Report - zzciti.net/index?lang=en-us/index/index/index/token/46e9ce9c3bd6b57c0acdefa41fe6261e.html/index/index/index/token/463eea3681d92af8e1c766ad428cdf19.html/index/index/index/token/a725b0d24e1a64ebe7efbf2984917c0e.html/index/index/index/token/23e0fbb02e94aa89c33fa78d0c67989d.html/index/index/index/token/a7509ad1394e5620343c04af74af7ee7.html/index/index/index/token/a7509ad1394e5620343c04af74af7ee7.html/index/index/index/token/f7bf43df1839a0ea50e1a80f80d6bfa1.html/index/index/index/token/f7bf43df1839a0ea50e1a80f80d6bfa1.html/index/index/index/token/9c2a9df531d0aa6bc6f92228a80a2fee.html/index/index/index/token/65c7847ec95bc4b466b784e5567a24a8.html/index/index/index/token/6f98c0a5483aa061b99d517e3abd44d9.html/index/index/index/token/b68fbdcc0ca544aed754cb76746857e2.html/index/index/index/token/8137f795a150b9bf6175ab37b5bdfbe2.html/index/index/index/token/8e71c231d97621654adbc87d648e5a14.html/index/index/index/token/a63db08cd84b68e056ab257cf5e6e5a1.html/index/index/index/token/58785a02e80fd09f4d5c660976515871.html/index/index/index/token/57e488211af23245025b68a20aea2183.html/index/index/index/token/b79597655eda6d8cafaf938235537d09.html/index/index/index/token/b79597655eda6d8cafaf938235537d09.html/index/index/index/token/b79597655eda6d8cafaf938235537d09.html/index/index/index/token/d1a039162c49646774b0218fe971a6de.html/index/index/index/token/3bf60dc233104f380921bfd1ae4529f3.html/index/index/index/token/bfc705891b91b0db69b0025d08a028e2.html/index/index/index/token/d0f11c33a032fe5ab8317d4e96624f68.html/index/index/index/token/ef567dae2764d3fc6e49f1fcf8092f9f.html/index/index/index/token/eb1316f9c6ef443e8985743072ac9e5d.html/index/index/index/token/d72da89c5f63387ae22bfbbb5f8a0be4.html/index/index/index/token/d122d7ec158f75d38738b8c718df483c.html/index/index/index/token/4533e5e0ef229bdcc2d5aaa67eedab9a.html

Report Overview

Submitted URL
zzciti.net/index?lang=en-us/index/index/index/token/46e9ce9c3bd6b57c0acdefa41fe6261e.html/index/index/index/token/463eea3681d92af8e1c766ad428cdf19.html/index/index/index/token/a725b0d24e1a64ebe7efbf2984917c0e.html/index/index/index/token/23e0fbb02e94aa89c33fa78d0c67989d.html/index/index/index/token/a7509ad1394e5620343c04af74af7ee7.html/index/index/index/token/a7509ad1394e5620343c04af74af7ee7.html/index/index/index/token/f7bf43df1839a0ea50e1a80f80d6bfa1.html/index/index/index/token/f7bf43df1839a0ea50e1a80f80d6bfa1.html/index/index/index/token/9c2a9df531d0aa6bc6f92228a80a2fee.html/index/index/index/token/65c7847ec95bc4b466b784e5567a24a8.html/index/index/index/token/6f98c0a5483aa061b99d517e3abd44d9.html/index/index/index/token/b68fbdcc0ca544aed754cb76746857e2.html/index/index/index/token/8137f795a150b9bf6175ab37b5bdfbe2.html/index/index/index/token/8e71c231d97621654adbc87d648e5a14.html/index/index/index/token/a63db08cd84b68e056ab257cf5e6e5a1.html/index/index/index/token/58785a02e80fd09f4d5c660976515871.html/index/index/index/token/57e488211af23245025b68a20aea2183.html/index/index/index/token/b79597655eda6d8cafaf938235537d09.html/index/index/index/token/b79597655eda6d8cafaf938235537d09.html/index/index/index/token/b79597655eda6d8cafaf938235537d09.html/index/index/index/token/d1a039162c49646774b0218fe971a6de.html/index/index/index/token/3bf60dc233104f380921bfd1ae4529f3.html/index/index/index/token/bfc705891b91b0db69b0025d08a028e2.html/index/index/index/token/d0f11c33a032fe5ab8317d4e96624f68.html/index/index/index/token/ef567dae2764d3fc6e49f1fcf8092f9f.html/index/index/index/token/eb1316f9c6ef443e8985743072ac9e5d.html/index/index/index/token/d72da89c5f63387ae22bfbbb5f8a0be4.html/index/index/index/token/d122d7ec158f75d38738b8c718df483c.html/index/index/index/token/4533e5e0ef229bdcc2d5aaa67eedab9a.html
IP
172.67.197.61
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-07 20:07:59
Access
public
Website Title
ci.ti
Final URL
zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
86

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
zzciti.net	unknown	2023-04-14	2023-04-14	2024-04-18	26 kB	1.5 MB	104.21.68.170

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-07	medium	zzciti.net	Sinkholed
2024-05-07	medium	zzciti.net	Sinkholed
2024-05-07	medium	zzciti.net	Sinkholed
2024-05-07	medium	zzciti.net	Sinkholed
2024-05-07	medium	zzciti.net	Sinkholed
2024-05-07	medium	zzciti.net	Sinkholed
2024-05-07	medium	zzciti.net	Sinkholed
2024-05-07	medium	zzciti.net	Sinkholed
2024-05-07	medium	zzciti.net	Sinkholed
2024-05-07	medium	zzciti.net	Sinkholed
2024-05-07	medium	zzciti.net	Sinkholed
2024-05-07	medium	zzciti.net	Sinkholed
2024-05-07	medium	zzciti.net	Sinkholed
2024-05-07	medium	zzciti.net	Sinkholed
2024-05-07	medium	zzciti.net	Sinkholed
2024-05-07	medium	zzciti.net	Sinkholed
2024-05-07	medium	zzciti.net	Sinkholed
2024-05-07	medium	zzciti.net	Sinkholed
2024-05-07	medium	zzciti.net	Sinkholed
2024-05-07	medium	zzciti.net	Sinkholed
2024-05-07	medium	zzciti.net	Sinkholed
2024-05-07	medium	zzciti.net	Sinkholed
2024-05-07	medium	zzciti.net	Sinkholed
2024-05-07	medium	zzciti.net	Sinkholed
2024-05-07	medium	zzciti.net	Sinkholed
2024-05-07	medium	zzciti.net	Sinkholed
2024-05-07	medium	zzciti.net	Sinkholed
2024-05-07	medium	zzciti.net	Sinkholed
2024-05-07	medium	zzciti.net	Sinkholed
2024-05-07	medium	zzciti.net	Sinkholed
2024-05-07	medium	zzciti.net	Sinkholed
2024-05-07	medium	zzciti.net	Sinkholed
2024-05-07	medium	zzciti.net	Sinkholed
2024-05-07	medium	zzciti.net	Sinkholed
2024-05-07	medium	zzciti.net	Sinkholed
2024-05-07	medium	zzciti.net	Sinkholed
2024-05-07	medium	zzciti.net	Sinkholed
2024-05-07	medium	zzciti.net	Sinkholed
2024-05-07	medium	zzciti.net	Sinkholed
2024-05-07	medium	zzciti.net	Sinkholed
2024-05-07	medium	zzciti.net	Sinkholed
2024-05-07	medium	zzciti.net	Sinkholed
2024-05-07	medium	zzciti.net	Sinkholed

ThreatFox

No alerts detected

JavaScript (14)

	URL	Size	First Seen	Last Seen
	zzciti.net/statica/index/js/flexible.js	3.4 kB	2023-03-07	2024-05-07
Pretty URL zzciti.net/statica/index/js/flexible.js IP 104.21.68.170 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:26:02 Last Seen2024-05-07 22:08:00 Times Seen30 Hash 8c78b01d283b2ceeced2f66b02074fc3 355b9b8a55b79d811f46e6e5595d9d3d412081d2 3866c14d45f16df56f8b6fc9dad805dc8747b1cfdd9252fd3c54b4f1a10c79a2 Loading...

	zzciti.net/statica/index/js/zepto.min.js	26 kB	2023-03-07	2024-05-19
Pretty URL zzciti.net/statica/index/js/zepto.min.js IP 104.21.68.170 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:24 Last Seen2024-05-19 09:40:43 Times Seen864 Hash 50a4556b0089cfa1cb61e88ea23bbcce 6865443a258954fa19b8aa682e1f4c77d42493d1 beb9f5e32ed61fbce010497242a9b6b8219242b5ffc636038e7891510c773725 Loading...

	unknown	9 B	2023-05-11	2024-05-07
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2023-05-11 01:40:35 Last Seen2024-05-07 22:08:00 Times Seen23 Hash 40385bec405f8aae7d3122b14ac916bb 96e89fc611a2b5c6ca9faa2b88438c9443a61848 36d08c75b9c67501a80c0f7162eeabd26197218d963cb27bb76ecd2e533a1b93 Loading...

	zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html	409 B	2023-09-23	2024-05-07
Pretty URL zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html IP 104.21.68.170 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-23 06:20:08 Last Seen2024-05-07 22:08:00 Times Seen7 Hash 3d45fd6059ed122050f613d330755bb9 c05671bc01fbf69e2df4ba42b931b41c6b950199 4674040dfb3fb391096252d6532b6ada4fe8aee46be2979c39526722eb8ce22f Loading...

	zzciti.net/statica/index/js/lk/index.js?2323	5.5 kB	2023-09-23	2024-05-07
Pretty URL zzciti.net/statica/index/js/lk/index.js?2323 IP 104.21.68.170 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-23 06:20:08 Last Seen2024-05-07 22:08:00 Times Seen7 Hash 9005976e0ab37b07fd042198ff083a79 55c5ab0802ed728e7d9f8313a1c6fbd193686710 0ec7a3a907b8ad10dc68018fd07cfafaf66069a96bf6b2af13495934f5597e6c Loading...

	zzciti.net/statica/index/js/home.js	1.5 kB	2023-03-07	2024-05-07
Pretty URL zzciti.net/statica/index/js/home.js IP 104.21.68.170 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:26:02 Last Seen2024-05-07 22:08:00 Times Seen32 Hash bdc5128740350282d4753e172c438fa8 a12953f8254f422ef08ba5e5a801ee04f3c33d85 de587d7f81e689bc76108f13c0027e6be951cd90edb8cf96bdc77d992b1ca73a Loading...

	zzciti.net/statica/index/js/swiper.min.js	96 kB	2023-03-07	2024-05-07
Pretty URL zzciti.net/statica/index/js/swiper.min.js IP 104.21.68.170 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:26:02 Last Seen2024-05-07 22:08:00 Times Seen167 Hash 287fddcfd4fafa535460d88594a6bffb dd1e62384e01fc6b853918629dacee717e17cc9f 8ea4ea3e5514608153c01ec00cc8a9daf4b5cd944ec6d3096fb97a1b3b57487b Loading...

	zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html	2.4 kB	2023-09-23	2024-05-07
Pretty URL zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html IP 104.21.68.170 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-23 06:20:08 Last Seen2024-05-07 22:08:00 Times Seen7 Hash bcfced7e3c8e7f7c67207855b3c8ba1c cd76aa60ddffdde8ba4423ea9311d0eabb4402fb abb0e64cfe0be36f611e775ac7d75f05c38ff3579ae82cfbf80e85b0f83b2c0b Loading...

	zzciti.net/statica/js/jquery-1.9.1.min.js	94 kB	2023-03-07	2024-05-07
Pretty URL zzciti.net/statica/js/jquery-1.9.1.min.js IP 104.21.68.170 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:57 Last Seen2024-05-07 22:08:00 Times Seen228 Hash 8ef9bb714eddbcdbc2469fbedae9065d 824ede67e58f55badec6162839b06b87a3b9103d 8ba2671af4ff5178df5f3351eda7f8e221d4bc6259e6249011647792232b8630 Loading...

	zzciti.net/statica/public/js/function.js	1.6 kB	2023-03-07	2024-05-07
Pretty URL zzciti.net/statica/public/js/function.js IP 104.21.68.170 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:26:02 Last Seen2024-05-07 22:08:00 Times Seen33 Hash 6072609a754424a9f3a4155b85a0d4d2 c09c42996585fbeff4bd8855998def986b3aa1c7 439909223a7040fe2fb5b308d2f88a374a4744693a3f34e468a7fda3617695c0 Loading...

	zzciti.net/statica/public/js/base64.js	3.1 kB	2023-03-07	2024-05-07
Pretty URL zzciti.net/statica/public/js/base64.js IP 104.21.68.170 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:26:02 Last Seen2024-05-07 22:08:00 Times Seen96 Hash a425a65ab3278062421e8e1cd081f963 f424d84abc5b7a8521860d5362fe45138d113f99 117b1da7e10fa023b62ea3f1abff4a86e96865e984c2a3592f8b8afd3a86ceee Loading...

	zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html	2.6 kB	2023-09-23	2024-05-07
Pretty URL zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html IP 104.21.68.170 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-23 06:20:08 Last Seen2024-05-07 22:08:00 Times Seen7 Hash 61153cdf65f6e6c0c5bbfaaedd21af58 2ab436bd9ae03d05fd6bc583cdf524fd1502a287 ededf5d4375b293144955b4cb725e9c15fd69bfe0a051b8922257666ecee63f3 Loading...

	zzciti.net/static/index/js/lk/order.js	3.3 kB	2023-04-24	2024-05-07
Pretty URL zzciti.net/static/index/js/lk/order.js IP 104.21.68.170 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-24 20:26:12 Last Seen2024-05-07 22:08:00 Times Seen13 Hash 1423f6c81b4b98b58a9c6a90e4c4acb6 a62a35d4be3f4cb3dbe857a6cc3df165dfb3701c 9c6871cb31ec2f3b0c954486beeb48deb38734c0af9490c605e1255f02d0cfa0 Loading...

	zzciti.net/statica/layer/layer.js	21 kB	2023-04-10	2024-05-17
Pretty URL zzciti.net/statica/layer/layer.js IP 104.21.68.170 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-10 15:25:43 Last Seen2024-05-17 15:07:36 Times Seen196 Hash 1e3c557d05297f400fc28a1aa66ecf84 6303c8f810d9feeffab9848e406e85af947fc2da d52437db14a42989e6729dde7f8f87a96c8c26d31b7c755131de17bca4501e2f Loading...

HTTP Transactions (43)

URL IP Response Size

zzciti.net/statica/public/images/home/default.png

104.21.68.170

200 OK

7.4 kB

URL GET HTTP/3
zzciti.net/statica/public/images/home/default.png
IP
104.21.68.170:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Certificate
IssuerGoogle Trust Services LLC
Subjectzzciti.net
FingerprintAF:F9:51:4B:62:73:AA:08:F5:11:39:3D:1B:A7:3D:1C:16:A7:BB:83
ValidityWed, 03 Apr 2024 06:39:53 GMT - Tue, 02 Jul 2024 06:39:52 GMT

File type
PNG image data, 140 x 140, 8-bit/color RGBA, non-interlaced
Size
7.4 kB (7448 bytes)
Hash
d16adea5284dcf04bb0ca8593f019586
d3a720ba397eb71279a5bda71d941792c454627b
ae998f42fcf4fd8a01f9e48478f665a59fe7e66e7555f52c73169607899705bc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /statica/public/images/home/default.png HTTP/1.1
Host: zzciti.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Cookie: PHPSESSID=s8r12ld4ihd2gf9r1a5h48m7o3; think_var=hin-di
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 20:07:33 GMT
content-type: image/png
content-length: 7448
last-modified: Fri, 24 Mar 2023 16:15:44 GMT
etag: "641dccb0-1d18"
expires: Wed, 05 Jun 2024 23:31:57 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 74136
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ixA3QvKYomZrKL43fwIQ%2B4ZXksFkchlkQ78BMGIx1X6Vg41zyPb5ZyrRt%2FwpKOKKtp08Ly3L2EtIMeu9Uy1u5Wa8AtbwAnlUouh3bFmfBkq2muJhKuAYByGsJXXs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8803d6443b7d569b-OSL
alt-svc: h3=":443"; ma=86400

zzciti.net/statica/public/images/home/logo.png

104.21.68.170

200 OK

6.6 kB

URL GET HTTP/3
zzciti.net/statica/public/images/home/logo.png
IP
104.21.68.170:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Certificate
IssuerGoogle Trust Services LLC
Subjectzzciti.net
FingerprintAF:F9:51:4B:62:73:AA:08:F5:11:39:3D:1B:A7:3D:1C:16:A7:BB:83
ValidityWed, 03 Apr 2024 06:39:53 GMT - Tue, 02 Jul 2024 06:39:52 GMT

File type
PNG image data, 314 x 44, 8-bit/color RGBA, non-interlaced
Size
6.6 kB (6555 bytes)
Hash
efa2989ab3f0981796743a96498aa344
46293e262e0378a6c23ba1fa0be3569a71417b12
9bc0771f13ea7c5ebaad1a5d5c83829219919e386ab8b1ce0abffc61ad6aec1c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /statica/public/images/home/logo.png HTTP/1.1
Host: zzciti.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Cookie: PHPSESSID=s8r12ld4ihd2gf9r1a5h48m7o3; think_var=hin-di
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 20:07:33 GMT
content-type: image/png
content-length: 6555
last-modified: Fri, 24 Mar 2023 16:21:04 GMT
etag: "641dcdf0-199b"
expires: Wed, 05 Jun 2024 23:31:57 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 74136
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MuZSGBzrPyhA2dAJvn0KoX9j0Mjz8CCYoX8CfnyJiphSM%2BIpa%2FCc%2BpbyR88eQcs7gPE7526sCY49afLCshe%2FJSKBVi41U%2BjdS0UhPYSp02D0PqhQjvt6FSiVMSLt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8803d6443b83569b-OSL
alt-svc: h3=":443"; ma=86400

zzciti.net/statica/public/images/home/icon-china.png

104.21.68.170

200 OK

1.3 kB

URL GET HTTP/3
zzciti.net/statica/public/images/home/icon-china.png
IP
104.21.68.170:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Certificate
IssuerGoogle Trust Services LLC
Subjectzzciti.net
FingerprintAF:F9:51:4B:62:73:AA:08:F5:11:39:3D:1B:A7:3D:1C:16:A7:BB:83
ValidityWed, 03 Apr 2024 06:39:53 GMT - Tue, 02 Jul 2024 06:39:52 GMT

File type
PNG image data, 64 x 64, 8-bit colormap, non-interlaced
Size
1.3 kB (1285 bytes)
Hash
3cc2d6b712882dc337bd037fbe901a0c
ee784f54dc6505b379d8c199c242529e602d3ac8
6f903e0952991b1fd5d817470eba6002ece76016c2dc3d7d0e58340f35c83555

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /statica/public/images/home/icon-china.png HTTP/1.1
Host: zzciti.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Cookie: PHPSESSID=s8r12ld4ihd2gf9r1a5h48m7o3; think_var=hin-di
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 20:07:33 GMT
content-type: image/png
content-length: 1285
last-modified: Fri, 26 Jun 2020 07:49:04 GMT
etag: "5ef5a870-505"
expires: Wed, 05 Jun 2024 23:31:57 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 74136
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1x7p%2FiiCm2x7h0hmf2qAbL4fAZ%2F7jfsLIOLGxTrNHKSJoROU7i8ZogY1CCE5G%2FDGwzmNSvMfaKOsr5PIuoijug3RM%2BRj9P75uhME0TXnFVhYjHpQ5MbXImy%2BzSYr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8803d6443b87569b-OSL
alt-svc: h3=":443"; ma=86400

zzciti.net/statica/public/images/home/icon-english.png

104.21.68.170

200 OK

22 kB

URL GET HTTP/3
zzciti.net/statica/public/images/home/icon-english.png
IP
104.21.68.170:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Certificate
IssuerGoogle Trust Services LLC
Subjectzzciti.net
FingerprintAF:F9:51:4B:62:73:AA:08:F5:11:39:3D:1B:A7:3D:1C:16:A7:BB:83
ValidityWed, 03 Apr 2024 06:39:53 GMT - Tue, 02 Jul 2024 06:39:52 GMT

File type
PNG image data, 625 x 477, 8-bit/color RGBA, non-interlaced
Size
22 kB (21970 bytes)
Hash
0a5fa7a90d2cab61129513c1d07fdf8f
7a4d0504d67d66820a3f3a2ba3a47e88fd28a08e
29e8ad619e1fdd9a72f65689657f64ee2793d983c69579b655b1e6be9a5f66a0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /statica/public/images/home/icon-english.png HTTP/1.1
Host: zzciti.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Cookie: PHPSESSID=s8r12ld4ihd2gf9r1a5h48m7o3; think_var=hin-di
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 20:07:33 GMT
content-type: image/png
content-length: 21970
last-modified: Fri, 26 Jun 2020 07:49:22 GMT
etag: "5ef5a882-55d2"
expires: Wed, 05 Jun 2024 23:31:57 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 74136
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sqPC8uMQ3afO6CTixPH2zmKP0Jdm11kUImUNlvl7XaBEz8TmNHC1B2DBJ7kig6l3pJ7iO2NNatNKN0pVwn0rFuO3dqWgvIo1eUnDjPmCBGlHmzNOhlQ7YXtHlMYd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8803d6443b88569b-OSL
alt-svc: h3=":443"; ma=86400

zzciti.net/statica/public/images/home/icon-hid.png

104.21.68.170

200 OK

18 kB

URL GET HTTP/3
zzciti.net/statica/public/images/home/icon-hid.png
IP
104.21.68.170:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Certificate
IssuerGoogle Trust Services LLC
Subjectzzciti.net
FingerprintAF:F9:51:4B:62:73:AA:08:F5:11:39:3D:1B:A7:3D:1C:16:A7:BB:83
ValidityWed, 03 Apr 2024 06:39:53 GMT - Tue, 02 Jul 2024 06:39:52 GMT

File type
PNG image data, 536 x 357, 8-bit/color RGBA, non-interlaced
Size
18 kB (18130 bytes)
Hash
642ca6859d649a9cd1aa70d26c0ed220
b808519975a30b3d1428de4437f5aac774bedc45
f5c19e6152c782dd20b8e78499c59db0b76c43a2d611300d8c87cb32ffc3c7e9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /statica/public/images/home/icon-hid.png HTTP/1.1
Host: zzciti.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Cookie: PHPSESSID=s8r12ld4ihd2gf9r1a5h48m7o3; think_var=hin-di
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 20:07:33 GMT
content-type: image/png
content-length: 18130
last-modified: Fri, 24 Mar 2023 15:33:06 GMT
etag: "641dc2b2-46d2"
expires: Wed, 05 Jun 2024 23:31:57 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 74136
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JS2H7jsS9ZgAGySO%2FloWLT9prxHWqLvQrCDPha%2FrNWWiHwohz5uRodbgThy2c%2FSt9Z78PxU1%2Bm5nfprCSeWsOXTehTJ8qZg4jvuO3GrPSOinMbs8YjpuBqTJp6Qn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8803d6443b8b569b-OSL
alt-svc: h3=":443"; ma=86400

zzciti.net/statica/public/images/home/1.jpg

104.21.68.170

200 OK

132 kB

URL GET HTTP/3
zzciti.net/statica/public/images/home/1.jpg
IP
104.21.68.170:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Certificate
IssuerGoogle Trust Services LLC
Subjectzzciti.net
FingerprintAF:F9:51:4B:62:73:AA:08:F5:11:39:3D:1B:A7:3D:1C:16:A7:BB:83
ValidityWed, 03 Apr 2024 06:39:53 GMT - Tue, 02 Jul 2024 06:39:52 GMT

File type
PNG image data, 750 x 395, 8-bit/color RGBA, non-interlaced
Size
132 kB (131752 bytes)
Hash
41a3ad31b3c459bcaa46ae3dc222ef46
34e686d183bd461040e178937187f51e1ca45504
9d6237ac489bd57a8b8d9b5b5218dd74dd16869022fe4608f6966b3fabedbba8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /statica/public/images/home/1.jpg HTTP/1.1
Host: zzciti.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Cookie: PHPSESSID=s8r12ld4ihd2gf9r1a5h48m7o3; think_var=hin-di
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 20:07:33 GMT
content-type: image/jpeg
content-length: 131752
last-modified: Thu, 14 Apr 2022 20:26:22 GMT
etag: "6258836e-202a8"
expires: Wed, 05 Jun 2024 23:31:57 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 74136
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kclr98UAZwFqUb59kwzP6ICMOAUxzOFKYecD5MbFZz%2Fzg22Iqzksx%2FqE5aHdClzdlPk6sTX%2FC1gKZC6H2r2P%2BI22jmrR39ZJbY8c5yz7gSU5qpeI9n14q6mnCs%2Bb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8803d6445b9d569b-OSL
alt-svc: h3=":443"; ma=86400

zzciti.net/statica/public/images/home/2.jpg

104.21.68.170

200 OK

188 kB

URL GET HTTP/3
zzciti.net/statica/public/images/home/2.jpg
IP
104.21.68.170:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Certificate
IssuerGoogle Trust Services LLC
Subjectzzciti.net
FingerprintAF:F9:51:4B:62:73:AA:08:F5:11:39:3D:1B:A7:3D:1C:16:A7:BB:83
ValidityWed, 03 Apr 2024 06:39:53 GMT - Tue, 02 Jul 2024 06:39:52 GMT

File type
PNG image data, 750 x 400, 8-bit/color RGBA, non-interlaced
Size
188 kB (188216 bytes)
Hash
dccaa115fe2abb3f1866600ebe10dad1
bcc94edee515be7632f8e1a092e1298b124491e9
16592f95165a03487f26d081fba7bb7539bf345dc7883717e70f75d538d03042

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /statica/public/images/home/2.jpg HTTP/1.1
Host: zzciti.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Cookie: PHPSESSID=s8r12ld4ihd2gf9r1a5h48m7o3; think_var=hin-di
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 20:07:33 GMT
content-type: image/jpeg
content-length: 188216
last-modified: Thu, 14 Apr 2022 20:26:24 GMT
etag: "62588370-2df38"
expires: Wed, 05 Jun 2024 23:31:57 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 74136
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uVf7mCAbd7%2Bgv3sP2amec9U8i1a8eAWkQ5JnRGqo2Ins0MCXFAgSxBUqjZUvceYag48RGgRPVOSldM63uxLhDLNIw%2F273Okkr7iRh%2BpOTm%2Bmi6F6yXJwz9fPMLsp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8803d6445ba0569b-OSL
alt-svc: h3=":443"; ma=86400

zzciti.net/statica/public/images/home/ico-notice.png

104.21.68.170

200 OK

2.8 kB

URL GET HTTP/3
zzciti.net/statica/public/images/home/ico-notice.png
IP
104.21.68.170:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Certificate
IssuerGoogle Trust Services LLC
Subjectzzciti.net
FingerprintAF:F9:51:4B:62:73:AA:08:F5:11:39:3D:1B:A7:3D:1C:16:A7:BB:83
ValidityWed, 03 Apr 2024 06:39:53 GMT - Tue, 02 Jul 2024 06:39:52 GMT

File type
PNG image data, 31 x 31, 8-bit/color RGBA, non-interlaced
Size
2.8 kB (2846 bytes)
Hash
998e0fa9d2d325fcb32967f2a6f7e18e
c6b79bcf8057944e8c4372728df6cb63086add2a
b5ba1ff9d695cd27d973f94c99ceb23881104aeda8d29845dcc4b5a93a74d69f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /statica/public/images/home/ico-notice.png HTTP/1.1
Host: zzciti.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Cookie: PHPSESSID=s8r12ld4ihd2gf9r1a5h48m7o3; think_var=hin-di
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 20:07:33 GMT
content-type: image/png
content-length: 2846
last-modified: Fri, 26 Jun 2020 07:54:20 GMT
etag: "5ef5a9ac-b1e"
expires: Wed, 05 Jun 2024 23:31:57 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 74136
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wGrEnW9B8O%2B3OEK%2BLOLS65HPP2Et8Soa%2F9FfWMk%2BRV9MyNC8jk4dZ1gHgssZc06woaRkDgWIsPQR%2F7CkeGNlHHElYwrXzJsFV%2Bs5R2c8cplF563LFys7ryfxX0zj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8803d6445ba9569b-OSL
alt-svc: h3=":443"; ma=86400

zzciti.net/statica/public/images/home/3.jpg

104.21.68.170

200 OK

366 kB

URL GET HTTP/3
zzciti.net/statica/public/images/home/3.jpg
IP
104.21.68.170:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Certificate
IssuerGoogle Trust Services LLC
Subjectzzciti.net
FingerprintAF:F9:51:4B:62:73:AA:08:F5:11:39:3D:1B:A7:3D:1C:16:A7:BB:83
ValidityWed, 03 Apr 2024 06:39:53 GMT - Tue, 02 Jul 2024 06:39:52 GMT

File type
PNG image data, 750 x 400, 8-bit/color RGBA, non-interlaced
Size
366 kB (366126 bytes)
Hash
e2e5c121c8abac8406e605368436efef
bf9fa548cf1665002cdf942af5469069fece28bf
55c15dffcaadcdc7314d8dbc0b8812b341613bad4a9a32cc6e8560d2d65d532c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /statica/public/images/home/3.jpg HTTP/1.1
Host: zzciti.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Cookie: PHPSESSID=s8r12ld4ihd2gf9r1a5h48m7o3; think_var=hin-di
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 20:07:33 GMT
content-type: image/jpeg
content-length: 366126
last-modified: Thu, 14 Apr 2022 20:26:30 GMT
etag: "62588376-5962e"
expires: Wed, 05 Jun 2024 23:31:57 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 74136
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6Z81WBJ3QokAwVGIGt1feMSx%2BhCL6ptvuAnIUcnEtcDpo0gghhcmJ3mPmzgaVfDAk0HLesYT%2FvhJ3G3sfdwtXx0VZzp2I9jF%2BPaq8KPAkfEBD4a5XWVXOGVKsBl6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8803d6445ba6569b-OSL
alt-svc: h3=":443"; ma=86400

zzciti.net/statica/public/images/home/ico-pay.png

104.21.68.170

200 OK

3.6 kB

URL GET HTTP/3
zzciti.net/statica/public/images/home/ico-pay.png
IP
104.21.68.170:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Certificate
IssuerGoogle Trust Services LLC
Subjectzzciti.net
FingerprintAF:F9:51:4B:62:73:AA:08:F5:11:39:3D:1B:A7:3D:1C:16:A7:BB:83
ValidityWed, 03 Apr 2024 06:39:53 GMT - Tue, 02 Jul 2024 06:39:52 GMT

File type
PNG image data, 100 x 77, 8-bit/color RGBA, non-interlaced
Size
3.6 kB (3562 bytes)
Hash
dc5c5ef1ed04b3547563fb87b04e071b
b06904c5dd8a276d1de99f92c2a17a28adc61ad1
33ab657d3951cf30513d739794db93480937d83825e12869a812626b9f5c0cf1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /statica/public/images/home/ico-pay.png HTTP/1.1
Host: zzciti.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Cookie: PHPSESSID=s8r12ld4ihd2gf9r1a5h48m7o3; think_var=hin-di
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 20:07:33 GMT
content-type: image/png
content-length: 3562
last-modified: Mon, 27 Mar 2023 13:49:13 GMT
etag: "64219ed9-dea"
expires: Wed, 05 Jun 2024 23:31:57 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 74136
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qRHK16LLyUcAZNDzjPMEENUQiwgAI60qVYh90aNYYf89x1m2wtQ3bFJo5D3JbC9YWpQCLa0xEXqHdA8hcWHn27TQhAtp2RpC83GDa3lUO3K53aL%2BAkCmsbjuEcGF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8803d6445bad569b-OSL
alt-svc: h3=":443"; ma=86400

zzciti.net/statica/public/images/home/ico-position.png

104.21.68.170

200 OK

3.2 kB

URL GET HTTP/3
zzciti.net/statica/public/images/home/ico-position.png
IP
104.21.68.170:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Certificate
IssuerGoogle Trust Services LLC
Subjectzzciti.net
FingerprintAF:F9:51:4B:62:73:AA:08:F5:11:39:3D:1B:A7:3D:1C:16:A7:BB:83
ValidityWed, 03 Apr 2024 06:39:53 GMT - Tue, 02 Jul 2024 06:39:52 GMT

File type
PNG image data, 44 x 44, 8-bit/color RGBA, non-interlaced
Size
3.2 kB (3203 bytes)
Hash
16873a239f423aa094ceb8751e00577e
4ebb0c783cc2c8651988a22b6d2166f1194fa3d4
399635981f5752b2eff2d254a195f01272ca2a2a84b45addbf9b67fece241009

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /statica/public/images/home/ico-position.png HTTP/1.1
Host: zzciti.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Cookie: PHPSESSID=s8r12ld4ihd2gf9r1a5h48m7o3; think_var=hin-di
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 20:07:33 GMT
content-type: image/png
content-length: 3203
last-modified: Fri, 26 Jun 2020 08:03:22 GMT
etag: "5ef5abca-c83"
expires: Wed, 05 Jun 2024 23:31:57 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 74136
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cYWL9H9SW4rFQ9SE9%2B74s6tFpGxvOKNHFUtzvru7ACyFD4x%2BM%2FAiO3StH9YaBEeqDGvY64DODr4TaxMKPv8L77fVqO0dB%2FvImtSuW4xWCV97X%2BD4mYTP48fpX%2B7%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8803d6445bb0569b-OSL
alt-svc: h3=":443"; ma=86400

zzciti.net/statica/public/images/home/ico-help.png

104.21.68.170

200 OK

3.9 kB

URL GET HTTP/3
zzciti.net/statica/public/images/home/ico-help.png
IP
104.21.68.170:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Certificate
IssuerGoogle Trust Services LLC
Subjectzzciti.net
FingerprintAF:F9:51:4B:62:73:AA:08:F5:11:39:3D:1B:A7:3D:1C:16:A7:BB:83
ValidityWed, 03 Apr 2024 06:39:53 GMT - Tue, 02 Jul 2024 06:39:52 GMT

File type
PNG image data, 44 x 44, 8-bit/color RGBA, non-interlaced
Size
3.9 kB (3941 bytes)
Hash
bf260baf2f6cd4ca222c1f68d0a13a82
ea8f59ab7a7051d7de09fb9809641ae24f08e6dc
e222ff8efa1b55307e3689b9401ad8b4d940d846a9d515ece97f268ce8754010

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /statica/public/images/home/ico-help.png HTTP/1.1
Host: zzciti.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Cookie: PHPSESSID=s8r12ld4ihd2gf9r1a5h48m7o3; think_var=hin-di
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 20:07:33 GMT
content-type: image/png
content-length: 3941
last-modified: Fri, 26 Jun 2020 08:05:14 GMT
etag: "5ef5ac3a-f65"
expires: Wed, 05 Jun 2024 23:31:57 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 74136
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AmsbY7Z9VJzepAZSn4g9hJJsledWpF0FdSo7jTOKnL7vInyw9D3MOBVb93RBpLj5lP99mKblXKWZfM4jNkcGAuyGjzCYc68k%2FfPLTUllQXTD3sYn8fkZbPhFw%2BAA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8803d6445bb4569b-OSL
alt-svc: h3=":443"; ma=86400

zzciti.net/statica/public/images/home/show.png

104.21.68.170

200 OK

78 kB

URL GET HTTP/3
zzciti.net/statica/public/images/home/show.png
IP
104.21.68.170:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Certificate
IssuerGoogle Trust Services LLC
Subjectzzciti.net
FingerprintAF:F9:51:4B:62:73:AA:08:F5:11:39:3D:1B:A7:3D:1C:16:A7:BB:83
ValidityWed, 03 Apr 2024 06:39:53 GMT - Tue, 02 Jul 2024 06:39:52 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2021:05:24 11:21:37], baseline, precision 8, 720x131, components 3
Size
78 kB (78145 bytes)
Hash
f12fea6e9fec94cc9bd05608de1a6635
f7110df5642071b88c8656195aef7cd89567c3b5
72839af68544edc1d4f5bddcb02c798702cfd0d278a5804ba93e43602496b2ec

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /statica/public/images/home/show.png HTTP/1.1
Host: zzciti.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Cookie: PHPSESSID=s8r12ld4ihd2gf9r1a5h48m7o3; think_var=hin-di
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 20:07:33 GMT
content-type: image/png
content-length: 78145
last-modified: Thu, 14 Apr 2022 20:31:34 GMT
etag: "625884a6-13141"
expires: Wed, 05 Jun 2024 23:31:57 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 74136
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WYhYaBrSo1%2FADRNR57tzbZTe4L8v4V2Cwwie8rMGIVfvC%2FsDFkCFm4o9ONhWYcHiH%2BwsNBfV25zzmYFtEe6pScwwomuzrJpK3F9NHQBzlYFZd4af2w470TznYNcM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8803d6445bb7569b-OSL
alt-svc: h3=":443"; ma=86400

zzciti.net/static/index/css/ionic.css

104.21.68.170

200 OK

77 kB

URL GET HTTP/3
zzciti.net/static/index/css/ionic.css
IP
104.21.68.170:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Certificate
IssuerGoogle Trust Services LLC
Subjectzzciti.net
FingerprintAF:F9:51:4B:62:73:AA:08:F5:11:39:3D:1B:A7:3D:1C:16:A7:BB:83
ValidityWed, 03 Apr 2024 06:39:53 GMT - Tue, 02 Jul 2024 06:39:52 GMT

File type
Unicode text, UTF-8 text
Size
77 kB (76982 bytes)
Hash
db5fba45633ae43828a4061251869433
eba59c84452ab9fa0ca458edd832f1d11efbd493
0043be92439182081590e63e6031a0c9b4a544ffc4bb1bf0f91d016975f8ab86

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/index/css/ionic.css HTTP/1.1
Host: zzciti.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Cookie: PHPSESSID=s8r12ld4ihd2gf9r1a5h48m7o3; think_var=hin-di
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 20:07:33 GMT
content-type: text/css
last-modified: Wed, 02 Jun 2021 21:04:56 GMT
vary: Accept-Encoding
etag: W/"60b7f278-3daf2"
expires: Wed, 08 May 2024 02:35:32 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 19921
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VWCz1c0P3Eg3a4fB%2FWEZMUoPIyX9Cz5LKnmXE%2BPpu6FQvcDvTbnsUUQCB4fHOwojeAGot3mr2aH4PKDkG1iLdG1js2%2B7DWnM07XkPDQclwDgfiyKuofu3w5R3e9%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8803d6443b21569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

zzciti.net/statica/index/css/user.css

104.21.68.170

200 OK

2.2 kB

URL GET HTTP/3
zzciti.net/statica/index/css/user.css
IP
104.21.68.170:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Certificate
IssuerGoogle Trust Services LLC
Subjectzzciti.net
FingerprintAF:F9:51:4B:62:73:AA:08:F5:11:39:3D:1B:A7:3D:1C:16:A7:BB:83
ValidityWed, 03 Apr 2024 06:39:53 GMT - Tue, 02 Jul 2024 06:39:52 GMT

File type
Unicode text, UTF-8 text
Size
2.2 kB (2167 bytes)
Hash
869bead148f0182ea81c86c8ec5fbba3
bee9352fe0296fed06a8b599cd9588d814d2733c
77764c07d0efbc6ec0f51186e5820db32ddae24ffafca2dc8dbaca8d13955782

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /statica/index/css/user.css HTTP/1.1
Host: zzciti.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Cookie: PHPSESSID=s8r12ld4ihd2gf9r1a5h48m7o3; think_var=hin-di
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 20:07:33 GMT
content-type: text/css
last-modified: Wed, 02 Jun 2021 19:27:16 GMT
vary: Accept-Encoding
etag: W/"60b7db94-1bd8"
expires: Wed, 08 May 2024 05:00:07 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 11246
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dnavr4VfXxLcPaYooU%2Bs2XNuLBxs6ZGDUtMZXX6fo0OIgnVj%2BMiHUwtlF0poK7IX98G%2FFqs9ys02zIFshESpdr52lmardmBZbmbQ8MT0quU42kZmb5xefxiUib8N"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8803d6443b59569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html

104.21.68.170

200 OK

5.5 kB

URL User Request GET HTTP/2
zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
IP
104.21.68.170:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectzzciti.net
FingerprintAF:F9:51:4B:62:73:AA:08:F5:11:39:3D:1B:A7:3D:1C:16:A7:BB:83
ValidityWed, 03 Apr 2024 06:39:53 GMT - Tue, 02 Jul 2024 06:39:52 GMT

File type
JavaScript source, Unicode text, UTF-8 text
Size
5.5 kB (5494 bytes)
Hash
7aef9d597f84e1b336b72c6a0d1aa479
b4f9081292db4858b28941b644a48358cb0c8c5e
df3f53e0ec2e9ce1e50d33381f6af25340e297165c2273a3112c633f09622c1e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html HTTP/1.1
Host: zzciti.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=s8r12ld4ihd2gf9r1a5h48m7o3; think_var=hin-di
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 07 May 2024 20:07:33 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: think_var=hin-di; expires=Tue, 07-May-2024 21:07:33 GMT; Max-Age=3600; path=/
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wBz%2BynijWz3LqM0slLiuJbqAd6fj8cAgpjP%2BAzS1JaqBs4ZZAlaGatuA5%2FWY2Ua%2FnY58ry4yjtZB9N5geOhL4N0R%2FP2eSl53Jd7KbOB5AzjZrQhLVYt%2BOJn6%2BSeq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8803d6414f3c56bf-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

zzciti.net/statica/index/css/reset.css

104.21.68.170

200 OK

9.9 kB

URL GET HTTP/3
zzciti.net/statica/index/css/reset.css
IP
104.21.68.170:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Certificate
IssuerGoogle Trust Services LLC
Subjectzzciti.net
FingerprintAF:F9:51:4B:62:73:AA:08:F5:11:39:3D:1B:A7:3D:1C:16:A7:BB:83
ValidityWed, 03 Apr 2024 06:39:53 GMT - Tue, 02 Jul 2024 06:39:52 GMT

File type
Unicode text, UTF-8 text
Size
9.9 kB (9869 bytes)
Hash
bdde8317dd0bca672a62540bbbf49fa9
33042326055ff48dce9c378db6274b65e1ac22dc
a5961c5de6dce41e1dfef35d901b31419c837af3e5c23abf9a47ada58105a6e4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /statica/index/css/reset.css HTTP/1.1
Host: zzciti.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Cookie: PHPSESSID=s8r12ld4ihd2gf9r1a5h48m7o3; think_var=hin-di
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 20:07:33 GMT
content-type: text/css
last-modified: Fri, 26 Jun 2020 07:28:18 GMT
vary: Accept-Encoding
etag: W/"5ef5a392-6a1"
expires: Wed, 08 May 2024 08:07:33 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=98nYkG7m7spbEdouj3zgiHWiGocS8ZOPWIj%2BxjUrxtbNg4uz6PneWWia9WAtZLvXZJVKc8x5TRSHGDOh0RluLgWB5a%2Bxm4Cbg8kr9%2BBqAeJsqE7aykf%2FU1127vjH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8803d6443b4c569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

zzciti.net/statica/public/js/base64.js

104.21.68.170

200 OK

8.1 kB

URL GET HTTP/3
zzciti.net/statica/public/js/base64.js
IP
104.21.68.170:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Certificate
IssuerGoogle Trust Services LLC
Subjectzzciti.net
FingerprintAF:F9:51:4B:62:73:AA:08:F5:11:39:3D:1B:A7:3D:1C:16:A7:BB:83
ValidityWed, 03 Apr 2024 06:39:53 GMT - Tue, 02 Jul 2024 06:39:52 GMT

File type
ASCII text, with CRLF line terminators
Size
8.1 kB (8123 bytes)
Hash
a425a65ab3278062421e8e1cd081f963
f424d84abc5b7a8521860d5362fe45138d113f99
117b1da7e10fa023b62ea3f1abff4a86e96865e984c2a3592f8b8afd3a86ceee

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /statica/public/js/base64.js HTTP/1.1
Host: zzciti.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Cookie: PHPSESSID=s8r12ld4ihd2gf9r1a5h48m7o3; think_var=hin-di
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 20:07:33 GMT
content-type: application/javascript
last-modified: Fri, 26 Jun 2020 07:29:52 GMT
vary: Accept-Encoding
etag: W/"5ef5a3f0-beb"
expires: Wed, 08 May 2024 08:07:33 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RrfHmNBx63awE5sm7YnQN%2FHttuV7F2%2BHrxfZPmMEFrVNs1dE6OrSHzv6bqDmFslCw5T3zZunHhoQ8kzCPNsJUoAy1SkUnN0zbcWkbeq%2BJ%2FYqJeA9NaXRf5yWlVTm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8803d6443b7b569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

zzciti.net/statica/index/css/home.css

104.21.68.170

200 OK

13 kB

URL GET HTTP/3
zzciti.net/statica/index/css/home.css
IP
104.21.68.170:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Certificate
IssuerGoogle Trust Services LLC
Subjectzzciti.net
FingerprintAF:F9:51:4B:62:73:AA:08:F5:11:39:3D:1B:A7:3D:1C:16:A7:BB:83
ValidityWed, 03 Apr 2024 06:39:53 GMT - Tue, 02 Jul 2024 06:39:52 GMT

File type
ASCII text
Size
13 kB (12722 bytes)
Hash
5cf3e9aa546bcaacc4d8169e4c2efef7
4a48f6651f419cad3525718f1115a419a4b5bdc2
3307057e7edd3c079dd41f192044e31e478abe837e746fb4003cffbca16f767a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /statica/index/css/home.css HTTP/1.1
Host: zzciti.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Cookie: PHPSESSID=s8r12ld4ihd2gf9r1a5h48m7o3; think_var=hin-di
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 20:07:33 GMT
content-type: text/css
last-modified: Fri, 26 Jun 2020 07:28:12 GMT
vary: Accept-Encoding
etag: W/"5ef5a38c-228f"
expires: Wed, 08 May 2024 08:07:33 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sAUqB0IZoYgb8Gjfh96vliTv0KVTzTJkqN%2FMMWHVIR21IF5JZDztbRab4O76YrlMKSBxX2uxoUQ%2FCSr35bbypHIs7l0qOi3QWlX1v9JFqw4u7oyndap9XcPWKptK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8803d6443b51569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

zzciti.net/index/index/ajaxindexpro

104.21.68.170

200 OK

8.6 kB

URL GET HTTP/3
zzciti.net/index/index/ajaxindexpro
IP
104.21.68.170:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Certificate
IssuerGoogle Trust Services LLC
Subjectzzciti.net
FingerprintAF:F9:51:4B:62:73:AA:08:F5:11:39:3D:1B:A7:3D:1C:16:A7:BB:83
ValidityWed, 03 Apr 2024 06:39:53 GMT - Tue, 02 Jul 2024 06:39:52 GMT

File type
JSON text data
Size
8.6 kB (8580 bytes)
Hash
eee1e11f4cd93f0587ad66b17701440a
05c1d330493df231724ad5fa12d7636fcf698fd4
e014d6723073a5c123889cf93e42685249746b3e1e27963e6174605c3b35412b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index/index/ajaxindexpro HTTP/1.1
Host: zzciti.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Cookie: PHPSESSID=s8r12ld4ihd2gf9r1a5h48m7o3; think_var=hin-di; pid65=56970.83; pid11=2884.73; pid63=24.4749; pid62=0.50075; pid70=400.99; pid64=76.71; pid80=27.368; pid79=119.66; pid54=0.7424; pid78=0.02; pid77=-0.012; pid76=-0.009
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 20:07:37 GMT
content-type: application/json; charset=utf-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: think_var=hin-di; expires=Tue, 07-May-2024 21:07:37 GMT; Max-Age=3600; path=/
pid65=56970.75; path=/
pid11=2884.83; path=/
pid63=24.4849; path=/
pid62=0.50135; path=/
pid70=401; path=/
pid64=77.61; path=/
pid80=27.354; path=/
pid79=119.56; path=/
pid54=0.7514; path=/
pid78=0; path=/
pid77=-0.008; path=/
pid76=-0.008; path=/
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fPwvOxPcNVElfRlAE5GgsxuOXnmY3KCkzZkwcEqcGh25zN5NN%2Fi2Br2G4GCQDdPQH7cQE8t3vXJp5%2Bk%2FLd4Cum00dWDD5c0tXlyrBe6DQLQL6DOCl4HVwkA2b%2B4T"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8803d6599a32569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

zzciti.net/index/index/ajaxindexpro

104.21.68.170

200 OK

4.6 kB

URL GET HTTP/3
zzciti.net/index/index/ajaxindexpro
IP
104.21.68.170:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Certificate
IssuerGoogle Trust Services LLC
Subjectzzciti.net
FingerprintAF:F9:51:4B:62:73:AA:08:F5:11:39:3D:1B:A7:3D:1C:16:A7:BB:83
ValidityWed, 03 Apr 2024 06:39:53 GMT - Tue, 02 Jul 2024 06:39:52 GMT

File type
JSON text data
Size
4.6 kB (4576 bytes)
Hash
0470899c0dee240fe69de7f520a77c2f
ddfe19db753f3d1cd6b86b1720e1b60ad9f4892d
f2c6200823bc01afe406025988e93834b0c434dc9fc861e97fb9ec55680826e5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index/index/ajaxindexpro HTTP/1.1
Host: zzciti.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Cookie: PHPSESSID=s8r12ld4ihd2gf9r1a5h48m7o3; think_var=hin-di; pid65=56970.66; pid11=2884.73; pid63=24.3249; pid62=0.50175; pid70=401.15; pid64=78.31; pid80=27.346; pid79=119.74; pid54=0.7354; pid78=0.06; pid77=0; pid76=0.011
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 20:07:44 GMT
content-type: application/json; charset=utf-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: think_var=hin-di; expires=Tue, 07-May-2024 21:07:43 GMT; Max-Age=3599; path=/
pid65=56970.66; path=/
pid11=2884.53; path=/
pid63=24.3249; path=/
pid62=0.50205; path=/
pid70=401.15; path=/
pid64=77.81; path=/
pid80=27.351; path=/
pid79=119.68; path=/
pid54=0.7354; path=/
pid78=0.09; path=/
pid77=-0.008; path=/
pid76=0.01; path=/
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7HQiCJS7Zv2AqH%2Bpr6HL%2Bdgg3QdfDBP7hDbZBhUiTBhLnt5ps%2BLj%2BDi8hl5wt8km3azSZ6vHjQlM4LO%2Bcb4a5JonxTQeU5krE1VLQDeE%2B3QjohP8wuQld7nJgoms"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8803d67f2c15569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

zzciti.net/index/index/ajaxindexpro

104.21.68.170

200 OK

11 kB

URL GET HTTP/3
zzciti.net/index/index/ajaxindexpro
IP
104.21.68.170:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Certificate
IssuerGoogle Trust Services LLC
Subjectzzciti.net
FingerprintAF:F9:51:4B:62:73:AA:08:F5:11:39:3D:1B:A7:3D:1C:16:A7:BB:83
ValidityWed, 03 Apr 2024 06:39:53 GMT - Tue, 02 Jul 2024 06:39:52 GMT

File type
JSON text data
Size
11 kB (10707 bytes)
Hash
5b6e9ea0b2661323b1981d57f1b3d9e1
c6c4a13ab0379ee033ea219ae6cef47dc413f9ef
5117eaf135c18743782a55b8d52d771371a3d3a4b16332f78b7997f1881fa5a5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index/index/ajaxindexpro HTTP/1.1
Host: zzciti.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Cookie: PHPSESSID=s8r12ld4ihd2gf9r1a5h48m7o3; think_var=hin-di; pid65=56970.66; pid11=2884.73; pid63=24.3249; pid62=0.50175; pid70=401.15; pid64=78.31; pid80=27.346; pid79=119.74; pid54=0.7354; pid78=0.06; pid77=0; pid76=0.011
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 20:07:45 GMT
content-type: application/json; charset=utf-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: think_var=hin-di; expires=Tue, 07-May-2024 21:07:45 GMT; Max-Age=3600; path=/
pid65=56970.77; path=/
pid11=2884.73; path=/
pid63=24.3049; path=/
pid62=0.50185; path=/
pid70=401.15; path=/
pid64=77.71; path=/
pid80=27.362; path=/
pid79=119.8; path=/
pid54=0.7384; path=/
pid78=0.01; path=/
pid77=-0.006; path=/
pid76=0.003; path=/
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FA8pSJ1Yqwq8unXHdmWAuagVWEkLybsgZLNdCxcbAoNhpv2F3c56gGO3B88TtUkrWbXq8lKbfBQIagnOOB9lqEcIwXT%2FXx06H6rWv244itjMbmP8eMsq%2FU0AB1NC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8803d6856fcc569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

zzciti.net/statica/index/js/swiper.min.js

104.21.68.170

200 OK

96 kB

URL GET HTTP/3
zzciti.net/statica/index/js/swiper.min.js
IP
104.21.68.170:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Certificate
IssuerGoogle Trust Services LLC
Subjectzzciti.net
FingerprintAF:F9:51:4B:62:73:AA:08:F5:11:39:3D:1B:A7:3D:1C:16:A7:BB:83
ValidityWed, 03 Apr 2024 06:39:53 GMT - Tue, 02 Jul 2024 06:39:52 GMT

File type
JavaScript source, ASCII text, with very long lines (31999), with CRLF line terminators
Size
96 kB (96436 bytes)
Hash
287fddcfd4fafa535460d88594a6bffb
dd1e62384e01fc6b853918629dacee717e17cc9f
8ea4ea3e5514608153c01ec00cc8a9daf4b5cd944ec6d3096fb97a1b3b57487b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /statica/index/js/swiper.min.js HTTP/1.1
Host: zzciti.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Cookie: PHPSESSID=s8r12ld4ihd2gf9r1a5h48m7o3; think_var=hin-di
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 20:07:33 GMT
content-type: application/javascript
last-modified: Fri, 26 Jun 2020 08:04:40 GMT
vary: Accept-Encoding
etag: W/"5ef5ac18-178b4"
expires: Wed, 08 May 2024 05:00:08 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 11245
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3jqsTqi0boQ3F4PWSAjUrozbuSJFN41VKsRzHbZXpWgUZyevBVI%2FByO3UbIdqMbU4gGUlueCci%2FsWyBJ64SCHISQIZQ69RowhxdGX2poPGvTYh3LgZDhpAti2mJ%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8803d6445bbd569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

zzciti.net/statica/layer/skin/default/layer.css?v=3.0.11110

104.21.68.170

200 OK

14 kB

URL GET HTTP/3
zzciti.net/statica/layer/skin/default/layer.css?v=3.0.11110
IP
104.21.68.170:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Certificate
IssuerGoogle Trust Services LLC
Subjectzzciti.net
FingerprintAF:F9:51:4B:62:73:AA:08:F5:11:39:3D:1B:A7:3D:1C:16:A7:BB:83
ValidityWed, 03 Apr 2024 06:39:53 GMT - Tue, 02 Jul 2024 06:39:52 GMT

File type
ASCII text, with very long lines (14296), with no line terminators
Size
14 kB (14296 bytes)
Hash
01ad21d46e656bb2c8e162c5305e754f
6bc931ea5cce8cf7ff2bc205f115af1da5a2df7a
b4ed5d24c92f99371c49023c1f7da9597cac7f23d3c9efe7c07025bc4a5d7386

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /statica/layer/skin/default/layer.css?v=3.0.11110 HTTP/1.1
Host: zzciti.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Cookie: PHPSESSID=s8r12ld4ihd2gf9r1a5h48m7o3; think_var=hin-di
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 20:07:34 GMT
content-type: text/css
last-modified: Fri, 26 Jun 2020 07:37:32 GMT
vary: Accept-Encoding
etag: W/"5ef5a5bc-37d8"
expires: Wed, 08 May 2024 05:00:08 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 11246
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SXhIScIN0wwPXX5sYhrZlwKsJG0NImU6sKXTl4F%2F85OFNqgMsVOCoAaqml5Anfuq3Ndy4lfW8MwF5dYlkHLFIzTwsdHnw6FidUd0KHmfQTqejTL%2Fikz1rnbtT0hh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8803d6463f14569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

zzciti.net/statica/index/css/common.css

104.21.68.170

200 OK

1.9 kB

URL GET HTTP/3
zzciti.net/statica/index/css/common.css
IP
104.21.68.170:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Certificate
IssuerGoogle Trust Services LLC
Subjectzzciti.net
FingerprintAF:F9:51:4B:62:73:AA:08:F5:11:39:3D:1B:A7:3D:1C:16:A7:BB:83
ValidityWed, 03 Apr 2024 06:39:53 GMT - Tue, 02 Jul 2024 06:39:52 GMT

File type
Unicode text, UTF-8 text, with very long lines (1928), with no line terminators
Size
1.9 kB (1931 bytes)
Hash
0a6774d16fd1474ebf71013869d087e3
3cdfe3362e233b482794120eb72a8a9816b43e35
5e055b1d21aa0a65f69300add1293ad01f9b2a3ba2f0354de391435b3ebdee22

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /statica/index/css/common.css HTTP/1.1
Host: zzciti.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Cookie: PHPSESSID=s8r12ld4ihd2gf9r1a5h48m7o3; think_var=hin-di
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 20:07:33 GMT
content-type: text/css
last-modified: Fri, 26 Jun 2020 07:27:02 GMT
vary: Accept-Encoding
etag: W/"5ef5a346-78b"
expires: Wed, 08 May 2024 02:35:32 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 19921
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6ib4OGancJzxpx9Jj4hAMtFW0an0XSlwkJBPJiE%2Bq%2FdxbPqu%2FfDmVapAHf0%2Bk56v7ZhrpEdvSI3F8K9Xx52KUlatxGNUKaCc5EsgZqfP2uL2pBnYToEAh22s9BNq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8803d6443b46569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

zzciti.net/statica/public/js/function.js

104.21.68.170

200 OK

1.6 kB

URL GET HTTP/3
zzciti.net/statica/public/js/function.js
IP
104.21.68.170:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Certificate
IssuerGoogle Trust Services LLC
Subjectzzciti.net
FingerprintAF:F9:51:4B:62:73:AA:08:F5:11:39:3D:1B:A7:3D:1C:16:A7:BB:83
ValidityWed, 03 Apr 2024 06:39:53 GMT - Tue, 02 Jul 2024 06:39:52 GMT

File type
Unicode text, UTF-8 text, with very long lines (1759), with no line terminators
Size
1.6 kB (1614 bytes)
Hash
3d4de0c954f9f61aa92ce6c44a5cacc6
aba635c2328ac93e615a710486e89f932d224fcd
7ae150e34f3c5820dd8905d2e7fc776316cfddec4f4c54da971aa7a82f1d6ebd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /statica/public/js/function.js HTTP/1.1
Host: zzciti.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Cookie: PHPSESSID=s8r12ld4ihd2gf9r1a5h48m7o3; think_var=hin-di
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 20:07:33 GMT
content-type: application/javascript
last-modified: Fri, 24 Jul 2020 07:56:36 GMT
vary: Accept-Encoding
etag: W/"5f1a9434-64e"
expires: Wed, 08 May 2024 08:07:33 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YvVjsfj7zweKStVYe5pvD2y99VFFNqnNEq%2BNRYvCLVnUinaMPKu%2Fm49U%2FnEkwE22vjp9Hpw9KiV1aMjTZTxamnVpVFMju0BvODvejg6yPX7G0fJBz%2F6fBj2gNU%2Bu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8803d6443b79569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

zzciti.net/statica/index/css/personal.css

104.21.68.170

200 OK

16 kB

URL GET HTTP/3
zzciti.net/statica/index/css/personal.css
IP
104.21.68.170:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Certificate
IssuerGoogle Trust Services LLC
Subjectzzciti.net
FingerprintAF:F9:51:4B:62:73:AA:08:F5:11:39:3D:1B:A7:3D:1C:16:A7:BB:83
ValidityWed, 03 Apr 2024 06:39:53 GMT - Tue, 02 Jul 2024 06:39:52 GMT

File type

Size
16 kB (16455 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /statica/index/css/personal.css HTTP/1.1
Host: zzciti.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zzciti.net/statica/index/css/style.css?323213
Cookie: PHPSESSID=s8r12ld4ihd2gf9r1a5h48m7o3; think_var=hin-di
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 20:07:34 GMT
content-type: text/css
last-modified: Mon, 26 Jul 2021 08:05:20 GMT
vary: Accept-Encoding
etag: W/"60fe6cc0-4047"
expires: Wed, 08 May 2024 05:00:07 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 11247
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vlJpSrMzZzvGcjVbNlFm3nHQOPqWH6LWFacKmnNuHtBgPBmdmRZ%2F18DAWxsmZctzfBCKhVdQo6b7drElyfFuWWtLrE1XgiaI%2BNt%2BEoLC98asQYg%2Bo7RZzY8VjipI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8803d645be1e569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

zzciti.net/statica/index/css/swiper.min.css

104.21.68.170

200 OK

14 kB

URL GET HTTP/3
zzciti.net/statica/index/css/swiper.min.css
IP
104.21.68.170:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Certificate
IssuerGoogle Trust Services LLC
Subjectzzciti.net
FingerprintAF:F9:51:4B:62:73:AA:08:F5:11:39:3D:1B:A7:3D:1C:16:A7:BB:83
ValidityWed, 03 Apr 2024 06:39:53 GMT - Tue, 02 Jul 2024 06:39:52 GMT

File type
ASCII text, with very long lines (13353)
Size
14 kB (13608 bytes)
Hash
7e29eec1f366019442c2e0b4979cb161
7644bbdcbc0f8cf275cd7d6c7b0aa8b9b2bf932f
58bbd6a241262127ddef359bd0d40bcbb1d84b1218f35164bc8d0348b5e8ec20

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /statica/index/css/swiper.min.css HTTP/1.1
Host: zzciti.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Cookie: PHPSESSID=s8r12ld4ihd2gf9r1a5h48m7o3; think_var=hin-di
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 20:07:33 GMT
content-type: text/css
last-modified: Fri, 26 Jun 2020 07:27:58 GMT
vary: Accept-Encoding
etag: W/"5ef5a37e-3528"
expires: Wed, 08 May 2024 08:07:33 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V%2BYbZqz4hwtKMFCqJDGnxEZMk%2FNeK%2B%2BAQ4ZPGw1KCem0x9IWJURG77XGhofl%2FmhuISLFFlnmqSfm%2FiwLrzXQqyDUUgftbMaA62kw8R9X3mz6BzThyx4UXv8O7hXS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8803d6443b5f569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

zzciti.net/statica/index/fonts/iconfont.woff?t=1483603041633

104.21.68.170

200 OK

34 kB

URL GET HTTP/3
zzciti.net/statica/index/fonts/iconfont.woff?t=1483603041633
IP
104.21.68.170:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Certificate
IssuerGoogle Trust Services LLC
Subjectzzciti.net
FingerprintAF:F9:51:4B:62:73:AA:08:F5:11:39:3D:1B:A7:3D:1C:16:A7:BB:83
ValidityWed, 03 Apr 2024 06:39:53 GMT - Tue, 02 Jul 2024 06:39:52 GMT

File type
Web Open Font Format, TrueType, length 34380, version 1.0
Size
34 kB (34380 bytes)
Hash
ec49b2f9f09efd73abcde3ffc2831c55
eaeddc97e2cc6674d977ac2c0b2b316ce26d8bb3
89ff3803cf8dc907b95175946ab385f91933741cbc3334be5485eaacf05d1efb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /statica/index/fonts/iconfont.woff?t=1483603041633 HTTP/1.1
Host: zzciti.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://zzciti.net/statica/index/css/iconfont.css
Cookie: PHPSESSID=s8r12ld4ihd2gf9r1a5h48m7o3; think_var=hin-di
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 20:07:34 GMT
content-type: font/woff
content-length: 34380
last-modified: Mon, 23 Dec 2019 07:45:56 GMT
etag: "5e0070b4-864c"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bU1NYtf4n5pjAHk2WfuYOvdv6KGBtW78%2FVuz%2BhnLAkc4ppGeHL03gdkYlbkNvqOZcj9MUds8w3%2FtDTCcNXH4CLpzEEM7minKFqXGPm48uZhl34HxIAYoZ8J4gTUR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8803d646affa569b-OSL
alt-svc: h3=":443"; ma=86400

zzciti.net/statica/index/css/trade.css

104.21.68.170

200 OK

3.2 kB

URL GET HTTP/3
zzciti.net/statica/index/css/trade.css
IP
104.21.68.170:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Certificate
IssuerGoogle Trust Services LLC
Subjectzzciti.net
FingerprintAF:F9:51:4B:62:73:AA:08:F5:11:39:3D:1B:A7:3D:1C:16:A7:BB:83
ValidityWed, 03 Apr 2024 06:39:53 GMT - Tue, 02 Jul 2024 06:39:52 GMT

File type
ASCII text, with very long lines (3481), with no line terminators
Size
3.2 kB (3214 bytes)
Hash
a20ee2a26535c8ce7f61ab957f9ed529
26689b68851e9595bb4aa91c20f853c08f610d70
75a1d9066710b5b5b67332025456442265e290a50abe200cd746ff61101bab2b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /statica/index/css/trade.css HTTP/1.1
Host: zzciti.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zzciti.net/statica/index/css/style.css?323213
Cookie: PHPSESSID=s8r12ld4ihd2gf9r1a5h48m7o3; think_var=hin-di
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 20:07:34 GMT
content-type: text/css
last-modified: Fri, 26 Jun 2020 07:37:08 GMT
vary: Accept-Encoding
etag: W/"5ef5a5a4-c8e"
expires: Wed, 08 May 2024 08:07:33 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HfBYpPqqMZzSgXXkK%2BAI7ydc16dj0sjpDvJ%2BUDjRLb%2BGyziJAq6%2FrPrJU9YJ51jdlYEsKaIxvnLi2E0zp8vRY7qkUIWmyCn4vpyqEDn0u9y75yMeayD9wPxTjMmE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8803d645be21569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

zzciti.net/statica/index/js/lk/index.js?2323

104.21.68.170

200 OK

5.5 kB

URL GET HTTP/3
zzciti.net/statica/index/js/lk/index.js?2323
IP
104.21.68.170:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Certificate
IssuerGoogle Trust Services LLC
Subjectzzciti.net
FingerprintAF:F9:51:4B:62:73:AA:08:F5:11:39:3D:1B:A7:3D:1C:16:A7:BB:83
ValidityWed, 03 Apr 2024 06:39:53 GMT - Tue, 02 Jul 2024 06:39:52 GMT

File type
JavaScript source, ASCII text, with very long lines (5682), with no line terminators
Size
5.5 kB (5485 bytes)
Hash
dd79b529c5a3e612b8e423ec904c6253
f1269ac2efd98206cc3e8d74837b7510c0082ac3
6211391450e803b26c448ad614de07c397c7050b87847f089252f3a5b47db9be

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /statica/index/js/lk/index.js?2323 HTTP/1.1
Host: zzciti.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Cookie: PHPSESSID=s8r12ld4ihd2gf9r1a5h48m7o3; think_var=hin-di
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 20:07:33 GMT
content-type: application/javascript
last-modified: Wed, 19 Apr 2023 11:31:34 GMT
vary: Accept-Encoding
etag: W/"643fd116-156d"
expires: Wed, 08 May 2024 05:00:08 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 11245
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eZeZpfjWITkhSbY0aNQXTnU7CqzljOwdzSfv2aFa5JgGCr9Gqm7NK75%2Ffx8zPoqrfYC8Ea7KGE4QedJz1%2BwtnF53q43DIjEZO7JHfmkE%2FDmHHR8KAcXRMfc9x4wM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8803d6445bbf569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

zzciti.net/statica/layer/layer.js

104.21.68.170

200 OK

21 kB

URL GET HTTP/3
zzciti.net/statica/layer/layer.js
IP
104.21.68.170:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Certificate
IssuerGoogle Trust Services LLC
Subjectzzciti.net
FingerprintAF:F9:51:4B:62:73:AA:08:F5:11:39:3D:1B:A7:3D:1C:16:A7:BB:83
ValidityWed, 03 Apr 2024 06:39:53 GMT - Tue, 02 Jul 2024 06:39:52 GMT

File type

Size
21 kB (21342 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /statica/layer/layer.js HTTP/1.1
Host: zzciti.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Cookie: PHPSESSID=s8r12ld4ihd2gf9r1a5h48m7o3; think_var=hin-di
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 20:07:33 GMT
content-type: application/javascript
last-modified: Mon, 23 Dec 2019 07:45:56 GMT
vary: Accept-Encoding
etag: W/"5e0070b4-535e"
expires: Wed, 08 May 2024 08:07:33 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ADeOYdhdtRDg0KX%2BGpUAYq4kTQ3UKdm1o1d15jRZhGGeUOU7l8Uv5U6ReKMuuikacZFp%2BAJnXRYdw79eDAMTF7zRRB%2BBKz4aoRRoHPbr0hQxKtzcssbAzLsW1N2L"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8803d6443b78569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

zzciti.net/statica/index/js/flexible.js

104.21.68.170

200 OK

3.4 kB

URL GET HTTP/3
zzciti.net/statica/index/js/flexible.js
IP
104.21.68.170:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Certificate
IssuerGoogle Trust Services LLC
Subjectzzciti.net
FingerprintAF:F9:51:4B:62:73:AA:08:F5:11:39:3D:1B:A7:3D:1C:16:A7:BB:83
ValidityWed, 03 Apr 2024 06:39:53 GMT - Tue, 02 Jul 2024 06:39:52 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (3429), with no line terminators
Size
3.4 kB (3398 bytes)
Hash
376beb0ce109195b660edba7110598d5
ea0d82163d593239bc8d99956a35cc8ccc1ca466
78790d5123971046e364a49fc1e9f68bd0e511f2f0c07dc9596800b82aba5e9f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /statica/index/js/flexible.js HTTP/1.1
Host: zzciti.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Cookie: PHPSESSID=s8r12ld4ihd2gf9r1a5h48m7o3; think_var=hin-di
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 20:07:33 GMT
content-type: application/javascript
last-modified: Fri, 26 Jun 2020 08:03:50 GMT
vary: Accept-Encoding
etag: W/"5ef5abe6-d46"
expires: Wed, 08 May 2024 08:07:33 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0SUikiF5q6jnG1c4svXGzECOv5JCRLrFCQRkMBzMRsj%2F8WQw%2Bi5I2esOLl0%2FUo3m9lArmlbSFd2gMX9xLxIUzUpQ61DIOiB1CqUG1ew8HNt5DK0pzydrnPn3SQXk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8803d6445bb9569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

zzciti.net/index?lang=en-us/index/index/index/token/46e9ce9c3bd6b57c0acdefa41fe6261e.html/index/index/index/token/463eea3681d92af8e1c766ad428cdf19.html/index/index/index/token/a725b0d24e1a64ebe7efbf2984917c0e.html/index/index/index/token/23e0fbb02e94aa89c33fa78d0c67989d.html/index/index/index/token/a7509ad1394e5620343c04af74af7ee7.html/index/index/index/token/a7509ad1394e5620343c04af74af7ee7.html/index/index/index/token/f7bf43df1839a0ea50e1a80f80d6bfa1.html/index/index/index/token/f7bf43df1839a0ea50e1a80f80d6bfa1.html/index/index/index/token/9c2a9df531d0aa6bc6f92228a80a2fee.html/index/index/index/token/65c7847ec95bc4b466b784e5567a24a8.html/index/index/index/token/6f98c0a5483aa061b99d517e3abd44d9.html/index/index/index/token/b68fbdcc0ca544aed754cb76746857e2.html/index/index/index/token/8137f795a150b9bf6175ab37b5bdfbe2.html/index/index/index/token/8e71c231d97621654adbc87d648e5a14.html/index/index/index/token/a63db08cd84b68e056ab257cf5e6e5a1.html/index/index/index/token/58785a02e80fd09f4d5c660976515871.html/index/index/index/token/57e488211af23245025b68a20aea2183.html/index/index/index/token/b79597655eda6d8cafaf938235537d09.html/index/index/index/token/b79597655eda6d8cafaf938235537d09.html/index/index/index/token/b79597655eda6d8cafaf938235537d09.html/index/index/index/token/d1a039162c49646774b0218fe971a6de.html/index/index/index/token/3bf60dc233104f380921bfd1ae4529f3.html/index/index/index/token/bfc705891b91b0db69b0025d08a028e2.html/index/index/index/token/d0f11c33a032fe5ab8317d4e96624f68.html/index/index/index/token/ef567dae2764d3fc6e49f1fcf8092f9f.html/index/index/index/token/eb1316f9c6ef443e8985743072ac9e5d.html/index/index/index/token/d72da89c5f63387ae22bfbbb5f8a0be4.html/index/index/index/token/d122d7ec158f75d38738b8c718df483c.html/index/index/index/token/4533e5e0ef229bdcc2d5aaa67eedab9a.html

104.21.68.170

302 Found

34 kB

URL User Request GET HTTP/2
zzciti.net/index?lang=en-us/index/index/index/token/46e9ce9c3bd6b57c0acdefa41fe6261e.html/index/index/index/token/463eea3681d92af8e1c766ad428cdf19.html/index/index/index/token/a725b0d24e1a64ebe7efbf2984917c0e.html/index/index/index/token/23e0fbb02e94aa89c33fa78d0c67989d.html/index/index/index/token/a7509ad1394e5620343c04af74af7ee7.html/index/index/index/token/a7509ad1394e5620343c04af74af7ee7.html/index/index/index/token/f7bf43df1839a0ea50e1a80f80d6bfa1.html/index/index/index/token/f7bf43df1839a0ea50e1a80f80d6bfa1.html/index/index/index/token/9c2a9df531d0aa6bc6f92228a80a2fee.html/index/index/index/token/65c7847ec95bc4b466b784e5567a24a8.html/index/index/index/token/6f98c0a5483aa061b99d517e3abd44d9.html/index/index/index/token/b68fbdcc0ca544aed754cb76746857e2.html/index/index/index/token/8137f795a150b9bf6175ab37b5bdfbe2.html/index/index/index/token/8e71c231d97621654adbc87d648e5a14.html/index/index/index/token/a63db08cd84b68e056ab257cf5e6e5a1.html/index/index/index/token/58785a02e80fd09f4d5c660976515871.html/index/index/index/token/57e488211af23245025b68a20aea2183.html/index/index/index/token/b79597655eda6d8cafaf938235537d09.html/index/index/index/token/b79597655eda6d8cafaf938235537d09.html/index/index/index/token/b79597655eda6d8cafaf938235537d09.html/index/index/index/token/d1a039162c49646774b0218fe971a6de.html/index/index/index/token/3bf60dc233104f380921bfd1ae4529f3.html/index/index/index/token/bfc705891b91b0db69b0025d08a028e2.html/index/index/index/token/d0f11c33a032fe5ab8317d4e96624f68.html/index/index/index/token/ef567dae2764d3fc6e49f1fcf8092f9f.html/index/index/index/token/eb1316f9c6ef443e8985743072ac9e5d.html/index/index/index/token/d72da89c5f63387ae22bfbbb5f8a0be4.html/index/index/index/token/d122d7ec158f75d38738b8c718df483c.html/index/index/index/token/4533e5e0ef229bdcc2d5aaa67eedab9a.html
IP
104.21.68.170:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectzzciti.net
FingerprintAF:F9:51:4B:62:73:AA:08:F5:11:39:3D:1B:A7:3D:1C:16:A7:BB:83
ValidityWed, 03 Apr 2024 06:39:53 GMT - Tue, 02 Jul 2024 06:39:52 GMT

File type

Size
34 kB (33864 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index?lang=en-us/index/index/index/token/46e9ce9c3bd6b57c0acdefa41fe6261e.html/index/index/index/token/463eea3681d92af8e1c766ad428cdf19.html/index/index/index/token/a725b0d24e1a64ebe7efbf2984917c0e.html/index/index/index/token/23e0fbb02e94aa89c33fa78d0c67989d.html/index/index/index/token/a7509ad1394e5620343c04af74af7ee7.html/index/index/index/token/a7509ad1394e5620343c04af74af7ee7.html/index/index/index/token/f7bf43df1839a0ea50e1a80f80d6bfa1.html/index/index/index/token/f7bf43df1839a0ea50e1a80f80d6bfa1.html/index/index/index/token/9c2a9df531d0aa6bc6f92228a80a2fee.html/index/index/index/token/65c7847ec95bc4b466b784e5567a24a8.html/index/index/index/token/6f98c0a5483aa061b99d517e3abd44d9.html/index/index/index/token/b68fbdcc0ca544aed754cb76746857e2.html/index/index/index/token/8137f795a150b9bf6175ab37b5bdfbe2.html/index/index/index/token/8e71c231d97621654adbc87d648e5a14.html/index/index/index/token/a63db08cd84b68e056ab257cf5e6e5a1.html/index/index/index/token/58785a02e80fd09f4d5c660976515871.html/index/index/index/token/57e488211af23245025b68a20aea2183.html/index/index/index/token/b79597655eda6d8cafaf938235537d09.html/index/index/index/token/b79597655eda6d8cafaf938235537d09.html/index/index/index/token/b79597655eda6d8cafaf938235537d09.html/index/index/index/token/d1a039162c49646774b0218fe971a6de.html/index/index/index/token/3bf60dc233104f380921bfd1ae4529f3.html/index/index/index/token/bfc705891b91b0db69b0025d08a028e2.html/index/index/index/token/d0f11c33a032fe5ab8317d4e96624f68.html/index/index/index/token/ef567dae2764d3fc6e49f1fcf8092f9f.html/index/index/index/token/eb1316f9c6ef443e8985743072ac9e5d.html/index/index/index/token/d72da89c5f63387ae22bfbbb5f8a0be4.html/index/index/index/token/d122d7ec158f75d38738b8c718df483c.html/index/index/index/token/4533e5e0ef229bdcc2d5aaa67eedab9a.html HTTP/1.1
Host: zzciti.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 07 May 2024 20:07:33 GMT
content-type: text/html; charset=utf-8
set-cookie: PHPSESSID=s8r12ld4ihd2gf9r1a5h48m7o3; path=/
think_var=hin-di; expires=Tue, 07-May-2024 21:07:33 GMT; Max-Age=3600; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cache-control: no-cache,must-revalidate
location: /index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z5AqhT%2B7v4YTs27smfFhez25begcKZssDcS8zmNi3bKOlEkkn3b1wEHqZ2BojnR%2FytrA8yjr%2B9xYD3LM%2BSyi376PK1NF%2Bvv6c753WtRtDoD1ISVPgOoWvd3BDCjE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8803d6406dac56bf-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

zzciti.net/statica/index/css/trade-history.css

104.21.68.170

200 OK

3.5 kB

URL GET HTTP/3
zzciti.net/statica/index/css/trade-history.css
IP
104.21.68.170:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Certificate
IssuerGoogle Trust Services LLC
Subjectzzciti.net
FingerprintAF:F9:51:4B:62:73:AA:08:F5:11:39:3D:1B:A7:3D:1C:16:A7:BB:83
ValidityWed, 03 Apr 2024 06:39:53 GMT - Tue, 02 Jul 2024 06:39:52 GMT

File type
Unicode text, UTF-8 text, with very long lines (3734), with no line terminators
Size
3.5 kB (3483 bytes)
Hash
8785319d94b490c27e96c284aef0620f
0d7e0de01adb9d4d51e2bdc8cae70ef969612bf6
b2ebab53ba4573ebd413526d90271e5948b010bc48eabbe4f71d7b1441b6bdc9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /statica/index/css/trade-history.css HTTP/1.1
Host: zzciti.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zzciti.net/statica/index/css/style.css?323213
Cookie: PHPSESSID=s8r12ld4ihd2gf9r1a5h48m7o3; think_var=hin-di
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 20:07:34 GMT
content-type: text/css
last-modified: Fri, 26 Jun 2020 07:36:58 GMT
vary: Accept-Encoding
etag: W/"5ef5a59a-d9b"
expires: Wed, 08 May 2024 08:07:33 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gv0fY0D0NYQNPu7x4Q8mRnXhOhJEPGgmnL91Hjv7GfYjPmy2vl96DqeNdkQvrZnlO0s72BLdqVEaZVHNSIeN9lW6SvwQHS7uLaTdDP5Y4t7DYOGk%2FLK3vxvYO%2FFs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8803d645be1f569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

zzciti.net/favicon.ico

104.21.68.170

404 Not Found

29 kB

URL GET HTTP/3
zzciti.net/favicon.ico
IP
104.21.68.170:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Certificate
IssuerGoogle Trust Services LLC
Subjectzzciti.net
FingerprintAF:F9:51:4B:62:73:AA:08:F5:11:39:3D:1B:A7:3D:1C:16:A7:BB:83
ValidityWed, 03 Apr 2024 06:39:53 GMT - Tue, 02 Jul 2024 06:39:52 GMT

File type

Size
29 kB (28570 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: zzciti.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Cookie: PHPSESSID=s8r12ld4ihd2gf9r1a5h48m7o3; think_var=hin-di
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Tue, 07 May 2024 20:07:34 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
cf-cache-status: BYPASS
set-cookie: think_var=hin-di; expires=Tue, 07-May-2024 21:07:34 GMT; Max-Age=3600; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uH6N7beCsPuoq7x0Vg94Re%2FB6NIeuNQZ%2F5r8bdBFzUDJIpj%2BZjvpx08cWQub7RzvOPBvEbHSnkAQkAQ5hOWovNUCWPXN4luhArlUAEiUHFJXXWMhrpDfzgRaUWeK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8803d647897a569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

zzciti.net/statica/index/css/style.css?323213

104.21.68.170

200 OK

42 kB

URL GET HTTP/3
zzciti.net/statica/index/css/style.css?323213
IP
104.21.68.170:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Certificate
IssuerGoogle Trust Services LLC
Subjectzzciti.net
FingerprintAF:F9:51:4B:62:73:AA:08:F5:11:39:3D:1B:A7:3D:1C:16:A7:BB:83
ValidityWed, 03 Apr 2024 06:39:53 GMT - Tue, 02 Jul 2024 06:39:52 GMT

File type

Size
42 kB (42295 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /statica/index/css/style.css?323213 HTTP/1.1
Host: zzciti.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Cookie: PHPSESSID=s8r12ld4ihd2gf9r1a5h48m7o3; think_var=hin-di
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 20:07:33 GMT
content-type: text/css
last-modified: Sun, 17 Apr 2022 11:53:04 GMT
vary: Accept-Encoding
etag: W/"625bffa0-a537"
expires: Wed, 08 May 2024 02:35:32 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 19921
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BeTUA15XFZLv%2Fx%2F5WGhiaQ5XFYgNWSQvq4yRymd5AZQgR4K3c2Oqrynjj1%2BE62dJ4sSWk1ebbAsyZ45V3bpC2nufjPgjI%2FfTSJFH9S%2By5ENA5nSfnrVisVz7nVcV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8803d6443b40569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

zzciti.net/static/index/js/lk/order.js

104.21.68.170

200 OK

3.3 kB

URL GET HTTP/3
zzciti.net/static/index/js/lk/order.js
IP
104.21.68.170:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Certificate
IssuerGoogle Trust Services LLC
Subjectzzciti.net
FingerprintAF:F9:51:4B:62:73:AA:08:F5:11:39:3D:1B:A7:3D:1C:16:A7:BB:83
ValidityWed, 03 Apr 2024 06:39:53 GMT - Tue, 02 Jul 2024 06:39:52 GMT

File type
Unicode text, UTF-8 text, with very long lines (3461), with no line terminators
Size
3.3 kB (3253 bytes)
Hash
042b6e33e1769241a3448640a386bbe8
538fa37d7ced395955f0d7e8c3b64fcc01d0544e
d745774f7bfffe9d5a61197428636d38e8c006184f0e9f5d954a21e249d28d74

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/index/js/lk/order.js HTTP/1.1
Host: zzciti.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Cookie: PHPSESSID=s8r12ld4ihd2gf9r1a5h48m7o3; think_var=hin-di
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 20:07:33 GMT
content-type: application/javascript
last-modified: Thu, 03 Jun 2021 17:47:30 GMT
vary: Accept-Encoding
etag: W/"60b915b2-cb5"
expires: Wed, 08 May 2024 08:07:33 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X8nbDqPvno99%2FwVHuZFDAlD6TtamJBsgS01fKlQIkv3R6uN3aUaiK0BWWbcYfw%2F%2F4XmaMRmPmsuT9vR8CABZdxftFK4EZhajeeHdbKW4n%2BPkuLogh%2BjwKhNstipq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8803d6443b73569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

zzciti.net/statica/js/jquery-1.9.1.min.js

104.21.68.170

200 OK

94 kB

URL GET HTTP/3
zzciti.net/statica/js/jquery-1.9.1.min.js
IP
104.21.68.170:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Certificate
IssuerGoogle Trust Services LLC
Subjectzzciti.net
FingerprintAF:F9:51:4B:62:73:AA:08:F5:11:39:3D:1B:A7:3D:1C:16:A7:BB:83
ValidityWed, 03 Apr 2024 06:39:53 GMT - Tue, 02 Jul 2024 06:39:52 GMT

File type

Size
94 kB (93905 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /statica/js/jquery-1.9.1.min.js HTTP/1.1
Host: zzciti.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Cookie: PHPSESSID=s8r12ld4ihd2gf9r1a5h48m7o3; think_var=hin-di
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 20:07:33 GMT
content-type: application/javascript
last-modified: Wed, 02 Jun 2021 19:04:52 GMT
vary: Accept-Encoding
etag: W/"60b7d654-16ed1"
expires: Wed, 08 May 2024 08:07:33 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jDAHUtbVs1sA75QEblWoWs8rHEHKAYgJLaCoDrnhsjZvn4wVgJUkLwvkccoDFdozZ597a%2FH%2BpbLeq1dhHdHDKJ13zJuqmbYSQ4TX9LFWk%2FW8iPNpWHNqzNGqAXrS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8803d6443b69569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

zzciti.net/statica/index/js/zepto.min.js

104.21.68.170

200 OK

26 kB

URL GET HTTP/3
zzciti.net/statica/index/js/zepto.min.js
IP
104.21.68.170:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Certificate
IssuerGoogle Trust Services LLC
Subjectzzciti.net
FingerprintAF:F9:51:4B:62:73:AA:08:F5:11:39:3D:1B:A7:3D:1C:16:A7:BB:83
ValidityWed, 03 Apr 2024 06:39:53 GMT - Tue, 02 Jul 2024 06:39:52 GMT

File type
JavaScript source, ASCII text, with very long lines (26318)
Size
26 kB (26386 bytes)
Hash
50a4556b0089cfa1cb61e88ea23bbcce
6865443a258954fa19b8aa682e1f4c77d42493d1
beb9f5e32ed61fbce010497242a9b6b8219242b5ffc636038e7891510c773725

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /statica/index/js/zepto.min.js HTTP/1.1
Host: zzciti.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Cookie: PHPSESSID=s8r12ld4ihd2gf9r1a5h48m7o3; think_var=hin-di
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 20:07:33 GMT
content-type: application/javascript
last-modified: Fri, 26 Jun 2020 08:04:02 GMT
vary: Accept-Encoding
etag: W/"5ef5abf2-6712"
expires: Wed, 08 May 2024 08:07:33 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RTgmTkLD04Fn%2Bp19RpZoWS3QzKG%2BZV1APspwc5iO0fguByrPSEzsW2%2F1%2BOUgD%2BDFdC6f9%2BEsRoD%2FIys0jJZV0UMk8RSNX1SnBs6kRuRW26w7mRf0YfBcH4%2Ft5rml"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8803d6445bbb569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

zzciti.net/statica/index/js/home.js

104.21.68.170

200 OK

1.5 kB

URL GET HTTP/3
zzciti.net/statica/index/js/home.js
IP
104.21.68.170:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Certificate
IssuerGoogle Trust Services LLC
Subjectzzciti.net
FingerprintAF:F9:51:4B:62:73:AA:08:F5:11:39:3D:1B:A7:3D:1C:16:A7:BB:83
ValidityWed, 03 Apr 2024 06:39:53 GMT - Tue, 02 Jul 2024 06:39:52 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (1541), with no line terminators
Size
1.5 kB (1485 bytes)
Hash
93d784d3c23b43fa345f4454592fffdd
46c2ff4c7b8fa74da390cc3995040a8d26e8446b
eb405a96f7e66e933bf0c7551277d039f3d7bc439e195d12593f231cd7b30b82

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /statica/index/js/home.js HTTP/1.1
Host: zzciti.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Cookie: PHPSESSID=s8r12ld4ihd2gf9r1a5h48m7o3; think_var=hin-di
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 20:07:33 GMT
content-type: application/javascript
last-modified: Fri, 26 Jun 2020 08:04:18 GMT
vary: Accept-Encoding
etag: W/"5ef5ac02-5cd"
expires: Wed, 08 May 2024 05:00:08 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 11245
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ntJ4xu2zHp9gtS78DG5tIrc0TE%2FLNSelLh%2BeHt6lUFmaC%2FETga%2B%2B8M0TiD1gAfeYbanMjFkfGEIfxlS8if7s2dAKgMnZzcx89EP1gdOir3r7TEclPWoW1CWhkB8Z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8803d6445bc1569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

zzciti.net/statica/index/css/sign.css

104.21.68.170

200 OK

8.6 kB

URL GET HTTP/3
zzciti.net/statica/index/css/sign.css
IP
104.21.68.170:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Certificate
IssuerGoogle Trust Services LLC
Subjectzzciti.net
FingerprintAF:F9:51:4B:62:73:AA:08:F5:11:39:3D:1B:A7:3D:1C:16:A7:BB:83
ValidityWed, 03 Apr 2024 06:39:53 GMT - Tue, 02 Jul 2024 06:39:52 GMT

File type
Unicode text, UTF-8 text, with very long lines (9305), with no line terminators
Size
8.6 kB (8640 bytes)
Hash
b39670f94265eeccce929adc603b6a23
68522c215f7b2b790c1e8a6b412a97f37cf5318b
0708bb449d38455ef978a24a040ac8d94d8206a617ca2178a3bd594aad9ea5c6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /statica/index/css/sign.css HTTP/1.1
Host: zzciti.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zzciti.net/statica/index/css/style.css?323213
Cookie: PHPSESSID=s8r12ld4ihd2gf9r1a5h48m7o3; think_var=hin-di
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 20:07:34 GMT
content-type: text/css
last-modified: Fri, 26 Jun 2020 07:37:02 GMT
vary: Accept-Encoding
etag: W/"5ef5a59e-21c0"
expires: Wed, 08 May 2024 08:07:33 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oFRB47k%2FWh0aUfe64j6%2BdKa20WJlSF2f%2FLvZvYXG1jisGZb7IkXqI08ASQOKwrjHE3UMCoiiwfpNNcnM6U4NCZdjV4cJkFa3OSeJgrjFzEfEO2iW4Sb9W5NZUj35"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8803d645be20569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

zzciti.net/statica/index/css/iconfont.css

104.21.68.170

200 OK

3.5 kB

URL GET HTTP/3
zzciti.net/statica/index/css/iconfont.css
IP
104.21.68.170:443
ASN
#13335 CLOUDFLARENET

Requested by
https://zzciti.net/index/index/index/token/b2664d44fa0f82b38d9254d8f80acf1e.html
Certificate
IssuerGoogle Trust Services LLC
Subjectzzciti.net
FingerprintAF:F9:51:4B:62:73:AA:08:F5:11:39:3D:1B:A7:3D:1C:16:A7:BB:83
ValidityWed, 03 Apr 2024 06:39:53 GMT - Tue, 02 Jul 2024 06:39:52 GMT

File type
ASCII text, with very long lines (3854), with no line terminators
Size
3.5 kB (3529 bytes)
Hash
4a2e08ea8dd2dfd11efb9b58665f591b
13e88cd4f93bab769f449543affd88f168b2fcf2
6e13934f3b320f42cafbe7aa5be366bbdcd737d8e4cf0ae3f03f42dc97ade8b9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /statica/index/css/iconfont.css HTTP/1.1
Host: zzciti.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://zzciti.net/statica/index/css/style.css?323213
Cookie: PHPSESSID=s8r12ld4ihd2gf9r1a5h48m7o3; think_var=hin-di
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 20:07:34 GMT
content-type: text/css
last-modified: Fri, 26 Jun 2020 07:37:12 GMT
vary: Accept-Encoding
etag: W/"5ef5a5a8-dc9"
expires: Wed, 08 May 2024 08:07:33 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yoP1D7X1MXtHO2QgF40igpSVZYVDpUljCP%2B2TQUVsDbsYkq3Dc8gerZd0e8t4x27NN4lJbjXQPmRVjYRiT9jmGx04csnMYuR%2FQylNmVueZlRxWqZFmhPW%2FC4KfHe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8803d645be24569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL