| the-shop.info/index.php?key=6zi4pbxfg961p6r2xrd9&visitor_id=812463880738447360&cost=0.009900&zoneid=7011606&campaignid=8170263&device=other&browser=firefox&os=android&osversion=android14&country=FR&language=fr&isp=psinetinc./ | 65.109.112.53 | 302 Found | 0 B |
URL User Request GET HTTP/1.1the-shop.info/index.php?key=6zi4pbxfg961p6r2xrd9&visitor_id=812463880738447360&cost=0.009900&zoneid=7011606&campaignid=8170263&device=other&browser=firefox&os=android&osversion=android14&country=FR&language=fr&isp=psinetinc./ IP65.109.112.53:443 ASN#24940 Hetzner Online GmbH
CertificateIssuerLet's Encrypt Subjectthe-shop.info Fingerprint8C:87:EE:C0:F4:90:24:F9:64:3B:1F:88:D3:D3:F4:D7:19:C7:E5:9E ValidityMon, 08 Apr 2024 18:30:37 GMT - Sun, 07 Jul 2024 18:30:36 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /index.php?key=6zi4pbxfg961p6r2xrd9&visitor_id=812463880738447360&cost=0.009900&zoneid=7011606&campaignid=8170263&device=other&browser=firefox&os=android&osversion=android14&country=FR&language=fr&isp=psinetinc./ HTTP/1.1
Host: the-shop.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.24.0
Date: Fri, 10 May 2024 07:37:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=e2ydvcj6; expires=Sat, 11-May-2024 19:37:45 GMT; Max-Age=129600; path=/; secure; SameSite=none
uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5; expires=Sat, 11-May-2024 19:37:45 GMT; Max-Age=129600; path=/; secure; SameSite=none
Location: https://ftgheeudxnlc.shop/index/index.php?lpkey=178e156632f972b765&isp=Blix%20Group%20As&uclick=e2ydvcj6&uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5
Strict-Transport-Security: max-age=31536000
|
|
| cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js | 104.17.25.14 | 200 OK | 28 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js IP104.17.25.14:443
Requested byhttps://ftgheeudxnlc.shop/index/index.php?lpkey=178e156632f972b765&isp=Blix%20Group%20As&uclick=e2ydvcj6&uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5 CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hash220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ftgheeudxnlc.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 07:37:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 27748
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15851"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 22004
expires: Wed, 30 Apr 2025 07:37:45 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=maUbomy6Q8zyCOOsnpOa%2BGm%2F5QOzuuDmft0QeTFXI4hEMA3u6WyztI9xa92BbKXw2UJga1dugj%2BihpOk5siMHkiyxqDHT%2BlQD95XXVyKqJKqQM%2BGxm1t6y8k2BfBAFi4yY5cepsU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8818440d9cc8b50c-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ftgheeudxnlc.shop/index/isp-loading1.gif | 188.114.96.1 | 200 OK | 1.5 kB |
URL GET HTTP/3ftgheeudxnlc.shop/index/isp-loading1.gif IP188.114.96.1:443
Requested byhttps://ftgheeudxnlc.shop/index/index.php?lpkey=178e156632f972b765&isp=Blix%20Group%20As&uclick=e2ydvcj6&uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5 CertificateIssuerLet's Encrypt Subjectftgheeudxnlc.shop Fingerprint6D:47:E0:CB:6D:60:6F:F7:94:04:0A:FB:B5:E7:7B:B4:C6:45:E3:60 ValiditySun, 07 Apr 2024 12:35:05 GMT - Sat, 06 Jul 2024 12:35:04 GMT
File typeGIF image data, version 89a, 25 x 25 Hashe77529aa1a83920de7897a4c5c5f9707 d78e86f851a13d500ffc9e84baab79b502392cbd 735ee02711d4d62d8cfba0c075237f227491a044441540d39f8c8203ccd54cea
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index/isp-loading1.gif HTTP/1.1
Host: ftgheeudxnlc.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ftgheeudxnlc.shop/index/index.php?lpkey=178e156632f972b765&isp=Blix%20Group%20As&uclick=e2ydvcj6&uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:37:45 GMT
content-type: image/gif
content-length: 1457
last-modified: Wed, 17 Feb 2021 14:05:24 GMT
etag: "602d22a4-5b1"
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dp7ocbysRtEkBA7GdajNdAU6oeoLPTfjBqfimFqEc9yDDZfsZQpy2jMweQE4q7NEfSTcILyIo0O%2Bek1Aq6zTTnxpUocbU8E8CgclHhsz%2BKEcEi22kAOFuPrDUkj3rmxbZQBL2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818440d7b1756c6-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ftgheeudxnlc.shop/index/isp-greenchk-1.jpg | 188.114.96.1 | 200 OK | 646 B |
URL GET HTTP/3ftgheeudxnlc.shop/index/isp-greenchk-1.jpg IP188.114.96.1:443
Requested byhttps://ftgheeudxnlc.shop/index/index.php?lpkey=178e156632f972b765&isp=Blix%20Group%20As&uclick=e2ydvcj6&uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5 CertificateIssuerLet's Encrypt Subjectftgheeudxnlc.shop Fingerprint6D:47:E0:CB:6D:60:6F:F7:94:04:0A:FB:B5:E7:7B:B4:C6:45:E3:60 ValiditySun, 07 Apr 2024 12:35:05 GMT - Sat, 06 Jul 2024 12:35:04 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 25x22, components 3 Hash3d0f87c98f70c57b535974b34862a8e9 ee98b5772fb273a6a97f023194696bb025ae85c6 8fccb5c96c54856548fbad584f0e41f72313b94b33ec32d328985b3267f4035e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index/isp-greenchk-1.jpg HTTP/1.1
Host: ftgheeudxnlc.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ftgheeudxnlc.shop/index/index.php?lpkey=178e156632f972b765&isp=Blix%20Group%20As&uclick=e2ydvcj6&uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:37:45 GMT
content-type: image/jpeg
content-length: 646
last-modified: Wed, 17 Feb 2021 14:05:26 GMT
etag: "602d22a6-286"
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lWELl2LZ4KRcxMKYCNRVJtGh5epe1tY9FFS15eugWdmzyiU4LbghV072oTOixLspmO%2FkPGA1rlE4wr6yxuPu3ymyEZEI30L3dHOOtFVICTKYwlOVqbToAfBIK%2B3Ma%2BhJgNq0NA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818440d7b1956c6-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ftgheeudxnlc.shop/index/isp-iphone11-2.png | 188.114.96.1 | 200 OK | 9.1 kB |
URL GET HTTP/3ftgheeudxnlc.shop/index/isp-iphone11-2.png IP188.114.96.1:443
Requested byhttps://ftgheeudxnlc.shop/index/index.php?lpkey=178e156632f972b765&isp=Blix%20Group%20As&uclick=e2ydvcj6&uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5 CertificateIssuerLet's Encrypt Subjectftgheeudxnlc.shop Fingerprint6D:47:E0:CB:6D:60:6F:F7:94:04:0A:FB:B5:E7:7B:B4:C6:45:E3:60 ValiditySun, 07 Apr 2024 12:35:05 GMT - Sat, 06 Jul 2024 12:35:04 GMT
File typePNG image data, 220 x 168, 8-bit colormap, non-interlaced Hash553384b165d1fa8e805fb062509221e8 1272815c6a64243da403bf998eaa7475aacbd210 fb9ca7349d5d4200bf5ded9b571a849a3cdce6c2237e26cb4c10464762124197
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index/isp-iphone11-2.png HTTP/1.1
Host: ftgheeudxnlc.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ftgheeudxnlc.shop/index/index.php?lpkey=178e156632f972b765&isp=Blix%20Group%20As&uclick=e2ydvcj6&uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:37:45 GMT
content-type: image/png
content-length: 9135
last-modified: Wed, 17 Feb 2021 14:05:24 GMT
etag: "602d22a4-23af"
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X%2BS1c6ZYuRWyVTI2DLLhdtZldTeEFvcCLw%2BOWxp89DJ4gFw4m77TricbbjfOyrDmpZvyJPYG2JuiId4zX3iseqZ2ZKhN2MHaKeGLXydLSEHjDZhPvH2m6GnnfiOT7%2FbvJkjgpw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818440d7b1f56c6-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ftgheeudxnlc.shop/index/note10.png | 188.114.96.1 | 200 OK | 33 kB |
URL GET HTTP/3ftgheeudxnlc.shop/index/note10.png IP188.114.96.1:443
Requested byhttps://ftgheeudxnlc.shop/index/index.php?lpkey=178e156632f972b765&isp=Blix%20Group%20As&uclick=e2ydvcj6&uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5 CertificateIssuerLet's Encrypt Subjectftgheeudxnlc.shop Fingerprint6D:47:E0:CB:6D:60:6F:F7:94:04:0A:FB:B5:E7:7B:B4:C6:45:E3:60 ValiditySun, 07 Apr 2024 12:35:05 GMT - Sat, 06 Jul 2024 12:35:04 GMT
File typePNG image data, 402 x 376, 8-bit colormap, non-interlaced Hash5aacc9ad24e522ec83285215d77124ad 85cd5284dd95c796d7400784a191cfb9d40eae58 7531d18074d86eba9d0ed1b39cc7fd94eb5f2474300157e3ec40fe54f4000451
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index/note10.png HTTP/1.1
Host: ftgheeudxnlc.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ftgheeudxnlc.shop/index/index.php?lpkey=178e156632f972b765&isp=Blix%20Group%20As&uclick=e2ydvcj6&uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:37:45 GMT
content-type: image/png
content-length: 32602
last-modified: Wed, 17 Feb 2021 14:04:58 GMT
etag: "602d228a-7f5a"
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qYBt7uEjdA8mHe1%2BNHWvKJT0rh6IWYm3vbJR5AmG2JCJn3p%2FXPD8EPONYnwVX74oxOY5Ehaq1TIcndEEEuQvZCHIIBxQSMWvVvZo6%2F7YjhXHycUiyj%2FQdNPRjFgWeBGrP8evqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818440d8b2856c6-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ftgheeudxnlc.shop/index/img/t-v6-1.png | 188.114.96.1 | 200 OK | 6.4 kB |
URL GET HTTP/3ftgheeudxnlc.shop/index/img/t-v6-1.png IP188.114.96.1:443
Requested byhttps://ftgheeudxnlc.shop/index/index.php?lpkey=178e156632f972b765&isp=Blix%20Group%20As&uclick=e2ydvcj6&uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5 CertificateIssuerLet's Encrypt Subjectftgheeudxnlc.shop Fingerprint6D:47:E0:CB:6D:60:6F:F7:94:04:0A:FB:B5:E7:7B:B4:C6:45:E3:60 ValiditySun, 07 Apr 2024 12:35:05 GMT - Sat, 06 Jul 2024 12:35:04 GMT
File typePNG image data, 100 x 100, 8-bit colormap, non-interlaced Hashf9dbc65a0a0a7a49a9a7c2ad4235c19e 0ef0d4aba0b8d3e3961ec30ac49e4d88ee79a13a 1687947df9d65fc9950e8bbad9a2b569e100a8fa61c3e18d168dbee3c1ed51e0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index/img/t-v6-1.png HTTP/1.1
Host: ftgheeudxnlc.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ftgheeudxnlc.shop/index/index.php?lpkey=178e156632f972b765&isp=Blix%20Group%20As&uclick=e2ydvcj6&uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:37:45 GMT
content-type: image/png
content-length: 6445
last-modified: Wed, 17 Feb 2021 14:05:32 GMT
etag: "602d22ac-192d"
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yWbDhhPyc4vmpqFFS24NGkg4K4jysCKCzDf3z36D1HtL4pJiPdgFg4DeL8wsLHivn8BBdRg3BSpINXhnDCLPjxpD5AHvQiRwwZ43D%2BWvvruc06T4ixSzFcbwIikPTgH0oU6bZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818440d8b2956c6-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ftgheeudxnlc.shop/index/img/t-v6-2.png | 188.114.96.1 | 200 OK | 6.6 kB |
URL GET HTTP/3ftgheeudxnlc.shop/index/img/t-v6-2.png IP188.114.96.1:443
Requested byhttps://ftgheeudxnlc.shop/index/index.php?lpkey=178e156632f972b765&isp=Blix%20Group%20As&uclick=e2ydvcj6&uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5 CertificateIssuerLet's Encrypt Subjectftgheeudxnlc.shop Fingerprint6D:47:E0:CB:6D:60:6F:F7:94:04:0A:FB:B5:E7:7B:B4:C6:45:E3:60 ValiditySun, 07 Apr 2024 12:35:05 GMT - Sat, 06 Jul 2024 12:35:04 GMT
File typePNG image data, 100 x 100, 8-bit colormap, non-interlaced Hash2bc416642a102c374e8e4f92834d2781 a510890ab5ec292fae76940aa1916953c7338e20 852f0cbd525e418f72b996e330696a8a38f872b1e2bb182b18a73c1080fa7058
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index/img/t-v6-2.png HTTP/1.1
Host: ftgheeudxnlc.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ftgheeudxnlc.shop/index/index.php?lpkey=178e156632f972b765&isp=Blix%20Group%20As&uclick=e2ydvcj6&uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:37:45 GMT
content-type: image/png
content-length: 6564
last-modified: Wed, 17 Feb 2021 14:05:32 GMT
etag: "602d22ac-19a4"
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uZPZOKydxn9OJ6JynndneLzKQbjiu127g%2FgeJ%2BET%2BXW38idYUOPVozr%2FDiw%2BnxU9%2BxQaAXMTfa1Me0anTgf%2F46o5Pfym4IVOlq2CPFOf8h79Wc%2Bj1r2rP3IaDgngTsAWfBkCOg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818440d8b2a56c6-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ftgheeudxnlc.shop/index/img/s20_comment1.jpg | 188.114.96.1 | 200 OK | 16 kB |
URL GET HTTP/3ftgheeudxnlc.shop/index/img/s20_comment1.jpg IP188.114.96.1:443
Requested byhttps://ftgheeudxnlc.shop/index/index.php?lpkey=178e156632f972b765&isp=Blix%20Group%20As&uclick=e2ydvcj6&uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5 CertificateIssuerLet's Encrypt Subjectftgheeudxnlc.shop Fingerprint6D:47:E0:CB:6D:60:6F:F7:94:04:0A:FB:B5:E7:7B:B4:C6:45:E3:60 ValiditySun, 07 Apr 2024 12:35:05 GMT - Sat, 06 Jul 2024 12:35:04 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 150x269, components 3 Hashf90f9eefd62b5275e7ffac00b9b52686 c7414e8b7aabc3dd21045fddd63c6e7f5b8bbeec 9239ec9a7f86227854f61bb3c1134b8f1a3f0815d1909795b321d48fdf8f9d37
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index/img/s20_comment1.jpg HTTP/1.1
Host: ftgheeudxnlc.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ftgheeudxnlc.shop/index/index.php?lpkey=178e156632f972b765&isp=Blix%20Group%20As&uclick=e2ydvcj6&uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:37:45 GMT
content-type: image/jpeg
content-length: 16101
last-modified: Fri, 23 Sep 2022 06:56:50 GMT
etag: "632d58b2-3ee5"
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3aJGAOiOye0tPLo%2BIBbxw8qIeZNwrCMyd4myelUWS%2FYoFBZQPJmsHdFMN%2BFdX%2F5%2F0ydeoJ%2FtSuqAF3pa5pp0pAIKGE0uw3PCALawET%2BfFyMoRQJOyVpP9S3TGRYVNb3nOoCAXw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818440d8b2d56c6-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ftgheeudxnlc.shop/index/isp-logo.png | 188.114.96.1 | 200 OK | 2.5 kB |
URL GET HTTP/3ftgheeudxnlc.shop/index/isp-logo.png IP188.114.96.1:443
Requested byhttps://ftgheeudxnlc.shop/index/index.php?lpkey=178e156632f972b765&isp=Blix%20Group%20As&uclick=e2ydvcj6&uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5 CertificateIssuerLet's Encrypt Subjectftgheeudxnlc.shop Fingerprint6D:47:E0:CB:6D:60:6F:F7:94:04:0A:FB:B5:E7:7B:B4:C6:45:E3:60 ValiditySun, 07 Apr 2024 12:35:05 GMT - Sat, 06 Jul 2024 12:35:04 GMT
File typePNG image data, 100 x 100, 8-bit colormap, non-interlaced Hash41f5877335f188c5e1e249c307b467a9 1d2c947b98fde0825c4ac752b4b686d8c7dd45ad 3e76fb1bd400d464ae7efd63266e36b6166ccf908de94a0c5e6b066a14e5f188
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index/isp-logo.png HTTP/1.1
Host: ftgheeudxnlc.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ftgheeudxnlc.shop/index/index.php?lpkey=178e156632f972b765&isp=Blix%20Group%20As&uclick=e2ydvcj6&uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:37:45 GMT
content-type: image/png
content-length: 2506
last-modified: Wed, 17 Feb 2021 14:05:24 GMT
etag: "602d22a4-9ca"
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YkCrE8CTUOjMO79Egw12arnJ3ZJs7t%2FwvXisnjw4ock0vOhKdJF8QAnDAaBZYjvmDH75TnU%2FkzoZRdT9eMTVcijKRMdp9M2XBylHVFrbfRW4ydzdCTACLVBntZeuQo6CjB%2FIXw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818440d7b0f56c6-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ftgheeudxnlc.shop/index/ultra.png | 188.114.96.1 | 200 OK | 33 kB |
URL GET HTTP/3ftgheeudxnlc.shop/index/ultra.png IP188.114.96.1:443
Requested byhttps://ftgheeudxnlc.shop/index/index.php?lpkey=178e156632f972b765&isp=Blix%20Group%20As&uclick=e2ydvcj6&uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5 CertificateIssuerLet's Encrypt Subjectftgheeudxnlc.shop Fingerprint6D:47:E0:CB:6D:60:6F:F7:94:04:0A:FB:B5:E7:7B:B4:C6:45:E3:60 ValiditySun, 07 Apr 2024 12:35:05 GMT - Sat, 06 Jul 2024 12:35:04 GMT
File typePNG image data, 150 x 190, 8-bit/color RGBA, non-interlaced Hash563bac82cb3328779786343daa4e656d 08b970ddb76ffe00fd5d5c7f74f01867b261728a a0bba5e6432d864e5d19d153b198b0a57b4d3ae15d13903db644891d36d9586d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index/ultra.png HTTP/1.1
Host: ftgheeudxnlc.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ftgheeudxnlc.shop/index/index.php?lpkey=178e156632f972b765&isp=Blix%20Group%20As&uclick=e2ydvcj6&uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:37:45 GMT
content-type: image/png
content-length: 33372
last-modified: Wed, 17 Feb 2021 14:04:58 GMT
etag: "602d228a-825c"
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CYikBZeEoVXCN9hSaqaiBxrZGSl9LtwbrLta7tIbU1z%2F2oLhGQ86ZkVkDS%2B%2FiGpgGsHRJiZlDnBVLKyC13N5R1PNuh1cgtg%2BIPKi8EPzwLz2TOKRt03AdX0NkECEJouP%2BDWiwg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818440d7b1556c6-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ftgheeudxnlc.shop/index/img/t-v6-3.png | 188.114.96.1 | 200 OK | 5.9 kB |
URL GET HTTP/3ftgheeudxnlc.shop/index/img/t-v6-3.png IP188.114.96.1:443
Requested byhttps://ftgheeudxnlc.shop/index/index.php?lpkey=178e156632f972b765&isp=Blix%20Group%20As&uclick=e2ydvcj6&uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5 CertificateIssuerLet's Encrypt Subjectftgheeudxnlc.shop Fingerprint6D:47:E0:CB:6D:60:6F:F7:94:04:0A:FB:B5:E7:7B:B4:C6:45:E3:60 ValiditySun, 07 Apr 2024 12:35:05 GMT - Sat, 06 Jul 2024 12:35:04 GMT
File typePNG image data, 100 x 100, 8-bit colormap, non-interlaced Hashfbddf5ad7297aaded0b36312c047913d f0f8ccd0f582130ed30bea86defb89c6f50a913c b984d9455bf8cb336cc821285d7c66812f4a38ca9483e63d50baed48dd3fd036
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index/img/t-v6-3.png HTTP/1.1
Host: ftgheeudxnlc.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ftgheeudxnlc.shop/index/index.php?lpkey=178e156632f972b765&isp=Blix%20Group%20As&uclick=e2ydvcj6&uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:37:45 GMT
content-type: image/png
content-length: 5857
last-modified: Wed, 17 Feb 2021 14:05:30 GMT
etag: "602d22aa-16e1"
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z09fjYQPs7CP6p8eUhW6ycoyfNWVujEiQ5j43XQNY4fNsIfypYQ8BY6RS7y1LDIACDN%2BhHifMF4EjL2cI7XQUXIPDfEfPtNrhvS5lXILsPSn7tyqBqKAhPDzv6OqaZlr%2FXuHRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818440d8b2e56c6-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ftgheeudxnlc.shop/index/img/t-v6-4.png | 188.114.96.1 | 200 OK | 8.1 kB |
URL GET HTTP/3ftgheeudxnlc.shop/index/img/t-v6-4.png IP188.114.96.1:443
Requested byhttps://ftgheeudxnlc.shop/index/index.php?lpkey=178e156632f972b765&isp=Blix%20Group%20As&uclick=e2ydvcj6&uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5 CertificateIssuerLet's Encrypt Subjectftgheeudxnlc.shop Fingerprint6D:47:E0:CB:6D:60:6F:F7:94:04:0A:FB:B5:E7:7B:B4:C6:45:E3:60 ValiditySun, 07 Apr 2024 12:35:05 GMT - Sat, 06 Jul 2024 12:35:04 GMT
File typePNG image data, 100 x 100, 8-bit colormap, non-interlaced Hash7db7d39fe8d41804a38d77b9673f503e daf3a78eca57ab6949437ee822f99a077ba1ff3a 8057f27640708e6209c8a19cdd2cd2cc3ecaeef8f5940f54f73b14bd04ed0e0d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index/img/t-v6-4.png HTTP/1.1
Host: ftgheeudxnlc.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ftgheeudxnlc.shop/index/index.php?lpkey=178e156632f972b765&isp=Blix%20Group%20As&uclick=e2ydvcj6&uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:37:45 GMT
content-type: image/png
content-length: 8106
last-modified: Wed, 17 Feb 2021 14:05:30 GMT
etag: "602d22aa-1faa"
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jglERqv3NsfpBZ46wjdHGMiySs%2BEBkb9%2BBZUyoz4i7xpHgG1bwsrEFBVpei91ynT50fEI19bP8cLi6JpqlINIYV0nYPwQ%2Fs1R2aqSkEQaXVNgwwLdggL8hhj6VdVy34rFbojvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818440d8b2f56c6-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ftgheeudxnlc.shop/index/img/s20_comment2.jpg | 188.114.96.1 | 200 OK | 18 kB |
URL GET HTTP/3ftgheeudxnlc.shop/index/img/s20_comment2.jpg IP188.114.96.1:443
Requested byhttps://ftgheeudxnlc.shop/index/index.php?lpkey=178e156632f972b765&isp=Blix%20Group%20As&uclick=e2ydvcj6&uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5 CertificateIssuerLet's Encrypt Subjectftgheeudxnlc.shop Fingerprint6D:47:E0:CB:6D:60:6F:F7:94:04:0A:FB:B5:E7:7B:B4:C6:45:E3:60 ValiditySun, 07 Apr 2024 12:35:05 GMT - Sat, 06 Jul 2024 12:35:04 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 200x200, components 3 Hasha9e4cd59be6114dfdec76393397498b6 452e793400244e4e2ff2adae1d3cb216511e487a 9b6384ca70110d9caf641050b2f9979bc832b64cff4affe3888a508d8efa876e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index/img/s20_comment2.jpg HTTP/1.1
Host: ftgheeudxnlc.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ftgheeudxnlc.shop/index/index.php?lpkey=178e156632f972b765&isp=Blix%20Group%20As&uclick=e2ydvcj6&uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:37:45 GMT
content-type: image/jpeg
content-length: 18039
last-modified: Fri, 23 Sep 2022 06:56:50 GMT
etag: "632d58b2-4677"
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DJ4BZqnStR01f1qucWrZlQ8FCSXFmcYon%2F87UP25ZFyheoNOeMzqtoQQ%2BKG27bTikT4Ge8FDfmyjrfq7OTOA2U9iu6wWkc7ZtRY3sAOPMl28lsuc8pRcq5hwo0IC3TTG57e09g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818440d8b3056c6-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ftgheeudxnlc.shop/index/img/t-v6-5.png | 188.114.96.1 | 200 OK | 8.3 kB |
URL GET HTTP/3ftgheeudxnlc.shop/index/img/t-v6-5.png IP188.114.96.1:443
Requested byhttps://ftgheeudxnlc.shop/index/index.php?lpkey=178e156632f972b765&isp=Blix%20Group%20As&uclick=e2ydvcj6&uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5 CertificateIssuerLet's Encrypt Subjectftgheeudxnlc.shop Fingerprint6D:47:E0:CB:6D:60:6F:F7:94:04:0A:FB:B5:E7:7B:B4:C6:45:E3:60 ValiditySun, 07 Apr 2024 12:35:05 GMT - Sat, 06 Jul 2024 12:35:04 GMT
File typePNG image data, 100 x 100, 8-bit colormap, non-interlaced Hashb472a2b485b9d5791bf192e620105733 99fa90c0304b8c684186910ac94ce0efb155e03c 8a2fc773bf2eab9e1059be22277b4475df051990a69cdff90ac134c73075dd32
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index/img/t-v6-5.png HTTP/1.1
Host: ftgheeudxnlc.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ftgheeudxnlc.shop/index/index.php?lpkey=178e156632f972b765&isp=Blix%20Group%20As&uclick=e2ydvcj6&uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:37:45 GMT
content-type: image/png
content-length: 8288
last-modified: Wed, 17 Feb 2021 14:05:28 GMT
etag: "602d22a8-2060"
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a7X8%2FlO9kRma2wHssrijC9OQv70deyfna6UoyKfxfkxc4Z4S0ZNclbCt5VF6VNlfVNsr1R6npLp7tYwvHEIjFdzTczkCAoXdjSnnnSz3kLWFgR08smGTh8dkKDcKbjm1CBCBSg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818440d8b3156c6-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ftgheeudxnlc.shop/index/f_guarantee.png | 188.114.96.1 | 200 OK | 5.5 kB |
URL GET HTTP/3ftgheeudxnlc.shop/index/f_guarantee.png IP188.114.96.1:443
Requested byhttps://ftgheeudxnlc.shop/index/index.php?lpkey=178e156632f972b765&isp=Blix%20Group%20As&uclick=e2ydvcj6&uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5 CertificateIssuerLet's Encrypt Subjectftgheeudxnlc.shop Fingerprint6D:47:E0:CB:6D:60:6F:F7:94:04:0A:FB:B5:E7:7B:B4:C6:45:E3:60 ValiditySun, 07 Apr 2024 12:35:05 GMT - Sat, 06 Jul 2024 12:35:04 GMT
File typePNG image data, 94 x 93, 8-bit colormap, non-interlaced Hashe96328a64e57e815f2ae881b330227b1 4b11d64b73ff7b3394278384576074da1f48ccee c49aa7c724f6637b861177d2da95e1da011570a970b38ce3043bf019f0f6d2b7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index/f_guarantee.png HTTP/1.1
Host: ftgheeudxnlc.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ftgheeudxnlc.shop/index/index.php?lpkey=178e156632f972b765&isp=Blix%20Group%20As&uclick=e2ydvcj6&uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:37:45 GMT
content-type: image/png
content-length: 5476
last-modified: Wed, 17 Feb 2021 14:05:36 GMT
etag: "602d22b0-1564"
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qfVzujGpvVm%2Bd6f3hIq2eAB0c8XuF49ElfZI0HhWQoZ7UuxNqKMsgiYmZddCNLyEZToTq%2FwAmcSQrDbQ9coNF14nhcOfhcWjWj5imqoYu1qXTH49b8fiaQ%2FP72bYoV3Yn4vYgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818440d8b3256c6-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ftgheeudxnlc.shop/index/f_secure_1.png | 188.114.96.1 | 200 OK | 7.9 kB |
URL GET HTTP/3ftgheeudxnlc.shop/index/f_secure_1.png IP188.114.96.1:443
Requested byhttps://ftgheeudxnlc.shop/index/index.php?lpkey=178e156632f972b765&isp=Blix%20Group%20As&uclick=e2ydvcj6&uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5 CertificateIssuerLet's Encrypt Subjectftgheeudxnlc.shop Fingerprint6D:47:E0:CB:6D:60:6F:F7:94:04:0A:FB:B5:E7:7B:B4:C6:45:E3:60 ValiditySun, 07 Apr 2024 12:35:05 GMT - Sat, 06 Jul 2024 12:35:04 GMT
File typePNG image data, 138 x 133, 8-bit colormap, non-interlaced Hashd20b7ca43d07211b60f8739c775a151e 153c13946ef3d3e6bcf3759eb4b5f072bf15a972 ca7696ce16353b1551bfe7eb4bab73d051c224f3dbb57b881af26c5823d6b7b2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index/f_secure_1.png HTTP/1.1
Host: ftgheeudxnlc.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ftgheeudxnlc.shop/index/index.php?lpkey=178e156632f972b765&isp=Blix%20Group%20As&uclick=e2ydvcj6&uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:37:45 GMT
content-type: image/png
content-length: 7929
last-modified: Wed, 17 Feb 2021 14:05:36 GMT
etag: "602d22b0-1ef9"
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IEvVZMKX256oSNVpyUQlv6rNHIRwbjz2UOm87WHjK1EZPSO55L0mfxM9yNGRzBNuU064R1e2Zaj7AJqqjoV4xQz8Cg3sZ%2BpE1k8SD4uvbRRuMTtjvxuzRaxrfqpHnsKZjXzr1w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818440d8b3356c6-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ftgheeudxnlc.shop/index/img/s20_comment2.jpg | 188.114.96.1 | 200 OK | 18 kB |
URL GET HTTP/3ftgheeudxnlc.shop/index/img/s20_comment2.jpg IP188.114.96.1:443
Requested byhttps://ftgheeudxnlc.shop/index/index.php?lpkey=178e156632f972b765&isp=Blix%20Group%20As&uclick=e2ydvcj6&uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5 CertificateIssuerLet's Encrypt Subjectftgheeudxnlc.shop Fingerprint6D:47:E0:CB:6D:60:6F:F7:94:04:0A:FB:B5:E7:7B:B4:C6:45:E3:60 ValiditySun, 07 Apr 2024 12:35:05 GMT - Sat, 06 Jul 2024 12:35:04 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 200x200, components 3 Hasha9e4cd59be6114dfdec76393397498b6 452e793400244e4e2ff2adae1d3cb216511e487a 9b6384ca70110d9caf641050b2f9979bc832b64cff4affe3888a508d8efa876e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index/img/s20_comment2.jpg HTTP/1.1
Host: ftgheeudxnlc.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ftgheeudxnlc.shop/index/index.php?lpkey=178e156632f972b765&isp=Blix%20Group%20As&uclick=e2ydvcj6&uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:37:46 GMT
content-type: image/jpeg
content-length: 18039
last-modified: Fri, 23 Sep 2022 06:56:50 GMT
etag: "632d58b2-4677"
cf-cache-status: HIT
age: 1
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ouoIbMfTze%2BaybS7E32rrCJ%2FD5ijSw4LYn35DuaRDszWd3S5X0wX1rIdPQvV6tBTPm1h%2BxhTBvHY71ST%2BgR9vUpg9KasRTLLeM3K8VYr9PYuTHgyQEXA%2BOlWNNTEtdhI6qrFrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818440e8c8b56c6-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ftgheeudxnlc.shop/index/img/s20.png | 188.114.96.1 | 200 OK | 24 kB |
URL GET HTTP/3ftgheeudxnlc.shop/index/img/s20.png IP188.114.96.1:443
Requested byhttps://ftgheeudxnlc.shop/index/index.php?lpkey=178e156632f972b765&isp=Blix%20Group%20As&uclick=e2ydvcj6&uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5 CertificateIssuerLet's Encrypt Subjectftgheeudxnlc.shop Fingerprint6D:47:E0:CB:6D:60:6F:F7:94:04:0A:FB:B5:E7:7B:B4:C6:45:E3:60 ValiditySun, 07 Apr 2024 12:35:05 GMT - Sat, 06 Jul 2024 12:35:04 GMT
File typePNG image data, 120 x 159, 8-bit/color RGB, non-interlaced Hashd384805b7283cb4a55e9285b3d1f5ebc a4ed4ba011ef70bdade55c6e1facbf31744b3943 6d882c4051b58d76f18cfae2171be93e1edd2c2614b69360d1a2e78a07d97e9b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index/img/s20.png HTTP/1.1
Host: ftgheeudxnlc.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ftgheeudxnlc.shop/index/index.php?lpkey=178e156632f972b765&isp=Blix%20Group%20As&uclick=e2ydvcj6&uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:37:46 GMT
content-type: image/png
content-length: 23506
last-modified: Fri, 23 Sep 2022 06:56:48 GMT
etag: "632d58b0-5bd2"
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MhlSfhZTqpggjUVJ1dv8%2BQwrqmYblTnr23cCYHALVq6Rg0U6zCGKI1BCaS2sKZn8YR%2FwdWr%2BwKAy7CchMt3YTo5TonHqdy2hN7ts7SAZ1gkqwLQpEtH8ShYzDq9wNpr4%2FvpNAg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818440e8c8956c6-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ftgheeudxnlc.shop/index/favicon-isp.png | 188.114.96.1 | 200 OK | 2.2 kB |
URL GET HTTP/3ftgheeudxnlc.shop/index/favicon-isp.png IP188.114.96.1:443
Requested byhttps://ftgheeudxnlc.shop/index/index.php?lpkey=178e156632f972b765&isp=Blix%20Group%20As&uclick=e2ydvcj6&uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5 CertificateIssuerLet's Encrypt Subjectftgheeudxnlc.shop Fingerprint6D:47:E0:CB:6D:60:6F:F7:94:04:0A:FB:B5:E7:7B:B4:C6:45:E3:60 ValiditySun, 07 Apr 2024 12:35:05 GMT - Sat, 06 Jul 2024 12:35:04 GMT
File typePNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced Hash60eb0dc8cc7745e3d0da9f35c7016a20 c7adf7f8946f44e59546db8ee3f881c3b48401fb ccbe0999fcbaed0e3d8a5121a9f5ac5af3306526cce928beadbc0c340770088a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index/favicon-isp.png HTTP/1.1
Host: ftgheeudxnlc.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ftgheeudxnlc.shop/index/index.php?lpkey=178e156632f972b765&isp=Blix%20Group%20As&uclick=e2ydvcj6&uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:37:46 GMT
content-type: image/png
content-length: 2174
last-modified: Wed, 17 Feb 2021 14:05:54 GMT
etag: "602d22c2-87e"
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zjlh5pTlbM75P2kpH8JtKuLRyUpzMYsHwgDI2WleCoqiODNhsHh934qS%2Bhd9wbdR70IwQDe00bW6W0PArH0A5IldDIP99SeLW4ctc82rUq6vUHnzUkSlK1y9YMCopdHf4QxQmw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818440f7e2556c6-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ip.nf/me.json | 3.73.104.221 | 200 OK | 254 B |
IP3.73.104.221:443
Requested byhttps://ftgheeudxnlc.shop/index/index.php?lpkey=178e156632f972b765&isp=Blix%20Group%20As&uclick=e2ydvcj6&uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5 CertificateIssuerLet's Encrypt Subjectip.nf FingerprintC3:D4:14:31:CF:C1:4F:5D:C4:46:F3:03:87:08:27:54:F2:B7:6D:46 ValiditySun, 14 Apr 2024 23:40:49 GMT - Sat, 13 Jul 2024 23:40:48 GMT
Hash7ee77928b92f62af3fe4b740de6f1a40 9c66c2951deb18e4a4550dd0ba3a553757bab9b0 394b5969965237c7dea346b42d7abdac52c05ce3f416b7e0c0da59a42d99ebbd
GET /me.json HTTP/1.1
Host: ip.nf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ftgheeudxnlc.shop
DNT: 1
Connection: keep-alive
Referer: https://ftgheeudxnlc.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://ftgheeudxnlc.shop
content-type: application/json
date: Fri, 10 May 2024 07:37:46 GMT
x-robots-tag: noindex
content-length: 254
X-Firefox-Spdy: h2
|
|
| ftgheeudxnlc.shop/index/isp-v1-css6.css | 188.114.96.1 | 200 OK | 10 kB |
URL GET HTTP/3ftgheeudxnlc.shop/index/isp-v1-css6.css IP188.114.96.1:443
Requested byhttps://ftgheeudxnlc.shop/index/index.php?lpkey=178e156632f972b765&isp=Blix%20Group%20As&uclick=e2ydvcj6&uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5 CertificateIssuerLet's Encrypt Subjectftgheeudxnlc.shop Fingerprint6D:47:E0:CB:6D:60:6F:F7:94:04:0A:FB:B5:E7:7B:B4:C6:45:E3:60 ValiditySun, 07 Apr 2024 12:35:05 GMT - Sat, 06 Jul 2024 12:35:04 GMT
File typeASCII text, with very long lines (6122), with no line terminators Hash20f9457b505b3fb4c7989733569158ec 9310522ab509b2b81f313473752ab5951c36aa0c ca3ea6d1fe5120e313bcbce9d4801fe23d609beedc46da2ce0fa34fc7d224c54
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index/isp-v1-css6.css HTTP/1.1
Host: ftgheeudxnlc.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ftgheeudxnlc.shop/index/index.php?lpkey=178e156632f972b765&isp=Blix%20Group%20As&uclick=e2ydvcj6&uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:37:45 GMT
content-type: text/css
last-modified: Wed, 17 Feb 2021 14:05:22 GMT
etag: W/"602d22a2-17ea"
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ey2lN7YVPB%2FC%2FCsSue90TWAdvcY%2FUrgC35sG5npCKjxJvDXR4cFFAz%2F6SSNYOXHC4WwLVK96YjiyfRusbqVBz%2Fbyiu5Svq9%2BBnqwte3GRrW2TzBVfOEdBqjhZiQA0uIrE8RHFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818440d6b0056c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ftgheeudxnlc.shop/index/isp-v1-css1.css | 188.114.96.1 | 200 OK | 5.4 kB |
URL GET HTTP/3ftgheeudxnlc.shop/index/isp-v1-css1.css IP188.114.96.1:443
Requested byhttps://ftgheeudxnlc.shop/index/index.php?lpkey=178e156632f972b765&isp=Blix%20Group%20As&uclick=e2ydvcj6&uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5 CertificateIssuerLet's Encrypt Subjectftgheeudxnlc.shop Fingerprint6D:47:E0:CB:6D:60:6F:F7:94:04:0A:FB:B5:E7:7B:B4:C6:45:E3:60 ValiditySun, 07 Apr 2024 12:35:05 GMT - Sat, 06 Jul 2024 12:35:04 GMT
File typeASCII text, with very long lines (5415), with no line terminators Hash2678c7ec26525c6e9cb3be600759c2e8 9645ee8d735b2a1fe2b1b298baf964d64bcf89c5 404e4b9aff110997a0bbecef33738ef571ac4ffc3572c268233508a7ba8f10e5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index/isp-v1-css1.css HTTP/1.1
Host: ftgheeudxnlc.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ftgheeudxnlc.shop/index/index.php?lpkey=178e156632f972b765&isp=Blix%20Group%20As&uclick=e2ydvcj6&uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 07:37:45 GMT
content-type: text/css
last-modified: Wed, 17 Feb 2021 14:05:22 GMT
etag: W/"602d22a2-1525"
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jk0I2XjsSfJBsNFuo0jrvuOEr8YgoRThQ%2Filrvi0YvFhMwVXnQlgiAWBb9i1ZO7Tt6jMjrdxYofbemzMOlbUoAqjTa8S5gbi4NFeb2H%2FFqmpqwKZ64rv0NlWqpMAgBKYC3rbzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8818440d7b0156c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ftgheeudxnlc.shop/index/lng/en.json | 188.114.96.1 | 200 OK | 4.0 kB |
URL GET HTTP/3ftgheeudxnlc.shop/index/lng/en.json IP188.114.96.1:443
Requested byhttps://ftgheeudxnlc.shop/index/index.php?lpkey=178e156632f972b765&isp=Blix%20Group%20As&uclick=e2ydvcj6&uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5 CertificateIssuerLet's Encrypt Subjectftgheeudxnlc.shop Fingerprint6D:47:E0:CB:6D:60:6F:F7:94:04:0A:FB:B5:E7:7B:B4:C6:45:E3:60 ValiditySun, 07 Apr 2024 12:35:05 GMT - Sat, 06 Jul 2024 12:35:04 GMT
File typeASCII text, with very long lines (4340), with no line terminators Hashf5f6090f5eefe1e10578a0c3bf46f438 a4e1e0ed8293554341a5b0b15cd73b8668180625 bcde2e2dadce01ff8dc5e9e308533f6aa0bc393d1d1efb26e4de71eaefa20574
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index/lng/en.json HTTP/1.1
Host: ftgheeudxnlc.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://ftgheeudxnlc.shop/index/index.php?lpkey=178e156632f972b765&isp=Blix%20Group%20As&uclick=e2ydvcj6&uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 07:37:46 GMT
content-type: application/json
last-modified: Wed, 17 Feb 2021 14:05:14 GMT
etag: W/"602d229a-f7c"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BmPH0kkZqrd3K3ckBX%2F94Fhvi412oHXhJHqYwdTPfAuLU%2FtjkmJVMtiAz6SiO5zttgvLtYPoLObDCo%2FJFz1tY%2B98htw5z5OvUYjejgGLQEiV8F5mf32q1K11Bj%2FWX%2BoEwC8GwA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8818440e8c8c56c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ftgheeudxnlc.shop/index/flags/no.svg | 188.114.96.1 | 404 Not Found | 146 B |
URL GET HTTP/3ftgheeudxnlc.shop/index/flags/no.svg IP188.114.96.1:443
Requested byhttps://ftgheeudxnlc.shop/index/index.php?lpkey=178e156632f972b765&isp=Blix%20Group%20As&uclick=e2ydvcj6&uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5 CertificateIssuerLet's Encrypt Subjectftgheeudxnlc.shop Fingerprint6D:47:E0:CB:6D:60:6F:F7:94:04:0A:FB:B5:E7:7B:B4:C6:45:E3:60 ValiditySun, 07 Apr 2024 12:35:05 GMT - Sat, 06 Jul 2024 12:35:04 GMT
File typeHTML document, ASCII text, with no line terminators Hash40b3fc14254227ec5012d996bf90c4e1 b0dd06eb5a779151151101337889ff09953f8ac0 740816c1b61e4a8443c26d30d3eecfea04815fca8cd605a142f9d8a35f86ceca
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index/flags/no.svg HTTP/1.1
Host: ftgheeudxnlc.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ftgheeudxnlc.shop/index/index.php?lpkey=178e156632f972b765&isp=Blix%20Group%20As&uclick=e2ydvcj6&uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Fri, 10 May 2024 07:37:46 GMT
content-type: text/html
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TB%2FoQPb4fxtnoDNaFXf2xxPT20LByphopBqBvs61DrIM%2FyHPIuQ38hzqNLGMHddRr%2Fvgr0QMX9n0G20Uz5Ho9Z%2FvblKw6WrYaCjmAj38CYQa9WIZdhkdykIP5eysb2%2Baq%2Bf%2F5g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88184410d85356c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ftgheeudxnlc.shop/index/index.php?lpkey=178e156632f972b765&isp=Blix%20Group%20As&uclick=e2ydvcj6&uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5 | 188.114.96.1 | 200 OK | 34 kB |
URL User Request GET HTTP/2ftgheeudxnlc.shop/index/index.php?lpkey=178e156632f972b765&isp=Blix%20Group%20As&uclick=e2ydvcj6&uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5 IP188.114.96.1:443
CertificateIssuerLet's Encrypt Subjectftgheeudxnlc.shop Fingerprint6D:47:E0:CB:6D:60:6F:F7:94:04:0A:FB:B5:E7:7B:B4:C6:45:E3:60 ValiditySun, 07 Apr 2024 12:35:05 GMT - Sat, 06 Jul 2024 12:35:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index/index.php?lpkey=178e156632f972b765&isp=Blix%20Group%20As&uclick=e2ydvcj6&uclickhash=e2ydvcj6-e2ydvcj6-he0-52-nt-1z8w-gxwj-94a2a5 HTTP/1.1
Host: ftgheeudxnlc.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 07:37:45 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E1CZ26YlKmwY69ivoD4VawrBaqtJSJdZTupu84EriRlP4534lWLx5U10zxY8sSWnuQLer3utJvKcrm6PjTZ0s6e%2F31ATxj9FhB93irNR%2FpO4iiPzPn0Q%2FKUgPlgy7DEnfbSG1w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8818440bd9d60b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|