| status.thawte.com/ | 192.229.221.95 | | 471 B |
IP192.229.221.95:0
Hash15b750b90b92476a1c72810d810c2c0d 4435569987b65827d826236c2bd24fdd2a12c9a0 703ba7bc4403a18aeb3a3019ac53e0cff3f55af66d8ef1e11288cad26e596766
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2414
Cache-Control: max-age=7200
Content-Type: application/ocsp-response
Date: Sat, 04 May 2024 04:08:10 GMT
Last-Modified: Sat, 04 May 2024 03:27:56 GMT
Server: ECAcc (ska/F775)
X-Cache: HIT
Content-Length: 471
|
|
| | 99.83.161.79 | 200 OK | 30 kB |
URL User Request GET HTTP/2IP99.83.161.79:443
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint30:CB:A0:E4:4D:60:C8:AA:F2:EC:B7:A5:15:46:0D:85:6A:BD:48:A1 ValidityThu, 26 Oct 2023 00:00:00 GMT - Wed, 02 Oct 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (468) Hashca95d7cf6e36cf78477b0772242b259b 19fd70044cf8ba578289339a0d59c9a405a16975 e556052da2631766fb0fbb374c5befbae8b8fd26188857bfc2bfc89b5bff6c12
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 99.83.161.79
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Date: Sat, 04 May 2024 04:08:10 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: AWSALB=mNs0nzhQ96Um8lWSbe6QHHMPezK+gHoJv+F3wq8tCmFdetINhHsk31TPHEhBSQoLolgGAuzLbucCWhIiiAwxsosq1w9DyefhD6NTUDsnunRqOzPwSIF67lC/Zedb; Expires=Sat, 11 May 2024 04:08:10 GMT; Path=/
AWSALBCORS=mNs0nzhQ96Um8lWSbe6QHHMPezK+gHoJv+F3wq8tCmFdetINhHsk31TPHEhBSQoLolgGAuzLbucCWhIiiAwxsosq1w9DyefhD6NTUDsnunRqOzPwSIF67lC/Zedb; Expires=Sat, 11 May 2024 04:08:10 GMT; Path=/; SameSite=None
JSESSIONID=D17713C257C9CEC08F3A63BE7B82841A; Path=/; HttpOnly
CLCUSTOMERSESSIONID=D17713C257C9CEC08F3A63BE7B82841A; Domain=.cyberlink.com; Expires=Mon, 04-May-2026 04:08:10 GMT; Path=/; Secure
CLCUSTOMERSHORTSESSIONID=D17713C257C9CEC08F3A63BE7B82841A; Domain=.cyberlink.com; Expires=Sat, 04-May-2024 04:38:10 GMT; Path=/; Secure
CLCUSTOMERAGENT=4D6F7A696C6C612F352E3020285831313B204C696E7578207838365F36343B2072763A39362E3029204765636B6F2F32303130303130312046697265666F782F39362E30; Domain=.cyberlink.com; Expires=Mon, 04-May-2026 04:08:10 GMT; Path=/; Secure
CLCOUNTRYCODE=NO; Domain=.cyberlink.com; Expires=Sat, 18-May-2024 04:08:10 GMT; Path=/; Secure
lang=ENU; Domain=.cyberlink.com; Expires=Fri, 02-Aug-2024 04:08:10 GMT; Path=/; Secure
CLCUSTOMERLANG=ENU; Domain=.cyberlink.com; Expires=Fri, 02-Aug-2024 04:08:10 GMT; Path=/; Secure
B-locale=en_US; Domain=.cyberlink.com; Expires=Fri, 02-Aug-2024 04:08:10 GMT; Path=/; Secure
country_lang=en_US; Domain=.cyberlink.com; Expires=Fri, 02-Aug-2024 04:08:10 GMT; Path=/; Secure
ENU_nLangIdAndLocale="1,en_US"; Version=1; Domain=.cyberlink.com; Max-Age=7776000; Expires=Fri, 02-Aug-2024 04:08:10 GMT; Path=/; Secure
CLCCE=YES; Domain=.cyberlink.com; Expires=Sat, 18-May-2024 04:08:10 GMT; Path=/; Secure
CLCCEF=YES; Domain=.cyberlink.com; Expires=Sat, 18-May-2024 04:08:10 GMT; Path=/; Secure
CLCCEDM=YES; Domain=.cyberlink.com; Expires=Sat, 18-May-2024 04:08:10 GMT; Path=/; Secure
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-FRAME-OPTIONS: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: no-store, max-age=0, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Access-Control-Allow-Headers: Content-Type
Content-Encoding: gzip
|
|
| 99.83.161.79/apple-touch-icon.png | 99.83.161.79 | 200 OK | 615 B |
URL GET HTTP/299.83.161.79/apple-touch-icon.png IP99.83.161.79:443
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint30:CB:A0:E4:4D:60:C8:AA:F2:EC:B7:A5:15:46:0D:85:6A:BD:48:A1 ValidityThu, 26 Oct 2023 00:00:00 GMT - Wed, 02 Oct 2024 23:59:59 GMT
File typePNG image data, 75 x 75, 8-bit colormap, non-interlaced Hasha2f5ecfa81010b2569a1b04145ebe053 acf11ddd74ec958fe19c66bf83c20f1f3fcffb22 916d7769cedfb76bd2cdf423c88969803d537ce219fa4173f9cc7b0189f2d4bb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /apple-touch-icon.png HTTP/1.1
Host: 99.83.161.79
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://99.83.161.79/
Cookie: AWSALB=mNs0nzhQ96Um8lWSbe6QHHMPezK+gHoJv+F3wq8tCmFdetINhHsk31TPHEhBSQoLolgGAuzLbucCWhIiiAwxsosq1w9DyefhD6NTUDsnunRqOzPwSIF67lC/Zedb; JSESSIONID=D17713C257C9CEC08F3A63BE7B82841A
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 04:08:11 GMT
Content-Type: image/png
Content-Length: 615
Connection: keep-alive
Set-Cookie: AWSALB=jYPu4UlSohtKrh30kzTV8Bzf/jIqAN1FG3xFUKZ622IPn6ZFgfecdHYt0NcWQAoyOu777uZp2GAwG6F4RmS/ROjv4XVzi7bnjWpgD9S8kbcKxy+OzAxQCxIaDlUO; Expires=Sat, 11 May 2024 04:08:11 GMT; Path=/
AWSALBCORS=jYPu4UlSohtKrh30kzTV8Bzf/jIqAN1FG3xFUKZ622IPn6ZFgfecdHYt0NcWQAoyOu777uZp2GAwG6F4RmS/ROjv4XVzi7bnjWpgD9S8kbcKxy+OzAxQCxIaDlUO; Expires=Sat, 11 May 2024 04:08:11 GMT; Path=/; SameSite=None
Server: nginx
Last-Modified: Wed, 17 Jan 2024 19:16:44 GMT
ETag: "65a8279c-267"
Expires: Sun, 04 May 2025 04:08:11 GMT
Cache-Control: max-age=31536000
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
|
|
| dl-file.cyberlink.com/web/prog/bar/img/icon_2.png | 23.36.76.170 | 200 OK | 330 B |
URL GET HTTP/1.1dl-file.cyberlink.com/web/prog/bar/img/icon_2.png IP23.36.76.170:443 ASN#20940 Akamai International B.V.
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint38:4F:58:25:5F:08:EA:F7:8F:35:ED:B7:F0:06:CA:06:07:8F:7E:84 ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 21 Jan 2025 23:59:59 GMT
File typePNG image data, 28 x 28, 8-bit colormap, non-interlaced Hashca2bc6fedbecc04c296f5e3c3df7fd5b c1067643dfecc89c12ec169d3bbf2e795ac6b843 ff243f6fdf8211281303c2be71b69b622839d1401081d05d0d1915f0f5b3ddc1
GET /web/prog/bar/img/icon_2.png HTTP/1.1
Host: dl-file.cyberlink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/png
Content-Length: 330
Last-Modified: Tue, 19 Jan 2021 07:31:32 GMT
ETag: "ca2bc6fedbecc04c296f5e3c3df7fd5b"
Access-Control-Allow-Origin: *
X-Amz-Cf-Pop: SFO5-P1
X-Amz-Cf-Id: t-BIL1EAWWEkGA10XCvM34-gZKlp3Fv2mfngcm_wiq3wNNzyKpY4_A==
Cache: HIT
Accept-Ranges: bytes
Cache-Control: max-age=405224
Expires: Wed, 08 May 2024 20:41:57 GMT
Date: Sat, 04 May 2024 04:08:13 GMT
Alt-Svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Connection: keep-alive
|
|
| dl-file.cyberlink.com/web/prog/bar/img/icon_4.png | 23.36.76.170 | 200 OK | 301 B |
URL GET HTTP/1.1dl-file.cyberlink.com/web/prog/bar/img/icon_4.png IP23.36.76.170:443 ASN#20940 Akamai International B.V.
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint38:4F:58:25:5F:08:EA:F7:8F:35:ED:B7:F0:06:CA:06:07:8F:7E:84 ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 21 Jan 2025 23:59:59 GMT
File typePNG image data, 28 x 28, 8-bit colormap, non-interlaced Hash0178e9984763560ccefc7046efa7f81a 7ccc0449f59119ea3a3f2580c281b32cf73a7395 c594c7b05c3ae667b1090830a538d671b65b98eb05efbb4cfc2fae411b7a132a
GET /web/prog/bar/img/icon_4.png HTTP/1.1
Host: dl-file.cyberlink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/png
Content-Length: 301
Last-Modified: Tue, 19 Jan 2021 07:31:34 GMT
ETag: "0178e9984763560ccefc7046efa7f81a"
Access-Control-Allow-Origin: *
X-Amz-Cf-Pop: SFO5-P1
X-Amz-Cf-Id: kz8irWkXw22zODabnGDodCJ2-Vz4UUkrdn0W8L0boHG-8RM6ut88-A==
Cache: HIT
Accept-Ranges: bytes
Cache-Control: max-age=278491
Expires: Tue, 07 May 2024 09:29:44 GMT
Date: Sat, 04 May 2024 04:08:13 GMT
Alt-Svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Connection: keep-alive
|
|
| dl-file.cyberlink.com/web/include/img/1x1.png | 23.36.76.170 | 200 OK | 70 B |
URL GET HTTP/1.1dl-file.cyberlink.com/web/include/img/1x1.png IP23.36.76.170:443 ASN#20940 Akamai International B.V.
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint38:4F:58:25:5F:08:EA:F7:8F:35:ED:B7:F0:06:CA:06:07:8F:7E:84 ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 21 Jan 2025 23:59:59 GMT
File typePNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced Hash2fd5d216fe5872a1ce1904e1f779b502 2096757a305e6718d0997c2c3481a04c1d0f330f 3ca8e619683d269e553f2aa531362a4136c4d9ae7bde328f833e9cd3e87c2997
GET /web/include/img/1x1.png HTTP/1.1
Host: dl-file.cyberlink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/png
Content-Length: 70
Last-Modified: Tue, 19 Jan 2021 06:50:50 GMT
ETag: "2fd5d216fe5872a1ce1904e1f779b502"
Access-Control-Allow-Origin: *
X-Amz-Cf-Pop: SFO5-P1
X-Amz-Cf-Id: iscJRv27FZ0Kz--tb2cgjbjvjHcs0U3Y2BaqEZuFHIsKF8jzpBv9MQ==
Cache: HIT
Accept-Ranges: bytes
Cache-Control: max-age=228036
Expires: Mon, 06 May 2024 19:28:49 GMT
Date: Sat, 04 May 2024 04:08:13 GMT
Alt-Svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Connection: keep-alive
|
|
| www.googletagmanager.com/gtag/js?id=G-WH4VL6RT9T | 142.250.74.168 | 200 OK | 106 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-WH4VL6RT9T IP142.250.74.168:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (15250) Size106 kB (106323 bytes) Hash2bff213f39241f4d396c71919582fa72 70786088b5d2cf6f9faf1a664c9462ffc9a909b7 4d817e4ec236bf5537607fba4d1b5a0c6b165bc0257244f2001f0db1b74d7eb5
GET /gtag/js?id=G-WH4VL6RT9T HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 04:08:13 GMT
expires: Sat, 04 May 2024 04:08:13 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 106323
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtm.js?id=GTM-KPMKBJ3 | 142.250.74.168 | 200 OK | 104 kB |
URL GET HTTP/2www.googletagmanager.com/gtm.js?id=GTM-KPMKBJ3 IP142.250.74.168:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (42578) Size104 kB (104041 bytes) Hashd32708123baa21a040626a126052954d 541ebc9310548e3dd136c3da88aa4f7b0f0beb3e 5c4f352a7397f496ba53a0ff32de13cde8eb466c3f4b472336d06e9d41670dce
GET /gtm.js?id=GTM-KPMKBJ3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 04:08:13 GMT
expires: Sat, 04 May 2024 04:08:13 GMT
cache-control: private, max-age=900
last-modified: Sat, 04 May 2024 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 104041
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| dl-asset.cyberlink.com/web/prog/util/web-notification/css/webpush.css | 23.36.76.136 | 200 OK | 419 B |
URL GET HTTP/1.1dl-asset.cyberlink.com/web/prog/util/web-notification/css/webpush.css IP23.36.76.136:443 ASN#20940 Akamai International B.V.
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint38:4F:58:25:5F:08:EA:F7:8F:35:ED:B7:F0:06:CA:06:07:8F:7E:84 ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 21 Jan 2025 23:59:59 GMT
File typeASCII text, with very long lines (1027), with no line terminators Hash43557c9e48ad725ed0b82bd8eaccec8f 04bb4f67d98997ec73044ff63c60ef8eff897fa5 f234a4278135f557e9d1e4a78b1f828841860988bcc6f59a00c3f1fcb2ce93f6
GET /web/prog/util/web-notification/css/webpush.css HTTP/1.1
Host: dl-asset.cyberlink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: text/css
Last-Modified: Wed, 22 Feb 2023 10:05:24 GMT
ETag: W/"43557c9e48ad725ed0b82bd8eaccec8f"
X-Amz-Storage-Class: INTELLIGENT_TIERING
Access-Control-Allow-Origin: *
X-Amz-Cf-Pop: SFO5-P1
X-Amz-Cf-Id: JCNQhV6c1JjoH1mNg2o8l5TETqtdbK2zlMU4gLgp00Cxm7nYJBMQew==
Cache: HIT
Content-Encoding: gzip
Content-Length: 419
Cache-Control: max-age=916065
Expires: Tue, 14 May 2024 18:35:58 GMT
Date: Sat, 04 May 2024 04:08:13 GMT
Alt-Svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Connection: keep-alive
Vary: Accept-Encoding
|
|
| dl-asset.cyberlink.com/web/prog/member/images/logo_socialmedia_fb.png | 23.36.76.136 | 200 OK | 1.2 kB |
URL GET HTTP/1.1dl-asset.cyberlink.com/web/prog/member/images/logo_socialmedia_fb.png IP23.36.76.136:443 ASN#20940 Akamai International B.V.
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint38:4F:58:25:5F:08:EA:F7:8F:35:ED:B7:F0:06:CA:06:07:8F:7E:84 ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 21 Jan 2025 23:59:59 GMT
File typePNG image data, 50 x 50, 8-bit colormap, non-interlaced Hash88f134857bc378fce6e519da10134944 14b7c542a65b417863ad0b997ef6b232a7b5297f 2ffbc5cbf2d3de3f5241af63fb1facdb784a307206909cfd8a1f5f4d3bb5bf74
GET /web/prog/member/images/logo_socialmedia_fb.png HTTP/1.1
Host: dl-asset.cyberlink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/png
Content-Length: 1153
Last-Modified: Thu, 19 Oct 2023 05:24:07 GMT
ETag: "88f134857bc378fce6e519da10134944"
X-Amz-Storage-Class: INTELLIGENT_TIERING
Access-Control-Allow-Origin: *
X-Amz-Cf-Pop: SFO5-P1
X-Amz-Cf-Id: 4gcXiPwQqeGIr7H8ciiosr3rWB91oo99qefQwrk4xQgOweHDT47LQg==
Cache: HIT
Accept-Ranges: bytes
Cache-Control: max-age=219871
Expires: Mon, 06 May 2024 17:12:44 GMT
Date: Sat, 04 May 2024 04:08:13 GMT
Alt-Svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Connection: keep-alive
|
|
| dl-file.cyberlink.com/web/prog/bar/img/icon_3.png | 23.36.76.170 | 200 OK | 400 B |
URL GET HTTP/1.1dl-file.cyberlink.com/web/prog/bar/img/icon_3.png IP23.36.76.170:443 ASN#20940 Akamai International B.V.
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint38:4F:58:25:5F:08:EA:F7:8F:35:ED:B7:F0:06:CA:06:07:8F:7E:84 ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 21 Jan 2025 23:59:59 GMT
File typePNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced Hashbb229781d1fad734028954eb9498039c 50ab51431f4f56f272981e2d1ccd1391aa699935 b75a638d76a81f03b7cc4f64907c997098bf0d148857b3224d7e993361ee63db
GET /web/prog/bar/img/icon_3.png HTTP/1.1
Host: dl-file.cyberlink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/png
Content-Length: 400
Last-Modified: Tue, 19 Jan 2021 07:31:33 GMT
ETag: "bb229781d1fad734028954eb9498039c"
Access-Control-Allow-Origin: *
X-Amz-Cf-Pop: SFO5-P1
X-Amz-Cf-Id: rQYHAZdBIZbrn3pWLVQAqWz5knAG1F9mtQJqyvj-MymtEq16jB270Q==
Cache: HIT
Accept-Ranges: bytes
Cache-Control: max-age=484728
Expires: Thu, 09 May 2024 18:47:01 GMT
Date: Sat, 04 May 2024 04:08:13 GMT
Connection: keep-alive
|
|
| dl-file.cyberlink.com/web/prog/bar/img/mobile_menu.png | 23.36.76.170 | 200 OK | 264 B |
URL GET HTTP/1.1dl-file.cyberlink.com/web/prog/bar/img/mobile_menu.png IP23.36.76.170:443 ASN#20940 Akamai International B.V.
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint38:4F:58:25:5F:08:EA:F7:8F:35:ED:B7:F0:06:CA:06:07:8F:7E:84 ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 21 Jan 2025 23:59:59 GMT
File typePNG image data, 30 x 20, 8-bit colormap, non-interlaced Hashfc98b70fe7fe4529d3c8fbc430da4f1b 3d06df2db000206add600c100e8b8e7ee1ab9e45 c2ed366076225165f964ac7679089425b57634edff5df6bb82ba0c8e65faa789
GET /web/prog/bar/img/mobile_menu.png HTTP/1.1
Host: dl-file.cyberlink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/png
Content-Length: 264
Last-Modified: Tue, 19 Jan 2021 07:31:56 GMT
ETag: "fc98b70fe7fe4529d3c8fbc430da4f1b"
Access-Control-Allow-Origin: *
X-Amz-Cf-Pop: SFO5-P1
X-Amz-Cf-Id: ePZAIUEzChJ-j7I3rc_R7zrsaIjKCs0x1PLwO4qFcGW9I4GYttlmGA==
Cache: HIT
Accept-Ranges: bytes
Cache-Control: max-age=713823
Expires: Sun, 12 May 2024 10:25:16 GMT
Date: Sat, 04 May 2024 04:08:13 GMT
Connection: keep-alive
|
|
| dl-file.cyberlink.com/web/prog/bar/img/icon_faceme.png?v=2 | 23.36.76.170 | 200 OK | 4.5 kB |
URL GET HTTP/1.1dl-file.cyberlink.com/web/prog/bar/img/icon_faceme.png?v=2 IP23.36.76.170:443 ASN#20940 Akamai International B.V.
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint38:4F:58:25:5F:08:EA:F7:8F:35:ED:B7:F0:06:CA:06:07:8F:7E:84 ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 21 Jan 2025 23:59:59 GMT
File typePNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced Hash3c29203ee5fef6ebc278654d711ea7b1 780a528a30e480d53f2da7702b55f51f2330bb90 75cbd465863e68f477e4b8cb6937fb05ba0ac1cb3e8e0496c39e6c4374fec55b
GET /web/prog/bar/img/icon_faceme.png?v=2 HTTP/1.1
Host: dl-file.cyberlink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/png
Content-Length: 4534
Last-Modified: Tue, 19 Jan 2021 07:31:37 GMT
ETag: "3c29203ee5fef6ebc278654d711ea7b1"
Access-Control-Allow-Origin: *
X-Amz-Cf-Pop: SFO5-P1
X-Amz-Cf-Id: nZln4lBivmGnkX9pNY926HswEkSYrx44-wNPFzmdnVaOFa3uBvGG1g==
Cache: HIT
Accept-Ranges: bytes
Cache-Control: max-age=717856
Expires: Sun, 12 May 2024 11:32:29 GMT
Date: Sat, 04 May 2024 04:08:13 GMT
Connection: keep-alive
|
|
| dl-file.cyberlink.com/web/upload-file/product/enu/2023/10/productIcon_PowerDVD_22.0_20231017203536549.png | 23.36.76.170 | 200 OK | 2.3 kB |
URL GET HTTP/1.1dl-file.cyberlink.com/web/upload-file/product/enu/2023/10/productIcon_PowerDVD_22.0_20231017203536549.png IP23.36.76.170:443 ASN#20940 Akamai International B.V.
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint38:4F:58:25:5F:08:EA:F7:8F:35:ED:B7:F0:06:CA:06:07:8F:7E:84 ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 21 Jan 2025 23:59:59 GMT
File typePNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced Hash82900cede72633a9dc969ffb5d8fee12 42159ed241bbb281e406bb542d3d8378cd2e4280 07c80f7863a451f78b8ca5ef8cafbca4b0b79ebd4e6e0d69832e0be4c539ac13
GET /web/upload-file/product/enu/2023/10/productIcon_PowerDVD_22.0_20231017203536549.png HTTP/1.1
Host: dl-file.cyberlink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/png
Content-Length: 2298
Last-Modified: Wed, 18 Oct 2023 03:35:38 GMT
ETag: "82900cede72633a9dc969ffb5d8fee12"
X-Amz-Storage-Class: INTELLIGENT_TIERING
Access-Control-Allow-Origin: *
X-Amz-Cf-Pop: SFO5-P1
X-Amz-Cf-Id: vHyLPU4sCSqohmfOr5S3_PVse5f9veIsz0VhVYsHguxEaA8XRSITOQ==
Cache: HIT
Accept-Ranges: bytes
Cache-Control: max-age=129873
Expires: Sun, 05 May 2024 16:12:46 GMT
Date: Sat, 04 May 2024 04:08:13 GMT
Alt-Svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Connection: keep-alive
|
|
| dl-file.cyberlink.com/web/prog/bar/img/logo.png | 23.36.76.170 | 200 OK | 2.4 kB |
URL GET HTTP/1.1dl-file.cyberlink.com/web/prog/bar/img/logo.png IP23.36.76.170:443 ASN#20940 Akamai International B.V.
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint38:4F:58:25:5F:08:EA:F7:8F:35:ED:B7:F0:06:CA:06:07:8F:7E:84 ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 21 Jan 2025 23:59:59 GMT
File typePNG image data, 130 x 35, 8-bit/color RGBA, non-interlaced Hash738f4078d8c946230a6fa64b9e445f70 e0f23dcb239ac53208dbf41d2a5432b0bcdc7494 39edc7ff91720205dba99d934b3fa71ced03f56a2885bc4c1346b75b323fda03
GET /web/prog/bar/img/logo.png HTTP/1.1
Host: dl-file.cyberlink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/png
Content-Length: 2370
Last-Modified: Tue, 19 Jan 2021 07:31:54 GMT
ETag: "738f4078d8c946230a6fa64b9e445f70"
Access-Control-Allow-Origin: *
X-Amz-Cf-Pop: SFO5-P1
X-Amz-Cf-Id: TMGHjki9y23wzQagvqlbwQ2aP79MXTzmWSeqmqvFz9na896OV_E_LA==
Cache: HIT
Accept-Ranges: bytes
Cache-Control: max-age=699531
Expires: Sun, 12 May 2024 06:27:04 GMT
Date: Sat, 04 May 2024 04:08:13 GMT
Alt-Svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Connection: keep-alive
|
|
| dl-asset.cyberlink.com/web/prog/member/images/logo_socialmedia_apple.png | 23.36.76.136 | 200 OK | 944 B |
URL GET HTTP/1.1dl-asset.cyberlink.com/web/prog/member/images/logo_socialmedia_apple.png IP23.36.76.136:443 ASN#20940 Akamai International B.V.
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint38:4F:58:25:5F:08:EA:F7:8F:35:ED:B7:F0:06:CA:06:07:8F:7E:84 ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 21 Jan 2025 23:59:59 GMT
File typePNG image data, 50 x 50, 8-bit colormap, non-interlaced Hash0f6849d5319ccb3954f3a7fe0b71b1f7 9d184f400c52661c10953280ee3e62cf85cf5620 cb5d24928ea64bb033d7b3ec9b346003db1d485f3fe14eab8fc7ac0bd8bfcce4
GET /web/prog/member/images/logo_socialmedia_apple.png HTTP/1.1
Host: dl-asset.cyberlink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/png
Content-Length: 944
Last-Modified: Thu, 19 Oct 2023 05:24:16 GMT
ETag: "0f6849d5319ccb3954f3a7fe0b71b1f7"
X-Amz-Storage-Class: INTELLIGENT_TIERING
Access-Control-Allow-Origin: *
X-Amz-Cf-Pop: SFO5-P1
X-Amz-Cf-Id: Xr8Nb879usjbjb1jYR2LDt2Agt6a_xHZM0AOX63RhboHTVh2rwxbBg==
Cache: HIT
Accept-Ranges: bytes
Cache-Control: max-age=202783
Expires: Mon, 06 May 2024 12:27:56 GMT
Date: Sat, 04 May 2024 04:08:13 GMT
Alt-Svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Connection: keep-alive
|
|
| dl-asset.cyberlink.com/web/prog/member/images/logo_socialmedia_google_w.png | 23.36.76.136 | 200 OK | 4.5 kB |
URL GET HTTP/1.1dl-asset.cyberlink.com/web/prog/member/images/logo_socialmedia_google_w.png IP23.36.76.136:443 ASN#20940 Akamai International B.V.
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint38:4F:58:25:5F:08:EA:F7:8F:35:ED:B7:F0:06:CA:06:07:8F:7E:84 ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 21 Jan 2025 23:59:59 GMT
File typePNG image data, 140 x 50, 8-bit/color RGBA, non-interlaced Hash86d8f386839a96f8dfe3e535d090b5e6 bc563ec69e3c2b3fe9d976b788471dc29824aea4 75fe1042cb821692648a22367cdd83b7031aea842991dfad21ed5d720cd166ce
GET /web/prog/member/images/logo_socialmedia_google_w.png HTTP/1.1
Host: dl-asset.cyberlink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/png
Content-Length: 4483
Last-Modified: Thu, 19 Oct 2023 05:20:54 GMT
ETag: "86d8f386839a96f8dfe3e535d090b5e6"
X-Amz-Storage-Class: INTELLIGENT_TIERING
Access-Control-Allow-Origin: *
X-Amz-Cf-Pop: SFO5-P1
X-Amz-Cf-Id: s_SqbxwNab_HUYDQDRHTNHxIJ4asLydpeuhcdCgzglPQhr6JL3f6zw==
Cache: HIT
Accept-Ranges: bytes
Cache-Control: max-age=230173
Expires: Mon, 06 May 2024 20:04:26 GMT
Date: Sat, 04 May 2024 04:08:13 GMT
Alt-Svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Connection: keep-alive
|
|
| 99.83.161.79/prog/bar/css/header_enu.css?v=1714744800686 | 99.83.161.79 | 200 OK | 28 kB |
URL GET HTTP/299.83.161.79/prog/bar/css/header_enu.css?v=1714744800686 IP99.83.161.79:443
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint30:CB:A0:E4:4D:60:C8:AA:F2:EC:B7:A5:15:46:0D:85:6A:BD:48:A1 ValidityThu, 26 Oct 2023 00:00:00 GMT - Wed, 02 Oct 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hash9fc885ce4fb97da5655b8a4dfeedd00e ad5d3059fc53b1a1426cf900dd08aace1b913cd3 680cc3969e628c8463c44b60e74fe3ad0cd9d27738b5530080b06fa801b21c70
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /prog/bar/css/header_enu.css?v=1714744800686 HTTP/1.1
Host: 99.83.161.79
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Cookie: AWSALB=Mn3QzRG3tz91trVAdbHWJ7fr0I1NW8fWAKDAo68JGsChydsoOvX51sXPfU5PSB4trF1pVPhqVX4w8Pexza7tK5NDjd1hXlAIqQk/7qGs4TeFDDYoDUoxCcUBozSD; JSESSIONID=D17713C257C9CEC08F3A63BE7B82841A; AWSALBCORS=Mn3QzRG3tz91trVAdbHWJ7fr0I1NW8fWAKDAo68JGsChydsoOvX51sXPfU5PSB4trF1pVPhqVX4w8Pexza7tK5NDjd1hXlAIqQk/7qGs4TeFDDYoDUoxCcUBozSD
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 04:08:13 GMT
content-type: text/css
set-cookie: AWSALB=A+ubKzBphvtccJQ7b3KZO1Iz6eQroVLE7ITDv6PCWX4cD+EjlcUfZyWR9mmSpzkccCLN1/kilvfEn+2qZ3sXJ5BLru8KZ5VECQ2cGT20gK84YPLx8NmPcxOvVnAs; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/
AWSALBCORS=A+ubKzBphvtccJQ7b3KZO1Iz6eQroVLE7ITDv6PCWX4cD+EjlcUfZyWR9mmSpzkccCLN1/kilvfEn+2qZ3sXJ5BLru8KZ5VECQ2cGT20gK84YPLx8NmPcxOvVnAs; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Fri, 03 May 2024 13:42:08 GMT
etag: W/"6634e9b0-ae6c"
expires: Sun, 04 May 2025 04:08:13 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| dl-asset.cyberlink.com/web/include/css/bootstrap-icons/1.4.1/fonts/bootstrap-icons.woff2?231ce25e89ab5804f9a6c427b8d325c9 | 23.36.76.136 | 200 OK | 85 kB |
URL GET HTTP/3dl-asset.cyberlink.com/web/include/css/bootstrap-icons/1.4.1/fonts/bootstrap-icons.woff2?231ce25e89ab5804f9a6c427b8d325c9 IP23.36.76.136:443 ASN#20940 Akamai International B.V.
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint38:4F:58:25:5F:08:EA:F7:8F:35:ED:B7:F0:06:CA:06:07:8F:7E:84 ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 21 Jan 2025 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 85120, version 1.0 Hash638b6203b5126378173b7b45137b6af7 ed167d335e2e0cb00a82f2d7367f05cb4d6557cf 83ff8bf521e8844e2ce560ff8d4e2beca0be44cb3c7a361729fa555c647cff60
GET /web/include/css/bootstrap-icons/1.4.1/fonts/bootstrap-icons.woff2?231ce25e89ab5804f9a6c427b8d325c9 HTTP/1.1
Host: dl-asset.cyberlink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://99.83.161.79
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
server: nginx
content-type: application/octet-stream
content-length: 85120
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Wed, 23 Nov 2022 02:30:19 GMT
etag: "638b6203b5126378173b7b45137b6af7"
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-cf-pop: SFO5-P1
x-amz-cf-id: kYBf4tHKIWDKWk8kvW9vecuU8zbzh1J4OzbUUarvQRczWqzMSYgCPA==
cache: HIT
accept-ranges: bytes
cache-control: max-age=1065314
expires: Thu, 16 May 2024 12:03:27 GMT
date: Sat, 04 May 2024 04:08:13 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
quic-version: 0x00000001
|
|
| 99.83.161.79/include/js/header.js?v=1714744800689 | 99.83.161.79 | 200 OK | 25 kB |
URL GET HTTP/299.83.161.79/include/js/header.js?v=1714744800689 IP99.83.161.79:443
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint30:CB:A0:E4:4D:60:C8:AA:F2:EC:B7:A5:15:46:0D:85:6A:BD:48:A1 ValidityThu, 26 Oct 2023 00:00:00 GMT - Wed, 02 Oct 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hash36e0a1a8edcdc300e81eb3d644ac31e0 7ad7fbc34ee0655b3942332235d5499716ad6465 b69c90f66bb59f751ab13df15ecfdd9f8a14cb162562a2207047cd30692bd049
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /include/js/header.js?v=1714744800689 HTTP/1.1
Host: 99.83.161.79
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Cookie: AWSALB=Mn3QzRG3tz91trVAdbHWJ7fr0I1NW8fWAKDAo68JGsChydsoOvX51sXPfU5PSB4trF1pVPhqVX4w8Pexza7tK5NDjd1hXlAIqQk/7qGs4TeFDDYoDUoxCcUBozSD; JSESSIONID=D17713C257C9CEC08F3A63BE7B82841A; AWSALBCORS=Mn3QzRG3tz91trVAdbHWJ7fr0I1NW8fWAKDAo68JGsChydsoOvX51sXPfU5PSB4trF1pVPhqVX4w8Pexza7tK5NDjd1hXlAIqQk/7qGs4TeFDDYoDUoxCcUBozSD
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 04:08:13 GMT
content-type: application/javascript
set-cookie: AWSALB=VnuErmrdJQo/is9ZCPnhbTu7uCIYTQt4J/FNoFrqonJKCOonp/jVyoI9QWi6C1PX8scSy3nrG5sTTIJ0VTLmStt/ERDQ4aXfdrLFYJdqm2mdkIC188N7drd8Usu0; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/
AWSALBCORS=VnuErmrdJQo/is9ZCPnhbTu7uCIYTQt4J/FNoFrqonJKCOonp/jVyoI9QWi6C1PX8scSy3nrG5sTTIJ0VTLmStt/ERDQ4aXfdrLFYJdqm2mdkIC188N7drd8Usu0; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Fri, 03 May 2024 13:42:36 GMT
etag: W/"6634e9cc-2427"
expires: Sun, 04 May 2025 04:08:13 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 99.83.161.79/include/js/jquery.responsive.bp.js | 99.83.161.79 | 200 OK | 24 kB |
URL GET HTTP/299.83.161.79/include/js/jquery.responsive.bp.js IP99.83.161.79:443
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint30:CB:A0:E4:4D:60:C8:AA:F2:EC:B7:A5:15:46:0D:85:6A:BD:48:A1 ValidityThu, 26 Oct 2023 00:00:00 GMT - Wed, 02 Oct 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hashfe2d2d93fcb36f4581ef09c3c948c50b c02dbd4354d7c3a9307c3ee1071c23d03b5c3cf1 5b19d2939cf4e8b4f7d1e8a321cc635339d145b7a873ef28f99b6446401c9f68
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /include/js/jquery.responsive.bp.js HTTP/1.1
Host: 99.83.161.79
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Cookie: AWSALB=Mn3QzRG3tz91trVAdbHWJ7fr0I1NW8fWAKDAo68JGsChydsoOvX51sXPfU5PSB4trF1pVPhqVX4w8Pexza7tK5NDjd1hXlAIqQk/7qGs4TeFDDYoDUoxCcUBozSD; JSESSIONID=D17713C257C9CEC08F3A63BE7B82841A; AWSALBCORS=Mn3QzRG3tz91trVAdbHWJ7fr0I1NW8fWAKDAo68JGsChydsoOvX51sXPfU5PSB4trF1pVPhqVX4w8Pexza7tK5NDjd1hXlAIqQk/7qGs4TeFDDYoDUoxCcUBozSD
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 04:08:13 GMT
content-type: application/javascript
set-cookie: AWSALB=DLPu8U4dkyxEzWLW1sHHYhZpfyzscXf05onh54nGyFVfOXjmJO9Pk6SswUq8yRP71WygiHfoZ3mrJAHVfK8PVrp7o5JO29vfSsEiVB8PaMOS0k85QLjk010bsStF; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/
AWSALBCORS=DLPu8U4dkyxEzWLW1sHHYhZpfyzscXf05onh54nGyFVfOXjmJO9Pk6SswUq8yRP71WygiHfoZ3mrJAHVfK8PVrp7o5JO29vfSsEiVB8PaMOS0k85QLjk010bsStF; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Fri, 03 May 2024 13:42:44 GMT
etag: W/"6634e9d4-1800"
expires: Sun, 04 May 2025 04:08:13 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| dl-asset.cyberlink.com/web/include/css/font-awesome/5.2.0/webfonts/fa-brands-400.woff2 | 23.36.76.136 | 200 OK | 64 kB |
URL GET HTTP/3dl-asset.cyberlink.com/web/include/css/font-awesome/5.2.0/webfonts/fa-brands-400.woff2 IP23.36.76.136:443 ASN#20940 Akamai International B.V.
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint38:4F:58:25:5F:08:EA:F7:8F:35:ED:B7:F0:06:CA:06:07:8F:7E:84 ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 21 Jan 2025 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 64144, version 1.0 Hash6814d0e8136d34e313623eb7129d538e d902f8db3e021155f177f698a252fb98d6e61768 4d0130d314f1669c9ea5a911d401d6250f96386a52b0c38f7b3fb43cdcd10589
GET /web/include/css/font-awesome/5.2.0/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: dl-asset.cyberlink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://99.83.161.79
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
server: nginx
content-type: application/octet-stream
content-length: 64144
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Wed, 23 Nov 2022 02:51:34 GMT
etag: "6814d0e8136d34e313623eb7129d538e"
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-cf-pop: SFO5-P1
x-amz-cf-id: 3b2WN72LQDz_YVbovEFS6u_ZGK35gqI1Jivk45U42QtYEfG8T-XdSg==
cache: HIT
accept-ranges: bytes
cache-control: max-age=464314
expires: Thu, 09 May 2024 13:06:47 GMT
date: Sat, 04 May 2024 04:08:13 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
quic-version: 0x00000001
|
|
| 99.83.161.79/include/js/jquery-3.5.1.min.js | 99.83.161.79 | 200 OK | 98 kB |
URL GET HTTP/299.83.161.79/include/js/jquery-3.5.1.min.js IP99.83.161.79:443
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint30:CB:A0:E4:4D:60:C8:AA:F2:EC:B7:A5:15:46:0D:85:6A:BD:48:A1 ValidityThu, 26 Oct 2023 00:00:00 GMT - Wed, 02 Oct 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hashd97a23d562a1770149dbff11e2850b90 62b3ffde82ca94a283b2d07a65d2e65728573fad 7c54fcd685b7f8e5bbee5b9da77ff0cfd5cdcb486f72d0747d7f42ea048c0611
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /include/js/jquery-3.5.1.min.js HTTP/1.1
Host: 99.83.161.79
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Cookie: AWSALB=Mn3QzRG3tz91trVAdbHWJ7fr0I1NW8fWAKDAo68JGsChydsoOvX51sXPfU5PSB4trF1pVPhqVX4w8Pexza7tK5NDjd1hXlAIqQk/7qGs4TeFDDYoDUoxCcUBozSD; JSESSIONID=D17713C257C9CEC08F3A63BE7B82841A; AWSALBCORS=Mn3QzRG3tz91trVAdbHWJ7fr0I1NW8fWAKDAo68JGsChydsoOvX51sXPfU5PSB4trF1pVPhqVX4w8Pexza7tK5NDjd1hXlAIqQk/7qGs4TeFDDYoDUoxCcUBozSD
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 04:08:13 GMT
content-type: application/javascript
set-cookie: AWSALB=vwzM0o+/XL2prUBz3fxHl0x07mpkO75aUfBBeh0xR7sRwArAEX9zBU3SA3C2otksY9c1Lfhnhe7huDZpn3adrIrU2l8a8HxgKtDeMKelSaBfPVRPs0WcmT9x+/0s; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/
AWSALBCORS=vwzM0o+/XL2prUBz3fxHl0x07mpkO75aUfBBeh0xR7sRwArAEX9zBU3SA3C2otksY9c1Lfhnhe7huDZpn3adrIrU2l8a8HxgKtDeMKelSaBfPVRPs0WcmT9x+/0s; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Wed, 17 Jan 2024 19:16:46 GMT
etag: W/"65a8279e-15d84"
expires: Sun, 04 May 2025 04:08:13 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| dl-file.cyberlink.com/web/upload-file/common/banner/enu/2024/4/NewHomepage-Spotlight_Promeo_8.0_20240404120246170.jpg | 23.36.76.170 | 200 OK | 99 kB |
URL GET HTTP/3dl-file.cyberlink.com/web/upload-file/common/banner/enu/2024/4/NewHomepage-Spotlight_Promeo_8.0_20240404120246170.jpg IP23.36.76.170:443 ASN#20940 Akamai International B.V.
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint38:4F:58:25:5F:08:EA:F7:8F:35:ED:B7:F0:06:CA:06:07:8F:7E:84 ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 21 Jan 2025 23:59:59 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 540x300, components 3 Hash75d6eaf30b479200cbf660f8fe10f839 8c77663fc4e1db3c19c20339be42f60a9e062e87 5e54abd859d4d83f2fd6b88f158c171941b0fd003f9515e792c293641f5c454c
GET /web/upload-file/common/banner/enu/2024/4/NewHomepage-Spotlight_Promeo_8.0_20240404120246170.jpg HTTP/1.1
Host: dl-file.cyberlink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
server: nginx
content-type: image/jpeg
content-length: 98672
last-modified: Thu, 04 Apr 2024 19:02:47 GMT
etag: "75d6eaf30b479200cbf660f8fe10f839"
x-amz-storage-class: INTELLIGENT_TIERING
access-control-allow-origin: *
x-amz-cf-pop: SFO5-P1
x-amz-cf-id: WLuYtbJi0N1qSOHHLUqsypqMdce23yUwd_gGxJhyW4aIEPRoznJeBg==
cache: HIT
accept-ranges: bytes
cache-control: max-age=607580
expires: Sat, 11 May 2024 04:54:33 GMT
date: Sat, 04 May 2024 04:08:13 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
quic-version: 0x00000001
|
|
| 99.83.161.79/prog/bar/img/dropdown_bg.png | 99.83.161.79 | 200 OK | 125 B |
URL GET HTTP/299.83.161.79/prog/bar/img/dropdown_bg.png IP99.83.161.79:443
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint30:CB:A0:E4:4D:60:C8:AA:F2:EC:B7:A5:15:46:0D:85:6A:BD:48:A1 ValidityThu, 26 Oct 2023 00:00:00 GMT - Wed, 02 Oct 2024 23:59:59 GMT
File typePNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced Hashcfbb73ac3f411fd192475844b8e8e6db b2303d9e239b22a1594c36f0bd17aae2f457cf90 9ec2fc3302293a5c191ca0e2416697358fd45a7d70ffb28d076771f5492b288d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /prog/bar/img/dropdown_bg.png HTTP/1.1
Host: 99.83.161.79
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/prog/bar/css/header_enu.css?v=1714744800686
Cookie: AWSALB=TzetCR8P2JlmlGYPRaThk1lKXx2xAw1mboj4v7O8IKQCyF9m+5XpVS9OAmXr1MNq4RyZUSvOZHjlO2TI1SAeI1Os2ajgp+pMcav6EnJUncDQHEFZSAy1mutZ0r2T; JSESSIONID=D17713C257C9CEC08F3A63BE7B82841A; AWSALBCORS=TzetCR8P2JlmlGYPRaThk1lKXx2xAw1mboj4v7O8IKQCyF9m+5XpVS9OAmXr1MNq4RyZUSvOZHjlO2TI1SAeI1Os2ajgp+pMcav6EnJUncDQHEFZSAy1mutZ0r2T
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 04:08:13 GMT
content-type: image/png
content-length: 125
set-cookie: AWSALB=55QkTYJ/JABb7FLrNcPsTxiSDxr6OlVrqewS8ns4NB2qBViCBI0Siq8Rkv77IVPs5pCrBoZQvODUYQ9XQofSdCJxlV15hCn5wcs0ApIK+CkLkO8TXlbwNRwqAaSD; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/
AWSALBCORS=55QkTYJ/JABb7FLrNcPsTxiSDxr6OlVrqewS8ns4NB2qBViCBI0Siq8Rkv77IVPs5pCrBoZQvODUYQ9XQofSdCJxlV15hCn5wcs0ApIK+CkLkO8TXlbwNRwqAaSD; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Wed, 17 Jan 2024 19:16:46 GMT
etag: "65a8279e-7d"
expires: Sun, 04 May 2025 04:08:13 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 99.83.161.79/prog/bar/img/winos.svg | 99.83.161.79 | 200 OK | 679 B |
URL GET HTTP/299.83.161.79/prog/bar/img/winos.svg IP99.83.161.79:443
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint30:CB:A0:E4:4D:60:C8:AA:F2:EC:B7:A5:15:46:0D:85:6A:BD:48:A1 ValidityThu, 26 Oct 2023 00:00:00 GMT - Wed, 02 Oct 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash781c09a37ce67d7c60da5ef3311dcb08 ccdb61f3d62963dd5f316b5163a20b9a6373220e 17ca5a7db7752d7301be051a5940911ee505c68f6e922fc94fef9f71d1a0593e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /prog/bar/img/winos.svg HTTP/1.1
Host: 99.83.161.79
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/prog/bar/css/header_enu.css?v=1714744800686
Cookie: AWSALB=TzetCR8P2JlmlGYPRaThk1lKXx2xAw1mboj4v7O8IKQCyF9m+5XpVS9OAmXr1MNq4RyZUSvOZHjlO2TI1SAeI1Os2ajgp+pMcav6EnJUncDQHEFZSAy1mutZ0r2T; JSESSIONID=D17713C257C9CEC08F3A63BE7B82841A; AWSALBCORS=TzetCR8P2JlmlGYPRaThk1lKXx2xAw1mboj4v7O8IKQCyF9m+5XpVS9OAmXr1MNq4RyZUSvOZHjlO2TI1SAeI1Os2ajgp+pMcav6EnJUncDQHEFZSAy1mutZ0r2T
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 04:08:13 GMT
content-type: image/svg+xml
content-length: 679
set-cookie: AWSALB=iyFIMQbucV1qqptQVHjnt2CGxWD60S5oa0F5ME3lRrfcaPY4lycqzz94uSjbejCCRsGHQmy4de2aqasUIgmwMiOzbPvlK2RnloBui+boRsREtbB4uavBPtfpvfV8; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/
AWSALBCORS=iyFIMQbucV1qqptQVHjnt2CGxWD60S5oa0F5ME3lRrfcaPY4lycqzz94uSjbejCCRsGHQmy4de2aqasUIgmwMiOzbPvlK2RnloBui+boRsREtbB4uavBPtfpvfV8; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Wed, 17 Jan 2024 19:16:46 GMT
etag: "65a8279e-2a7"
expires: Sun, 04 May 2025 04:08:13 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| dl-file.cyberlink.com/web/upload-file/common/banner/enu/2024/3/NewHomepage-TopBanner_PowerDirector-365_22.0_20240315121748702.mp4 | 23.36.76.170 | 206 Partial Content | 2.0 MB |
URL GET HTTP/3dl-file.cyberlink.com/web/upload-file/common/banner/enu/2024/3/NewHomepage-TopBanner_PowerDirector-365_22.0_20240315121748702.mp4 IP23.36.76.170:443 ASN#20940 Akamai International B.V.
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint38:4F:58:25:5F:08:EA:F7:8F:35:ED:B7:F0:06:CA:06:07:8F:7E:84 ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 21 Jan 2025 23:59:59 GMT
File typeISO Media, MP4 Base Media v1 [ISO 14496-12:2003] Size2.0 MB (1981483 bytes) Hash4cf24e7b6e538f10a870a87a6006c63f 1d28ae1ba08d6e6569222f975648d90ba1295e14 a891bda27872e762c892a46944a9bd31bb74b078d5d33100b525a1cbac4c42b8
GET /web/upload-file/common/banner/enu/2024/3/NewHomepage-TopBanner_PowerDirector-365_22.0_20240315121748702.mp4 HTTP/1.1
Host: dl-file.cyberlink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 206 Partial Content
server: nginx
content-type: video/mp4
last-modified: Fri, 15 Mar 2024 19:17:49 GMT
etag: "4cf24e7b6e538f10a870a87a6006c63f"
x-amz-storage-class: INTELLIGENT_TIERING
access-control-allow-origin: *
x-amz-cf-pop: SFO5-P1
x-amz-cf-id: ThIxrI-mUGX9PMrjmYQumqnPFGbH3y8JvzWl3g00KSeXbeE7St4XRA==
cache: HIT
accept-ranges: bytes
content-range: bytes 0-1981482/1981483
content-length: 1981483
cache-control: max-age=684561
expires: Sun, 12 May 2024 02:17:34 GMT
date: Sat, 04 May 2024 04:08:13 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
quic-version: 0x00000001
|
|
| 99.83.161.79/include/js/bootstrap.modal.3.3.min.js | 99.83.161.79 | 200 OK | 2.5 kB |
URL GET HTTP/299.83.161.79/include/js/bootstrap.modal.3.3.min.js IP99.83.161.79:443
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint30:CB:A0:E4:4D:60:C8:AA:F2:EC:B7:A5:15:46:0D:85:6A:BD:48:A1 ValidityThu, 26 Oct 2023 00:00:00 GMT - Wed, 02 Oct 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hashc078b2ba9db0c45e46d8e1e658959b4e f46cdbeed1d3b02317a63b52eabee6e6aa10f695 a96a4297c6a209907af1d06d53095e93167bb484726d0e2c2bf5228e28438581
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /include/js/bootstrap.modal.3.3.min.js HTTP/1.1
Host: 99.83.161.79
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Cookie: AWSALB=Mn3QzRG3tz91trVAdbHWJ7fr0I1NW8fWAKDAo68JGsChydsoOvX51sXPfU5PSB4trF1pVPhqVX4w8Pexza7tK5NDjd1hXlAIqQk/7qGs4TeFDDYoDUoxCcUBozSD; JSESSIONID=D17713C257C9CEC08F3A63BE7B82841A; AWSALBCORS=Mn3QzRG3tz91trVAdbHWJ7fr0I1NW8fWAKDAo68JGsChydsoOvX51sXPfU5PSB4trF1pVPhqVX4w8Pexza7tK5NDjd1hXlAIqQk/7qGs4TeFDDYoDUoxCcUBozSD
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 04:08:13 GMT
content-type: application/javascript
set-cookie: AWSALB=7XXiIgaRZ4/8fzEFvHhZ2Iu8VNtWDbkf/sfJW0l/Df7kntf1kmGPPoo+v5fmM+ThvS/vAdzLBQABfls7bDo495/kpahKzJZqmTs0grnYJDII1VjEmz9JedDfJApC; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/
AWSALBCORS=7XXiIgaRZ4/8fzEFvHhZ2Iu8VNtWDbkf/sfJW0l/Df7kntf1kmGPPoo+v5fmM+ThvS/vAdzLBQABfls7bDo495/kpahKzJZqmTs0grnYJDII1VjEmz9JedDfJApC; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Wed, 17 Jan 2024 19:16:46 GMT
etag: W/"65a8279e-19c9"
expires: Sun, 04 May 2025 04:08:13 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 99.83.161.79/api/system/page-track | 99.83.161.79 | 403 Forbidden | 118 B |
URL POST HTTP/299.83.161.79/api/system/page-track IP99.83.161.79:443
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint30:CB:A0:E4:4D:60:C8:AA:F2:EC:B7:A5:15:46:0D:85:6A:BD:48:A1 ValidityThu, 26 Oct 2023 00:00:00 GMT - Wed, 02 Oct 2024 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashbad2e8579dcdb79399aac2064216a37d 7771e4d9c60e02ce2246b5d71bb23f92b9fb8a90 58bf2215b395dcac74c009aa98701854e43cbe54a1cd3a95fee6a647ca9910d4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /api/system/page-track HTTP/1.1
Host: 99.83.161.79
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://99.83.161.79/
Content-Type: multipart/form-data; boundary=---------------------------302082834825540713413758901279
Content-Length: 514
Origin: https://99.83.161.79
DNT: 1
Connection: keep-alive
Cookie: AWSALB=iyFIMQbucV1qqptQVHjnt2CGxWD60S5oa0F5ME3lRrfcaPY4lycqzz94uSjbejCCRsGHQmy4de2aqasUIgmwMiOzbPvlK2RnloBui+boRsREtbB4uavBPtfpvfV8; JSESSIONID=D17713C257C9CEC08F3A63BE7B82841A; AWSALBCORS=iyFIMQbucV1qqptQVHjnt2CGxWD60S5oa0F5ME3lRrfcaPY4lycqzz94uSjbejCCRsGHQmy4de2aqasUIgmwMiOzbPvlK2RnloBui+boRsREtbB4uavBPtfpvfV8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 403 Forbidden
server: awselb/2.0
date: Sat, 04 May 2024 04:08:14 GMT
content-type: text/html
content-length: 118
X-Firefox-Spdy: h2
|
|
| 99.83.161.79/prog/bar/css/footer_languageMenu.css?v=1714744800692 | 99.83.161.79 | 200 OK | 22 kB |
URL GET HTTP/299.83.161.79/prog/bar/css/footer_languageMenu.css?v=1714744800692 IP99.83.161.79:443
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint30:CB:A0:E4:4D:60:C8:AA:F2:EC:B7:A5:15:46:0D:85:6A:BD:48:A1 ValidityThu, 26 Oct 2023 00:00:00 GMT - Wed, 02 Oct 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hash6a6162bd7fff0d9d18858998b71b6c72 737540502066b262de36b603354972f38b1dd13e 3dc5937b8870144d7480aa3c5ca7ed93f35d6b2f3e0adeb1ae95ecb4e811f59b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /prog/bar/css/footer_languageMenu.css?v=1714744800692 HTTP/1.1
Host: 99.83.161.79
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Cookie: AWSALB=iyFIMQbucV1qqptQVHjnt2CGxWD60S5oa0F5ME3lRrfcaPY4lycqzz94uSjbejCCRsGHQmy4de2aqasUIgmwMiOzbPvlK2RnloBui+boRsREtbB4uavBPtfpvfV8; JSESSIONID=D17713C257C9CEC08F3A63BE7B82841A; AWSALBCORS=iyFIMQbucV1qqptQVHjnt2CGxWD60S5oa0F5ME3lRrfcaPY4lycqzz94uSjbejCCRsGHQmy4de2aqasUIgmwMiOzbPvlK2RnloBui+boRsREtbB4uavBPtfpvfV8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 04:08:13 GMT
content-type: text/css
set-cookie: AWSALB=yVerJ5vQcTCq4palPEKWq2TZGn2NUBL+ERN6jHwhHFC5R7F/HP/5l16NFRyMzWt5yqMZzyha4edxxnbKiOmjxydAwsjM4NnYlVq5EgRIblfrSQdMF32WnQf8s7tS; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/
AWSALBCORS=yVerJ5vQcTCq4palPEKWq2TZGn2NUBL+ERN6jHwhHFC5R7F/HP/5l16NFRyMzWt5yqMZzyha4edxxnbKiOmjxydAwsjM4NnYlVq5EgRIblfrSQdMF32WnQf8s7tS; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Fri, 03 May 2024 13:42:08 GMT
etag: W/"6634e9b0-e9a"
expires: Sun, 04 May 2025 04:08:13 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| dl-asset.cyberlink.com/web/prog/bar/css/font/k3k702ZOKiLJc3WVjuplzHhCUOGz7vYGh680lGh-uXM.woff | 23.36.76.136 | 200 OK | 21 kB |
URL GET HTTP/3dl-asset.cyberlink.com/web/prog/bar/css/font/k3k702ZOKiLJc3WVjuplzHhCUOGz7vYGh680lGh-uXM.woff IP23.36.76.136:443 ASN#20940 Akamai International B.V.
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint38:4F:58:25:5F:08:EA:F7:8F:35:ED:B7:F0:06:CA:06:07:8F:7E:84 ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 21 Jan 2025 23:59:59 GMT
File typeWeb Open Font Format, TrueType, length 21272, version 1.1 Hash51e97884d76e946a3312b3c842ef0c55 f40a2d8c5e038c4dd2846c33547b41d0a195876d 7321676b42f78a15ae4f423ec222b5f8d8e433000d2ae4b97804f8e60d9d51aa
GET /web/prog/bar/css/font/k3k702ZOKiLJc3WVjuplzHhCUOGz7vYGh680lGh-uXM.woff HTTP/1.1
Host: dl-asset.cyberlink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://99.83.161.79
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
server: nginx
content-type: font/woff
content-length: 21272
last-modified: Tue, 17 Oct 2023 05:26:33 GMT
etag: "51e97884d76e946a3312b3c842ef0c55"
x-amz-storage-class: INTELLIGENT_TIERING
access-control-allow-origin: *
x-amz-cf-pop: SFO5-P1
x-amz-cf-id: A9Lvh51nkFknxoAbDZtT2yd1qkxVtj5PE8XITb5Cp3ZCTJuThzESqA==
cache: HIT
accept-ranges: bytes
cache-control: max-age=346639
expires: Wed, 08 May 2024 04:25:33 GMT
date: Sat, 04 May 2024 04:08:14 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
quic-version: 0x00000001
|
|
| dl-asset.cyberlink.com/web/prog/bar/css/font/MTP_ySUJH_bn48VBG8sNSnhCUOGz7vYGh680lGh-uXM.woff | 23.36.76.136 | 200 OK | 22 kB |
URL GET HTTP/3dl-asset.cyberlink.com/web/prog/bar/css/font/MTP_ySUJH_bn48VBG8sNSnhCUOGz7vYGh680lGh-uXM.woff IP23.36.76.136:443 ASN#20940 Akamai International B.V.
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint38:4F:58:25:5F:08:EA:F7:8F:35:ED:B7:F0:06:CA:06:07:8F:7E:84 ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 21 Jan 2025 23:59:59 GMT
File typeWeb Open Font Format, TrueType, length 21704, version 1.1 Hasha032a907b90f136788e746d0428a0359 0b4fc6d4fe1bd7e0f8f5c87dae50ad1a43351b67 2a354649f57a81405daccfd6b5785da5f73ba638f2db591992cb7b739dac3135
GET /web/prog/bar/css/font/MTP_ySUJH_bn48VBG8sNSnhCUOGz7vYGh680lGh-uXM.woff HTTP/1.1
Host: dl-asset.cyberlink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://99.83.161.79
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
server: nginx
content-type: font/woff
content-length: 21704
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Tue, 17 Oct 2023 05:26:18 GMT
etag: "a032a907b90f136788e746d0428a0359"
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-cf-pop: SFO5-P1
x-amz-cf-id: hb-ZK1vV6LQLyHANizcHyOwXJOEkHxVuKXKb0XqrxqnRO2naiItijA==
cache: HIT
accept-ranges: bytes
cache-control: max-age=696552
expires: Sun, 12 May 2024 05:37:26 GMT
date: Sat, 04 May 2024 04:08:14 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
quic-version: 0x00000001
|
|
| 99.83.161.79/include/css/jquery.responsive.bp.css | 99.83.161.79 | 200 OK | 14 kB |
URL GET HTTP/299.83.161.79/include/css/jquery.responsive.bp.css IP99.83.161.79:443
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint30:CB:A0:E4:4D:60:C8:AA:F2:EC:B7:A5:15:46:0D:85:6A:BD:48:A1 ValidityThu, 26 Oct 2023 00:00:00 GMT - Wed, 02 Oct 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (35568) Hash0aa594d95b638ab1e01fa84c552796eb c5546fb144a3a35b14bfde5616482fae343b0fa6 1aa656128f8957d289c0936d9d93e0ba5beaa79c2eee11aeba2e07828da1c709
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /include/css/jquery.responsive.bp.css HTTP/1.1
Host: 99.83.161.79
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Cookie: AWSALB=TzetCR8P2JlmlGYPRaThk1lKXx2xAw1mboj4v7O8IKQCyF9m+5XpVS9OAmXr1MNq4RyZUSvOZHjlO2TI1SAeI1Os2ajgp+pMcav6EnJUncDQHEFZSAy1mutZ0r2T; JSESSIONID=D17713C257C9CEC08F3A63BE7B82841A; AWSALBCORS=TzetCR8P2JlmlGYPRaThk1lKXx2xAw1mboj4v7O8IKQCyF9m+5XpVS9OAmXr1MNq4RyZUSvOZHjlO2TI1SAeI1Os2ajgp+pMcav6EnJUncDQHEFZSAy1mutZ0r2T
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 04:08:13 GMT
content-type: text/css
set-cookie: AWSALB=dfjf56FtaauDh4IF+neZHbf1CtfmcEaOMSo3JO9Osr/jdT2gAk9adgwlHsIzaY+32YGFm7bMes5tA3WBgZwM8tjVMaG7v1WR1J8TLPRIp0+UwoedNKkbNyswsTPr; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/
AWSALBCORS=dfjf56FtaauDh4IF+neZHbf1CtfmcEaOMSo3JO9Osr/jdT2gAk9adgwlHsIzaY+32YGFm7bMes5tA3WBgZwM8tjVMaG7v1WR1J8TLPRIp0+UwoedNKkbNyswsTPr; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Fri, 03 May 2024 13:42:10 GMT
etag: W/"6634e9b2-2b54"
expires: Sun, 04 May 2025 04:08:13 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| dl-file.cyberlink.com/web/upload-file/product/enu/2023/5/productIcon_v2_Promeo_6.0_20230529001910186.png | 23.36.76.170 | 200 OK | 8.9 kB |
URL GET HTTP/3dl-file.cyberlink.com/web/upload-file/product/enu/2023/5/productIcon_v2_Promeo_6.0_20230529001910186.png IP23.36.76.170:443 ASN#20940 Akamai International B.V.
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint38:4F:58:25:5F:08:EA:F7:8F:35:ED:B7:F0:06:CA:06:07:8F:7E:84 ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 21 Jan 2025 23:59:59 GMT
File typePNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced Hash70ebff73d10171810ac56e7df65a0669 1cd51f0b9a36d274516d6b81abcb89b6d939ed30 72d5f57528a0755e25ae152771b414b79beab0d1769f1b4b7904c58e45ab8a74
GET /web/upload-file/product/enu/2023/5/productIcon_v2_Promeo_6.0_20230529001910186.png HTTP/1.1
Host: dl-file.cyberlink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
server: nginx
content-type: image/png
content-length: 8895
last-modified: Mon, 29 May 2023 07:19:11 GMT
etag: "70ebff73d10171810ac56e7df65a0669"
x-amz-storage-class: INTELLIGENT_TIERING
access-control-allow-origin: *
x-amz-cf-pop: SFO5-P1
x-amz-cf-id: EDq44Drw6PmrZevRnrY_GdJyq3Y2zrBEni_T8YZOCxfAzvo9WBgaaw==
cache: HIT
accept-ranges: bytes
cache-control: max-age=764121
expires: Mon, 13 May 2024 00:23:35 GMT
date: Sat, 04 May 2024 04:08:14 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
quic-version: 0x00000001
|
|
| www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-WH4VL6RT9T&cid=658557420.1714795694>m=45je4510v892615318za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=2094858373 | 142.250.74.163 | 200 OK | 42 B |
URL GET HTTP/2www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-WH4VL6RT9T&cid=658557420.1714795694>m=45je4510v892615318za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=2094858373 IP142.250.74.163:443
CertificateIssuerGoogle Trust Services LLC Subject*.google.no Fingerprint7D:68:6D:B1:32:34:52:51:20:C9:53:FF:B9:B7:8F:7E:05:F9:F5:97 ValidityTue, 16 Apr 2024 04:31:00 GMT - Tue, 09 Jul 2024 04:30:59 GMT
File typeGIF image data, version 89a, 1 x 1 Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-WH4VL6RT9T&cid=658557420.1714795694>m=45je4510v892615318za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=2094858373 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 04 May 2024 04:08:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 99.83.161.79/prog/bar/js/_footer_create.js?v=1714744800693 | 99.83.161.79 | 200 OK | 15 kB |
URL GET HTTP/299.83.161.79/prog/bar/js/_footer_create.js?v=1714744800693 IP99.83.161.79:443
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint30:CB:A0:E4:4D:60:C8:AA:F2:EC:B7:A5:15:46:0D:85:6A:BD:48:A1 ValidityThu, 26 Oct 2023 00:00:00 GMT - Wed, 02 Oct 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hash92ab1e86ed93a48540792bcd59a8abdf 643d70586e8842b446ab92d3e65b65e0e372f696 b0bb7ffac73e5df800d5a709611429c2899b84341567a80c8193c3b2abffa2cc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /prog/bar/js/_footer_create.js?v=1714744800693 HTTP/1.1
Host: 99.83.161.79
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Cookie: AWSALB=Mn3QzRG3tz91trVAdbHWJ7fr0I1NW8fWAKDAo68JGsChydsoOvX51sXPfU5PSB4trF1pVPhqVX4w8Pexza7tK5NDjd1hXlAIqQk/7qGs4TeFDDYoDUoxCcUBozSD; JSESSIONID=D17713C257C9CEC08F3A63BE7B82841A; AWSALBCORS=Mn3QzRG3tz91trVAdbHWJ7fr0I1NW8fWAKDAo68JGsChydsoOvX51sXPfU5PSB4trF1pVPhqVX4w8Pexza7tK5NDjd1hXlAIqQk/7qGs4TeFDDYoDUoxCcUBozSD
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 04:08:13 GMT
content-type: application/javascript
set-cookie: AWSALB=7DOMNnkRp3Le+to0M1NuXfBdYzmmUhIA6IDzn5sJm9ig3HnACaXTJ0oAxfutfQLAkSa428xHQx1FfvehHYTfKNWWFWfZsevb+BEwRwU4YKOkKs89QYiGCCoUH7TS; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/
AWSALBCORS=7DOMNnkRp3Le+to0M1NuXfBdYzmmUhIA6IDzn5sJm9ig3HnACaXTJ0oAxfutfQLAkSa428xHQx1FfvehHYTfKNWWFWfZsevb+BEwRwU4YKOkKs89QYiGCCoUH7TS; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Fri, 03 May 2024 13:42:18 GMT
etag: W/"6634e9ba-3039"
expires: Sun, 04 May 2025 04:08:13 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| dl-asset.cyberlink.com/web/prog/product/html/32885/10/img/icons/PDR256.png | 23.36.76.136 | 200 OK | 16 kB |
URL GET HTTP/3dl-asset.cyberlink.com/web/prog/product/html/32885/10/img/icons/PDR256.png IP23.36.76.136:443 ASN#20940 Akamai International B.V.
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint38:4F:58:25:5F:08:EA:F7:8F:35:ED:B7:F0:06:CA:06:07:8F:7E:84 ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 21 Jan 2025 23:59:59 GMT
File typePNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced Hashf9913854c480c1bc7d55f343669cb089 4b49657e96336381b080a06fb7d385ac6e9e44f1 0e4872dc62319d501a1e629b7b3b443ecc0828daf1c4b2a9f55ef0c92d65638a
GET /web/prog/product/html/32885/10/img/icons/PDR256.png HTTP/1.1
Host: dl-asset.cyberlink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
server: nginx
content-type: image/png
content-length: 15455
last-modified: Fri, 09 Jun 2023 03:45:48 GMT
etag: "f9913854c480c1bc7d55f343669cb089"
x-amz-storage-class: INTELLIGENT_TIERING
access-control-allow-origin: *
x-amz-cf-pop: SFO53-P5
x-amz-cf-id: CDVoyaoQXfMv_BO8Rg3lKy85RSuiebutVr5UdVTPqgK4yejdYMV3uw==
cache: HIT
accept-ranges: bytes
cache-control: max-age=599785
expires: Sat, 11 May 2024 02:44:39 GMT
date: Sat, 04 May 2024 04:08:14 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
quic-version: 0x00000001
|
|
| dl-file.cyberlink.com/web/upload-file/common/banner/enu/2024/3/NewHomepage-TopBanner_PowerDirector-365_22.0_20240315121745524.mp4 | 23.36.76.170 | 206 Partial Content | 2.2 MB |
URL GET HTTP/3dl-file.cyberlink.com/web/upload-file/common/banner/enu/2024/3/NewHomepage-TopBanner_PowerDirector-365_22.0_20240315121745524.mp4 IP23.36.76.170:443 ASN#20940 Akamai International B.V.
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint38:4F:58:25:5F:08:EA:F7:8F:35:ED:B7:F0:06:CA:06:07:8F:7E:84 ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 21 Jan 2025 23:59:59 GMT
File typeISO Media, MP4 Base Media v1 [ISO 14496-12:2003] Size2.2 MB (2222545 bytes) Hashe87416984ebbfb3e27f2f2916edd392f 1e0442fb49e0816f95daaf2bc06591ffc8c88a6c 0f60f7cc8e6baff2fd3c9852b5eac66450a25c4bd274808035e6557d78c4c4c3
GET /web/upload-file/common/banner/enu/2024/3/NewHomepage-TopBanner_PowerDirector-365_22.0_20240315121745524.mp4 HTTP/1.1
Host: dl-file.cyberlink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 206 Partial Content
server: nginx
content-type: video/mp4
last-modified: Fri, 15 Mar 2024 19:17:48 GMT
etag: "908ce9b28a7152e907a1ae169ff3c997"
x-amz-storage-class: INTELLIGENT_TIERING
access-control-allow-origin: *
x-amz-cf-pop: SFO5-P1
x-amz-cf-id: d6BByLGP3BJvABeFN-PEpJN29m-BNwRD7_Ry4E7SRubPOItO4JQLQg==
cache: HIT
accept-ranges: bytes
content-range: bytes 0-3957784/3957785
content-length: 3957785
cache-control: max-age=1000813
expires: Wed, 15 May 2024 18:08:27 GMT
date: Sat, 04 May 2024 04:08:14 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
quic-version: 0x00000001
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-WH4VL6RT9T>m=45je4510v892615318za200&_p=1714795693073&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=658557420.1714795694&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&dp=%2F&sid=1714795694&sct=1&seg=0&dl=https%3A%2F%2F99.83.161.79%2F&dr=http%3A%2F%2F99.83.161.79%2F&dt=%231%20Video%20Editing%20%26%20Photo%20Editing%20Software%20%2B%20Media%20Player%20%7C%20CyberLink&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&epn.sampleRate=80&tfd=2807 | 216.239.34.36 | 204 No Content | 0 B |
URL POST HTTP/2region1.analytics.google.com/g/collect?v=2&tid=G-WH4VL6RT9T>m=45je4510v892615318za200&_p=1714795693073&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=658557420.1714795694&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&dp=%2F&sid=1714795694&sct=1&seg=0&dl=https%3A%2F%2F99.83.161.79%2F&dr=http%3A%2F%2F99.83.161.79%2F&dt=%231%20Video%20Editing%20%26%20Photo%20Editing%20Software%20%2B%20Media%20Player%20%7C%20CyberLink&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&epn.sampleRate=80&tfd=2807 IP216.239.34.36:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-WH4VL6RT9T>m=45je4510v892615318za200&_p=1714795693073&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=658557420.1714795694&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&dp=%2F&sid=1714795694&sct=1&seg=0&dl=https%3A%2F%2F99.83.161.79%2F&dr=http%3A%2F%2F99.83.161.79%2F&dt=%231%20Video%20Editing%20%26%20Photo%20Editing%20Software%20%2B%20Media%20Player%20%7C%20CyberLink&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&epn.sampleRate=80&tfd=2807 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://99.83.161.79
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://99.83.161.79
date: Sat, 04 May 2024 04:08:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn-apac.onetrust.com/scripttemplates/202401.1.0/otBannerSdk.js | 104.18.32.137 | 200 OK | 107 kB |
URL GET HTTP/2cdn-apac.onetrust.com/scripttemplates/202401.1.0/otBannerSdk.js IP104.18.32.137:443
CertificateIssuerGoogle Trust Services LLC Subjectonetrust.com FingerprintF8:3D:2E:A5:60:D5:2B:FC:12:A2:FD:03:01:A3:EF:F8:5F:71:98:FD ValidityMon, 29 Apr 2024 06:15:16 GMT - Sun, 28 Jul 2024 07:12:55 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Size107 kB (106568 bytes) Hash57d2860333f4960ef943ee8f2b5f5b19 ee1bf2816c1e6faf567efb8e7ec473a1ca4e8428 830965de01c4d254283a843311adcc3301522d2d60f6289c05b2dee015d3dacb
GET /scripttemplates/202401.1.0/otBannerSdk.js HTTP/1.1
Host: cdn-apac.onetrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 04:08:14 GMT
content-type: application/javascript
content-length: 106568
content-encoding: gzip
content-md5: g8NxcYp0IaoBIOhpMNVD1w==
last-modified: Thu, 07 Mar 2024 09:32:48 GMT
etag: 0x8DC3E898D552FEE
x-ms-request-id: 8094f4ec-201e-0091-59d4-7aaa27000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 33655
expires: Sun, 05 May 2024 04:08:14 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87e5a0e49972569a-OSL
X-Firefox-Spdy: h2
|
|
| 99.83.161.79/apple-touch-icon.png | 99.83.161.79 | 200 OK | 615 B |
URL GET HTTP/299.83.161.79/apple-touch-icon.png IP99.83.161.79:443
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint30:CB:A0:E4:4D:60:C8:AA:F2:EC:B7:A5:15:46:0D:85:6A:BD:48:A1 ValidityThu, 26 Oct 2023 00:00:00 GMT - Wed, 02 Oct 2024 23:59:59 GMT
File typePNG image data, 75 x 75, 8-bit colormap, non-interlaced Hasha2f5ecfa81010b2569a1b04145ebe053 acf11ddd74ec958fe19c66bf83c20f1f3fcffb22 916d7769cedfb76bd2cdf423c88969803d537ce219fa4173f9cc7b0189f2d4bb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /apple-touch-icon.png HTTP/1.1
Host: 99.83.161.79
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Cookie: AWSALB=J2+BRb7frrLfqCkw4RuiFBT2tDeT9iNWTXTnKM4DqzrfHXqxorXTzKdPHQu5lxcsojZP7Su1ikA7jIRKgw6Ts11nergcUm21nkLxO9BIREG4uHURObYWTJsFbZsQ; JSESSIONID=D17713C257C9CEC08F3A63BE7B82841A; AWSALBCORS=J2+BRb7frrLfqCkw4RuiFBT2tDeT9iNWTXTnKM4DqzrfHXqxorXTzKdPHQu5lxcsojZP7Su1ikA7jIRKgw6Ts11nergcUm21nkLxO9BIREG4uHURObYWTJsFbZsQ; _ga_WH4VL6RT9T=GS1.1.1714795694.1.0.1714795694.60.0.0; _ga=GA1.1.658557420.1714795694
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 04:08:15 GMT
content-type: image/png
content-length: 615
set-cookie: AWSALB=l4jZ6eaAig3ReF1sl4cvvaimNCXh086epwl9qNv4I4ObFcgyExMPT482mFg3zvgJy5xrkXdTis//Pzre56d7Cec7H9YhkNM5QmwW2GA8+Yg5knRCRgOtJHdIt557; Expires=Sat, 11 May 2024 04:08:15 GMT; Path=/
AWSALBCORS=l4jZ6eaAig3ReF1sl4cvvaimNCXh086epwl9qNv4I4ObFcgyExMPT482mFg3zvgJy5xrkXdTis//Pzre56d7Cec7H9YhkNM5QmwW2GA8+Yg5knRCRgOtJHdIt557; Expires=Sat, 11 May 2024 04:08:15 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Wed, 17 Jan 2024 19:16:44 GMT
etag: "65a8279c-267"
expires: Sun, 04 May 2025 04:08:15 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 99.83.161.79/favicon.ico | 99.83.161.79 | 200 OK | 1.4 kB |
IP99.83.161.79:443
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint30:CB:A0:E4:4D:60:C8:AA:F2:EC:B7:A5:15:46:0D:85:6A:BD:48:A1 ValidityThu, 26 Oct 2023 00:00:00 GMT - Wed, 02 Oct 2024 23:59:59 GMT
File typeMS Windows icon resource - 1 icon, 16x16 Hash0dce717d99521a6089648ba6a85312f9 2e7170e5dfc095a534f37ca2434db1a46dbb7c8c b26e3cd21b23bc41d15dd16c291915a3033c20fd5d217fddf5f48833b6a3daa9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: 99.83.161.79
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Cookie: AWSALB=J2+BRb7frrLfqCkw4RuiFBT2tDeT9iNWTXTnKM4DqzrfHXqxorXTzKdPHQu5lxcsojZP7Su1ikA7jIRKgw6Ts11nergcUm21nkLxO9BIREG4uHURObYWTJsFbZsQ; JSESSIONID=D17713C257C9CEC08F3A63BE7B82841A; AWSALBCORS=J2+BRb7frrLfqCkw4RuiFBT2tDeT9iNWTXTnKM4DqzrfHXqxorXTzKdPHQu5lxcsojZP7Su1ikA7jIRKgw6Ts11nergcUm21nkLxO9BIREG4uHURObYWTJsFbZsQ; _ga_WH4VL6RT9T=GS1.1.1714795694.1.0.1714795694.60.0.0; _ga=GA1.1.658557420.1714795694
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 04:08:15 GMT
content-type: image/x-icon
content-length: 1406
set-cookie: AWSALB=SLtEd+CBn+DcU4aE34X2z/h0ZmEM/7A2Qtfngqvf/SuEXFTWVSv3CO/2X/51sk+cxXdYsqL56LHVpOiFNCcr43/C7PEKZQg9lIiRSKqeJO4tUv8scJW1yAWHaNvO; Expires=Sat, 11 May 2024 04:08:15 GMT; Path=/
AWSALBCORS=SLtEd+CBn+DcU4aE34X2z/h0ZmEM/7A2Qtfngqvf/SuEXFTWVSv3CO/2X/51sk+cxXdYsqL56LHVpOiFNCcr43/C7PEKZQg9lIiRSKqeJO4tUv8scJW1yAWHaNvO; Expires=Sat, 11 May 2024 04:08:15 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Wed, 17 Jan 2024 19:16:46 GMT
etag: "65a8279e-57e"
expires: Sun, 04 May 2025 04:08:15 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 99.83.161.79/include/js/jquery.lazyload.js | 99.83.161.79 | 200 OK | 16 kB |
URL GET HTTP/299.83.161.79/include/js/jquery.lazyload.js IP99.83.161.79:443
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint30:CB:A0:E4:4D:60:C8:AA:F2:EC:B7:A5:15:46:0D:85:6A:BD:48:A1 ValidityThu, 26 Oct 2023 00:00:00 GMT - Wed, 02 Oct 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (62964) Hashb8c0508472dfd08b2a5728e3c530bcbf fbe71c31ab5d071bab7c787acda5ed48b5441752 88de696e7c451514ecbb699f1c9a5504734ce598586f3ce3c22b92d47d66825f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /include/js/jquery.lazyload.js HTTP/1.1
Host: 99.83.161.79
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Cookie: AWSALB=Mn3QzRG3tz91trVAdbHWJ7fr0I1NW8fWAKDAo68JGsChydsoOvX51sXPfU5PSB4trF1pVPhqVX4w8Pexza7tK5NDjd1hXlAIqQk/7qGs4TeFDDYoDUoxCcUBozSD; JSESSIONID=D17713C257C9CEC08F3A63BE7B82841A; AWSALBCORS=Mn3QzRG3tz91trVAdbHWJ7fr0I1NW8fWAKDAo68JGsChydsoOvX51sXPfU5PSB4trF1pVPhqVX4w8Pexza7tK5NDjd1hXlAIqQk/7qGs4TeFDDYoDUoxCcUBozSD
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 04:08:13 GMT
content-type: application/javascript
set-cookie: AWSALB=yYqUKHbZLfd79sEu4nDzCEfbTKD3mguGffPrCiO4sz9KQyLHS4EOXKm56B6VVlEzbkvTOp0gzZ/wEZIGCXTzt/eH9EIbqgNNJ7U/frcV5GFyx81dn0MHXLNX7Sxp; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/
AWSALBCORS=yYqUKHbZLfd79sEu4nDzCEfbTKD3mguGffPrCiO4sz9KQyLHS4EOXKm56B6VVlEzbkvTOp0gzZ/wEZIGCXTzt/eH9EIbqgNNJ7U/frcV5GFyx81dn0MHXLNX7Sxp; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Fri, 03 May 2024 13:42:44 GMT
etag: W/"6634e9d4-b22"
expires: Sun, 04 May 2025 04:08:13 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cdn-apac.onetrust.com/consent/f0e1cea4-7d55-444d-b2fa-27243963f542/018e0851-f496-792f-af2d-b011b1f042e9/en.json | 104.18.32.137 | 200 OK | 15 kB |
URL GET HTTP/2cdn-apac.onetrust.com/consent/f0e1cea4-7d55-444d-b2fa-27243963f542/018e0851-f496-792f-af2d-b011b1f042e9/en.json IP104.18.32.137:443
CertificateIssuerGoogle Trust Services LLC Subjectonetrust.com FingerprintF8:3D:2E:A5:60:D5:2B:FC:12:A2:FD:03:01:A3:EF:F8:5F:71:98:FD ValidityMon, 29 Apr 2024 06:15:16 GMT - Sun, 28 Jul 2024 07:12:55 GMT
Hash26288d661ba67b8cfb42396153f0d644 fb87d09df09e5a2e53d6ca4d6bd33cb8aac4337e d878a4eaf0c1fe3d1bdea2312fa2b92682d4f7a2d55474a48abba9d6cc6f5dc3
GET /consent/f0e1cea4-7d55-444d-b2fa-27243963f542/018e0851-f496-792f-af2d-b011b1f042e9/en.json HTTP/1.1
Host: cdn-apac.onetrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://99.83.161.79/
Origin: https://99.83.161.79
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 04:08:16 GMT
content-type: application/x-javascript
content-length: 15403
cf-ray: 87e5a0ec7e2d1c12-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 0
cache-control: public, max-age=86400
content-encoding: gzip
etag: 0x8DC4959B67EE53C
last-modified: Thu, 21 Mar 2024 03:48:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-md5: L1HhO4XrmdXSne+JUTt3eQ==
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: e2e4267b-901e-0093-0a99-9c4fe7000000
x-ms-version: 2009-09-19
server: cloudflare
X-Firefox-Spdy: h2
|
|
| cdn-apac.onetrust.com/scripttemplates/202401.1.0/assets/v2/otPcCenter.json | 104.18.32.137 | 200 OK | 13 kB |
URL GET HTTP/2cdn-apac.onetrust.com/scripttemplates/202401.1.0/assets/v2/otPcCenter.json IP104.18.32.137:443
CertificateIssuerGoogle Trust Services LLC Subjectonetrust.com FingerprintF8:3D:2E:A5:60:D5:2B:FC:12:A2:FD:03:01:A3:EF:F8:5F:71:98:FD ValidityMon, 29 Apr 2024 06:15:16 GMT - Sun, 28 Jul 2024 07:12:55 GMT
Hash304ab564b27b510ff3ed71ded9fcaa4f 6452b28808fcda00ee96e18f642348263011769d 777b4b4a083fe36afca14edfa9de06db28dacfe106659598d9c88f576428e2d1
GET /scripttemplates/202401.1.0/assets/v2/otPcCenter.json HTTP/1.1
Host: cdn-apac.onetrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://99.83.161.79/
Origin: https://99.83.161.79
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 04:08:16 GMT
content-type: application/json
content-length: 12694
content-encoding: gzip
content-md5: s2sOOFx0mjDJK9iNqaz9cw==
last-modified: Thu, 07 Mar 2024 09:32:37 GMT
etag: 0x8DC3E8986CED74D
x-ms-request-id: c31bb85a-f01e-0055-0657-91fe19000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
expires: Sun, 05 May 2024 04:08:16 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87e5a0ec8e321c12-OSL
X-Firefox-Spdy: h2
|
|
| cdn-apac.onetrust.com/scripttemplates/202401.1.0/assets/v2/otPcCenter.json | 104.18.32.137 | 200 OK | 13 kB |
URL GET HTTP/2cdn-apac.onetrust.com/scripttemplates/202401.1.0/assets/v2/otPcCenter.json IP104.18.32.137:443
CertificateIssuerGoogle Trust Services LLC Subjectonetrust.com FingerprintF8:3D:2E:A5:60:D5:2B:FC:12:A2:FD:03:01:A3:EF:F8:5F:71:98:FD ValidityMon, 29 Apr 2024 06:15:16 GMT - Sun, 28 Jul 2024 07:12:55 GMT
Hash304ab564b27b510ff3ed71ded9fcaa4f 6452b28808fcda00ee96e18f642348263011769d 777b4b4a083fe36afca14edfa9de06db28dacfe106659598d9c88f576428e2d1
GET /scripttemplates/202401.1.0/assets/v2/otPcCenter.json HTTP/1.1
Host: cdn-apac.onetrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://99.83.161.79/
Origin: https://99.83.161.79
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 04:08:16 GMT
content-type: application/json
content-length: 12694
content-encoding: gzip
content-md5: s2sOOFx0mjDJK9iNqaz9cw==
last-modified: Thu, 07 Mar 2024 09:32:37 GMT
etag: 0x8DC3E8986CED74D
x-ms-request-id: c31bb85a-f01e-0055-0657-91fe19000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 0
expires: Sun, 05 May 2024 04:08:16 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87e5a0ecbe3c1c12-OSL
X-Firefox-Spdy: h2
|
|
| geolocation.onetrust.com/cookieconsentpub/v1/geo/location | 104.18.32.137 | 200 OK | 2.7 kB |
URL GET HTTP/2geolocation.onetrust.com/cookieconsentpub/v1/geo/location IP104.18.32.137:443
CertificateIssuerGoogle Trust Services LLC Subjectonetrust.com FingerprintF8:3D:2E:A5:60:D5:2B:FC:12:A2:FD:03:01:A3:EF:F8:5F:71:98:FD ValidityMon, 29 Apr 2024 06:15:16 GMT - Sun, 28 Jul 2024 07:12:55 GMT
File typeNew Line Delimited JSON text data Hash50e3fee0b16f1717d32d441f133238f6 f3023240da752aa4cab0495eeb3a165df9ce8f49 bd6cee9ed0ddb425b709f0285db067a55cf3a50ebdc6045568788d1c9346ee70
GET /cookieconsentpub/v1/geo/location HTTP/1.1
Host: geolocation.onetrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://99.83.161.79
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 04:08:14 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87e5a0e45c121c12-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cdn-apac.onetrust.com/scripttemplates/202401.1.0/assets/otCommonStyles.css | 104.18.32.137 | 200 OK | 45 kB |
URL GET HTTP/2cdn-apac.onetrust.com/scripttemplates/202401.1.0/assets/otCommonStyles.css IP104.18.32.137:443
CertificateIssuerGoogle Trust Services LLC Subjectonetrust.com FingerprintF8:3D:2E:A5:60:D5:2B:FC:12:A2:FD:03:01:A3:EF:F8:5F:71:98:FD ValidityMon, 29 Apr 2024 06:15:16 GMT - Sun, 28 Jul 2024 07:12:55 GMT
File typegzip compressed data, from Unix Hashe9ee0141afd9ff15e0f08631a6f3239c cf336eefff0b8bc3571b0e7cecac7117ef2f3128 e99b6a589bb65bade4c57c7de220835920d0383a6eb48bcca71914fda6098ef2
GET /scripttemplates/202401.1.0/assets/otCommonStyles.css HTTP/1.1
Host: cdn-apac.onetrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://99.83.161.79/
Origin: https://99.83.161.79
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 04:08:16 GMT
content-type: text/css
content-md5: c7xAZ9MSGAobGaTYg/Qtag==
last-modified: Thu, 07 Mar 2024 09:33:01 GMT
x-ms-request-id: 9df9bd67-c01e-004e-0266-90c01a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
expires: Sun, 05 May 2024 04:08:16 GMT
cache-control: public, max-age=86400
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87e5a0ec8e331c12-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cdn-apac.onetrust.com/logos/625b2c02-7690-4fba-a2d4-bb8f6d042b3a/9c3e77a2-0dc0-4488-bcb0-ebe84088d56c/35db49df-ad3b-427f-b06b-1176c61464dd/CyberLink.png | 104.18.32.137 | 200 OK | 50 kB |
URL GET HTTP/2cdn-apac.onetrust.com/logos/625b2c02-7690-4fba-a2d4-bb8f6d042b3a/9c3e77a2-0dc0-4488-bcb0-ebe84088d56c/35db49df-ad3b-427f-b06b-1176c61464dd/CyberLink.png IP104.18.32.137:443
CertificateIssuerGoogle Trust Services LLC Subjectonetrust.com FingerprintF8:3D:2E:A5:60:D5:2B:FC:12:A2:FD:03:01:A3:EF:F8:5F:71:98:FD ValidityMon, 29 Apr 2024 06:15:16 GMT - Sun, 28 Jul 2024 07:12:55 GMT
File typePNG image data, 2000 x 701, 8-bit/color RGBA, non-interlaced Hash53a4749ac2311f56e4cffff795177edf f08a4aa7a740fcf392d35c305911ba7c75f4302f 4981cab4ca7b4b6086687f28d99be62aedc809484a67e176a53760b154c3c913
GET /logos/625b2c02-7690-4fba-a2d4-bb8f6d042b3a/9c3e77a2-0dc0-4488-bcb0-ebe84088d56c/35db49df-ad3b-427f-b06b-1176c61464dd/CyberLink.png HTTP/1.1
Host: cdn-apac.onetrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 04:08:16 GMT
content-type: image/png
content-length: 49949
content-md5: U6R0msIxH1bkz//3lRd+3w==
last-modified: Thu, 25 Jan 2024 12:04:06 GMT
etag: 0x8DC1D9DBAEAA452
x-ms-request-id: 0f1af33e-401e-00ec-34d4-7a36ef000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 36584
expires: Sun, 05 May 2024 04:08:16 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87e5a0f17e51569a-OSL
X-Firefox-Spdy: h2
|
|
| cdn-apac.onetrust.com/scripttemplates/202401.1.0/assets/otCenterRounded.json | 104.18.32.137 | 200 OK | 2.6 kB |
URL GET HTTP/2cdn-apac.onetrust.com/scripttemplates/202401.1.0/assets/otCenterRounded.json IP104.18.32.137:443
CertificateIssuerGoogle Trust Services LLC Subjectonetrust.com FingerprintF8:3D:2E:A5:60:D5:2B:FC:12:A2:FD:03:01:A3:EF:F8:5F:71:98:FD ValidityMon, 29 Apr 2024 06:15:16 GMT - Sun, 28 Jul 2024 07:12:55 GMT
Hash17e5cf7e2fcaed7692184f43c4577219 f47f0887e191e30a49391514ceddabfc26cc9bd7 09b627933e01faa4979dc5661f7e616c7db1c12ea1984ca0549bdb253d24da9b
GET /scripttemplates/202401.1.0/assets/otCenterRounded.json HTTP/1.1
Host: cdn-apac.onetrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://99.83.161.79/
Origin: https://99.83.161.79
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 04 May 2024 04:08:17 GMT
content-type: application/json
content-length: 2626
content-encoding: gzip
content-md5: HPfWlTNcFH5DkM4u8hz7pw==
last-modified: Thu, 07 Mar 2024 09:32:32 GMT
etag: 0x8DC3E898408F298
x-ms-request-id: 55f262fa-701e-007c-7199-9c4499000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 1
expires: Sun, 05 May 2024 04:08:17 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87e5a0ecbe3b1c12-OSL
X-Firefox-Spdy: h2
|
|
| 99.83.161.79/include/js/jquery-migrate-3.3.0.min.js | 99.83.161.79 | 200 OK | 11 kB |
URL GET HTTP/299.83.161.79/include/js/jquery-migrate-3.3.0.min.js IP99.83.161.79:443
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint30:CB:A0:E4:4D:60:C8:AA:F2:EC:B7:A5:15:46:0D:85:6A:BD:48:A1 ValidityThu, 26 Oct 2023 00:00:00 GMT - Wed, 02 Oct 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (10797) Hash20d7f1bf30668e8c43944b73d75b1692 cedcf70f5561956e713213eee215bb8a45f3d050 a581b01ab8bdc28aae3fcf8af1b1a43a281288be72887df0f76d8d31dbebb7e8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /include/js/jquery-migrate-3.3.0.min.js HTTP/1.1
Host: 99.83.161.79
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Cookie: AWSALB=Mn3QzRG3tz91trVAdbHWJ7fr0I1NW8fWAKDAo68JGsChydsoOvX51sXPfU5PSB4trF1pVPhqVX4w8Pexza7tK5NDjd1hXlAIqQk/7qGs4TeFDDYoDUoxCcUBozSD; JSESSIONID=D17713C257C9CEC08F3A63BE7B82841A; AWSALBCORS=Mn3QzRG3tz91trVAdbHWJ7fr0I1NW8fWAKDAo68JGsChydsoOvX51sXPfU5PSB4trF1pVPhqVX4w8Pexza7tK5NDjd1hXlAIqQk/7qGs4TeFDDYoDUoxCcUBozSD
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 04:08:13 GMT
content-type: application/javascript
set-cookie: AWSALB=Nh+X2Ib/84uvS/REBkg0eMxbXsb2KD2Ac2KUxWwHKxpCg8OAiiuaNkEjFLd8LaeYq5FAClwpKUtfckkBCrZJk0ZNOzg80ZasdgNSrjArpfakx5B4oty6sobaP0+N; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/
AWSALBCORS=Nh+X2Ib/84uvS/REBkg0eMxbXsb2KD2Ac2KUxWwHKxpCg8OAiiuaNkEjFLd8LaeYq5FAClwpKUtfckkBCrZJk0ZNOzg80ZasdgNSrjArpfakx5B4oty6sobaP0+N; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Wed, 17 Jan 2024 19:16:46 GMT
etag: W/"65a8279e-2a8f"
expires: Sun, 04 May 2025 04:08:13 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| dl-asset.cyberlink.com/web/prog/bar/css/font/cJZKeOuBrn4kERxqtaUH3T8E0i7KZn-EPnyo3HZu7kw.woff | 23.36.76.136 | 200 OK | 20 kB |
URL GET HTTP/3dl-asset.cyberlink.com/web/prog/bar/css/font/cJZKeOuBrn4kERxqtaUH3T8E0i7KZn-EPnyo3HZu7kw.woff IP23.36.76.136:443 ASN#20940 Akamai International B.V.
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint38:4F:58:25:5F:08:EA:F7:8F:35:ED:B7:F0:06:CA:06:07:8F:7E:84 ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 21 Jan 2025 23:59:59 GMT
File typeWeb Open Font Format, TrueType, length 20544, version 1.1 Hashddf32d230e221d777f9a589f0e2f95ea d8721a797492d3dd8a5f5a419a386e69246d15ed df7de1f609f36bc4f0b8c56c23ffd2dfaa78f3341e479b0a3a8a4c802f6acc80
GET /web/prog/bar/css/font/cJZKeOuBrn4kERxqtaUH3T8E0i7KZn-EPnyo3HZu7kw.woff HTTP/1.1
Host: dl-asset.cyberlink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://99.83.161.79
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
server: nginx
content-type: font/woff
content-length: 20544
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Tue, 17 Oct 2023 05:26:10 GMT
etag: "ddf32d230e221d777f9a589f0e2f95ea"
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-cf-pop: SFO5-P1
x-amz-cf-id: Kqngsme93H5rs_8d-uE_j0TFRGSoXSbSS6Hxlu7mWJPyiBGr0VhJLw==
cache: HIT
accept-ranges: bytes
cache-control: max-age=912703
expires: Tue, 14 May 2024 17:39:57 GMT
date: Sat, 04 May 2024 04:08:14 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
quic-version: 0x00000001
|
|
| 99.83.161.79/include/js/modernizr-2.7.1.min.js | 99.83.161.79 | 200 OK | 16 kB |
URL GET HTTP/299.83.161.79/include/js/modernizr-2.7.1.min.js IP99.83.161.79:443
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint30:CB:A0:E4:4D:60:C8:AA:F2:EC:B7:A5:15:46:0D:85:6A:BD:48:A1 ValidityThu, 26 Oct 2023 00:00:00 GMT - Wed, 02 Oct 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (14966), with CRLF line terminators Hash0570d97883f7676a8d01a78a517a436f 358919c270ffff6532d25d9bc4403e9adadca074 25fa63f624f64f88f5d6f7be2ab866db948112efa7727e3cb7c931e872bb455a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /include/js/modernizr-2.7.1.min.js HTTP/1.1
Host: 99.83.161.79
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Cookie: AWSALB=Mn3QzRG3tz91trVAdbHWJ7fr0I1NW8fWAKDAo68JGsChydsoOvX51sXPfU5PSB4trF1pVPhqVX4w8Pexza7tK5NDjd1hXlAIqQk/7qGs4TeFDDYoDUoxCcUBozSD; JSESSIONID=D17713C257C9CEC08F3A63BE7B82841A; AWSALBCORS=Mn3QzRG3tz91trVAdbHWJ7fr0I1NW8fWAKDAo68JGsChydsoOvX51sXPfU5PSB4trF1pVPhqVX4w8Pexza7tK5NDjd1hXlAIqQk/7qGs4TeFDDYoDUoxCcUBozSD
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 04:08:13 GMT
content-type: application/javascript
set-cookie: AWSALB=JEL227cDsvPZIhkgZyT/QpCqTal5UsD+W4Hml+f/byuS8BjWtrZeU9vBtHUFKX1B+GqwFyVinPlfVGpZXqakpGrAcZeCjNUApqIu5Yla+lcEYyJEvudVUePMESls; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/
AWSALBCORS=JEL227cDsvPZIhkgZyT/QpCqTal5UsD+W4Hml+f/byuS8BjWtrZeU9vBtHUFKX1B+GqwFyVinPlfVGpZXqakpGrAcZeCjNUApqIu5Yla+lcEYyJEvudVUePMESls; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Wed, 17 Jan 2024 19:16:46 GMT
etag: W/"65a8279e-3d11"
expires: Sun, 04 May 2025 04:08:13 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cdn-apac.onetrust.com/logos/625b2c02-7690-4fba-a2d4-bb8f6d042b3a/9c3e77a2-0dc0-4488-bcb0-ebe84088d56c/78256ce4-1016-4158-9d71-a6c464d2411a/CyberLink-Logo.wine.png | 104.18.32.137 | 200 OK | 41 kB |
URL GET HTTP/2cdn-apac.onetrust.com/logos/625b2c02-7690-4fba-a2d4-bb8f6d042b3a/9c3e77a2-0dc0-4488-bcb0-ebe84088d56c/78256ce4-1016-4158-9d71-a6c464d2411a/CyberLink-Logo.wine.png IP104.18.32.137:443
CertificateIssuerGoogle Trust Services LLC Subjectonetrust.com FingerprintF8:3D:2E:A5:60:D5:2B:FC:12:A2:FD:03:01:A3:EF:F8:5F:71:98:FD ValidityMon, 29 Apr 2024 06:15:16 GMT - Sun, 28 Jul 2024 07:12:55 GMT
File typePNG image data, 3000 x 2000, 8-bit colormap, non-interlaced Hash0ab9c6e4b0cbdf6dbe4c0558afce4bbf 25225dc434dc154a2b460167c674773f2ecd1fab 04cb0d89a581ee2980950ad0a180ba352922c677faabf0a4ee4b09a1fb2fb114
GET /logos/625b2c02-7690-4fba-a2d4-bb8f6d042b3a/9c3e77a2-0dc0-4488-bcb0-ebe84088d56c/78256ce4-1016-4158-9d71-a6c464d2411a/CyberLink-Logo.wine.png HTTP/1.1
Host: cdn-apac.onetrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 04:08:16 GMT
content-type: image/png
content-length: 41216
content-md5: CrnG5LDL322+TAVYr85Lvw==
last-modified: Thu, 25 Jan 2024 10:45:51 GMT
etag: 0x8DC1D92CC73F807
x-ms-request-id: 1d2b69fa-f01e-0044-39eb-9205c0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 36585
expires: Sun, 05 May 2024 04:08:16 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87e5a0f14e47569a-OSL
X-Firefox-Spdy: h2
|
|
| 99.83.161.79/include/css/bootstrap-icons/1.4.1/bootstrap-icons.css | 99.83.161.79 | 200 OK | 56 kB |
URL GET HTTP/299.83.161.79/include/css/bootstrap-icons/1.4.1/bootstrap-icons.css IP99.83.161.79:443
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint30:CB:A0:E4:4D:60:C8:AA:F2:EC:B7:A5:15:46:0D:85:6A:BD:48:A1 ValidityThu, 26 Oct 2023 00:00:00 GMT - Wed, 02 Oct 2024 23:59:59 GMT
File typeASCII text, with very long lines (55808), with no line terminators Hashc3c377b6486a3945685063743b5c4185 3337c7a6f65fc4afd81c989925147e880a393489 77d76a310cfd8fd717dd75d867e37442abd2b6e4d0c837c83f453bce4e18ba33
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /include/css/bootstrap-icons/1.4.1/bootstrap-icons.css HTTP/1.1
Host: 99.83.161.79
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Cookie: AWSALB=Mn3QzRG3tz91trVAdbHWJ7fr0I1NW8fWAKDAo68JGsChydsoOvX51sXPfU5PSB4trF1pVPhqVX4w8Pexza7tK5NDjd1hXlAIqQk/7qGs4TeFDDYoDUoxCcUBozSD; JSESSIONID=D17713C257C9CEC08F3A63BE7B82841A; AWSALBCORS=Mn3QzRG3tz91trVAdbHWJ7fr0I1NW8fWAKDAo68JGsChydsoOvX51sXPfU5PSB4trF1pVPhqVX4w8Pexza7tK5NDjd1hXlAIqQk/7qGs4TeFDDYoDUoxCcUBozSD
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 04:08:13 GMT
content-type: text/css
set-cookie: AWSALB=woTvioPibbIDX2Ay0zCZpUKPTju2RDAh721XZClC8gJ3KeufeDv1omisgwi/E73gCyDn+AMprWONLHuuTLRmmxtKHJq9fymry1K1anFbwzDKzlp4498CSSF0wFAm; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/
AWSALBCORS=woTvioPibbIDX2Ay0zCZpUKPTju2RDAh721XZClC8gJ3KeufeDv1omisgwi/E73gCyDn+AMprWONLHuuTLRmmxtKHJq9fymry1K1anFbwzDKzlp4498CSSF0wFAm; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Fri, 03 May 2024 13:42:00 GMT
etag: W/"6634e9a8-da00"
expires: Sun, 04 May 2025 04:08:13 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 99.83.161.79/include/css/bootstrap.modal.3.3.min.css | 99.83.161.79 | 200 OK | 4.0 kB |
URL GET HTTP/299.83.161.79/include/css/bootstrap.modal.3.3.min.css IP99.83.161.79:443
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint30:CB:A0:E4:4D:60:C8:AA:F2:EC:B7:A5:15:46:0D:85:6A:BD:48:A1 ValidityThu, 26 Oct 2023 00:00:00 GMT - Wed, 02 Oct 2024 23:59:59 GMT
File typeASCII text, with very long lines (4009), with no line terminators Hashf39456f9e3a32a0e1aa9683b77445d07 f924ed2a6c2e958d52cadb96b2e08d2b51a116db ea798eda2ed7d2239ff6e446906ae1004570476fc8f946b03ae02dd1abd90461
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /include/css/bootstrap.modal.3.3.min.css HTTP/1.1
Host: 99.83.161.79
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Cookie: AWSALB=Mn3QzRG3tz91trVAdbHWJ7fr0I1NW8fWAKDAo68JGsChydsoOvX51sXPfU5PSB4trF1pVPhqVX4w8Pexza7tK5NDjd1hXlAIqQk/7qGs4TeFDDYoDUoxCcUBozSD; JSESSIONID=D17713C257C9CEC08F3A63BE7B82841A; AWSALBCORS=Mn3QzRG3tz91trVAdbHWJ7fr0I1NW8fWAKDAo68JGsChydsoOvX51sXPfU5PSB4trF1pVPhqVX4w8Pexza7tK5NDjd1hXlAIqQk/7qGs4TeFDDYoDUoxCcUBozSD
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 04:08:13 GMT
content-type: text/css
set-cookie: AWSALB=YAT787KCS2elTNd1ryOwZkKNWIMeUlCpPSygINabK249e19hd8i0U750oXUoo3P+7eailiFioaY+Khpk9hlnFyJMXhD7JRwyJ16fHz4fJqDdUz2FHBUHrlGceOCn; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/
AWSALBCORS=YAT787KCS2elTNd1ryOwZkKNWIMeUlCpPSygINabK249e19hd8i0U750oXUoo3P+7eailiFioaY+Khpk9hlnFyJMXhD7JRwyJ16fHz4fJqDdUz2FHBUHrlGceOCn; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Wed, 17 Jan 2024 19:16:46 GMT
etag: W/"65a8279e-f9c"
expires: Sun, 04 May 2025 04:08:13 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 99.83.161.79/prog/newhomepage/css/style-font.css | 99.83.161.79 | 200 OK | 4.2 kB |
URL GET HTTP/299.83.161.79/prog/newhomepage/css/style-font.css IP99.83.161.79:443
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint30:CB:A0:E4:4D:60:C8:AA:F2:EC:B7:A5:15:46:0D:85:6A:BD:48:A1 ValidityThu, 26 Oct 2023 00:00:00 GMT - Wed, 02 Oct 2024 23:59:59 GMT
File typeASCII text, with very long lines (4221), with no line terminators Hashb14dbd200bdf1f276ba193990fb287af f04e400ed30b24f75c7c8d2391525828454edd2a 60f940a42217f1b25bbca0e92951c781d865829b18285bdd24befbbc4d120677
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /prog/newhomepage/css/style-font.css HTTP/1.1
Host: 99.83.161.79
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Cookie: AWSALB=Mn3QzRG3tz91trVAdbHWJ7fr0I1NW8fWAKDAo68JGsChydsoOvX51sXPfU5PSB4trF1pVPhqVX4w8Pexza7tK5NDjd1hXlAIqQk/7qGs4TeFDDYoDUoxCcUBozSD; JSESSIONID=D17713C257C9CEC08F3A63BE7B82841A; AWSALBCORS=Mn3QzRG3tz91trVAdbHWJ7fr0I1NW8fWAKDAo68JGsChydsoOvX51sXPfU5PSB4trF1pVPhqVX4w8Pexza7tK5NDjd1hXlAIqQk/7qGs4TeFDDYoDUoxCcUBozSD
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 04:08:13 GMT
content-type: text/css
set-cookie: AWSALB=9lTVQyt/dV3fuO8FOJ4epGbIIKRpC/MbStnWqvd5P7cI3bsxpKUU4u4CRyAVcrnENsM+tFCn0JPdUE7U1f7BBKSn1iqfZRctbpl4kB0oBT5UQdvMmYogHq0NaPyw; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/
AWSALBCORS=9lTVQyt/dV3fuO8FOJ4epGbIIKRpC/MbStnWqvd5P7cI3bsxpKUU4u4CRyAVcrnENsM+tFCn0JPdUE7U1f7BBKSn1iqfZRctbpl4kB0oBT5UQdvMmYogHq0NaPyw; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Fri, 03 May 2024 13:42:12 GMT
etag: W/"6634e9b4-107d"
expires: Sun, 04 May 2025 04:08:13 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cdn-apac.onetrust.com/logos/static/powered_by_logo.svg | 104.18.32.137 | 200 OK | 5.2 kB |
URL GET HTTP/2cdn-apac.onetrust.com/logos/static/powered_by_logo.svg IP104.18.32.137:443
CertificateIssuerGoogle Trust Services LLC Subjectonetrust.com FingerprintF8:3D:2E:A5:60:D5:2B:FC:12:A2:FD:03:01:A3:EF:F8:5F:71:98:FD ValidityMon, 29 Apr 2024 06:15:16 GMT - Sun, 28 Jul 2024 07:12:55 GMT
File typeSVG Scalable Vector Graphics image Hash38b5388f36f8f885deb26afdac0e3116 112eccab1891a3a7cab1c5602ba72c9e127136e0 a8562f11c5a80a5c1c4ab388cfa2a69598203a57a5c67d1f80512bddd80d09ef
GET /logos/static/powered_by_logo.svg HTTP/1.1
Host: cdn-apac.onetrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 04:08:16 GMT
content-type: image/svg+xml
content-md5: Y+c301RBZNK39PvKQWrIBw==
last-modified: Thu, 02 May 2024 17:31:17 GMT
x-ms-request-id: 48fd51a4-001e-001e-1b68-9d0341000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 34194
expires: Sun, 05 May 2024 04:08:16 GMT
cache-control: public, max-age=86400
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87e5a0f17e53569a-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 99.83.161.79/include/css/font-awesome/5.2.0/css/all.min.css | 99.83.161.79 | 200 OK | 48 kB |
URL GET HTTP/299.83.161.79/include/css/font-awesome/5.2.0/css/all.min.css IP99.83.161.79:443
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint30:CB:A0:E4:4D:60:C8:AA:F2:EC:B7:A5:15:46:0D:85:6A:BD:48:A1 ValidityThu, 26 Oct 2023 00:00:00 GMT - Wed, 02 Oct 2024 23:59:59 GMT
File typeASCII text, with very long lines (48076) Hash487c4c543c891efedd9e3c715bbbea39 83fcb322b8bf4632dd8e6832dc38dfc640c37e9e 5c9111e24414dbe614a298cae17a26199b4da86eee9a3a85ebeaa498214ba04d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /include/css/font-awesome/5.2.0/css/all.min.css HTTP/1.1
Host: 99.83.161.79
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Cookie: AWSALB=Mn3QzRG3tz91trVAdbHWJ7fr0I1NW8fWAKDAo68JGsChydsoOvX51sXPfU5PSB4trF1pVPhqVX4w8Pexza7tK5NDjd1hXlAIqQk/7qGs4TeFDDYoDUoxCcUBozSD; JSESSIONID=D17713C257C9CEC08F3A63BE7B82841A; AWSALBCORS=Mn3QzRG3tz91trVAdbHWJ7fr0I1NW8fWAKDAo68JGsChydsoOvX51sXPfU5PSB4trF1pVPhqVX4w8Pexza7tK5NDjd1hXlAIqQk/7qGs4TeFDDYoDUoxCcUBozSD
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 04:08:13 GMT
content-type: text/css
set-cookie: AWSALB=PibYiwi2xneBtQCGJWslzMdxsXjA7x6X42vCwbZWcty+JF681zjhgJo/xDVouoLKjRC3Y6+xdvFnd87Lb/lnS8qYx8NMYCl7hqOzeGEEhIQ5sV0+7Q222aeh67BT; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/
AWSALBCORS=PibYiwi2xneBtQCGJWslzMdxsXjA7x6X42vCwbZWcty+JF681zjhgJo/xDVouoLKjRC3Y6+xdvFnd87Lb/lnS8qYx8NMYCl7hqOzeGEEhIQ5sV0+7Q222aeh67BT; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Wed, 17 Jan 2024 19:16:46 GMT
etag: W/"65a8279e-bc7c"
expires: Sun, 04 May 2025 04:08:13 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 99.83.161.79/prog/util/web-notification/js/pageIncludeWebpush.js | 99.83.161.79 | 200 OK | 12 kB |
URL GET HTTP/299.83.161.79/prog/util/web-notification/js/pageIncludeWebpush.js IP99.83.161.79:443
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint30:CB:A0:E4:4D:60:C8:AA:F2:EC:B7:A5:15:46:0D:85:6A:BD:48:A1 ValidityThu, 26 Oct 2023 00:00:00 GMT - Wed, 02 Oct 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (571) Hasheba2d4839a5dee4660d4fa6889182299 b078e383a4e4fc068f75a5ae0bd7e6c4d5e3bd93 7060b5e336280dd7745018e98f7b64bd8b69b94b401b9b8121f7dc5f9313c0e9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /prog/util/web-notification/js/pageIncludeWebpush.js HTTP/1.1
Host: 99.83.161.79
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Cookie: AWSALB=J2+BRb7frrLfqCkw4RuiFBT2tDeT9iNWTXTnKM4DqzrfHXqxorXTzKdPHQu5lxcsojZP7Su1ikA7jIRKgw6Ts11nergcUm21nkLxO9BIREG4uHURObYWTJsFbZsQ; JSESSIONID=D17713C257C9CEC08F3A63BE7B82841A; AWSALBCORS=J2+BRb7frrLfqCkw4RuiFBT2tDeT9iNWTXTnKM4DqzrfHXqxorXTzKdPHQu5lxcsojZP7Su1ikA7jIRKgw6Ts11nergcUm21nkLxO9BIREG4uHURObYWTJsFbZsQ; _ga_WH4VL6RT9T=GS1.1.1714795694.1.0.1714795694.60.0.0; _ga=GA1.1.658557420.1714795694
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 04:08:14 GMT
content-type: application/javascript
set-cookie: AWSALB=R5E2gOPPObr86bZhrAKMB0xhck3kp2bEo64OHNi/Ux4EzKcRJ75fPUn6G9nuSwdRbDwfoxORUQ+el1mPds53+iLvNs7bM/U3FHx/W2+mSX9HZhUbmTOnAMVq/IKL; Expires=Sat, 11 May 2024 04:08:14 GMT; Path=/
AWSALBCORS=R5E2gOPPObr86bZhrAKMB0xhck3kp2bEo64OHNi/Ux4EzKcRJ75fPUn6G9nuSwdRbDwfoxORUQ+el1mPds53+iLvNs7bM/U3FHx/W2+mSX9HZhUbmTOnAMVq/IKL; Expires=Sat, 11 May 2024 04:08:14 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Fri, 03 May 2024 13:42:56 GMT
etag: W/"6634e9e0-2f16"
expires: Sun, 04 May 2025 04:08:14 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 99.83.161.79/prog/bar/css/m_design.css?v=1714744800686 | 99.83.161.79 | 200 OK | 886 B |
URL GET HTTP/299.83.161.79/prog/bar/css/m_design.css?v=1714744800686 IP99.83.161.79:443
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint30:CB:A0:E4:4D:60:C8:AA:F2:EC:B7:A5:15:46:0D:85:6A:BD:48:A1 ValidityThu, 26 Oct 2023 00:00:00 GMT - Wed, 02 Oct 2024 23:59:59 GMT
File typeASCII text, with very long lines (886), with no line terminators Hashef903fb0f07f3855b73fded2df5666da 46d9eca7c2533c2a084255dab401942648f6c546 6e4874c8c030abc3ff8d8fbba2bcd27758da4b8d068ad064b636d5de6e75a4f1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /prog/bar/css/m_design.css?v=1714744800686 HTTP/1.1
Host: 99.83.161.79
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Cookie: AWSALB=Mn3QzRG3tz91trVAdbHWJ7fr0I1NW8fWAKDAo68JGsChydsoOvX51sXPfU5PSB4trF1pVPhqVX4w8Pexza7tK5NDjd1hXlAIqQk/7qGs4TeFDDYoDUoxCcUBozSD; JSESSIONID=D17713C257C9CEC08F3A63BE7B82841A; AWSALBCORS=Mn3QzRG3tz91trVAdbHWJ7fr0I1NW8fWAKDAo68JGsChydsoOvX51sXPfU5PSB4trF1pVPhqVX4w8Pexza7tK5NDjd1hXlAIqQk/7qGs4TeFDDYoDUoxCcUBozSD
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 04:08:13 GMT
content-type: text/css
set-cookie: AWSALB=39zUIEZh6Y+5a2mgYcrBggOkOK3e2l5prGojkmZjyvuR9xecGGjn1UgceD41avdqbv6WGkpFAE5TEHskrr0Q004oaynDl6/HbBkYzQ5dcb76P/0V8dLCCEIn3fF3; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/
AWSALBCORS=39zUIEZh6Y+5a2mgYcrBggOkOK3e2l5prGojkmZjyvuR9xecGGjn1UgceD41avdqbv6WGkpFAE5TEHskrr0Q004oaynDl6/HbBkYzQ5dcb76P/0V8dLCCEIn3fF3; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Fri, 03 May 2024 13:42:10 GMT
etag: W/"6634e9b2-376"
expires: Sun, 04 May 2025 04:08:13 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cdn-apac.onetrust.com/logos/static/ot_guard_logo.svg | 104.18.32.137 | 200 OK | 497 B |
URL GET HTTP/2cdn-apac.onetrust.com/logos/static/ot_guard_logo.svg IP104.18.32.137:443
CertificateIssuerGoogle Trust Services LLC Subjectonetrust.com FingerprintF8:3D:2E:A5:60:D5:2B:FC:12:A2:FD:03:01:A3:EF:F8:5F:71:98:FD ValidityMon, 29 Apr 2024 06:15:16 GMT - Sun, 28 Jul 2024 07:12:55 GMT
File typeSVG Scalable Vector Graphics image Hash4cefeea2da1f500b581d4842d6454a50 9939dd4c1394641f53655e558bfdca7499480c52 220f235f0188ff469b92b56eb86adf4e828b8a90c587ebfa073383b8583aaeb2
GET /logos/static/ot_guard_logo.svg HTTP/1.1
Host: cdn-apac.onetrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://99.83.161.79/
Origin: https://99.83.161.79
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 04:08:17 GMT
content-type: image/svg+xml
content-md5: tXyZydHjxQshFMbbBT1/8A==
last-modified: Thu, 02 May 2024 17:31:14 GMT
x-ms-request-id: ccfb998f-e01e-0079-766b-9db0e6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 0
expires: Sun, 05 May 2024 04:08:17 GMT
cache-control: public, max-age=86400
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87e5a0f3c82e1c12-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| dl-asset.cyberlink.com/web/include/css/font-awesome/5.2.0/webfonts/fa-solid-900.woff2 | 23.36.76.136 | 200 OK | 62 kB |
URL GET HTTP/3dl-asset.cyberlink.com/web/include/css/font-awesome/5.2.0/webfonts/fa-solid-900.woff2 IP23.36.76.136:443 ASN#20940 Akamai International B.V.
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint38:4F:58:25:5F:08:EA:F7:8F:35:ED:B7:F0:06:CA:06:07:8F:7E:84 ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 21 Jan 2025 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 62472, version 1.0 Hashb75b4bfe0d58faeced5006c785eaae23 92da6e3c7121e21cdfde25ef08797a3937a683e1 5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f
GET /web/include/css/font-awesome/5.2.0/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: dl-asset.cyberlink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://99.83.161.79
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
server: nginx
content-type: application/octet-stream
content-length: 62472
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Wed, 23 Nov 2022 02:51:37 GMT
etag: "b75b4bfe0d58faeced5006c785eaae23"
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-cf-pop: SFO5-P1
x-amz-cf-id: XB6rVImVxJXhi_xABvC9zsLRVSK7Qnk21Cs91w4lGqADpa-DehwVCw==
cache: HIT
accept-ranges: bytes
cache-control: max-age=280445
expires: Tue, 07 May 2024 10:02:18 GMT
date: Sat, 04 May 2024 04:08:13 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
quic-version: 0x00000001
|
|
| cdn-apac.onetrust.com/scripttemplates/otSDKStub.js | 104.18.32.137 | 200 OK | 21 kB |
URL GET HTTP/2cdn-apac.onetrust.com/scripttemplates/otSDKStub.js IP104.18.32.137:443
CertificateIssuerGoogle Trust Services LLC Subjectonetrust.com FingerprintF8:3D:2E:A5:60:D5:2B:FC:12:A2:FD:03:01:A3:EF:F8:5F:71:98:FD ValidityMon, 29 Apr 2024 06:15:16 GMT - Sun, 28 Jul 2024 07:12:55 GMT
File typeJavaScript source, ASCII text, with very long lines (21229) Hash0cd317a7b9c520801230e944f7d50e41 e3985ff0c2e8b1eaacb617c7c5af5bebfcbceda6 6f08699117c1f15f6d35e7b4380d12d18a1881f075e177b5853b1017a3307544
GET /scripttemplates/otSDKStub.js HTTP/1.1
Host: cdn-apac.onetrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 04:08:14 GMT
content-type: application/javascript
content-length: 6882
content-encoding: gzip
content-md5: cfMMgqnnnYda745QhUdJrw==
last-modified: Thu, 02 May 2024 17:31:09 GMT
etag: 0x8DC6ACDA7E8EB8A
x-ms-request-id: 42a4ff10-101e-0023-2f67-9db667000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 34201
expires: Sun, 05 May 2024 04:08:14 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87e5a0e20882569a-OSL
X-Firefox-Spdy: h2
|
|
| dl-asset.cyberlink.com/web/prog/bar/css/font/cJZKeOuBrn4kERxqtaUH3T8E0i7KZn-EPnyo3HZu7kw.woff | 23.36.76.136 | 200 OK | 20 kB |
URL GET HTTP/3dl-asset.cyberlink.com/web/prog/bar/css/font/cJZKeOuBrn4kERxqtaUH3T8E0i7KZn-EPnyo3HZu7kw.woff IP23.36.76.136:443 ASN#20940 Akamai International B.V.
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint38:4F:58:25:5F:08:EA:F7:8F:35:ED:B7:F0:06:CA:06:07:8F:7E:84 ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 21 Jan 2025 23:59:59 GMT
File typeWeb Open Font Format, TrueType, length 20544, version 1.1 Hashddf32d230e221d777f9a589f0e2f95ea d8721a797492d3dd8a5f5a419a386e69246d15ed df7de1f609f36bc4f0b8c56c23ffd2dfaa78f3341e479b0a3a8a4c802f6acc80
GET /web/prog/bar/css/font/cJZKeOuBrn4kERxqtaUH3T8E0i7KZn-EPnyo3HZu7kw.woff HTTP/1.1
Host: dl-asset.cyberlink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://99.83.161.79
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
server: nginx
content-type: font/woff
content-length: 20544
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Tue, 17 Oct 2023 05:26:10 GMT
etag: "ddf32d230e221d777f9a589f0e2f95ea"
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-cf-pop: SFO5-P1
x-amz-cf-id: Kqngsme93H5rs_8d-uE_j0TFRGSoXSbSS6Hxlu7mWJPyiBGr0VhJLw==
cache: HIT
accept-ranges: bytes
cache-control: max-age=912704
expires: Tue, 14 May 2024 17:39:57 GMT
date: Sat, 04 May 2024 04:08:13 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
quic-version: 0x00000001
|
|
| cdn-apac.onetrust.com/consent/f0e1cea4-7d55-444d-b2fa-27243963f542/f0e1cea4-7d55-444d-b2fa-27243963f542.json | 104.18.32.137 | 200 OK | 5.8 kB |
URL GET HTTP/2cdn-apac.onetrust.com/consent/f0e1cea4-7d55-444d-b2fa-27243963f542/f0e1cea4-7d55-444d-b2fa-27243963f542.json IP104.18.32.137:443
CertificateIssuerGoogle Trust Services LLC Subjectonetrust.com FingerprintF8:3D:2E:A5:60:D5:2B:FC:12:A2:FD:03:01:A3:EF:F8:5F:71:98:FD ValidityMon, 29 Apr 2024 06:15:16 GMT - Sun, 28 Jul 2024 07:12:55 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (6852), with no line terminators Hash8e31541773eabe5f20eb21d6121a2ba0 6f1a6476e67c54a874c9f21a82c4418e43d38bd1 bf6a758a26a7065bd525a4d00ba49b2fa29f872e5f07e8fba1c87f0131a900cf
GET /consent/f0e1cea4-7d55-444d-b2fa-27243963f542/f0e1cea4-7d55-444d-b2fa-27243963f542.json HTTP/1.1
Host: cdn-apac.onetrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://99.83.161.79
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 04:08:14 GMT
content-type: application/x-javascript
content-length: 1876
cf-ray: 87e5a0e2dbbf1c12-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=86400
content-encoding: gzip
etag: 0x8DC4959ACEC11FE
last-modified: Thu, 21 Mar 2024 03:47:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-md5: pUk7gT/6W274egOLqIK9ZQ==
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: eabfac06-101e-0089-22b6-9a6088000000
x-ms-version: 2009-09-19
server: cloudflare
X-Firefox-Spdy: h2
|
|
| 99.83.161.79/prog/newhomepage/css/v2/new_design.css?v=1714744800686 | 99.83.161.79 | 200 OK | 23 kB |
URL GET HTTP/299.83.161.79/prog/newhomepage/css/v2/new_design.css?v=1714744800686 IP99.83.161.79:443
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint30:CB:A0:E4:4D:60:C8:AA:F2:EC:B7:A5:15:46:0D:85:6A:BD:48:A1 ValidityThu, 26 Oct 2023 00:00:00 GMT - Wed, 02 Oct 2024 23:59:59 GMT
File typeASCII text, with very long lines (22853), with no line terminators Hashdb3ca431e51e8d26cf1bc34e0bb40eb2 cc613147083afbf9d95d9bf56814ecf5a3360245 1382ee5ffdd0883711190d9f71a8eb90fd5466a6fc285c8a928e6a8c03f2a16d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /prog/newhomepage/css/v2/new_design.css?v=1714744800686 HTTP/1.1
Host: 99.83.161.79
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Cookie: AWSALB=Mn3QzRG3tz91trVAdbHWJ7fr0I1NW8fWAKDAo68JGsChydsoOvX51sXPfU5PSB4trF1pVPhqVX4w8Pexza7tK5NDjd1hXlAIqQk/7qGs4TeFDDYoDUoxCcUBozSD; JSESSIONID=D17713C257C9CEC08F3A63BE7B82841A; AWSALBCORS=Mn3QzRG3tz91trVAdbHWJ7fr0I1NW8fWAKDAo68JGsChydsoOvX51sXPfU5PSB4trF1pVPhqVX4w8Pexza7tK5NDjd1hXlAIqQk/7qGs4TeFDDYoDUoxCcUBozSD
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 04:08:13 GMT
content-type: text/css
set-cookie: AWSALB=xKspcBjQVWbgN907G8kIsjS8PiBPFPHrTudn994u2F4QBhb0YNIbAjUUjDHLyCV/lMge8Rxbgma6ZDJjqxzvYcMcIh0AdqqQG2yxK0hBvhXIxalD2vhAx+P6GsEH; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/
AWSALBCORS=xKspcBjQVWbgN907G8kIsjS8PiBPFPHrTudn994u2F4QBhb0YNIbAjUUjDHLyCV/lMge8Rxbgma6ZDJjqxzvYcMcIh0AdqqQG2yxK0hBvhXIxalD2vhAx+P6GsEH; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Fri, 03 May 2024 13:42:12 GMT
etag: W/"6634e9b4-5945"
expires: Sun, 04 May 2025 04:08:13 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| dl-asset.cyberlink.com/web/stat/edms/product-version-images/2024/DS/icon_ds.png | 23.36.76.136 | 200 OK | 6.5 kB |
URL GET HTTP/3dl-asset.cyberlink.com/web/stat/edms/product-version-images/2024/DS/icon_ds.png IP23.36.76.136:443 ASN#20940 Akamai International B.V.
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint38:4F:58:25:5F:08:EA:F7:8F:35:ED:B7:F0:06:CA:06:07:8F:7E:84 ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 21 Jan 2025 23:59:59 GMT
File typePNG image data, 256 x 256, 8-bit colormap, non-interlaced Hashcb60f803e4605f24a9ff54251aeb2819 e351d30e2f60df244aa7d3ed21279a13f7e31ee8 5c8f420db0441142734d6b519e9a3fe81a7576d25b4abada644e6f13215b6244
GET /web/stat/edms/product-version-images/2024/DS/icon_ds.png HTTP/1.1
Host: dl-asset.cyberlink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
server: nginx
content-type: image/png
content-length: 6460
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Fri, 28 Jul 2023 03:42:22 GMT
etag: "cb60f803e4605f24a9ff54251aeb2819"
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-cf-pop: SFO53-P5
x-amz-cf-id: 3hK06fPpovB8kq_Qz26os3gjaKnP1SzlE008VrhbkQhwQALFezLItA==
cache: HIT
accept-ranges: bytes
cache-control: max-age=585895
expires: Fri, 10 May 2024 22:53:09 GMT
date: Sat, 04 May 2024 04:08:14 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
quic-version: 0x00000001
|
|
| 99.83.161.79/prog/bar/css/footer_general.css?v=1714744800692 | 99.83.161.79 | 200 OK | 1.8 kB |
URL GET HTTP/299.83.161.79/prog/bar/css/footer_general.css?v=1714744800692 IP99.83.161.79:443
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint30:CB:A0:E4:4D:60:C8:AA:F2:EC:B7:A5:15:46:0D:85:6A:BD:48:A1 ValidityThu, 26 Oct 2023 00:00:00 GMT - Wed, 02 Oct 2024 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (1819), with no line terminators Hashcde3c7cf8b5eb932c349157f9b4b4b66 6ae66608952ee4611c881e4b38570668d3161bf4 d90ad31500ae6d817ffd6a979ee689fa4224a10336b59a095fb0a91ac780fffe
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /prog/bar/css/footer_general.css?v=1714744800692 HTTP/1.1
Host: 99.83.161.79
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Cookie: AWSALB=iyFIMQbucV1qqptQVHjnt2CGxWD60S5oa0F5ME3lRrfcaPY4lycqzz94uSjbejCCRsGHQmy4de2aqasUIgmwMiOzbPvlK2RnloBui+boRsREtbB4uavBPtfpvfV8; JSESSIONID=D17713C257C9CEC08F3A63BE7B82841A; AWSALBCORS=iyFIMQbucV1qqptQVHjnt2CGxWD60S5oa0F5ME3lRrfcaPY4lycqzz94uSjbejCCRsGHQmy4de2aqasUIgmwMiOzbPvlK2RnloBui+boRsREtbB4uavBPtfpvfV8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 04:08:13 GMT
content-type: text/css
set-cookie: AWSALB=J2+BRb7frrLfqCkw4RuiFBT2tDeT9iNWTXTnKM4DqzrfHXqxorXTzKdPHQu5lxcsojZP7Su1ikA7jIRKgw6Ts11nergcUm21nkLxO9BIREG4uHURObYWTJsFbZsQ; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/
AWSALBCORS=J2+BRb7frrLfqCkw4RuiFBT2tDeT9iNWTXTnKM4DqzrfHXqxorXTzKdPHQu5lxcsojZP7Su1ikA7jIRKgw6Ts11nergcUm21nkLxO9BIREG4uHURObYWTJsFbZsQ; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Fri, 03 May 2024 13:42:08 GMT
etag: W/"6634e9b0-701"
expires: Sun, 04 May 2025 04:08:13 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cdn-apac.onetrust.com/logos/static/ot_guard_logo.svg | 104.18.32.137 | 200 OK | 497 B |
URL GET HTTP/2cdn-apac.onetrust.com/logos/static/ot_guard_logo.svg IP104.18.32.137:443
CertificateIssuerGoogle Trust Services LLC Subjectonetrust.com FingerprintF8:3D:2E:A5:60:D5:2B:FC:12:A2:FD:03:01:A3:EF:F8:5F:71:98:FD ValidityMon, 29 Apr 2024 06:15:16 GMT - Sun, 28 Jul 2024 07:12:55 GMT
File typeSVG Scalable Vector Graphics image Hash4cefeea2da1f500b581d4842d6454a50 9939dd4c1394641f53655e558bfdca7499480c52 220f235f0188ff469b92b56eb86adf4e828b8a90c587ebfa073383b8583aaeb2
GET /logos/static/ot_guard_logo.svg HTTP/1.1
Host: cdn-apac.onetrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://99.83.161.79/
Origin: https://99.83.161.79
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 04:08:17 GMT
content-type: image/svg+xml
content-md5: tXyZydHjxQshFMbbBT1/8A==
last-modified: Thu, 02 May 2024 17:31:14 GMT
x-ms-request-id: ccfb998f-e01e-0079-766b-9db0e6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
expires: Sun, 05 May 2024 04:08:17 GMT
cache-control: public, max-age=86400
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87e5a0f19f801c12-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 99.83.161.79/prog/bar/css/header_general.css?v=1714744800686 | 99.83.161.79 | 200 OK | 7.7 kB |
URL GET HTTP/299.83.161.79/prog/bar/css/header_general.css?v=1714744800686 IP99.83.161.79:443
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint30:CB:A0:E4:4D:60:C8:AA:F2:EC:B7:A5:15:46:0D:85:6A:BD:48:A1 ValidityThu, 26 Oct 2023 00:00:00 GMT - Wed, 02 Oct 2024 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (7648), with no line terminators Hashd9d1dfca90d7f7c34bd2d9443be1fa20 adb69f6253b501e66ce219b66f8de1ae758d3512 71680107180b7ead29337c33bd37338c1d9ed1eab448c803fd308b76db4cdabd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /prog/bar/css/header_general.css?v=1714744800686 HTTP/1.1
Host: 99.83.161.79
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Cookie: AWSALB=Mn3QzRG3tz91trVAdbHWJ7fr0I1NW8fWAKDAo68JGsChydsoOvX51sXPfU5PSB4trF1pVPhqVX4w8Pexza7tK5NDjd1hXlAIqQk/7qGs4TeFDDYoDUoxCcUBozSD; JSESSIONID=D17713C257C9CEC08F3A63BE7B82841A; AWSALBCORS=Mn3QzRG3tz91trVAdbHWJ7fr0I1NW8fWAKDAo68JGsChydsoOvX51sXPfU5PSB4trF1pVPhqVX4w8Pexza7tK5NDjd1hXlAIqQk/7qGs4TeFDDYoDUoxCcUBozSD
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 04:08:13 GMT
content-type: text/css
set-cookie: AWSALB=EkN/Ov9njIYElOAveJg07qNb7cSbQOAbGbq3ByULa0s98B39gl5eAfhAffT2gj3h5w76E8Mf7nXXrpItV25evhgsvtToMejM3GqPAflMLxpwx7MxWNnMcmIMoQVm; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/
AWSALBCORS=EkN/Ov9njIYElOAveJg07qNb7cSbQOAbGbq3ByULa0s98B39gl5eAfhAffT2gj3h5w76E8Mf7nXXrpItV25evhgsvtToMejM3GqPAflMLxpwx7MxWNnMcmIMoQVm; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Fri, 03 May 2024 13:42:10 GMT
etag: W/"6634e9b2-1dee"
expires: Sun, 04 May 2025 04:08:13 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 99.83.161.79/prog/newhomepage/css/style.css | 99.83.161.79 | 200 OK | 7.7 kB |
URL GET HTTP/299.83.161.79/prog/newhomepage/css/style.css IP99.83.161.79:443
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint30:CB:A0:E4:4D:60:C8:AA:F2:EC:B7:A5:15:46:0D:85:6A:BD:48:A1 ValidityThu, 26 Oct 2023 00:00:00 GMT - Wed, 02 Oct 2024 23:59:59 GMT
File typeASCII text, with very long lines (7744), with no line terminators Hash9bb8d09808847e8eeb3728e3df2513ed cc601afd1092159433854d5eb2e3de9b84869689 a81f3d1cd108001315bd3b07fed76696440d80620ba0300c8edc046ed11df760
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /prog/newhomepage/css/style.css HTTP/1.1
Host: 99.83.161.79
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Cookie: AWSALB=Mn3QzRG3tz91trVAdbHWJ7fr0I1NW8fWAKDAo68JGsChydsoOvX51sXPfU5PSB4trF1pVPhqVX4w8Pexza7tK5NDjd1hXlAIqQk/7qGs4TeFDDYoDUoxCcUBozSD; JSESSIONID=D17713C257C9CEC08F3A63BE7B82841A; AWSALBCORS=Mn3QzRG3tz91trVAdbHWJ7fr0I1NW8fWAKDAo68JGsChydsoOvX51sXPfU5PSB4trF1pVPhqVX4w8Pexza7tK5NDjd1hXlAIqQk/7qGs4TeFDDYoDUoxCcUBozSD
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 04:08:13 GMT
content-type: text/css
set-cookie: AWSALB=7pVWBNUIA9WmB0Yvj8o3kfpRW0dAO6yu9LIRYjJbCil3y2zUBIBy9t+UU133uEJdLlwYHX40+Q0Izrg4L7ETiAfmnN/EOaMJPB5aHljpQ/Bx0nZROam3q7pmhsxZ; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/
AWSALBCORS=7pVWBNUIA9WmB0Yvj8o3kfpRW0dAO6yu9LIRYjJbCil3y2zUBIBy9t+UU133uEJdLlwYHX40+Q0Izrg4L7ETiAfmnN/EOaMJPB5aHljpQ/Bx0nZROam3q7pmhsxZ; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Fri, 03 May 2024 13:42:12 GMT
etag: W/"6634e9b4-1e3a"
expires: Sun, 04 May 2025 04:08:13 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/ns.html?id=GTM-KPMKBJ3 | 142.250.74.168 | 200 OK | 266 B |
URL GET HTTP/3www.googletagmanager.com/ns.html?id=GTM-KPMKBJ3 IP142.250.74.168:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeHTML document, ASCII text, with very long lines (393), with no line terminators Hashc75fd1cbdb0487f6f79333ce02c39874 226567ed11ed725e928a9ec9d8da2d0810269044 7c1d9840c38c265b08e80a1bf28c254fdd83f435148dd2dffe6cbf90e276714c
GET /ns.html?id=GTM-KPMKBJ3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/html; charset=UTF-8
content-encoding: br
vary: *
date: Sat, 04 May 2024 04:08:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 92
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| 99.83.161.79/prog/bar/css/font.css | 99.83.161.79 | 200 OK | 1.0 kB |
URL GET HTTP/299.83.161.79/prog/bar/css/font.css IP99.83.161.79:443
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint30:CB:A0:E4:4D:60:C8:AA:F2:EC:B7:A5:15:46:0D:85:6A:BD:48:A1 ValidityThu, 26 Oct 2023 00:00:00 GMT - Wed, 02 Oct 2024 23:59:59 GMT
File typeASCII text, with very long lines (1040), with no line terminators Hashd0b6baab5643e8af1c62e5943d99737a 78c1ca50aa7b02f5cb7b8d78b5ed71ac5615cde0 6f2e0bf1fd1bda7266a350c66f08617a47bcb34cdee11200f047a13cc2e9a12c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /prog/bar/css/font.css HTTP/1.1
Host: 99.83.161.79
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Cookie: AWSALB=Mn3QzRG3tz91trVAdbHWJ7fr0I1NW8fWAKDAo68JGsChydsoOvX51sXPfU5PSB4trF1pVPhqVX4w8Pexza7tK5NDjd1hXlAIqQk/7qGs4TeFDDYoDUoxCcUBozSD; JSESSIONID=D17713C257C9CEC08F3A63BE7B82841A; AWSALBCORS=Mn3QzRG3tz91trVAdbHWJ7fr0I1NW8fWAKDAo68JGsChydsoOvX51sXPfU5PSB4trF1pVPhqVX4w8Pexza7tK5NDjd1hXlAIqQk/7qGs4TeFDDYoDUoxCcUBozSD
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 04:08:13 GMT
content-type: text/css
set-cookie: AWSALB=3dlOcTEFroGMxOiNroXzgxrZOzi5+AAKNAFVPKtKZO09Iv4ofzpij/+reFuCkwFmNZSGGze+fLhqUduEKxfHV2Bv5W/Lk2jRsBeRJY06AreiluTsjLj9ksfQYLNq; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/
AWSALBCORS=3dlOcTEFroGMxOiNroXzgxrZOzi5+AAKNAFVPKtKZO09Iv4ofzpij/+reFuCkwFmNZSGGze+fLhqUduEKxfHV2Bv5W/Lk2jRsBeRJY06AreiluTsjLj9ksfQYLNq; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Fri, 03 May 2024 13:42:08 GMT
etag: W/"6634e9b0-410"
expires: Sun, 04 May 2025 04:08:13 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 99.83.161.79/include/js/lazyloading.js | 99.83.161.79 | 200 OK | 788 B |
URL GET HTTP/299.83.161.79/include/js/lazyloading.js IP99.83.161.79:443
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint30:CB:A0:E4:4D:60:C8:AA:F2:EC:B7:A5:15:46:0D:85:6A:BD:48:A1 ValidityThu, 26 Oct 2023 00:00:00 GMT - Wed, 02 Oct 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (809), with no line terminators Hash1249fefa79b7a6181e5d1e69fb16d39f 559c9252ccdb7ae9b9ddfaf7d143ec6dc4a36b70 3ecfe673d63e53e113a271ffdd46489e972c26bf55cd0b32ebe39b9adeee6552
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /include/js/lazyloading.js HTTP/1.1
Host: 99.83.161.79
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Cookie: AWSALB=Mn3QzRG3tz91trVAdbHWJ7fr0I1NW8fWAKDAo68JGsChydsoOvX51sXPfU5PSB4trF1pVPhqVX4w8Pexza7tK5NDjd1hXlAIqQk/7qGs4TeFDDYoDUoxCcUBozSD; JSESSIONID=D17713C257C9CEC08F3A63BE7B82841A; AWSALBCORS=Mn3QzRG3tz91trVAdbHWJ7fr0I1NW8fWAKDAo68JGsChydsoOvX51sXPfU5PSB4trF1pVPhqVX4w8Pexza7tK5NDjd1hXlAIqQk/7qGs4TeFDDYoDUoxCcUBozSD
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 04:08:13 GMT
content-type: application/javascript
set-cookie: AWSALB=y3JAwPBFIt8tXWvJhpRcGZgjjNGlsYS6ymPvWbCSYB8+NXR+JIv6UD9KnWiKovE4YcQIiRZKakead1GJBwDp054ccv3wXuluOxts6J3nCEd1fsYAkQSYWRmnDAw2; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/
AWSALBCORS=y3JAwPBFIt8tXWvJhpRcGZgjjNGlsYS6ymPvWbCSYB8+NXR+JIv6UD9KnWiKovE4YcQIiRZKakead1GJBwDp054ccv3wXuluOxts6J3nCEd1fsYAkQSYWRmnDAw2; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Fri, 03 May 2024 13:42:50 GMT
etag: W/"6634e9da-314"
expires: Sun, 04 May 2025 04:08:13 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| dl-file.cyberlink.com/web/upload-file/common/banner/enu/2024/4/NewHomepage-Spotlight_PhotoDirector-365_15.0_20240404120311981.gif | 23.36.76.170 | 200 OK | 1.8 MB |
URL GET HTTP/3dl-file.cyberlink.com/web/upload-file/common/banner/enu/2024/4/NewHomepage-Spotlight_PhotoDirector-365_15.0_20240404120311981.gif IP23.36.76.170:443 ASN#20940 Akamai International B.V.
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint38:4F:58:25:5F:08:EA:F7:8F:35:ED:B7:F0:06:CA:06:07:8F:7E:84 ValidityMon, 22 Jan 2024 00:00:00 GMT - Tue, 21 Jan 2025 23:59:59 GMT
Size1.8 MB (1840247 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /web/upload-file/common/banner/enu/2024/4/NewHomepage-Spotlight_PhotoDirector-365_15.0_20240404120311981.gif HTTP/1.1
Host: dl-file.cyberlink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
server: nginx
content-type: image/gif
content-length: 1840247
last-modified: Thu, 04 Apr 2024 19:03:14 GMT
etag: "2322db6fa8093def6772d17a437563ed"
x-amz-storage-class: INTELLIGENT_TIERING
access-control-allow-origin: *
x-amz-cf-pop: SLC50-C1
x-amz-cf-id: uaGCW5sC889_9JthvYZqJy9dz01H_-gXru_n9RN_dLH5XCLkOEy2HQ==
cache: HIT
accept-ranges: bytes
cache-control: max-age=390356
expires: Wed, 08 May 2024 16:34:09 GMT
date: Sat, 04 May 2024 04:08:13 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
quic-version: 0x00000001
|
|
| 99.83.161.79/prog/bar/css/footer.css?v=1714744800693 | 99.83.161.79 | 200 OK | 3.2 kB |
URL GET HTTP/299.83.161.79/prog/bar/css/footer.css?v=1714744800693 IP99.83.161.79:443
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint30:CB:A0:E4:4D:60:C8:AA:F2:EC:B7:A5:15:46:0D:85:6A:BD:48:A1 ValidityThu, 26 Oct 2023 00:00:00 GMT - Wed, 02 Oct 2024 23:59:59 GMT
File typeASCII text, with very long lines (3265), with no line terminators Hash879b4f9b30a324e8282d7b3f8cfccbb9 2b7f8e25035b3ed900cb0c7dea091165b7a18191 ecfed8e1a23fe1f1c22f7d21d62004131b08c4ef8263565884641ddccf301c61
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /prog/bar/css/footer.css?v=1714744800693 HTTP/1.1
Host: 99.83.161.79
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Cookie: AWSALB=iyFIMQbucV1qqptQVHjnt2CGxWD60S5oa0F5ME3lRrfcaPY4lycqzz94uSjbejCCRsGHQmy4de2aqasUIgmwMiOzbPvlK2RnloBui+boRsREtbB4uavBPtfpvfV8; JSESSIONID=D17713C257C9CEC08F3A63BE7B82841A; AWSALBCORS=iyFIMQbucV1qqptQVHjnt2CGxWD60S5oa0F5ME3lRrfcaPY4lycqzz94uSjbejCCRsGHQmy4de2aqasUIgmwMiOzbPvlK2RnloBui+boRsREtbB4uavBPtfpvfV8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 04:08:13 GMT
content-type: text/css
set-cookie: AWSALB=gHcZtBZngMf1uNOrNbyt7dyaoDz1jMqYsd8U69V915UgCRuyYHAdHFgTy7dWn2rrTiGJStM4TBD5oBGqYJ7Y/7+pr+HBfsEfAVbqI+7YH935Sg8BmGYxrXHszsoh; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/
AWSALBCORS=gHcZtBZngMf1uNOrNbyt7dyaoDz1jMqYsd8U69V915UgCRuyYHAdHFgTy7dWn2rrTiGJStM4TBD5oBGqYJ7Y/7+pr+HBfsEfAVbqI+7YH935Sg8BmGYxrXHszsoh; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Fri, 03 May 2024 13:42:08 GMT
etag: W/"6634e9b0-caf"
expires: Sun, 04 May 2025 04:08:13 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 99.83.161.79/prog/newhomepage/css/new_banner.css | 99.83.161.79 | 200 OK | 10 kB |
URL GET HTTP/299.83.161.79/prog/newhomepage/css/new_banner.css IP99.83.161.79:443
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint30:CB:A0:E4:4D:60:C8:AA:F2:EC:B7:A5:15:46:0D:85:6A:BD:48:A1 ValidityThu, 26 Oct 2023 00:00:00 GMT - Wed, 02 Oct 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /prog/newhomepage/css/new_banner.css HTTP/1.1
Host: 99.83.161.79
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Cookie: AWSALB=Mn3QzRG3tz91trVAdbHWJ7fr0I1NW8fWAKDAo68JGsChydsoOvX51sXPfU5PSB4trF1pVPhqVX4w8Pexza7tK5NDjd1hXlAIqQk/7qGs4TeFDDYoDUoxCcUBozSD; JSESSIONID=D17713C257C9CEC08F3A63BE7B82841A; AWSALBCORS=Mn3QzRG3tz91trVAdbHWJ7fr0I1NW8fWAKDAo68JGsChydsoOvX51sXPfU5PSB4trF1pVPhqVX4w8Pexza7tK5NDjd1hXlAIqQk/7qGs4TeFDDYoDUoxCcUBozSD
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 04:08:13 GMT
content-type: text/css
set-cookie: AWSALB=LhmB8k+M1IQPZ1CHJST/BRBHeqN0etiz0Jg+eI/01TH/BP8EyHoqk5wfhtWB3dRVf8H83c58ZggOKErslT2e1/dFCgoTWSR7gZZqVGF/dUyR736TMrgG+ZVh0Wix; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/
AWSALBCORS=LhmB8k+M1IQPZ1CHJST/BRBHeqN0etiz0Jg+eI/01TH/BP8EyHoqk5wfhtWB3dRVf8H83c58ZggOKErslT2e1/dFCgoTWSR7gZZqVGF/dUyR736TMrgG+ZVh0Wix; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Fri, 03 May 2024 13:42:12 GMT
etag: W/"6634e9b4-27b7"
expires: Sun, 04 May 2025 04:08:13 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 99.83.161.79/prog/bar/js/menubarControl.js?v=1714744800689 | 99.83.161.79 | 200 OK | 29 kB |
URL GET HTTP/299.83.161.79/prog/bar/js/menubarControl.js?v=1714744800689 IP99.83.161.79:443
CertificateIssuerDigiCert Inc Subject*.cyberlink.com Fingerprint30:CB:A0:E4:4D:60:C8:AA:F2:EC:B7:A5:15:46:0D:85:6A:BD:48:A1 ValidityThu, 26 Oct 2023 00:00:00 GMT - Wed, 02 Oct 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (634) Hash6ea32ec41b187192fabd26ca58d40c66 7a7d9f734f9efbf4be6cba5a71cd2688778a1978 2c8b24f0c15eb792ce083be44667c245463955037aafe5133c3b1072f12ede39
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /prog/bar/js/menubarControl.js?v=1714744800689 HTTP/1.1
Host: 99.83.161.79
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://99.83.161.79/
Cookie: AWSALB=Mn3QzRG3tz91trVAdbHWJ7fr0I1NW8fWAKDAo68JGsChydsoOvX51sXPfU5PSB4trF1pVPhqVX4w8Pexza7tK5NDjd1hXlAIqQk/7qGs4TeFDDYoDUoxCcUBozSD; JSESSIONID=D17713C257C9CEC08F3A63BE7B82841A; AWSALBCORS=Mn3QzRG3tz91trVAdbHWJ7fr0I1NW8fWAKDAo68JGsChydsoOvX51sXPfU5PSB4trF1pVPhqVX4w8Pexza7tK5NDjd1hXlAIqQk/7qGs4TeFDDYoDUoxCcUBozSD
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 04:08:13 GMT
content-type: application/javascript
set-cookie: AWSALB=TzetCR8P2JlmlGYPRaThk1lKXx2xAw1mboj4v7O8IKQCyF9m+5XpVS9OAmXr1MNq4RyZUSvOZHjlO2TI1SAeI1Os2ajgp+pMcav6EnJUncDQHEFZSAy1mutZ0r2T; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/
AWSALBCORS=TzetCR8P2JlmlGYPRaThk1lKXx2xAw1mboj4v7O8IKQCyF9m+5XpVS9OAmXr1MNq4RyZUSvOZHjlO2TI1SAeI1Os2ajgp+pMcav6EnJUncDQHEFZSAy1mutZ0r2T; Expires=Sat, 11 May 2024 04:08:13 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Fri, 03 May 2024 13:42:54 GMT
etag: W/"6634e9de-7037"
expires: Sun, 04 May 2025 04:08:13 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
content-encoding: gzip
X-Firefox-Spdy: h2
|
|