Report - rucdr.jidcertain.top/index.php?main_page=product_info&products

Report Overview

Submitted URL
rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066
IP
199.168.99.125
ASN
#33387 NOCIX
Submitted
2022-11-29 01:34:51
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
46

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.13.173.34
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	56 kB	34.120.237.76
rucdr.jidcertain.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	29 kB	3.0 MB	199.168.99.125
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	23.36.76.226
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.6 kB	93.184.220.29
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-29	medium	rucdr.jidcertain.top/includes/modules/pages/product_info/jscript_textarea_counter.js	Phishing
2022-11-29	medium	rucdr.jidcertain.top/includes/templates/tadayima-001//jscript/jquery1.9.1.js	Phishing
2022-11-29	medium	rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNzg0MDQzNzY2ODBfMS5qcGc=	Phishing
2022-11-29	medium	rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMTI5NDg1ODE3NzFfMS5qcGc=	Phishing
2022-11-29	medium	rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNTk4NzM3NDA4NzFfMS5qcGc=	Phishing
2022-11-29	medium	rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjAzNDc5MjcyMzZfOS5qcGc=	Phishing
2022-11-29	medium	rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tOTY1MTY5MTkzMTBfMS5qcGc=	Phishing
2022-11-29	medium	rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNjUxMDU0MDA4NzVfMS5qcGc=	Phishing
2022-11-29	medium	rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMzcwMTI2ODIxNjlfMS5qcGc=	Phishing
2022-11-29	medium	rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjIwMTU1NjI1MzlfMS5qcGc=	Phishing
2022-11-29	medium	rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjcyNjc4MDU1MDBfMS5qcGc=	Phishing
2022-11-29	medium	rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNDYzNjExMjU1NTBfMS5qcGc=	Phishing
2022-11-29	medium	rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNzAwMDMzMzcwOTFfMS5qcGc=	Phishing
2022-11-29	medium	rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tOTM0NDQwMDgzNDJfMS5qcGc=	Phishing
2022-11-29	medium	rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjAzNDc5MjcyMzZfMi5qcGc=	Phishing
2022-11-29	medium	rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjAzNDc5MjcyMzZfMy5qcGc=	Phishing
2022-11-29	medium	rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjAzNDc5MjcyMzZfMS5qcGc=	Phishing
2022-11-29	medium	rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjAzNDc5MjcyMzZfNS5qcGc=	Phishing
2022-11-29	medium	rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjAzNDc5MjcyMzZfNC5qcGc=	Phishing
2022-11-29	medium	rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjAzNDc5MjcyMzZfNi5qcGc=	Phishing
2022-11-29	medium	rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tODY3MDMwMDY3NzZfMS5qcGc=	Phishing
2022-11-29	medium	rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjAzNDc5MjcyMzZfNy5qcGc=	Phishing
2022-11-29	medium	rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjAzNDc5MjcyMzZfOC5qcGc=	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (6)

	URL	Size	First Seen	Last Seen
	rucdr.jidcertain.top/includes/modules/pages/product_info/jscript_textarea_counter.js	566 B	2023-03-07	2024-04-23
Pretty URL rucdr.jidcertain.top/includes/modules/pages/product_info/jscript_textarea_counter.js IP 199.168.99.125 ASN #33387 NOCIX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:20:40 Last Seen2024-04-23 02:34:14 Times Seen196 Hash f5ed18c18a455964f160616a6e933430 07665ad4d9b24c2a1a5c6f52e04b0e27eb804081 823c2d569d4b4805ac4e93cc8d63033cb73f3a117616153f5cc0a823a68787ef Loading...

	rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066	474 B	2023-03-07	2024-04-26
Pretty URL rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066 IP 199.168.99.125 ASN #33387 NOCIX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:20:40 Last Seen2024-04-26 22:58:41 Times Seen190 Hash bc4de61fa5826e264a22d4a7c0e97ed9 2b5594c11dfee4bf424212378727f2ccb1a1755c d355d98ed1539410f586054614a252a9b31e771341c3651c8cd72380fee41740 Loading...

	rucdr.jidcertain.top/includes/templates/tadayima-001//jscript/jquery1.9.1.js	93 kB	2023-03-07	2024-04-26
Pretty URL rucdr.jidcertain.top/includes/templates/tadayima-001//jscript/jquery1.9.1.js IP 199.168.99.125 ASN #33387 NOCIX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:44 Last Seen2024-04-26 19:54:41 Times Seen4832 Hash 383771ef1692bfcc3f2b6917ca985778 a1ce0bfa507f23cc414a9a7634bd73b994bb3b35 20638e363fcc5152155f24b281303e17da62da62d24ef5dcf863b184d9a25734 Loading...

	rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066	864 B	2023-03-07	2023-04-05
Pretty URL rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066 IP 199.168.99.125 ASN #33387 NOCIX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:32 Last Seen2023-04-05 02:02:57 Times Seen196 Hash e56015af60837fe70c7698860f2794e0 9d87da8d707f9e2f361a84f260085cb2409a0077 e2459ae503af0e5f36b6d61c92796f2a1cedeaed0a6fe00169855afc9e938c17 Loading...

	rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066	383 B	2023-03-11	2023-03-11
Pretty URL rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066 IP 199.168.99.125 ASN #33387 NOCIX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:08:54 Last Seen2023-03-11 22:08:54 Times Seen1 Hash e6508a4fac64a32bd8cc601d197e1070 d97453081d682f02c96106591b42ec1e87c1245f 58f57e70c0e165b0d11b6d5e051bfd204f7d12cf379f268a560211f7f6665f7e Loading...

		Size	First Seen	Last Seen
	#1 Write - a40efec65eef6c939360fee94c1c5c77	351 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 22:08:54 Last Seen2023-03-11 22:08:54 Times Seen1 Hash a40efec65eef6c939360fee94c1c5c77 8be2ce0abfc0a795f457b6eace4a90fb090c4441 f5bc01168eaf6c95e4dce1e3325d996ab7d2af78768838ba4f31b7c474fcd3d0 Loading...

HTTP Transactions (74)

URL IP Response Size

rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066

199.168.99.125

301 Moved Permanently

291 B

URL HTTP/1.1
rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
291 B (291 bytes)
Hash
f76443468be95fc00a7cea00aa88b63b
6230f5fc4766ba473d19c7b168568b8d7ca15446
da9cff9325bd2ed178a935a1d0081bbc771d4bd931c07f5260d52723de43c6a0

HTTP Headers

GET /index.php?main_page=product_info&products_id=26066 HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Tue, 29 Nov 2022 01:34:39 GMT
Server: Apache
Location: https://rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066
Content-Length: 291
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10882
Expires: Tue, 29 Nov 2022 04:36:01 GMT
Date: Tue, 29 Nov 2022 01:34:39 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
9408cc0694fcbea57966c3a3ba906092
fddcee1fdcf3209298e41a4b1b5560357fa165f0
6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3591
Cache-Control: max-age=122193
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:34:39 GMT
Etag: "63848df9-1d7"
Expires: Wed, 30 Nov 2022 11:31:12 GMT
Last-Modified: Mon, 28 Nov 2022 10:31:21 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9543
Expires: Tue, 29 Nov 2022 04:13:42 GMT
Date: Tue, 29 Nov 2022 01:34:39 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 01:19:34 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 905
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: tEFM1qRggb08eCLKQjnjQrQ1Ayvb9qiXEWV02yWMuG8mHMKeVGyUvfpHC1hSJJCAwPD8IDzQCkM=
x-amz-request-id: XMX1Q5EG4ZJQQ0E5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 00:45:14 GMT
age: 2965
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:34:39 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e1f316564b9489a08963810decbf1569
70762d3724e1b7cdff21dd95e8c86601ca6038b4
9a6865072dd6ccc9ced6edd8678b30556bcbff0d061ab568395eda5825d205a2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9A6865072DD6CCC9CED6EDD8678B30556BCBFF0D061AB568395EDA5825D205A2"
Last-Modified: Tue, 29 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21595
Expires: Tue, 29 Nov 2022 07:34:34 GMT
Date: Tue, 29 Nov 2022 01:34:39 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 01:11:12 GMT
cache-control: public,max-age=3600
age: 1408
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
7ab2ef968cb6a3078f4b9cb2dda813d4
e669116047ca058a2c1b2999ff0ea8682719162c
6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5366
Cache-Control: max-age=118901
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:34:40 GMT
Etag: "63847a2f-1d7"
Expires: Wed, 30 Nov 2022 10:36:21 GMT
Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066

199.168.99.125

200 OK

8.8 kB

URL HTTP/1.1
rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1923), with CRLF, LF line terminators
Size
8.8 kB (8773 bytes)
Hash
894d91142d7b69881ccf5fc657da102a
84ae289f009023c07123e7c3d2ebc05b0e1d8211
ccf800970a08a245c5c33db9c0c8acad2ff6332c2f68bbf33ea7100d53242144

HTTP Headers

GET /index.php?main_page=product_info&products_id=26066 HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:40 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Set-Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4; path=/; domain=.rucdr.jidcertain.top; secure; HttpOnly
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8

push.services.mozilla.com/

52.13.173.34

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.13.173.34:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: CmE9jQbUkQi1FgKOd4TH8A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: dkGynJY2gjSz7co7IaCbNNcEjsQ=

rucdr.jidcertain.top/includes/templates/tadayima-001/css/style_categories.css

199.168.99.125

200 OK

1.1 kB

URL HTTP/1.1
rucdr.jidcertain.top/includes/templates/tadayima-001/css/style_categories.css
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
ASCII text, with CRLF line terminators
Size
1.1 kB (1123 bytes)
Hash
1d8e115ad09a0a6189d4111c2438a756
b40b86421e7ab14d1f895b914a95c4bdc7409757
0d04db05697cbf57cbdc34c40716b17c6e4ba0bbd21cc995faf578eb4d703ac8

HTTP Headers

GET /includes/templates/tadayima-001/css/style_categories.css HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:40 GMT
Server: Apache
Last-Modified: Tue, 06 Jul 2021 03:27:06 GMT
ETag: "463-5c66bff06f680"
Accept-Ranges: bytes
Content-Length: 1123
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

rucdr.jidcertain.top/includes/templates/tadayima-001/css/style_header.css

199.168.99.125

200 OK

5.9 kB

URL HTTP/1.1
rucdr.jidcertain.top/includes/templates/tadayima-001/css/style_header.css
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
ASCII text
Size
5.9 kB (5944 bytes)
Hash
17d0fe8245fbf1e1b5cd74ca71a7367b
e6393dc9d47a0fd1cb9a60c46654fc4d49e1111b
901aa92bb18da260e31e7337c512c1a8d1310c2cf49a8a5f2eb79e7e2b50786a

HTTP Headers

GET /includes/templates/tadayima-001/css/style_header.css HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:40 GMT
Server: Apache
Last-Modified: Thu, 04 Jul 2019 07:05:22 GMT
ETag: "1738-58cd599ee3080"
Accept-Ranges: bytes
Content-Length: 5944
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

rucdr.jidcertain.top/includes/templates/tadayima-001/css/style_dropmenu.css

199.168.99.125

200 OK

1.2 kB

URL HTTP/1.1
rucdr.jidcertain.top/includes/templates/tadayima-001/css/style_dropmenu.css
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
ASCII text, with CRLF line terminators
Size
1.2 kB (1201 bytes)
Hash
76e61b2d7c6de72a373dde82244d16db
6931c8f7e1bcc10b64906e37b3b928e5b638ba42
ca7e727697379851e782c0538159d004086b43db008acd5832d3a15f80a616d9

HTTP Headers

GET /includes/templates/tadayima-001/css/style_dropmenu.css HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:40 GMT
Server: Apache
Last-Modified: Thu, 04 Jul 2019 06:52:52 GMT
ETag: "4b1-58cd56d3a1900"
Accept-Ranges: bytes
Content-Length: 1201
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

rucdr.jidcertain.top/includes/templates/tadayima-001/css/style_footer.css

199.168.99.125

200 OK

1.4 kB

URL HTTP/1.1
rucdr.jidcertain.top/includes/templates/tadayima-001/css/style_footer.css
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
ASCII text
Size
1.4 kB (1397 bytes)
Hash
f1e24d4a76fa5ca2da818f8f58027a7f
317ce9c329373f912440320b0e1ec949ad771eaf
73ccdf4ee889b5c5117886f7891c24176f9c7a40c620e4d25e64e08414030dbc

HTTP Headers

GET /includes/templates/tadayima-001/css/style_footer.css HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:40 GMT
Server: Apache
Last-Modified: Thu, 04 Jul 2019 08:03:50 GMT
ETag: "575-58cd66b060580"
Accept-Ranges: bytes
Content-Length: 1397
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

rucdr.jidcertain.top/includes/templates/tadayima-001/css/stylesheet_index_home.css

199.168.99.125

200 OK

3.4 kB

URL HTTP/1.1
rucdr.jidcertain.top/includes/templates/tadayima-001/css/stylesheet_index_home.css
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
ASCII text, with very long lines (337), with CRLF line terminators
Size
3.4 kB (3392 bytes)
Hash
ba6d9f88a60933424f21331c26fa7b28
e0550d20722e9e5ec5627a965830e27de5e1a68c
9f9e95c6e41897c0475a3f062c0ffc67b53a6a917577357d69022fb1c205466e

HTTP Headers

GET /includes/templates/tadayima-001/css/stylesheet_index_home.css HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:40 GMT
Server: Apache
Last-Modified: Tue, 06 Jul 2021 03:28:02 GMT
ETag: "d40-5c66c025d7480"
Accept-Ranges: bytes
Content-Length: 3392
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css

rucdr.jidcertain.top/includes/templates/tadayima-001/css/stylesheet.css

199.168.99.125

200 OK

8.3 kB

URL HTTP/1.1
rucdr.jidcertain.top/includes/templates/tadayima-001/css/stylesheet.css
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
ASCII text, with very long lines (776), with CRLF line terminators
Size
8.3 kB (8261 bytes)
Hash
72f7e5ef4e7b3f3ec6e0d8218e7e3f74
4b108604dee19f4f7ff5af6671bbf460b1beeda1
bfe9014b7014cc56b34307ada5c346bad44fe871d7189cdecee362d7f7eed875

HTTP Headers

GET /includes/templates/tadayima-001/css/stylesheet.css HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:40 GMT
Server: Apache
Last-Modified: Mon, 13 Sep 2021 09:09:30 GMT
ETag: "2045-5cbdcd2986680"
Accept-Ranges: bytes
Content-Length: 8261
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

rucdr.jidcertain.top/includes/templates/tadayima-001/css/stylesheet_l_cat.css

199.168.99.125

200 OK

221 B

URL HTTP/1.1
rucdr.jidcertain.top/includes/templates/tadayima-001/css/stylesheet_l_cat.css
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
ASCII text
Size
221 B (221 bytes)
Hash
bd046a4e84a978c63d13d789fddbf3f1
6f27c9363231ea52723e3fb33c2792d2913465e0
8d6a8f6214cc2cd009d1afda866cccc6774e12ad9fb38579f1ac20ebb32cdce7

HTTP Headers

GET /includes/templates/tadayima-001/css/stylesheet_l_cat.css HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:41 GMT
Server: Apache
Last-Modified: Fri, 25 Feb 2022 03:56:48 GMT
ETag: "dd-5d8cfb01be000"
Accept-Ranges: bytes
Content-Length: 221
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

rucdr.jidcertain.top/includes/templates/tadayima-001/css/stylesheet_related.css

199.168.99.125

200 OK

2.0 kB

URL HTTP/1.1
rucdr.jidcertain.top/includes/templates/tadayima-001/css/stylesheet_related.css
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
ASCII text, with CRLF line terminators
Size
2.0 kB (2019 bytes)
Hash
8042e58b6a17adfa6b22fd816e130df8
8edcfc2e8d0fd9661e968da9c2196f52b9056387
5a2df2c3a7041795c5773c45e2a9bc43daff3b24265ac6dab6d8887b5fcb2a43

HTTP Headers

GET /includes/templates/tadayima-001/css/stylesheet_related.css HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:41 GMT
Server: Apache
Last-Modified: Thu, 04 Jul 2019 08:09:54 GMT
ETag: "7e3-58cd680b83880"
Accept-Ranges: bytes
Content-Length: 2019
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

rucdr.jidcertain.top/includes/templates/tadayima-001/css/stylesheet_searchtop.css

199.168.99.125

200 OK

939 B

URL HTTP/1.1
rucdr.jidcertain.top/includes/templates/tadayima-001/css/stylesheet_searchtop.css
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
ASCII text, with CRLF line terminators
Size
939 B (939 bytes)
Hash
b64c90d30c440a1e5fe3232294c2a6fe
ae1126afb5efe86129c9c40eab0d4d4c431a4445
46f11e8e76073a57316c8c899934e391cde31ae9f00661488f42cf5dea124150

HTTP Headers

GET /includes/templates/tadayima-001/css/stylesheet_searchtop.css HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:41 GMT
Server: Apache
Last-Modified: Thu, 04 Jul 2019 06:51:46 GMT
ETag: "3ab-58cd5694b0480"
Accept-Ranges: bytes
Content-Length: 939
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css

rucdr.jidcertain.top/includes/templates/tadayima-001/css/stylesheet_xt.css

199.168.99.125

200 OK

118 B

URL HTTP/1.1
rucdr.jidcertain.top/includes/templates/tadayima-001/css/stylesheet_xt.css
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
ASCII text, with CRLF line terminators
Size
118 B (118 bytes)
Hash
bdb30231f4343c4e592aff36f9dab50f
f71c56bbb1e950642c362783621b84809a447d98
16da8a97403e93fbf96bb9ab31c93948bac10c7520766cdacc63044f7b57f657

HTTP Headers

GET /includes/templates/tadayima-001/css/stylesheet_xt.css HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:41 GMT
Server: Apache
Last-Modified: Mon, 26 Jul 2021 09:58:14 GMT
ETag: "76-5c803caa7b980"
Accept-Ranges: bytes
Content-Length: 118
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

rucdr.jidcertain.top/includes/templates/tadayima-001/css/product_info.css

199.168.99.125

200 OK

5.3 kB

URL HTTP/1.1
rucdr.jidcertain.top/includes/templates/tadayima-001/css/product_info.css
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
ASCII text, with CRLF line terminators
Size
5.3 kB (5343 bytes)
Hash
647b20830d16e242c9522927a558eb7c
f54e97fd21ad39757783ed797c72777d00027185
7ffc8dafcdfc6f49a7ef804e0368231732a6938cde3f6073726c7299fd378512

HTTP Headers

GET /includes/templates/tadayima-001/css/product_info.css HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:41 GMT
Server: Apache
Last-Modified: Sat, 10 Jul 2021 08:30:32 GMT
ETag: "14df-5c6c0b38dfa00"
Accept-Ranges: bytes
Content-Length: 5343
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

rucdr.jidcertain.top/includes/modules/pages/product_info/jscript_textarea_counter.js

199.168.99.125

200 OK

566 B

URL HTTP/1.1
rucdr.jidcertain.top/includes/modules/pages/product_info/jscript_textarea_counter.js
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
ASCII text
Size
566 B (566 bytes)
Hash
f5ed18c18a455964f160616a6e933430
07665ad4d9b24c2a1a5c6f52e04b0e27eb804081
823c2d569d4b4805ac4e93cc8d63033cb73f3a117616153f5cc0a823a68787ef

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /includes/modules/pages/product_info/jscript_textarea_counter.js HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:41 GMT
Server: Apache
Last-Modified: Mon, 21 Apr 2014 06:00:10 GMT
ETag: "236-4f78736454e80"
Accept-Ranges: bytes
Content-Length: 566
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript

rucdr.jidcertain.top/includes/templates/tadayima-001/css/stylesheet_tm.css

199.168.99.125

200 OK

24 kB

URL HTTP/1.1
rucdr.jidcertain.top/includes/templates/tadayima-001/css/stylesheet_tm.css
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
Unicode text, UTF-8 text, with very long lines (680), with CRLF line terminators
Size
24 kB (23503 bytes)
Hash
a74a09eb51d877b1b46fb076eadd754e
5c1775e19f6b6ed69f0a43e9986ffb44dafc2ebd
964a02fcda32dc54a709c71f98687bb7988e746f98e44dcb0162d088a6679fa3

HTTP Headers

GET /includes/templates/tadayima-001/css/stylesheet_tm.css HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:41 GMT
Server: Apache
Last-Modified: Mon, 13 Sep 2021 09:10:40 GMT
ETag: "5bcf-5cbdcd6c48400"
Accept-Ranges: bytes
Content-Length: 23503
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

rucdr.jidcertain.top/includes/templates/tadayima-001/css/stylesheet_cart.css

199.168.99.125

200 OK

8.2 kB

URL HTTP/1.1
rucdr.jidcertain.top/includes/templates/tadayima-001/css/stylesheet_cart.css
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
ASCII text, with very long lines (794), with CRLF line terminators
Size
8.2 kB (8184 bytes)
Hash
2e1b3560fa2e1a2958128a83bea1253e
53394356cff7275f4ccf58652b3dac553f32f719
30acbe20121974fdd718779a803382945afc59e462e6363dac49494da24d6fe4

HTTP Headers

GET /includes/templates/tadayima-001/css/stylesheet_cart.css HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:41 GMT
Server: Apache
Last-Modified: Thu, 28 Oct 2021 06:26:36 GMT
ETag: "1ff8-5cf63cae0df00"
Accept-Ranges: bytes
Content-Length: 8184
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

rucdr.jidcertain.top/includes/templates/tadayima-001/css/stylesheet_css_buttons.css

199.168.99.125

200 OK

1.4 kB

URL HTTP/1.1
rucdr.jidcertain.top/includes/templates/tadayima-001/css/stylesheet_css_buttons.css
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
ASCII text, with very long lines (1363), with no line terminators
Size
1.4 kB (1363 bytes)
Hash
8a25a116b63cd44f57f1a5d79b605a66
3af4c30e02d101d3f5f2fd81a1018ba1cf569da2
95d81437bcf201898e2a9190a600151bbc7e48cc90a358128ed78f89eea9b66d

HTTP Headers

GET /includes/templates/tadayima-001/css/stylesheet_css_buttons.css HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:41 GMT
Server: Apache
Last-Modified: Wed, 27 Sep 2017 03:58:36 GMT
ETag: "553-55a23ce5b5300"
Accept-Ranges: bytes
Content-Length: 1363
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

rucdr.jidcertain.top/includes/templates/tadayima-001//jscript/jquery1.9.1.js

199.168.99.125

200 OK

93 kB

URL HTTP/1.1
rucdr.jidcertain.top/includes/templates/tadayima-001//jscript/jquery1.9.1.js
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
ASCII text, with very long lines (32089), with CRLF line terminators
Size
93 kB (92633 bytes)
Hash
383771ef1692bfcc3f2b6917ca985778
a1ce0bfa507f23cc414a9a7634bd73b994bb3b35
20638e363fcc5152155f24b281303e17da62da62d24ef5dcf863b184d9a25734

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /includes/templates/tadayima-001//jscript/jquery1.9.1.js HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:41 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2016 07:18:10 GMT
ETag: "169d9-53939c08df080"
Accept-Ranges: bytes
Content-Length: 92633
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9465
Expires: Tue, 29 Nov 2022 04:12:26 GMT
Date: Tue, 29 Nov 2022 01:34:41 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9465
Expires: Tue, 29 Nov 2022 04:12:26 GMT
Date: Tue, 29 Nov 2022 01:34:41 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9465
Expires: Tue, 29 Nov 2022 04:12:26 GMT
Date: Tue, 29 Nov 2022 01:34:41 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9465
Expires: Tue, 29 Nov 2022 04:12:26 GMT
Date: Tue, 29 Nov 2022 01:34:41 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9465
Expires: Tue, 29 Nov 2022 04:12:26 GMT
Date: Tue, 29 Nov 2022 01:34:41 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7faa45dd-b9de-4dae-a2d6-ee678d7d3906.jpeg

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7faa45dd-b9de-4dae-a2d6-ee678d7d3906.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (9015 bytes)
Hash
ae2e2986caa15a90b615147f229b51ec
c6dfd277cdbd057472e6df6ad1a200f50684d442
ec3799922c38ee6394601744ff4b2c405ee44c4718a2b90c104134657f8b480b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7faa45dd-b9de-4dae-a2d6-ee678d7d3906.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9015
x-amzn-requestid: eb4599b5-e88a-47cd-8d1b-5839c4f7593e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnbGLToAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852962-67476fac77c8d1ee36f89ecc;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 09Pb9RMyAoRWXYfw5mxwtpl6fnHwlxDJryR4c-F3rurGKUgo-HYUOg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:42:03 GMT
age: 13958
etag: "c6dfd277cdbd057472e6df6ad1a200f50684d442"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1172c72b-d329-4446-80cb-92b8cf104425.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.9 kB (3944 bytes)
Hash
9cd333c474420e235831d96ed881167e
5008d7344dd85ae61a598c17e7baf427def3e25d
2178a96e120661e43d8e8ed0df1fcf500caf4c58db9e1bedaf0706af0a80b286

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1172c72b-d329-4446-80cb-92b8cf104425.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3944
x-amzn-requestid: 8a6732c1-72da-4a73-ba51-8533c6a01a9c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNmfFgeIAMFjLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6385295c-0c807d93277bfb7f6b13c2ee;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:20 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XC26NJ0PkNhOsuvMPTd5TlY-oDOGfGoNxzzMANQRlyBWt1XZW_gUfA==
via: 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:42:03 GMT
age: 13958
etag: "5008d7344dd85ae61a598c17e7baf427def3e25d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdef9eb6-c1f1-4337-aff8-0986561782c7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9203 bytes)
Hash
5d574c4db20a68295dbd06cb08f5990b
433061bbb226048765a711deca3026ee3e52372f
8cc1a4d18e242f8bfc8ab94637f635b73554b903462c29b06d0ec67872542afb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdef9eb6-c1f1-4337-aff8-0986561782c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9203
x-amzn-requestid: 8cba52d6-3c1c-495c-bb9d-3ba6f0adc7e1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cHcHmGmQoAMF6dQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fa6fd-73abfa592ff223061401af9a;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 17:16:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UmhWm03jrsV8dFagrzIA0E-8eL8dykoO5kw3cYOBd172dCGqNdAX-Q==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 03:31:58 GMT
age: 79363
etag: "433061bbb226048765a711deca3026ee3e52372f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.4 kB (9376 bytes)
Hash
cce27a1fe8c0222811a5ce0e7f89e1cb
28c165bac8cf68cd1b0763c311aece00672cb3a5
4530e34a47ef78c2c2b0d34a0511253a61f1927b192ab42f82361002ff10819e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9376
x-amzn-requestid: c52b3092-90d2-4289-b6e0-ab99c9d4710a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPmz3EVUoAMFWUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382eb4b-39f46c89238eff696e9f2dba;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 04:44:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ofQEhaEiX1vE25a_1xHeab9Px9zgGpk8omlX_aHmLE1oN1aZTPzWxQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:58:57 GMT
age: 12944
etag: "28c165bac8cf68cd1b0763c311aece00672cb3a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1ee10f9-36dd-4ca4-986e-a80758149640.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8460 bytes)
Hash
516776052e5e906ea9f42d25bae5cc85
be4c4d01fc67218e26a3e9d27a2f708e639c9d4b
28e70e38cfad65ad8a7a68ab1dc78747c7013a87b854fc35b163cc5765cd0570

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1ee10f9-36dd-4ca4-986e-a80758149640.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8460
x-amzn-requestid: 51416479-3854-4f1a-9d86-35e104c57f6a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnkHuZIAMF-_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852963-180b323d4a45fa2f29f9b1fc;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3MKambAjrBl64HI6hBuOtNJi3Tj6gxtwH_lOfk0WNX15UnCrAJbNig==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:48:54 GMT
age: 13547
etag: "be4c4d01fc67218e26a3e9d27a2f708e639c9d4b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10176 bytes)
Hash
03014221d7f49b50ffc2d1b0a0e75457
772d86ad983042a728ee3490630a9cf1134ad0dd
81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10176
x-amzn-requestid: 768fc69c-e91b-4dd9-8add-63634762b2d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMpbgEFOIAMF71A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bc49-21756db31c4714af0553f21b;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:12:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jS-AS3x8V3XacXRNkU63UJjBxA6unvBer5WcxUYseR5p4eZPK64o2g==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 07:40:08 GMT
age: 64473
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNzg0MDQzNzY2ODBfMS5qcGc=

199.168.99.125

200 OK

22 kB

URL HTTP/1.1
rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNzg0MDQzNzY2ODBfMS5qcGc=
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 512x519, components 3\012- data
Size
22 kB (21956 bytes)
Hash
f0e424a61582a6ec94d7ba0a6dca8e5a
fc8b7865015c56a81e92627a484ac23c2e2dc132
c5e5b1bf62ef59cbdb941fa2ea9030da6ded521efcc34a77a73fc3e51faac8d2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNzg0MDQzNzY2ODBfMS5qcGc= HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:41 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg

rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMTI5NDg1ODE3NzFfMS5qcGc=

199.168.99.125

200 OK

110 kB

URL HTTP/1.1
rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMTI5NDg1ODE3NzFfMS5qcGc=
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Size
110 kB (109971 bytes)
Hash
7ef0c5db2f3a929394e04bef06bd6821
5b818c48e2e6778508112b1611ff511281faf637
f8db588097d58ad4c7df6034d0e7a09123750dba333d51f9ff2e294d472c1b2f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMTI5NDg1ODE3NzFfMS5qcGc= HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:41 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg

rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNTk4NzM3NDA4NzFfMS5qcGc=

199.168.99.125

200 OK

54 kB

URL HTTP/1.1
rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNTk4NzM3NDA4NzFfMS5qcGc=
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 540x720, components 3\012- data
Size
54 kB (54353 bytes)
Hash
525ab25503a33195b4730571ca6fdebc
734a81a3b7cb4d1afacfb09cdae5c012df001f0d
fe0a1ae38081c62c288b3c205cbec7b8bad533ab23c36c18ae14d3b8799bc302

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNTk4NzM3NDA4NzFfMS5qcGc= HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:42 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg

rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjAzNDc5MjcyMzZfOS5qcGc=

199.168.99.125

200 OK

247 kB

URL HTTP/1.1
rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjAzNDc5MjcyMzZfOS5qcGc=
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Size
247 kB (247019 bytes)
Hash
4cbd73c00b2530c6f3e00906f4147fa5
7a5ae85207a802b7c3758ed64ec25f5a5f5c1dda
b9f8af5f3c3180743e676ff465f08eea65be1b0cd520d177182beaeaa9c493e2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjAzNDc5MjcyMzZfOS5qcGc= HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:41 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg

rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tOTY1MTY5MTkzMTBfMS5qcGc=

199.168.99.125

200 OK

113 kB

URL HTTP/1.1
rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tOTY1MTY5MTkzMTBfMS5qcGc=
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 864x864, components 3\012- data
Size
113 kB (113277 bytes)
Hash
e921c1c750cbacfb4af3c8dde3173628
276f90495bbd9287eff7efbbc6668e50c5e3934b
b78d809ec4e6ee9cf5b610e441e8e8f2b087aa758c087f1a0554415c87a9ff13

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tOTY1MTY5MTkzMTBfMS5qcGc= HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:42 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg

rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNjUxMDU0MDA4NzVfMS5qcGc=

199.168.99.125

200 OK

121 kB

URL HTTP/1.1
rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNjUxMDU0MDA4NzVfMS5qcGc=
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x810, components 3\012- data
Size
121 kB (121385 bytes)
Hash
c75995b80f931f3e98240ad27f58042a
91fbb582d938744c5ca29fd59c0a01704f3cd7b2
a2c80af5345f766d62461326ce51de9dda59f8e90cea9a4a8271ce1ee4086b9b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNjUxMDU0MDA4NzVfMS5qcGc= HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:42 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg

rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMzcwMTI2ODIxNjlfMS5qcGc=

199.168.99.125

200 OK

33 kB

URL HTTP/1.1
rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMzcwMTI2ODIxNjlfMS5qcGc=
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 720x540, components 3\012- data
Size
33 kB (32892 bytes)
Hash
215c936c5c48318846354e305a876945
31537d9eaf6f5e0029e7371206deafc02d870991
568edddbaaab64602dec15d2b5fd5ab4ab2ef411411fba5645a34de8f06172e5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMzcwMTI2ODIxNjlfMS5qcGc= HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:41 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg

rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjIwMTU1NjI1MzlfMS5qcGc=

199.168.99.125

200 OK

212 kB

URL HTTP/1.1
rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjIwMTU1NjI1MzlfMS5qcGc=
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Size
212 kB (212008 bytes)
Hash
b4cd0528f5d396b55106a4af122153fd
2079a7fe4f4d5b191639c05b6818397da8146c2e
25774eb7607257ed3a7323559518caac6085de452b09a841235ade2080d83184

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjIwMTU1NjI1MzlfMS5qcGc= HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:42 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg

rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjcyNjc4MDU1MDBfMS5qcGc=

199.168.99.125

200 OK

64 kB

URL HTTP/1.1
rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjcyNjc4MDU1MDBfMS5qcGc=
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x810, components 3\012- data
Size
64 kB (64364 bytes)
Hash
e0c02d2bb2b1148d11e9e7aa0e65e7e2
f36f38b5c8567035369384146eaa37363e3e8ec2
3cf770ab85f057ce405417037cd433b9ece51343393bc61843529552f40c05c0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjcyNjc4MDU1MDBfMS5qcGc= HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:41 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg

rucdr.jidcertain.top/includes/templates/tadayima-001/images/next2.png

199.168.99.125

200 OK

7.1 kB

URL HTTP/1.1
rucdr.jidcertain.top/includes/templates/tadayima-001/images/next2.png
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
7.1 kB (7076 bytes)
Hash
6958ad3643e842e608ac4112bcc2f770
98338d2878bb028c1eee82ade843f25e9f81bace
f47337015eb7a7aacdfe148e25ab5d39356f84b7d81950e8f239f6571d2f04e8

HTTP Headers

GET /includes/templates/tadayima-001/images/next2.png HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/includes/templates/tadayima-001/css/style_header.css
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:42 GMT
Server: Apache
Last-Modified: Sat, 20 Oct 2012 03:14:44 GMT
ETag: "1ba4-4cc7505991100"
Accept-Ranges: bytes
Content-Length: 7076
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/png

rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNDYzNjExMjU1NTBfMS5qcGc=

199.168.99.125

200 OK

43 kB

URL HTTP/1.1
rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNDYzNjExMjU1NTBfMS5qcGc=
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 540x720, components 3\012- data
Size
43 kB (42976 bytes)
Hash
8e89de31e67b843f27369e1b17167749
ede73a4501e5682d7e86c30a0cf77a2d79924f53
82396b07ac7cb0eb484c120f9b277a5aabf29b40118d1c02eda943896bd24827

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNDYzNjExMjU1NTBfMS5qcGc= HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:42 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg

rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNzAwMDMzMzcwOTFfMS5qcGc=

199.168.99.125

200 OK

53 kB

URL HTTP/1.1
rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNzAwMDMzMzcwOTFfMS5qcGc=
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 540x720, components 3\012- data
Size
53 kB (52593 bytes)
Hash
d84d3cdeba734f0df8a996b1b440ff22
3b17449a7d8006a326de7e21ea22d39dc7a09a96
d0bbab02653471110e9d9f9900d7d1bc77b036f64e6a0320e3b1ade97d6c02e7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tNzAwMDMzMzcwOTFfMS5qcGc= HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:41 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg

rucdr.jidcertain.top/includes/templates/tadayima-001/images/logo.gif

199.168.99.125

200 OK

6.4 kB

URL HTTP/1.1
rucdr.jidcertain.top/includes/templates/tadayima-001/images/logo.gif
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
GIF image data, version 89a, 256 x 80\012- data
Size
6.4 kB (6359 bytes)
Hash
9d6afea1d5f89e81f636c4203cee25a8
4e834c6d5f920f4f988d5b3d26a21df120bd84ed
19de960d29307001158904b680c57a28c0c2330e5a64959764afa48db0801dbd

HTTP Headers

GET /includes/templates/tadayima-001/images/logo.gif HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:43 GMT
Server: Apache
Last-Modified: Thu, 04 Jul 2019 06:50:08 GMT
ETag: "18d7-58cd56373a800"
Accept-Ranges: bytes
Content-Length: 6359
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/gif

rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tOTM0NDQwMDgzNDJfMS5qcGc=

199.168.99.125

200 OK

87 kB

URL HTTP/1.1
rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tOTM0NDQwMDgzNDJfMS5qcGc=
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1079x1080, components 3\012- data
Size
87 kB (86986 bytes)
Hash
26dd640911f4907aa8a28522dbbb2cae
cee9418419b29da76456723c473579812aa41065
f0293a04d96aa5a36ddf5fb7d408425415ba3a0c36a85169358ef6f55ebcfb78

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tOTM0NDQwMDgzNDJfMS5qcGc= HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:42 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg

rucdr.jidcertain.top/includes/templates/tadayima-001/images/icon_search.png

199.168.99.125

200 OK

3.6 kB

URL HTTP/1.1
rucdr.jidcertain.top/includes/templates/tadayima-001/images/icon_search.png
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
PNG image data, 178 x 178, 8-bit/color RGBA, non-interlaced\012- data
Size
3.6 kB (3552 bytes)
Hash
e23597d1438fc031aaa277d774974ddf
507efa327d1ab542fcad1e7e148ccc3f2f0b0ef9
fd8c1e9f1059894420036910c36e07e09671e6b12f8a5ba6cd38954f7c17c02d

HTTP Headers

GET /includes/templates/tadayima-001/images/icon_search.png HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/includes/templates/tadayima-001/css/stylesheet_searchtop.css
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:43 GMT
Server: Apache
Last-Modified: Wed, 27 Sep 2017 03:58:48 GMT
ETag: "de0-55a23cf126e00"
Accept-Ranges: bytes
Content-Length: 3552
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/png

rucdr.jidcertain.top/includes/templates/tadayima-001/images/header.png

199.168.99.125

200 OK

8.4 kB

URL HTTP/1.1
rucdr.jidcertain.top/includes/templates/tadayima-001/images/header.png
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
PNG image data, 329 x 291, 8-bit/color RGBA, non-interlaced\012- data
Size
8.4 kB (8432 bytes)
Hash
4138e173286c667186287a4e18f0632c
8397923675ba6fb1927bceff648eda0300e83a73
21c72578d5f4bb1a30489e6f1799c8979bb6661a5a388edecd0a4a473cd0abf6

HTTP Headers

GET /includes/templates/tadayima-001/images/header.png HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/includes/templates/tadayima-001/css/style_header.css
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:43 GMT
Server: Apache
Last-Modified: Sun, 07 Aug 2016 01:56:58 GMT
ETag: "20f0-539719d60ae80"
Accept-Ranges: bytes
Content-Length: 8432
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png

rucdr.jidcertain.top/includes/templates/tadayima-001/images/ico_leftmenu_001.jpg

199.168.99.125

200 OK

1.3 kB

URL HTTP/1.1
rucdr.jidcertain.top/includes/templates/tadayima-001/images/ico_leftmenu_001.jpg
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 6x6, components 3\012- data
Size
1.3 kB (1292 bytes)
Hash
3daffbfc2f66bb4f8bd2141612b24abf
28ee5e98543e4f5b69ec2f62d84b1acc15982ef8
3ec57a9810c93ff1b7839619799fbfb902f7ae9cc2525425641c354c31f7aaae

HTTP Headers

GET /includes/templates/tadayima-001/images/ico_leftmenu_001.jpg HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/includes/templates/tadayima-001/css/style_categories.css
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:43 GMT
Server: Apache
Last-Modified: Mon, 03 Oct 2016 03:18:12 GMT
ETag: "50c-53ded64d86500"
Accept-Ranges: bytes
Content-Length: 1292
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg

rucdr.jidcertain.top/includes/templates/tadayima-001/images/arrow02.gif

199.168.99.125

200 OK

183 B

URL HTTP/1.1
rucdr.jidcertain.top/includes/templates/tadayima-001/images/arrow02.gif
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
GIF image data, version 89a, 10 x 9\012- data
Size
183 B (183 bytes)
Hash
3ac44a26031155e887bc0531adb7c89b
c245808f8a0726c45ef19524dfd100fa7dbcdf94
0111e5620d5ad5787b58864dfaa8e809b90149e90e1fb3192d5f8744bc3a61c1

HTTP Headers

GET /includes/templates/tadayima-001/images/arrow02.gif HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/includes/templates/tadayima-001/css/style_categories.css
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:43 GMT
Server: Apache
Last-Modified: Mon, 13 May 2013 01:56:56 GMT
ETag: "b7-4dc8fd4d4ea00"
Accept-Ranges: bytes
Content-Length: 183
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/gif

rucdr.jidcertain.top/images/com_icon_shipping_02.gif

199.168.99.125

200 OK

2.5 kB

URL HTTP/1.1
rucdr.jidcertain.top/images/com_icon_shipping_02.gif
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
GIF image data, version 89a, 35 x 16\012- data
Size
2.5 kB (2487 bytes)
Hash
47dda9ae6c3e720ef3f5685e028c37f1
ddba8aa14d426530d8204e4fa6a3ad187a04a2ff
f3e045222b4ec5796819c72f9f2cf297356b32fa0b017ca61cdf6735f56ac3cd

HTTP Headers

GET /images/com_icon_shipping_02.gif HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:43 GMT
Server: Apache
Last-Modified: Fri, 10 May 2019 09:47:30 GMT
ETag: "9b7-58885747e1080"
Accept-Ranges: bytes
Content-Length: 2487
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/gif

rucdr.jidcertain.top/images/com_icon_shipping_04.gif

199.168.99.125

200 OK

2.5 kB

URL HTTP/1.1
rucdr.jidcertain.top/images/com_icon_shipping_04.gif
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
GIF image data, version 89a, 35 x 16\012- data
Size
2.5 kB (2487 bytes)
Hash
f8ab8bd7dec406b34a582d43b75ebe36
cdb67780cce0b9e8e569f6f45524e3391fb7144e
56fdc538b90f760ce44fc4d64c7f87276acf38e026ea388076ba578f9c1045b6

HTTP Headers

GET /images/com_icon_shipping_04.gif HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:43 GMT
Server: Apache
Last-Modified: Fri, 10 May 2019 09:49:32 GMT
ETag: "9b7-588857bc3a300"
Accept-Ranges: bytes
Content-Length: 2487
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/gif

rucdr.jidcertain.top/includes/templates/tadayima-001/images/3238_555.jpg

199.168.99.125

200 OK

70 kB

URL HTTP/1.1
rucdr.jidcertain.top/includes/templates/tadayima-001/images/3238_555.jpg
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=142, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=555], progressive, precision 8, 555x110, components 3\012- data
Size
70 kB (69560 bytes)
Hash
c1dca2e1eb82e006af500a54b64f9f4e
2a8990c0777d25309ccd5cdebbec08aaf5d7ec91
da4aca1e94ba609b37099ea63650cbf08a809c2131f2e26130bfa70137e0480d

HTTP Headers

GET /includes/templates/tadayima-001/images/3238_555.jpg HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:43 GMT
Server: Apache
Last-Modified: Thu, 04 Jul 2019 07:03:10 GMT
ETag: "10fb8-58cd592100780"
Accept-Ranges: bytes
Content-Length: 69560
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg

rucdr.jidcertain.top/includes/templates/tadayima-001/images/gift222.jpg

199.168.99.125

200 OK

29 kB

URL HTTP/1.1
rucdr.jidcertain.top/includes/templates/tadayima-001/images/gift222.jpg
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=200, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=600], progressive, precision 8, 600x119, components 3\012- data
Size
29 kB (29334 bytes)
Hash
b95f1c657465a65a2256269eed66b8a4
c1335fe435c50cf9d430a0c851b7c7adc5ad6c32
5b40ef13c11e5235b54864e8d4434ac91768a5c7380d3a5fda8f199a901024f5

HTTP Headers

GET /includes/templates/tadayima-001/images/gift222.jpg HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:43 GMT
Server: Apache
Last-Modified: Thu, 04 Jul 2019 07:01:24 GMT
ETag: "7296-58cd58bbe9900"
Accept-Ranges: bytes
Content-Length: 29334
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg

rucdr.jidcertain.top/includes/templates/tadayima-001/images/imgrc0070062483.jpg

199.168.99.125

200 OK

73 kB

URL HTTP/1.1
rucdr.jidcertain.top/includes/templates/tadayima-001/images/imgrc0070062483.jpg
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "Created with GIMP", progressive, precision 8, 200x200, components 3\012- data
Size
73 kB (73280 bytes)
Hash
bb105f761b977193f703fff06622a75e
5686092154816236560de3e340985c50806b18c0
674b3f64755fb2265f724c48c8416e82239af278030f74a5265b893eb2cd2fe5

HTTP Headers

GET /includes/templates/tadayima-001/images/imgrc0070062483.jpg HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:43 GMT
Server: Apache
Last-Modified: Tue, 14 May 2019 07:27:12 GMT
ETag: "11e40-588d3f61b1400"
Accept-Ranges: bytes
Content-Length: 73280
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg

rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjAzNDc5MjcyMzZfMi5qcGc=

199.168.99.125

200 OK

148 kB

URL HTTP/1.1
rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjAzNDc5MjcyMzZfMi5qcGc=
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Size
148 kB (148519 bytes)
Hash
0c97ef91455fe1c0f0a7a8e727e95598
c75e040b10d22cae2d3755068b871acd3813dbec
cdd63dce66cd7f32dea26d477ecdd4d07a12b0c3cda6cd5ba7370c664d037569

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjAzNDc5MjcyMzZfMi5qcGc= HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:43 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg

rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjAzNDc5MjcyMzZfMy5qcGc=

199.168.99.125

200 OK

122 kB

URL HTTP/1.1
rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjAzNDc5MjcyMzZfMy5qcGc=
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Size
122 kB (122518 bytes)
Hash
de870cdf61d55b8b0f357d07104bffc6
5d7ae7c9610134a400137c3e3b48b18a1526ab15
5ba8248226e0c7ab9ce2fb5317bf5ec2dcdb2813cff10ece42620ef56e25306d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjAzNDc5MjcyMzZfMy5qcGc= HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:43 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg

rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjAzNDc5MjcyMzZfMS5qcGc=

199.168.99.125

200 OK

109 kB

URL HTTP/1.1
rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjAzNDc5MjcyMzZfMS5qcGc=
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Size
109 kB (108832 bytes)
Hash
b729d6af6ddfd3dd9e6737322ab1d96a
691109d655f3f87c686f7bc75073e498491111e0
9b0b9c5bdc74d10d30492c5e6fd188d33310e4b84ce1cf11c2bb10e815338a67

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjAzNDc5MjcyMzZfMS5qcGc= HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:43 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg

rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjAzNDc5MjcyMzZfNS5qcGc=

199.168.99.125

200 OK

104 kB

URL HTTP/1.1
rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjAzNDc5MjcyMzZfNS5qcGc=
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Size
104 kB (104049 bytes)
Hash
c26a6429b42884c324422ca05ab4568e
9c5647a8f9a621aeeac280ca0aa5156d6d34baf3
3266ab2e779e3987a7a9bcc8e79cf101e90904e2e78d838d21b2ec222d1d2c3f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjAzNDc5MjcyMzZfNS5qcGc= HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:43 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg

rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjAzNDc5MjcyMzZfNC5qcGc=

199.168.99.125

200 OK

194 kB

URL HTTP/1.1
rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjAzNDc5MjcyMzZfNC5qcGc=
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Size
194 kB (194381 bytes)
Hash
ec6b6d45c94472a53fc47053374085ee
86b6cb310a4fa2d60ec0cd05d27905800f5d1768
f8f9eeb4fc6ede57402457c4aefbd1f64e6c67f53680fad1f53bbe240e8de756

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjAzNDc5MjcyMzZfNC5qcGc= HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:43 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg

rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjAzNDc5MjcyMzZfNi5qcGc=

199.168.99.125

200 OK

162 kB

URL HTTP/1.1
rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjAzNDc5MjcyMzZfNi5qcGc=
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Size
162 kB (162110 bytes)
Hash
2a7349f94413676a75d3d5aa327e075a
75a8d601ede8ab099ef63642575665e519ef87b7
f9e1cadb1f1ce96072728e5becc1ca631e8be0107a3301e5e4471a0c95e12f44

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjAzNDc5MjcyMzZfNi5qcGc= HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:43 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg

rucdr.jidcertain.top/includes/templates/tadayima-001/images/common/all_yj.png

199.168.99.125

200 OK

21 kB

URL HTTP/1.1
rucdr.jidcertain.top/includes/templates/tadayima-001/images/common/all_yj.png
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
PNG image data, 320 x 40, 8-bit/color RGBA, non-interlaced\012- data
Size
21 kB (20818 bytes)
Hash
4193f1572e5a0c95125efbef8399c1f0
e60cb3f02b750ecf1be080eecf75cfbcac54eb36
323709d7cc5d328379211d091df52e375910d7c62009fff85b20e4254880d208

HTTP Headers

GET /includes/templates/tadayima-001/images/common/all_yj.png HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:43 GMT
Server: Apache
Last-Modified: Mon, 18 Feb 2019 03:24:16 GMT
ETag: "5152-58222a8cc1800"
Accept-Ranges: bytes
Content-Length: 20818
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png

rucdr.jidcertain.top/includes/templates/tadayima-001/images/shiptime.gif

199.168.99.125

200 OK

4.0 kB

URL HTTP/1.1
rucdr.jidcertain.top/includes/templates/tadayima-001/images/shiptime.gif
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
GIF image data, version 89a, 212 x 62\012- data
Size
4.0 kB (4005 bytes)
Hash
9811f43c3fbc5d557b207630251fed49
05a9a7ff3094a3e3a20c77286521b2ea9a49db61
38634046bf4d8ac72c5f3a3fc15c37922fc69dbf3b6ab5370939a07ba6c261c7

HTTP Headers

GET /includes/templates/tadayima-001/images/shiptime.gif HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:43 GMT
Server: Apache
Last-Modified: Thu, 04 Jul 2019 07:37:50 GMT
ETag: "fa5-58cd60e0a4f80"
Accept-Ranges: bytes
Content-Length: 4005
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/gif

rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tODY3MDMwMDY3NzZfMS5qcGc=

199.168.99.125

200 OK

140 kB

URL HTTP/1.1
rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tODY3MDMwMDY3NzZfMS5qcGc=
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Size
140 kB (139460 bytes)
Hash
d035f50badf51abe976695cf6030343a
12aafdd07564ab814abd8c0e8fc67e6bda779d28
8bb774ab183144b493b4d18d764ecca4ebfbdbbd1c4c8f6e4e5fb9caa0067806

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tODY3MDMwMDY3NzZfMS5qcGc= HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:42 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg

rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjAzNDc5MjcyMzZfNy5qcGc=

199.168.99.125

200 OK

234 kB

URL HTTP/1.1
rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjAzNDc5MjcyMzZfNy5qcGc=
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Size
234 kB (234416 bytes)
Hash
fbc6bcbd58301d8007d7814f80c95638
146cf521e2e4a59df8e3c0c4a359699bed70d573
63a0e7e59e1f1f237e962c398261053e472497698f9a9d12bf1a27245390c2ba

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjAzNDc5MjcyMzZfNy5qcGc= HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:43 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg

rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjAzNDc5MjcyMzZfOC5qcGc=

199.168.99.125

200 OK

256 kB

URL HTTP/1.1
rucdr.jidcertain.top/imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjAzNDc5MjcyMzZfOC5qcGc=
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1080, components 3\012- data
Size
256 kB (256369 bytes)
Hash
d36812a729114c7391886fe8965743c5
1fb0287ead6c53a8d0ae574cf30063ad36628950
0d408e08da7166ef85a8c19ad40d8c2127c67554598d6dba8e62fbcc6bf9436f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /imgcdn.php?pic=aHR0cHM6Ly9zdGF0aWMubWVyY2RuLm5ldC9pdGVtL2RldGFpbC9vcmlnL3Bob3Rvcy9tMjAzNDc5MjcyMzZfOC5qcGc= HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:43 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpg

rucdr.jidcertain.top/favicon.ico

199.168.99.125

200 OK

5.4 kB

URL HTTP/1.1
rucdr.jidcertain.top/favicon.ico
IP
199.168.99.125:0
ASN
#33387 NOCIX

File type
MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
5.4 kB (5430 bytes)
Hash
e3d999162d3300c9a0ccc5ad15f1c178
1a2819cd98932ff9f5fdb9e4db4b6706b7474353
5433b42817d81ae9ffdb614e37e90e757bce6959340c47a3d22ebe99c83c74af

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: rucdr.jidcertain.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rucdr.jidcertain.top/index.php?main_page=product_info&products_id=26066
Cookie: zenid=vmscn2dkvr0rqaoii5prmimnb4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 01:34:44 GMT
Server: Apache
Last-Modified: Thu, 28 Dec 2017 23:11:02 GMT
ETag: "1536-5616ea12e0d80"
Accept-Ranges: bytes
Content-Length: 5430
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

HTTP Transactions (74)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN