Report - mxdrop.to/e/nlp99q07s8m0rj

Report Overview

Visited public
2025-06-10 20:24:54
Tags
URL
mxdrop.to/e/nlp99q07s8m0rj
Finishing URL
mixdrop.my/e/nlp99q07s8m0rj
IP / ASN
172.67.199.178
#13335 CLOUDFLARENET
Title
mixdrop.my/e/nlp99q07s8m0rj

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
el.sokajecorin.com	unknown	unknown	No data	No data	422 B	1.6 kB	23.109.170.12
www.google.com	7	1997-09-15	2015-05-10	2025-06-04	462 B	1.8 kB	142.250.74.68
mxdrop.to	unknown	unknown	2024-12-15	2025-06-02	494 B	233 kB	188.114.96.1
mixdrop.my	unknown	unknown	2025-05-08	2025-06-04	3.9 kB	1.3 MB	104.21.15.238
mdstats.info	unknown	2024-02-08	2024-02-09	2025-06-04	408 B	2.1 kB	104.21.96.1
www.gstatic.com	unknown	2008-02-11	2012-05-29	2025-06-04	933 B	575 kB	142.250.74.99
code.jquery.com	634	2005-12-10	2012-05-21	2025-06-04	443 B	90 kB	151.101.130.137

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-06-10	medium	sokajecorin.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (15)

URL IP Response Size

mixdrop.my/player/videoplayer.2.1.4.min.js

104.21.15.238

200 OK

20 kB

URL GET
mixdrop.my/player/videoplayer.2.1.4.min.js
IP
104.21.15.238:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mixdrop.my/e/nlp99q07s8m0rj
Certificate
IssuerGoogle Trust Services
Subjectmixdrop.my
FingerprintEE:EC:18:05:37:E7:FE:BF:35:03:C8:B9:38:9F:92:78:4C:B9:10:3B
ValidityWed, 23 Apr 2025 21:25:33 GMT - Tue, 22 Jul 2025 22:21:38 GMT

File type
JavaScript source, ASCII text, with very long lines (20448)
Size
20 kB (20449 bytes)
Hash
de6800b974d1caaad589a67dc7c4a69d
8c8ee0e5caba51784721b8c45fb678294725f493
88fe020203238d6615bd3254e8252b1dd1182ea630eded21cc48c6aaaf4704c7

HTTP Headers

GET /player/videoplayer.2.1.4.min.js HTTP/1.1
Host: mixdrop.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mixdrop.my/e/nlp99q07s8m0rj
Cookie: PHPSESSID=jn3p70hotcbhlmcrqf7dki71cs
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 10 Jun 2025 20:24:33 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FSh4z%2FWmbY43pdB9meutOqGAl%2BkQBgEskBtxbP%2BjZJoD%2FwH1eCL5NnTChu2YXZr9ts5EaowGlPE83aTPAP8hKTW29b1gMJ9JeOXraMRgbj7XfPz9lgRfJ5Jr8I%2FG"}],"group":"cf-nel","max_age":604800}
last-modified: Sat, 04 May 2024 08:03:21 GMT
etag: "6635ebc9-4fe1"
expires: Tue, 08 Jul 2025 00:38:12 GMT
cache-control: public, max-age=2592000
content-encoding: gzip
age: 243981
cf-cache-status: HIT
vary: accept-encoding
cf-ray: 94db97cb29691bfe-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2634&min_rtt=531&rtt_var=1791&sent=280&recv=182&lost=0&retrans=0&sent_bytes=194217&recv_bytes=11513&delivery_rate=8781049&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=96000&unsent_bytes=0&cid=8c38f4fd51093f30&ts=491&inflight_dur=51&x=80"

mdstats.info/js/script.js

104.21.96.1

200 OK

1.3 kB

URL GET
mdstats.info/js/script.js
IP
104.21.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mixdrop.my/e/nlp99q07s8m0rj
Certificate
IssuerGoogle Trust Services
Subjectmdstats.info
FingerprintA2:73:39:AC:46:AF:F0:45:04:E9:D8:B4:14:68:0E:35:DC:C6:57:35
ValiditySun, 25 May 2025 14:37:18 GMT - Sat, 23 Aug 2025 15:34:54 GMT

File type
JavaScript source, ASCII text, with very long lines (1346), with no line terminators
Size
1.3 kB (1346 bytes)
Hash
abd4e2373b2e8c4dac2e80159641c5f1
e273656e58ca934d873204e68dd35670fde657ed
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94

HTTP Headers

GET /js/script.js HTTP/1.1
Host: mdstats.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mixdrop.my/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 10 Jun 2025 20:24:33 GMT
content-type: application/javascript
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
age: 13805
cf-cache-status: HIT
last-modified: Tue, 10 Jun 2025 16:34:28 GMT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=2ax50AehLUqfkQzQ7XoS%2B9ZmYG0KleUyebxgpffitGtcQVSh4HuRmU2H2%2FL%2F4Lt6oEEeSqQL2PTdvzF8VupWpxsAdv3M4bIJdBk%3D"}]}
content-encoding: br
cf-ray: 94db97cbaf440b49-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/GUGrl5YkSwpBsxsF3eY665Ye/recaptcha__en.js

142.250.74.99

200 OK

569 kB

URL GET
www.gstatic.com/recaptcha/releases/GUGrl5YkSwpBsxsF3eY665Ye/recaptcha__en.js
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://mixdrop.my/e/nlp99q07s8m0rj
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint41:FF:72:9C:74:6F:D4:D1:3B:A8:03:EB:55:D2:D2:09:7E:7A:44:DC
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
JavaScript source, ASCII text, with very long lines (552)
Size
569 kB (568942 bytes)
Hash
77533ec9585d46c3d6f0190d5150f169
21a5a0c7c432d43242dc38cd78ecae56cecc8812
e26714bbd1908c0b0028789de4bc5a01105b8f2756f3e4eac5f885959c4ab444

HTTP Headers

GET /recaptcha/releases/GUGrl5YkSwpBsxsF3eY665Ye/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mixdrop.my
DNT: 1
Connection: keep-alive
Referer: https://mixdrop.my/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
timing-allow-origin: *
content-length: 224457
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 10 Jun 2025 11:21:03 GMT
expires: Wed, 10 Jun 2026 11:21:03 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 26 May 2025 16:43:37 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 32612
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

mixdrop.my/imgs/v2/favicon-16x16.png

104.21.15.238

200 OK

1.2 kB

URL GET
mixdrop.my/imgs/v2/favicon-16x16.png
IP
104.21.15.238:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mixdrop.my/e/nlp99q07s8m0rj
Certificate
IssuerGoogle Trust Services
Subjectmixdrop.my
FingerprintEE:EC:18:05:37:E7:FE:BF:35:03:C8:B9:38:9F:92:78:4C:B9:10:3B
ValidityWed, 23 Apr 2025 21:25:33 GMT - Tue, 22 Jul 2025 22:21:38 GMT

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced
Size
1.2 kB (1162 bytes)
Hash
e0f38ab405ae4403be29778964115abf
fe542f0fe2250a0b704b530fe232dfa07ba9f6a2
c2961fcd62ac75d2cbf83a25449e2b5728ef245e13e175e94c43626fa9463d5d

HTTP Headers

GET /imgs/v2/favicon-16x16.png HTTP/1.1
Host: mixdrop.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mixdrop.my/e/nlp99q07s8m0rj
Cookie: PHPSESSID=jn3p70hotcbhlmcrqf7dki71cs
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 10 Jun 2025 20:24:35 GMT
content-type: image/png
content-length: 1162
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aI34WhCw27jlQ3%2B8em6OaCHdeONhKOZxWT3L%2FEY65N3FhrVLhRYtaLfgV9H0f9zHS3bD9JA1ZkKKPz%2FsNpnnh8bdo3XN6I4NOT6T3%2BZw2V4tjpmuacmk%2Fut7S3yQ"}],"group":"cf-nel","max_age":604800}
last-modified: Thu, 08 Jun 2023 12:41:50 GMT
etag: "6481cc8e-48a"
expires: Sat, 05 Jul 2025 13:36:09 GMT
cache-control: public, max-age=2592000
accept-ranges: bytes
age: 456506
cf-cache-status: HIT
cf-ray: 94db97d3b9d41bfe-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2916&min_rtt=531&rtt_var=1671&sent=363&recv=185&lost=0&retrans=0&sent_bytes=288866&recv_bytes=11935&delivery_rate=15048248&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=127200&unsent_bytes=0&cid=8c38f4fd51093f30&ts=1871&inflight_dur=66&x=80"

mixdrop.my/player/video.8.10.min.css

104.21.15.238

200 OK

46 kB

URL GET
mixdrop.my/player/video.8.10.min.css
IP
104.21.15.238:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mixdrop.my/e/nlp99q07s8m0rj
Certificate
IssuerGoogle Trust Services
Subjectmixdrop.my
FingerprintEE:EC:18:05:37:E7:FE:BF:35:03:C8:B9:38:9F:92:78:4C:B9:10:3B
ValidityWed, 23 Apr 2025 21:25:33 GMT - Tue, 22 Jul 2025 22:21:38 GMT

File type
ASCII text, with very long lines (45760), with no line terminators
Size
46 kB (45760 bytes)
Hash
9576cae2eb08f656230aed0e26732fbe
3f2acbd2eb0ddae7c5fa0ebd81a892760a809746
87590de8c7bcfa547adf9a7924bdb91a1733cb7ac308c40d5bbff34f82734dd9

HTTP Headers

GET /player/video.8.10.min.css HTTP/1.1
Host: mixdrop.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mixdrop.my/e/nlp99q07s8m0rj
Cookie: PHPSESSID=jn3p70hotcbhlmcrqf7dki71cs
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 10 Jun 2025 20:24:33 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DbQUUevBY%2BsDc0FkPaQ53BrP6M4RtccwEtEquoUtKMKdTdzx1Z1jeoMDaYzy1Aojwy%2BIGKiwurR3D%2FbXK9HNb%2FC0uCjqWoHbVkKKrgqE8jKYyiFUYS4mKeLm8YkH"}],"group":"cf-nel","max_age":604800}
last-modified: Wed, 17 Jan 2024 12:47:16 GMT
etag: "65a7cc54-b2c0"
expires: Tue, 08 Jul 2025 05:37:29 GMT
cache-control: public, max-age=2592000
content-encoding: gzip
age: 226023
cf-cache-status: HIT
vary: accept-encoding
cf-ray: 94db97caf9651bfe-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2985&min_rtt=531&rtt_var=2506&sent=128&recv=177&lost=0&retrans=0&sent_bytes=14175&recv_bytes=10792&delivery_rate=2503347&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=8c38f4fd51093f30&ts=476&inflight_dur=39&x=80"

code.jquery.com/jquery-3.6.0.min.js

151.101.130.137

200 OK

90 kB

URL GET
code.jquery.com/jquery-3.6.0.min.js
IP
151.101.130.137:443
ASN
#54113 FASTLY

Requested by
https://mixdrop.my/e/nlp99q07s8m0rj
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5
ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
90 kB (89501 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

HTTP Headers

GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mixdrop.my
DNT: 1
Connection: keep-alive
Referer: https://mixdrop.my/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 10 Jun 2025 20:24:33 GMT
age: 3655355
x-served-by: cache-lga21931-LGA, cache-hel1410034-HEL
x-cache: HIT, HIT
x-cache-hits: 71, 1102674
x-timer: S1749587074.851448,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2

mixdrop.my/e/nlp99q07s8m0rj

104.21.15.238

200 OK

232 kB

URL User Request GET
mixdrop.my/e/nlp99q07s8m0rj
IP
104.21.15.238:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectmixdrop.my
FingerprintEE:EC:18:05:37:E7:FE:BF:35:03:C8:B9:38:9F:92:78:4C:B9:10:3B
ValidityWed, 23 Apr 2025 21:25:33 GMT - Tue, 22 Jul 2025 22:21:38 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (47383), with LF, NEL line terminators
Size
232 kB (232400 bytes)
Hash
dc0da5a081b00037d45ae03daaae42db
217fee66a0120af29d260a8f440f03a252095ab6
f45ee990ae58060d8a28dc7e2c8f6a493cd69cf818bc5bd1ca31205bceaa9d0b

HTTP Headers

GET /e/nlp99q07s8m0rj HTTP/1.1
Host: mixdrop.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 10 Jun 2025 20:24:33 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=vve1VDQftuAwQoyWzlNLsDLRZS5po0jOeXUnllbEUIiH%2BQm0tdKdp9t8h5TJSzF2r8YVrCavS%2BNy18%2FZ%2BoSZp5nfNgrp4HR9"}]}
cf-cache-status: DYNAMIC
content-encoding: br
set-cookie: PHPSESSID=jn3p70hotcbhlmcrqf7dki71cs; SameSite=None; Secure; Path=/
cf-ray: 94db97c74bbeb4f7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

mixdrop.my/player/inc.js?v=2.0.2

104.21.15.238

200 OK

324 kB

URL GET
mixdrop.my/player/inc.js?v=2.0.2
IP
104.21.15.238:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mixdrop.my/e/nlp99q07s8m0rj
Certificate
IssuerGoogle Trust Services
Subjectmixdrop.my
FingerprintEE:EC:18:05:37:E7:FE:BF:35:03:C8:B9:38:9F:92:78:4C:B9:10:3B
ValidityWed, 23 Apr 2025 21:25:33 GMT - Tue, 22 Jul 2025 22:21:38 GMT

File type
JavaScript source, ASCII text, with very long lines (9051)
Size
324 kB (323726 bytes)
Hash
e3d5d56c809fdf1e0428268b2f5432a7
3ce886463256256c8e4fea995449509c9cd421c4
96b44eca420f26d66bc2102d47282fdb8ce40d8b67c7f57bbbd34725969fd1a5

HTTP Headers

GET /player/inc.js?v=2.0.2 HTTP/1.1
Host: mixdrop.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mixdrop.my/e/nlp99q07s8m0rj
Cookie: PHPSESSID=jn3p70hotcbhlmcrqf7dki71cs
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 10 Jun 2025 20:24:33 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tVvI5kAc7tvmsx4Z0eywqbZqE09Ieuv6kTi5OxZS7%2FWExQzypDuBL6wdLmXwzIQXBA3HziIFG%2FqxUWZO6iTlBgOH1dj6THDuv0%2FaV85JczpS%2BTw4PC3LCjC1HoUk"}],"group":"cf-nel","max_age":604800}
last-modified: Wed, 17 Apr 2024 11:36:00 GMT
etag: "661fb420-4f08e"
expires: Sat, 05 Jul 2025 04:11:18 GMT
cache-control: public, max-age=2592000
content-encoding: gzip
age: 490394
cf-cache-status: HIT
vary: accept-encoding
cf-ray: 94db97cb19681bfe-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3028&min_rtt=531&rtt_var=1966&sent=158&recv=178&lost=0&retrans=0&sent_bytes=50165&recv_bytes=10837&delivery_rate=3088584&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=24000&unsent_bytes=0&cid=8c38f4fd51093f30&ts=481&inflight_dur=43&x=80"

mixdrop.my/xads.js?v=2.0.1

104.21.15.238

200 OK

50 B

URL GET
mixdrop.my/xads.js?v=2.0.1
IP
104.21.15.238:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mixdrop.my/e/nlp99q07s8m0rj
Certificate
IssuerGoogle Trust Services
Subjectmixdrop.my
FingerprintEE:EC:18:05:37:E7:FE:BF:35:03:C8:B9:38:9F:92:78:4C:B9:10:3B
ValidityWed, 23 Apr 2025 21:25:33 GMT - Tue, 22 Jul 2025 22:21:38 GMT

File type
ASCII text
Size
50 B (50 bytes)
Hash
170cb502f8f209ca64ca4c271c7041e2
bdce5bceee905dacef001063aa1d9c5f3c8f693c
789581e03b9915bd79ea82a241817dcbbdeb1c240e540e9470fabf1998b41a6b

HTTP Headers

GET /xads.js?v=2.0.1 HTTP/1.1
Host: mixdrop.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mixdrop.my/e/nlp99q07s8m0rj
Cookie: PHPSESSID=jn3p70hotcbhlmcrqf7dki71cs
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 10 Jun 2025 20:24:33 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ySlAdCFdIT%2FmniXYmfVpPE%2BxjwQOZlWWkKPXq6AlnR%2BeuBdpgJbZJPq%2BymC3fFdPJOQ45PnN%2Bz3qx%2FQioSVCLFpNwyfAC7Fs2feOKVH7sjYMi7Pa1S8K6sDi8x1P"}],"group":"cf-nel","max_age":604800}
last-modified: Mon, 16 Nov 2020 14:17:06 GMT
etag: W/"5fb289e2-32"
expires: Fri, 04 Jul 2025 06:19:30 GMT
cache-control: public, max-age=2592000
age: 569103
cf-cache-status: HIT
content-encoding: br
cf-ray: 94db97cb296a1bfe-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2985&min_rtt=531&rtt_var=2045&sent=361&recv=183&lost=0&retrans=0&sent_bytes=288068&recv_bytes=11561&delivery_rate=15048248&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=127200&unsent_bytes=0&cid=8c38f4fd51093f30&ts=499&inflight_dur=57&x=80"

el.sokajecorin.com/si7MCVE6lXyG8/117018

23.109.170.12

200 OK

6 B

URL GET
el.sokajecorin.com/si7MCVE6lXyG8/117018
IP
23.109.170.12:443
ASN
#7979 SERVERS-COM

Requested by
https://mixdrop.my/e/nlp99q07s8m0rj
Certificate
IssuerLet's Encrypt
Subjectel.sokajecorin.com
FingerprintDB:AA:B2:AC:7F:9B:8A:76:82:E3:D4:3F:0E:82:BA:FE:1E:D9:F0:3F
ValidityFri, 16 May 2025 06:49:40 GMT - Thu, 14 Aug 2025 06:49:39 GMT

File type
ASCII text, with no line terminators
Size
6 B (6 bytes)
Hash
4fc71bf68a1d477bd1523733e34d1e90
15119105cffbe108b6cf290146ab02c9aa8517ba
74c1971a5c7f3f1cfb81b7a0a8717cee5a45841844104566e00bbfca271943ce

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /si7MCVE6lXyG8/117018 HTTP/1.1
Host: el.sokajecorin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mixdrop.my/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 10 Jun 2025 20:24:33 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 6
Connection: keep-alive
Keep-Alive: timeout=20
Vary: Origin
Access-Control-Expose-Headers: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Megageocheckolololo, X-Forwarded-For, X-Requested-With, Cache-Control, Pragma, Expires
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, OPTIONS
Set-Cookie: GGI10=G/IAAASeD7dNK/dmKv8IjKne3vVF23LHD4p/239bRbcCCoMg63NMJOcmHtdgLENcdVb9C/8fcU22F4TMszPXDn3bi0JM1sszQtMiPRle3iuF+nW+PadvTJQWghuEE2erh7OxP8CGug0ouFXNMz9sX8bofOhPVVBMTsv72LAiF5aGU46qKWF8uZ1fb+RKCE0MoKV13JEH4pvoZXocf6ywyRddqbWmm1R6/v8=; max-age=3600000; path=/; secure; SameSite=None
GUI4=G/gDAMRIp04r95OT6ECi2ZbXlKmVUfRDNNHq/c+tboiHQszEdl9md5hoHSQir3sjEjJxrxMS5srGlhZBEWEdknvyLM1tkP8V3CQYfHC8qlUWhW84OtVOXHJ++9EY1elN+5eVa9+0+XJsR84sW6d32ksc5soYwwBlpDXCMiRM2DYFWf4EDsYu7sV2zAu1w4tvBsHFdR0aOBfKTCdJHBBUow++IdIaOOpYAcG9ORVwlGgDBLITqeV6kA9QRoeG6McX6803cICgVFFc/DWP31hNXdz6K1d+aVpED7JRP1NtmVk2EpYVZPSiikhIvB8EqrMj6na0zukJOrIrH4WMwBkGR1moIl5r0uQTVIkjccsROFp8xX60JIddYhhsPa2n8RSeXsm7lCAG3KVncCeWepuTG/4ACaGZiRdKZcAn/hm9qrHOQRB+rGjnrrJ9qp4N1RdTsew4QjQGSkGI6ItEkjrSV1RaojqFalUXHjJlt8dAtdCPi8fRGFLRZYYc1IUY4/aKNfgongPCcIzKg72ncN0CJaFAIq64zJK7JWXyUpY8XH/02/wnjUnBVv0gGDpRmrSsHOE2eIyc1UAWzuxZSHacQBJiclkTrxyKArUn2A78SLgs0+MA; max-age=3600000; path=/; secure; SameSite=None
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

mixdrop.my/player/videoplayer.v2.4.min.css?v=2.0.1

104.21.15.238

200 OK

18 kB

URL GET
mixdrop.my/player/videoplayer.v2.4.min.css?v=2.0.1
IP
104.21.15.238:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mixdrop.my/e/nlp99q07s8m0rj
Certificate
IssuerGoogle Trust Services
Subjectmixdrop.my
FingerprintEE:EC:18:05:37:E7:FE:BF:35:03:C8:B9:38:9F:92:78:4C:B9:10:3B
ValidityWed, 23 Apr 2025 21:25:33 GMT - Tue, 22 Jul 2025 22:21:38 GMT

File type
ASCII text, with very long lines (13480)
Size
18 kB (17748 bytes)
Hash
478555429113e12686a7870d90e0c745
b6a76b657a7ab52cf13d25413a3f89d5995fbe4b
f35d48f37b13ddb029454c9a918180c82a0c106427791af37e465679bc93aec5

HTTP Headers

GET /player/videoplayer.v2.4.min.css?v=2.0.1 HTTP/1.1
Host: mixdrop.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mixdrop.my/e/nlp99q07s8m0rj
Cookie: PHPSESSID=jn3p70hotcbhlmcrqf7dki71cs
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 10 Jun 2025 20:24:33 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4Fo5TpRrTnXzKqrXJ64HuUUIi8pJe9W2pwXydmIA3aV9C7tPEY32kUIXW8qWlF0SXZW6NypFc5NHLqB0qeNitKISqBiOYSayzneN1Pcl2imtCi4UOuxDOOL9gbhh"}],"group":"cf-nel","max_age":604800}
last-modified: Wed, 06 Mar 2024 00:51:00 GMT
etag: "65e7bdf4-4554"
expires: Sat, 05 Jul 2025 00:25:35 GMT
cache-control: public, max-age=2592000
content-encoding: gzip
age: 503938
cf-cache-status: HIT
vary: accept-encoding
cf-ray: 94db97caf9661bfe-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3231&min_rtt=531&rtt_var=2685&sent=124&recv=176&lost=0&retrans=0&sent_bytes=9772&recv_bytes=10748&delivery_rate=518367&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=8c38f4fd51093f30&ts=473&inflight_dur=37&x=80"

www.google.com/recaptcha/api.js?render=6LetXaoUAAAAAB6axgg4WLG9oZ_6QLTsFXZj-5sd

142.250.74.68

200 OK

1.1 kB

URL GET
www.google.com/recaptcha/api.js?render=6LetXaoUAAAAAB6axgg4WLG9oZ_6QLTsFXZj-5sd
IP
142.250.74.68:443
ASN
#15169 GOOGLE

Requested by
https://mixdrop.my/e/nlp99q07s8m0rj
Certificate
IssuerGoogle Trust Services
Subjectwww.google.com
Fingerprint84:BD:0D:9A:51:CC:86:3E:E9:2F:6E:7C:2D:58:AC:4C:FB:B5:3D:8C
ValidityMon, 12 May 2025 08:44:44 GMT - Mon, 04 Aug 2025 08:44:43 GMT

File type
JavaScript source, ASCII text, with very long lines (1051), with no line terminators
Size
1.1 kB (1051 bytes)
Hash
3e9dfc1c633d605d8bb297b260d58b17
62eb7323a2c95800bdd05cf6e7f049767a32d45d
e83d7fae122f9b079c2f2e09f0807d8bcc8676fa35750918b9bc54be1b538190

HTTP Headers

GET /recaptcha/api.js?render=6LetXaoUAAAAAB6axgg4WLG9oZ_6QLTsFXZj-5sd HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mixdrop.my/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Tue, 10 Jun 2025 20:24:34 GMT
date: Tue, 10 Jun 2025 20:24:34 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

mixdrop.my/player/video.min.js?v=8.19

104.21.15.238

200 OK

634 kB

URL GET
mixdrop.my/player/video.min.js?v=8.19
IP
104.21.15.238:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mixdrop.my/e/nlp99q07s8m0rj
Certificate
IssuerGoogle Trust Services
Subjectmixdrop.my
FingerprintEE:EC:18:05:37:E7:FE:BF:35:03:C8:B9:38:9F:92:78:4C:B9:10:3B
ValidityWed, 23 Apr 2025 21:25:33 GMT - Tue, 22 Jul 2025 22:21:38 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65141)
Size
634 kB (634005 bytes)
Hash
1b57eb5452ebb18f777d224eb9b0fc06
57ab88b660bffe5f0edb59c871ad564fc5b447ba
0957d68a4f0298bad4d37b150b48cbb022f62ac9b660df7056dd6194f69e4dc0

HTTP Headers

GET /player/video.min.js?v=8.19 HTTP/1.1
Host: mixdrop.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mixdrop.my/e/nlp99q07s8m0rj
Cookie: PHPSESSID=jn3p70hotcbhlmcrqf7dki71cs
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 10 Jun 2025 20:24:33 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VtYTfZP2LWmXrATwtkAo7iBQA6mKIKU8tErZ6jUaLBK%2BLGHR03DrHbVP%2B9JZuqx6KOkBPJBBNSfPBdZf931vukgJjFxcmGRCICP1QXBxMtI2mZsM7nOE%2BnNDGamK"}],"group":"cf-nel","max_age":604800}
last-modified: Wed, 17 Jan 2024 12:47:07 GMT
etag: "65a7cc4b-9ac95"
expires: Fri, 04 Jul 2025 06:19:30 GMT
cache-control: public, max-age=2592000
content-encoding: gzip
age: 569103
cf-cache-status: HIT
vary: accept-encoding
cf-ray: 94db97cb19671bfe-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2985&min_rtt=531&rtt_var=2506&sent=138&recv=177&lost=0&retrans=0&sent_bytes=26175&recv_bytes=10792&delivery_rate=2503347&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=8c38f4fd51093f30&ts=476&inflight_dur=39&x=80"

www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

142.250.74.99

200 OK

4.3 kB

URL GET
www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://mixdrop.my/e/nlp99q07s8m0rj
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint41:FF:72:9C:74:6F:D4:D1:3B:A8:03:EB:55:D2:D2:09:7E:7A:44:DC
ValidityMon, 12 May 2025 08:44:01 GMT - Mon, 04 Aug 2025 08:44:00 GMT

File type
JavaScript source, ASCII text, with very long lines (1143)
Size
4.3 kB (4272 bytes)
Hash
b427175fa1078775eb792756e7b6d1e7
4c55c0233d3d9002b3449c025f97821f8bb8900d
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

HTTP Headers

GET /cv/js/sender/v1/cast_sender.js?loadCastFramework=1 HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mixdrop.my/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="cloudview"
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-length: 2007
date: Tue, 10 Jun 2025 20:24:34 GMT
expires: Tue, 10 Jun 2025 20:24:34 GMT
cache-control: private, max-age=3000
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

mxdrop.to/e/nlp99q07s8m0rj

188.114.96.1

302 Found

232 kB

URL User Request GET
mxdrop.to/e/nlp99q07s8m0rj
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectmxdrop.to
FingerprintCF:75:CF:F3:B2:F8:D6:65:84:D1:07:E4:45:E4:9A:A2:0E:26:28:1E
ValiditySun, 08 Jun 2025 15:29:38 GMT - Sat, 06 Sep 2025 16:28:18 GMT

File type

Size
232 kB (232400 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /e/nlp99q07s8m0rj HTTP/1.1
Host: mxdrop.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 10 Jun 2025 20:24:33 GMT
location: https://mixdrop.my/e/nlp99q07s8m0rj
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=8bA4%2BlEgsFnZKUtExd34pt092b7LG7SAD2Br6ZoCEghkDMMv6Sf%2BnK5udXaAfBoqlhvMKOFBud9H%2BzrhK0%2FlQdFh3ifAs9E%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
server: cloudflare
cf-ray: 94db97c64ac8b500-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (15)

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate