-bit/color RGBA, non-interlaced
Hash 6d0d37e9e97d3d3d6ed4eee0521d420d
c8568e53e4686fa70f23887394381439c1cda0d3
90ea783edb48c00fb3c10d536ed72384757b003adf9c721647a4ddbbb3a3ee04
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/image/new_menu.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/static/css/site.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:04 GMT
Content-Type: image/png
Content-Length: 3117
Last-Modified: Fri, 21 Apr 2023 02:37:16 GMT
Connection: keep-alive
ETag: "6441f6dc-c2d"
Expires: Sat, 25 May 2024 08:25:04 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/static/image/v4_banner64.jpg
199.188.105.67404 Not Found 146 B URL GET HTTP/1.1 dozf.top/static/image/v4_banner64.jpg
IP 199.188.105.67:80
File type HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/image/v4_banner64.jpg HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 25 Apr 2024 08:25:04 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
dozf.top/temp/31/static/picture/alpha.png
199.188.105.67200 OK 924 B URL GET HTTP/1.1 dozf.top/temp/31/static/picture/alpha.png
IP 199.188.105.67:80
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced
Hash 107f754ac167269e3344ac4a0d26f6ce
81a01cf7b202575ee157e4e114bbf5e7e1ca0238
11552d70be0b4863e5296666962633456296c1b42ad8ffb0e17d97770997fabb
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/alpha.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:04 GMT
Content-Type: image/png
Content-Length: 924
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-39c"
Expires: Sat, 25 May 2024 08:25:04 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/image/ad_ctr.png
199.188.105.67200 OK 2.6 kB URL GET HTTP/1.1 dozf.top/temp/31/static/image/ad_ctr.png
IP 199.188.105.67:80
File type PNG image data, 70 x 140, 8-bit colormap, non-interlaced
Hash c6e3c0f9846abe8db9a1e799de4b8c83
c7868b7ae6801b42c3d1761c44eca07ed7f3fd5e
b4731ba93b8027550c30f257d2347f0097ace9121583703c8af3034f80646a52
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/image/ad_ctr.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/static/css/banner.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:04 GMT
Content-Type: image/png
Content-Length: 2632
Last-Modified: Fri, 21 Apr 2023 02:37:14 GMT
Connection: keep-alive
ETag: "6441f6da-a48"
Expires: Sat, 25 May 2024 08:25:04 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
sdk.51.la/js-sdk-pro.min.js
47.246.44.240200 OK 13 kB URL GET HTTP/1.1 sdk.51.la/js-sdk-pro.min.js
IP 47.246.44.240:80
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (34110)
Hash 24bb520e9517f2ed3ed987b46aeaf723
846723563d7dd2bff3954f93633b11af0103adc8
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript
Content-Length: 12846
Connection: keep-alive
Date: Wed, 17 Apr 2024 02:56:06 GMT
x-oss-request-id: 661F3A46A554993430118686
x-oss-cdn-auth: success
Accept-Ranges: bytes
x-oss-object-type: Normal
x-oss-storage-class: Standard
Content-MD5: JLtSDpUX8u0+2Ye0aur3Iw==
x-oss-server-time: 3
Ali-Swift-Global-Savetime: 1713322566
Via: cache15.l2de2[0,0,304-0,H], cache6.l2de2[0,0], ens-cache18.se2[0,0,200-0,H], ens-cache4.se2[0,0]
Vary: Accept-Encoding
Last-Modified: Thu, 08 Jun 2023 02:24:34 GMT
x-oss-hash-crc64ecma: 5143829838470429443
Content-Encoding: gzip
Age: 710938
X-Cache: HIT TCP_MEM_HIT dirn:10:322730086
X-Swift-SaveTime: Wed, 17 Apr 2024 02:56:06 GMT
X-Swift-CacheTime: 1296000
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
EagleId: 2ff62c9817140335045314996e
dozf.top/temp/31/static/image/banner-dot.png
199.188.105.67200 OK 1.1 kB URL GET HTTP/1.1 dozf.top/temp/31/static/image/banner-dot.png
IP 199.188.105.67:80
File type PNG image data, 18 x 32, 8-bit/color RGBA, non-interlaced
Hash cf065133d989171002937977bf832ba5
98559451183e670223cf5b98b1010a8823c794ea
476c93e852460f278c2e3559ed367f1b677f00e1f032d57767d77ff4e9816f3c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/image/banner-dot.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/static/css/banner.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:04 GMT
Content-Type: image/png
Content-Length: 1063
Last-Modified: Fri, 21 Apr 2023 02:37:14 GMT
Connection: keep-alive
ETag: "6441f6da-427"
Expires: Sat, 25 May 2024 08:25:04 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
sdk.51.la/js-sdk-pro.min.js
47.246.44.240200 OK 13 kB URL GET HTTP/1.1 sdk.51.la/js-sdk-pro.min.js
IP 47.246.44.240:80
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (34110)
Hash 24bb520e9517f2ed3ed987b46aeaf723
846723563d7dd2bff3954f93633b11af0103adc8
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript
Content-Length: 12846
Connection: keep-alive
Date: Wed, 17 Apr 2024 02:56:06 GMT
x-oss-request-id: 661F3A46A554993430118686
x-oss-cdn-auth: success
Accept-Ranges: bytes
x-oss-object-type: Normal
x-oss-storage-class: Standard
Content-MD5: JLtSDpUX8u0+2Ye0aur3Iw==
x-oss-server-time: 3
Ali-Swift-Global-Savetime: 1713322566
Via: cache15.l2de2[0,0,304-0,H], cache6.l2de2[0,0], ens-cache18.se2[0,0,200-0,H], ens-cache3.se2[0,0]
Vary: Accept-Encoding
Last-Modified: Thu, 08 Jun 2023 02:24:34 GMT
x-oss-hash-crc64ecma: 5143829838470429443
Content-Encoding: gzip
Age: 710938
X-Cache: HIT TCP_MEM_HIT dirn:10:322730086
X-Swift-SaveTime: Wed, 17 Apr 2024 02:56:06 GMT
X-Swift-CacheTime: 1296000
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
EagleId: 2ff62c9717140335045316016e
sdk.51.la/js-sdk-pro.min.js
47.246.44.240200 OK 13 kB URL GET HTTP/1.1 sdk.51.la/js-sdk-pro.min.js
IP 47.246.44.240:80
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (34110)
Hash 24bb520e9517f2ed3ed987b46aeaf723
846723563d7dd2bff3954f93633b11af0103adc8
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript
Content-Length: 12846
Connection: keep-alive
Date: Wed, 17 Apr 2024 02:56:06 GMT
x-oss-request-id: 661F3A46A554993430118686
x-oss-cdn-auth: success
Accept-Ranges: bytes
x-oss-object-type: Normal
x-oss-storage-class: Standard
Content-MD5: JLtSDpUX8u0+2Ye0aur3Iw==
x-oss-server-time: 3
Ali-Swift-Global-Savetime: 1713322566
Via: cache15.l2de2[0,0,304-0,H], cache6.l2de2[0,0], ens-cache18.se2[0,0,200-0,H], ens-cache19.se2[0,0]
Vary: Accept-Encoding
Last-Modified: Thu, 08 Jun 2023 02:24:34 GMT
x-oss-hash-crc64ecma: 5143829838470429443
Content-Encoding: gzip
Age: 710938
X-Cache: HIT TCP_MEM_HIT dirn:10:322730086
X-Swift-SaveTime: Wed, 17 Apr 2024 02:56:06 GMT
X-Swift-CacheTime: 1296000
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
EagleId: 2ff62ca717140335045317293e
dozf.top/static/image/bg1.png
199.188.105.67404 Not Found 146 B URL GET HTTP/1.1 dozf.top/static/image/bg1.png
IP 199.188.105.67:80
File type HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/image/bg1.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 25 Apr 2024 08:25:04 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
sdk.51.la/js-sdk-pro.min.js
47.246.44.240200 OK 13 kB URL GET HTTP/1.1 sdk.51.la/js-sdk-pro.min.js
IP 47.246.44.240:80
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (34110)
Hash 24bb520e9517f2ed3ed987b46aeaf723
846723563d7dd2bff3954f93633b11af0103adc8
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript
Content-Length: 12846
Connection: keep-alive
Date: Wed, 17 Apr 2024 02:56:06 GMT
x-oss-request-id: 661F3A46A554993430118686
x-oss-cdn-auth: success
Accept-Ranges: bytes
x-oss-object-type: Normal
x-oss-storage-class: Standard
Content-MD5: JLtSDpUX8u0+2Ye0aur3Iw==
x-oss-server-time: 3
Ali-Swift-Global-Savetime: 1713322566
Via: cache15.l2de2[0,0,304-0,H], cache6.l2de2[0,0], ens-cache18.se2[0,0,200-0,H], ens-cache15.se2[0,0]
Vary: Accept-Encoding
Last-Modified: Thu, 08 Jun 2023 02:24:34 GMT
x-oss-hash-crc64ecma: 5143829838470429443
Content-Encoding: gzip
Age: 710938
X-Cache: HIT TCP_MEM_HIT dirn:10:322730086
X-Swift-SaveTime: Wed, 17 Apr 2024 02:56:06 GMT
X-Swift-CacheTime: 1296000
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
EagleId: 2ff62ca317140335045363998e
dozf.top/temp/31/static/image/ico_search_arrow.png
199.188.105.67200 OK 1.1 kB URL GET HTTP/1.1 dozf.top/temp/31/static/image/ico_search_arrow.png
IP 199.188.105.67:80
File type PNG image data, 12 x 6, 8-bit/color RGBA, non-interlaced
Hash 50f2bcdf46ffcb9a0ad2133f8aeeef8a
c2aaec1cace9550edebabb504ca93203b761c104
dbf6270e9f43bdfe18a7427153d95c0537ce1a229d45afb690fa754903253851
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/image/ico_search_arrow.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/static/css/index.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:04 GMT
Content-Type: image/png
Content-Length: 1058
Last-Modified: Fri, 21 Apr 2023 02:37:18 GMT
Connection: keep-alive
ETag: "6441f6de-422"
Expires: Sat, 25 May 2024 08:25:04 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/scripts/lib/i18n/bundle/Messages_zh.properties?_=1714033503520
199.188.105.67404 Not Found 146 B URL GET HTTP/1.1 dozf.top/scripts/lib/i18n/bundle/Messages_zh.properties?_=1714033503520
IP 199.188.105.67:80
File type HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /scripts/lib/i18n/bundle/Messages_zh.properties?_=1714033503520 HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/plain, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 25 Apr 2024 08:25:04 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
dozf.top/temp/31/static/image/btn_quickly_reg.png
199.188.105.67200 OK 2.7 kB URL GET HTTP/1.1 dozf.top/temp/31/static/image/btn_quickly_reg.png
IP 199.188.105.67:80
File type PNG image data, 105 x 43, 8-bit colormap, non-interlaced
Hash 39b25d34ba15e6266cc25a19f5aada1e
1c119d8ac60cee59f8b1de23081c37f6a1a9b636
7c8394cb79a0528ee2278c2f500718404ae18e2fdbc79a976c8b32fa6aa56a6c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/image/btn_quickly_reg.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/static/css/index_service.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:04 GMT
Content-Type: image/png
Content-Length: 2650
Last-Modified: Fri, 21 Apr 2023 02:37:14 GMT
Connection: keep-alive
ETag: "6441f6da-a5a"
Expires: Sat, 25 May 2024 08:25:04 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/image/contact.png
199.188.105.67200 OK 1.5 kB URL GET HTTP/1.1 dozf.top/temp/31/static/image/contact.png
IP 199.188.105.67:80
File type PNG image data, 22 x 22, 8-bit/color RGBA, non-interlaced
Hash 77b162eeb6581eeac1329c86b23f4375
789dad1e62b5af8f76050fe1608d27d406cb82b1
189f56637863e75d71a5415cce9391aa3a2b40f2ea7d1a10f495cf0264436c05
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/image/contact.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/static/css/site.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:04 GMT
Content-Type: image/png
Content-Length: 1503
Last-Modified: Fri, 21 Apr 2023 02:37:16 GMT
Connection: keep-alive
ETag: "6441f6dc-5df"
Expires: Sat, 25 May 2024 08:25:04 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/image/more-nation.png
199.188.105.67200 OK 1.3 kB URL GET HTTP/1.1 dozf.top/temp/31/static/image/more-nation.png
IP 199.188.105.67:80
File type PNG image data, 19 x 18, 8-bit/color RGBA, non-interlaced
Hash 2e2ac9529cb02d2c272c70db96d257da
828d1b8df164b76eccfd2253260bfb496488dd41
35b578e8dc2ddce4ee6e44a69da4f38717e14328f7ff5078d47fa34399656d9e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/image/more-nation.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/static/css/site.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:04 GMT
Content-Type: image/png
Content-Length: 1336
Last-Modified: Fri, 21 Apr 2023 02:37:18 GMT
Connection: keep-alive
ETag: "6441f6de-538"
Expires: Sat, 25 May 2024 08:25:04 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/image/bg_trademark.jpg
199.188.105.67200 OK 4.4 kB URL GET HTTP/1.1 dozf.top/temp/31/static/image/bg_trademark.jpg
IP 199.188.105.67:80
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1190x640, components 3
Hash 692a25465f8c6ace7780d7d3967fb2e9
ad84651f1e04176adc44055ef929e45ec9c2a7e8
0ae9c82eeddb3a77c2488a03c6483c66c508cc54523af43a00ba74fcf231ecb3
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/image/bg_trademark.jpg HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/static/css/index.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:04 GMT
Content-Type: image/jpeg
Content-Length: 4442
Last-Modified: Fri, 21 Apr 2023 02:37:18 GMT
Connection: keep-alive
ETag: "6441f6de-115a"
Expires: Sat, 25 May 2024 08:25:04 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/img_trademark_jp.jpg
199.188.105.67200 OK 14 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/img_trademark_jp.jpg
IP 199.188.105.67:80
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 393x242, components 3
Hash 8833a6b3ad9aec2e0aadb2aaa1ccf7ad
f3608a693e4131a77cc4678917d12b5e001e3587
a864d380f69927de7b2b295d28e5b8219842044b4a94e6548fa9d2056c88c49b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/img_trademark_jp.jpg HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:04 GMT
Content-Type: image/jpeg
Content-Length: 14051
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-36e3"
Expires: Sat, 25 May 2024 08:25:04 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/img_trademark_eu.jpg
199.188.105.67200 OK 11 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/img_trademark_eu.jpg
IP 199.188.105.67:80
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 393x242, components 3
Hash 682fa2fb87418839f54d67c9ac96b23a
9802d1f54df35144a951dddda644fd7c4d2e66bf
4f80c12ace2fc1e94a5e79d6e87a6d6170c022ca5194bed1c1a1699dc62fb2c3
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/img_trademark_eu.jpg HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:04 GMT
Content-Type: image/jpeg
Content-Length: 11368
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-2c68"
Expires: Sat, 25 May 2024 08:25:04 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/proxy/platform/channel/addChannelVisit?random=0.64158334871146&channelId=103544&promotionType=&pageUrl=http%3A%2F%2Fdozf.top%2F&referrerUrl=&terminalType=1&token=&browser=FIREFOX
199.188.105.67404 Not Found 146 B URL GET HTTP/1.1 dozf.top/proxy/platform/channel/addChannelVisit?random=0.64158334871146&channelId=103544&promotionType=&pageUrl=http%3A%2F%2Fdozf.top%2F&referrerUrl=&terminalType=1&token=&browser=FIREFOX
IP 199.188.105.67:80
File type HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /proxy/platform/channel/addChannelVisit?random=0.64158334871146&channelId=103544&promotionType=&pageUrl=http%3A%2F%2Fdozf.top%2F&referrerUrl=&terminalType=1&token=&browser=FIREFOX HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 25 Apr 2024 08:25:04 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
dozf.top/proxy/platform/trademark/getBelongedIndustry?random=0.4896189121033302&token=null&callback=callback3558&_=1714033503521
199.188.105.67404 Not Found 146 B URL GET HTTP/1.1 dozf.top/proxy/platform/trademark/getBelongedIndustry?random=0.4896189121033302&token=null&callback=callback3558&_=1714033503521
IP 199.188.105.67:80
File type HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /proxy/platform/trademark/getBelongedIndustry?random=0.4896189121033302&token=null&callback=callback3558&_=1714033503521 HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded charset=utf-8
token: null
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 25 Apr 2024 08:25:04 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
dozf.top/proxy/platform/trademark/getFirstClassCategory?random=0.21333197537063708&token=null&callback=callback750&_=1714033503522
199.188.105.67404 Not Found 146 B URL GET HTTP/1.1 dozf.top/proxy/platform/trademark/getFirstClassCategory?random=0.21333197537063708&token=null&callback=callback750&_=1714033503522
IP 199.188.105.67:80
File type HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /proxy/platform/trademark/getFirstClassCategory?random=0.21333197537063708&token=null&callback=callback750&_=1714033503522 HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded charset=utf-8
token: null
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 25 Apr 2024 08:25:04 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
dozf.top/temp/31/static/picture/img_trademark_us1.png
199.188.105.67200 OK 76 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/img_trademark_us1.png
IP 199.188.105.67:80
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=242, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=393], progressive, precision 8, 393x242, components 3
Hash b512e954395508cb5205fdc85a5f17dc
974cacf8b3080b80024ed99378a107dd694a84c9
9c72b6c7f2cbd8947f984bbd518bb1cbd80939fafa3af4d52d6a81040cd13a64
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/img_trademark_us1.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:04 GMT
Content-Type: image/png
Content-Length: 75841
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-12841"
Expires: Sat, 25 May 2024 08:25:04 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/proxy/platform/order/intlFees/trademark?random=0.017841553075820027&token=null&callback=callback4254&category=3&applyArea=US&serviceType=NORMAL&trademarkDesign=0&trademarkSeek=1&purchaseNum=1&type=OVERSEAS&_=1714033503523
199.188.105.67404 Not Found 146 B URL GET HTTP/1.1 dozf.top/proxy/platform/order/intlFees/trademark?random=0.017841553075820027&token=null&callback=callback4254&category=3&applyArea=US&serviceType=NORMAL&trademarkDesign=0&trademarkSeek=1&purchaseNum=1&type=OVERSEAS&_=1714033503523
IP 199.188.105.67:80
File type HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /proxy/platform/order/intlFees/trademark?random=0.017841553075820027&token=null&callback=callback4254&category=3&applyArea=US&serviceType=NORMAL&trademarkDesign=0&trademarkSeek=1&purchaseNum=1&type=OVERSEAS&_=1714033503523 HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded charset=utf-8
token: null
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 25 Apr 2024 08:25:04 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
dozf.top/include/checkIn.html
199.188.105.67200 OK 29 kB URL GET HTTP/1.1 dozf.top/include/checkIn.html
IP 199.188.105.67:80
File type HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF, LF line terminators
Hash b1280ac0935cc29401b42c7bec02932b
915e38c222153bfdfff94a8998c6233fa443459f
92764a54eed6f8c36372e5b271e5d6992c15f21ed1d258e5e1ac14035e370fc5
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /include/checkIn.html HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:04 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
dozf.top/proxy/platform/cacheData/get/byClassKey?random=0.6954407295619814&classKey=KEY_AUTHORIZE_AFFICHE
199.188.105.67404 Not Found 146 B URL GET HTTP/1.1 dozf.top/proxy/platform/cacheData/get/byClassKey?random=0.6954407295619814&classKey=KEY_AUTHORIZE_AFFICHE
IP 199.188.105.67:80
File type HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /proxy/platform/cacheData/get/byClassKey?random=0.6954407295619814&classKey=KEY_AUTHORIZE_AFFICHE HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json
token:
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 25 Apr 2024 08:25:04 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
dozf.top/temp/31/static/picture/img_trademark_process_us.png
199.188.105.67200 OK 4.2 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/img_trademark_process_us.png
IP 199.188.105.67:80
File type PNG image data, 1070 x 50, 8-bit colormap, non-interlaced
Hash 7990a4406fd2556b3f15976a547edf63
3831427694dcc07f4d79fc79eb711abbbc93a391
98bf1c80acea14541d5dc33147c2aeec581b4fc21a96b54df9de84ce5cace922
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/img_trademark_process_us.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:04 GMT
Content-Type: image/png
Content-Length: 4227
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-1083"
Expires: Sat, 25 May 2024 08:25:04 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/img_trademark_kr.png
199.188.105.67200 OK 6.3 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/img_trademark_kr.png
IP 199.188.105.67:80
File type PNG image data, 150 x 93, 8-bit colormap, non-interlaced
Hash 0773ae56f5ae8f58dd45ece1021e499d
10e693cf6d1d8558403be0b78aed574c775f7f4b
75b5eec60a7b9ede1a1694a4c3832cab90a6ffe714453713dba1fd537cf28ac8
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/img_trademark_kr.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:04 GMT
Content-Type: image/png
Content-Length: 6271
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-187f"
Expires: Sat, 25 May 2024 08:25:04 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/img_trademark_in.png
199.188.105.67200 OK 7.0 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/img_trademark_in.png
IP 199.188.105.67:80
File type PNG image data, 150 x 93, 8-bit colormap, non-interlaced
Hash 53a533c0f682dc26810db3e85342c9eb
89fd82b97086932fb8370d9f7e97952da797a93b
c3410f3c9c85266b6f23d13f009ce91ba207e957db828b9ed25e566a18275b60
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/img_trademark_in.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:04 GMT
Content-Type: image/png
Content-Length: 7027
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-1b73"
Expires: Sat, 25 May 2024 08:25:04 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/img_trademark_au.png
199.188.105.67200 OK 6.0 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/img_trademark_au.png
IP 199.188.105.67:80
File type PNG image data, 150 x 93, 8-bit colormap, non-interlaced
Hash 3c279ab81a16e5510a2bcd081496e30c
0d6d66f682739538c7441791c4b3099cb974095f
a8c5620bc194ed581a54747a5e15026070a378cbf45e5519340a1e1ddf4d68c1
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/img_trademark_au.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:05 GMT
Content-Type: image/png
Content-Length: 5970
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-1752"
Expires: Sat, 25 May 2024 08:25:05 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/img_trademark_gb.png
199.188.105.67200 OK 6.4 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/img_trademark_gb.png
IP 199.188.105.67:80
File type PNG image data, 150 x 93, 8-bit colormap, non-interlaced
Hash dfeacf7f0dc70cb9a091a038e87dfdab
a19bdf57e66405704316fd04cb0140751b29cb2a
0f1d8234c974991ba3a3ceb6c61c5cee46043b9b09e878646765140e1933bfa3
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/img_trademark_gb.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:05 GMT
Content-Type: image/png
Content-Length: 6398
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-18fe"
Expires: Sat, 25 May 2024 08:25:05 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/img_trademark_hk.png
199.188.105.67200 OK 7.5 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/img_trademark_hk.png
IP 199.188.105.67:80
File type PNG image data, 150 x 93, 8-bit colormap, non-interlaced
Hash 49df12dfc25bb334651943203adb794e
9d44848043674df2e7749755e73ae4e4fd4ea4a4
bd2856f4ea8b4e5fa71366adb14e5a6b066b5b186b4f2cc132782948ce239298
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/img_trademark_hk.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:05 GMT
Content-Type: image/png
Content-Length: 7455
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-1d1f"
Expires: Sat, 25 May 2024 08:25:05 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/img_trademark_tw.png
199.188.105.67200 OK 5.9 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/img_trademark_tw.png
IP 199.188.105.67:80
File type PNG image data, 150 x 93, 8-bit colormap, non-interlaced
Hash 03b142d3912ed33bd4b9b0195a43947f
8bbc8993672e1f401e5bb647d9fc7a092a67fb68
70364a82f157633c675797edf99e9b0c17d54bc91b7c675134a0ef1ddbb34382
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/img_trademark_tw.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:05 GMT
Content-Type: image/png
Content-Length: 5911
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-1717"
Expires: Sat, 25 May 2024 08:25:05 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/img_trademark_more.png
199.188.105.67200 OK 2.5 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/img_trademark_more.png
IP 199.188.105.67:80
File type PNG image data, 150 x 94, 8-bit colormap, non-interlaced
Hash fc7911802b4d30b661ef22843a60f23b
e6076326ae5bd5e446ef73a4f474ab6d867a1154
b91a71a1a97cd86ad7ccb89a616f18b6b083f9aefc0822aa7853a2b3764d0121
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/img_trademark_more.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:05 GMT
Content-Type: image/png
Content-Length: 2480
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-9b0"
Expires: Sat, 25 May 2024 08:25:05 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/imgCodeIframe.html
199.188.105.67200 OK 28 kB URL GET HTTP/1.1 dozf.top/temp/31/imgCodeIframe.html
IP 199.188.105.67:80
File type HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF, LF line terminators
Hash 9dd0a4c9db5e0f01340fda46279b084a
acb6d3a511442cdea6b7f5a7dcfb9b4c47922529
0b81573df4f93f4be60f9f0e98d45cca279577a3bfc59afaa86c0e66d7e576c6
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/imgCodeIframe.html HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:05 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
dozf.top/temp/31/static/js/gomobilesite.js?_=1714033503524
199.188.105.67200 OK 528 B URL GET HTTP/1.1 dozf.top/temp/31/static/js/gomobilesite.js?_=1714033503524
IP 199.188.105.67:80
File type C source, ASCII text, with very long lines (1059), with no line terminators
Hash d05ce3ae99da5fa5a40177175e3217af
3c3d7bd7c16400d0ece76596b6bccf407e75b1d6
ff54cf288625c430d2bfc3d5a1b267ce2836bb29ef35c8fa233dea7da87ba734
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/gomobilesite.js?_=1714033503524 HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:05 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-423"
Expires: Thu, 25 Apr 2024 20:25:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/picture/brand_subsidize11.png
199.188.105.67200 OK 62 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/brand_subsidize11.png
IP 199.188.105.67:80
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=104, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=1190], baseline, precision 8, 1190x104, components 3
Hash 9c5b012edb48ff5829f7b815e050ece5
05b5922666235fe83a5acc0a7c53bcd33ed45ebf
b1da4fbcb13d1014f4f4815d76a053c372c1792b0a92b0d9ba8139304c4faec2
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/brand_subsidize11.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:05 GMT
Content-Type: image/png
Content-Length: 62273
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-f341"
Expires: Sat, 25 May 2024 08:25:05 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/intd-us.jpg
199.188.105.67200 OK 4.0 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/intd-us.jpg
IP 199.188.105.67:80
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 288x196, components 3
Hash f373a32e260c95f2661025b137dfb2c9
b7dc2f34759123a9185a47b583a8b2055a3cdd4a
dac7ea3b28a423c3c58041b50208de6668e7641546d4c193543ca262ac789846
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/intd-us.jpg HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:05 GMT
Content-Type: image/jpeg
Content-Length: 3987
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-f93"
Expires: Sat, 25 May 2024 08:25:05 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
collect-v6.51.la/v6/collect?dt=4
203.107.86.226403 0 B URL POST HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP 203.107.86.226:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 470
Origin: http://dozf.top
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403
Date: Thu, 25 Apr 2024 08:25:05 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: aliyungf_tc=77d2367bf02c4ffef0b4a2e46816c3855e537889af6d78faa3315a1f6dc1d416; Path=/; HttpOnly
acw_tc=ac11000117140335051648952e68ca825663c87b85d3bb79433d11ec3a8a5d;path=/;HttpOnly;Max-Age=1800
Server: nginx
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://dozf.top
Access-Control-Allow-Credentials: true
collect-v6.51.la/v6/collect?dt=4
203.107.86.226403 0 B URL POST HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP 203.107.86.226:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 471
Origin: http://dozf.top
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403
Date: Thu, 25 Apr 2024 08:25:05 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: aliyungf_tc=d1d9659768b8dd92c424db2892d30724f795b0d6db3fbee9ee698a2e8d61ef9f; Path=/; HttpOnly
acw_tc=ac11000117140335051741456e3aeab2ab1bb0526b352eebe0283f411c7da6;path=/;HttpOnly;Max-Age=1800
Server: nginx
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://dozf.top
Access-Control-Allow-Credentials: true
collect-v6.51.la/v6/collect?dt=4
203.107.86.226403 0 B URL POST HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP 203.107.86.226:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 471
Origin: http://dozf.top
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403
Date: Thu, 25 Apr 2024 08:25:05 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: aliyungf_tc=8368b99eedbff519ed69f3c440826e78466eb0dbeb9254d2fa90a8a732d84643; Path=/; HttpOnly
acw_tc=ac11000117140335051566025ee11620a1f9663de22d99947ae1047db7d4ad;path=/;HttpOnly;Max-Age=1800
Server: nginx
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://dozf.top
Access-Control-Allow-Credentials: true
dozf.top/temp/31/static/js/gomobilesite.js
199.188.105.67200 OK 528 B URL GET HTTP/1.1 dozf.top/temp/31/static/js/gomobilesite.js
IP 199.188.105.67:80
File type C source, ASCII text, with very long lines (1059), with no line terminators
Hash d05ce3ae99da5fa5a40177175e3217af
3c3d7bd7c16400d0ece76596b6bccf407e75b1d6
ff54cf288625c430d2bfc3d5a1b267ce2836bb29ef35c8fa233dea7da87ba734
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/gomobilesite.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:05 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-423"
Expires: Thu, 25 Apr 2024 20:25:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/picture/brand_subsidize10.png
199.188.105.67200 OK 62 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/brand_subsidize10.png
IP 199.188.105.67:80
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=104, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=1190], baseline, precision 8, 1190x104, components 3
Hash c470a1722df34324a170f6a14e53e83e
08a02d6626db750a8ed844f2541fbc844f65f20f
a5be5a276c8f731e1052fea435f2beb8592acffaeaad9ea02c40be3b90708554
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/brand_subsidize10.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:05 GMT
Content-Type: image/png
Content-Length: 62209
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-f301"
Expires: Sat, 25 May 2024 08:25:05 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/brand_subsidize12.png
199.188.105.67200 OK 66 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/brand_subsidize12.png
IP 199.188.105.67:80
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=104, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=1190], baseline, precision 8, 1190x104, components 3
Hash 2d6823bab2b8f847093774c6e22213a5
56fa5fd5dd4d3a7ed4d222c604ef4072f70fbe6a
23a68fe8c8d5e73fb267e439f8b801c25d46d51f595ba9c75f8dcf8577cbb313
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/brand_subsidize12.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:05 GMT
Content-Type: image/png
Content-Length: 66516
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-103d4"
Expires: Sat, 25 May 2024 08:25:05 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/css/bootstrap.min.css
199.188.105.67200 OK 24 kB URL GET HTTP/1.1 dozf.top/temp/31/static/css/bootstrap.min.css
IP 199.188.105.67:80
File type ASCII text, with very long lines (65367), with CRLF line terminators
Hash f26a787606baf622576953f2a6ed6012
32711edd7ff4997f09067977962ff3a54f591560
b6f9af7ea54aec472df3d1b9642e90a78ca0e45e074edd87d3cf465ff55812d9
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/css/bootstrap.min.css HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:05 GMT
Content-Type: text/css
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-1de87"
Expires: Thu, 25 Apr 2024 20:25:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/css/icon.css
199.188.105.67200 OK 15 kB URL GET HTTP/1.1 dozf.top/temp/31/static/css/icon.css
IP 199.188.105.67:80
File type ASCII text, with very long lines (35252), with no line terminators
Hash c346baed2321af29971f67eb61b2d51e
c6e8225866d9ff95283faaf22277a17b6051358b
eb2d67708082f9354d4724c11b1c6613d5d2fd6ee25481a559d00949259c1c7d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/css/icon.css HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:05 GMT
Content-Type: text/css
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-89b4"
Expires: Thu, 25 Apr 2024 20:25:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/css/public.css
199.188.105.67200 OK 13 kB URL GET HTTP/1.1 dozf.top/temp/31/static/css/public.css
IP 199.188.105.67:80
File type Unicode text, UTF-8 text, with very long lines (54326), with no line terminators
Hash 2a4f9e5d635615912a4f6686d5809103
51293b77746e8241471519eeac5b78c988b91ea0
54105adaf24974171a50bb004586d00624a55d9d3dffd82f65d24f4613cfbe34
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/css/public.css HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:05 GMT
Content-Type: text/css
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-d43a"
Expires: Thu, 25 Apr 2024 20:25:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
collect-v6.51.la/v6/collect?dt=4
203.107.86.226403 0 B URL POST HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP 203.107.86.226:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 472
Origin: http://dozf.top
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403
Date: Thu, 25 Apr 2024 08:25:05 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: aliyungf_tc=73d4471148cb75084d3079d87114a8161d1755528a90348cce3e66ddad137aff; Path=/; HttpOnly
acw_tc=ac11000117140335053865333ec5c8d1d4923bffd9207e88173035779ce3cc;path=/;HttpOnly;Max-Age=1800
Server: nginx
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://dozf.top
Access-Control-Allow-Credentials: true
dozf.top/temp/31/static/css/site.css
199.188.105.67200 OK 31 kB URL GET HTTP/1.1 dozf.top/temp/31/static/css/site.css
IP 199.188.105.67:80
File type ASCII text, with very long lines (65536), with no line terminators
Hash c30fe190ffbc7b960be976af18f94bb6
51e1bd9769845b5c44d7a704708e6081d6bee82d
ed83043ddb39105c6000b72bfa863e2a91fc8dad712459dd9c46fae3185df4f9
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/css/site.css HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:05 GMT
Content-Type: text/css
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-1b633"
Expires: Thu, 25 Apr 2024 20:25:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/imgCodeIframe.html
199.188.105.67200 OK 29 kB URL GET HTTP/1.1 dozf.top/temp/31/imgCodeIframe.html
IP 199.188.105.67:80
File type HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (309), with CRLF, LF line terminators
Hash 852b14ebe7ebbd9f24d73d1a46d32590
dcd623166bd094773e9c4579a5ebf59412d9a8d8
e0ac29afc6bfe1901b5328f655c27fc72bbf55b34209af64effc5a44e8d7c3af
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/imgCodeIframe.html HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:05 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
dozf.top/temp/31/static/css/animate.min.css
199.188.105.67200 OK 4.9 kB URL GET HTTP/1.1 dozf.top/temp/31/static/css/animate.min.css
IP 199.188.105.67:80
File type ASCII text, with very long lines (52592), with CRLF line terminators
Hash 9c511ec765c315b3fef704e1ee13d1d9
2175b6a0071009446598f541e21a67b30fee32a2
3e16d0301ff30cec5585f5ac7a6ce428c3302a9ce84ebc5d9f1b4793a63b5f49
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/css/animate.min.css HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:05 GMT
Content-Type: text/css
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-ce2e"
Expires: Thu, 25 Apr 2024 20:25:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/constant.js
199.188.105.67200 OK 776 B URL GET HTTP/1.1 dozf.top/temp/31/static/js/constant.js
IP 199.188.105.67:80
File type ASCII text, with very long lines (776), with no line terminators
Hash 72d3b3dd90d48f24e6c8bcb18851d2bd
43e1eaec51c1089244db2e35570dfd5df7f887cb
da90ce66a63ca4e019ec204aa94922feb68a1efb140b9f8b61ec234071e12e87
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/constant.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:05 GMT
Content-Type: application/javascript
Content-Length: 776
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Connection: keep-alive
ETag: "6441f6e0-308"
Expires: Thu, 25 Apr 2024 20:25:05 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
dozf.top/temp/31/static/js/jquery-1.11.3.min.js
199.188.105.67200 OK 38 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/jquery-1.11.3.min.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (32038), with CRLF line terminators
Hash 8e67452f561a3b8ee8a82fdf57672cd5
44d980c8f4d21057018d80398d574fa72aea1bc7
4e7e1c16e351e7bfc80cddef9f98e99113ddb0d1e201be00d53955fe62f0e523
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/jquery-1.11.3.min.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:05 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-176fd"
Expires: Thu, 25 Apr 2024 20:25:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/jquery.i18n.properties.min.js
199.188.105.67200 OK 2.5 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/jquery.i18n.properties.min.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (4926), with CRLF line terminators
Hash 180066afb0d53d40297af991c0a737d9
f16092fde04f92c676f1c1a8a8546912bf394d94
fa2892641af9d2e42b32354e773390d3a65a87c064507fb79bcf00a728a1e182
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/jquery.i18n.properties.min.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:05 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-15c1"
Expires: Thu, 25 Apr 2024 20:25:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/i18n.js
199.188.105.67200 OK 358 B URL GET HTTP/1.1 dozf.top/temp/31/static/js/i18n.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (358), with no line terminators
Hash db6a5f06deac4d03aee4359cfc3c9220
2aef07055c57f554be03977af21f672693a3a0ab
1537bfa37451c0c74b237edaceac54b79a1f3649a5790ba5e1589e3b8aca8f26
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/i18n.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:05 GMT
Content-Type: application/javascript
Content-Length: 358
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Connection: keep-alive
ETag: "6441f6e0-166"
Expires: Thu, 25 Apr 2024 20:25:05 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
dozf.top/temp/31/static/js/lhgdialog.min.js
199.188.105.67200 OK 10 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/lhgdialog.min.js
IP 199.188.105.67:80
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (17965), with CRLF line terminators
Hash 2e8fa135e4cbbc073cb4de8215c3d79a
8547a67692391d0b86210c35d12d49340685ae04
a06d9ea4e0b3a007fee504aa5a85dc841939403594326a0bde625bbb0b1901a8
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/lhgdialog.min.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:05 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-4df0"
Expires: Thu, 25 Apr 2024 20:25:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/jquery.cookie.js
199.188.105.67200 OK 709 B URL GET HTTP/1.1 dozf.top/temp/31/static/js/jquery.cookie.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (1302), with no line terminators
Hash 513971b7e720860e15e240db85c1d106
598184243ba67acc06a3341c91aa7cd4a9ceb344
25699b04e11fb0a1ed972df8b0e5a384cf70ff41249ffc0b885ccfaa58b9503f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/jquery.cookie.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:05 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-516"
Expires: Thu, 25 Apr 2024 20:25:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/patentenum.js
199.188.105.67200 OK 28 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/patentenum.js
IP 199.188.105.67:80
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1702632f848dced081eec813318e481d
455374c1d250ace1140e8d71a273b09f9b8d793d
3ecb8ccc9e116e31ae20b0b9f19ef13a4315360f6bf633df7a8ff8f0f3529086
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/patentenum.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:05 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-190b5"
Expires: Thu, 25 Apr 2024 20:25:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/public.js
199.188.105.67200 OK 21 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/public.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Hash 1862367fc61631f8c626b15e64cecf04
d4f0064bf8bb665bcd9abdeb20379c1b8832806c
3e38edff2f383f6d5f22f7646e1155abd7dc76e0cd334a84ac65706c438c58ac
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/public.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:05 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-1153c"
Expires: Thu, 25 Apr 2024 20:25:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
tb.53kf.com/code/code/7fc5cf450634f8bf612968ba9599257a0/1
159.138.20.15 38 kB URL GET tb.53kf.com/code/code/7fc5cf450634f8bf612968ba9599257a0/1
IP 159.138.20.15:0
Certificate IssuerDigiCert, Inc.
Subject*.53kf.com
Fingerprint3D:FD:F1:15:C2:A7:12:B4:C1:B2:F2:CB:B2:75:5F:F0:F9:4D:4C:49
ValidityTue, 13 Jun 2023 00:00:00 GMT - Wed, 12 Jun 2024 23:59:59 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (995), with CRLF, LF line terminators
Hash e23ba9b1dc7d3d1079e1fa093969eda1
7a8cc89df852fa13cbedea894d5b84e383e12372
1af137768598776f74fa9bfce012edc2b1a20d7d971526de98f4a3a78a5e26ef
GET /code/code/7fc5cf450634f8bf612968ba9599257a0/1 HTTP/1.1
Host: tb.53kf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 25 Apr 2024 08:25:05 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Vary: Accept-Encoding
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Encoding: gzip
Set-Cookie: guest_id=11990358334009; Expires=Tue, 1 Jan 2030 00:00:00 GMT; Domain=.53kf.com; Path=/
SESSION_COOKIE=mastertb2_1; path=/
Cache-control: private
dozf.top/temp/31/static/js/adobefont.js
199.188.105.67200 OK 647 B URL GET HTTP/1.1 dozf.top/temp/31/static/js/adobefont.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (647), with no line terminators
Hash 084141babdf91b3ede553b0ab7d02687
f23b4c3b65cb84e75de8f54a877d80f009eae91c
08aa3fda2a3fe1ca9cbbb9e527c21d7a59f50ed6f7b8d80175a05e2e68e110ac
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/adobefont.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:05 GMT
Content-Type: application/javascript
Content-Length: 647
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Connection: keep-alive
ETag: "6441f6e0-287"
Expires: Thu, 25 Apr 2024 20:25:05 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
dozf.top/temp/31/static/js/PcAjaxJson.js
199.188.105.67200 OK 1.2 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/PcAjaxJson.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (7251), with no line terminators
Hash d5806c7e50264ebd65aa003ec56fe805
927f6db451a4cdd1cdfdfa3cd2985b6f0c9c2f70
5801d0384ea130f38935cfd1f73ef5008aeb79a66c32054ffd8d4b8e4b191793
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/PcAjaxJson.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:05 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-1c53"
Expires: Thu, 25 Apr 2024 20:25:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/ajax.js
199.188.105.67200 OK 1.5 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/ajax.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (4019), with no line terminators
Hash d04cafc8343ab413a18e26fc9c61f771
193569283be1bbba648c296e5f2d4247379b5e12
3e024c78803ea6f52af53b98634bb86b53f2cea39874ce8f4f699891c462da76
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/ajax.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:05 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-fb3"
Expires: Thu, 25 Apr 2024 20:25:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/usermodel.js
199.188.105.67200 OK 805 B URL GET HTTP/1.1 dozf.top/temp/31/static/js/usermodel.js
IP 199.188.105.67:80
File type ASCII text, with very long lines (4066), with no line terminators
Hash e07256d9dfe02f5f71f307f869946d44
d1094da81cb43190cf4deb3e25a9e432e8e2d8e6
74e3c1d7c615a40573ef112bc464b56cebadc414366636a16665d48f04fc6ceb
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/usermodel.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:05 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-fe2"
Expires: Thu, 25 Apr 2024 20:25:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/userctrl.js
199.188.105.67200 OK 3.6 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/userctrl.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (13374), with no line terminators
Hash a5fe360266f38d844473e183b6bd8204
ff4963bd6d9339d07af26208cd0ca8374585b49d
9286cb1a8f3ad0b3e89696e8fa74d85631d1ec225a861b33201449cc37098218
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/userctrl.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:05 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-343e"
Expires: Thu, 25 Apr 2024 20:25:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/baiduhm.js
199.188.105.67200 OK 869 B URL GET HTTP/1.1 dozf.top/temp/31/static/js/baiduhm.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (869), with no line terminators
Hash 30705f79b7809d97add13fd76e538417
0082d9dc5f6e1f226d784ad6f5a190a6974407ca
f071e270ea57b80b083422d76c428f8127241213cbcad78f4b8501d217569fe7
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/baiduhm.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:05 GMT
Content-Type: application/javascript
Content-Length: 869
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Connection: keep-alive
ETag: "6441f6e0-365"
Expires: Thu, 25 Apr 2024 20:25:05 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
dozf.top/temp/31/static/css/banner.css
199.188.105.67200 OK 576 B URL GET HTTP/1.1 dozf.top/temp/31/static/css/banner.css
IP 199.188.105.67:80
File type ASCII text, with very long lines (1382), with no line terminators
Hash d56b4b805d6e547ea2d5032288c5bf93
6c531c8b756ab9caae7d4e80951b8370b4013e35
7fdef0d5de30588812454633b86bbc474404b065835c316a37301a0ce0c7122e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/css/banner.css HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:06 GMT
Content-Type: text/css
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-566"
Expires: Thu, 25 Apr 2024 20:25:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/css/index_service.css
199.188.105.67200 OK 1.8 kB URL GET HTTP/1.1 dozf.top/temp/31/static/css/index_service.css
IP 199.188.105.67:80
File type ASCII text, with very long lines (8778), with no line terminators
Hash 4e375cfe9f1de957351e7f9fc23d01cd
c60bd898a29b1c1309284d98eab9b390d1a740a6
c86a5d2d7fa8a59b3d14df90321db86b88b2a8733e20016575a04a487dfc5064
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/css/index_service.css HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:06 GMT
Content-Type: text/css
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-224a"
Expires: Thu, 25 Apr 2024 20:25:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/css/index.css
199.188.105.67200 OK 39 kB URL GET HTTP/1.1 dozf.top/temp/31/static/css/index.css
IP 199.188.105.67:80
File type ASCII text, with very long lines (65536), with no line terminators
Hash 458a682924be180e86c95c7f6d7377eb
02fed0cc8be4eba88679d3350b0903f9855b3cc1
08147f48c624abc1e59e793fb4a545e4f7b888d9fd3867a144d4e79aad670e85
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/css/index.css HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:06 GMT
Content-Type: text/css
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-1377e"
Expires: Thu, 25 Apr 2024 20:25:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/tongji.js?yN0OW
199.188.105.67 424 B IP 199.188.105.67:0
File type HTML document, ASCII text, with very long lines (554)
Hash 2670717a4f5405f69e14291c7c42264e
257ccf0465b11ede72971fb2e04eaa0cd7e69d3e
90ad5b193f0d1cefd3b99b9214f14ff03e946ce43471459272c9e40275f9ec64
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /tongji.js?yN0OW HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:06 GMT
Content-Type: application/javascript
Last-Modified: Sun, 31 Mar 2024 12:18:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6609549b-455"
Expires: Thu, 25 Apr 2024 20:25:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/baish.js?U35V5
199.188.105.67 381 B IP 199.188.105.67:0
File type JavaScript source, ASCII text
Hash c54822212c05910c3af32d285d8434c9
4682b179821b08ba9076cbd0ea2b7e734b190ca4
bd87b277ab23a31f82c177ae878c76ec0f927129a20468de02850ea267d8e4e6
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /baish.js?U35V5 HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:06 GMT
Content-Type: application/javascript
Last-Modified: Sun, 03 Mar 2024 00:22:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65e3c2ca-56e"
Expires: Thu, 25 Apr 2024 20:25:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/baiss.js?VN
199.188.105.67 1.0 kB IP 199.188.105.67:0
File type JavaScript source, ASCII text, with very long lines (554)
Hash b1532a30ee430c2c3769c9b89f3b11d9
8e1e66d40ea487482904451aa5a7dc0b19520382
26e5a18730cdf3377b29995aea426f105fbe02129ccef6b06baa5ada420cb3bf
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /baiss.js?VN HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:06 GMT
Content-Type: application/javascript
Last-Modified: Mon, 22 Apr 2024 09:56:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6626344e-97e"
Expires: Thu, 25 Apr 2024 20:25:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/css/top.css
199.188.105.67200 OK 1.8 kB URL GET HTTP/1.1 dozf.top/temp/31/static/css/top.css
IP 199.188.105.67:80
File type ASCII text, with very long lines (5890), with no line terminators
Hash b7c7d1797867c70ef05f7fbf2e1edf3f
436ae5b05fedcb88071c0b7d85d063b1eaabfe6d
d054d5c9ea86060f9b428cd62c42a30fabc0017332a91b2f55afd1ae34b354f0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/css/top.css HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:06 GMT
Content-Type: text/css
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-1702"
Expires: Thu, 25 Apr 2024 20:25:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/top.js
199.188.105.67200 OK 5.0 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/top.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (14060), with no line terminators
Hash 1a0f98974e63b6ad4969e3866eaf2ca3
578052c08f483755311fec541e9925ea5839d9f4
71800e3fac2a56c558ba6bf86cb4b479084abb3210984412d186f359347007fb
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/top.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:06 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-36ec"
Expires: Thu, 25 Apr 2024 20:25:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/upload-1.0.js
199.188.105.67200 OK 3.0 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/upload-1.0.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (8640), with no line terminators
Hash 073dbe0549486b9fc3f7d7fe0d5a457b
bb04b103699588bdf1689eea0f911df0210748e2
ac37992e0475f316ad7071856949d6f115faf5b806592439ec84575a351cf41a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/upload-1.0.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:06 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-21c0"
Expires: Thu, 25 Apr 2024 20:25:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/myidea_dialog.js
199.188.105.67200 OK 1.4 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/myidea_dialog.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (3039), with no line terminators
Hash 530e1797c729896c7a1ca9ea7dc45217
9679d785ecf3ae8fa57a465a2e88a190a284a91d
4f35486b295c89ea5fa066760862a088aaa4c6e2d9d5e4f926ba4e05437bc464
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/myidea_dialog.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:06 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-bdf"
Expires: Thu, 25 Apr 2024 20:25:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/fixed.js
199.188.105.67200 OK 1.5 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/fixed.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (3561), with no line terminators
Hash b355ea7d57b1f89d7a1713847e9ea3b9
774829175626aed498e97b850e61bca1fc0463ca
e8ae3f56489e1e9100e6d9b34a79223d38272a4f695dbf5e1bf993f8b2dcbb59
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/fixed.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:06 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-de9"
Expires: Thu, 25 Apr 2024 20:25:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/channel.js
199.188.105.67200 OK 1.1 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/channel.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (2601), with no line terminators
Hash 2f457b2e111106ab08bbe291ea1dd2ea
d800963a167fcd856d74d5017c9ee9cd80b4b1c7
1ec4d6d2bb7899dd67c8a85ddad84c495e5dc2d490a86648ca7703103b8c03fd
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/channel.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:06 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-a29"
Expires: Thu, 25 Apr 2024 20:25:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/css/budget_dialog.css
199.188.105.67200 OK 1.3 kB URL GET HTTP/1.1 dozf.top/temp/31/static/css/budget_dialog.css
IP 199.188.105.67:80
File type ASCII text, with very long lines (3892), with no line terminators
Hash b37cbebf9bbb11df4bc2fcf953f269c8
2e0160864e15d4ca6acffb5e1581a084a8355666
163d3e3a8967c403ba39ab26c07eaf3931149ff58a2e82fea2d2232d368b34b0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/css/budget_dialog.css HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:06 GMT
Content-Type: text/css
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-f34"
Expires: Thu, 25 Apr 2024 20:25:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/css/common.css
199.188.105.67200 OK 1.8 kB URL GET HTTP/1.1 dozf.top/temp/31/static/css/common.css
IP 199.188.105.67:80
File type ASCII text, with very long lines (6353), with no line terminators
Hash e88fcd1cb35df778fd253daa713bd048
c3db3a481f5543b5705236c39edd46feba09713f
4278df57de1b9e4f53c05bb4d856505a0a75cee308e26acc29ff757a66c4680a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/css/common.css HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:06 GMT
Content-Type: text/css
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-18d1"
Expires: Thu, 25 Apr 2024 20:25:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/budget_dialog.js
199.188.105.67200 OK 3.0 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/budget_dialog.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (9868), with no line terminators
Hash c32de2f81d4f6d235edd40da09939c84
9978adbf9c60a36d7253be089e18003c9c076f17
c6d4c69e07066d220f0c747fb0470af0186c7e062c51b4b5aa78306c4d16ec35
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/budget_dialog.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:06 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-268c"
Expires: Thu, 25 Apr 2024 20:25:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/bootstrap.min.js
199.188.105.67200 OK 11 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/bootstrap.min.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (32034), with CRLF line terminators
Hash 4356df370bab29993ef606510fa13477
3e58d6768df39de00d80e064c274ef66ed7cd336
eac180d02ab055056d85eb64bd71be9435b2c54385cc737447817762c7ba22b7
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/bootstrap.min.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:06 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-8fda"
Expires: Thu, 25 Apr 2024 20:25:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/site.js
199.188.105.67200 OK 1.5 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/site.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (3598), with no line terminators
Hash fd8c2e2dc3ef727b08e4483713e7f856
ad56888fb6c8ca35989410baa9154845dad73de2
4c5bb7195b41f04167ad0b4c832a27a83c8733e95e0a78f044084b73f83f2544
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/site.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:06 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-e0e"
Expires: Thu, 25 Apr 2024 20:25:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/onlinetel.js
199.188.105.67200 OK 1.7 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/onlinetel.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (3966), with no line terminators
Hash 34d5ee03852ab774d6c004b37670d967
c4549688ee46fb6d9ed589ae16679fbcbe8f8af0
778f226538b9460d397bd7c449efdc1146766b0b6ae9d569241e3d6a46b35b60
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/onlinetel.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:06 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-f7e"
Expires: Thu, 25 Apr 2024 20:25:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/css/login-box.css
199.188.105.67200 OK 1.8 kB URL GET HTTP/1.1 dozf.top/temp/31/static/css/login-box.css
IP 199.188.105.67:80
File type Unicode text, UTF-8 text, with very long lines (6010), with no line terminators
Hash e943f614e4a31c614ff647361682aa6f
fdf33709b7f9e229a8155240beeeea60d271af41
df16002daf31b20199431c33a1d678d7801ec776c857753063f291f52eb70062
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/css/login-box.css HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:06 GMT
Content-Type: text/css
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-1784"
Expires: Thu, 25 Apr 2024 20:25:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/md5.js
199.188.105.67200 OK 1.5 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/md5.js
IP 199.188.105.67:80
File type ASCII text, with very long lines (3517), with no line terminators
Hash 3451d7a59c75837a891bfad2456b227d
f011cef3699309d0af388989a1a6b79774d2e707
e1b21c15e1e22e2d7a0ad606400baeeeba8f56c9e03c6ac304b43675509d7225
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/md5.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:06 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-dbd"
Expires: Thu, 25 Apr 2024 20:25:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/login-box.js
199.188.105.67200 OK 2.6 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/login-box.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (6941), with no line terminators
Hash 2403cb07fa3882702183290ac1ff9785
1255a381eccafb90e32cea4a901b676f8e40fcb5
1ebe83ef6efd7a0a0e61fc8334009c9df8f9efd152550162800199ac3ad46c4a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/login-box.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:06 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-1b1d"
Expires: Thu, 25 Apr 2024 20:25:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/placeholder.js
199.188.105.67200 OK 921 B URL GET HTTP/1.1 dozf.top/temp/31/static/js/placeholder.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (2656), with no line terminators
Hash b3300bc6b179f572aa7ff84334f6f060
788b5cdaf2f9948ac7107e03c3a1ef37d6c1b960
1ba79f87a78b4e037b64abe49af70e9967a50ce96bc38848863d4a5e260f8b98
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/placeholder.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:06 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-a60"
Expires: Thu, 25 Apr 2024 20:25:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/Math.uuid.js
199.188.105.67200 OK 707 B URL GET HTTP/1.1 dozf.top/temp/31/static/js/Math.uuid.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (707), with no line terminators
Hash 0d9460efc0f33af00aa1ffd87095c852
31109c0fea7402c3acb2861845f951da13d02d2a
778dd0219e31903bc495a546afaa306a58c1c6718af5331965d85beabfcff5b9
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/Math.uuid.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:06 GMT
Content-Type: application/javascript
Content-Length: 707
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Connection: keep-alive
ETag: "6441f6e0-2c3"
Expires: Thu, 25 Apr 2024 20:25:06 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
dozf.top/temp/31/static/js/countUp.js
199.188.105.67200 OK 1.4 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/countUp.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (3579), with no line terminators
Hash 2eed6206e893d6371474549b5b88bc59
bbab50b096df51855e968b78a50bb5a55fde0f5c
3e3ee06903afcde9116a7c3fd1c3c3b36e52269380dc4b6d647487cecfb76dd7
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/countUp.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:06 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-dfb"
Expires: Thu, 25 Apr 2024 20:25:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/indexsearch.js
199.188.105.67200 OK 2.6 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/indexsearch.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (7423), with no line terminators
Hash d2fa6cfcf48f2d21948bb088705d56b3
d2d9d86ad1498532186122d384eaa49eb2f11ee1
a25ff3fb68a6d0406cfa9bd07dec37566be81f268dddc20e83fe42c94117b471
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/indexsearch.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:06 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-1cff"
Expires: Thu, 25 Apr 2024 20:25:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/css/animations.css
199.188.105.67200 OK 6.2 kB URL GET HTTP/1.1 dozf.top/temp/31/static/css/animations.css
IP 199.188.105.67:80
File type ASCII text, with very long lines (55947), with CRLF line terminators
Hash 29e8241c4e42a036b44ce5cecbebc9dd
5913270d27db151e372766512699d227fe997793
7b1281b62daea5066cd02cac4f446e17d90f1010ca00c41515768a3a22a7d666
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/css/animations.css HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:06 GMT
Content-Type: text/css
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-df01"
Expires: Thu, 25 Apr 2024 20:25:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/animate-css3.js
199.188.105.67200 OK 621 B URL GET HTTP/1.1 dozf.top/temp/31/static/js/animate-css3.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (1286), with no line terminators
Hash 901d2d4c527e494ddf2b905d8ced152c
c3febcc9abbb46566952fcda6e019d37f5061f6f
26c2bc56fd150526fc43dc01ee0ddb64dc10dce70830e66cdc494a9a5ce112fc
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/animate-css3.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:06 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-506"
Expires: Thu, 25 Apr 2024 20:25:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/slider.js
199.188.105.67200 OK 768 B URL GET HTTP/1.1 dozf.top/temp/31/static/js/slider.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (1616), with no line terminators
Hash 1c09b1608a5ea47a0fa2e4a2d08d7c1f
e8cbc8dc1ac97e2f391a27f63f942eee9bd51ff9
4be32ffeb72a2be84a407396c79ebedc756663edd156ccd3624e8f48cb821b34
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/slider.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:06 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-650"
Expires: Thu, 25 Apr 2024 20:25:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/index.js
199.188.105.67200 OK 3.6 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/index.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (10091), with no line terminators
Hash 66ac60dd75a07a8ceaf316297c645373
3f90d17ed988481bdd47beff90aea5b5e59f319a
0c96a5988c4c4ac550956bef40a9b731b67bf864810b20a01af01a8c7837a4b9
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/index.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:06 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-276b"
Expires: Thu, 25 Apr 2024 20:25:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/constant.js?_=1714033503525
199.188.105.67200 OK 776 B URL GET HTTP/1.1 dozf.top/temp/31/static/js/constant.js?_=1714033503525
IP 199.188.105.67:80
File type ASCII text, with very long lines (776), with no line terminators
Hash 72d3b3dd90d48f24e6c8bcb18851d2bd
43e1eaec51c1089244db2e35570dfd5df7f887cb
da90ce66a63ca4e019ec204aa94922feb68a1efb140b9f8b61ec234071e12e87
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/constant.js?_=1714033503525 HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:06 GMT
Content-Type: application/javascript
Content-Length: 776
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Connection: keep-alive
ETag: "6441f6e0-308"
Expires: Thu, 25 Apr 2024 20:25:06 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
dozf.top/temp/31/static/css/icon.css
199.188.105.67200 OK 15 kB URL GET HTTP/1.1 dozf.top/temp/31/static/css/icon.css
IP 199.188.105.67:80
File type ASCII text, with very long lines (35252), with no line terminators
Hash c346baed2321af29971f67eb61b2d51e
c6e8225866d9ff95283faaf22277a17b6051358b
eb2d67708082f9354d4724c11b1c6613d5d2fd6ee25481a559d00949259c1c7d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/css/icon.css HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:06 GMT
Content-Type: text/css
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-89b4"
Expires: Thu, 25 Apr 2024 20:25:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/gomobilesite.js
199.188.105.67200 OK 528 B URL GET HTTP/1.1 dozf.top/temp/31/static/js/gomobilesite.js
IP 199.188.105.67:80
File type C source, ASCII text, with very long lines (1059), with no line terminators
Hash d05ce3ae99da5fa5a40177175e3217af
3c3d7bd7c16400d0ece76596b6bccf407e75b1d6
ff54cf288625c430d2bfc3d5a1b267ce2836bb29ef35c8fa233dea7da87ba734
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/gomobilesite.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:06 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-423"
Expires: Thu, 25 Apr 2024 20:25:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/constant.js
199.188.105.67200 OK 776 B URL GET HTTP/1.1 dozf.top/temp/31/static/js/constant.js
IP 199.188.105.67:80
File type ASCII text, with very long lines (776), with no line terminators
Hash 72d3b3dd90d48f24e6c8bcb18851d2bd
43e1eaec51c1089244db2e35570dfd5df7f887cb
da90ce66a63ca4e019ec204aa94922feb68a1efb140b9f8b61ec234071e12e87
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/constant.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:06 GMT
Content-Type: application/javascript
Content-Length: 776
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Connection: keep-alive
ETag: "6441f6e0-308"
Expires: Thu, 25 Apr 2024 20:25:06 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
dozf.top/temp/31/static/js/jquery.i18n.properties.min.js
199.188.105.67200 OK 2.5 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/jquery.i18n.properties.min.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (4926), with CRLF line terminators
Hash 180066afb0d53d40297af991c0a737d9
f16092fde04f92c676f1c1a8a8546912bf394d94
fa2892641af9d2e42b32354e773390d3a65a87c064507fb79bcf00a728a1e182
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/jquery.i18n.properties.min.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:06 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-15c1"
Expires: Thu, 25 Apr 2024 20:25:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/jquery-1.11.3.min.js
199.188.105.67200 OK 38 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/jquery-1.11.3.min.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (32038), with CRLF line terminators
Hash 8e67452f561a3b8ee8a82fdf57672cd5
44d980c8f4d21057018d80398d574fa72aea1bc7
4e7e1c16e351e7bfc80cddef9f98e99113ddb0d1e201be00d53955fe62f0e523
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/jquery-1.11.3.min.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:06 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-176fd"
Expires: Thu, 25 Apr 2024 20:25:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/i18n.js
199.188.105.67200 OK 358 B URL GET HTTP/1.1 dozf.top/temp/31/static/js/i18n.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (358), with no line terminators
Hash db6a5f06deac4d03aee4359cfc3c9220
2aef07055c57f554be03977af21f672693a3a0ab
1537bfa37451c0c74b237edaceac54b79a1f3649a5790ba5e1589e3b8aca8f26
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/i18n.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:06 GMT
Content-Type: application/javascript
Content-Length: 358
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Connection: keep-alive
ETag: "6441f6e0-166"
Expires: Thu, 25 Apr 2024 20:25:06 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
dozf.top/temp/31/static/js/lhgdialog.min.js
199.188.105.67200 OK 10 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/lhgdialog.min.js
IP 199.188.105.67:80
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (17965), with CRLF line terminators
Hash 2e8fa135e4cbbc073cb4de8215c3d79a
8547a67692391d0b86210c35d12d49340685ae04
a06d9ea4e0b3a007fee504aa5a85dc841939403594326a0bde625bbb0b1901a8
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/lhgdialog.min.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:06 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-4df0"
Expires: Thu, 25 Apr 2024 20:25:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/jquery.cookie.js
199.188.105.67200 OK 709 B URL GET HTTP/1.1 dozf.top/temp/31/static/js/jquery.cookie.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (1302), with no line terminators
Hash 513971b7e720860e15e240db85c1d106
598184243ba67acc06a3341c91aa7cd4a9ceb344
25699b04e11fb0a1ed972df8b0e5a384cf70ff41249ffc0b885ccfaa58b9503f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/jquery.cookie.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:06 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-516"
Expires: Thu, 25 Apr 2024 20:25:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/patentenum.js
199.188.105.67200 OK 28 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/patentenum.js
IP 199.188.105.67:80
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1702632f848dced081eec813318e481d
455374c1d250ace1140e8d71a273b09f9b8d793d
3ecb8ccc9e116e31ae20b0b9f19ef13a4315360f6bf633df7a8ff8f0f3529086
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/patentenum.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:06 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-190b5"
Expires: Thu, 25 Apr 2024 20:25:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/public.js
199.188.105.67200 OK 21 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/public.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Hash 1862367fc61631f8c626b15e64cecf04
d4f0064bf8bb665bcd9abdeb20379c1b8832806c
3e38edff2f383f6d5f22f7646e1155abd7dc76e0cd334a84ac65706c438c58ac
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/public.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:06 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-1153c"
Expires: Thu, 25 Apr 2024 20:25:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/adobefont.js
199.188.105.67200 OK 647 B URL GET HTTP/1.1 dozf.top/temp/31/static/js/adobefont.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (647), with no line terminators
Hash 084141babdf91b3ede553b0ab7d02687
f23b4c3b65cb84e75de8f54a877d80f009eae91c
08aa3fda2a3fe1ca9cbbb9e527c21d7a59f50ed6f7b8d80175a05e2e68e110ac
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/adobefont.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:06 GMT
Content-Type: application/javascript
Content-Length: 647
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Connection: keep-alive
ETag: "6441f6e0-287"
Expires: Thu, 25 Apr 2024 20:25:06 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
dozf.top/temp/31/static/js/PcAjaxJson.js
199.188.105.67200 OK 1.2 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/PcAjaxJson.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (7251), with no line terminators
Hash d5806c7e50264ebd65aa003ec56fe805
927f6db451a4cdd1cdfdfa3cd2985b6f0c9c2f70
5801d0384ea130f38935cfd1f73ef5008aeb79a66c32054ffd8d4b8e4b191793
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/PcAjaxJson.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:06 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-1c53"
Expires: Thu, 25 Apr 2024 20:25:06 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/ajax.js
199.188.105.67200 OK 1.5 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/ajax.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (4019), with no line terminators
Hash d04cafc8343ab413a18e26fc9c61f771
193569283be1bbba648c296e5f2d4247379b5e12
3e024c78803ea6f52af53b98634bb86b53f2cea39874ce8f4f699891c462da76
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/ajax.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:07 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-fb3"
Expires: Thu, 25 Apr 2024 20:25:07 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/usermodel.js
199.188.105.67200 OK 805 B URL GET HTTP/1.1 dozf.top/temp/31/static/js/usermodel.js
IP 199.188.105.67:80
File type ASCII text, with very long lines (4066), with no line terminators
Hash e07256d9dfe02f5f71f307f869946d44
d1094da81cb43190cf4deb3e25a9e432e8e2d8e6
74e3c1d7c615a40573ef112bc464b56cebadc414366636a16665d48f04fc6ceb
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/usermodel.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:07 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-fe2"
Expires: Thu, 25 Apr 2024 20:25:07 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/userctrl.js
199.188.105.67200 OK 3.6 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/userctrl.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (13374), with no line terminators
Hash a5fe360266f38d844473e183b6bd8204
ff4963bd6d9339d07af26208cd0ca8374585b49d
9286cb1a8f3ad0b3e89696e8fa74d85631d1ec225a861b33201449cc37098218
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/userctrl.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:07 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-343e"
Expires: Thu, 25 Apr 2024 20:25:07 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/baiduhm.js
199.188.105.67200 OK 869 B URL GET HTTP/1.1 dozf.top/temp/31/static/js/baiduhm.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (869), with no line terminators
Hash 30705f79b7809d97add13fd76e538417
0082d9dc5f6e1f226d784ad6f5a190a6974407ca
f071e270ea57b80b083422d76c428f8127241213cbcad78f4b8501d217569fe7
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/baiduhm.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:07 GMT
Content-Type: application/javascript
Content-Length: 869
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Connection: keep-alive
ETag: "6441f6e0-365"
Expires: Thu, 25 Apr 2024 20:25:07 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
dozf.top/tongji.js?wrZOt
199.188.105.67 424 B IP 199.188.105.67:0
File type HTML document, ASCII text, with very long lines (554)
Hash 2670717a4f5405f69e14291c7c42264e
257ccf0465b11ede72971fb2e04eaa0cd7e69d3e
90ad5b193f0d1cefd3b99b9214f14ff03e946ce43471459272c9e40275f9ec64
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /tongji.js?wrZOt HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:07 GMT
Content-Type: application/javascript
Last-Modified: Sun, 31 Mar 2024 12:18:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6609549b-455"
Expires: Thu, 25 Apr 2024 20:25:07 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/baish.js?xC
199.188.105.67 381 B IP 199.188.105.67:0
File type JavaScript source, ASCII text
Hash c54822212c05910c3af32d285d8434c9
4682b179821b08ba9076cbd0ea2b7e734b190ca4
bd87b277ab23a31f82c177ae878c76ec0f927129a20468de02850ea267d8e4e6
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /baish.js?xC HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:07 GMT
Content-Type: application/javascript
Last-Modified: Sun, 03 Mar 2024 00:22:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65e3c2ca-56e"
Expires: Thu, 25 Apr 2024 20:25:07 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/baiss.js?8l
199.188.105.67 1.0 kB IP 199.188.105.67:0
File type JavaScript source, ASCII text, with very long lines (554)
Hash b1532a30ee430c2c3769c9b89f3b11d9
8e1e66d40ea487482904451aa5a7dc0b19520382
26e5a18730cdf3377b29995aea426f105fbe02129ccef6b06baa5ada420cb3bf
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /baiss.js?8l HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:07 GMT
Content-Type: application/javascript
Last-Modified: Mon, 22 Apr 2024 09:56:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6626344e-97e"
Expires: Thu, 25 Apr 2024 20:25:07 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/top.js
199.188.105.67200 OK 5.0 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/top.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (14060), with no line terminators
Hash 1a0f98974e63b6ad4969e3866eaf2ca3
578052c08f483755311fec541e9925ea5839d9f4
71800e3fac2a56c558ba6bf86cb4b479084abb3210984412d186f359347007fb
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/top.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:07 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-36ec"
Expires: Thu, 25 Apr 2024 20:25:07 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/upload-1.0.js
199.188.105.67200 OK 3.0 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/upload-1.0.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (8640), with no line terminators
Hash 073dbe0549486b9fc3f7d7fe0d5a457b
bb04b103699588bdf1689eea0f911df0210748e2
ac37992e0475f316ad7071856949d6f115faf5b806592439ec84575a351cf41a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/upload-1.0.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:07 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-21c0"
Expires: Thu, 25 Apr 2024 20:25:07 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/myidea_dialog.js
199.188.105.67200 OK 1.4 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/myidea_dialog.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (3039), with no line terminators
Hash 530e1797c729896c7a1ca9ea7dc45217
9679d785ecf3ae8fa57a465a2e88a190a284a91d
4f35486b295c89ea5fa066760862a088aaa4c6e2d9d5e4f926ba4e05437bc464
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/myidea_dialog.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:07 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-bdf"
Expires: Thu, 25 Apr 2024 20:25:07 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/fixed.js
199.188.105.67200 OK 1.5 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/fixed.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (3561), with no line terminators
Hash b355ea7d57b1f89d7a1713847e9ea3b9
774829175626aed498e97b850e61bca1fc0463ca
e8ae3f56489e1e9100e6d9b34a79223d38272a4f695dbf5e1bf993f8b2dcbb59
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/fixed.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:07 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-de9"
Expires: Thu, 25 Apr 2024 20:25:07 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/channel.js
199.188.105.67200 OK 1.1 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/channel.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (2601), with no line terminators
Hash 2f457b2e111106ab08bbe291ea1dd2ea
d800963a167fcd856d74d5017c9ee9cd80b4b1c7
1ec4d6d2bb7899dd67c8a85ddad84c495e5dc2d490a86648ca7703103b8c03fd
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/channel.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:07 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-a29"
Expires: Thu, 25 Apr 2024 20:25:07 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/budget_dialog.js
199.188.105.67200 OK 3.0 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/budget_dialog.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (9868), with no line terminators
Hash c32de2f81d4f6d235edd40da09939c84
9978adbf9c60a36d7253be089e18003c9c076f17
c6d4c69e07066d220f0c747fb0470af0186c7e062c51b4b5aa78306c4d16ec35
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/budget_dialog.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:07 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-268c"
Expires: Thu, 25 Apr 2024 20:25:07 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/bootstrap.min.js
199.188.105.67200 OK 11 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/bootstrap.min.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (32034), with CRLF line terminators
Hash 4356df370bab29993ef606510fa13477
3e58d6768df39de00d80e064c274ef66ed7cd336
eac180d02ab055056d85eb64bd71be9435b2c54385cc737447817762c7ba22b7
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/bootstrap.min.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:07 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-8fda"
Expires: Thu, 25 Apr 2024 20:25:07 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/site.js
199.188.105.67200 OK 1.5 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/site.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (3598), with no line terminators
Hash fd8c2e2dc3ef727b08e4483713e7f856
ad56888fb6c8ca35989410baa9154845dad73de2
4c5bb7195b41f04167ad0b4c832a27a83c8733e95e0a78f044084b73f83f2544
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/site.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:07 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-e0e"
Expires: Thu, 25 Apr 2024 20:25:07 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/onlinetel.js
199.188.105.67200 OK 1.7 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/onlinetel.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (3966), with no line terminators
Hash 34d5ee03852ab774d6c004b37670d967
c4549688ee46fb6d9ed589ae16679fbcbe8f8af0
778f226538b9460d397bd7c449efdc1146766b0b6ae9d569241e3d6a46b35b60
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/onlinetel.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:07 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-f7e"
Expires: Thu, 25 Apr 2024 20:25:07 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/md5.js
199.188.105.67200 OK 1.5 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/md5.js
IP 199.188.105.67:80
File type ASCII text, with very long lines (3517), with no line terminators
Hash 3451d7a59c75837a891bfad2456b227d
f011cef3699309d0af388989a1a6b79774d2e707
e1b21c15e1e22e2d7a0ad606400baeeeba8f56c9e03c6ac304b43675509d7225
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/md5.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:07 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-dbd"
Expires: Thu, 25 Apr 2024 20:25:07 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/login-box.js
199.188.105.67200 OK 2.6 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/login-box.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (6941), with no line terminators
Hash 2403cb07fa3882702183290ac1ff9785
1255a381eccafb90e32cea4a901b676f8e40fcb5
1ebe83ef6efd7a0a0e61fc8334009c9df8f9efd152550162800199ac3ad46c4a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/login-box.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:07 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-1b1d"
Expires: Thu, 25 Apr 2024 20:25:07 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/placeholder.js
199.188.105.67200 OK 921 B URL GET HTTP/1.1 dozf.top/temp/31/static/js/placeholder.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (2656), with no line terminators
Hash b3300bc6b179f572aa7ff84334f6f060
788b5cdaf2f9948ac7107e03c3a1ef37d6c1b960
1ba79f87a78b4e037b64abe49af70e9967a50ce96bc38848863d4a5e260f8b98
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/placeholder.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:07 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-a60"
Expires: Thu, 25 Apr 2024 20:25:07 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/Math.uuid.js
199.188.105.67200 OK 707 B URL GET HTTP/1.1 dozf.top/temp/31/static/js/Math.uuid.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (707), with no line terminators
Hash 0d9460efc0f33af00aa1ffd87095c852
31109c0fea7402c3acb2861845f951da13d02d2a
778dd0219e31903bc495a546afaa306a58c1c6718af5331965d85beabfcff5b9
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/Math.uuid.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:07 GMT
Content-Type: application/javascript
Content-Length: 707
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Connection: keep-alive
ETag: "6441f6e0-2c3"
Expires: Thu, 25 Apr 2024 20:25:07 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
dozf.top/temp/31/static/js/countUp.js
199.188.105.67200 OK 1.4 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/countUp.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (3579), with no line terminators
Hash 2eed6206e893d6371474549b5b88bc59
bbab50b096df51855e968b78a50bb5a55fde0f5c
3e3ee06903afcde9116a7c3fd1c3c3b36e52269380dc4b6d647487cecfb76dd7
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/countUp.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:07 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-dfb"
Expires: Thu, 25 Apr 2024 20:25:07 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/indexsearch.js
199.188.105.67200 OK 2.6 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/indexsearch.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (7423), with no line terminators
Hash d2fa6cfcf48f2d21948bb088705d56b3
d2d9d86ad1498532186122d384eaa49eb2f11ee1
a25ff3fb68a6d0406cfa9bd07dec37566be81f268dddc20e83fe42c94117b471
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/indexsearch.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:07 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-1cff"
Expires: Thu, 25 Apr 2024 20:25:07 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/slider.js
199.188.105.67200 OK 768 B URL GET HTTP/1.1 dozf.top/temp/31/static/js/slider.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (1616), with no line terminators
Hash 1c09b1608a5ea47a0fa2e4a2d08d7c1f
e8cbc8dc1ac97e2f391a27f63f942eee9bd51ff9
4be32ffeb72a2be84a407396c79ebedc756663edd156ccd3624e8f48cb821b34
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/slider.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:07 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-650"
Expires: Thu, 25 Apr 2024 20:25:07 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/animate-css3.js
199.188.105.67200 OK 621 B URL GET HTTP/1.1 dozf.top/temp/31/static/js/animate-css3.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (1286), with no line terminators
Hash 901d2d4c527e494ddf2b905d8ced152c
c3febcc9abbb46566952fcda6e019d37f5061f6f
26c2bc56fd150526fc43dc01ee0ddb64dc10dce70830e66cdc494a9a5ce112fc
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/animate-css3.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:07 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-506"
Expires: Thu, 25 Apr 2024 20:25:07 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/index.js
199.188.105.67200 OK 3.6 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/index.js
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (10091), with no line terminators
Hash 66ac60dd75a07a8ceaf316297c645373
3f90d17ed988481bdd47beff90aea5b5e59f319a
0c96a5988c4c4ac550956bef40a9b731b67bf864810b20a01af01a8c7837a4b9
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/index.js HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/imgCodeIframe.html
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:07 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-276b"
Expires: Thu, 25 Apr 2024 20:25:07 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/picture/intd-jp.jpg
199.188.105.67200 OK 2.3 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/intd-jp.jpg
IP 199.188.105.67:80
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 288x196, components 3
Hash 2d31ed55a219e1060ecded52379608b9
3ca33461d0e452578f37d0171d2226598a3b7cce
09625b04fc1084c1cf30868e68df3b721fd194e6e07a39782b534e5584872edf
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/intd-jp.jpg HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:07 GMT
Content-Type: image/jpeg
Content-Length: 2333
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-91d"
Expires: Sat, 25 May 2024 08:25:07 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/js/jquery-1.11.3.min.js?_=1714033503526
199.188.105.67200 OK 38 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/jquery-1.11.3.min.js?_=1714033503526
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (32038), with CRLF line terminators
Hash 8e67452f561a3b8ee8a82fdf57672cd5
44d980c8f4d21057018d80398d574fa72aea1bc7
4e7e1c16e351e7bfc80cddef9f98e99113ddb0d1e201be00d53955fe62f0e523
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/jquery-1.11.3.min.js?_=1714033503526 HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:07 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-176fd"
Expires: Thu, 25 Apr 2024 20:25:07 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/picture/intd-kr.jpg
199.188.105.67200 OK 3.6 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/intd-kr.jpg
IP 199.188.105.67:80
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 288x196, components 3
Hash 1e7ed653c68f3ebd3b3cb0b4674c89dd
a7d6f3987303a3acf68bb767bf580bdd1515a26a
f185a5cd3cc39e20edea24ffad5097e17dd2f9980486da610955c8f61a11d89b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/intd-kr.jpg HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:07 GMT
Content-Type: image/jpeg
Content-Length: 3591
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-e07"
Expires: Sat, 25 May 2024 08:25:07 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/intd-eu.jpg
199.188.105.67200 OK 3.7 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/intd-eu.jpg
IP 199.188.105.67:80
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 288x196, components 3
Hash 6c2be9ba2e19633014bfdd466532e6bb
4e3b64250d9f51a19362de96a2a0120f63f36f2e
5ad9f0cdd1ad734db8259d9bac1c4b5d2b9f7d52c1bd1e62734ef6ebd3042186
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/intd-eu.jpg HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:07 GMT
Content-Type: image/jpeg
Content-Length: 3667
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-e53"
Expires: Sat, 25 May 2024 08:25:07 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/intd-in.jpg
199.188.105.67200 OK 3.2 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/intd-in.jpg
IP 199.188.105.67:80
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 288x196, components 3
Hash 1b215b2bbdfe84d2324a12468816aa44
882fdf37f166da9eb16e9ae7d82d2d6aedbec46c
ba534392e3900f8b3a663d7dd509f8dca06f3bdbd5dc91ae217c7deaa87dab11
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/intd-in.jpg HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:07 GMT
Content-Type: image/jpeg
Content-Length: 3205
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-c85"
Expires: Sat, 25 May 2024 08:25:07 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/intd-ca.jpg
199.188.105.67200 OK 5.3 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/intd-ca.jpg
IP 199.188.105.67:80
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 288x196, components 3
Hash 7dd847ce4b37db99387322de90658cc0
98a69422a1478118908acade0f2f33989edbc9a3
559d0b537a0483d75ab758c9842f97baa1b492eed062d11c92f727c738546d34
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/intd-ca.jpg HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:07 GMT
Content-Type: image/jpeg
Content-Length: 5295
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-14af"
Expires: Sat, 25 May 2024 08:25:07 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/intd-au.jpg
199.188.105.67200 OK 3.5 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/intd-au.jpg
IP 199.188.105.67:80
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 288x196, components 3
Hash a3f981ef216b2f4ca01908b94f3ac462
e01ab39f95eea813a6e2c7332c45a8b9008cc081
71d02deb555228dbaef46ef9f2368059daad40bc4246425608b42888fee62ec7
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/intd-au.jpg HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:07 GMT
Content-Type: image/jpeg
Content-Length: 3454
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-d7e"
Expires: Sat, 25 May 2024 08:25:07 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/intd-tw.jpg
199.188.105.67200 OK 3.1 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/intd-tw.jpg
IP 199.188.105.67:80
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 288x196, components 3
Hash ff9c801f858898f5b9b63e67a5809bc7
635bf31f91e1bd6418dc651b2856db0d88736faf
cf05f7402e8525e243456e483fd600b18cb7a4d1be1e13b2c88191de98c30d51
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/intd-tw.jpg HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:07 GMT
Content-Type: image/jpeg
Content-Length: 3121
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-c31"
Expires: Sat, 25 May 2024 08:25:07 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/drawing_01.png
199.188.105.67200 OK 58 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/drawing_01.png
IP 199.188.105.67:80
File type PNG image data, 1132 x 266, 8-bit colormap, non-interlaced
Hash 0164a3f2306dc536fc24169e1fb85f36
8f5cf52db00692ad3d159bdd694eebec4b34f27f
9f88f77a09cc172e8d643aa93f5557338febe8e947ab36bbaa8c776b34fc23fc
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/drawing_01.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:07 GMT
Content-Type: image/png
Content-Length: 58526
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-e49e"
Expires: Sat, 25 May 2024 08:25:07 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/drawing_02.png
199.188.105.67200 OK 50 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/drawing_02.png
IP 199.188.105.67:80
File type PNG image data, 1132 x 266, 8-bit colormap, non-interlaced
Hash 794fd49642d032e6f9a1d172ff2ad8bb
d1e5f9ca6f19b8372d142d16a3cc41feca08a8da
541c8a2567687e85a0ada8251bdaf6d9e0bee4f2cbbe9ab517d1df48d7684cfe
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/drawing_02.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:07 GMT
Content-Type: image/png
Content-Length: 50390
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-c4d6"
Expires: Sat, 25 May 2024 08:25:07 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/ds-tm.png
199.188.105.67200 OK 5.6 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/ds-tm.png
IP 199.188.105.67:80
File type PNG image data, 378 x 262, 8-bit colormap, non-interlaced
Hash ad5c3dd425e275737adb2f489be6e846
d81901fb59176dba6254c9f38183cb158c7288f2
7875f31d4ea6669b50c4652554e02ffa1d3e8bad872e9159e2e21066e4ffb74e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/ds-tm.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:07 GMT
Content-Type: image/png
Content-Length: 5602
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-15e2"
Expires: Sat, 25 May 2024 08:25:07 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/js/jquery.i18n.properties.min.js?_=1714033503527
199.188.105.67200 OK 2.5 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/jquery.i18n.properties.min.js?_=1714033503527
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (4926), with CRLF line terminators
Hash 180066afb0d53d40297af991c0a737d9
f16092fde04f92c676f1c1a8a8546912bf394d94
fa2892641af9d2e42b32354e773390d3a65a87c064507fb79bcf00a728a1e182
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/jquery.i18n.properties.min.js?_=1714033503527 HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:07 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-15c1"
Expires: Thu, 25 Apr 2024 20:25:07 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/picture/ds-pt.png
199.188.105.67200 OK 5.5 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/ds-pt.png
IP 199.188.105.67:80
File type PNG image data, 378 x 262, 8-bit colormap, non-interlaced
Hash 15060b86546061543414ae8d2f20cc78
b666be9aee2e7fbb14b3914f0e57707b3942661f
77215fae53c87d298673a24fbc1f47361776fb2d965f03cf20218a7b889b5309
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/ds-pt.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:07 GMT
Content-Type: image/png
Content-Length: 5548
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-15ac"
Expires: Sat, 25 May 2024 08:25:07 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/bottom-qrcode3.png
199.188.105.67200 OK 18 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/bottom-qrcode3.png
IP 199.188.105.67:80
File type PNG image data, 109 x 107, 8-bit/color RGBA, non-interlaced
Hash e3874097324aa765bc345015659f3fe0
d8f9d28d5b310ec08eb1693df93581e34e961f23
26360d02e5ab53588521c986da5aa546723de19d2aa20888b6b24cc1fe240882
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/bottom-qrcode3.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:08 GMT
Content-Type: image/png
Content-Length: 17941
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-4615"
Expires: Sat, 25 May 2024 08:25:08 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/ds-cr.png
199.188.105.67200 OK 5.5 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/ds-cr.png
IP 199.188.105.67:80
File type PNG image data, 378 x 262, 8-bit colormap, non-interlaced
Hash 793bec835a0e91f92f797bf21f002568
d7717d1a611ac29b27f2f40086ce67728b0ef364
47e292343431f499ada74e7896b4d5de1bfbba5bd51d043071d204637bbd7514
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/ds-cr.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:07 GMT
Content-Type: image/png
Content-Length: 5529
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-1599"
Expires: Sat, 25 May 2024 08:25:07 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/inviate_design.png
199.188.105.67200 OK 25 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/inviate_design.png
IP 199.188.105.67:80
File type PNG image data, 320 x 81, 8-bit/color RGBA, non-interlaced
Hash 000ebf8ec582eb3b45fa6ab36149ba60
f236a0a67f78b1e06790fea2ee03d918ab30a512
20af084977d3e3882b11de0d9ac5d8069412bce4aa5869d08ee7bce8e4e8c9d2
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/inviate_design.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:08 GMT
Content-Type: image/png
Content-Length: 24745
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-60a9"
Expires: Sat, 25 May 2024 08:25:08 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/tro_resolve.png
199.188.105.67200 OK 40 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/tro_resolve.png
IP 199.188.105.67:80
File type PNG image data, 320 x 94, 8-bit/color RGBA, non-interlaced
Hash f31997c0587fe0e4cc11244c4324399a
e14ee523617fa234a920ff231d72e8e8b8071068
98f914440e74dc51ed683f70d95199e0a272447e86c164e950324fb2b4cc5cc3
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/tro_resolve.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:08 GMT
Content-Type: image/png
Content-Length: 40538
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-9e5a"
Expires: Sat, 25 May 2024 08:25:08 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/static/image/v4_banner60.png
199.188.105.67404 Not Found 146 B URL GET HTTP/1.1 dozf.top/static/image/v4_banner60.png
IP 199.188.105.67:80
File type HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/image/v4_banner60.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 25 Apr 2024 08:25:08 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
dozf.top/temp/31/static/js/i18n.js?_=1714033503528
199.188.105.67200 OK 358 B URL GET HTTP/1.1 dozf.top/temp/31/static/js/i18n.js?_=1714033503528
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (358), with no line terminators
Hash db6a5f06deac4d03aee4359cfc3c9220
2aef07055c57f554be03977af21f672693a3a0ab
1537bfa37451c0c74b237edaceac54b79a1f3649a5790ba5e1589e3b8aca8f26
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/i18n.js?_=1714033503528 HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:08 GMT
Content-Type: application/javascript
Content-Length: 358
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Connection: keep-alive
ETag: "6441f6e0-166"
Expires: Thu, 25 Apr 2024 20:25:08 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
dozf.top/static/image/v4_banner41.jpg
199.188.105.67404 Not Found 146 B URL GET HTTP/1.1 dozf.top/static/image/v4_banner41.jpg
IP 199.188.105.67:80
File type HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/image/v4_banner41.jpg HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 25 Apr 2024 08:25:08 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
dozf.top/static/image/v4_banner35.jpg
199.188.105.67404 Not Found 146 B URL GET HTTP/1.1 dozf.top/static/image/v4_banner35.jpg
IP 199.188.105.67:80
File type HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/image/v4_banner35.jpg HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 25 Apr 2024 08:25:08 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
dozf.top/temp/31/static/picture/21080949625428865-6200.jpg
199.188.105.67200 OK 78 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/21080949625428865-6200.jpg
IP 199.188.105.67:80
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=9, manufacturer=Canon, model=Canon EOS M10, orientation=upper-left, xresolution=142, yresolution=150, resolutionunit=2, software=Adobe Photoshop CC 2017 (Windows), datetime=2017:07:29 21:23:29], baseline, precision 8, 720x471, components 3
Hash f476d895350849592544e304317c2aa1
7cf60b1787965dcc8672965e739c431d3c5701e2
0cf9e0b99acbd59ff55a7f68ba8b434a01d5ea61b6129658517a3e4718bd87c3
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/21080949625428865-6200.jpg HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:08 GMT
Content-Type: image/jpeg
Content-Length: 77703
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-12f87"
Expires: Sat, 25 May 2024 08:25:08 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/21080796645470801-1176.jpg
199.188.105.67200 OK 72 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/21080796645470801-1176.jpg
IP 199.188.105.67:80
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, manufacturer=NIKON CORPORATION, model=NIKON Z 7], baseline, precision 8, 720x405, components 3
Hash 5bc3d3a642b04a38f12ff25b98799a1a
b69dad7c4693fcbc7a9d5de3523e9ee2f8481c4e
29738a99e0087159dbe62b6b675cab1d33de890c343bed47e239bce6818c922c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/21080796645470801-1176.jpg HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:08 GMT
Content-Type: image/jpeg
Content-Length: 71584
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-117a0"
Expires: Sat, 25 May 2024 08:25:08 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/21487833323899783-9702.jpg
199.188.105.67200 OK 48 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/21487833323899783-9702.jpg
IP 199.188.105.67:80
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=714, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=1269], baseline, precision 8, 338x146, components 3
Hash 66a8fc1d4b4888fcd8c8cf3ea919e6d8
cad0704a25e64f6abd20ecc021cf7558a197081e
b0d035f610987b2b33248e114f9f041fae4533d805884501c1a9c0cdc95ae176
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/21487833323899783-9702.jpg HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:08 GMT
Content-Type: image/jpeg
Content-Length: 47466
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-b96a"
Expires: Sat, 25 May 2024 08:25:08 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/21486841641486712-6940.jpg
199.188.105.67200 OK 47 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/21486841641486712-6940.jpg
IP 199.188.105.67:80
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=714, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=1269], baseline, precision 8, 338x146, components 3
Hash 20001d01fc5d47156e0051574846062a
92355a573da8ddb1f9da01d6253fa294568f0e8c
853abf9e9d4c94a4be39f9f48c42d8a43cbf35085ab6ea97e12658f96b665f9b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/21486841641486712-6940.jpg HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:08 GMT
Content-Type: image/jpeg
Content-Length: 47157
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-b835"
Expires: Sat, 25 May 2024 08:25:08 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/js/lhgdialog.min.js?_=1714033503529
199.188.105.67200 OK 10 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/lhgdialog.min.js?_=1714033503529
IP 199.188.105.67:80
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (17965), with CRLF line terminators
Hash 2e8fa135e4cbbc073cb4de8215c3d79a
8547a67692391d0b86210c35d12d49340685ae04
a06d9ea4e0b3a007fee504aa5a85dc841939403594326a0bde625bbb0b1901a8
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/lhgdialog.min.js?_=1714033503529 HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:08 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-4df0"
Expires: Thu, 25 Apr 2024 20:25:08 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/image/btn_protection.png
199.188.105.67200 OK 2.7 kB URL GET HTTP/1.1 dozf.top/temp/31/static/image/btn_protection.png
IP 199.188.105.67:80
File type PNG image data, 105 x 43, 8-bit colormap, non-interlaced
Hash 3d6d9ef0222bf9207f87962b85dc851c
1bf3276e22a37413ff277c6708d5fbbb8dfbb9b6
0677da978d32331ac87fc83726aeaba01f15ffb75d602fdf65ac31e7aefb9db6
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/image/btn_protection.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/static/css/index_service.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:08 GMT
Content-Type: image/png
Content-Length: 2650
Last-Modified: Fri, 21 Apr 2023 02:37:14 GMT
Connection: keep-alive
ETag: "6441f6da-a5a"
Expires: Sat, 25 May 2024 08:25:08 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/image/intd-bg.png
199.188.105.67200 OK 2.5 kB URL GET HTTP/1.1 dozf.top/temp/31/static/image/intd-bg.png
IP 199.188.105.67:80
File type PNG image data, 310 x 218, 8-bit/color RGBA, non-interlaced
Hash 62918b824fb45b982acdaf3041319b1c
7ef5978ecf6a4ce5f3a92303093b3afefbf3f8b0
ebf02d20976d551c373730d986df9c8a06321fe6cacae651d2c9e51c72c5cbe0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/image/intd-bg.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/static/css/index_service.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:08 GMT
Content-Type: image/png
Content-Length: 2454
Last-Modified: Fri, 21 Apr 2023 02:37:14 GMT
Connection: keep-alive
ETag: "6441f6da-996"
Expires: Sat, 25 May 2024 08:25:08 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/21080129099208092-2597.jpg
199.188.105.67200 OK 81 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/21080129099208092-2597.jpg
IP 199.188.105.67:80
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2017:04:09 10:50:13], baseline, precision 8, 720x480, components 3
Hash 43056d9926493e9f527c316207ae8151
115bfff23cf2db158ff112fff479c55db5ef81fc
e51dd86f075cd8044af6015b4a38bdd3727c11f74dde7fb069fd683cee5d996c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/21080129099208092-2597.jpg HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:08 GMT
Content-Type: image/jpeg
Content-Length: 81159
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-13d07"
Expires: Sat, 25 May 2024 08:25:08 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/image/whychooseus-bg.png
199.188.105.67200 OK 1.7 kB URL GET HTTP/1.1 dozf.top/temp/31/static/image/whychooseus-bg.png
IP 199.188.105.67:80
File type PNG image data, 358 x 244, 8-bit colormap, non-interlaced
Hash cdc9840a30968ebe2ae5008b43899b34
90f4aba9480a14d5b3c0cbf19237b70e578d477a
6467db1555c70400ce70d070be3a247c533784d72181f37ac990c19c9e33e92b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/image/whychooseus-bg.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/static/css/index_service.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:08 GMT
Content-Type: image/png
Content-Length: 1683
Last-Modified: Fri, 21 Apr 2023 02:37:14 GMT
Connection: keep-alive
ETag: "6441f6da-693"
Expires: Sat, 25 May 2024 08:25:08 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/image/drawing_bg_02.jpg
199.188.105.67200 OK 9.4 kB URL GET HTTP/1.1 dozf.top/temp/31/static/image/drawing_bg_02.jpg
IP 199.188.105.67:80
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1190x486, components 3
Hash b3dbb85f952bbb5387bd93d581dcf051
a5d5fff0ea5f38c47baa6274213e889842027f33
e62dce2e1fd8e7871f0bc9c00bc3fa0a89275a56e669143e0cd79f35f2d683c9
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/image/drawing_bg_02.jpg HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/static/css/index_service.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:08 GMT
Content-Type: image/jpeg
Content-Length: 9392
Last-Modified: Fri, 21 Apr 2023 02:37:14 GMT
Connection: keep-alive
ETag: "6441f6da-24b0"
Expires: Sat, 25 May 2024 08:25:08 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/image/whychooseus-contact.png
199.188.105.67200 OK 1.0 kB URL GET HTTP/1.1 dozf.top/temp/31/static/image/whychooseus-contact.png
IP 199.188.105.67:80
File type PNG image data, 234 x 26, 4-bit colormap, non-interlaced
Hash 2e5b38beecba24c587d364374bac4efb
2f09912959b7b676f1cee482f75aefc369061e6f
440562119e5112211dcd08033b454d8789bdb0ed16f17d20257b87269eeb6bcc
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/image/whychooseus-contact.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/static/css/index_service.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:08 GMT
Content-Type: image/png
Content-Length: 1041
Last-Modified: Fri, 21 Apr 2023 02:37:14 GMT
Connection: keep-alive
ETag: "6441f6da-411"
Expires: Sat, 25 May 2024 08:25:08 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/image/f13.jpg
199.188.105.67200 OK 19 kB URL GET HTTP/1.1 dozf.top/temp/31/static/image/f13.jpg
IP 199.188.105.67:80
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2021:06:03 15:06:55], progressive, precision 8, 150x53, components 3
Hash 3b72c7be7d623c864040b0ff2a70b748
729f273b81c8b05cccb31f0155bde9617faf3f13
b63d90849d2312bd0e66441b77b6211b710f5b3b44b3fb51969e766f679a624e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/image/f13.jpg HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/static/css/index_service.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:08 GMT
Content-Type: image/jpeg
Content-Length: 19301
Last-Modified: Fri, 21 Apr 2023 02:37:14 GMT
Connection: keep-alive
ETag: "6441f6da-4b65"
Expires: Sat, 25 May 2024 08:25:08 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/js/skins/default.css
199.188.105.67404 Not Found 146 B URL GET HTTP/1.1 dozf.top/temp/31/static/js/skins/default.css
IP 199.188.105.67:80
File type HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/skins/default.css HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 25 Apr 2024 08:25:08 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
dozf.top/temp/31/static/js/jquery.cookie.js?_=1714033503530
199.188.105.67200 OK 709 B URL GET HTTP/1.1 dozf.top/temp/31/static/js/jquery.cookie.js?_=1714033503530
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (1302), with no line terminators
Hash 513971b7e720860e15e240db85c1d106
598184243ba67acc06a3341c91aa7cd4a9ceb344
25699b04e11fb0a1ed972df8b0e5a384cf70ff41249ffc0b885ccfaa58b9503f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/jquery.cookie.js?_=1714033503530 HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:08 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-516"
Expires: Thu, 25 Apr 2024 20:25:08 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/image/f06.jpg
199.188.105.67200 OK 13 kB URL GET HTTP/1.1 dozf.top/temp/31/static/image/f06.jpg
IP 199.188.105.67:80
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=80, bps=158, PhotometricInterpretation=RGB, orientation=upper-left, width=177], baseline, precision 8, 150x53, components 3
Hash b82dd885871ad6780ce8423ce396dda1
df8c410321530fe2ddb87dba84c19254e5a018e7
dfb642966c4442d6c856fdccf3f3e9fc9aba61a94bb2be72a0d6b71cbd2da4d2
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/image/f06.jpg HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/static/css/index_service.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:08 GMT
Content-Type: image/jpeg
Content-Length: 12639
Last-Modified: Fri, 21 Apr 2023 02:37:14 GMT
Connection: keep-alive
ETag: "6441f6da-315f"
Expires: Sat, 25 May 2024 08:25:08 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/image/f07.png
199.188.105.67200 OK 5.8 kB URL GET HTTP/1.1 dozf.top/temp/31/static/image/f07.png
IP 199.188.105.67:80
File type PNG image data, 150 x 53, 8-bit/color RGBA, non-interlaced
Hash a0fdd324244ed070e8d58bc5a5019a33
aa59446678ff0bcc7a446f3254a40dba6855c5d2
419f349fe8fd9ef0faf28589ca13a2c021e9707da9033ed9fb8b382904934ad1
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/image/f07.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/static/css/index_service.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:08 GMT
Content-Type: image/png
Content-Length: 5767
Last-Modified: Fri, 21 Apr 2023 02:37:14 GMT
Connection: keep-alive
ETag: "6441f6da-1687"
Expires: Sat, 25 May 2024 08:25:08 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/image/f05.jpg
199.188.105.67200 OK 20 kB URL GET HTTP/1.1 dozf.top/temp/31/static/image/f05.jpg
IP 199.188.105.67:80
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=240, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=390], progressive, precision 8, 150x53, components 3
Hash cdeeaeded4aa628d7423c4ea44648eb6
ed28b56f06eb8330c7e2d583b6e31fda6330a948
142ec8015f7e4ded92b609c30de345bd81f6e4f11d86fd536ab38d8adb4f6ee4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/image/f05.jpg HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/static/css/index_service.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:08 GMT
Content-Type: image/jpeg
Content-Length: 19682
Last-Modified: Fri, 21 Apr 2023 02:37:14 GMT
Connection: keep-alive
ETag: "6441f6da-4ce2"
Expires: Sat, 25 May 2024 08:25:08 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/image/f08.png
199.188.105.67200 OK 9.4 kB URL GET HTTP/1.1 dozf.top/temp/31/static/image/f08.png
IP 199.188.105.67:80
File type PNG image data, 150 x 53, 8-bit/color RGBA, non-interlaced
Hash cf88a5eedcb3b0b683764117ea5dc6c4
49b6ae280ee77e886a2f45ec23423d733a7e7e40
45c939e39db0e4c4142880aa41fdd61a6bd1a6feca9391a231900024b4a86624
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/image/f08.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/static/css/index_service.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:08 GMT
Content-Type: image/png
Content-Length: 9411
Last-Modified: Fri, 21 Apr 2023 02:37:14 GMT
Connection: keep-alive
ETag: "6441f6da-24c3"
Expires: Sat, 25 May 2024 08:25:08 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/image/f09.png
199.188.105.67200 OK 10 kB URL GET HTTP/1.1 dozf.top/temp/31/static/image/f09.png
IP 199.188.105.67:80
File type PNG image data, 120 x 100, 8-bit/color RGBA, non-interlaced
Hash 8ee1aaae2816069500f5c53a75617a3a
74882518012696c72a31bec25ddedcc12099662d
d85130782c7a49ba0d78541c0325130e940c79aa67e588e4d03fddb349d855de
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/image/f09.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/static/css/index_service.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:08 GMT
Content-Type: image/png
Content-Length: 10420
Last-Modified: Fri, 21 Apr 2023 02:37:14 GMT
Connection: keep-alive
ETag: "6441f6da-28b4"
Expires: Sat, 25 May 2024 08:25:08 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/image/f12.png
199.188.105.67200 OK 22 kB URL GET HTTP/1.1 dozf.top/temp/31/static/image/f12.png
IP 199.188.105.67:80
File type PNG image data, 150 x 103, 8-bit/color RGBA, non-interlaced
Hash 101cee2093c98445a43a3ba5e31e5abf
b6af5abbe70f3e2c429e8eb7352440e351805ef9
9338380b5a88cf1e6771f84148a1e50181bfada67277ee096aa26f3174f82207
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/image/f12.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/static/css/index_service.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:08 GMT
Content-Type: image/png
Content-Length: 22212
Last-Modified: Fri, 21 Apr 2023 02:37:14 GMT
Connection: keep-alive
ETag: "6441f6da-56c4"
Expires: Sat, 25 May 2024 08:25:08 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/js/patentenum.js?_=1714033503531
199.188.105.67200 OK 28 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/patentenum.js?_=1714033503531
IP 199.188.105.67:80
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1702632f848dced081eec813318e481d
455374c1d250ace1140e8d71a273b09f9b8d793d
3ecb8ccc9e116e31ae20b0b9f19ef13a4315360f6bf633df7a8ff8f0f3529086
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/patentenum.js?_=1714033503531 HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:08 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-190b5"
Expires: Thu, 25 Apr 2024 20:25:08 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/image/f11.png
199.188.105.67200 OK 5.8 kB URL GET HTTP/1.1 dozf.top/temp/31/static/image/f11.png
IP 199.188.105.67:80
File type PNG image data, 150 x 53, 8-bit/color RGBA, non-interlaced
Hash 9cbc1d3b6081a189e6412f6473aa78a2
abeb4672ac9226d7cd73360f343495110d8a7e4d
e82a7013e241c884b1276ceab2d5a87335645ade94fb4d897b87dbb890df8dc9
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/image/f11.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/static/css/index_service.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:08 GMT
Content-Type: image/png
Content-Length: 5831
Last-Modified: Fri, 21 Apr 2023 02:37:14 GMT
Connection: keep-alive
ETag: "6441f6da-16c7"
Expires: Sat, 25 May 2024 08:25:08 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/image/f04.png
199.188.105.67200 OK 10 kB URL GET HTTP/1.1 dozf.top/temp/31/static/image/f04.png
IP 199.188.105.67:80
File type PNG image data, 150 x 53, 8-bit/color RGBA, non-interlaced
Hash 4ec797b3de1a36e013833f7a162d83f0
73af4dd0e2b5d7a9006084db91224f7d08bb87e7
4cf030efb1bef8bebb98609d83a35a6b320a629c92082f6c5decd54329de4f15
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/image/f04.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/static/css/index_service.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:08 GMT
Content-Type: image/png
Content-Length: 10073
Last-Modified: Fri, 21 Apr 2023 02:37:14 GMT
Connection: keep-alive
ETag: "6441f6da-2759"
Expires: Sat, 25 May 2024 08:25:08 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/image/f10.png
199.188.105.67200 OK 7.1 kB URL GET HTTP/1.1 dozf.top/temp/31/static/image/f10.png
IP 199.188.105.67:80
File type PNG image data, 150 x 53, 8-bit/color RGBA, non-interlaced
Hash 6bd5cafbc09b07927cf7611690fce873
861b3ccc67a8321edd74a48ed9c6b550dfed2155
95a6bdc520ec829beb3ca289bf533f22beffb832c06cd695492796af6f017f52
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/image/f10.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/static/css/index_service.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:08 GMT
Content-Type: image/png
Content-Length: 7106
Last-Modified: Fri, 21 Apr 2023 02:37:14 GMT
Connection: keep-alive
ETag: "6441f6da-1bc2"
Expires: Sat, 25 May 2024 08:25:08 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/image/f03.png
199.188.105.67200 OK 5.4 kB URL GET HTTP/1.1 dozf.top/temp/31/static/image/f03.png
IP 199.188.105.67:80
File type PNG image data, 150 x 53, 8-bit/color RGBA, non-interlaced
Hash fa4926c9b57c6a4b4082ba83f9de4775
6e936072e854c3bf33627f5540f6d2896c4e4f14
409c30b884cfdefe0e5028122b55ecfe6c7df2bd8b65752fb1adc42c5bc0cc20
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/image/f03.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/static/css/index_service.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:08 GMT
Content-Type: image/png
Content-Length: 5419
Last-Modified: Fri, 21 Apr 2023 02:37:14 GMT
Connection: keep-alive
ETag: "6441f6da-152b"
Expires: Sat, 25 May 2024 08:25:08 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/image/f02.jpg
199.188.105.67200 OK 13 kB URL GET HTTP/1.1 dozf.top/temp/31/static/image/f02.jpg
IP 199.188.105.67:80
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=155, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=892], progressive, precision 8, 150x53, components 3
Hash b0fa702842cba2e5485704a41292cbec
99bf5c0509e92a729d464d2ad2f8e840c40e8e6d
fd7b2e47980b469467ed2c3d8b99eb01ebb9e195c68d17a2a479355c7417c074
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/image/f02.jpg HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/temp/31/static/css/index_service.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:08 GMT
Content-Type: image/jpeg
Content-Length: 13046
Last-Modified: Fri, 21 Apr 2023 02:37:14 GMT
Connection: keep-alive
ETag: "6441f6da-32f6"
Expires: Sat, 25 May 2024 08:25:08 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/ico_search_ch2.png
199.188.105.67200 OK 3.5 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/ico_search_ch2.png
IP 199.188.105.67:80
File type PNG image data, 69 x 47, 8-bit/color RGBA, non-interlaced
Hash b976850cfb07a2d41f37e02dd07d47a3
2f97883cc377fe1ad3f1fad68c6130d23e2a0586
f8eceb5a1420ad80cea9c48c573323c05c75fbd4ca14db20acf09025d4c4ac4d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/ico_search_ch2.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:08 GMT
Content-Type: image/png
Content-Length: 3496
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-da8"
Expires: Sat, 25 May 2024 08:25:08 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/m_btn_more.png
199.188.105.67200 OK 1.4 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/m_btn_more.png
IP 199.188.105.67:80
File type PNG image data, 46 x 46, 8-bit colormap, non-interlaced
Hash 4bcd593bae1ce08b5d461491919e9e46
1ca81c4001023f7ee796b63b9b0740db22d7f5d4
9c97290a7f0a27b0f2de13d9e6407305578c96a734d7e9db9a2269087269a2c9
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/m_btn_more.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:08 GMT
Content-Type: image/png
Content-Length: 1441
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-5a1"
Expires: Sat, 25 May 2024 08:25:08 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/logo_blue_mobile.png
199.188.105.67200 OK 3.6 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/logo_blue_mobile.png
IP 199.188.105.67:80
File type PNG image data, 147 x 55, 8-bit colormap, non-interlaced
Hash 91d690dff4c764fb14fdf43efe0085fa
509145ff9e3f29d1a13e0b25eb9d517f5222e686
05ca086efa2c79816451a4eda73c302408245f7a1c008b5df0220f29c9a7241e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/logo_blue_mobile.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:08 GMT
Content-Type: image/png
Content-Length: 3648
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-e40"
Expires: Sat, 25 May 2024 08:25:08 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/img_trademark_process_jp.png
199.188.105.67200 OK 4.2 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/img_trademark_process_jp.png
IP 199.188.105.67:80
File type PNG image data, 1070 x 50, 8-bit colormap, non-interlaced
Hash fd353eaac30bdc6fbb74f5f39e90c2d3
08dab3b302d6941f9c81713ae5802a837c3dde90
a7922b35ad215ceef361c22b8e6b34afb2d9ab2b9645549f9e36b06911461d0d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/img_trademark_process_jp.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:08 GMT
Content-Type: image/png
Content-Length: 4224
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-1080"
Expires: Sat, 25 May 2024 08:25:08 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/img_trademark_process_eu.png
199.188.105.67200 OK 4.2 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/img_trademark_process_eu.png
IP 199.188.105.67:80
File type PNG image data, 1070 x 50, 8-bit colormap, non-interlaced
Hash 7cf5bc8f3c4e855b1abfdca7891106ed
0f368a475664b1563471f876dfdf142a75fd1da3
c30302fb87a89d266ce4d004fd87bd5ce986cb58948b3d6d596b2cae277ae137
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/img_trademark_process_eu.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:08 GMT
Content-Type: image/png
Content-Length: 4150
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-1036"
Expires: Sat, 25 May 2024 08:25:08 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/js/public.js?_=1714033503532
199.188.105.67200 OK 21 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/public.js?_=1714033503532
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Hash 1862367fc61631f8c626b15e64cecf04
d4f0064bf8bb665bcd9abdeb20379c1b8832806c
3e38edff2f383f6d5f22f7646e1155abd7dc76e0cd334a84ac65706c438c58ac
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/public.js?_=1714033503532 HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:09 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-1153c"
Expires: Thu, 25 Apr 2024 20:25:09 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/picture/img_title_newfunction.png
199.188.105.67200 OK 2.5 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/img_title_newfunction.png
IP 199.188.105.67:80
File type PNG image data, 252 x 73, 8-bit colormap, non-interlaced
Hash 23e7c378658cee8cad93699d03621676
942054cbe552f807e111649f6b3bc363f6998d79
ebc938336f5ad76bb4d255227bc3e2901fe0090e09c55b9a469a394c29f846d2
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/img_title_newfunction.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:09 GMT
Content-Type: image/png
Content-Length: 2547
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-9f3"
Expires: Sat, 25 May 2024 08:25:09 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/ico_newfunction1.png
199.188.105.67200 OK 3.8 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/ico_newfunction1.png
IP 199.188.105.67:80
File type PNG image data, 91 x 80, 8-bit colormap, non-interlaced
Hash 2f97bdb71165fe708a7ec1ab517bb261
0297d82efa1ca7b045efc849e27c78ebde992779
ddfbc81145dddcdb949ee5e7c034ba087271ca9ee0bb3a9bf9352d3851125e50
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/ico_newfunction1.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:09 GMT
Content-Type: image/png
Content-Length: 3788
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-ecc"
Expires: Sat, 25 May 2024 08:25:09 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/ico_newfunction2.png
199.188.105.67200 OK 3.2 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/ico_newfunction2.png
IP 199.188.105.67:80
File type PNG image data, 91 x 80, 8-bit colormap, non-interlaced
Hash 3ab630ffef84051951a5e87c7f28bcff
d2e6a24829cfec92f3d02b0712e05f2303541c2c
ce421f5abd8bf7242338b7227fd718e768fa67653d6a4568556a44b502d056b6
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/ico_newfunction2.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:09 GMT
Content-Type: image/png
Content-Length: 3199
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-c7f"
Expires: Sat, 25 May 2024 08:25:09 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/ico_newfunction3.png
199.188.105.67200 OK 2.4 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/ico_newfunction3.png
IP 199.188.105.67:80
File type PNG image data, 91 x 80, 8-bit colormap, non-interlaced
Hash 2a6a035d4d8a633e04c2615343706de1
4b2b015deec971bd98ea4b5aee19b199fe66eb6d
3df2cf4038c6f6a2b28e15de682836c352ed40d6e9260826482d72c76b4aee15
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/ico_newfunction3.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:09 GMT
Content-Type: image/png
Content-Length: 2388
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-954"
Expires: Sat, 25 May 2024 08:25:09 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/design_t
199.188.105.67404 Not Found 146 B URL GET HTTP/1.1 dozf.top/temp/31/static/picture/design_t
IP 199.188.105.67:80
File type HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/design_t HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 25 Apr 2024 08:25:09 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
dozf.top/temp/31/static/js/adobefont.js?_=1714033503533
199.188.105.67200 OK 647 B URL GET HTTP/1.1 dozf.top/temp/31/static/js/adobefont.js?_=1714033503533
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (647), with no line terminators
Hash 084141babdf91b3ede553b0ab7d02687
f23b4c3b65cb84e75de8f54a877d80f009eae91c
08aa3fda2a3fe1ca9cbbb9e527c21d7a59f50ed6f7b8d80175a05e2e68e110ac
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/adobefont.js?_=1714033503533 HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:09 GMT
Content-Type: application/javascript
Content-Length: 647
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Connection: keep-alive
ETag: "6441f6e0-287"
Expires: Thu, 25 Apr 2024 20:25:09 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/guide_ico_successed.png
199.188.105.67200 OK 1.7 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/guide_ico_successed.png
IP 199.188.105.67:80
File type PNG image data, 30 x 30, 8-bit colormap, non-interlaced
Hash 7a81691017d24f848f3778b2fd266e89
2e16df4e665d5464b32e73c4c48d8ec7e8807d6f
00628809c8c9920744db0a4040cccf35454db5980d8f15aea53667a5604f5b0f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/guide_ico_successed.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:09 GMT
Content-Type: image/png
Content-Length: 1748
Last-Modified: Fri, 21 Apr 2023 02:37:12 GMT
Connection: keep-alive
ETag: "6441f6d8-6d4"
Expires: Sat, 25 May 2024 08:25:09 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/guide_code.png
199.188.105.67200 OK 7.4 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/guide_code.png
IP 199.188.105.67:80
File type PNG image data, 117 x 117, 8-bit colormap, non-interlaced
Hash d219fed09885a40de8d587d064698b0a
17c02b4953839bc761f80009c16351e2be2d6216
6c7b6b12f089a681e04a509e6b5fe70cb7863f31c97c5f25232c1396493d6e24
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/guide_code.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:09 GMT
Content-Type: image/png
Content-Length: 7366
Last-Modified: Fri, 21 Apr 2023 02:37:12 GMT
Connection: keep-alive
ETag: "6441f6d8-1cc6"
Expires: Sat, 25 May 2024 08:25:09 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/ico_qrcode_reflesh.png
199.188.105.67200 OK 1.2 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/ico_qrcode_reflesh.png
IP 199.188.105.67:80
File type PNG image data, 15 x 13, 8-bit/color RGBA, non-interlaced
Hash b915d4e80ab3f5bc1333423d3806ed73
14753e42e01e61fd0bcffd59e0a0a27e8552aab2
30e0a92b5987dbdb243b602b848b8ad58636177dbe9585be21fda535acd6bb0a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/ico_qrcode_reflesh.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:09 GMT
Content-Type: image/png
Content-Length: 1200
Last-Modified: Fri, 21 Apr 2023 02:37:12 GMT
Connection: keep-alive
ETag: "6441f6d8-4b0"
Expires: Sat, 25 May 2024 08:25:09 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/attention_code1.png
199.188.105.67200 OK 22 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/attention_code1.png
IP 199.188.105.67:80
File type PNG image data, 122 x 153, 8-bit/color RGBA, non-interlaced
Hash 08867764a9df5c1959d68abb4f0facf1
727d505aaa897a1416f3c99d2557d3a05a592052
f23f4e834db166c1667e21778bd51a68effaaa97d37921879e891cdb59bfa044
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/attention_code1.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:09 GMT
Content-Type: image/png
Content-Length: 21773
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-550d"
Expires: Sat, 25 May 2024 08:25:09 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/js/PcAjaxJson.js?_=1714033503534
199.188.105.67200 OK 1.2 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/PcAjaxJson.js?_=1714033503534
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (7251), with no line terminators
Hash d5806c7e50264ebd65aa003ec56fe805
927f6db451a4cdd1cdfdfa3cd2985b6f0c9c2f70
5801d0384ea130f38935cfd1f73ef5008aeb79a66c32054ffd8d4b8e4b191793
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/PcAjaxJson.js?_=1714033503534 HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:09 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-1c53"
Expires: Thu, 25 Apr 2024 20:25:09 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/picture/home_kefu1.png
199.188.105.67200 OK 58 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/home_kefu1.png
IP 199.188.105.67:80
File type PNG image data, 242 x 177, 8-bit/color RGBA, non-interlaced
Hash 466dc4d1209f6125690dc221b03ee0ec
5931affae67c8df12ddea53244aa0fa34a08f556
f02a48293df72db480be4ab54b7caea57c7905ed395f6de3ff23f0bb2439a2fb
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/home_kefu1.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:09 GMT
Content-Type: image/png
Content-Length: 57767
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-e1a7"
Expires: Sat, 25 May 2024 08:25:09 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/weixin_advisory4.jpg
199.188.105.67200 OK 286 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/weixin_advisory4.jpg
IP 199.188.105.67:80
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=503, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=510], baseline, precision 8, 510x503, components 3
Size 286 kB (285695 bytes)
Hash d9a4e96ec2adfa69e034e9b64b9c94f0
7932cd6aa996866a9cd0b2edc9b48cd864709515
c3f87a0eb3cc52db5c1972cd3054ccb447ddffb4b54cc067e79ed573c44429da
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/weixin_advisory4.jpg HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:09 GMT
Content-Type: image/jpeg
Content-Length: 285695
Last-Modified: Fri, 21 Apr 2023 02:37:12 GMT
Connection: keep-alive
ETag: "6441f6d8-45bff"
Expires: Sat, 25 May 2024 08:25:09 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/
199.188.105.67200 OK 29 kB IP 199.188.105.67:80
File type HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF, LF line terminators
Hash 1b47d8ac5917e6395125f5922def4ba5
7307f3215e14bc00c65c77a4dfc95c82b2360bea
f5960d131cda5e581ebd4424383de870b121bfa985ca908114ce65cbfe9d5e30
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/ HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:09 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
dozf.top/temp/31/static/picture/freelancerheader.png
199.188.105.67200 OK 2.5 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/freelancerheader.png
IP 199.188.105.67:80
File type PNG image data, 86 x 86, 8-bit colormap, non-interlaced
Hash 7a920fd6f28a84b2300e04045b951e3f
b68c9d996615271f67d84c9beb7f9849cac9fe0d
b65a45f94283c17ae68e473f5be1f9653f939f3460a17d0f1077d72896d41a58
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/freelancerheader.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:09 GMT
Content-Type: image/png
Content-Length: 2539
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-9eb"
Expires: Sat, 25 May 2024 08:25:09 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/midway_icon.jpg
199.188.105.67200 OK 12 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/midway_icon.jpg
IP 199.188.105.67:80
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2022:05:17 14:48:14], baseline, precision 8, 60x39, components 3
Hash be548028d27a2360a773a6a8696aaada
23c8a378b658619ecdecdac7183088082de0876b
eb8711b86cd8dc5bf5839dd67f4e46eec0a23190fde840901d75361a2ad73c9a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/midway_icon.jpg HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:09 GMT
Content-Type: image/jpeg
Content-Length: 11878
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-2e66"
Expires: Sat, 25 May 2024 08:25:09 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/gq_us.png
199.188.105.67200 OK 2.7 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/gq_us.png
IP 199.188.105.67:80
File type PNG image data, 60 x 39, 8-bit colormap, non-interlaced
Hash a9bb2be83bea14a26171bfb828975b3a
ea06f9e0734794f21f4bc930734b846283a9237a
2f8b0c00fdce1a93bfe43902330272951daefb691d641ff15d77d2572a419da9
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/gq_us.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:09 GMT
Content-Type: image/png
Content-Length: 2743
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-ab7"
Expires: Sat, 25 May 2024 08:25:09 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/chang_tm.png
199.188.105.67200 OK 4.4 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/chang_tm.png
IP 199.188.105.67:80
File type PNG image data, 60 x 45, 8-bit/color RGBA, non-interlaced
Hash 185269b46e09d4f17721422b77a82db7
91091b71e9d3229797be2f7a5d31a37ffe75b8d0
a8d19880af3c50417599621b30be685c446f09841f4043362900c720652d0e10
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/chang_tm.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:09 GMT
Content-Type: image/png
Content-Length: 4418
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-1142"
Expires: Sat, 25 May 2024 08:25:09 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/gq_eu.png
199.188.105.67200 OK 2.5 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/gq_eu.png
IP 199.188.105.67:80
File type PNG image data, 60 x 39, 8-bit colormap, non-interlaced
Hash 91e1663191ea0cdfbb26b16f21bcf40d
58573e8313703176b650b2cb19ffafb4cfebd9b3
061be5b26cb4e9c883cc7a35ea01ec69776d005a1f68513a1e3dbbcfb2502870
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/gq_eu.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:09 GMT
Content-Type: image/png
Content-Length: 2468
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-9a4"
Expires: Sat, 25 May 2024 08:25:09 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/js/ajax.js?_=1714033503535
199.188.105.67200 OK 1.5 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/ajax.js?_=1714033503535
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (4019), with no line terminators
Hash d04cafc8343ab413a18e26fc9c61f771
193569283be1bbba648c296e5f2d4247379b5e12
3e024c78803ea6f52af53b98634bb86b53f2cea39874ce8f4f699891c462da76
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/ajax.js?_=1714033503535 HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:09 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-fb3"
Expires: Thu, 25 Apr 2024 20:25:09 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/picture/gq_au.png
199.188.105.67200 OK 3.5 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/gq_au.png
IP 199.188.105.67:80
File type PNG image data, 60 x 39, 8-bit colormap, non-interlaced
Hash 5110615d5bd1237d051cad7da1a1eef2
41615beb0ffd6fd09779d8f1ddbf8e0171e489ce
9384e16f9c883c4ba6c544518142fd62b191e1ce4d0efb2d3bb3f7ff847c279b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/gq_au.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:09 GMT
Content-Type: image/png
Content-Length: 3494
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-da6"
Expires: Sat, 25 May 2024 08:25:09 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/gq_kr.png
199.188.105.67200 OK 3.9 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/gq_kr.png
IP 199.188.105.67:80
File type PNG image data, 60 x 39, 8-bit colormap, non-interlaced
Hash c643b5fc75bfe5d025dc3584c0b45f05
51b5bbb2a53302919b9d77e1f5597cd792edfc09
8857b35c90f4ec49aaaeb317d254701f1ad85eb2ac941f87954ebba56ac83648
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/gq_kr.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:09 GMT
Content-Type: image/png
Content-Length: 3873
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-f21"
Expires: Sat, 25 May 2024 08:25:09 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/gq_jp.png
199.188.105.67200 OK 3.9 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/gq_jp.png
IP 199.188.105.67:80
File type PNG image data, 60 x 39, 8-bit colormap, non-interlaced
Hash e11084f4dd40e7544905be40551cace7
7df2c0a8a6e17a5cbbb5ed8e79d9934bd2c70ec4
18a945af76fd632d957a45355f54b7d77d62920f0d95aaadbcff6d79b95674f6
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/gq_jp.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:09 GMT
Content-Type: image/png
Content-Length: 3873
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-f21"
Expires: Sat, 25 May 2024 08:25:09 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/gq_in.png
199.188.105.67200 OK 1.7 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/gq_in.png
IP 199.188.105.67:80
File type PNG image data, 59 x 39, 8-bit/color RGBA, non-interlaced
Hash 34cf4205fafc04747a730b61d2980fb4
61c01c55e78e59d021e80587f7c8be8c3d35ebe8
d3a559b29aff0bf7ab75d19effd953b3e519a643561e4c07876469fba6f5444d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/gq_in.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:09 GMT
Content-Type: image/png
Content-Length: 1657
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-679"
Expires: Sat, 25 May 2024 08:25:09 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/gq_gb.png
199.188.105.67200 OK 3.0 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/gq_gb.png
IP 199.188.105.67:80
File type PNG image data, 60 x 39, 8-bit colormap, non-interlaced
Hash 644a2de38f636ed0d19ca8addfa98810
42f29639aadad7f54d4ee14f50578b1bc897bf4a
eb2093db41b5ac758b99d9ca15c0eded1bdc8b28c6fb4b067960a69af4f399fa
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/gq_gb.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:09 GMT
Content-Type: image/png
Content-Length: 3022
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-bce"
Expires: Sat, 25 May 2024 08:25:09 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/picture/gq_ca.png
199.188.105.67200 OK 2.2 kB URL GET HTTP/1.1 dozf.top/temp/31/static/picture/gq_ca.png
IP 199.188.105.67:80
File type PNG image data, 60 x 39, 8-bit/color RGBA, non-interlaced
Hash 1c13537b3a84ca3c6bb3ed952c60a8c2
8747b734bb13b1c28fe3b98ad1cdf8cc17ecf85f
11cc324c51eba011e76ae3e082a194218840a06d6d2694ef6342b75f08d932ae
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/picture/gq_ca.png HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:09 GMT
Content-Type: image/png
Content-Length: 2150
Last-Modified: Fri, 21 Apr 2023 02:37:10 GMT
Connection: keep-alive
ETag: "6441f6d6-866"
Expires: Sat, 25 May 2024 08:25:09 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dozf.top/temp/31/static/js/usermodel.js?_=1714033503536
199.188.105.67200 OK 805 B URL GET HTTP/1.1 dozf.top/temp/31/static/js/usermodel.js?_=1714033503536
IP 199.188.105.67:80
File type ASCII text, with very long lines (4066), with no line terminators
Hash e07256d9dfe02f5f71f307f869946d44
d1094da81cb43190cf4deb3e25a9e432e8e2d8e6
74e3c1d7c615a40573ef112bc464b56cebadc414366636a16665d48f04fc6ceb
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/usermodel.js?_=1714033503536 HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:09 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-fe2"
Expires: Thu, 25 Apr 2024 20:25:09 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/temp/31/static/js/userctrl.js?_=1714033503537
199.188.105.67200 OK 3.6 kB URL GET HTTP/1.1 dozf.top/temp/31/static/js/userctrl.js?_=1714033503537
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (13374), with no line terminators
Hash a5fe360266f38d844473e183b6bd8204
ff4963bd6d9339d07af26208cd0ca8374585b49d
9286cb1a8f3ad0b3e89696e8fa74d85631d1ec225a861b33201449cc37098218
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/userctrl.js?_=1714033503537 HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:09 GMT
Content-Type: application/javascript
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6441f6e0-343e"
Expires: Thu, 25 Apr 2024 20:25:09 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
dozf.top/proxy/platform/platform/nowDate
199.188.105.67404 Not Found 146 B URL GET HTTP/1.1 dozf.top/proxy/platform/platform/nowDate
IP 199.188.105.67:80
File type HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /proxy/platform/platform/nowDate HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 25 Apr 2024 08:25:10 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
dozf.top/temp/31/static/js/baiduhm.js?_=1714033503538
199.188.105.67200 OK 869 B URL GET HTTP/1.1 dozf.top/temp/31/static/js/baiduhm.js?_=1714033503538
IP 199.188.105.67:80
File type JavaScript source, ASCII text, with very long lines (869), with no line terminators
Hash 30705f79b7809d97add13fd76e538417
0082d9dc5f6e1f226d784ad6f5a190a6974407ca
f071e270ea57b80b083422d76c428f8127241213cbcad78f4b8501d217569fe7
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /temp/31/static/js/baiduhm.js?_=1714033503538 HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:10 GMT
Content-Type: application/javascript
Content-Length: 869
Last-Modified: Fri, 21 Apr 2023 02:37:20 GMT
Connection: keep-alive
ETag: "6441f6e0-365"
Expires: Thu, 25 Apr 2024 20:25:10 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
dozf.top/tongji.js?Yzbpq&_=1714033503539
199.188.105.67200 OK 424 B URL GET HTTP/1.1 dozf.top/tongji.js?Yzbpq&_=1714033503539
IP 199.188.105.67:80
File type HTML document, ASCII text, with very long lines (554)
Hash 2670717a4f5405f69e14291c7c42264e
257ccf0465b11ede72971fb2e04eaa0cd7e69d3e
90ad5b193f0d1cefd3b99b9214f14ff03e946ce43471459272c9e40275f9ec64
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /tongji.js?Yzbpq&_=1714033503539 HTTP/1.1
Host: dozf.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Cookie: __vtins__3HspYA63vt2vJcJX=%7B%22sid%22%3A%20%229a923e34-eb59-5654-87df-e621393c14bc%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2032%2C%20%22dr%22%3A%2032%2C%20%22expires%22%3A%201714035304716%2C%20%22ct%22%3A%201714033504716%7D; __51uvsct__3HspYA63vt2vJcJX=1; __51vcke__3HspYA63vt2vJcJX=aebaf90a-a212-5695-aa5f-3e4bb5729507; __51vuft__3HspYA63vt2vJcJX=1714033504689; __vtins__3Hx53J9JLyK5xYX2=%7B%22sid%22%3A%20%22f1a4e61e-cef7-5667-a322-6dc876900c71%22%2C%20%22vd%22%3A%202%2C%20%22stt%22%3A%2031%2C%20%22dr%22%3A%2031%2C%20%22expires%22%3A%201714035304732%2C%20%22ct%22%3A%201714033504732%7D; __51uvsct__3Hx53J9JLyK5xYX2=1; __51vcke__3Hx53J9JLyK5xYX2=10298cef-3e9e-5744-ac9f-42ab9df9f2be; __51vuft__3Hx53J9JLyK5xYX2=1714033504705
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 08:25:10 GMT
Content-Type: application/javascript
Last-Modified: Sun, 31 Mar 2024 12:18:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6609549b-455"
Expires: Thu, 25 Apr 2024 20:25:10 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
sdk.51.la/js-sdk-pro.min.js
47.246.44.240200 OK 13 kB URL GET HTTP/1.1 sdk.51.la/js-sdk-pro.min.js
IP 47.246.44.240:80
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (34110)
Hash 24bb520e9517f2ed3ed987b46aeaf723
846723563d7dd2bff3954f93633b11af0103adc8
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript
Content-Length: 12846
Connection: keep-alive
Date: Wed, 17 Apr 2024 02:56:06 GMT
x-oss-request-id: 661F3A46A554993430118686
x-oss-cdn-auth: success
Accept-Ranges: bytes
x-oss-object-type: Normal
x-oss-storage-class: Standard
Content-MD5: JLtSDpUX8u0+2Ye0aur3Iw==
x-oss-server-time: 3
Ali-Swift-Global-Savetime: 1713322566
Via: cache15.l2de2[0,0,304-0,H], cache6.l2de2[0,0], ens-cache18.se2[0,0,200-0,H], ens-cache4.se2[0,0]
Vary: Accept-Encoding
Last-Modified: Thu, 08 Jun 2023 02:24:34 GMT
x-oss-hash-crc64ecma: 5143829838470429443
Content-Encoding: gzip
Age: 710944
X-Cache: HIT TCP_MEM_HIT dirn:10:322730086
X-Swift-SaveTime: Wed, 17 Apr 2024 02:56:06 GMT
X-Swift-CacheTime: 1296000
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
EagleId: 2ff62c9817140335105388523e
sdk.51.la/js-sdk-pro.min.js
47.246.44.240200 OK 13 kB URL GET HTTP/1.1 sdk.51.la/js-sdk-pro.min.js
IP 47.246.44.240:80
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (34110)
Hash 24bb520e9517f2ed3ed987b46aeaf723
846723563d7dd2bff3954f93633b11af0103adc8
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript
Content-Length: 12846
Connection: keep-alive
Date: Wed, 17 Apr 2024 02:56:06 GMT
x-oss-request-id: 661F3A46A554993430118686
x-oss-cdn-auth: success
Accept-Ranges: bytes
x-oss-object-type: Normal
x-oss-storage-class: Standard
Content-MD5: JLtSDpUX8u0+2Ye0aur3Iw==
x-oss-server-time: 3
Ali-Swift-Global-Savetime: 1713322566
Via: cache15.l2de2[0,0,304-0,H], cache6.l2de2[0,0], ens-cache18.se2[0,0,200-0,H], ens-cache3.se2[0,0]
Vary: Accept-Encoding
Last-Modified: Thu, 08 Jun 2023 02:24:34 GMT
x-oss-hash-crc64ecma: 5143829838470429443
Content-Encoding: gzip
Age: 710944
X-Cache: HIT TCP_MEM_HIT dirn:10:322730086
X-Swift-SaveTime: Wed, 17 Apr 2024 02:56:06 GMT
X-Swift-CacheTime: 1296000
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
EagleId: 2ff62c9717140335105391422e
collect-v6.51.la/v6/collect?dt=4
203.107.86.226403 0 B URL POST HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP 203.107.86.226:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 244
Origin: http://dozf.top
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403
Date: Thu, 25 Apr 2024 08:25:10 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: aliyungf_tc=0f9110dfbff1cbf6b3b12292bb242455eb6924fad175fc509979ea9bd7e626a4; Path=/; HttpOnly
acw_tc=ac11000117140335107091251e68ca18ac37ff9d23c6c9d72b8049ad0c293e;path=/;HttpOnly;Max-Age=1800
Server: nginx
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://dozf.top
Access-Control-Allow-Credentials: true
collect-v6.51.la/v6/collect?dt=4
203.107.86.226403 0 B URL POST HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP 203.107.86.226:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 244
Origin: http://dozf.top
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403
Date: Thu, 25 Apr 2024 08:25:10 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: aliyungf_tc=22f442c266f247f0f5b1e0f41877dc8a7053a2dd2c6dd06b39053890f0d015de; Path=/; HttpOnly
acw_tc=ac11000117140335107191967e3aeac08c5dacbed83b28ea0a9a2422f7ae79;path=/;HttpOnly;Max-Age=1800
Server: nginx
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://dozf.top
Access-Control-Allow-Credentials: true
accwww4.53kf.com/sendacc.jsp?cmd=ACC&did=0&sid=12&company_id=72401631&guest_id=11990358334009&status=0&guest_name=&guest_ip=91.90.42.154&guest_ip_info=&area=%E6%8C%AA%E5%A8%81%2D&from_page=&talk_page=http%3A%2F%2Fdozf.top%2F&kf_time=1714033505&bto_id6d=-99&time=1714033510561&ucust_id=&style=1&is_mobile=n&visitor_type=new&is_uv=1&browser=firefox&os=linux&is_revisit=0&page_title=
61.130.25.224200 OK 20 B URL GET HTTP/1.1 accwww4.53kf.com/sendacc.jsp?cmd=ACC&did=0&sid=12&company_id=72401631&guest_id=11990358334009&status=0&guest_name=&guest_ip=91.90.42.154&guest_ip_info=&area=%E6%8C%AA%E5%A8%81%2D&from_page=&talk_page=http%3A%2F%2Fdozf.top%2F&kf_time=1714033505&bto_id6d=-99&time=1714033510561&ucust_id=&style=1&is_mobile=n&visitor_type=new&is_uv=1&browser=firefox&os=linux&is_revisit=0&page_title=
IP 61.130.25.224:80
ASN #136190 JINHUA, ZHEJIANG Province, P.R.China.
File type ASCII text, with no line terminators
Hash 872994930e3a7ae30adb199f515ffdff
6d8ed0c5a077c66e1407b22341ad72f5309c616c
70c7cda673633bdfe6dc8c288d7bfa3152b2bb05b030bd2d13661b5ab8dedd15
GET /sendacc.jsp?cmd=ACC&did=0&sid=12&company_id=72401631&guest_id=11990358334009&status=0&guest_name=&guest_ip=91.90.42.154&guest_ip_info=&area=%E6%8C%AA%E5%A8%81%2D&from_page=&talk_page=http%3A%2F%2Fdozf.top%2F&kf_time=1714033505&bto_id6d=-99&time=1714033510561&ucust_id=&style=1&is_mobile=n&visitor_type=new&is_uv=1&browser=firefox&os=linux&is_revisit=0&page_title= HTTP/1.1
Host: accwww4.53kf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: openresty
date: Thu, 25 Apr 2024 08:25:11 GMT
content-type: text/html;Charset=utf-8
content-length: 20
access-control-allow-origin: *
set-cookie: SESSION_COOKIE=accwww4_1; path=/
cache-control: private
www4.53kf.com/custom/72401631/assign_worker_72401631_1.js?v=1638762373
61.130.25.224200 OK 201 B URL GET HTTP/1.1 www4.53kf.com/custom/72401631/assign_worker_72401631_1.js?v=1638762373
IP 61.130.25.224:443
ASN #136190 JINHUA, ZHEJIANG Province, P.R.China.
Certificate IssuerDigiCert, Inc.
Subject*.53kf.com
Fingerprint3D:FD:F1:15:C2:A7:12:B4:C1:B2:F2:CB:B2:75:5F:F0:F9:4D:4C:49
ValidityTue, 13 Jun 2023 00:00:00 GMT - Wed, 12 Jun 2024 23:59:59 GMT
Hash 53ec7611eacdbf52507bdc127d90bee2
75bdb316df1806518304f40d3aa21aad61817e40
629cd7b3ef7fa86f8dc346ab9cf04e49dd913a0f0c3ab41216f7149348cd87f1
GET /custom/72401631/assign_worker_72401631_1.js?v=1638762373 HTTP/1.1
Host: www4.53kf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: openresty
date: Thu, 25 Apr 2024 08:25:11 GMT
content-type: application/x-javascript
content-length: 201
last-modified: Tue, 21 Nov 2023 11:04:19 GMT
etag: "655c8eb3-c9"
expires: Sun, 28 Apr 2024 08:25:11 GMT
accept-ranges: bytes
set-cookie: SESSION_COOKIE=www4_1; path=/
cache-control: max-age=259200, private
www4.53kf.com/custom/72401631/mobile_chat_72401631_1.js?v=1623393037
61.130.25.224200 OK 711 B URL GET HTTP/1.1 www4.53kf.com/custom/72401631/mobile_chat_72401631_1.js?v=1623393037
IP 61.130.25.224:443
ASN #136190 JINHUA, ZHEJIANG Province, P.R.China.
Certificate IssuerDigiCert, Inc.
Subject*.53kf.com
Fingerprint3D:FD:F1:15:C2:A7:12:B4:C1:B2:F2:CB:B2:75:5F:F0:F9:4D:4C:49
ValidityTue, 13 Jun 2023 00:00:00 GMT - Wed, 12 Jun 2024 23:59:59 GMT
File type ASCII text, with very long lines (1616)
Hash 7b7916a0a559a9046cec2338051a74f7
f18ec29a6c032f15dd3060f0bc8d2a9396135e2d
bd531c0e2f938b06e623afd71a7851f1b3ad26e05dff9719a7f30a64deda0770
GET /custom/72401631/mobile_chat_72401631_1.js?v=1623393037 HTTP/1.1
Host: www4.53kf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: openresty
date: Thu, 25 Apr 2024 08:25:11 GMT
content-type: application/x-javascript
transfer-encoding: chunked
last-modified: Tue, 21 Nov 2023 11:04:19 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"655c8eb3-651"
expires: Sun, 28 Apr 2024 08:25:11 GMT
content-encoding: gzip
set-cookie: SESSION_COOKIE=www4_1; path=/
cache-control: max-age=259200, private
www4.53kf.com/kf_new.php?style=1&arg=10401631&land_page=http%3A%2F%2Fdozf.top%2F&from_page=&guest_id=11990358334009&kf_sign=DAzMzMTcxNUwNTExOTkwMzU4MzM0MDA5NzI0MDE2MzE%3D&api_uuid=3d60548b276201ae66ba561d49005b37&uuid_53kf=2258b910b395bf85177b8708e7427cde&ip_long=1532635802&time=1714033510563
61.130.25.224200 OK 9.1 kB URL GET HTTP/1.1 www4.53kf.com/kf_new.php?style=1&arg=10401631&land_page=http%3A%2F%2Fdozf.top%2F&from_page=&guest_id=11990358334009&kf_sign=DAzMzMTcxNUwNTExOTkwMzU4MzM0MDA5NzI0MDE2MzE%3D&api_uuid=3d60548b276201ae66ba561d49005b37&uuid_53kf=2258b910b395bf85177b8708e7427cde&ip_long=1532635802&time=1714033510563
IP 61.130.25.224:443
ASN #136190 JINHUA, ZHEJIANG Province, P.R.China.
Certificate IssuerDigiCert, Inc.
Subject*.53kf.com
Fingerprint3D:FD:F1:15:C2:A7:12:B4:C1:B2:F2:CB:B2:75:5F:F0:F9:4D:4C:49
ValidityTue, 13 Jun 2023 00:00:00 GMT - Wed, 12 Jun 2024 23:59:59 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (1331), with CRLF line terminators
Hash 39f64911a6686cdd284c2bb9f6857d7d
ca86fad6111bfa53a70f127d93847dc7806fa1b9
858dac5af6b8f0cdc9ecc5e8513df816eb4de32eea0668f90a5155f1d3d0f4c4
GET /kf_new.php?style=1&arg=10401631&land_page=http%3A%2F%2Fdozf.top%2F&from_page=&guest_id=11990358334009&kf_sign=DAzMzMTcxNUwNTExOTkwMzU4MzM0MDA5NzI0MDE2MzE%3D&api_uuid=3d60548b276201ae66ba561d49005b37&uuid_53kf=2258b910b395bf85177b8708e7427cde&ip_long=1532635802&time=1714033510563 HTTP/1.1
Host: www4.53kf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: openresty
date: Thu, 25 Apr 2024 08:25:11 GMT
content-type: text/javascript; charset=utf-8
transfer-encoding: chunked
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
set-cookie: is_group_72401631=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.53kf.com
uuid_53kf_72401631=2258b910b395bf85177b8708e7427cde; path=/; domain=.53kf.com
091090042154=%E5%A5%A5%E6%96%AF%E9%99%86%E5%A5%A5%E6%96%AF%E9%99%86%2C%2C%E5%A5%A5%E6%96%AF%E9%99%86%2C%E6%AC%A7%E6%B4%B2; expires=Fri, 26-Apr-2024 08:25:11 GMT; Max-Age=86400; path=/
SESSION_COOKIE=www4_1; path=/
content-encoding: gzip
cache-control: private
www4.53kf.com/js/default/mobile_invite_default.js?v=2017080212
61.130.25.224200 OK 603 B URL GET HTTP/1.1 www4.53kf.com/js/default/mobile_invite_default.js?v=2017080212
IP 61.130.25.224:443
ASN #136190 JINHUA, ZHEJIANG Province, P.R.China.
Certificate IssuerDigiCert, Inc.
Subject*.53kf.com
Fingerprint3D:FD:F1:15:C2:A7:12:B4:C1:B2:F2:CB:B2:75:5F:F0:F9:4D:4C:49
ValidityTue, 13 Jun 2023 00:00:00 GMT - Wed, 12 Jun 2024 23:59:59 GMT
File type ASCII text, with very long lines (1674), with CRLF line terminators
Hash 8d9334baf74586365e6c788a723a9553
2497845d249b788fc5ef63977bf617f202b82ec8
0b4e99e542026b10fe009c2d52cf1737a30f0847571381026a75585141abfc35
GET /js/default/mobile_invite_default.js?v=2017080212 HTTP/1.1
Host: www4.53kf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: openresty
date: Thu, 25 Apr 2024 08:25:11 GMT
content-type: application/x-javascript
transfer-encoding: chunked
last-modified: Wed, 02 Aug 2017 01:47:40 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"59812f3c-68c"
expires: Sun, 28 Apr 2024 08:25:11 GMT
content-encoding: gzip
set-cookie: SESSION_COOKIE=www4_1; path=/
cache-control: max-age=259200, private
www4.53kf.com/js/default/mobile_icon_default.js?v=2017080212
61.130.25.224200 OK 540 B URL GET HTTP/1.1 www4.53kf.com/js/default/mobile_icon_default.js?v=2017080212
IP 61.130.25.224:443
ASN #136190 JINHUA, ZHEJIANG Province, P.R.China.
Certificate IssuerDigiCert, Inc.
Subject*.53kf.com
Fingerprint3D:FD:F1:15:C2:A7:12:B4:C1:B2:F2:CB:B2:75:5F:F0:F9:4D:4C:49
ValidityTue, 13 Jun 2023 00:00:00 GMT - Wed, 12 Jun 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (1696), with no line terminators
Hash f749af834034b81f5121c0e20f8da9b3
022822a05d793a40560f1b8326953aeaf06793ce
605c32c89fe33ca7ff1492b1cefd1d57864a805550c8d80b3cc8a2e45db366c8
GET /js/default/mobile_icon_default.js?v=2017080212 HTTP/1.1
Host: www4.53kf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: openresty
date: Thu, 25 Apr 2024 08:25:11 GMT
content-type: application/x-javascript
transfer-encoding: chunked
last-modified: Wed, 02 Aug 2017 02:28:34 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"598138d2-6a8"
expires: Sun, 28 Apr 2024 08:25:11 GMT
content-encoding: gzip
set-cookie: SESSION_COOKIE=www4_1; path=/
cache-control: max-age=259200, private
www4.53kf.com/kf_ivt_new.php?kf_sign=DAzMzMTcxNUwNTExOTkwMzU4MzM0MDA5NzI0MDE2MzE=&arg=10401631&style=1&isonline=0&kfonline=0&lang=zh-cn&resize=yes&charset=GBK&kflist=off&kf=18218540623@53kf.com&zdkf_type=1&lnk_overflow=0&callback_id6ds=&guest_id=11990358334009&referer=http%3A%2F%2Fdozf.top%2F&keyword=&tpl_name=crystal_blue&tpl_width=800&tpl_height=600&uid=3d60548b276201ae66ba561d49005b37&is_group=&0.9202752893631181&talktitle=&uuid_53kf=2258b910b395bf85177b8708e7427cde&u_cust_id=&u_cust_name=&u_custom_info=
61.130.25.224200 OK 17 kB URL GET HTTP/1.1 www4.53kf.com/kf_ivt_new.php?kf_sign=DAzMzMTcxNUwNTExOTkwMzU4MzM0MDA5NzI0MDE2MzE=&arg=10401631&style=1&isonline=0&kfonline=0&lang=zh-cn&resize=yes&charset=GBK&kflist=off&kf=18218540623@53kf.com&zdkf_type=1&lnk_overflow=0&callback_id6ds=&guest_id=11990358334009&referer=http%3A%2F%2Fdozf.top%2F&keyword=&tpl_name=crystal_blue&tpl_width=800&tpl_height=600&uid=3d60548b276201ae66ba561d49005b37&is_group=&0.9202752893631181&talktitle=&uuid_53kf=2258b910b395bf85177b8708e7427cde&u_cust_id=&u_cust_name=&u_custom_info=
IP 61.130.25.224:443
ASN #136190 JINHUA, ZHEJIANG Province, P.R.China.
Certificate IssuerDigiCert, Inc.
Subject*.53kf.com
Fingerprint3D:FD:F1:15:C2:A7:12:B4:C1:B2:F2:CB:B2:75:5F:F0:F9:4D:4C:49
ValidityTue, 13 Jun 2023 00:00:00 GMT - Wed, 12 Jun 2024 23:59:59 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (1404), with CRLF line terminators
Hash 94a33f5158b70cbb0ab87a525f2431cd
69bff7f64351194e8d2d9b63d42f2a73ad1f6107
ebaad193199126bb2b58391ab3a5de5233b064a15db985757685c054861960d7
GET /kf_ivt_new.php?kf_sign=DAzMzMTcxNUwNTExOTkwMzU4MzM0MDA5NzI0MDE2MzE=&arg=10401631&style=1&isonline=0&kfonline=0&lang=zh-cn&resize=yes&charset=GBK&kflist=off&kf=18218540623@53kf.com&zdkf_type=1&lnk_overflow=0&callback_id6ds=&guest_id=11990358334009&referer=http%3A%2F%2Fdozf.top%2F&keyword=&tpl_name=crystal_blue&tpl_width=800&tpl_height=600&uid=3d60548b276201ae66ba561d49005b37&is_group=&0.9202752893631181&talktitle=&uuid_53kf=2258b910b395bf85177b8708e7427cde&u_cust_id=&u_cust_name=&u_custom_info= HTTP/1.1
Host: www4.53kf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: openresty
date: Thu, 25 Apr 2024 08:25:11 GMT
content-type: text/javascript; charset=utf-8
transfer-encoding: chunked
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
set-cookie: uuid_53kf_72401631=2258b910b395bf85177b8708e7427cde; path=/; domain=.53kf.com
091090042154=%E5%A5%A5%E6%96%AF%E9%99%86%E5%A5%A5%E6%96%AF%E9%99%86%2C; expires=Fri, 26-Apr-2024 08:25:11 GMT; Max-Age=86400; path=/
SESSION_COOKIE=www4_1; path=/
content-encoding: gzip
cache-control: private
www4.53kf.com/style/setting/ver07/img/style_mobile_invite/close_2x.png
61.130.25.224200 OK 358 B URL GET HTTP/1.1 www4.53kf.com/style/setting/ver07/img/style_mobile_invite/close_2x.png
IP 61.130.25.224:443
ASN #136190 JINHUA, ZHEJIANG Province, P.R.China.
Certificate IssuerDigiCert, Inc.
Subject*.53kf.com
Fingerprint3D:FD:F1:15:C2:A7:12:B4:C1:B2:F2:CB:B2:75:5F:F0:F9:4D:4C:49
ValidityTue, 13 Jun 2023 00:00:00 GMT - Wed, 12 Jun 2024 23:59:59 GMT
File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced
Hash 25fa0a444195ebe14e08986ec33270bd
03ad0191cc7ffeaec8bc0d39b0332383ea9655ef
aa580004a470b49d999abea6c1e076a9bdb816ad6567699199965c5b1c0fe0a0
GET /style/setting/ver07/img/style_mobile_invite/close_2x.png HTTP/1.1
Host: www4.53kf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: openresty
date: Thu, 25 Apr 2024 08:25:12 GMT
content-type: image/png
content-length: 358
last-modified: Tue, 03 Jul 2018 01:58:36 GMT
etag: "5b3ad84c-166"
expires: Sun, 28 Apr 2024 08:25:12 GMT
accept-ranges: bytes
set-cookie: SESSION_COOKIE=www4_1; path=/
cache-control: max-age=259200, private
www4.53kf.com/img/upload/10401631/mobile/temp/mobile_53kf_1623393356.jpg
61.130.25.224200 OK 17 kB URL GET HTTP/1.1 www4.53kf.com/img/upload/10401631/mobile/temp/mobile_53kf_1623393356.jpg
IP 61.130.25.224:443
ASN #136190 JINHUA, ZHEJIANG Province, P.R.China.
Certificate IssuerDigiCert, Inc.
Subject*.53kf.com
Fingerprint3D:FD:F1:15:C2:A7:12:B4:C1:B2:F2:CB:B2:75:5F:F0:F9:4D:4C:49
ValidityTue, 13 Jun 2023 00:00:00 GMT - Wed, 12 Jun 2024 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2021:06:11 14:35:40], baseline, precision 8, 100x100, components 3
Hash a183cbefd84bde32167fcd84a3abb7d6
1d47717ed74413fd2ffbca3410a896dfb2b38064
d4cfa7d78e476e267ad2d10c4c3376c000142b0ea4bedbdca37d701e3d57b2d1
GET /img/upload/10401631/mobile/temp/mobile_53kf_1623393356.jpg HTTP/1.1
Host: www4.53kf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: openresty
date: Thu, 25 Apr 2024 08:25:12 GMT
content-type: image/jpeg
content-length: 17176
last-modified: Tue, 21 Nov 2023 11:04:19 GMT
etag: "655c8eb3-4318"
expires: Sun, 28 Apr 2024 08:25:12 GMT
accept-ranges: bytes
set-cookie: SESSION_COOKIE=www4_1; path=/
cache-control: max-age=259200, private
www4.53kf.com/minkh/js/jquery-1.4.2.flp.js?20121127002
61.130.25.224200 OK 24 kB URL GET HTTP/1.1 www4.53kf.com/minkh/js/jquery-1.4.2.flp.js?20121127002
IP 61.130.25.224:443
ASN #136190 JINHUA, ZHEJIANG Province, P.R.China.
Certificate IssuerDigiCert, Inc.
Subject*.53kf.com
Fingerprint3D:FD:F1:15:C2:A7:12:B4:C1:B2:F2:CB:B2:75:5F:F0:F9:4D:4C:49
ValidityTue, 13 Jun 2023 00:00:00 GMT - Wed, 12 Jun 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Hash 870483a4bf0d73648eea7aaad1469fcc
7ec6fd7c93f8ec44e4e4c614c4143c047c36fbd1
ab7c6819c298fb73eb4c97eb4febccb234faaf83494280d64db41d9dfcdd9778
GET /minkh/js/jquery-1.4.2.flp.js?20121127002 HTTP/1.1
Host: www4.53kf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: openresty
date: Thu, 25 Apr 2024 08:25:12 GMT
content-type: application/x-javascript
transfer-encoding: chunked
last-modified: Fri, 22 Feb 2013 09:00:17 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"512733a1-11875"
expires: Sun, 28 Apr 2024 08:25:12 GMT
content-encoding: gzip
set-cookie: SESSION_COOKIE=www4_1; path=/
cache-control: max-age=259200, private
drgvb59.cgdl999.vip/
0.0.0.0 0 B IP 0.0.0.0:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: drgvb59.cgdl999.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
www.saibeiip.com/images/favicon.ico?v=202304130000
0.0.0.0 0 B URL GET www.saibeiip.com/images/favicon.ico?v=202304130000
IP 0.0.0.0:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/favicon.ico?v=202304130000 HTTP/1.1
Host: www.saibeiip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://dozf.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache