Report - 8b2.69tx-40.xyz/

Report Overview

Visited public
2025-06-18 07:52:26
Tags
Submit Tags
URL
8b2.69tx-40.xyz/
Finishing URL
8b2.jiejie51-f1342.cc/?fromxyz=1
IP / ASN
14.128.63.65
#152194 CTG Server Limited
Title
8b2.jiejie51-f1342.cc/?fromxyz=1

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
8b2.jiejie51-f1342.cc	unknown	2025-05-07	2025-06-18	2025-06-18	959 B	20 kB	14.128.63.96
8b2.69tx-40.xyz	unknown	2024-06-26	2025-06-18	2025-06-18	484 B	9.8 kB	14.128.63.96

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-06-18	medium	jiejie51-f1342.cc	Sinkholed
2025-06-18	medium	jiejie51-f1342.cc	Sinkholed

ThreatFox

No alerts detected

JavaScript (6)

	URL	From	Size	First Seen	Last Seen
	8b2.jiejie51-f1342.cc/?fromxyz=1	ScriptElement	1.5 kB	2025-06-18	2025-06-22
Pretty URL 8b2.jiejie51-f1342.cc/?fromxyz=1 IP 14.128.63.96 ASN #152194 CTG Server Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-18 07:52 Last Seen2025-06-22 13:01 Times Seen2 Hash 323056eaeb160bc6b9ab271702aeaf00 e48dbc77d39b6dd090deebb5f7838fee2230e023 798ff40308184bc610688ae87af5c6c1c536686706469505c99ade00df72eb61 Loading...

	8b2.jiejie51-f1342.cc/?fromxyz=1	ScriptElement	411 B	2024-12-28	2025-07-03
Pretty URL 8b2.jiejie51-f1342.cc/?fromxyz=1 IP 14.128.63.96 ASN #152194 CTG Server Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-28 18:34 Last Seen2025-07-03 02:55 Times Seen1005 Hash b203c21c3e00f104b7d1dd773bb918e6 40e7acdf8b27d26803c65044785a6357eb787ffa 16994b5ec01c385114087f7e744c592f19c8b1a1ad96b10c2abbdc6817b0a493 Loading...

	8b2.jiejie51-f1342.cc/?fromxyz=1	ScriptElement	9.4 kB	2025-06-18	2025-06-18
Pretty URL 8b2.jiejie51-f1342.cc/?fromxyz=1 IP 14.128.63.96 ASN #152194 CTG Server Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-18 07:52 Last Seen2025-06-18 07:52 Times Seen1 Hash ffcf944b32df6faa2b70db187d76a4db d0d386a7355c03eded1c0f9d6b4778976734aa7f bd155dce1a69bec04cbef8a563aba9734d4039192d5bfbe0f1ee75194fbf4183 Loading...

	8b2.jiejie51-f1342.cc/?fromxyz=1	ScriptElement	64 B	2024-12-28	2025-07-03
Pretty URL 8b2.jiejie51-f1342.cc/?fromxyz=1 IP 14.128.63.96 ASN #152194 CTG Server Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-28 18:34 Last Seen2025-07-03 02:55 Times Seen1005 Hash eb90f64a7adc636344bd6c9271de19ce 57f15b19caefab99cce1a2a9ae158b68f09894a9 5b803277364c8f9ba93336b0f11212ec1a4420b8be98dbb036b26d120cc532bb Loading...

		Size	First Seen	Last Seen
	#1 Write - d97f05ab6ed0ec9726247ec548d1a023	3.2 kB	2025-06-18 07:52	2025-06-18 07:52
Pretty Observations First Seen2025-06-18 07:52 Last Seen2025-06-18 07:52 Times Seen1 Hash d97f05ab6ed0ec9726247ec548d1a023 15c7f7315b2ba2de41ea27f6567a4501b04f6b21 85097d543e57ee657f97aec44af28dfb0787181cdcf82e6e45f7665260a2694f Loading...

	#2 Write - dfbecfe50178f6af93b441876b538e6a	12 B	2025-06-18 04:48	2025-06-18 23:04
Pretty Observations First Seen2025-06-18 04:48 Last Seen2025-06-18 23:04 Times Seen16 Hash dfbecfe50178f6af93b441876b538e6a f9bd9519c861f0ed2403b8c4a261c98708268fdf 2e3f6ecfe4e866744b49835cdeeebca84f0098555395c8bbe525c73c6fe72d33 Loading...

HTTP Transactions (3)

URL IP Response Size

GET 8b2.69tx-40.xyz/

14.128.63.96

302 Found

9.4 kB

URL User Request GET
8b2.69tx-40.xyz/
IP
14.128.63.96:443
ASN
#152194 CTG Server Limited

Certificate
IssuerLet's Encrypt
Subject*.69tx-40.xyz
FingerprintB0:E0:10:F0:64:3B:D0:B9:91:C1:0C:73:96:ED:9B:40:D7:42:39:A3
ValidityThu, 01 May 2025 13:58:40 GMT - Wed, 30 Jul 2025 13:58:39 GMT

File type

Size
9.4 kB (9448 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: 8b2.69tx-40.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
access-control-allow-origin: 
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=utf-8
date: Wed, 18 Jun 2025 07:52:05 GMT
location: https://8b2.jiejie51-f1342.cc/?fromxyz=1
server: openresty
vary: Origin, Accept-Encoding
x-cache: BYPASS
x-frame-options: SAMEORIGIN
content-length: 111
X-Firefox-Spdy: h2

GET 8b2.jiejie51-f1342.cc/?fromxyz=1

14.128.63.96

200 OK

9.4 kB

URL User Request GET
8b2.jiejie51-f1342.cc/?fromxyz=1
IP
14.128.63.96:443
ASN
#152194 CTG Server Limited

Certificate
IssuerLet's Encrypt
Subject*.jiejie51-f1342.cc
Fingerprint23:A3:1E:25:52:13:39:D7:D3:83:79:6B:26:21:51:DA:48:15:FA:37
ValidityWed, 07 May 2025 03:44:57 GMT - Tue, 05 Aug 2025 03:44:56 GMT

File type
HTML document, ASCII text, with very long lines (9448), with no line terminators
Size
9.4 kB (9448 bytes)
Hash
e7fa1bd6912ddeea02a284c0558ffee8
e5190240b5efb84d903a76f5261a541685d68529
f75e85932b8d7974a72d301cad30751d38824ae051bf25d6dff5321b79fe0558

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?fromxyz=1 HTTP/1.1
Host: 8b2.jiejie51-f1342.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: 
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-type: text/html;charset=utf-8
date: Wed, 18 Jun 2025 07:52:06 GMT
server: openresty
vary: Origin, Accept-Encoding
x-cache: BYPASS
x-frame-options: SAMEORIGIN
content-length: 1959
X-Firefox-Spdy: h2

GET 8b2.jiejie51-f1342.cc/favicon.ico

14.128.63.96

200 OK

9.7 kB

URL GET
8b2.jiejie51-f1342.cc/favicon.ico
IP
14.128.63.96:443
ASN
#152194 CTG Server Limited

Requested by
https://8b2.jiejie51-f1342.cc/?fromxyz=1
Certificate
IssuerLet's Encrypt
Subject*.jiejie51-f1342.cc
Fingerprint23:A3:1E:25:52:13:39:D7:D3:83:79:6B:26:21:51:DA:48:15:FA:37
ValidityWed, 07 May 2025 03:44:57 GMT - Tue, 05 Aug 2025 03:44:56 GMT

File type
MS Windows icon resource - 1 icon, 48x48, 32 bits/pixel
Size
9.7 kB (9662 bytes)
Hash
3331070cee004f8847884177ab747e20
41f1edcbb7ee7fc352acd7890b755c1a36b05daa
0b0bc70778f9a4f293440285444a35c6b02fe48ac0cd2b426227e490dae0492f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 8b2.jiejie51-f1342.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8b2.jiejie51-f1342.cc/?fromxyz=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: 
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: max-age=15552000, public, max-age=15552000, immutable
content-type: image/vnd.microsoft.icon
date: Wed, 18 Jun 2025 07:52:06 GMT
expires: Mon, 15 Dec 2025 07:52:06 GMT
last-modified: Fri, 10 Jan 2025 12:00:23 GMT
server: openresty
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-cache: UPDATING
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block
content-length: 9662
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

HTTP Transactions (3)

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers