Report - adrianafun.st/showthread.php?pid=984592&tid=321

Report Overview

Visited public
2024-10-26 19:19:00
Tags
URL
adrianafun.st/showthread.php?pid=984592&tid=321
Finishing URL
adrianafun.st/showthread.php?pid=984592&tid=321
IP / ASN
171.244.33.80
#38731 CHT Compamy Ltd
Title
Little Young Pussy Want to Sex!!

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
jbhub.top	unknown	unknown	No data	No data	386 B	8.4 kB	104.21.10.177
adrianafun.st	unknown	unknown	No data	No data	17 kB	122 kB	171.244.33.80
jblist.al	unknown	unknown	No data	No data	406 B	36 kB	172.67.210.43
nudeyoung.info	unknown	unknown	No data	No data	437 B	14 kB	208.122.193.109
candygirlz.cc	unknown	unknown	No data	No data	424 B	56 kB	104.21.32.108
img97.pixhost.to	unknown	unknown	No data	No data	441 B	77 kB	94.229.45.2
jbhub.al	unknown	unknown	No data	No data	386 B	1.0 kB	188.114.96.1
jbhub.biz	unknown	unknown	No data	No data	387 B	1.0 kB	188.114.96.1
hiddenhabor.top	unknown	unknown	No data	No data	447 B	59 kB	104.21.35.203
imgpimp.xyz	unknown	unknown	No data	No data	2.1 kB	260 kB	188.114.97.1
t93.pixhost.to	unknown	unknown	No data	No data	443 B	9.7 kB	94.229.45.2
img0.pixhost.to	unknown	unknown	No data	No data	443 B	123 kB	94.229.45.2
jbhub.cc	unknown	unknown	No data	No data	385 B	1.0 kB	172.67.134.152
jbhub.st	unknown	unknown	No data	No data	386 B	8.7 kB	31.220.1.49
www.imgbur.cc	unknown	unknown	No data	No data	4.4 kB	2.5 MB	185.178.208.164

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Mnemonic Secure DNS

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-10-26	medium	adrianafun.st	Sinkholed
2024-10-26	medium	adrianafun.st	Sinkholed
2024-10-26	medium	adrianafun.st	Sinkholed
2024-10-26	medium	adrianafun.st	Sinkholed
2024-10-26	medium	adrianafun.st	Sinkholed
2024-10-26	medium	adrianafun.st	Sinkholed
2024-10-26	medium	adrianafun.st	Sinkholed
2024-10-26	medium	adrianafun.st	Sinkholed
2024-10-26	medium	adrianafun.st	Sinkholed
2024-10-26	medium	adrianafun.st	Sinkholed
2024-10-26	medium	adrianafun.st	Sinkholed
2024-10-26	medium	adrianafun.st	Sinkholed
2024-10-26	medium	jbhub.cc	Sinkholed
2024-10-26	medium	adrianafun.st	Sinkholed
2024-10-26	medium	adrianafun.st	Sinkholed
2024-10-26	medium	adrianafun.st	Sinkholed
2024-10-26	medium	adrianafun.st	Sinkholed
2024-10-26	medium	adrianafun.st	Sinkholed
2024-10-26	medium	adrianafun.st	Sinkholed
2024-10-26	medium	adrianafun.st	Sinkholed
2024-10-26	medium	adrianafun.st	Sinkholed
2024-10-26	medium	adrianafun.st	Sinkholed
2024-10-26	medium	adrianafun.st	Sinkholed
2024-10-26	medium	adrianafun.st	Sinkholed
2024-10-26	medium	adrianafun.st	Sinkholed
2024-10-26	medium	adrianafun.st	Sinkholed
2024-10-26	medium	adrianafun.st	Sinkholed
2024-10-26	medium	adrianafun.st	Sinkholed

ThreatFox

No alerts detected

JavaScript (17)

	URL	From	Size	First Seen	Last Seen
	adrianafun.st/showthread.php?pid=984592&tid=321	ScriptElement	2.3 kB	2024-10-26	2024-10-26
Pretty URL adrianafun.st/showthread.php?pid=984592&tid=321 IP 171.244.33.80 ASN #7552 Viettel Group Introduced by scriptElement Embedded in HTML true Observations First Seen2024-10-26 19:19 Last Seen2024-10-26 19:19 Times Seen1 Hash db2bd05644370053ba57bddf6bfebad1 f2b75a0f4abfb85626febed612a1932b82c43cef f124869a81978d17aadc4c9e20749e4181a27d4fe50ec8c4756db102f54762cc Loading...

	adrianafun.st/jscripts/jquery.js?ver=1823	ScriptElement	90 kB	2023-03-07	2025-05-03
Pretty URL adrianafun.st/jscripts/jquery.js?ver=1823 IP 171.244.33.80 ASN #7552 Viettel Group Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-03 17:00 Times Seen4888 Hash 12b69d0ae6c6f0c42942ae6da2896e84 d2cc8d43ce1c854b1172e42b1209502ad563db83 6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f Loading...

	adrianafun.st/jscripts/jquery.plugins.min.js?ver=1821	ScriptElement	15 kB	2023-03-07	2025-04-28
Pretty URL adrianafun.st/jscripts/jquery.plugins.min.js?ver=1821 IP 171.244.33.80 ASN #7552 Viettel Group Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-04-28 11:03 Times Seen390 Hash cf1f71e20e14765d6d5ea640aa4f7fc7 d1f3a0e46dd50d3a4d1839cb821ad42802619def a3f1ec1a12c5ba59cf41f98406b4a296f7a54b8c4904de9a6f1fc2e4db19b149 Loading...

	adrianafun.st/showthread.php?pid=984592&tid=321	ScriptElement	966 B	2023-03-07	2025-04-22
Pretty URL adrianafun.st/showthread.php?pid=984592&tid=321 IP 171.244.33.80 ASN #7552 Viettel Group Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 21:24 Last Seen2025-04-22 13:21 Times Seen51 Hash 70eda2d8ed496ccea6ef8de9ed68fbaf 4d8d61164978e7cf363d9eea2ee24f0814a22779 bc528479e0f7527b00dbfa43f453d636ccbaf40fb727bb7b96bde4a76d5b4a03 Loading...

	adrianafun.st/showthread.php?pid=984592&tid=321	ScriptElement	77 B	2023-03-07	2025-04-19
Pretty URL adrianafun.st/showthread.php?pid=984592&tid=321 IP 171.244.33.80 ASN #7552 Viettel Group Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-04-19 06:33 Times Seen327 Hash e0e774c6eac4073121eb55b9e21d3511 5156ea2435d223d0519ddce05085a2510c7b1807 45a342390daafbd778ec29ac08c0cd3273410c225c6c1101306700c811b530b5 Loading...

	adrianafun.st/showthread.php?pid=984592&tid=321	ScriptElement	1.5 kB	2023-03-10	2025-04-16
Pretty URL adrianafun.st/showthread.php?pid=984592&tid=321 IP 171.244.33.80 ASN #7552 Viettel Group Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-10 18:09 Last Seen2025-04-16 15:26 Times Seen44 Hash cf36f333fa1abde6cc9583c9485449bc 823d313f556e70be678f702d0d1b48e79ba5b75f b1322f57bb09e2986f1737c9188c0f638fefd902f48cfee2092cba91ee1f4be9 Loading...

	adrianafun.st/showthread.php?pid=984592&tid=321	ScriptElement	95 B	2023-03-07	2025-04-16
Pretty URL adrianafun.st/showthread.php?pid=984592&tid=321 IP 171.244.33.80 ASN #7552 Viettel Group Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 21:24 Last Seen2025-04-16 15:26 Times Seen91 Hash b380a5a269b02d6ba3a36138b9aa035c 73511e9d924118632bdf9fae60952cb8a109397b d891eb0930a9e978033bd318e1dfc97ab49d659c88c4e34ebfe847541556bf80 Loading...

	adrianafun.st/jscripts/general.js?ver=1827	ScriptElement	16 kB	2023-03-07	2025-04-21
Pretty URL adrianafun.st/jscripts/general.js?ver=1827 IP 171.244.33.80 ASN #7552 Viettel Group Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-04-21 18:39 Times Seen336 Hash 373ad0e5af45e8cd17b064aaa7c2d465 9e83f3daac4c6387937fa2a3e98dbe9cc1c9169e 491afa838f1b1eef0454c529c8f6fcdcec59ea31110dda7430f85cc53fb82898 Loading...

	adrianafun.st/showthread.php?pid=984592&tid=321	ScriptElement	362 B	2023-03-07	2025-04-16
Pretty URL adrianafun.st/showthread.php?pid=984592&tid=321 IP 171.244.33.80 ASN #7552 Viettel Group Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 21:24 Last Seen2025-04-16 15:26 Times Seen59 Hash 03bff8af0b117a3649e03c4451fbef82 5c553d419c73d3d6513e27d98d3556ab16a5ac81 9d3f23bb29d3a4cb0d29918c942eb1ac1ac97da2d0ed8adc4b30bd874e198836 Loading...

	adrianafun.st/showthread.php?pid=984592&tid=321	ScriptElement	93 B	2023-03-11	2025-04-16
Pretty URL adrianafun.st/showthread.php?pid=984592&tid=321 IP 171.244.33.80 ASN #7552 Viettel Group Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-11 13:59 Last Seen2025-04-16 16:54 Times Seen57 Hash cd202b3e3c9b762287f52796893f09ab 4ba4ad93e28f236241e6100fe6a15f99df7f2f06 d3ed0aef9216d96db70ce170bfc087e9491ee2f817e73793dad03ef67b50f4fc Loading...

	adrianafun.st/jscripts/thread.js?ver=1827	ScriptElement	14 kB	2023-03-07	2025-04-16
Pretty URL adrianafun.st/jscripts/thread.js?ver=1827 IP 171.244.33.80 ASN #7552 Viettel Group Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:24 Last Seen2025-04-16 15:26 Times Seen50 Hash 540bea37310b2cc8978d6b85bd1053c9 ec6ff587bf02e9c82b0224366bd9431bd6e351ae 27d9988c04b4a3e56b18ac08125032f4d99314bfd330e88c369a5689afcc692e Loading...

	adrianafun.st/jscripts/rating.js?ver=1821	ScriptElement	3.4 kB	2023-03-11	2025-04-19
Pretty URL adrianafun.st/jscripts/rating.js?ver=1821 IP 171.244.33.80 ASN #7552 Viettel Group Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 13:59 Last Seen2025-04-19 06:33 Times Seen64 Hash 83fe01ba73bbd47b49b5cf31645b74f0 667951979fef0efa10281a880f350ccafc3aff5a 25bd6da99125cace89383f64c6e022ade70b97e08a97b6d323b67123012b221e Loading...

	adrianafun.st/showthread.php?pid=984592&tid=321	ScriptElement	215 B	2023-03-07	2025-04-16
Pretty URL adrianafun.st/showthread.php?pid=984592&tid=321 IP 171.244.33.80 ASN #7552 Viettel Group Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 21:24 Last Seen2025-04-16 16:54 Times Seen87 Hash 6561014543b35259f84b002f9fe2d911 9adef30f57086d737f6529d60242be08bf262091 0364a328c5f241e4e8af49d0f3088edc26a7372833ea00f6a35bb8279656830d Loading...

	adrianafun.st/showthread.php?pid=984592&tid=321	ScriptElement	306 B	2023-05-10	2025-02-23
Pretty URL adrianafun.st/showthread.php?pid=984592&tid=321 IP 171.244.33.80 ASN #7552 Viettel Group Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-10 14:20 Last Seen2025-02-23 17:42 Times Seen13 Hash ccd366071eb17f7a10738270dbbfeaab dbb736eb07063ae1188a755f43a166ab001d2834 0836465f3f518cec18772187c950680d5aca32ff92eb97878da93e03652a714b Loading...

	adrianafun.st/showthread.php?pid=984592&tid=321	ScriptElement	236 B	2023-03-07	2025-04-16
Pretty URL adrianafun.st/showthread.php?pid=984592&tid=321 IP 171.244.33.80 ASN #7552 Viettel Group Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 21:24 Last Seen2025-04-16 16:54 Times Seen66 Hash dbfffdd27dc96f0a67f1c35e91992f65 b13d973e2130816640e2cbdd99d2bf507a3b5aac 087af3e1e6a4ebb40712462987d2ebb79c802047ea47845967269a2acd5b9fee Loading...

	adrianafun.st/jscripts/report.js?ver=1820	ScriptElement	925 B	2023-03-07	2025-04-28
Pretty URL adrianafun.st/jscripts/report.js?ver=1820 IP 171.244.33.80 ASN #7552 Viettel Group Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:24 Last Seen2025-04-28 11:03 Times Seen95 Hash e750915e1cec2dda6aa240b193a960b8 a7eda9f37770a056b70b35279b4bb5a1f55c9d5b 1feb21e91253a450d8b9bc6273a8b4280664089793561d44f4ec474da496e43a Loading...

	adrianafun.st/jscripts/jeditable/jeditable.min.js	ScriptElement	8.1 kB	2023-03-07	2025-04-28
Pretty URL adrianafun.st/jscripts/jeditable/jeditable.min.js IP 171.244.33.80 ASN #7552 Viettel Group Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:24 Last Seen2025-04-28 11:03 Times Seen141 Hash 4f332fdf2de4e25eb3f5611bf7b6c354 53e8a6136fa9af4fe8b50e8068899da860657e1b b76e0536e5ae607a8453dc2dd7ac8d08779ba93e8f8700113ee2c1106f31fd79 Loading...

HTTP Transactions (54)

URL IP Response Size

adrianafun.st/showthread.php?pid=984592&tid=321

171.244.33.80

200 OK

11 kB

URL User Request GET HTTP/1.1
adrianafun.st/showthread.php?pid=984592&tid=321
IP
171.244.33.80:443
ASN
#7552 Viettel Group

Certificate
IssuerZeroSSL
Subjectadrianafun.st
Fingerprint0A:B1:48:D9:CE:5D:C8:48:65:97:96:3D:F1:D4:15:E1:49:0E:B4:3E
ValiditySun, 13 Oct 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (383), with CRLF, LF line terminators
Size
11 kB (10637 bytes)
Hash
7f4d4cc33639030a2e83d6da0a9cb886
eea83a95d1266577e3fe16fbd5336516e79d3eb6
3de9ba626d192d923bf828fe334f290128496e0c6f712a4d2ca133d72642dc8f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /showthread.php?pid=984592&tid=321 HTTP/1.1
Host: adrianafun.st
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Oct 2024 19:18:34 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, private
Set-Cookie: mybb[lastvisit]=1729970314; expires=Sun, 26-Oct-2025 19:18:34 GMT; path=/; domain=.adrianafun.st
mybb[lastactive]=1729970314; expires=Sun, 26-Oct-2025 19:18:34 GMT; path=/; domain=.adrianafun.st
sid=9e760c35f2315f642fbced947c3d5c53; path=/; domain=.adrianafun.st; HttpOnly
mybb[threadread]=a%3A1%3A%7Bi%3A321%3Bi%3A1729970314%3B%7D; path=/; domain=.adrianafun.st
Content-Encoding: gzip

hiddenhabor.top/static/images/banner.jpg

104.21.35.203

200 OK

58 kB

URL GET HTTP/2
hiddenhabor.top/static/images/banner.jpg
IP
104.21.35.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerGoogle Trust Services
Subjecthiddenhabor.top
FingerprintEC:C0:EB:0B:90:C3:C0:C8:D0:7B:AB:24:34:02:F6:DF:92:36:25:14
ValidityWed, 23 Oct 2024 09:09:47 GMT - Tue, 21 Jan 2025 09:09:46 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Windows), datetime=2024:03:03 07:10:05], progressive, precision 8, 468x60, components 3
Size
58 kB (57728 bytes)
Hash
61e902d01f0d2406d7e358225dc2729f
5ff23b949f090835731570e1f78f43782d5604e8
dd03a8110295840e1fed53ef996fd9a255e5889cf3934df9a6989a6c19ac07c6

HTTP Headers

GET /static/images/banner.jpg HTTP/1.1
Host: hiddenhabor.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adrianafun.st/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Oct 2024 19:18:35 GMT
content-type: image/jpeg
content-length: 57728
last-modified: Sun, 03 Mar 2024 12:47:52 GMT
etag: "65e47178-e180"
x-powered-by: PleskLin
cache-control: max-age=14400
cf-cache-status: HIT
age: 887
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zXdURymJthhWLxIK0FT8%2BWxEqRLKMjNo5KHPVZh897Ehaq1ujXIbRR2aaWjb2JmG%2FVg3s%2FcuQ4erSFEAnEaci%2B1Pcav%2BwvD4gqPyJO2Xuk1gUtLFCCoo2jrAP2KAoXcTtiM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d8ccb053db5b51d-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=16542&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3285&recv_bytes=1210&delivery_rate=262413&cwnd=253&unsent_bytes=0&cid=1f549c0a7f70c99c&ts=57&x=0"
X-Firefox-Spdy: h2

jblist.al/images/banner/jbcc.gif

172.67.210.43

200 OK

35 kB

URL GET HTTP/2
jblist.al/images/banner/jbcc.gif
IP
172.67.210.43:443
ASN
#13335 CLOUDFLARENET

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerGoogle Trust Services
Subjectjblist.al
FingerprintA0:5D:6F:7C:67:AD:AF:BF:3B:F9:44:E9:20:F0:A8:35:97:41:3C:45
ValidityFri, 30 Aug 2024 11:26:01 GMT - Thu, 28 Nov 2024 11:26:00 GMT

File type
GIF image data, version 89a, 88 x 31
Size
35 kB (34857 bytes)
Hash
4bcffad070cd3efb3afbf77b6bb543b0
a0d35ded2fcdf23ef65998413eb2edc477ce7efe
69ed62b3cb78a0f9635a00a6d40d70a2c0774bedb0807d113fe6d82994e12938

HTTP Headers

GET /images/banner/jbcc.gif HTTP/1.1
Host: jblist.al
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 26 Oct 2024 19:18:35 GMT
content-type: image/gif
content-length: 34857
last-modified: Thu, 16 Mar 2023 08:35:08 GMT
etag: "6412d4bc-8829"
expires: Thu, 31 Oct 2024 22:59:28 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: HIT
age: 2146747
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E4Hm2CUnz5HJUKL%2BjS3WfVVM8hf%2FW%2BrZWE%2BpOtMGhsREuknVEl6CI5zG%2B%2BRKCLgxlu4%2BKaAb1O3y3ZJNV1Jco5svVz2Oh8wUQ4gljVafRyFrInflaqmxRjhMHbw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d8ccb0588ec712b-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=16625&sent=6&recv=10&lost=0&retrans=0&sent_bytes=3191&recv_bytes=1059&delivery_rate=260182&cwnd=253&unsent_bytes=0&cid=67789810cce53146&ts=57&x=0"
X-Firefox-Spdy: h2

nudeyoung.info/images/logo.png

208.122.193.109

200 OK

13 kB

URL GET HTTP/2
nudeyoung.info/images/logo.png
IP
208.122.193.109:443
ASN
#27589 MOJOHOST

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerLet's Encrypt
Subjectnudeyoung.info
FingerprintB2:B6:76:F2:D9:14:73:B5:A0:D0:B9:89:5B:94:88:31:67:EC:F7:88
ValidityWed, 18 Sep 2024 22:55:27 GMT - Tue, 17 Dec 2024 22:55:26 GMT

File type
PNG image data, 420 x 100, 8-bit/color RGBA, non-interlaced
Size
13 kB (13108 bytes)
Hash
b84e11801034e8f00892112c2cc19172
1f5d6124595ead16425b664a777ca9d2291b09c2
245d9ff4a0dec2398ad49cac1d14bfdf6f0ba9bd088615828481ba5209ebfac6

HTTP Headers

GET /images/logo.png HTTP/1.1
Host: nudeyoung.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adrianafun.st/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 26 Oct 2024 19:18:35 GMT
content-type: image/png
content-length: 13108
last-modified: Thu, 11 Apr 2024 08:26:22 GMT
etag: "66179eae-3334"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-request-id: 9d749aba22a64bfa1be6ccc377fd6f8a
accept-ranges: bytes
X-Firefox-Spdy: h2

adrianafun.st/jscripts/jquery.plugins.min.js?ver=1821

171.244.33.80

200 OK

4.3 kB

URL GET HTTP/1.1
adrianafun.st/jscripts/jquery.plugins.min.js?ver=1821
IP
171.244.33.80:443
ASN
#7552 Viettel Group

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerZeroSSL
Subjectadrianafun.st
Fingerprint0A:B1:48:D9:CE:5D:C8:48:65:97:96:3D:F1:D4:15:E1:49:0E:B4:3E
ValiditySun, 13 Oct 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (14798)
Size
4.3 kB (4326 bytes)
Hash
cf1f71e20e14765d6d5ea640aa4f7fc7
d1f3a0e46dd50d3a4d1839cb821ad42802619def
a3f1ec1a12c5ba59cf41f98406b4a296f7a54b8c4904de9a6f1fc2e4db19b149

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /jscripts/jquery.plugins.min.js?ver=1821 HTTP/1.1
Host: adrianafun.st
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adrianafun.st/showthread.php?pid=984592&tid=321
Cookie: mybb[lastvisit]=1729970314; mybb[lastactive]=1729970314; sid=9e760c35f2315f642fbced947c3d5c53; mybb[threadread]=a%3A1%3A%7Bi%3A321%3Bi%3A1729970314%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Oct 2024 19:18:35 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 02 Nov 2023 04:00:00 GMT
Content-Encoding: gzip

adrianafun.st/cache/themes/theme1/global.css?t=1706725207

171.244.33.80

200 OK

6.1 kB

URL GET HTTP/1.1
adrianafun.st/cache/themes/theme1/global.css?t=1706725207
IP
171.244.33.80:443
ASN
#7552 Viettel Group

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerZeroSSL
Subjectadrianafun.st
Fingerprint0A:B1:48:D9:CE:5D:C8:48:65:97:96:3D:F1:D4:15:E1:49:0E:B4:3E
ValiditySun, 13 Oct 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
ASCII text
Size
6.1 kB (6138 bytes)
Hash
6dca31a92bd774f00e8513b3f141ca51
2f8b2c7d691ee232eb76b0c3e7c905419efe896c
969bc9ffb0d9ee825abb23a99e1f634f4cffe59df319d1afdcdf61e5733c2623

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cache/themes/theme1/global.css?t=1706725207 HTTP/1.1
Host: adrianafun.st
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adrianafun.st/showthread.php?pid=984592&tid=321
Cookie: mybb[lastvisit]=1729970314; mybb[lastactive]=1729970314; sid=9e760c35f2315f642fbced947c3d5c53; mybb[threadread]=a%3A1%3A%7Bi%3A321%3Bi%3A1729970314%3B%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Oct 2024 19:18:36 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 31 Jan 2024 18:20:07 GMT
Content-Encoding: gzip

adrianafun.st/cache/themes/theme1/star_ratings.css?t=1706725207

171.244.33.80

200 OK

486 B

URL GET HTTP/1.1
adrianafun.st/cache/themes/theme1/star_ratings.css?t=1706725207
IP
171.244.33.80:443
ASN
#7552 Viettel Group

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerZeroSSL
Subjectadrianafun.st
Fingerprint0A:B1:48:D9:CE:5D:C8:48:65:97:96:3D:F1:D4:15:E1:49:0E:B4:3E
ValiditySun, 13 Oct 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
ASCII text
Size
486 B (486 bytes)
Hash
ce9c2a1ed05902cdaf4b4f5f0a609ceb
9bdc1eed1b2a72b7099ceef0bd547e5003391f62
e3442a0ea1d9596000bbbdedcef16335b7db116b6543c1fa40d9c309606dc077

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cache/themes/theme1/star_ratings.css?t=1706725207 HTTP/1.1
Host: adrianafun.st
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adrianafun.st/showthread.php?pid=984592&tid=321
Cookie: mybb[lastvisit]=1729970314; mybb[lastactive]=1729970314; sid=9e760c35f2315f642fbced947c3d5c53; mybb[threadread]=a%3A1%3A%7Bi%3A321%3Bi%3A1729970314%3B%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Oct 2024 19:18:36 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 31 Jan 2024 18:20:07 GMT
Content-Encoding: gzip

adrianafun.st/jscripts/general.js?ver=1827

171.244.33.80

200 OK

4.6 kB

URL GET HTTP/1.1
adrianafun.st/jscripts/general.js?ver=1827
IP
171.244.33.80:443
ASN
#7552 Viettel Group

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerZeroSSL
Subjectadrianafun.st
Fingerprint0A:B1:48:D9:CE:5D:C8:48:65:97:96:3D:F1:D4:15:E1:49:0E:B4:3E
ValiditySun, 13 Oct 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (322)
Size
4.6 kB (4594 bytes)
Hash
373ad0e5af45e8cd17b064aaa7c2d465
9e83f3daac4c6387937fa2a3e98dbe9cc1c9169e
491afa838f1b1eef0454c529c8f6fcdcec59ea31110dda7430f85cc53fb82898

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /jscripts/general.js?ver=1827 HTTP/1.1
Host: adrianafun.st
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adrianafun.st/showthread.php?pid=984592&tid=321
Cookie: mybb[lastvisit]=1729970314; mybb[lastactive]=1729970314; sid=9e760c35f2315f642fbced947c3d5c53; mybb[threadread]=a%3A1%3A%7Bi%3A321%3Bi%3A1729970314%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Oct 2024 19:18:36 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 02 Nov 2023 04:00:00 GMT
Content-Encoding: gzip

adrianafun.st/cache/themes/theme1/showthread.css?t=1706725207

171.244.33.80

200 OK

303 B

URL GET HTTP/1.1
adrianafun.st/cache/themes/theme1/showthread.css?t=1706725207
IP
171.244.33.80:443
ASN
#7552 Viettel Group

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerZeroSSL
Subjectadrianafun.st
Fingerprint0A:B1:48:D9:CE:5D:C8:48:65:97:96:3D:F1:D4:15:E1:49:0E:B4:3E
ValiditySun, 13 Oct 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
ASCII text
Size
303 B (303 bytes)
Hash
505bdc48e30dc3be2936b660732c4a09
eff3f44c9cf81385a094c97f82656dba0c0cac22
52e7de2ab41fee74ab4c351aff8248a139559ce62c5e43792317e6a5ac598e20

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cache/themes/theme1/showthread.css?t=1706725207 HTTP/1.1
Host: adrianafun.st
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adrianafun.st/showthread.php?pid=984592&tid=321
Cookie: mybb[lastvisit]=1729970314; mybb[lastactive]=1729970314; sid=9e760c35f2315f642fbced947c3d5c53; mybb[threadread]=a%3A1%3A%7Bi%3A321%3Bi%3A1729970314%3B%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Oct 2024 19:18:36 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 31 Jan 2024 18:20:07 GMT
Content-Encoding: gzip

adrianafun.st/jscripts/jquery.js?ver=1823

171.244.33.80

200 OK

31 kB

URL GET HTTP/1.1
adrianafun.st/jscripts/jquery.js?ver=1823
IP
171.244.33.80:443
ASN
#7552 Viettel Group

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerZeroSSL
Subjectadrianafun.st
Fingerprint0A:B1:48:D9:CE:5D:C8:48:65:97:96:3D:F1:D4:15:E1:49:0E:B4:3E
ValiditySun, 13 Oct 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
31 kB (30875 bytes)
Hash
12b69d0ae6c6f0c42942ae6da2896e84
d2cc8d43ce1c854b1172e42b1209502ad563db83
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /jscripts/jquery.js?ver=1823 HTTP/1.1
Host: adrianafun.st
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adrianafun.st/showthread.php?pid=984592&tid=321
Cookie: mybb[lastvisit]=1729970314; mybb[lastactive]=1729970314; sid=9e760c35f2315f642fbced947c3d5c53; mybb[threadread]=a%3A1%3A%7Bi%3A321%3Bi%3A1729970314%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Oct 2024 19:18:35 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 02 Nov 2023 04:00:00 GMT
Content-Encoding: gzip

adrianafun.st/cache/themes/theme1/css3.css?t=1706725207

171.244.33.80

200 OK

583 B

URL GET HTTP/1.1
adrianafun.st/cache/themes/theme1/css3.css?t=1706725207
IP
171.244.33.80:443
ASN
#7552 Viettel Group

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerZeroSSL
Subjectadrianafun.st
Fingerprint0A:B1:48:D9:CE:5D:C8:48:65:97:96:3D:F1:D4:15:E1:49:0E:B4:3E
ValiditySun, 13 Oct 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
ASCII text
Size
583 B (583 bytes)
Hash
926db993b5ce157d2f8dc0a3ebbb198b
7b31fcb7d12af07bb714c01c03e13857a98a2bc3
ca63f43eff03f479ba21b135c7164d4ff0eef2d0cf3cea4767c1c52c14833f6e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cache/themes/theme1/css3.css?t=1706725207 HTTP/1.1
Host: adrianafun.st
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adrianafun.st/showthread.php?pid=984592&tid=321
Cookie: mybb[lastvisit]=1729970314; mybb[lastactive]=1729970314; sid=9e760c35f2315f642fbced947c3d5c53; mybb[threadread]=a%3A1%3A%7Bi%3A321%3Bi%3A1729970314%3B%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Oct 2024 19:18:36 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 31 Jan 2024 18:20:07 GMT
Content-Encoding: gzip

adrianafun.st/css.php?stylesheet%5B0%5D=19

171.244.33.80

200 OK

329 B

URL GET HTTP/1.1
adrianafun.st/css.php?stylesheet%5B0%5D=19
IP
171.244.33.80:443
ASN
#7552 Viettel Group

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerZeroSSL
Subjectadrianafun.st
Fingerprint0A:B1:48:D9:CE:5D:C8:48:65:97:96:3D:F1:D4:15:E1:49:0E:B4:3E
ValiditySun, 13 Oct 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
329 B (329 bytes)
Hash
c7861fb1e255f3b4b90074eb570a38f1
d3d164aeed9608d57a8727db3159c80eecd8ae92
f42c20f5496558cacab16f22e3bda5b6a9debeff3407be8e869e96dfdf807638

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css.php?stylesheet%5B0%5D=19 HTTP/1.1
Host: adrianafun.st
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adrianafun.st/showthread.php?pid=984592&tid=321
Cookie: mybb[lastvisit]=1729970314; mybb[lastactive]=1729970314; sid=9e760c35f2315f642fbced947c3d5c53; mybb[threadread]=a%3A1%3A%7Bi%3A321%3Bi%3A1729970314%3B%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Oct 2024 19:18:37 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip

adrianafun.st/jscripts/jeditable/jeditable.min.js

171.244.33.80

200 OK

2.2 kB

URL GET HTTP/1.1
adrianafun.st/jscripts/jeditable/jeditable.min.js
IP
171.244.33.80:443
ASN
#7552 Viettel Group

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerZeroSSL
Subjectadrianafun.st
Fingerprint0A:B1:48:D9:CE:5D:C8:48:65:97:96:3D:F1:D4:15:E1:49:0E:B4:3E
ValiditySun, 13 Oct 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (826)
Size
2.2 kB (2187 bytes)
Hash
4f332fdf2de4e25eb3f5611bf7b6c354
53e8a6136fa9af4fe8b50e8068899da860657e1b
b76e0536e5ae607a8453dc2dd7ac8d08779ba93e8f8700113ee2c1106f31fd79

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /jscripts/jeditable/jeditable.min.js HTTP/1.1
Host: adrianafun.st
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adrianafun.st/showthread.php?pid=984592&tid=321
Cookie: mybb[lastvisit]=1729970314; mybb[lastactive]=1729970314; sid=9e760c35f2315f642fbced947c3d5c53; mybb[threadread]=a%3A1%3A%7Bi%3A321%3Bi%3A1729970314%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Oct 2024 19:18:37 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 02 Nov 2023 04:00:00 GMT
Content-Encoding: gzip

adrianafun.st/jscripts/report.js?ver=1820

171.244.33.80

200 OK

410 B

URL GET HTTP/1.1
adrianafun.st/jscripts/report.js?ver=1820
IP
171.244.33.80:443
ASN
#7552 Viettel Group

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerZeroSSL
Subjectadrianafun.st
Fingerprint0A:B1:48:D9:CE:5D:C8:48:65:97:96:3D:F1:D4:15:E1:49:0E:B4:3E
ValiditySun, 13 Oct 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
410 B (410 bytes)
Hash
e750915e1cec2dda6aa240b193a960b8
a7eda9f37770a056b70b35279b4bb5a1f55c9d5b
1feb21e91253a450d8b9bc6273a8b4280664089793561d44f4ec474da496e43a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /jscripts/report.js?ver=1820 HTTP/1.1
Host: adrianafun.st
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adrianafun.st/showthread.php?pid=984592&tid=321
Cookie: mybb[lastvisit]=1729970314; mybb[lastactive]=1729970314; sid=9e760c35f2315f642fbced947c3d5c53; mybb[threadread]=a%3A1%3A%7Bi%3A321%3Bi%3A1729970314%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Oct 2024 19:18:37 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 02 Nov 2023 04:00:00 GMT
Content-Encoding: gzip

adrianafun.st/jscripts/thread.js?ver=1827

171.244.33.80

200 OK

3.4 kB

URL GET HTTP/1.1
adrianafun.st/jscripts/thread.js?ver=1827
IP
171.244.33.80:443
ASN
#7552 Viettel Group

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerZeroSSL
Subjectadrianafun.st
Fingerprint0A:B1:48:D9:CE:5D:C8:48:65:97:96:3D:F1:D4:15:E1:49:0E:B4:3E
ValiditySun, 13 Oct 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
3.4 kB (3437 bytes)
Hash
540bea37310b2cc8978d6b85bd1053c9
ec6ff587bf02e9c82b0224366bd9431bd6e351ae
27d9988c04b4a3e56b18ac08125032f4d99314bfd330e88c369a5689afcc692e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /jscripts/thread.js?ver=1827 HTTP/1.1
Host: adrianafun.st
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adrianafun.st/showthread.php?pid=984592&tid=321
Cookie: mybb[lastvisit]=1729970314; mybb[lastactive]=1729970314; sid=9e760c35f2315f642fbced947c3d5c53; mybb[threadread]=a%3A1%3A%7Bi%3A321%3Bi%3A1729970314%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Oct 2024 19:18:37 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 02 Nov 2023 04:00:00 GMT
Content-Encoding: gzip

imgpimp.xyz/img/56jeh4age1hytm.png

188.114.97.1

200 OK

18 kB

URL GET HTTP/2
imgpimp.xyz/img/56jeh4age1hytm.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerGoogle Trust Services
Subjectimgpimp.xyz
FingerprintD5:39:F0:E7:6F:B8:BC:8A:BF:6B:8D:D3:5A:9E:3A:2C:AE:0E:11:51
ValidityFri, 13 Sep 2024 09:41:04 GMT - Thu, 12 Dec 2024 09:41:03 GMT

File type
PNG image data, 486 x 60, 8-bit/color RGB, non-interlaced
Size
18 kB (18068 bytes)
Hash
d97efd4545fafe800804dcac7cec605d
a1a1a0419ff5d78a24e84e1a429d9979df88b93b
2ae91884888bd8bb2c588dcc23534f104a737a0dbcf5a951cbcbf68ef77a6d69

HTTP Headers

GET /img/56jeh4age1hytm.png HTTP/1.1
Host: imgpimp.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adrianafun.st/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 26 Oct 2024 19:18:37 GMT
content-type: image/png
content-length: 18068
last-modified: Fri, 03 May 2024 10:42:31 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 6283
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0zx25G32jqo4NNiEAbGreS9nH7IqyrWC5y%2FADapEyBpm7L64F6XpaM%2B9y0vakf%2FVX0vtN5RyVhWukRO0jIRxor28%2BK7o%2F3fFGrqQzMwMFc8ZqeTTdZ5paKOqS9YwKA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d8ccb1478620b3d-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=16449&sent=9&recv=14&lost=0&retrans=0&sent_bytes=3200&recv_bytes=1324&delivery_rate=261089&cwnd=253&unsent_bytes=0&cid=1e1b2426c80c551a&ts=85&x=0"
X-Firefox-Spdy: h2

jbhub.cc/images/jbhub.jpg

172.67.134.152

301 Moved Permanently

167 B

URL GET HTTP/2
jbhub.cc/images/jbhub.jpg
IP
172.67.134.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerGoogle Trust Services
Subjectjbhub.cc
FingerprintEE:4E:D1:43:EE:B4:66:56:68:6F:79:37:A5:D5:8B:DE:B0:B5:73:79
ValidityMon, 07 Oct 2024 16:43:57 GMT - Sun, 05 Jan 2025 16:43:56 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
0104c301c5e02bd6148b8703d19b3a73
7436e0b4b1f8c222c38069890b75fa2baf9ca620
446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/jbhub.jpg HTTP/1.1
Host: jbhub.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Sat, 26 Oct 2024 19:18:37 GMT
content-type: text/html
content-length: 167
location: http://jbhub.top/images/jbhub.jpg
cache-control: max-age=3600
expires: Sat, 26 Oct 2024 20:18:37 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4v4Z%2FDw7o8Gq2KTVu5X%2BfYihOIxHykxyufeNLjHhA2I3hOBaoJVkCULDtYv7W3tbj%2Bz%2Bp%2Bfs8iimXRlfwbLUhjJG0OvHNvUzqj7Q7%2Bq5imAt1FbKknY28Yq%2Fsw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d8ccb147dd456ab-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=16509&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3263&recv_bytes=1175&delivery_rate=261089&cwnd=253&unsent_bytes=0&cid=772017daeffecce5&ts=88&x=0"
X-Firefox-Spdy: h2

imgpimp.xyz/img/54knvrsvef.png

188.114.97.1

200 OK

80 kB

URL GET HTTP/2
imgpimp.xyz/img/54knvrsvef.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerGoogle Trust Services
Subjectimgpimp.xyz
FingerprintD5:39:F0:E7:6F:B8:BC:8A:BF:6B:8D:D3:5A:9E:3A:2C:AE:0E:11:51
ValidityFri, 13 Sep 2024 09:41:04 GMT - Thu, 12 Dec 2024 09:41:03 GMT

File type
PNG image data, 472 x 68, 8-bit/color RGB, non-interlaced
Size
80 kB (80431 bytes)
Hash
dc568247fcce43a3169c15f2b8fa6804
23a6719d40345578535024f18b16c827847d5323
063d45da06307e15b0cbf1c6d2b7fce558201da56759a812d3bb11d05b241dfb

HTTP Headers

GET /img/54knvrsvef.png HTTP/1.1
Host: imgpimp.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adrianafun.st/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 26 Oct 2024 19:18:37 GMT
content-type: image/png
content-length: 80431
last-modified: Sun, 22 Sep 2024 14:40:17 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 96
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NutxIxkHX6JurODhkLkaXv%2BSrbXbXkzW5h788RUqKexX%2Bmjg%2FNjegdEekVZp4aCA6EW1NMcZoqZMQx6Da1NBYQAsbvNJ2gGwnkyJdzMRT9Mqj4my1HLQo%2Fdk82tUlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d8ccb1478650b3d-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=16449&sent=25&recv=14&lost=0&retrans=0&sent_bytes=22256&recv_bytes=1324&delivery_rate=261089&cwnd=253&unsent_bytes=0&cid=1e1b2426c80c551a&ts=87&x=0"
X-Firefox-Spdy: h2

imgpimp.xyz/img/oivh8394fg2.png

188.114.97.1

200 OK

20 kB

URL GET HTTP/2
imgpimp.xyz/img/oivh8394fg2.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerGoogle Trust Services
Subjectimgpimp.xyz
FingerprintD5:39:F0:E7:6F:B8:BC:8A:BF:6B:8D:D3:5A:9E:3A:2C:AE:0E:11:51
ValidityFri, 13 Sep 2024 09:41:04 GMT - Thu, 12 Dec 2024 09:41:03 GMT

File type
PNG image data, 486 x 60, 8-bit/color RGB, non-interlaced
Size
20 kB (20401 bytes)
Hash
73eb78a346ad4cb0e5cf520b7de71280
4d96c00f667d1e70981ab18f5cc066770f47db41
48b3acb4af0ef02ff40a92b98d9592bce96dec7db1170dc86253328fceabb36a

HTTP Headers

GET /img/oivh8394fg2.png HTTP/1.1
Host: imgpimp.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adrianafun.st/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 26 Oct 2024 19:18:37 GMT
content-type: image/png
content-length: 20401
last-modified: Tue, 30 Jul 2024 13:57:37 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 6283
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lx%2BArAnasycABFwT9PaRDkj19EZMr7KonfKP41D3QVmkAoSK9830KhH4IqykWGsaWjoccN%2FQuP2FeiLrOUkxxZLKOvS8h51VBuf008tvnNg7ZOPz1N3HgnIgTV2veA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d8ccb1478680b3d-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=16449&sent=58&recv=14&lost=0&retrans=0&sent_bytes=67297&recv_bytes=1324&delivery_rate=261089&cwnd=253&unsent_bytes=31856&cid=1e1b2426c80c551a&ts=88&x=0"
X-Firefox-Spdy: h2

t93.pixhost.to/thumbs/176/437410747_banner-jbz.jpg

94.229.45.2

200 OK

9.4 kB

URL GET HTTP/1.1
t93.pixhost.to/thumbs/176/437410747_banner-jbz.jpg
IP
94.229.45.2:443
ASN
#48326 DataNetworks s.r.o.

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerLet's Encrypt
Subjectpixhost.to
FingerprintEA:CE:50:31:06:2B:A4:78:22:3E:36:F0:65:59:0F:FE:E8:7E:70:2D
ValidityFri, 13 Sep 2024 13:35:39 GMT - Thu, 12 Dec 2024 13:35:38 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), default quality", baseline, precision 8, 468x60, components 3
Size
9.4 kB (9388 bytes)
Hash
c99a64572051230e72d616fc8c3fd9a7
dabde13e1de4982dbf7b43256bfc10596f603593
26ae0fa15793f4011461258789bc318b80373027639b91fd8d69079497ea577a

HTTP Headers

GET /thumbs/176/437410747_banner-jbz.jpg HTTP/1.1
Host: t93.pixhost.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adrianafun.st/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Sat, 26 Oct 2024 19:18:37 GMT
Content-Type: image/jpeg
Content-Length: 9388
Last-Modified: Mon, 15 Jan 2024 04:03:30 GMT
Connection: keep-alive
ETag: "65a4ae92-24ac"
Cache-Control: max-age=604800, public
Accept-Ranges: bytes

imgpimp.xyz/img/pvj9h487g3df3.png

188.114.97.1

200 OK

86 kB

URL GET HTTP/2
imgpimp.xyz/img/pvj9h487g3df3.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerGoogle Trust Services
Subjectimgpimp.xyz
FingerprintD5:39:F0:E7:6F:B8:BC:8A:BF:6B:8D:D3:5A:9E:3A:2C:AE:0E:11:51
ValidityFri, 13 Sep 2024 09:41:04 GMT - Thu, 12 Dec 2024 09:41:03 GMT

File type
PNG image data, 472 x 68, 8-bit/color RGB, non-interlaced
Size
86 kB (86215 bytes)
Hash
2bf9d4984770d708b9ca5ed6c4d7ed71
b63d0feaa0b6b5be343eb3d4319c1f90c4699bf1
0b014560a45f7a4a2cf43f70ac9219d9439b9a56e957322ddf183296d1b90cc5

HTTP Headers

GET /img/pvj9h487g3df3.png HTTP/1.1
Host: imgpimp.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adrianafun.st/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 26 Oct 2024 19:18:37 GMT
content-type: image/png
content-length: 86215
last-modified: Mon, 05 Aug 2024 11:33:06 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 809
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wTisMc9hkVAJn9DHGkTG3DoReoLyw4t%2Fmg6Qc5reWqUtOVCW2oXy%2FCjmUjSAtcAW4hJq9q%2FlEZRW6RE6jH7T50S0S1bGz86GXetrxnuqmYUk63RXzjB7n9bHvT%2F3oA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d8ccb14786c0b3d-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=16449&sent=58&recv=14&lost=0&retrans=0&sent_bytes=67297&recv_bytes=1324&delivery_rate=261089&cwnd=253&unsent_bytes=31856&cid=1e1b2426c80c551a&ts=93&x=0"
X-Firefox-Spdy: h2

adrianafun.st/jscripts/rating.js?ver=1821

171.244.33.80

200 OK

1.1 kB

URL GET HTTP/1.1
adrianafun.st/jscripts/rating.js?ver=1821
IP
171.244.33.80:443
ASN
#7552 Viettel Group

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerZeroSSL
Subjectadrianafun.st
Fingerprint0A:B1:48:D9:CE:5D:C8:48:65:97:96:3D:F1:D4:15:E1:49:0E:B4:3E
ValiditySun, 13 Oct 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
1.1 kB (1124 bytes)
Hash
83fe01ba73bbd47b49b5cf31645b74f0
667951979fef0efa10281a880f350ccafc3aff5a
25bd6da99125cace89383f64c6e022ade70b97e08a97b6d323b67123012b221e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /jscripts/rating.js?ver=1821 HTTP/1.1
Host: adrianafun.st
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adrianafun.st/showthread.php?pid=984592&tid=321
Cookie: mybb[lastvisit]=1729970314; mybb[lastactive]=1729970314; sid=9e760c35f2315f642fbced947c3d5c53; mybb[threadread]=a%3A1%3A%7Bi%3A321%3Bi%3A1729970314%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Oct 2024 19:18:37 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 02 Nov 2023 04:00:00 GMT
Content-Encoding: gzip

candygirlz.cc/images/banner.jpg

104.21.32.108

200 OK

55 kB

URL GET HTTP/2
candygirlz.cc/images/banner.jpg
IP
104.21.32.108:443
ASN
#13335 CLOUDFLARENET

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerGoogle Trust Services
Subjectcandygirlz.cc
Fingerprint84:02:36:77:13:F9:C8:FF:F6:A3:1A:1F:9E:CD:A9:7A:E8:BA:8F:B0
ValidityThu, 19 Sep 2024 21:02:13 GMT - Wed, 18 Dec 2024 21:02:12 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Windows), datetime=2019:04:18 19:51:35], progressive, precision 8, 468x60, components 3
Size
55 kB (54818 bytes)
Hash
7a600be33cd99f557f3a3a9aaf6c7ad0
fbac7f54a38e2f7a5080d63841130362075cc287
1bf6112f6d4a164947ab84350d7476f1664a70007fad4d6e4f341a18d026bf98

HTTP Headers

GET /images/banner.jpg HTTP/1.1
Host: candygirlz.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adrianafun.st/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 26 Oct 2024 19:18:37 GMT
content-type: image/jpeg
content-length: 54818
last-modified: Wed, 05 Aug 2020 14:13:20 GMT
etag: "5f2abe80-d622"
x-powered-by: PleskLin
cache-control: max-age=14400
cf-cache-status: HIT
age: 1500
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=za3tqw01Mstszg6LPAwjKfiiGdpmQKeen61steR7Ssm7zQIlDMotsb3sFeD%2Bf6l2g2Je73Fm7mhRWTHswTOSmOrdkM5f%2BU4PrM0v%2B4%2F3GRichzfA4Jo8E1exZoJ1URb4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d8ccb148d5fb521-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=16501&sent=6&recv=11&lost=0&retrans=0&sent_bytes=3201&recv_bytes=1076&delivery_rate=260478&cwnd=253&unsent_bytes=0&cid=b6711880d5f8aa5f&ts=103&x=0"
X-Firefox-Spdy: h2

img0.pixhost.to/images/141/520694189_nvur934fn.png

94.229.45.2

200 OK

122 kB

URL GET HTTP/1.1
img0.pixhost.to/images/141/520694189_nvur934fn.png
IP
94.229.45.2:443
ASN
#48326 DataNetworks s.r.o.

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerLet's Encrypt
Subjectpixhost.to
FingerprintEA:CE:50:31:06:2B:A4:78:22:3E:36:F0:65:59:0F:FE:E8:7E:70:2D
ValidityFri, 13 Sep 2024 13:35:39 GMT - Thu, 12 Dec 2024 13:35:38 GMT

File type
PNG image data, 728 x 90, 8-bit/color RGB, non-interlaced
Size
122 kB (122271 bytes)
Hash
cdc4b0a68174b7aa1a5858156f442c80
7ef5d918d4731bc246c0873e541d7830d5e2bbd0
33925a86dadf19944d06d294b6b41e5adf46f2d3c938426dddba4745b99150f5

HTTP Headers

GET /images/141/520694189_nvur934fn.png HTTP/1.1
Host: img0.pixhost.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adrianafun.st/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Sat, 26 Oct 2024 19:18:37 GMT
Content-Type: image/png
Content-Length: 122271
Last-Modified: Tue, 08 Oct 2024 18:43:29 GMT
Connection: keep-alive
ETag: "67057d51-1dd9f"
Cache-Control: max-age=604800, public
Accept-Ranges: bytes

img97.pixhost.to/images/518/504007632_rhwtsh.png

94.229.45.2

200 OK

77 kB

URL GET HTTP/1.1
img97.pixhost.to/images/518/504007632_rhwtsh.png
IP
94.229.45.2:443
ASN
#48326 DataNetworks s.r.o.

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerLet's Encrypt
Subjectpixhost.to
FingerprintEA:CE:50:31:06:2B:A4:78:22:3E:36:F0:65:59:0F:FE:E8:7E:70:2D
ValidityFri, 13 Sep 2024 13:35:39 GMT - Thu, 12 Dec 2024 13:35:38 GMT

File type
PNG image data, 468 x 58, 8-bit/color RGB, non-interlaced
Size
77 kB (76955 bytes)
Hash
18304257aa2232ceffe0281993102d45
7cd04a6585777c3c9b6be99ecba8883f0e0d75ff
0e6e20eadb044ae0f0065911ce954407e4258d498cea28a9d2a01ef726904f25

HTTP Headers

GET /images/518/504007632_rhwtsh.png HTTP/1.1
Host: img97.pixhost.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adrianafun.st/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Sat, 26 Oct 2024 19:18:37 GMT
Content-Type: image/png
Content-Length: 76955
Last-Modified: Mon, 12 Aug 2024 15:55:09 GMT
Connection: keep-alive
ETag: "66ba305d-12c9b"
Cache-Control: max-age=604800, public
Accept-Ranges: bytes

jbhub.al/images/jbhub.jpeg

188.114.96.1

301 Moved Permanently

167 B

URL GET HTTP/2
jbhub.al/images/jbhub.jpeg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerGoogle Trust Services
Subjectjbhub.al
Fingerprint69:BA:E3:CC:76:65:F0:77:B8:D9:B8:85:A8:E7:02:00:4C:B6:32:38
ValidityFri, 13 Sep 2024 12:31:31 GMT - Thu, 12 Dec 2024 12:31:30 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
0104c301c5e02bd6148b8703d19b3a73
7436e0b4b1f8c222c38069890b75fa2baf9ca620
446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

HTTP Headers

GET /images/jbhub.jpeg HTTP/1.1
Host: jbhub.al
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Sat, 26 Oct 2024 19:18:37 GMT
content-type: text/html
content-length: 167
location: http://jbhub.biz/images/jbhub.jpeg
cache-control: max-age=3600
expires: Sat, 26 Oct 2024 20:18:37 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7cMyd9%2FEtalmHsSN8wpwH9QZvegsEQBCKFY%2Fn3kGELmRduY3Ffl0uxlCVpksWvNl6mz0R16gf0mobyszj8B82JItFSFW71t6iMTK0PWp0%2Fcr%2Fp7Ft8zfIxoPEw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d8ccb15bf9256c4-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=16503&sent=6&recv=9&lost=0&retrans=0&sent_bytes=3188&recv_bytes=1024&delivery_rate=262350&cwnd=252&unsent_bytes=0&cid=a1a244c532e50646&ts=44&x=0"
X-Firefox-Spdy: h2

imgpimp.xyz/img/vu4185vjqnwfdfw.png

188.114.97.1

200 OK

50 kB

URL GET HTTP/3
imgpimp.xyz/img/vu4185vjqnwfdfw.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerGoogle Trust Services
Subjectimgpimp.xyz
FingerprintD5:39:F0:E7:6F:B8:BC:8A:BF:6B:8D:D3:5A:9E:3A:2C:AE:0E:11:51
ValidityFri, 13 Sep 2024 09:41:04 GMT - Thu, 12 Dec 2024 09:41:03 GMT

File type
PNG image data, 486 x 60, 8-bit/color RGB, non-interlaced
Size
50 kB (49990 bytes)
Hash
f461f001da923b72f91b9662c22afc5a
2351b4b8b1b7fe0840869cd87de25aa932e74d99
4ce8edd5840f1874b38da36f6f447d6a6e75adc7dfe9796633e09af5ac199e4b

HTTP Headers

GET /img/vu4185vjqnwfdfw.png HTTP/1.1
Host: imgpimp.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adrianafun.st/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 26 Oct 2024 19:18:37 GMT
content-type: image/png
content-length: 49990
last-modified: Sun, 11 Aug 2024 13:13:29 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 388
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2sVgrmCsqrayBqJ6jzq5DPzzivfTH1zgIXu2cBwtIQFy02FykhIvkuUOYPSWNL0dTcdBnCDq6YjCDIyq%2BUic14GPiiEnx%2BMQHdH92Dh%2FPZWzqyH1F%2BBFf4RKd3ucPg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d8ccb15cd0456cc-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=30996&sent=11&recv=6&lost=0&retrans=0&sent_bytes=4040&recv_bytes=1099&delivery_rate=32664&cwnd=12000&unsent_bytes=0&cid=4e7ccc2abb89b21f&ts=195&x=1", cfExtPri, cfHdrFlush;dur=0

jbhub.biz/images/jbhub.jpeg

188.114.96.1

301 Moved Permanently

167 B

URL GET HTTP/2
jbhub.biz/images/jbhub.jpeg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerGoogle Trust Services
Subjectjbhub.biz
Fingerprint61:8A:47:B6:C6:79:86:6D:93:C8:A9:0D:05:A6:1C:26:9F:39:48:BC
ValidityWed, 23 Oct 2024 12:01:47 GMT - Tue, 21 Jan 2025 12:01:46 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
0104c301c5e02bd6148b8703d19b3a73
7436e0b4b1f8c222c38069890b75fa2baf9ca620
446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

HTTP Headers

GET /images/jbhub.jpeg HTTP/1.1
Host: jbhub.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Sat, 26 Oct 2024 19:18:37 GMT
content-type: text/html
content-length: 167
location: http://jbhub.st/images/jbhub.jpeg
cache-control: max-age=3600
expires: Sat, 26 Oct 2024 20:18:37 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LHmLiMxgTTVrtzHOpQXXQrNXulYmJ8kxglMQ%2FCC2MzN5XFnMzHOAtvbgyYncV5u7SLNZ7erIqwdsJz6a1pPc9oJVABSLg4yvdK%2BoPDXIYlPmmTign7fhTEHb1o8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d8ccb16ad767127-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=16520&sent=6&recv=9&lost=0&retrans=0&sent_bytes=3192&recv_bytes=1025&delivery_rate=260603&cwnd=252&unsent_bytes=0&cid=a1b1216c3fe96442&ts=43&x=0"
X-Firefox-Spdy: h2

jbhub.top/images/jbhub.jpg

104.21.10.177

200 OK

7.5 kB

URL GET HTTP/2
jbhub.top/images/jbhub.jpg
IP
104.21.10.177:443
ASN
#13335 CLOUDFLARENET

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerGoogle Trust Services
Subjectjbhub.top
Fingerprint58:11:3F:F9:88:6C:15:1E:01:D0:60:66:AE:90:30:9B:EF:78:73:C6
ValidityFri, 30 Aug 2024 02:45:21 GMT - Thu, 28 Nov 2024 02:45:20 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 468x60, components 3
Size
7.5 kB (7455 bytes)
Hash
4d5f891e72168f8c22b1db474912bb0c
3571fdb60de1fe6c827a7b9f7f926d8a8c545ad0
a82c465b8b3148e16e0adbcf693d715ec77f3af78f16e4ecf8d24f27ed184fe4

HTTP Headers

GET /images/jbhub.jpg HTTP/1.1
Host: jbhub.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 26 Oct 2024 19:18:37 GMT
content-type: image/jpeg
content-length: 7455
last-modified: Mon, 15 Apr 2024 06:20:43 GMT
etag: "661cc73b-1d1f"
expires: Mon, 25 Nov 2024 04:57:14 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: HIT
age: 51682
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F43WUXuOqtrEQthwfChipKRDEzF%2BroiqB5jA%2FaAYtjjKT6uagaEH8tn7EH%2F3Lq5w4U1ehYJobqvPQ48KXQfWhMlrZW0HxvoKRPbizaznJLntBCWxz%2BA6U%2Bb1MqA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8d8ccb16aae4e4de-RIX
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=20059&sent=8&recv=9&lost=0&retrans=0&sent_bytes=3193&recv_bytes=1024&delivery_rate=229525&cwnd=34&unsent_bytes=0&cid=a0a3cf10c939c552&ts=71&x=0"
X-Firefox-Spdy: h2

jbhub.st/images/jbhub.jpeg

31.220.1.49

200 OK

8.4 kB

URL GET HTTP/2
jbhub.st/images/jbhub.jpeg
IP
31.220.1.49:443
ASN
#206264 Amarutu Technology Ltd

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerLet's Encrypt
Subjectjbhub.st
Fingerprint40:C6:46:7E:2B:92:FE:C3:6B:07:EA:5B:72:60:B8:51:DB:E2:F7:02
ValidityThu, 12 Sep 2024 09:28:23 GMT - Wed, 11 Dec 2024 09:28:22 GMT

File type
JPEG image data, progressive, precision 8, 88x31, components 3
Size
8.4 kB (8367 bytes)
Hash
33beefe223e8fad2d43e5c3e24158cb4
b5385bdbf7a51c26cb6f10ccd421a172d444c06c
6fb88c9f3eaf7916a697c739c4403ee450fd61efff69af98e69e4667c7fe7dd9

HTTP Headers

GET /images/jbhub.jpeg HTTP/1.1
Host: jbhub.st
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 26 Oct 2024 19:18:37 GMT
content-type: image/jpeg
content-length: 8367
last-modified: Mon, 18 Mar 2024 04:39:11 GMT
etag: "65f7c56f-20af"
expires: Mon, 25 Nov 2024 19:18:37 GMT
pragma: public
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
X-Firefox-Spdy: h2

adrianafun.st/images/star.png

171.244.33.80

200 OK

507 B

URL GET HTTP/1.1
adrianafun.st/images/star.png
IP
171.244.33.80:443
ASN
#7552 Viettel Group

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerZeroSSL
Subjectadrianafun.st
Fingerprint0A:B1:48:D9:CE:5D:C8:48:65:97:96:3D:F1:D4:15:E1:49:0E:B4:3E
ValiditySun, 13 Oct 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
507 B (507 bytes)
Hash
326a371b68658af5b686032dd2228400
1b73fe7082f7caab7b2e28171f983d589c627d90
a9998e3929197f70abb1e475f7dcd76e7a9674bbfd68c02195afd756f51cad52

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/star.png HTTP/1.1
Host: adrianafun.st
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adrianafun.st/showthread.php?pid=984592&tid=321
Cookie: mybb[lastvisit]=1729970314; mybb[lastactive]=1729970314; sid=9e760c35f2315f642fbced947c3d5c53; mybb[threadread]=a%3A1%3A%7Bi%3A321%3Bi%3A1729970314%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Oct 2024 19:18:38 GMT
Content-Type: image/png
Content-Length: 507
Connection: keep-alive
Last-Modified: Thu, 02 Nov 2023 04:00:00 GMT
Accept-Ranges: bytes

adrianafun.st/images/default_avatar.png

171.244.33.80

200 OK

992 B

URL GET HTTP/1.1
adrianafun.st/images/default_avatar.png
IP
171.244.33.80:443
ASN
#7552 Viettel Group

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerZeroSSL
Subjectadrianafun.st
Fingerprint0A:B1:48:D9:CE:5D:C8:48:65:97:96:3D:F1:D4:15:E1:49:0E:B4:3E
ValiditySun, 13 Oct 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
PNG image data, 100 x 100, 8-bit grayscale, non-interlaced
Size
992 B (992 bytes)
Hash
af3494feba7b57c111439fcd90f713e5
b93a65926f30a3eca8a93928fcad747b58525309
6dffa735ee25b187ddf40f3225fdce80a280db12175671ded6a4d7a7e99d2725

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/default_avatar.png HTTP/1.1
Host: adrianafun.st
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adrianafun.st/showthread.php?pid=984592&tid=321
Cookie: mybb[lastvisit]=1729970314; mybb[lastactive]=1729970314; sid=9e760c35f2315f642fbced947c3d5c53; mybb[threadread]=a%3A1%3A%7Bi%3A321%3Bi%3A1729970314%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Oct 2024 19:18:38 GMT
Content-Type: image/png
Content-Length: 992
Connection: keep-alive
Last-Modified: Thu, 02 Nov 2023 04:00:00 GMT
Accept-Ranges: bytes

adrianafun.st/images/arrow_down.png

171.244.33.80

200 OK

289 B

URL GET HTTP/1.1
adrianafun.st/images/arrow_down.png
IP
171.244.33.80:443
ASN
#7552 Viettel Group

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerZeroSSL
Subjectadrianafun.st
Fingerprint0A:B1:48:D9:CE:5D:C8:48:65:97:96:3D:F1:D4:15:E1:49:0E:B4:3E
ValiditySun, 13 Oct 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
289 B (289 bytes)
Hash
c6da159d691d842ac9072644949520e7
23a92e9d6aaa254dcdf153b84103a66cdcbf75c6
4899cf15bbcc4d6d63e0868f8febe6f0a8b93fcef72fc8e5c1da32636afce2e7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/arrow_down.png HTTP/1.1
Host: adrianafun.st
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adrianafun.st/showthread.php?pid=984592&tid=321
Cookie: mybb[lastvisit]=1729970314; mybb[lastactive]=1729970314; sid=9e760c35f2315f642fbced947c3d5c53; mybb[threadread]=a%3A1%3A%7Bi%3A321%3Bi%3A1729970314%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Oct 2024 19:18:38 GMT
Content-Type: image/png
Content-Length: 289
Connection: keep-alive
Last-Modified: Thu, 02 Nov 2023 04:00:00 GMT
Accept-Ranges: bytes

adrianafun.st/images/nav_bit.png

171.244.33.80

200 OK

86 B

URL GET HTTP/1.1
adrianafun.st/images/nav_bit.png
IP
171.244.33.80:443
ASN
#7552 Viettel Group

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerZeroSSL
Subjectadrianafun.st
Fingerprint0A:B1:48:D9:CE:5D:C8:48:65:97:96:3D:F1:D4:15:E1:49:0E:B4:3E
ValiditySun, 13 Oct 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
PNG image data, 15 x 15, 8-bit/color RGBA, non-interlaced
Size
86 B (86 bytes)
Hash
918839ed4dd4400570446568b618d34a
b5e3d9cc407bf5b777d184e17cda2d1962abdb26
59d3751e6d307cdf95243f8d969e93de7a67f631e173b7d7d9faf3086d2afc9e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/nav_bit.png HTTP/1.1
Host: adrianafun.st
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adrianafun.st/showthread.php?pid=984592&tid=321
Cookie: mybb[lastvisit]=1729970314; mybb[lastactive]=1729970314; sid=9e760c35f2315f642fbced947c3d5c53; mybb[threadread]=a%3A1%3A%7Bi%3A321%3Bi%3A1729970314%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Oct 2024 19:18:38 GMT
Content-Type: image/png
Content-Length: 86
Connection: keep-alive
Last-Modified: Thu, 02 Nov 2023 04:00:00 GMT
Accept-Ranges: bytes

adrianafun.st/images/headerlinks_sprite.png

171.244.33.80

200 OK

2.3 kB

URL GET HTTP/1.1
adrianafun.st/images/headerlinks_sprite.png
IP
171.244.33.80:443
ASN
#7552 Viettel Group

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerZeroSSL
Subjectadrianafun.st
Fingerprint0A:B1:48:D9:CE:5D:C8:48:65:97:96:3D:F1:D4:15:E1:49:0E:B4:3E
ValiditySun, 13 Oct 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
PNG image data, 16 x 196, 8-bit colormap, non-interlaced
Size
2.3 kB (2342 bytes)
Hash
e38f7f29cf3f740d7dc3651cb82098ec
65787e91831d3707a9ec747ab272c1fb5d52b2d8
bc8ea31d4d1a30effac6bed60a41d1ec64a7cd42a711c694a103e42da7aa4c0a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/headerlinks_sprite.png HTTP/1.1
Host: adrianafun.st
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adrianafun.st/cache/themes/theme1/global.css?t=1706725207
Cookie: mybb[lastvisit]=1729970314; mybb[lastactive]=1729970314; sid=9e760c35f2315f642fbced947c3d5c53; mybb[threadread]=a%3A1%3A%7Bi%3A321%3Bi%3A1729970314%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Oct 2024 19:18:38 GMT
Content-Type: image/png
Content-Length: 2342
Connection: keep-alive
Last-Modified: Thu, 02 Nov 2023 04:00:00 GMT
Accept-Ranges: bytes

adrianafun.st/images/star_rating.png

171.244.33.80

200 OK

3.8 kB

URL GET HTTP/1.1
adrianafun.st/images/star_rating.png
IP
171.244.33.80:443
ASN
#7552 Viettel Group

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerZeroSSL
Subjectadrianafun.st
Fingerprint0A:B1:48:D9:CE:5D:C8:48:65:97:96:3D:F1:D4:15:E1:49:0E:B4:3E
ValiditySun, 13 Oct 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
PNG image data, 16 x 48, 8-bit/color RGBA, non-interlaced
Size
3.8 kB (3751 bytes)
Hash
0274a75c3d5496ee8fab26eb52de1c3c
96925775969c776090116329c962bf988a2d4efe
d8f325aec17395e529781258a6ad9cc34a8eca76d83a34b3ae167652b87374d7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/star_rating.png HTTP/1.1
Host: adrianafun.st
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adrianafun.st/cache/themes/theme1/star_ratings.css?t=1706725207
Cookie: mybb[lastvisit]=1729970314; mybb[lastactive]=1729970314; sid=9e760c35f2315f642fbced947c3d5c53; mybb[threadread]=a%3A1%3A%7Bi%3A321%3Bi%3A1729970314%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Oct 2024 19:18:38 GMT
Content-Type: image/png
Content-Length: 3751
Connection: keep-alive
Last-Modified: Thu, 02 Nov 2023 04:00:00 GMT
Accept-Ranges: bytes

adrianafun.st/images/buttons_bg.png

171.244.33.80

200 OK

101 B

URL GET HTTP/1.1
adrianafun.st/images/buttons_bg.png
IP
171.244.33.80:443
ASN
#7552 Viettel Group

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerZeroSSL
Subjectadrianafun.st
Fingerprint0A:B1:48:D9:CE:5D:C8:48:65:97:96:3D:F1:D4:15:E1:49:0E:B4:3E
ValiditySun, 13 Oct 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
PNG image data, 1 x 30, 8-bit/color RGB, non-interlaced
Size
101 B (101 bytes)
Hash
10ce6152f07ec77d9f78d381f7509a05
24a50f65d81e1546d9f3ae802ee90be3d791fc8f
259e21c6d7c25318e4bc00d2a3ee1b48e24679da1346c2af7718fbb7703f3025

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/buttons_bg.png HTTP/1.1
Host: adrianafun.st
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adrianafun.st/cache/themes/theme1/global.css?t=1706725207
Cookie: mybb[lastvisit]=1729970314; mybb[lastactive]=1729970314; sid=9e760c35f2315f642fbced947c3d5c53; mybb[threadread]=a%3A1%3A%7Bi%3A321%3Bi%3A1729970314%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Oct 2024 19:18:38 GMT
Content-Type: image/png
Content-Length: 101
Connection: keep-alive
Last-Modified: Thu, 02 Nov 2023 04:00:00 GMT
Accept-Ranges: bytes

adrianafun.st/images/logo.png

171.244.33.80

200 OK

35 kB

URL GET HTTP/1.1
adrianafun.st/images/logo.png
IP
171.244.33.80:443
ASN
#7552 Viettel Group

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerZeroSSL
Subjectadrianafun.st
Fingerprint0A:B1:48:D9:CE:5D:C8:48:65:97:96:3D:F1:D4:15:E1:49:0E:B4:3E
ValiditySun, 13 Oct 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
PNG image data, 607 x 75, 8-bit/color RGBA, non-interlaced
Size
35 kB (35279 bytes)
Hash
55d4d954be4a98671360f802f556e9d3
09023f447ab956e9670523d172e36fadaf578e6f
6e582543b3144b763efb8e70ff690ca77a74adc5ecf513de087290c1198ac0d6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/logo.png HTTP/1.1
Host: adrianafun.st
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adrianafun.st/showthread.php?pid=984592&tid=321
Cookie: mybb[lastvisit]=1729970314; mybb[lastactive]=1729970314; sid=9e760c35f2315f642fbced947c3d5c53; mybb[threadread]=a%3A1%3A%7Bi%3A321%3Bi%3A1729970314%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Oct 2024 19:18:38 GMT
Content-Type: image/png
Content-Length: 35279
Connection: keep-alive
Last-Modified: Sat, 01 Jun 2024 19:19:37 GMT
Accept-Ranges: bytes

adrianafun.st/images/tcat.png

171.244.33.80

200 OK

131 B

URL GET HTTP/1.1
adrianafun.st/images/tcat.png
IP
171.244.33.80:443
ASN
#7552 Viettel Group

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerZeroSSL
Subjectadrianafun.st
Fingerprint0A:B1:48:D9:CE:5D:C8:48:65:97:96:3D:F1:D4:15:E1:49:0E:B4:3E
ValiditySun, 13 Oct 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
PNG image data, 2 x 60, 8-bit/color RGB, non-interlaced
Size
131 B (131 bytes)
Hash
10b96a318e186e39860a5945a9071b92
daa068efc07bb97ff0a2af218aedebbb28c9f1bb
91697e7d6cc941b2bff9f05520c0c22b95d460a655e65b480452ce60da209cdf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/tcat.png HTTP/1.1
Host: adrianafun.st
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adrianafun.st/cache/themes/theme1/global.css?t=1706725207
Cookie: mybb[lastvisit]=1729970314; mybb[lastactive]=1729970314; sid=9e760c35f2315f642fbced947c3d5c53; mybb[threadread]=a%3A1%3A%7Bi%3A321%3Bi%3A1729970314%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Oct 2024 19:18:38 GMT
Content-Type: image/png
Content-Length: 131
Connection: keep-alive
Last-Modified: Thu, 02 Nov 2023 04:00:00 GMT
Accept-Ranges: bytes

adrianafun.st/images/thead.png

171.244.33.80

200 OK

115 B

URL GET HTTP/1.1
adrianafun.st/images/thead.png
IP
171.244.33.80:443
ASN
#7552 Viettel Group

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerZeroSSL
Subjectadrianafun.st
Fingerprint0A:B1:48:D9:CE:5D:C8:48:65:97:96:3D:F1:D4:15:E1:49:0E:B4:3E
ValiditySun, 13 Oct 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
PNG image data, 1 x 40, 8-bit/color RGB, non-interlaced
Size
115 B (115 bytes)
Hash
96dfa0b7296d710946b220639f5a9d1c
40838eabc4f6384d72ec9adca7a773fc4db21c44
d2d9d86e65050d0197318b4478cff3931f3e7a071bdee4f12364c2c47d4d576f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/thead.png HTTP/1.1
Host: adrianafun.st
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adrianafun.st/cache/themes/theme1/global.css?t=1706725207
Cookie: mybb[lastvisit]=1729970314; mybb[lastactive]=1729970314; sid=9e760c35f2315f642fbced947c3d5c53; mybb[threadread]=a%3A1%3A%7Bi%3A321%3Bi%3A1729970314%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Oct 2024 19:18:38 GMT
Content-Type: image/png
Content-Length: 115
Connection: keep-alive
Last-Modified: Thu, 02 Nov 2023 04:00:00 GMT
Accept-Ranges: bytes

adrianafun.st/images/buttons_sprite.png

171.244.33.80

200 OK

3.6 kB

URL GET HTTP/1.1
adrianafun.st/images/buttons_sprite.png
IP
171.244.33.80:443
ASN
#7552 Viettel Group

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerZeroSSL
Subjectadrianafun.st
Fingerprint0A:B1:48:D9:CE:5D:C8:48:65:97:96:3D:F1:D4:15:E1:49:0E:B4:3E
ValiditySun, 13 Oct 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
PNG image data, 16 x 560, 8-bit colormap, non-interlaced
Size
3.6 kB (3619 bytes)
Hash
b8a4c656cc2ceba54ede9c8bee504fb6
a9654bf22982a3504046c1dbe39ae38d4d5f28b6
3b7c43de6503c71fc08e7f6453ebf99190442210cef102ef1d5d5f8ef6cb9b79

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/buttons_sprite.png HTTP/1.1
Host: adrianafun.st
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adrianafun.st/cache/themes/theme1/global.css?t=1706725207
Cookie: mybb[lastvisit]=1729970314; mybb[lastactive]=1729970314; sid=9e760c35f2315f642fbced947c3d5c53; mybb[threadread]=a%3A1%3A%7Bi%3A321%3Bi%3A1729970314%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Oct 2024 19:18:39 GMT
Content-Type: image/png
Content-Length: 3619
Connection: keep-alive
Last-Modified: Thu, 02 Nov 2023 04:00:00 GMT
Accept-Ranges: bytes

adrianafun.st/images/showthread_sprite.png

171.244.33.80

200 OK

1.5 kB

URL GET HTTP/1.1
adrianafun.st/images/showthread_sprite.png
IP
171.244.33.80:443
ASN
#7552 Viettel Group

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerZeroSSL
Subjectadrianafun.st
Fingerprint0A:B1:48:D9:CE:5D:C8:48:65:97:96:3D:F1:D4:15:E1:49:0E:B4:3E
ValiditySun, 13 Oct 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
PNG image data, 16 x 100, 8-bit colormap, non-interlaced
Size
1.5 kB (1455 bytes)
Hash
d539ea2b126147223860ddbbe5c752c0
dccc6df4f03a89ed39e138970ea530a31425c35b
9525dfe2e9fb02b5b2875ba5151fcb62a680653d633f20926f3bf9f4003be80c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/showthread_sprite.png HTTP/1.1
Host: adrianafun.st
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adrianafun.st/cache/themes/theme1/showthread.css?t=1706725207
Cookie: mybb[lastvisit]=1729970314; mybb[lastactive]=1729970314; sid=9e760c35f2315f642fbced947c3d5c53; mybb[threadread]=a%3A1%3A%7Bi%3A321%3Bi%3A1729970314%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Oct 2024 19:18:39 GMT
Content-Type: image/png
Content-Length: 1455
Connection: keep-alive
Last-Modified: Thu, 02 Nov 2023 04:00:00 GMT
Accept-Ranges: bytes

adrianafun.st/images/buddy_offline.png

171.244.33.80

200 OK

344 B

URL GET HTTP/1.1
adrianafun.st/images/buddy_offline.png
IP
171.244.33.80:443
ASN
#7552 Viettel Group

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerZeroSSL
Subjectadrianafun.st
Fingerprint0A:B1:48:D9:CE:5D:C8:48:65:97:96:3D:F1:D4:15:E1:49:0E:B4:3E
ValiditySun, 13 Oct 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
344 B (344 bytes)
Hash
85d5669208db882c9f8de9248f172d7f
f3abd928747a507ffade7eba54279d05b6f04489
05e66596e833d38f696fb3203f294a946db61345ffd727442073c915c2db8cdc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/buddy_offline.png HTTP/1.1
Host: adrianafun.st
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adrianafun.st/showthread.php?pid=984592&tid=321
Cookie: mybb[lastvisit]=1729970314; mybb[lastactive]=1729970314; sid=9e760c35f2315f642fbced947c3d5c53; mybb[threadread]=a%3A1%3A%7Bi%3A321%3Bi%3A1729970314%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Oct 2024 19:18:39 GMT
Content-Type: image/png
Content-Length: 344
Connection: keep-alive
Last-Modified: Thu, 02 Nov 2023 04:00:00 GMT
Accept-Ranges: bytes

www.imgbur.cc/get/22.3.1725968306.832294776948

185.178.208.164

200 OK

222 kB

URL GET HTTP/2
www.imgbur.cc/get/22.3.1725968306.832294776948
IP
185.178.208.164:443
ASN
#57724 Ddos-Guard Ltd

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerLet's Encrypt
Subjectimgbur.cc
Fingerprint71:B0:95:B3:2A:29:ED:13:CC:53:99:0D:9C:EA:B7:DC:72:93:B8:E3
ValiditySun, 20 Oct 2024 22:02:59 GMT - Sat, 18 Jan 2025 22:02:58 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 900x1636, components 3
Size
222 kB (222344 bytes)
Hash
261768f10ee093600ba9458f6d30e305
735703c6d32bdbba548a6ad322f06796607b4cda
3f0eccce0c37bb1ab3e5c75d4640f5fe77b813969191cd5424a6d2065b335639

HTTP Headers

GET /get/22.3.1725968306.832294776948 HTTP/1.1
Host: www.imgbur.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://adrianafun.st/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=m7O51L9dSqcchrXh; Domain=.imgbur.cc; Path=/; Expires=Sat, 26-Oct-2024 19:38:38 GMT
__ddg9_=91.90.42.154; Domain=.imgbur.cc; Path=/; Expires=Sat, 26-Oct-2024 19:38:38 GMT
__ddg10_=1729970318; Domain=.imgbur.cc; Path=/; Expires=Sat, 26-Oct-2024 19:38:38 GMT
__ddg1_=ALWIcYyFSD0GM8kelC7I; Domain=.imgbur.cc; HttpOnly; Path=/; Expires=Sun, 26-Oct-2025 19:18:38 GMT
content-security-policy: upgrade-insecure-requests;
date: Sat, 26 Oct 2024 19:18:38 GMT
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: tus-resumable, upload-length, upload-metadata, authorization, content-type, range
content-type: image/jpg
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2

www.imgbur.cc/get/22.3.1725968326.771436091180

185.178.208.164

200 OK

348 kB

URL GET HTTP/2
www.imgbur.cc/get/22.3.1725968326.771436091180
IP
185.178.208.164:443
ASN
#57724 Ddos-Guard Ltd

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerLet's Encrypt
Subjectimgbur.cc
Fingerprint71:B0:95:B3:2A:29:ED:13:CC:53:99:0D:9C:EA:B7:DC:72:93:B8:E3
ValiditySun, 20 Oct 2024 22:02:59 GMT - Sat, 18 Jan 2025 22:02:58 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 900x1636, components 3
Size
348 kB (348372 bytes)
Hash
0d593eb3b46afc0d3bafe622738acc5c
f8b839f664ee76d82fae588e28595344b9d53d20
309d69577f623188f661c7c8fe328d31e782cd2c26ce404dbebe8cf7e7cc27fd

HTTP Headers

GET /get/22.3.1725968326.771436091180 HTTP/1.1
Host: www.imgbur.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://adrianafun.st/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=kru5zMDq3D05IiDi; Domain=.imgbur.cc; Path=/; Expires=Sat, 26-Oct-2024 19:38:38 GMT
__ddg9_=91.90.42.154; Domain=.imgbur.cc; Path=/; Expires=Sat, 26-Oct-2024 19:38:38 GMT
__ddg10_=1729970318; Domain=.imgbur.cc; Path=/; Expires=Sat, 26-Oct-2024 19:38:38 GMT
__ddg1_=fRRsqDMViuCTo1dsgTtd; Domain=.imgbur.cc; HttpOnly; Path=/; Expires=Sun, 26-Oct-2025 19:18:38 GMT
content-security-policy: upgrade-insecure-requests;
date: Sat, 26 Oct 2024 19:18:40 GMT
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: tus-resumable, upload-length, upload-metadata, authorization, content-type, range
content-type: image/jpg
age: 4
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2

www.imgbur.cc/i/7PQxoX2glZ.jpg

185.178.208.164

302 Found

228 kB

URL GET HTTP/2
www.imgbur.cc/i/7PQxoX2glZ.jpg
IP
185.178.208.164:443
ASN
#57724 Ddos-Guard Ltd

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerLet's Encrypt
Subjectimgbur.cc
Fingerprint71:B0:95:B3:2A:29:ED:13:CC:53:99:0D:9C:EA:B7:DC:72:93:B8:E3
ValiditySun, 20 Oct 2024 22:02:59 GMT - Sat, 18 Jan 2025 22:02:58 GMT

File type

Size
228 kB (228002 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /i/7PQxoX2glZ.jpg HTTP/1.1
Host: www.imgbur.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adrianafun.st/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: ddos-guard
set-cookie: __ddg8_=YLYNLeauIsgFdDzx; Domain=.imgbur.cc; Path=/; Expires=Sat, 26-Oct-2024 19:38:37 GMT
__ddg9_=91.90.42.154; Domain=.imgbur.cc; Path=/; Expires=Sat, 26-Oct-2024 19:38:37 GMT
__ddg10_=1729970317; Domain=.imgbur.cc; Path=/; Expires=Sat, 26-Oct-2024 19:38:37 GMT
__ddg1_=ZSwZPRBHBRdMnoVHCGNu; Domain=.imgbur.cc; HttpOnly; Path=/; Expires=Sun, 26-Oct-2025 19:18:37 GMT
content-security-policy: upgrade-insecure-requests;
date: Sat, 26 Oct 2024 19:18:37 GMT
location: https://www.imgbur.cc/get/22.3.1725968337.687048892082
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
age: 3
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2

adrianafun.st/favicon.ico

171.244.33.80

200 OK

1.2 kB

URL GET HTTP/1.1
adrianafun.st/favicon.ico
IP
171.244.33.80:443
ASN
#7552 Viettel Group

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerZeroSSL
Subjectadrianafun.st
Fingerprint0A:B1:48:D9:CE:5D:C8:48:65:97:96:3D:F1:D4:15:E1:49:0E:B4:3E
ValiditySun, 13 Oct 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Size
1.2 kB (1150 bytes)
Hash
4d14132a43607d8d85191db682d744cd
f660f2f7ca793f1d106b2a61740c9ce5ac2d2427
36af3d678e7d3d5b5a3ef2acf89c1369fddd7f87ad124353ef0f729f3a8d982f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: adrianafun.st
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adrianafun.st/showthread.php?pid=984592&tid=321
Cookie: mybb[lastvisit]=1729970314; mybb[lastactive]=1729970314; sid=9e760c35f2315f642fbced947c3d5c53; mybb[threadread]=a%3A1%3A%7Bi%3A321%3Bi%3A1729970314%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Oct 2024 19:18:40 GMT
Content-Type: image/x-icon
Content-Length: 1150
Connection: keep-alive
Last-Modified: Sun, 12 Feb 2023 23:19:30 GMT
Accept-Ranges: bytes

www.imgbur.cc/get/22.3.1725968347.367502086051

185.178.208.164

200 OK

223 kB

URL GET HTTP/2
www.imgbur.cc/get/22.3.1725968347.367502086051
IP
185.178.208.164:443
ASN
#57724 Ddos-Guard Ltd

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerLet's Encrypt
Subjectimgbur.cc
Fingerprint71:B0:95:B3:2A:29:ED:13:CC:53:99:0D:9C:EA:B7:DC:72:93:B8:E3
ValiditySun, 20 Oct 2024 22:02:59 GMT - Sat, 18 Jan 2025 22:02:58 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 900x1636, components 3
Size
223 kB (223292 bytes)
Hash
5596e50753593db3456196ae4158ad87
4319eb166b90fe05321633047970ceb005e05fdf
1c0f277a2cd8190c90b7fea6dadb52fa06635d4492542cbc5beb1b1a72a9f3cc

HTTP Headers

GET /get/22.3.1725968347.367502086051 HTTP/1.1
Host: www.imgbur.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://adrianafun.st/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=z7OyzcrHlVmH4chC; Domain=.imgbur.cc; Path=/; Expires=Sat, 26-Oct-2024 19:38:38 GMT
__ddg9_=91.90.42.154; Domain=.imgbur.cc; Path=/; Expires=Sat, 26-Oct-2024 19:38:38 GMT
__ddg10_=1729970318; Domain=.imgbur.cc; Path=/; Expires=Sat, 26-Oct-2024 19:38:38 GMT
__ddg1_=uNZk6CXyeBKnsEGBEcuj; Domain=.imgbur.cc; HttpOnly; Path=/; Expires=Sun, 26-Oct-2025 19:18:38 GMT
content-security-policy: upgrade-insecure-requests;
date: Sat, 26 Oct 2024 19:18:38 GMT
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: tus-resumable, upload-length, upload-metadata, authorization, content-type, range
content-type: image/jpg
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2

www.imgbur.cc/i/pwQL4qeEQG.jpg

185.178.208.164

302 Found

237 kB

URL GET HTTP/2
www.imgbur.cc/i/pwQL4qeEQG.jpg
IP
185.178.208.164:443
ASN
#57724 Ddos-Guard Ltd

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerLet's Encrypt
Subjectimgbur.cc
Fingerprint71:B0:95:B3:2A:29:ED:13:CC:53:99:0D:9C:EA:B7:DC:72:93:B8:E3
ValiditySun, 20 Oct 2024 22:02:59 GMT - Sat, 18 Jan 2025 22:02:58 GMT

File type

Size
237 kB (237423 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /i/pwQL4qeEQG.jpg HTTP/1.1
Host: www.imgbur.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adrianafun.st/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: ddos-guard
set-cookie: __ddg8_=C97dta601wR3ikNs; Domain=.imgbur.cc; Path=/; Expires=Sat, 26-Oct-2024 19:38:37 GMT
__ddg9_=91.90.42.154; Domain=.imgbur.cc; Path=/; Expires=Sat, 26-Oct-2024 19:38:37 GMT
__ddg10_=1729970317; Domain=.imgbur.cc; Path=/; Expires=Sat, 26-Oct-2024 19:38:37 GMT
__ddg1_=4u7klcNlaJEIk9FYsVOQ; Domain=.imgbur.cc; HttpOnly; Path=/; Expires=Sun, 26-Oct-2025 19:18:37 GMT
content-security-policy: upgrade-insecure-requests;
date: Sat, 26 Oct 2024 19:18:38 GMT
location: https://www.imgbur.cc/get/22.3.1725968317.865215393702
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
age: 2
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2

www.imgbur.cc/i/V3QRxqLN5m.jpg

185.178.208.164

302 Found

221 kB

URL GET HTTP/2
www.imgbur.cc/i/V3QRxqLN5m.jpg
IP
185.178.208.164:443
ASN
#57724 Ddos-Guard Ltd

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerLet's Encrypt
Subjectimgbur.cc
Fingerprint71:B0:95:B3:2A:29:ED:13:CC:53:99:0D:9C:EA:B7:DC:72:93:B8:E3
ValiditySun, 20 Oct 2024 22:02:59 GMT - Sat, 18 Jan 2025 22:02:58 GMT

File type

Size
221 kB (221194 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /i/V3QRxqLN5m.jpg HTTP/1.1
Host: www.imgbur.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adrianafun.st/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: ddos-guard
set-cookie: __ddg8_=dM8PtN25C0xLtY1r; Domain=.imgbur.cc; Path=/; Expires=Sat, 26-Oct-2024 19:38:37 GMT
__ddg9_=91.90.42.154; Domain=.imgbur.cc; Path=/; Expires=Sat, 26-Oct-2024 19:38:37 GMT
__ddg10_=1729970317; Domain=.imgbur.cc; Path=/; Expires=Sat, 26-Oct-2024 19:38:37 GMT
__ddg1_=lzVLiqrIm442cF6WwmUk; Domain=.imgbur.cc; HttpOnly; Path=/; Expires=Sun, 26-Oct-2025 19:18:37 GMT
content-security-policy: upgrade-insecure-requests;
date: Sat, 26 Oct 2024 19:18:37 GMT
location: https://www.imgbur.cc/get/22.3.1725968306.832294776948
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
age: 3
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2

www.imgbur.cc/i/gN58W4LBKV.jpg

185.178.208.164

302 Found

223 kB

URL GET HTTP/2
www.imgbur.cc/i/gN58W4LBKV.jpg
IP
185.178.208.164:443
ASN
#57724 Ddos-Guard Ltd

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerLet's Encrypt
Subjectimgbur.cc
Fingerprint71:B0:95:B3:2A:29:ED:13:CC:53:99:0D:9C:EA:B7:DC:72:93:B8:E3
ValiditySun, 20 Oct 2024 22:02:59 GMT - Sat, 18 Jan 2025 22:02:58 GMT

File type

Size
223 kB (223292 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /i/gN58W4LBKV.jpg HTTP/1.1
Host: www.imgbur.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adrianafun.st/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: ddos-guard
set-cookie: __ddg8_=LDKxYPbCQmIM9ANx; Domain=.imgbur.cc; Path=/; Expires=Sat, 26-Oct-2024 19:38:37 GMT
__ddg9_=91.90.42.154; Domain=.imgbur.cc; Path=/; Expires=Sat, 26-Oct-2024 19:38:37 GMT
__ddg10_=1729970317; Domain=.imgbur.cc; Path=/; Expires=Sat, 26-Oct-2024 19:38:37 GMT
__ddg1_=57Nf8WgFJ6Ul8kLFxJD9; Domain=.imgbur.cc; HttpOnly; Path=/; Expires=Sun, 26-Oct-2025 19:18:37 GMT
content-security-policy: upgrade-insecure-requests;
date: Sat, 26 Oct 2024 19:18:37 GMT
location: https://www.imgbur.cc/get/22.3.1725968347.367502086051
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
age: 3
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2

www.imgbur.cc/get/22.3.1725968317.865215393702

185.178.208.164

200 OK

237 kB

URL GET HTTP/2
www.imgbur.cc/get/22.3.1725968317.865215393702
IP
185.178.208.164:443
ASN
#57724 Ddos-Guard Ltd

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerLet's Encrypt
Subjectimgbur.cc
Fingerprint71:B0:95:B3:2A:29:ED:13:CC:53:99:0D:9C:EA:B7:DC:72:93:B8:E3
ValiditySun, 20 Oct 2024 22:02:59 GMT - Sat, 18 Jan 2025 22:02:58 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 900x1636, components 3
Size
237 kB (237423 bytes)
Hash
7ab3220561427dc529485ac55709869b
920de4f12a662854d0a2cf38a9de96b81eb2c666
b0bfc8a8561a190912e23c238069663739d25683b3b78d7a9ec6e3a0f85a191d

HTTP Headers

GET /get/22.3.1725968317.865215393702 HTTP/1.1
Host: www.imgbur.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://adrianafun.st/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=LQAMwRr5OgkvgN6H; Domain=.imgbur.cc; Path=/; Expires=Sat, 26-Oct-2024 19:38:38 GMT
__ddg9_=91.90.42.154; Domain=.imgbur.cc; Path=/; Expires=Sat, 26-Oct-2024 19:38:38 GMT
__ddg10_=1729970318; Domain=.imgbur.cc; Path=/; Expires=Sat, 26-Oct-2024 19:38:38 GMT
__ddg1_=2N2770x2sASkqmxB4eyW; Domain=.imgbur.cc; HttpOnly; Path=/; Expires=Sun, 26-Oct-2025 19:18:38 GMT
content-security-policy: upgrade-insecure-requests;
date: Sat, 26 Oct 2024 19:18:39 GMT
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: tus-resumable, upload-length, upload-metadata, authorization, content-type, range
content-type: image/jpg
age: 2
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2

www.imgbur.cc/i/zVQ63qRjKJ.jpg

185.178.208.164

302 Found

343 kB

URL GET HTTP/2
www.imgbur.cc/i/zVQ63qRjKJ.jpg
IP
185.178.208.164:443
ASN
#57724 Ddos-Guard Ltd

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerLet's Encrypt
Subjectimgbur.cc
Fingerprint71:B0:95:B3:2A:29:ED:13:CC:53:99:0D:9C:EA:B7:DC:72:93:B8:E3
ValiditySun, 20 Oct 2024 22:02:59 GMT - Sat, 18 Jan 2025 22:02:58 GMT

File type

Size
343 kB (343105 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /i/zVQ63qRjKJ.jpg HTTP/1.1
Host: www.imgbur.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adrianafun.st/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: ddos-guard
set-cookie: __ddg8_=fSLlTG27nKsYfXvN; Domain=.imgbur.cc; Path=/; Expires=Sat, 26-Oct-2024 19:38:37 GMT
__ddg9_=91.90.42.154; Domain=.imgbur.cc; Path=/; Expires=Sat, 26-Oct-2024 19:38:37 GMT
__ddg10_=1729970317; Domain=.imgbur.cc; Path=/; Expires=Sat, 26-Oct-2024 19:38:37 GMT
__ddg1_=BdyVzVTI1lUZ4YQz0ZiX; Domain=.imgbur.cc; HttpOnly; Path=/; Expires=Sun, 26-Oct-2025 19:18:37 GMT
content-security-policy: upgrade-insecure-requests;
date: Sat, 26 Oct 2024 19:18:38 GMT
location: https://www.imgbur.cc/get/22.3.1725968326.771436091180
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
age: 2
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2

www.imgbur.cc/get/22.3.1725968337.687048892082

185.178.208.164

200 OK

228 kB

URL GET HTTP/2
www.imgbur.cc/get/22.3.1725968337.687048892082
IP
185.178.208.164:443
ASN
#57724 Ddos-Guard Ltd

Requested by
https://adrianafun.st/showthread.php?pid=984592&tid=321
Certificate
IssuerLet's Encrypt
Subjectimgbur.cc
Fingerprint71:B0:95:B3:2A:29:ED:13:CC:53:99:0D:9C:EA:B7:DC:72:93:B8:E3
ValiditySun, 20 Oct 2024 22:02:59 GMT - Sat, 18 Jan 2025 22:02:58 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 900x1636, components 3
Size
228 kB (228002 bytes)
Hash
e01d925cdc1cb7914291bb681014d5de
1f9544c1e02cdda378379d14ea0ea54fc08ccc2f
3bd16a8faa39d0203c0a2f4dd0bf699d2e518d173147bfd8201b95d4c0ed12de

HTTP Headers

GET /get/22.3.1725968337.687048892082 HTTP/1.1
Host: www.imgbur.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://adrianafun.st/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=Aczbr4mJPRtPGf0N; Domain=.imgbur.cc; Path=/; Expires=Sat, 26-Oct-2024 19:38:38 GMT
__ddg9_=91.90.42.154; Domain=.imgbur.cc; Path=/; Expires=Sat, 26-Oct-2024 19:38:38 GMT
__ddg10_=1729970318; Domain=.imgbur.cc; Path=/; Expires=Sat, 26-Oct-2024 19:38:38 GMT
__ddg1_=pEGwjD8bRkfauXUTXTSt; Domain=.imgbur.cc; HttpOnly; Path=/; Expires=Sun, 26-Oct-2025 19:18:38 GMT
content-security-policy: upgrade-insecure-requests;
date: Sat, 26 Oct 2024 19:18:38 GMT
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: tus-resumable, upload-length, upload-metadata, authorization, content-type, range
content-type: image/jpg
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Mnemonic Secure DNS

Quad9 DNS

ThreatFox

JavaScript (17)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by