45.146.235.45 23 B IP 45.146.235.45:0
ASN #8100 ASN-QUADRANET-GLOBAL
File type Unicode text, UTF-8 text, with no line terminators
Hash c7d5b7e3b1ca89f7240569474cc5c8da
5fdf6212987e7a9f92da28c60bd4770346f1dec7
7f76ee84c3f24fa3216ee02a21b48ac29bd379c6205da843d15ea57c59adb6b3
GET / HTTP/1.1
Host: wap.rkcqhed.mhzxbt.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 18 Apr 2024 08:11:48 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://hfhjrjn.icu/
hfhjrjn.icu/
104.21.80.244 45 kB IP 104.21.80.244:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (41828), with CRLF, LF line terminators
Hash 3cf5e537073318d54e1ba4ac4229714a
85d1e4793aad7d827fd79fe8b0bdc9758860e948
b9275410e100c81790a593ee0966953253ef146e8ec943962c15af2578b2a14d
GET / HTTP/1.1
Host: hfhjrjn.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 08:11:49 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2QgZc5gi0qilC9fZRINTfvNFIUeKGXilmjXt1uXM8FCtxKumdn%2Bilm4Mjd%2Fe8mFx3dSPItAAJOX%2FVb00N8pXb9MjQctPVwFRy8Jkn30AW3kcJup0Wb9QzbGDPRybbA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87632facdc8556c1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.bbjjjbz.icu/template/2419/images/s5.jpg
172.67.174.112200 OK 10 kB URL GET HTTP/3 www.bbjjjbz.icu/template/2419/images/s5.jpg
IP 172.67.174.112:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint55:87:2A:D4:ED:6E:83:6B:7E:2A:D5:53:7C:C6:B4:C1:2D:18:77:EC
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3
Hash 3254e30791445d6dcdd3758f1ac086e0
d8b54c4d4a3eee189769636f33e219c5d20e9861
21c589ec48a385c62b6c686dfaa01cc546f5ef2b119d0d64b9acffa423937316
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/2419/images/s5.jpg HTTP/1.1
Host: www.bbjjjbz.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.bbjjjbz.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 08:11:51 GMT
content-type: image/jpeg
content-length: 10070
last-modified: Wed, 16 Oct 2019 06:01:36 GMT
etag: "5da6b240-2756"
expires: Sat, 18 May 2024 08:11:51 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kOi1zFz3rPedh355Ua6eaJ3ROSxH9fWHJSE4OHP73KlfqXxd%2FwSrr0MC5dhtzobtPfQPC8J3tCDRNkvlSveZ%2BNK72DExMwWhlukEDA4nOMONhjDtiPJRFjaDqNeEbnj%2Ftcc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87632fbf8f0b0b55-OSL
alt-svc: h3=":443"; ma=86400
www.bbjjjbz.icu/template/2419/images/nav.png
172.67.174.112200 OK 2.9 kB URL GET HTTP/3 www.bbjjjbz.icu/template/2419/images/nav.png
IP 172.67.174.112:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint55:87:2A:D4:ED:6E:83:6B:7E:2A:D5:53:7C:C6:B4:C1:2D:18:77:EC
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Hash 2505871944dbf649ad5d4b2ebba864de
35214c763481df6ee0465d5ad36295e65a427b87
22fe83bf8bff55cc25e20cf12c51785658f2294979f2a31082bbe5291f5042c0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/2419/images/nav.png HTTP/1.1
Host: www.bbjjjbz.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.bbjjjbz.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 08:11:52 GMT
content-type: image/png
content-length: 2873
last-modified: Tue, 15 Oct 2019 07:59:30 GMT
etag: "5da57c62-b39"
expires: Sat, 18 May 2024 08:11:51 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NtdtAI8AoP0%2BmQ6We1SFG9GQJrXU3Xe3TEg%2Fu%2FgFKad8tfufeC%2FtUVxwYZPMahqkEGegyrnRRQH52KqVQc5yDquqbgjOcDU0bU%2BGuuJRoCdYn1K4zLarqNUaBOTXaZXif%2FU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87632fbf2ea00b55-OSL
alt-svc: h3=":443"; ma=86400
www.bbjjjbz.icu/template/2419/images/p9.jpg
172.67.174.112200 OK 9.9 kB URL GET HTTP/3 www.bbjjjbz.icu/template/2419/images/p9.jpg
IP 172.67.174.112:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint55:87:2A:D4:ED:6E:83:6B:7E:2A:D5:53:7C:C6:B4:C1:2D:18:77:EC
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3
Hash 2c94561f5db0ed16e4c1c078992481db
b60ca2440c9a884f95c9ec6fd5a4642c9dd01053
354a8afe928048f49e56676442480d4bf63a69e947964a9216d4f45de85a9dcf
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/2419/images/p9.jpg HTTP/1.1
Host: www.bbjjjbz.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.bbjjjbz.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 08:11:52 GMT
content-type: image/jpeg
content-length: 9921
last-modified: Wed, 16 Oct 2019 06:01:36 GMT
etag: "5da6b240-26c1"
expires: Sat, 18 May 2024 08:11:52 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oGg75PsT1feTcIUW5vc08g9RjpVFAeoEYywyo56ZTmOBKaPWyQ27Kg1rGg27hDUBVNS9oiO9wYtOyxgSqYCotqWJwryYAtH38XFBRmJQU0JyvIZ212%2BBqAkOSOUB5reGQ9s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87632fbf7efb0b55-OSL
alt-svc: h3=":443"; ma=86400
www.bbjjjbz.icu/template/2419/images/p3.jpg
172.67.174.112200 OK 13 kB URL GET HTTP/3 www.bbjjjbz.icu/template/2419/images/p3.jpg
IP 172.67.174.112:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint55:87:2A:D4:ED:6E:83:6B:7E:2A:D5:53:7C:C6:B4:C1:2D:18:77:EC
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 385x453, components 3
Hash be53274836585948ff45878d30ff7a79
1ebe2e9aeb1131ecc70482f28723703796d9f02f
25984711f30c09d8ec10d9c6d2c7d3338177eeae56e3151a4328d5b2621e20ee
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/2419/images/p3.jpg HTTP/1.1
Host: www.bbjjjbz.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.bbjjjbz.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 08:11:52 GMT
content-type: image/jpeg
content-length: 13358
last-modified: Wed, 16 Oct 2019 06:01:36 GMT
etag: "5da6b240-342e"
expires: Sat, 18 May 2024 08:11:52 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hbnm7IiU366D3hgCepP8WJWstSYD1AfteMiF4c4DOVFQ7%2By%2BmI%2F5fjXOQoeTvXWB5tfjopuU%2FDHLOuAzMahZKt%2FWCZEYltudsy1Xw3Pnqr14sFnz%2BNoQlZEuSZKlWG%2Fngs8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87632fbf6ee20b55-OSL
alt-svc: h3=":443"; ma=86400
www.bbjjjbz.icu/template/2419/images/s6.jpg
172.67.174.112200 OK 7.6 kB URL GET HTTP/3 www.bbjjjbz.icu/template/2419/images/s6.jpg
IP 172.67.174.112:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint55:87:2A:D4:ED:6E:83:6B:7E:2A:D5:53:7C:C6:B4:C1:2D:18:77:EC
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3
Hash 8ec1ab5777dc851bc2fd1fe8de31fdab
180f3977780a689517bb05fb1f308a4f0387d8a1
899bf1b61b354e3515e48f235fd25c58143472e583f8728f52b5f6c629f509b1
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/2419/images/s6.jpg HTTP/1.1
Host: www.bbjjjbz.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.bbjjjbz.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 08:11:52 GMT
content-type: image/jpeg
content-length: 7644
last-modified: Wed, 16 Oct 2019 06:01:36 GMT
etag: "5da6b240-1ddc"
expires: Sat, 18 May 2024 08:11:52 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jU1m6R%2BYBW960W93U7wiLdn7wD2zyObbIESIYQ1hs7yCG7K93CBky8LRAKGfxZz22kCo8gq53yDr6wM%2BwuzE0a8mZiRoKVLolRu%2F2x0og6A%2Be5RTXS%2BGIiKZInT%2Br3CFFYw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87632fbf8f0d0b55-OSL
alt-svc: h3=":443"; ma=86400
www.bbjjjbz.icu/template/2419/images/s2.jpg
172.67.174.112200 OK 9.9 kB URL GET HTTP/3 www.bbjjjbz.icu/template/2419/images/s2.jpg
IP 172.67.174.112:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint55:87:2A:D4:ED:6E:83:6B:7E:2A:D5:53:7C:C6:B4:C1:2D:18:77:EC
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3
Hash f9265828c973c1853320456de1e7bfea
1ce35dee7ff8594eb0704369db0234cd5fc62da0
da598cb21cdfd7484b5f108a584a0fd04f25ca51987718b46d74f2ec5c0a59d4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/2419/images/s2.jpg HTTP/1.1
Host: www.bbjjjbz.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.bbjjjbz.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 08:11:52 GMT
content-type: image/jpeg
content-length: 9919
last-modified: Wed, 16 Oct 2019 06:01:36 GMT
etag: "5da6b240-26bf"
expires: Sat, 18 May 2024 08:11:52 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zhIadDIXpCxuk7PPclMrbuQUm%2BG4l1rhVQ0Gw4tzbmUHZJk8VRdsGKXOxkm5b2r%2F4KGCBNednd22M3ezDfQgah2OjEI7dKVCL7ytwyH%2BQ5q1OCXaXMPU5nVJH%2BDdUyK9QmU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87632fbf7f050b55-OSL
alt-svc: h3=":443"; ma=86400
www.bbjjjbz.icu/template/2419/images/p8.jpg
172.67.174.112200 OK 8.4 kB URL GET HTTP/3 www.bbjjjbz.icu/template/2419/images/p8.jpg
IP 172.67.174.112:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint55:87:2A:D4:ED:6E:83:6B:7E:2A:D5:53:7C:C6:B4:C1:2D:18:77:EC
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3
Hash 9434dfd385f1d18e302a65b2b063373c
037592eeac942054a424937cdbdf8e593a010b26
b1c6fa85e51e34bf9f8c355088ff13064214b9de22094e80fe0a70af65bc49cf
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/2419/images/p8.jpg HTTP/1.1
Host: www.bbjjjbz.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.bbjjjbz.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 08:11:52 GMT
content-type: image/jpeg
content-length: 8401
last-modified: Wed, 16 Oct 2019 06:01:36 GMT
etag: "5da6b240-20d1"
expires: Sat, 18 May 2024 08:11:52 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1WKrkYhVYp4a08OHWoG5RgzC9rYclt6zKcsttgXV8P6X%2BSgFnHTwZdwIOiW2vN2eAxkFQMUNKTSolYmCQ4GNm45Kx3J8pmByYr8mGh55CspCxSdAM%2FlsnUNNU61HEnFWips%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87632fbf7ef80b55-OSL
alt-svc: h3=":443"; ma=86400
www.bbjjjbz.icu/template/2419/images/d2.jpg
172.67.174.112200 OK 8.8 kB URL GET HTTP/3 www.bbjjjbz.icu/template/2419/images/d2.jpg
IP 172.67.174.112:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint55:87:2A:D4:ED:6E:83:6B:7E:2A:D5:53:7C:C6:B4:C1:2D:18:77:EC
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3
Hash 12fa5be4c040b0442c512c488a9a18e8
fe8ba2ce99f5a263661c33bfba4c31f1e3923dad
6b87b3e0bae7bf57a36000047255a2d331f09f4f930ed7dc59e5148dd8bd70b3
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/2419/images/d2.jpg HTTP/1.1
Host: www.bbjjjbz.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.bbjjjbz.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 08:11:52 GMT
content-type: image/jpeg
content-length: 8759
last-modified: Wed, 16 Oct 2019 06:01:36 GMT
etag: "5da6b240-2237"
expires: Sat, 18 May 2024 08:11:52 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K9vB7n9ATkVPjn6wBOS%2FFu4JWkdYo5HqNpTaGqiDlQi7zGXcJUun0NbCqyGQV4nneYtQjTG7NecbIFFFYe0MEPiFpTXX%2FF36pCMZpM5X60xaPztkC5msjlITj0aqkaNcrCc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87632fbf6ee90b55-OSL
alt-svc: h3=":443"; ma=86400
www.bbjjjbz.icu/template/2419/images/s7.jpg
172.67.174.112200 OK 9.6 kB URL GET HTTP/3 www.bbjjjbz.icu/template/2419/images/s7.jpg
IP 172.67.174.112:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint55:87:2A:D4:ED:6E:83:6B:7E:2A:D5:53:7C:C6:B4:C1:2D:18:77:EC
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3
Hash cd9bd575b8d9ab4ac743a2bf8783a8ea
04d3174f7e5242de876770a620215597821209e2
8f11a5bfd8d85c88d56efc5fbe69dc3e5440bcfa3039527b6219de6fc1330fa9
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/2419/images/s7.jpg HTTP/1.1
Host: www.bbjjjbz.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.bbjjjbz.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 08:11:52 GMT
content-type: image/jpeg
content-length: 9622
last-modified: Wed, 16 Oct 2019 06:01:36 GMT
etag: "5da6b240-2596"
expires: Sat, 18 May 2024 08:11:52 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FIFL1vl9nzi7KGoOSosarVMtMrl8IIq6rdR%2B157cffCKD83DA%2FYMHFYaPulatnv%2FWeiRDkeOZ%2BqudL81ePn3JKSBHZaHEUJyAWtmRpmYhR%2FMupTHX%2B1vRxtqYZpjw2JnVRo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87632fbf8f0f0b55-OSL
alt-svc: h3=":443"; ma=86400
www.bbjjjbz.icu/template/2419/images/d1.jpg
172.67.174.112200 OK 7.2 kB URL GET HTTP/3 www.bbjjjbz.icu/template/2419/images/d1.jpg
IP 172.67.174.112:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint55:87:2A:D4:ED:6E:83:6B:7E:2A:D5:53:7C:C6:B4:C1:2D:18:77:EC
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3
Hash 9b0ca8688bb99b37709348af9a9bdee9
fc659fc3a42204b85304b63514cddb0d84db622e
9a3fba562ddefbcc68ec44fc56b78caa02bff5c65fddb6424dda45d426251ee2
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/2419/images/d1.jpg HTTP/1.1
Host: www.bbjjjbz.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.bbjjjbz.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 08:11:52 GMT
content-type: image/jpeg
content-length: 7173
last-modified: Wed, 16 Oct 2019 06:01:36 GMT
etag: "5da6b240-1c05"
expires: Sat, 18 May 2024 08:11:52 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OnSPI2tfsqjL2qO%2FlTK7EtY8eJO8RQSYEyR4GMtqSh6S5b%2Bmj6mFab4S%2B26WNaqNO%2BmvnDyvTy9YLAriSQffYsBoQuqjt6408%2F2HKXbYIGKcpJkhFXvpOENuiRvIa16jcgg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87632fbf6ee70b55-OSL
alt-svc: h3=":443"; ma=86400
www.bbjjjbz.icu/template/2419/images/p2.jpg
172.67.174.112200 OK 14 kB URL GET HTTP/3 www.bbjjjbz.icu/template/2419/images/p2.jpg
IP 172.67.174.112:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint55:87:2A:D4:ED:6E:83:6B:7E:2A:D5:53:7C:C6:B4:C1:2D:18:77:EC
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 385x453, components 3
Hash 0d7d5a6803de7d4235cbb155b7cd7ed2
e340c35a945fdc3c4060383fba3597bbba40f492
68362f289aa79a758095c854bb6c7ca669d2b520925595926974f4535c39c2d3
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/2419/images/p2.jpg HTTP/1.1
Host: www.bbjjjbz.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.bbjjjbz.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 08:11:52 GMT
content-type: image/jpeg
content-length: 13548
last-modified: Wed, 16 Oct 2019 06:01:36 GMT
etag: "5da6b240-34ec"
expires: Sat, 18 May 2024 08:11:52 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GU8uOROjTUTYPzDSFreww7Buj1ZymwvfcpfL4uVAKMXWISpfiT7iuZDizBBO0jrkfat6WhpZzuzj9eSZdE7oYteaGr96NShB%2BnT1Xq%2FabLBYsr932E2AdZcdGD%2Bmg1Yj97E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87632fbf6edf0b55-OSL
alt-svc: h3=":443"; ma=86400
www.bbjjjbz.icu/template/2419/images/s1.jpg
172.67.174.112200 OK 7.6 kB URL GET HTTP/3 www.bbjjjbz.icu/template/2419/images/s1.jpg
IP 172.67.174.112:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint55:87:2A:D4:ED:6E:83:6B:7E:2A:D5:53:7C:C6:B4:C1:2D:18:77:EC
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3
Hash a5471dbcdd97bb1448e5ea116fbc802c
f30276b56b0aa483b2e29daaccaf43921f8bddf8
0eecd16bc05900f4f320d06adbde6beb01f9947ea8178182e5b75e8c4524842d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/2419/images/s1.jpg HTTP/1.1
Host: www.bbjjjbz.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.bbjjjbz.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 08:11:52 GMT
content-type: image/jpeg
content-length: 7637
last-modified: Wed, 16 Oct 2019 06:01:36 GMT
etag: "5da6b240-1dd5"
expires: Sat, 18 May 2024 08:11:52 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4cv2JQMe%2B3D5D3EjUOWHoCoOD6anp0oLY8dKOiVxb%2Fw5ihWGhFP1A3mUG9FNk27vKjbikQTj27y%2BdnHVCsTcVlTInv0q7vEXJNge6SLKCRzornjrYfofvAP0ZxnaU2UlZ3I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87632fbf7f010b55-OSL
alt-svc: h3=":443"; ma=86400
www.bbjjjbz.icu/template/2419/images/p7.jpg
172.67.174.112200 OK 7.1 kB URL GET HTTP/3 www.bbjjjbz.icu/template/2419/images/p7.jpg
IP 172.67.174.112:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint55:87:2A:D4:ED:6E:83:6B:7E:2A:D5:53:7C:C6:B4:C1:2D:18:77:EC
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3
Hash 45e16f7ae0049bbbbac12eaaf449fcac
37e1c4f97666747ea12f4cda6a5f6719a28ffd38
0f602b4cb095528e597893c4b7b883dd479a3b3e0ffca29ea6e6b69907fdace5
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/2419/images/p7.jpg HTTP/1.1
Host: www.bbjjjbz.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.bbjjjbz.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 08:11:52 GMT
content-type: image/jpeg
content-length: 7137
last-modified: Wed, 16 Oct 2019 06:01:36 GMT
etag: "5da6b240-1be1"
expires: Sat, 18 May 2024 08:11:52 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vu8zJpfZCuzFVkZzTSdMDU7Ca0trSD2JRv0g373O2OeV%2BVxs3c95yE1J2dRuokJCmVSikQmJx9zOT%2B9QiKkxEvWOgzfPoPYVJcUGau43zWLjG88B5AKlFnA%2FhR4MABA6Yuw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87632fbf7ef60b55-OSL
alt-svc: h3=":443"; ma=86400
www.bbjjjbz.icu/template/2419/images/p4.jpg
172.67.174.112200 OK 13 kB URL GET HTTP/3 www.bbjjjbz.icu/template/2419/images/p4.jpg
IP 172.67.174.112:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint55:87:2A:D4:ED:6E:83:6B:7E:2A:D5:53:7C:C6:B4:C1:2D:18:77:EC
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 385x453, components 3
Hash 04fa6db0b5f221b235ae841deb92b14e
ae8f88082715e42f0b10256cde9b8a30b47589ab
afa44a23795f18b6518bf5a53fae05511648bb2f402fb2b13e51c0775a80c6ba
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/2419/images/p4.jpg HTTP/1.1
Host: www.bbjjjbz.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.bbjjjbz.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 08:11:52 GMT
content-type: image/jpeg
content-length: 13042
last-modified: Wed, 16 Oct 2019 06:01:36 GMT
etag: "5da6b240-32f2"
expires: Sat, 18 May 2024 08:11:52 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=otjk0mHLeN5%2FlHgy16SFUTlV%2FWdGa9K3veggCVVoKyGe5zLTLfg1ahsZmeehRgqvofV84POD1XG%2FkIXUrtr1KLWvnTt6QDXiMLDZ%2FW1QF2XbomfIH5wT6J%2BCmSADl7llfCg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87632fbf6ee40b55-OSL
alt-svc: h3=":443"; ma=86400
www.bbjjjbz.icu/template/2419/images/p5.jpg
172.67.174.112200 OK 14 kB URL GET HTTP/3 www.bbjjjbz.icu/template/2419/images/p5.jpg
IP 172.67.174.112:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint55:87:2A:D4:ED:6E:83:6B:7E:2A:D5:53:7C:C6:B4:C1:2D:18:77:EC
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x300, components 3
Hash 6443e726ad698ab448c492f5ab154ee4
ebdb9f113c81b6ead60895e5392f0d0a6ccdfd04
95350a5fde97cf53e767809e4cb0d1cf0b35ddc1c4051ae3926db79f1b16bd58
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/2419/images/p5.jpg HTTP/1.1
Host: www.bbjjjbz.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.bbjjjbz.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 08:11:52 GMT
content-type: image/jpeg
content-length: 13517
last-modified: Wed, 16 Oct 2019 06:01:36 GMT
etag: "5da6b240-34cd"
expires: Sat, 18 May 2024 08:11:52 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ceaF2ONIEvyysxH5jNOQSVKurdT9bbbyLZx6DD6cmzB7lnYAoGXyrgR28V4s0f2qHeEb4cmL6g6aHxbHwmqL04XJXQ1DFcgxGZsMV8DgXMuvNcLX2hwxb05DCsIzlwCvWes%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87632fbf6ee50b55-OSL
alt-svc: h3=":443"; ma=86400
www.bbjjjbz.icu/template/2419/images/d3.jpg
172.67.174.112200 OK 12 kB URL GET HTTP/3 www.bbjjjbz.icu/template/2419/images/d3.jpg
IP 172.67.174.112:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint55:87:2A:D4:ED:6E:83:6B:7E:2A:D5:53:7C:C6:B4:C1:2D:18:77:EC
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3
Hash 569c8b2e565f1f66d6ba7610d1cbabee
e526111abd1f24f70f9e107ee08966d1cad7b55d
914f856830ceb8578194b620e59a9695e6957b63b495239269bab8d4af271b5a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/2419/images/d3.jpg HTTP/1.1
Host: www.bbjjjbz.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.bbjjjbz.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 08:11:52 GMT
content-type: image/jpeg
content-length: 12318
last-modified: Wed, 16 Oct 2019 06:01:36 GMT
etag: "5da6b240-301e"
expires: Sat, 18 May 2024 08:11:52 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2b3fDefdylTbB1473hQvg0wS2EUIFJmelLnZQPCHphuWqVNvKvJ2PiPQ%2BYsBuc8c4v%2B9FBZQQKcBrnoq5uTtww%2FZwixOGfkAuWuOUlzg4fsMoJUcDobO6WLW7P89Kz5SJjs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87632fbf6eef0b55-OSL
alt-svc: h3=":443"; ma=86400
www.bbjjjbz.icu/template/2419/images/p6.jpg
172.67.174.112200 OK 6.5 kB URL GET HTTP/3 www.bbjjjbz.icu/template/2419/images/p6.jpg
IP 172.67.174.112:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint55:87:2A:D4:ED:6E:83:6B:7E:2A:D5:53:7C:C6:B4:C1:2D:18:77:EC
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3
Hash 0b394f4ac5a1e284f31fe7943d3322aa
8848d55d68d29f0035095021c336ae750512ed5d
d67961a42f5f3ab198d5ae13d26e37b58e43f81b89e7169f42a518b2e8b73a2e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/2419/images/p6.jpg HTTP/1.1
Host: www.bbjjjbz.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.bbjjjbz.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 08:11:52 GMT
content-type: image/jpeg
content-length: 6547
last-modified: Wed, 16 Oct 2019 06:01:36 GMT
etag: "5da6b240-1993"
expires: Sat, 18 May 2024 08:11:52 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WPwuzXSE%2B2tQ9cN3JeTl79zX54%2BEC0f9In7Lod5bpygVcJB0a3yTTg5Kb82oMj9ylIqAUTj1TnThBdj6nix7uYrsqLxy0Eb8a19SxVwWnvLNXleKi%2B8%2BdStYQxJCgZuzBoo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87632fbf6ef50b55-OSL
alt-svc: h3=":443"; ma=86400
www.bbjjjbz.icu/template/2419/images/d4.jpg
172.67.174.112200 OK 8.5 kB URL GET HTTP/3 www.bbjjjbz.icu/template/2419/images/d4.jpg
IP 172.67.174.112:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint55:87:2A:D4:ED:6E:83:6B:7E:2A:D5:53:7C:C6:B4:C1:2D:18:77:EC
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3
Hash 46a46d868759c1eb54d93a978d29e5f6
4ad03b65ffd623556db284ef2c1bc3eddbf474b1
9800842714964e2562c61db86867e432a442ae2c49a1e13bac4750b73eb63a41
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/2419/images/d4.jpg HTTP/1.1
Host: www.bbjjjbz.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.bbjjjbz.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 08:11:52 GMT
content-type: image/jpeg
content-length: 8512
last-modified: Wed, 16 Oct 2019 06:01:36 GMT
etag: "5da6b240-2140"
expires: Sat, 18 May 2024 08:11:52 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tcw%2BzRJUSlw1MDVh5VU8WpoyjzbQGn7xaFFsXLr0Ow2Nl7NOqM5WmkA65UP46RDE19WPgKD2YMFyd298VFIzs%2FJWixtwVhmy5PGYYgCmSUXSmJFz0X4SLzgAgRrpMDA3wQc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87632fbf6ef20b55-OSL
alt-svc: h3=":443"; ma=86400
www.bbjjjbz.icu/template/2419/images/s3.jpg
172.67.174.112200 OK 9.6 kB URL GET HTTP/3 www.bbjjjbz.icu/template/2419/images/s3.jpg
IP 172.67.174.112:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint55:87:2A:D4:ED:6E:83:6B:7E:2A:D5:53:7C:C6:B4:C1:2D:18:77:EC
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3
Hash 743bc3a42b8af73204857a9ba8232630
cfb7dc011dd14bc63200ebb60b29294650e4540e
9f85eea6d89f5517bbb59d55161b5a95f70fae07ea66438e9fe37797ea30875d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/2419/images/s3.jpg HTTP/1.1
Host: www.bbjjjbz.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.bbjjjbz.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 08:11:52 GMT
content-type: image/jpeg
content-length: 9621
last-modified: Wed, 16 Oct 2019 06:01:36 GMT
etag: "5da6b240-2595"
expires: Sat, 18 May 2024 08:11:52 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8CiBeROGlBkU2Ojf0hS07kxt8lj0MXmXK2e8twTHWcyl3HAyuriEVRiQD9JjpExp7bC0kaCOU7xjuKFcus5SVfF2cdH8UC69GFGdV6qO4V5O1y9kqOWiocbFSBDgc7OaIWs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87632fbf7f070b55-OSL
alt-svc: h3=":443"; ma=86400
www.bbjjjbz.icu/template/2419/images/s8.jpg
172.67.174.112200 OK 11 kB URL GET HTTP/3 www.bbjjjbz.icu/template/2419/images/s8.jpg
IP 172.67.174.112:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint55:87:2A:D4:ED:6E:83:6B:7E:2A:D5:53:7C:C6:B4:C1:2D:18:77:EC
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3
Hash 234318424a6cdae847cea83c9aeb9f78
f08521e669a1d97eb9f52c88423dbffb83c0a45d
b14b77d539b7a495e23b1de2d2b695dcda7e43695549db93e0b11491bbe50c48
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/2419/images/s8.jpg HTTP/1.1
Host: www.bbjjjbz.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.bbjjjbz.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 08:11:52 GMT
content-type: image/jpeg
content-length: 11334
last-modified: Wed, 16 Oct 2019 06:01:36 GMT
etag: "5da6b240-2c46"
expires: Sat, 18 May 2024 08:11:52 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rLmz7j4ssq0JM1DLdTwKdfEqiyOAARL7nGvrAatr5YqYW9rIVkFHNbqQzhu%2FkWpsVCB6ADIb2G36MHabUko0Ei2%2FZwFOtdnWGalcWFOpyYu5jPwdcSStbQs0h4AVe1Q%2BFjM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87632fbf8f110b55-OSL
alt-svc: h3=":443"; ma=86400
www.bbjjjbz.icu/template/2419/images/s4.jpg
172.67.174.112200 OK 9.6 kB URL GET HTTP/3 www.bbjjjbz.icu/template/2419/images/s4.jpg
IP 172.67.174.112:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint55:87:2A:D4:ED:6E:83:6B:7E:2A:D5:53:7C:C6:B4:C1:2D:18:77:EC
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3
Hash 36a5e927fd42b010817a5cab68463d80
1b840d87be2155105a560534e29effa1fe9f8a6a
9dbfacfd572086490814baab61ab418963263fb9180ea7717381bf4ca9362740
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/2419/images/s4.jpg HTTP/1.1
Host: www.bbjjjbz.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.bbjjjbz.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 08:11:52 GMT
content-type: image/jpeg
content-length: 9618
last-modified: Wed, 16 Oct 2019 06:01:36 GMT
etag: "5da6b240-2592"
expires: Sat, 18 May 2024 08:11:52 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RdtjN0quTaG%2F%2B2ziC8j4cBIeK5PrqNUeDOVxUw%2F9IEtcPWwtPPc3FkRJoQ7z%2FN2Zj8k9UXkPxQRjeusB6jCWCYScgq4avoYEWT5BKtjKOL7I%2FNHFQ4mu5NZv2TpQyCWaylQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87632fbf8f090b55-OSL
alt-svc: h3=":443"; ma=86400
www.bbjjjbz.icu/template/2419/images/p1.jpg
172.67.174.112200 OK 18 kB URL GET HTTP/3 www.bbjjjbz.icu/template/2419/images/p1.jpg
IP 172.67.174.112:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint55:87:2A:D4:ED:6E:83:6B:7E:2A:D5:53:7C:C6:B4:C1:2D:18:77:EC
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 385x453, components 3
Hash bef89bd07c046df706dca91a44702326
ffd031da41f85e3f755acc2188b68c258dcae0c9
6a9ebb811f6e7b89346a2e52b7f70f782c3b3ea3b754d12d3019d7f98c2bcaea
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/2419/images/p1.jpg HTTP/1.1
Host: www.bbjjjbz.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.bbjjjbz.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 08:11:52 GMT
content-type: image/jpeg
content-length: 18243
last-modified: Wed, 16 Oct 2019 06:01:36 GMT
etag: "5da6b240-4743"
expires: Sat, 18 May 2024 08:11:52 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y2kI1lEZrxP3I6wlrVYEYSGVTxA1HyCu5DSkJNWCc%2FA86YdnWN6OAUR6T2BZaapYLNTzX58zeCNHmU4QOJSACPok%2FpDA2DOeFov4OPiM4jp9aNq8iX5S9t6jgrIGNTzZ4BY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87632fbf6edd0b55-OSL
alt-svc: h3=":443"; ma=86400
www.lelifi.com/app/app.js?t=shang&c=google&mb=1
172.67.222.63200 OK 14 kB URL GET HTTP/2 www.lelifi.com/app/app.js?t=shang&c=google&mb=1
IP 172.67.222.63:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA7:86:67:95:65:3F:9F:95:2C:EB:56:1E:31:DA:D9:C2:31:58:79:9F
ValidityWed, 24 May 2023 00:00:00 GMT - Thu, 23 May 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (318)
Hash c05d24e915a484f17846a3e4439e9889
74d4704effd793730975184a1d4c1349da0c4376
fcd21023540b2560a62a75fdd6560bd2097ea5c23f788c40ec7d1c2299be902f
GET /app/app.js?t=shang&c=google&mb=1 HTTP/1.1
Host: www.lelifi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.bbjjjbz.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 08:11:52 GMT
content-type: application/javascript
last-modified: Thu, 04 Apr 2024 11:15:30 GMT
vary: Accept-Encoding
etag: W/"660e8bd2-fc6"
expires: Thu, 18 Apr 2024 20:03:18 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 514
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7wbjOHMwxdwEKUzBl7PQ0IlsDh%2FqwXemexWoHAY8Ds%2B6xKVhKrJhZpLvn%2BreQUeKEdGWZHIdliYz%2Fmxb3IcwvySZPJOeHIR%2BAhfm7Bgao3Qilee06Gg%2FR%2FF03Dm%2FvSgU9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87632fc5eb6e56ab-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.lelifi.com/app/app.js?t=xia&c=googleee&mb=1
172.67.222.63200 OK 5.9 kB URL GET HTTP/2 www.lelifi.com/app/app.js?t=xia&c=googleee&mb=1
IP 172.67.222.63:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA7:86:67:95:65:3F:9F:95:2C:EB:56:1E:31:DA:D9:C2:31:58:79:9F
ValidityWed, 24 May 2023 00:00:00 GMT - Thu, 23 May 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (318)
Hash c05d24e915a484f17846a3e4439e9889
74d4704effd793730975184a1d4c1349da0c4376
fcd21023540b2560a62a75fdd6560bd2097ea5c23f788c40ec7d1c2299be902f
GET /app/app.js?t=xia&c=googleee&mb=1 HTTP/1.1
Host: www.lelifi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.bbjjjbz.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 08:11:52 GMT
content-type: application/javascript
last-modified: Thu, 04 Apr 2024 11:15:30 GMT
vary: Accept-Encoding
etag: W/"660e8bd2-fc6"
expires: Thu, 18 Apr 2024 20:03:18 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 514
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n%2BEPHH7CA7jRDMsu6NeU5PTb5ugOunlQ3YLeXOkFV%2BpWPqtEgdesoUbCv6p778qTxfbRKUhVYar8wxZH2iyMR0W30WTsRx1ou48LYLLSAywt8dhJ08KYEmnM4i8ZzEqWfg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87632fc5eb7056ab-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.bbjjjbz.icu/template/2419/fonts/glyphicons-halflings-regular.woff2
172.67.174.112200 OK 18 kB URL GET HTTP/3 www.bbjjjbz.icu/template/2419/fonts/glyphicons-halflings-regular.woff2
IP 172.67.174.112:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint55:87:2A:D4:ED:6E:83:6B:7E:2A:D5:53:7C:C6:B4:C1:2D:18:77:EC
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 18028, version 1.589
Hash 448c34a56d699c29117adc64c43affeb
ca35b697d99cae4d1b60f2d60fcd37771987eb07
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/2419/fonts/glyphicons-halflings-regular.woff2 HTTP/1.1
Host: www.bbjjjbz.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.bbjjjbz.icu/template/2419/css/bootstrap.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 08:11:53 GMT
content-type: font/woff2
content-length: 18028
last-modified: Tue, 15 Oct 2019 07:59:32 GMT
etag: "5da57c64-466c"
cache-control: max-age=7200
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5IH3VipdHcsxN0DA0zpTjoLnX6aPkggnTgCRUGZgexh0lKEaQBj92c9%2F7l2O2ufbIfHGu6Bz6QoHD%2Fwlj6zoV%2B2AFZb%2FMOlRBK%2BeHrWwpCrOaHlLuYQyM2PGRyvOb9pBUNo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87632fc70e4c0b55-OSL
alt-svc: h3=":443"; ma=86400
www.bbjjjbz.icu/template/2419/images/banner1.jpg
172.67.174.112200 OK 24 kB URL GET HTTP/3 www.bbjjjbz.icu/template/2419/images/banner1.jpg
IP 172.67.174.112:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint55:87:2A:D4:ED:6E:83:6B:7E:2A:D5:53:7C:C6:B4:C1:2D:18:77:EC
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x435, components 3
Hash ec5614f9121bf00c0c724c964959378f
02d21d11dd07f43568b09aae006ec05832e5e237
7df6fd9abe41f39cc7c9c411538b90948af053ba7d325a28dc38aabc4d430e39
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/2419/images/banner1.jpg HTTP/1.1
Host: www.bbjjjbz.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.bbjjjbz.icu/template/2419/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 08:11:53 GMT
content-type: image/jpeg
content-length: 23500
last-modified: Wed, 16 Oct 2019 06:01:36 GMT
etag: "5da6b240-5bcc"
expires: Sat, 18 May 2024 08:11:53 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n%2FRnq543zBGzvVYTTzC1NUDYaPIsAwKyi5Ff5jkISksoLtQnermWEpc5oSG0MNHIGKfknqXfWwKX%2F9R8zsr1zfZR9Tpb6rYnVQHGERNeJ6n4IarDnP86r8HJyAt%2F41xbvBA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87632fc6fe330b55-OSL
alt-svc: h3=":443"; ma=86400
www.bbjjjbz.icu/template/2419/fonts/OleoScript-Bold.ttf
172.67.174.112200 OK 35 kB URL GET HTTP/3 www.bbjjjbz.icu/template/2419/fonts/OleoScript-Bold.ttf
IP 172.67.174.112:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint55:87:2A:D4:ED:6E:83:6B:7E:2A:D5:53:7C:C6:B4:C1:2D:18:77:EC
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type TrueType Font data, digitally signed, 17 tables, 1st "DSIG", 28 names, Macintosh
Hash abb6cf79b45303b3e2706dd63d483f23
48ef566a530cfa1b1d26d028e78c5a63b92e9c5a
7e4843c9d74233f00a2815954177e33758c1c42a08d218b11c131cf7d818f1d5
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/2419/fonts/OleoScript-Bold.ttf HTTP/1.1
Host: www.bbjjjbz.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.bbjjjbz.icu/template/2419/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 08:11:53 GMT
content-type: application/octet-stream
content-length: 34628
last-modified: Tue, 15 Oct 2019 07:59:32 GMT
etag: "5da57c64-8744"
cache-control: max-age=7200
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LGc2nNHVkyFvNlj0LRvzOBuTWtEqbtWmnODqIf3OEVMBC1n6XIL3afZ8%2BnOwVijzLRnRnWXQnbp%2BNzmEbH%2FuIFzdi8igl2HsEmv%2Focun2VqP23BF1JYUFsr2aWW%2FaKC0Oic%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87632fc71e550b55-OSL
alt-svc: h3=":443"; ma=86400
ia.51.la/go1?id=21586809&rt=1713427913118&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25EF%25BB%25BF%25E6%2595%25AC%25E5%2591%258A%253A%25E6%259C%25AA%25E6%25BB%25BF18%25E5%25B2%2581%25E8%2580%2585%25E8%25AB%258B%25E5%258B%25BF%25E9%2580%25B2%25E5%2585%25A5WWW722ZU.CONM_WW&ing=1&ekc=&sid=1713427913118&tt=WWW722ZU.CONM_WWW722ZUCONM_%25E4%25BA%25BA%25E4%25BA%25BA%25E9%25A6%2596%25E9%25A0%2581&kw=%25EF%25BB%25BFWWW722ZU.CONM_WWW722ZUCONM%252C%25E7%259C%258B%25E7%2589%2587X%25E5%258C%25BA%252C%25E6%2588%2590%25E4%25BA%25BA%25E9%25A6%2596%25E9%25A0%2581&cu=https%253A%252F%252Fwww.bbjjjbz.icu%252F&pu=
203.107.86.226200 0 B URL GET HTTP/1.1 ia.51.la/go1?id=21586809&rt=1713427913118&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25EF%25BB%25BF%25E6%2595%25AC%25E5%2591%258A%253A%25E6%259C%25AA%25E6%25BB%25BF18%25E5%25B2%2581%25E8%2580%2585%25E8%25AB%258B%25E5%258B%25BF%25E9%2580%25B2%25E5%2585%25A5WWW722ZU.CONM_WW&ing=1&ekc=&sid=1713427913118&tt=WWW722ZU.CONM_WWW722ZUCONM_%25E4%25BA%25BA%25E4%25BA%25BA%25E9%25A6%2596%25E9%25A0%2581&kw=%25EF%25BB%25BFWWW722ZU.CONM_WWW722ZUCONM%252C%25E7%259C%258B%25E7%2589%2587X%25E5%258C%25BA%252C%25E6%2588%2590%25E4%25BA%25BA%25E9%25A6%2596%25E9%25A0%2581&cu=https%253A%252F%252Fwww.bbjjjbz.icu%252F&pu=
IP 203.107.86.226:443
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Certificate IssuerGlobalSign nv-sa
Subject*.51.la
Fingerprint9E:F3:EB:9A:59:E9:6D:6E:48:13:64:78:3C:33:1D:AA:79:52:5B:79
ValidityThu, 20 Apr 2023 01:12:57 GMT - Tue, 21 May 2024 01:12:56 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=21586809&rt=1713427913118&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25EF%25BB%25BF%25E6%2595%25AC%25E5%2591%258A%253A%25E6%259C%25AA%25E6%25BB%25BF18%25E5%25B2%2581%25E8%2580%2585%25E8%25AB%258B%25E5%258B%25BF%25E9%2580%25B2%25E5%2585%25A5WWW722ZU.CONM_WW&ing=1&ekc=&sid=1713427913118&tt=WWW722ZU.CONM_WWW722ZUCONM_%25E4%25BA%25BA%25E4%25BA%25BA%25E9%25A6%2596%25E9%25A0%2581&kw=%25EF%25BB%25BFWWW722ZU.CONM_WWW722ZUCONM%252C%25E7%259C%258B%25E7%2589%2587X%25E5%258C%25BA%252C%25E6%2588%2590%25E4%25BA%25BA%25E9%25A6%2596%25E9%25A0%2581&cu=https%253A%252F%252Fwww.bbjjjbz.icu%252F&pu= HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.bbjjjbz.icu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Date: Thu, 18 Apr 2024 08:11:54 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: aliyungf_tc=be356a66beac007b0c06447785bc193589ed5d31c8d5cfb264f99a4668fc6244; Path=/; HttpOnly
acw_tc=ac11000117134279141865167e3bd7341f2e6857fe77030df7be9c0c81bc7d;path=/;HttpOnly;Max-Age=1800
collect-v6.51.la/v6/collect?dt=4
203.107.86.226403 0 B URL POST HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP 203.107.86.226:443
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Certificate IssuerGlobalSign nv-sa
Subject*.51.la
Fingerprint9E:F3:EB:9A:59:E9:6D:6E:48:13:64:78:3C:33:1D:AA:79:52:5B:79
ValidityThu, 20 Apr 2023 01:12:57 GMT - Tue, 21 May 2024 01:12:56 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 358
Origin: https://www.bbjjjbz.icu
DNT: 1
Connection: keep-alive
Referer: https://www.bbjjjbz.icu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403
Date: Thu, 18 Apr 2024 08:11:54 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: aliyungf_tc=2be796d595df1af5cdbcb858f40ea1c7b243a1871f4d2fdd243957d2a23ae08a; Path=/; HttpOnly
acw_tc=ac11000117134279142878078ef9c19b1689e44b123f870acd913c699dd977;path=/;HttpOnly;Max-Age=1800
Server: nginx
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: https://www.bbjjjbz.icu
Access-Control-Allow-Credentials: true
www.bbjjjbz.icu/template/2419/fonts/OpenSans-Regular.ttf
172.67.174.112200 OK 217 kB URL GET HTTP/3 www.bbjjjbz.icu/template/2419/fonts/OpenSans-Regular.ttf
IP 172.67.174.112:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint55:87:2A:D4:ED:6E:83:6B:7E:2A:D5:53:7C:C6:B4:C1:2D:18:77:EC
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type TrueType Font data, digitally signed, 19 tables, 1st "DSIG", 26 names, Macintosh, Digitized data copyright � 2010-2011, Google Corporation.Open SansRegularAscender - Open Sans Bu
Size 217 kB (217360 bytes)
Hash 629a55a7e793da068dc580d184cc0e31
3564ed0b5363df5cf277c16e0c6bedc5a682217f
e64e508b2aa2880f907e470c4550980ec4c0694d103a43f36150ac3f93189bee
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/2419/fonts/OpenSans-Regular.ttf HTTP/1.1
Host: www.bbjjjbz.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.bbjjjbz.icu/template/2419/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 08:11:54 GMT
content-type: application/octet-stream
content-length: 217360
last-modified: Tue, 15 Oct 2019 07:59:32 GMT
etag: "5da57c64-35110"
cache-control: max-age=7200
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r95hIvzUgFWXad%2FVKaNUV880nflGNcLdjLxtm5UUciLUTcHhBN2SCFgsFIuFCeft7AHgvVdJUVabKAQB15076fBSuYiKbSGiNzkHyvqsZjJRyr%2BN3SAGHDZ%2BYsW7aJ6Kr18%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87632fc70e480b55-OSL
alt-svc: h3=":443"; ma=86400
www.bbjjjbz.icu/Baidu.js
172.67.174.112200 OK 650 B IP 172.67.174.112:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint55:87:2A:D4:ED:6E:83:6B:7E:2A:D5:53:7C:C6:B4:C1:2D:18:77:EC
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (713), with no line terminators
Hash f3d8db1112ed688668e497065e675826
aec95e5ea8e74e953832529a7686d616e5b63e69
64c8ee37ff0f44f17f83b1da452f9a71fa0f2239b49febc1cb93ffecff5691e6
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /Baidu.js HTTP/1.1
Host: www.bbjjjbz.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.bbjjjbz.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 08:11:52 GMT
content-type: application/javascript
last-modified: Tue, 08 Aug 2023 02:09:30 GMT
etag: W/"64d1a3da-28a"
expires: Thu, 18 Apr 2024 20:11:52 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GCs6NHTFhcwkbudQVIZ1OLw5d%2BW2L%2FY8Jadh4SvJBT%2FvNyxKOMLFiFgAzlyU%2BnIDo65PWwtVfdq%2FWD1TA1cPBRrWLdgTFdC4ynpA90ATVXN1uVwvQbk%2FS%2FRXl87CrCUIYbs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87632fc05fd10b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
sdk.51.la/js-sdk-pro.min.js
47.246.44.243200 OK 34 kB URL GET HTTP/2 sdk.51.la/js-sdk-pro.min.js
IP 47.246.44.243:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Certificate IssuerGlobalSign nv-sa
Subject*.51.la
Fingerprint9E:F3:EB:9A:59:E9:6D:6E:48:13:64:78:3C:33:1D:AA:79:52:5B:79
ValidityThu, 20 Apr 2023 01:12:57 GMT - Tue, 21 May 2024 01:12:56 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.bbjjjbz.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 12846
date: Mon, 15 Apr 2024 18:22:53 GMT
x-oss-request-id: 661D707DDDD87E393288449D
x-oss-cdn-auth: success
accept-ranges: bytes
x-oss-object-type: Normal
x-oss-storage-class: Standard
content-md5: JLtSDpUX8u0+2Ye0aur3Iw==
x-oss-server-time: 3
ali-swift-global-savetime: 1713205373
via: cache15.l2de2[0,0,304-0,H], cache6.l2de2[0,0], ens-cache18.se2[0,0,200-0,H], ens-cache7.se2[1,0]
vary: Accept-Encoding
last-modified: Thu, 08 Jun 2023 02:24:34 GMT
x-oss-hash-crc64ecma: 5143829838470429443
content-encoding: gzip
age: 222539
x-cache: HIT TCP_MEM_HIT dirn:6:7882094
x-swift-savetime: Mon, 15 Apr 2024 18:23:21 GMT
x-swift-cachetime: 1295972
access-control-allow-origin: *
timing-allow-origin: *
eagleid: 2ff62c9b17134279128255615e
X-Firefox-Spdy: h2
www.bbjjjbz.icu/favicon.ico
172.67.174.112200 OK 1.2 kB URL GET HTTP/3 www.bbjjjbz.icu/favicon.ico
IP 172.67.174.112:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint55:87:2A:D4:ED:6E:83:6B:7E:2A:D5:53:7C:C6:B4:C1:2D:18:77:EC
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Hash 591676289e8a2b06c3fc31137810d2c0
f53c4f56f983f6b96198806a60624ba16741a156
2cab8e512dc07af44384a4e2c0e7020b04e03331affaa96aa54d489d6274e4de
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /favicon.ico HTTP/1.1
Host: www.bbjjjbz.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.bbjjjbz.icu/
Cookie: __vtins__K4aEPHJP2O3KBajx=%7B%22sid%22%3A%20%22eab57264-e0a3-555d-b52a-88a452b27979%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201713429712970%2C%20%22ct%22%3A%201713427912970%7D; __51uvsct__K4aEPHJP2O3KBajx=1; __51vcke__K4aEPHJP2O3KBajx=ccc3286f-dd91-5e02-8421-1f6e68ecfc6c; __51vuft__K4aEPHJP2O3KBajx=1713427912977; __tins__21586809=%7B%22sid%22%3A%201713427913118%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201713429713118%7D; __51cke__=; __51laig__=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 08:11:54 GMT
content-type: image/x-icon
last-modified: Thu, 17 Oct 2019 11:19:32 GMT
etag: W/"5da84e44-47e"
cache-control: max-age=7200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VXJ7BIZG6Q5JgcfguHawWdXiAy9IJewsWZHQqD37v3h%2FH88tmNu%2Bu4jG8Y6cEFuPO6CorqkfLgXj7LzZaWqXp7ExEKzoskKSljKk4TJEXP%2BTt1B%2FjothL%2BH07yyuwKaSoyE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87632fcf8f1f0b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.bbjjjbz.icu/template/2419/css/style.css
172.67.174.112200 OK 41 kB URL GET HTTP/3 www.bbjjjbz.icu/template/2419/css/style.css
IP 172.67.174.112:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint55:87:2A:D4:ED:6E:83:6B:7E:2A:D5:53:7C:C6:B4:C1:2D:18:77:EC
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type assembler source, ASCII text, with CRLF line terminators
Hash ca9d82101bc7c2bc541393f7ff97b5b4
7b28bb7777e679bb87575f49e044fc0d3ebc3d0c
bf5c8767deb7219562becc783c811cac6887c5a4f80f14d9b2329a520502e999
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/2419/css/style.css HTTP/1.1
Host: www.bbjjjbz.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.bbjjjbz.icu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 08:11:52 GMT
content-type: text/css
last-modified: Tue, 15 Oct 2019 07:59:30 GMT
vary: Accept-Encoding
etag: W/"5da57c62-9f8f"
expires: Thu, 18 Apr 2024 20:11:52 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KZ2oilqGIzd1f235SetVDCjPNqF0YJ6L91XmgitNrYPX%2B5YwsPHQzxS2tdayzZTTekFK0Hovfm619vqvVZ4ylYN7o03iYb0laXvjBnVNFejrXa4T%2BoB%2B6OhcRuWeU0KgWQE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87632fbf2e9b0b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
172.67.174.112200 OK 309 kB URL User Request GET HTTP/2 IP 172.67.174.112:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint55:87:2A:D4:ED:6E:83:6B:7E:2A:D5:53:7C:C6:B4:C1:2D:18:77:EC
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
Size 309 kB (308583 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET / HTTP/1.1
Host: www.bbjjjbz.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 08:11:51 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=7200
cf-cache-status: MISS
last-modified: Thu, 18 Apr 2024 08:11:51 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gBhPlJBseAc8ZaySiBJ9L3IpyWxTjiVB84OL%2Bd9fVoCTr%2B2KpVapX0J2ala%2BQ98yxHz25KjmPlkIg8mp%2F%2BOMMFdF%2Fjhn5IrLeBIzuSVESHRmdhOZCRbmmJ0y33i9%2BwOIFYI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87632fb7da0a0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
js.users.51.la/21586809.js
47.246.44.243200 OK 4.9 kB URL GET HTTP/1.1 js.users.51.la/21586809.js
IP 47.246.44.243:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Certificate IssuerGlobalSign nv-sa
Subject*.users.51.la
Fingerprint8E:9F:59:98:28:F2:49:A9:E1:19:45:C2:49:ED:B2:F6:B8:E1:C6:39
ValidityFri, 14 Apr 2023 03:17:41 GMT - Wed, 15 May 2024 03:17:40 GMT
File type JavaScript source, ASCII text, with very long lines (5147), with no line terminators
Hash 155d0c6085a3ac45652809af01214bee
70e042f13fd1e1d034aa0f068bd56dd64633107f
97d892bc2fedf8d1bc01079be67ab91fd8f03c01f73891b43540b47670dcd05e
GET /21586809.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.bbjjjbz.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript; charset=utf-8
Content-Length: 4898
Connection: keep-alive
Date: Thu, 18 Apr 2024 08:11:52 GMT
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: *
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Ali-Swift-Global-Savetime: 1713427913
Via: cache2.l2de2[169,168,200-0,M], cache2.l2de2[170,0], ens-cache3.se2[193,193,200-0,M], ens-cache19.se2[193,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Thu, 18 Apr 2024 08:11:53 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62ca717134279128322094e
www.bbjjjbz.icu/template/2419/css/bootstrap.css
172.67.174.112200 OK 142 kB URL GET HTTP/3 www.bbjjjbz.icu/template/2419/css/bootstrap.css
IP 172.67.174.112:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint55:87:2A:D4:ED:6E:83:6B:7E:2A:D5:53:7C:C6:B4:C1:2D:18:77:EC
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (540)
Size 142 kB (141452 bytes)
Hash 710f7f8b556f5ef72fb42dadc4f14db2
7f9b70c8fc6492d00120f6db593d61054404b46a
24d58616d94f25bbf4a21dcf082e5cfe91f45d9830dbc699ea3bf8fbea1a8c8e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /template/2419/css/bootstrap.css HTTP/1.1
Host: www.bbjjjbz.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.bbjjjbz.icu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 08:11:52 GMT
content-type: text/css
last-modified: Tue, 15 Oct 2019 07:59:30 GMT
vary: Accept-Encoding
etag: W/"5da57c62-2288c"
expires: Thu, 18 Apr 2024 20:11:51 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rEp2y%2BILeZhDgsQooCm9%2B80PQbYhCshxHQNv850WDGt%2F3qGTqb75HGkBzrBcbDcYnypZh5IcfZE2Np7YyRbBUxcjm0utgCySTx%2F4knoTafxjOot9RxO%2FpOoGyzq2RUT9dl4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87632fbf2e990b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.bbjjjbz.icu/Aquery.js
172.67.174.112200 OK 540 B URL GET HTTP/3 www.bbjjjbz.icu/Aquery.js
IP 172.67.174.112:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint55:87:2A:D4:ED:6E:83:6B:7E:2A:D5:53:7C:C6:B4:C1:2D:18:77:EC
ValiditySat, 29 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (556), with no line terminators
Hash 9988d60d2af7295734e3bd6d7acd296e
3e98c7ac2dde441b5fe9ab4666c2f206a15aebf1
553ac2cc49df373a2e138fb5d962a306250472c5785d33ec91de2957d188c976
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /Aquery.js HTTP/1.1
Host: www.bbjjjbz.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.bbjjjbz.icu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 08:11:52 GMT
content-type: application/javascript
last-modified: Tue, 08 Aug 2023 02:09:29 GMT
etag: W/"64d1a3d9-21c"
expires: Thu, 18 Apr 2024 20:11:52 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cF0vNvsa7eiB%2FKmY%2FYqPuaS9hGIv4uCDKVS%2B84CPWgXbY3F8mUO%2FFdwxHyOajkDO89hUvwfI7IQoMfStrxS40E4GdkFlDPtAY%2B7ZQn2NT2QzP9as0GFkLs8%2BygBfWI2mt%2B8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87632fbf2e9e0b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400