Report - freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html

Report Overview

Visited public
2023-12-03 04:49:55
Tags
URL
freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Finishing URL
freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Title
Download Litchi For dJI drones v4 26 3 Mod apk jimtechs biz - Freezer Center

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.google.no	25607	2001-02-26	2016-04-05 21:50:59	2023-12-02 08:10:52	581 B	578 B	142.250.74.163
cdn.cloudimagesb.com	23099	2020-10-06	2021-02-12 17:15:41	2023-12-02 07:44:55	1.9 kB	111 kB	45.133.44.9
swindlehumorfossil.com	unknown	unknown	No data	No data	500 B	467 B	173.233.139.164
proftrafficcounter.com	unknown	2023-11-16	2023-11-21 09:55:14	2023-12-02 05:19:04	441 B	421 B	18.184.210.76
pl21573344.toprevenuegate.com	unknown	unknown	No data	No data	459 B	24 kB	173.233.137.60
www.ezojs.com	41202	2017-10-23	2017-11-17 08:37:11	2023-12-01 00:06:14	416 B	125 kB	104.21.63.106
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-02 07:24:06	1.1 kB	55 kB	216.58.207.227
persecutionmachinery.com	unknown	2023-11-28	2023-11-28 10:00:57	2023-11-29 03:02:28	15 kB	47 kB	173.233.139.164
ka-f.fontawesome.com	3598	2012-10-18	2019-12-17 07:36:13	2023-12-02 05:10:02	486 B	61 kB	172.64.205.20
region1.analytics.google.com	unknown	1997-09-15	2022-03-17 12:26:33	2023-12-02 05:10:03	879 B	447 B	216.239.34.36
pl20706452.toprevenuegate.com	unknown	2023-10-20	2023-11-27 09:51:24	2023-11-27 09:51:24	457 B	10 kB	173.233.137.60
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-02 07:17:09	509 B	1.9 kB	142.250.74.106
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-12-02 07:32:34	433 B	94 kB	142.250.74.168
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21 01:06:24	2023-12-02 10:34:02	350 B	942 B	143.204.53.97
banquetunarmedgrater.com	unknown	2022-08-04	2022-08-04 17:12:50	2023-12-01 12:24:33	424 B	839 B	104.21.86.121
friendshipmale.com	unknown	2022-10-21	2022-10-21 14:15:25	2023-12-02 19:44:00	824 B	173 kB	104.21.234.32
kit.fontawesome.com	1868	2012-10-18	2019-12-16 20:51:31	2023-12-02 05:10:02	449 B	12 kB	104.18.40.68
freezer.center	unknown	2023-01-23	2023-01-24 11:26:17	2023-10-11 11:44:47	11 kB	246 kB	188.114.97.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-03	medium	toprevenuegate.com	Sinkholed
2023-12-03	medium	toprevenuegate.com	Sinkholed
2023-12-02	medium	persecutionmachinery.com	Sinkholed
2023-12-02	medium	persecutionmachinery.com	Sinkholed
2023-12-02	medium	persecutionmachinery.com	Sinkholed
2023-12-02	medium	persecutionmachinery.com	Sinkholed
2023-12-02	medium	persecutionmachinery.com	Sinkholed
2023-12-02	medium	persecutionmachinery.com	Sinkholed
2023-12-02	medium	persecutionmachinery.com	Sinkholed
2023-12-02	medium	persecutionmachinery.com	Sinkholed
2023-12-02	medium	persecutionmachinery.com	Sinkholed
2023-12-02	medium	persecutionmachinery.com	Sinkholed
2023-12-02	medium	swindlehumorfossil.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (20)

	URL	From	Size	First Seen	Last Seen
	freezer.center/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	ScriptElement	12 kB	2023-03-07	2025-05-09
Pretty URL freezer.center/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 11:36 Times Seen31216 Hash 88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Loading...

	unknown	ScriptElement	247 B	2024-08-20	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 16:59 Last Seen2024-08-20 16:59 Times Seen1 Hash 386a504acdb0fa0fbb6f7e0e3bac3988 7a29598a4e3ff8d3ab844d86049a41a1f670e515 6f1da3e63bc2f7dc8b89d718985822f89e1d3ecf74e15807face2888b18abaf0 Loading...

	freezer.center/styles/freezer/js/bootstrap.min.js	ScriptElement	58 kB	2023-03-07	2025-05-09
Pretty URL freezer.center/styles/freezer/js/bootstrap.min.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 11:22 Times Seen11641 Hash e1d98d47689e00f8ecbc5d9f61bdb42e 6778fed3cf095a318141a31f455c8f4663885bde 0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b Loading...

	unknown	ScriptElement	343 B	2023-03-07	2025-01-07
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:01 Last Seen2025-01-07 01:28 Times Seen11 Hash 8817838b7725da187b574a96d5e2bdc0 0a7c7b940bdc2766ff130a2fd2f5dbd603316c8d 74df25d8c072932910b7d554150bee34a53cad16243a086400d692df6a98be74 Loading...

	persecutionmachinery.com/65/aa/28/65aa283021630dfd9030555c4c61a78c.js	ScriptElement	60 kB	2023-12-03	2023-12-03
Pretty URL persecutionmachinery.com/65/aa/28/65aa283021630dfd9030555c4c61a78c.js IP 173.233.137.52 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-03 05:50 Last Seen2023-12-03 05:50 Times Seen1 Hash a3a6804707b9f4f5b7f8bf9d50e5cf4b 2f1f693f9931606747ff986014360e5e50096e3d 3a6e64992fb73fb235d3d7867216eaee739dfc3b9e5bc09370a5cb2908d2132f Loading...

	friendshipmale.com/sfp.js	ScriptElement	86 kB	2023-11-23	2024-08-20
Pretty URL friendshipmale.com/sfp.js IP 104.21.234.32 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-23 18:35 Last Seen2024-08-20 18:08 Times Seen6307 Hash 924e967bca1d599992556a8d139b1c5a 222b09dbf164ddc03d39100fd0524a22018d28b2 ac84c2f8288b59f8e04ba77287ce696052bfeee0d462a566d94dc305df646c95 Loading...

	freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html	ScriptElement	1.1 kB	2024-08-20	2024-08-20
Pretty URL freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:59 Last Seen2024-08-20 16:59 Times Seen1 Hash 457e46b3fcb9dd0e013aa9386c5f4028 d92e5f14df2c9a4a70721bd8fe9d1e273e884dc0 763f674654a3bfd13154b5d94b2effbc72d707b131b5f07f0d2f134c6803592c Loading...

	freezer.center/cdn-cgi/challenge-platform/scripts/jsd/main.js	ScriptElement	7.4 kB	2023-12-03	2023-12-03
Pretty URL freezer.center/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-03 05:50 Last Seen2023-12-03 06:19 Times Seen2 Hash 2b0fa2b354eab02cda9fd486bb7ef2cb a953cdfbafaff3efeb2727205b91a2b277016750 e4255cc8e9c9f4e3ca0f889a670881e89fb31c878d3661495e9a87bee44fd7b0 Loading...

	unknown	ScriptElement	226 B	2023-12-03	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-03 05:50 Last Seen2024-08-20 16:59 Times Seen3 Hash ac9dc164254b8cf935e0d97181e8b5e7 b15f3645640adf1d5cf5996717a614f7e6e775e4 943eafde55e53d544110f9d9894d99e9fb473b2f3f443c85cb0faa86bfb836f2 Loading...

	www.ezojs.com/ezoic/sa.min.js	ScriptElement	124 kB	2023-12-01	2023-12-11
Pretty URL www.ezojs.com/ezoic/sa.min.js IP 104.21.63.106 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-01 19:57 Last Seen2023-12-11 23:58 Times Seen39 Hash e028a91506dc47ab502e5ed4faddf4ef 17fb55466dc7d5c90ca5dd6d28ab56851816ee67 5887ea0717fc39d653a3453200bea15c7aa04dc6d97ef19905f3dac89f7262ea Loading...

	www.googletagmanager.com/gtag/js?id=G-V6YQY2S72L	ScriptElement	285 kB	2023-12-03	2023-12-03
Pretty URL www.googletagmanager.com/gtag/js?id=G-V6YQY2S72L IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-03 05:50 Last Seen2023-12-03 05:50 Times Seen1 Hash 138775f918b4961462784fb142b7ce77 f05d72e47cecad6a405057bc1b3f289b4ae258b8 ed99c638748b02b04d0e2eba8792a6d95d7b98b2778670f3d62835aee6779763 Loading...

	unknown	ScriptElement	1.3 kB	2024-08-20	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 16:59 Last Seen2024-08-20 16:59 Times Seen1 Hash f8bbe5287ca34587df093a95d9ac09a6 e7c9e479e8c891ecebb4d1f1adbeece08247260b 59b86c8191c779dc777f7c6f90318743989de8aa708bae1069bea609737da94e Loading...

	pl20706452.toprevenuegate.com/625044db8d2ab49b798e6c22d54561bc/invoke.js	ScriptElement	25 kB	2023-12-03	2023-12-03
Pretty URL pl20706452.toprevenuegate.com/625044db8d2ab49b798e6c22d54561bc/invoke.js IP 173.233.137.60 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-03 05:50 Last Seen2023-12-03 05:50 Times Seen1 Hash 0bdddc51e73512ffb5b30938c6b2c8dd b9ffa4d813d519a55e262dd2a85bb1b174473cb3 f57c61800c55ad558b466bae3229ea439e733417b48fa43dbcc526ce6fec4ff3 Loading...

	freezer.center/plugins/progressive_uploader/ready.js?v=1701578976	ScriptElement	11 kB	2023-12-03	2024-08-20
Pretty URL freezer.center/plugins/progressive_uploader/ready.js?v=1701578976 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-03 05:50 Last Seen2024-08-20 16:59 Times Seen3 Hash 8e50a2f5b1fb7e3322af263e7282cbe5 e5edf6e9caa220306bb7b3bacf974aa7da95e888 e9c9da22a371319a054e6258e722b00a3178ba8a513f3cfe4105fd2954418933 Loading...

	banquetunarmedgrater.com/advertisers.js	ScriptElement	0 B	0001-01-01	2025-05-09
Pretty URL banquetunarmedgrater.com/advertisers.js IP 104.21.86.121 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-05-09 11:37 Times Seen4635637 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	unknown	ScriptElement	153 B	2023-12-03	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-03 05:50 Last Seen2024-08-20 16:59 Times Seen3 Hash c9c6d2dbec45ca2ae24d09cf0346e1d6 ac1a2940c7d346434803e1d29fd158409e096f43 e5b8813d7faaac6cd07a8d39b0037ad72e6e58e6b6156585fd52ca8791ec41a3 Loading...

	pl21573344.toprevenuegate.com/8f/ee/76/8fee76a52b8e866db1e52e8e0b86afc4.js	ScriptElement	60 kB	2023-12-03	2023-12-03
Pretty URL pl21573344.toprevenuegate.com/8f/ee/76/8fee76a52b8e866db1e52e8e0b86afc4.js IP 173.233.137.60 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-03 05:50 Last Seen2023-12-03 05:50 Times Seen1 Hash a05c9f25335beb96721e96985b7bb3a9 20b2ccc09882db7502eb373478739889bea2c8df 5810c433ef70837136ed3905930825f7a749a79553086e34006b7d2f1bfadf8b Loading...

	freezer.center/styles/freezer/js/jquery.min.js	ScriptElement	87 kB	2023-03-07	2025-05-09
Pretty URL freezer.center/styles/freezer/js/jquery.min.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 11:06 Times Seen57428 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	kit.fontawesome.com/d1ae51d6ab.js	ScriptElement	12 kB	2023-12-03	2024-08-20
Pretty URL kit.fontawesome.com/d1ae51d6ab.js IP 104.18.40.68 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-03 05:50 Last Seen2024-08-20 16:59 Times Seen6 Hash 1dfcee7cfff84d0d76c1e5b96fcf5662 7bb69256df6fa5c7e5d8368b38b9be36aeaddd1a f1b0d8f1417efe8dc0569af90f9e8ddffd5fba5ed06c3d5c6cbd5cf1dd69ec7b Loading...

	freezer.center/cdn-cgi/challenge-platform/scripts/jsd/main.js	ScriptElement	7.3 kB	2024-08-20	2024-08-20
Pretty URL freezer.center/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 16:59 Last Seen2024-08-20 16:59 Times Seen1 Hash 9d5cb10c6e9ef137fe88bfdd30397e30 23f2c1c42c39204c4c6562bbc05c7660eda52d0c 45b4f86a0295a0c1c9e4b4fc8dca643d7d2f539cee094b9bfb8b213511d4af26 Loading...

HTTP Transactions (49)

URL IP Response Size

freezer.center/styles/freezer/images/logo.png

188.114.97.1

200 OK

5.4 kB

URL GET HTTP/3
freezer.center/styles/freezer/images/logo.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Certificate
IssuerGoogle Trust Services LLC
Subjectfreezer.center
Fingerprint13:AE:64:07:75:2D:32:0A:9D:F1:5E:55:75:17:89:FC:C7:96:EC:21
ValidityTue, 14 Nov 2023 22:46:29 GMT - Mon, 12 Feb 2024 22:46:28 GMT

File type
PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size
5.4 kB (5395 bytes)
Hash
365aca0c599e0a2d2f6539bc3c85a7a6
4b7ec452e56aed89cd0070d6b32a3aec38635d92
4fa95da937cac9ecfa971f0a5fbd5f86e08034d9f0bbb59698d30ff5cc3cf761

HTTP Headers

GET /styles/freezer/images/logo.png HTTP/1.1
Host: freezer.center
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Cookie: PHPSESSID=7ee0ae58hn6t7e1f53k05cvsqs
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 03 Dec 2023 04:49:36 GMT
content-type: image/png
content-length: 5395
last-modified: Tue, 14 Feb 2023 20:54:01 GMT
etag: "1513-5f4af29c84c40"
cache-control: max-age=691200
cf-cache-status: HIT
age: 6126
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jbqlWREKwDrlKZa7sN7e7gBIpMnt3zcqwL%2BG%2FkqEFG54pFja%2FZYqu9%2F%2FiGVDJAnuhZSCNgx3NRXjGcat5TOCnwF358rGjl%2FZ3qziXaou58GZCxancJx6IxH53OxQjFFCiw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82f92f1a4da956b1-OSL
alt-svc: h3=":443"; ma=86400

freezer.center/styles/freezer/images/user.png

188.114.97.1

200 OK

926 B

URL GET HTTP/3
freezer.center/styles/freezer/images/user.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Certificate
IssuerGoogle Trust Services LLC
Subjectfreezer.center
Fingerprint13:AE:64:07:75:2D:32:0A:9D:F1:5E:55:75:17:89:FC:C7:96:EC:21
ValidityTue, 14 Nov 2023 22:46:29 GMT - Mon, 12 Feb 2024 22:46:28 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
926 B (926 bytes)
Hash
aa9bd79132e4813e897c913bd3652394
7f3a91479d93ad166af6f0b101a3d797903a995b
8fde5f16b5d4322fb4c2af586718106d48ffb9467e9ed7c426ce08bab354fd2f

HTTP Headers

GET /styles/freezer/images/user.png HTTP/1.1
Host: freezer.center
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Cookie: PHPSESSID=7ee0ae58hn6t7e1f53k05cvsqs
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 03 Dec 2023 04:49:36 GMT
content-type: image/png
content-length: 926
last-modified: Sat, 04 Feb 2023 16:23:10 GMT
etag: "39e-5f3e236bbf780"
cache-control: max-age=691200
cf-cache-status: HIT
age: 6126
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Begc%2F9iE3HBcbB18GECe0u9WBqPL6QcM7SeQspOJSd7CgBPAV6gU%2FPoMz50H7fSOliEkIjm7I1ii4uv8JmouVmy5upa4oFCaNouqQFjN39GCOOX%2FSgJFyWaGqpMV6XU3wA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82f92f1a4daa56b1-OSL
alt-svc: h3=":443"; ma=86400

freezer.center/styles/freezer/images/spin_lg.gif

188.114.97.1

200 OK

9.2 kB

URL GET HTTP/3
freezer.center/styles/freezer/images/spin_lg.gif
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Certificate
IssuerGoogle Trust Services LLC
Subjectfreezer.center
Fingerprint13:AE:64:07:75:2D:32:0A:9D:F1:5E:55:75:17:89:FC:C7:96:EC:21
ValidityTue, 14 Nov 2023 22:46:29 GMT - Mon, 12 Feb 2024 22:46:28 GMT

File type
GIF image data, version 89a, 64 x 64\012- data
Size
9.2 kB (9197 bytes)
Hash
b30b2d865e6bd5f06f597cf72e5dd2f9
e7eaf5292071011d5c5ff43fc38071b651f97b52
d68b71c1969caa98179d88a8505a34617ffdb3d5c8a2381319b3b870d036faac

HTTP Headers

GET /styles/freezer/images/spin_lg.gif HTTP/1.1
Host: freezer.center
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Cookie: PHPSESSID=7ee0ae58hn6t7e1f53k05cvsqs
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 03 Dec 2023 04:49:36 GMT
content-type: image/gif
content-length: 9197
last-modified: Sat, 04 Feb 2023 16:23:10 GMT
etag: "23ed-5f3e236bbf780"
cache-control: max-age=691200
cf-cache-status: HIT
age: 6098
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lWDJKfC%2FkHa9IXWen%2FogIZZn5LSZ6ied50MYDdvV17J2fB9LswBKsapR4IQSyxf2VPGHVJfihdH3zqBSUkESSTk%2ByURXQ7SSBwyAJSaL5KjrgZ00DRV4LOglb0iinOTmfA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82f92f1a4dac56b1-OSL
alt-svc: h3=":443"; ma=86400

freezer.center/go.php?go=queue

188.114.97.1

200 OK

43 B

URL GET HTTP/3
freezer.center/go.php?go=queue
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Certificate
IssuerGoogle Trust Services LLC
Subjectfreezer.center
Fingerprint13:AE:64:07:75:2D:32:0A:9D:F1:5E:55:75:17:89:FC:C7:96:EC:21
ValidityTue, 14 Nov 2023 22:46:29 GMT - Mon, 12 Feb 2024 22:46:28 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

HTTP Headers

GET /go.php?go=queue HTTP/1.1
Host: freezer.center
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Cookie: PHPSESSID=7ee0ae58hn6t7e1f53k05cvsqs
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 03 Dec 2023 04:49:36 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qJzVopDkwnBG3ZXQ6TIkcqYYDmmN%2Fs9ZfeJQZAgJmOsapIbhWLpZBhkdLEJ%2FMCwbWDYaFfUKQPpHIXdndxmLf6CtyS6YbkBfWx6shtcduS9zNEUG78gu64BFIdH%2BwsWCSA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f92f1a4dad56b1-OSL
alt-svc: h3=":443"; ma=86400

freezer.center/styles/freezer/css/bootstrap.min.css

188.114.97.1

200 OK

25 kB

URL GET HTTP/3
freezer.center/styles/freezer/css/bootstrap.min.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Certificate
IssuerGoogle Trust Services LLC
Subjectfreezer.center
Fingerprint13:AE:64:07:75:2D:32:0A:9D:F1:5E:55:75:17:89:FC:C7:96:EC:21
ValidityTue, 14 Nov 2023 22:46:29 GMT - Mon, 12 Feb 2024 22:46:28 GMT

File type
ASCII text, with very long lines (65324)
Size
25 kB (24895 bytes)
Hash
a15c2ac3234aa8f6064ef9c1f7383c37
6e10354828454898fda80f55f3decb347fd9ed21
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

HTTP Headers

GET /styles/freezer/css/bootstrap.min.css HTTP/1.1
Host: freezer.center
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Cookie: PHPSESSID=7ee0ae58hn6t7e1f53k05cvsqs
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 03 Dec 2023 04:49:36 GMT
content-type: text/css
last-modified: Sat, 04 Feb 2023 16:23:10 GMT
etag: W/"2606e-5f3e236bbf780-gzip"
vary: Accept-Encoding
cache-control: max-age=691200
cf-cache-status: HIT
age: 6127
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7wR2nW7HpopIqn%2BVA2BroFhGKPRNR6l46T7vPFcKswHQ2KMXdyaVMwqWUWHlgaT6FkcvrS4QyKgis7ZPaom6vbuFD0M1pP6qnL5XHoeTVgRZuMAfV3sUmB%2FR6mQc65MPbw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f92f1a4da756b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css?family=Delius+Swash+Caps%7CFjalla+One%7CRoboto+Slab%3A400%2C300%2C100%2C700&ver=6.1.1

142.250.74.106

200 OK

1.3 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Delius+Swash+Caps%7CFjalla+One%7CRoboto+Slab%3A400%2C300%2C100%2C700&ver=6.1.1
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
gzip compressed data, max compression\012- data
Size
1.3 kB (1305 bytes)
Hash
ba75b5b9afad6072da7965fb496d1dfc
2ea0176af58e64c88b09b8f08e59e47095e92a10
0e7199af0b9cd951d667d3d581df2e6e1c2ad06bb2617cd28866586bf575a2ec

HTTP Headers

GET /css?family=Delius+Swash+Caps%7CFjalla+One%7CRoboto+Slab%3A400%2C300%2C100%2C700&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freezer.center/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 03 Dec 2023 04:49:36 GMT
date: Sun, 03 Dec 2023 04:49:36 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/deliusswashcaps/v23/oY1E8fPLr7v4JWCExZpWebxVKORpXUeaIGY.woff2

216.58.207.227

200 OK

19 kB

URL GET HTTP/2
fonts.gstatic.com/s/deliusswashcaps/v23/oY1E8fPLr7v4JWCExZpWebxVKORpXUeaIGY.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18880, version 1.0\012- data
Size
19 kB (18880 bytes)
Hash
9adf81037565ded723836a395372e5b8
7111ce1fde11e8cd7bbe75c94de74385c62f05bc
781420e7df26291f584fa1d2f2f51caf69f96f2af87cb3b4616022d621c34722

HTTP Headers

GET /s/deliusswashcaps/v23/oY1E8fPLr7v4JWCExZpWebxVKORpXUeaIGY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://freezer.center
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18880
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 01 Dec 2023 00:50:39 GMT
expires: Sat, 30 Nov 2024 00:50:39 GMT
cache-control: public, max-age=31536000
age: 187137
last-modified: Thu, 24 Aug 2023 17:22:04 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2

216.58.207.227

200 OK

34 kB

URL GET HTTP/2
fonts.gstatic.com/s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 34328, version 1.0\012- data
Size
34 kB (34328 bytes)
Hash
6581ab53c220b5828e37162349375431
1922912ca5ab6eb5a55db138b183b38d066e85c8
a8e429611131e3fdc2018ec943a36100dbabb4aaa788c8dead6bdcf927917293

HTTP Headers

GET /s/robotoslab/v34/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://freezer.center
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34328
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:53:27 GMT
expires: Fri, 29 Nov 2024 04:53:27 GMT
cache-control: public, max-age=31536000
age: 258969
last-modified: Tue, 24 Oct 2023 01:54:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

freezer.center/styles/freezer/js/bootstrap.min.js

188.114.97.1

200 OK

16 kB

URL GET HTTP/3
freezer.center/styles/freezer/js/bootstrap.min.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Certificate
IssuerGoogle Trust Services LLC
Subjectfreezer.center
Fingerprint13:AE:64:07:75:2D:32:0A:9D:F1:5E:55:75:17:89:FC:C7:96:EC:21
ValidityTue, 14 Nov 2023 22:46:29 GMT - Mon, 12 Feb 2024 22:46:28 GMT

File type
ASCII text, with very long lines (57791)
Size
16 kB (16383 bytes)
Hash
e1d98d47689e00f8ecbc5d9f61bdb42e
6778fed3cf095a318141a31f455c8f4663885bde
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

HTTP Headers

GET /styles/freezer/js/bootstrap.min.js HTTP/1.1
Host: freezer.center
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Cookie: PHPSESSID=7ee0ae58hn6t7e1f53k05cvsqs
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 03 Dec 2023 04:49:36 GMT
content-type: application/javascript
last-modified: Sat, 04 Feb 2023 16:23:10 GMT
etag: W/"e2d8-5f3e236bbf780-gzip"
vary: Accept-Encoding
cache-control: max-age=691200
cf-cache-status: HIT
age: 6126
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LdoP3E2wJm1dRm2Xw0rAnokUfMLjUcSFJSWOyfEe3oqhiRiZkuT0bDBFf76gJTFXJUXPMLX9dJe2StBNGljSocD2gBrQGn9nvuF0rb8oLRvgazJvD9Ck7BHhtXQa7YQvZw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f92f1bae0556b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtag/js?id=G-V6YQY2S72L

142.250.74.168

200 OK

94 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-V6YQY2S72L
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (5955)
Size
94 kB (93928 bytes)
Hash
138775f918b4961462784fb142b7ce77
f05d72e47cecad6a405057bc1b3f289b4ae258b8
ed99c638748b02b04d0e2eba8792a6d95d7b98b2778670f3d62835aee6779763

HTTP Headers

GET /gtag/js?id=G-V6YQY2S72L HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freezer.center/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 03 Dec 2023 04:49:36 GMT
expires: Sun, 03 Dec 2023 04:49:36 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 93928
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

freezer.center/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js

188.114.97.1

200 OK

3.9 kB

URL GET HTTP/3
freezer.center/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Certificate
IssuerGoogle Trust Services LLC
Subjectfreezer.center
Fingerprint13:AE:64:07:75:2D:32:0A:9D:F1:5E:55:75:17:89:FC:C7:96:EC:21
ValidityTue, 14 Nov 2023 22:46:29 GMT - Mon, 12 Feb 2024 22:46:28 GMT

File type
ASCII text, with very long lines (7351), with no line terminators
Size
3.9 kB (3902 bytes)
Hash
2b0fa2b354eab02cda9fd486bb7ef2cb
a953cdfbafaff3efeb2727205b91a2b277016750
e4255cc8e9c9f4e3ca0f889a670881e89fb31c878d3661495e9a87bee44fd7b0

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js HTTP/1.1
Host: freezer.center
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=7ee0ae58hn6t7e1f53k05cvsqs
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 03 Dec 2023 04:49:36 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
vary: accept-encoding
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dPO%2B%2BbtFv00ifauqW34J2NKDkVQ%2B6nhYMUV3e5f%2FergVe1l4qE3OkaELDm%2BerbhsAGaOp%2Fo396Ot4L%2FygIjhNStgOzBCv0iFCE8%2FWE2VUGKamA4FpKH0u7FXRUmebORV6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f92f1cfe5f56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

pl20706452.toprevenuegate.com/625044db8d2ab49b798e6c22d54561bc/invoke.js

173.233.137.60

200 OK

9.3 kB

URL GET HTTP/1.1
pl20706452.toprevenuegate.com/625044db8d2ab49b798e6c22d54561bc/invoke.js
IP
173.233.137.60:443
ASN
#7979 SERVERS-COM

Requested by
https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Certificate
IssuerLet's Encrypt
Subjecttoprevenuegate.com
Fingerprint7D:44:5C:97:A8:B4:D2:87:5C:7C:4E:B7:DA:3A:38:99:85:00:67:40
ValidityFri, 20 Oct 2023 09:02:00 GMT - Thu, 18 Jan 2024 09:01:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (25101), with no line terminators
Size
9.3 kB (9291 bytes)
Hash
0bdddc51e73512ffb5b30938c6b2c8dd
b9ffa4d813d519a55e262dd2a85bb1b174473cb3
f57c61800c55ad558b466bae3229ea439e733417b48fa43dbcc526ce6fec4ff3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /625044db8d2ab49b798e6c22d54561bc/invoke.js HTTP/1.1
Host: pl20706452.toprevenuegate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freezer.center/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 04:49:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e1732d2bd1b416b2066f088eca0b3ccd
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

freezer.center/images/apple-touch-icon.png

188.114.97.1

200 OK

15 kB

URL GET HTTP/3
freezer.center/images/apple-touch-icon.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Certificate
IssuerGoogle Trust Services LLC
Subjectfreezer.center
Fingerprint13:AE:64:07:75:2D:32:0A:9D:F1:5E:55:75:17:89:FC:C7:96:EC:21
ValidityTue, 14 Nov 2023 22:46:29 GMT - Mon, 12 Feb 2024 22:46:28 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
15 kB (15250 bytes)
Hash
154acd3f3b5a218d703ee2f43b94061a
808705e6a532424a1280cbb15b36f1a41e89e256
378ebb4bc07fcb616099279b20ae289269584d796d54340418b601cfe75785b4

HTTP Headers

GET /images/apple-touch-icon.png HTTP/1.1
Host: freezer.center
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Cookie: PHPSESSID=7ee0ae58hn6t7e1f53k05cvsqs; cf_clearance=Ig4RA7gw.sEwvd8wqYsRbk1xjHy17yZ26sMpY4eusPI-1701578976-0-1-730ca2d2.73a07051.5b213570-0.2.1701578976
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 03 Dec 2023 04:49:37 GMT
content-type: image/png
content-length: 15250
last-modified: Tue, 14 Feb 2023 21:54:18 GMT
etag: "3b92-5f4b0015f5680"
cache-control: max-age=691200
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y7P%2Bquy%2B3aWCBA%2BGX94ueiJeG%2FvOPqfOcL%2BKfE6a9RE936aFB%2FH0o7DoFA%2FPmPAuZc%2BasTbZzO2MFnDrYi2OuMTtKZk7R4SQXNFNtLLlxJ70k9wQToE%2FDg590GeVgzYL4w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82f92f1e7eb256b1-OSL
alt-svc: h3=":443"; ma=86400

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
5b4490819d11e3ad23a5c0df1f587ddf
5735c5a6636e15403f8a1e74efd7199fd014437d
ddb64a8f4718e95e9a68ed479caf068f0ef4e51bb217028797cc30d1aa819133

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sun, 03 Dec 2023 04:49:37 GMT
Last-Modified: Sun, 03 Dec 2023 03:48:16 GMT
Server: ECAcc (ska/F7AF)
X-Cache: Miss from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: YVHhEhB7fAaPdgaDWns1LKrj65uFBUh_XbrdRz_imbkJKHgIyVfkvg==
Age: 3681

proftrafficcounter.com/stats

18.184.210.76

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.184.210.76:443
ASN
#16509 AMAZON-02

Requested by
https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
80c63bc43d475f41612ece0a102aa538
30854c68bc25e76605c827df54883ebd3ee65507
98abc592b6f73ad7897ae236b0ca650d25c4428b6ffc41453017d997592110c5

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://freezer.center
DNT: 1
Connection: keep-alive
Referer: https://freezer.center/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 04:49:37 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://freezer.center
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=d155b52b-bb84-471e-aa37-951444e6fd85:1:1; expires=Wed, 30 Nov 2033 04:49:37 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

pl21573344.toprevenuegate.com/8f/ee/76/8fee76a52b8e866db1e52e8e0b86afc4.js

173.233.137.60

200 OK

23 kB

URL GET HTTP/1.1
pl21573344.toprevenuegate.com/8f/ee/76/8fee76a52b8e866db1e52e8e0b86afc4.js
IP
173.233.137.60:443
ASN
#7979 SERVERS-COM

Requested by
https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Certificate
IssuerLet's Encrypt
Subjecttoprevenuegate.com
Fingerprint7D:44:5C:97:A8:B4:D2:87:5C:7C:4E:B7:DA:3A:38:99:85:00:67:40
ValidityFri, 20 Oct 2023 09:02:00 GMT - Thu, 18 Jan 2024 09:01:59 GMT

File type
ASCII text, with very long lines (59642), with no line terminators
Size
23 kB (23360 bytes)
Hash
a05c9f25335beb96721e96985b7bb3a9
20b2ccc09882db7502eb373478739889bea2c8df
5810c433ef70837136ed3905930825f7a749a79553086e34006b7d2f1bfadf8b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /8f/ee/76/8fee76a52b8e866db1e52e8e0b86afc4.js HTTP/1.1
Host: pl21573344.toprevenuegate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freezer.center/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 04:49:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fdc3afd37a1a4f292770684a50533f5f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

freezer.center/styles/freezer/images/download.png

188.114.97.1

200 OK

1.2 kB

URL GET HTTP/3
freezer.center/styles/freezer/images/download.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Certificate
IssuerGoogle Trust Services LLC
Subjectfreezer.center
Fingerprint13:AE:64:07:75:2D:32:0A:9D:F1:5E:55:75:17:89:FC:C7:96:EC:21
ValidityTue, 14 Nov 2023 22:46:29 GMT - Mon, 12 Feb 2024 22:46:28 GMT

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
1.2 kB (1213 bytes)
Hash
093a60cf3ca56dae97155e5cfde3c103
6e40947315a1978a71d68e0fc2e9d5c1acddae70
3e373b8fdf7a03ae561804b881a7bcf0205552b434d41f5937822accd39eaa7d

HTTP Headers

GET /styles/freezer/images/download.png HTTP/1.1
Host: freezer.center
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Cookie: PHPSESSID=7ee0ae58hn6t7e1f53k05cvsqs; cf_clearance=Ig4RA7gw.sEwvd8wqYsRbk1xjHy17yZ26sMpY4eusPI-1701578976-0-1-730ca2d2.73a07051.5b213570-0.2.1701578976; _ga_V6YQY2S72L=GS1.1.1701578982.1.0.1701578982.60.0.0; _ga=GA1.1.1542527870.1701578982; dom3ic8zudi28v8lr6fgphwffqoz0j6c=d155b52b-bb84-471e-aa37-951444e6fd85%3A1%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 03 Dec 2023 04:49:37 GMT
content-type: image/png
content-length: 1213
last-modified: Sat, 04 Feb 2023 16:23:10 GMT
etag: "4bd-5f3e236bbf780"
cache-control: max-age=691200
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=csnTczULrj885YKMSEhNKluZMa1iFQ5dlRd%2F%2BCTN2nNW9UTtEubqiERSU%2BsCLba8%2FrSZcFDUu5FrmdneHDhqyWMIRUcdzBVjB%2BCRIHlTrJzccGC1uvUQa%2FxvMAKlOz2w0A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82f92f211f6c56b1-OSL
alt-svc: h3=":443"; ma=86400

freezer.center/cdn-cgi/challenge-platform/h/b/jsd/r/82f92f176bcfb524

188.114.97.1

200 OK

1 B

URL POST HTTP/3
freezer.center/cdn-cgi/challenge-platform/h/b/jsd/r/82f92f176bcfb524
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Certificate
IssuerGoogle Trust Services LLC
Subjectfreezer.center
Fingerprint13:AE:64:07:75:2D:32:0A:9D:F1:5E:55:75:17:89:FC:C7:96:EC:21
ValidityTue, 14 Nov 2023 22:46:29 GMT - Mon, 12 Feb 2024 22:46:28 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
eccbc87e4b5ce2fe28308fd9f2a7baf3
77de68daecd823babbb58edb1c8e14d7106e83bb
4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/jsd/r/82f92f176bcfb524 HTTP/1.1
Host: freezer.center
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12270
Origin: https://freezer.center
DNT: 1
Connection: keep-alive
Referer: https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Cookie: PHPSESSID=7ee0ae58hn6t7e1f53k05cvsqs; cf_clearance=Ig4RA7gw.sEwvd8wqYsRbk1xjHy17yZ26sMpY4eusPI-1701578976-0-1-730ca2d2.73a07051.5b213570-0.2.1701578976; _ga_V6YQY2S72L=GS1.1.1701578982.1.0.1701578982.60.0.0; _ga=GA1.1.1542527870.1701578982; dom3ic8zudi28v8lr6fgphwffqoz0j6c=d155b52b-bb84-471e-aa37-951444e6fd85%3A1%3A1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 03 Dec 2023 04:49:37 GMT
content-type: text/plain; charset=UTF-8
set-cookie: cf_clearance=gjn.qc6FG4P3FArFNxM8BUjFN0V8VpiDj7peJFhg.So-1701578977-0-1-730ca2d2.73a07051.5b213570-0.2.1701578977; path=/; expires=Mon, 02-Dec-24 04:49:37 GMT; domain=.freezer.center; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qpw%2B5J6pjjeU3ssq%2BRBmmzMrKMEhQhEf5ocMbaw8t8yEbC3%2FnNSIzA5z8czXe0VadhovrA3atDNeeOoutWR8MIjj8HiR%2FiYA%2FaAasbHKotRYf%2Fe6vjByjaDSsxldNsPoDA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f92f224fc356b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-V6YQY2S72L&cid=1542527870.1701578982&gtm=45je3bt0v9103851048&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1305137259

142.250.74.163

200 OK

42 B

URL GET HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-V6YQY2S72L&cid=1542527870.1701578982&gtm=45je3bt0v9103851048&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1305137259
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.no
Fingerprint6E:E4:BC:4A:67:5E:46:6A:B3:E4:CA:61:A7:C0:97:AB:14:F0:34:32
ValidityMon, 23 Oct 2023 11:27:27 GMT - Mon, 15 Jan 2024 11:27:26 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-V6YQY2S72L&cid=1542527870.1701578982&gtm=45je3bt0v9103851048&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1305137259 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freezer.center/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 04:49:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

persecutionmachinery.com/ntv.json?key=625044db8d2ab49b798e6c22d54561bc&vstc=4

173.233.139.164

200 OK

17 kB

URL GET HTTP/1.1
persecutionmachinery.com/ntv.json?key=625044db8d2ab49b798e6c22d54561bc&vstc=4
IP
173.233.139.164:443
ASN
#7979 SERVERS-COM

Requested by
https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Certificate
IssuerLet's Encrypt
Subjectpersecutionmachinery.com
Fingerprint7B:46:00:20:38:FB:57:02:01:FD:7A:AE:8D:B8:2B:73:C4:72:4C:22
ValidityTue, 28 Nov 2023 07:58:59 GMT - Mon, 26 Feb 2024 07:58:58 GMT

File type
JSON data\012- , ASCII text, with very long lines (16794), with no line terminators
Size
17 kB (16794 bytes)
Hash
7e7b25aac30686edddd9d28def8247f0
f16cff8c7b03ad074f70b99417ec687710525ebb
48bc019279342fae71e7baafa335e764df119a164fd7d1528ec2f449b06e08f9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ntv.json?key=625044db8d2ab49b798e6c22d54561bc&vstc=4 HTTP/1.1
Host: persecutionmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://freezer.center
DNT: 1
Connection: keep-alive
Referer: https://freezer.center/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 04:49:37 GMT
Content-Type: application/json
Content-Length: 16794
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://freezer.center
Access-Control-Allow-Origin: https://freezer.center
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=20605953; expires=Mon, 04 Dec 2023 04:49:37 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 04 Dec 2023 04:49:37 GMT; secure; SameSite=None
uncs=1; expires=Mon, 04 Dec 2023 04:49:37 GMT; secure; SameSite=None
pdhtkv49=true; expires=Mon, 04 Dec 2023 04:49:37 GMT; secure; SameSite=None
uncs49=1; expires=Mon, 04 Dec 2023 04:49:37 GMT; secure; SameSite=None
nlec625044db8d2ab49b798e6c22d54561bc=[2106764,2229214,2229212,2229215]; expires=Sun, 03 Dec 2023 04:49:42 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e9d36258975643941c358c6f56c2c455
Strict-Transport-Security: max-age=0; includeSubdomains

persecutionmachinery.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzYsc1Rd9lXR%2BhJ8LibgRXBSCEkF7qvpjpjtZBGOMBGNmTCKzfl%2FV85zX9Yr3qrp6GhejAcnCRS9cqKua0zMZjMNg%2FgBFetyEASG1kQEdcelaCC6lOg2tF%2Bree%2BrcxTn3vs92slMSIqMna%2B%2BbkdKaLrXrgX9xXcXC5M6%2FddcPg3pw2V9X8XLrsj%2Bskh1cCoN2PXjdf1fyTbPUCMIgCIPQv66sjMxwacZCJQfdsN4N6q1GPWy3MLT%2FxS7z4KgHMTglL0CJ8tzG40dQfIq4%2F9016TZTk7zxTj%2FTNDUWA7H%2FYbwZmzxGf9FG1kMU78%2BnYVxJyJdnYOL9uQOYwW7lAEyVxPslBIv35zLBBnvPlDINGYOJ55APppB6CkWn4OYelHhCAC5waxVx%2F8EtY3O69YylFVuS2tO%2FoPKS1H57EXH%2F8KpWQ%2F%2BO0VmqTOwwjAqo4RSqN0WSHSEdeVD5EXj6KZT4mSw9vYm4v7vqtIESxcy9UlOoaAotx6DOQ1Z9ykMWecgSD31x4tN2NwqClYhFzWanxTlvNjlvd5ZFWzRbnShAxit5Y6TJGFyPwe02EruNTTWGzX6E2yjghAeXlsT7YBsDUSCXBLkjyClBrgjylCAfFHtCu4YrHgjtMhbOa2Nem8XEpL0dumfSnowJqB3vJKfkQrUb75L2sClP%2FOVGO2i1BOuIBmWtLlvpduQybzREu9VeDhmHUwWUOzOzO1IlefPjDhJVknP%2FuwhGj%2BD0Ebi6AJqFoPlkpRGAbkxanQCj%2BDCyUo6krXMZp9JCmAJJWkO65e3oU%2FLS7Er%2Bq59D8uMrD18%2BOB%2B%2B9ie4LZDYAh%2Bpnwh6%2Bv7ktsnJ7m2TO%2FJoNUlVX41odcE7KU3l2Yfvya3cWHHjmht%2F8xaviKo9uCtdepPGQsU9R769qoSQ9rqxXJLvb7h1ydYyt3E1s3GW3Fx7%2B%2FqNfmKlc8rEU1D1ZPVvcFWS2ic%2FzN7m8%2BUhlJ3CZgX62TGZB5Q5Ak%2B24ZKFemcIrF7MsMRDnhUT22CLn1oRaLnAlBVw%2F8Js0e%2B4%2B%2BjZGmh6D3G%2FwMAWGOgCVI%2Fhsv9P0sQeX3n8VRVfg%2BnahGlb22Xa6i9mqy3JK2dPq%2FRrlX6HUye%2BbEdBJIOGZFGXRSs0EN2o1WW0G8oV1qYhUldKff6PfwAAAP%2F%2FAQAA%2F%2F%2Fo%2B9q2ggQAAA%3D%3D

173.233.139.164

200 OK

7 B

URL GET HTTP/1.1
persecutionmachinery.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzYsc1Rd9lXR%2BhJ8LibgRXBSCEkF7qvpjpjtZBGOMBGNmTCKzfl%2FV85zX9Yr3qrp6GhejAcnCRS9cqKua0zMZjMNg%2FgBFetyEASG1kQEdcelaCC6lOg2tF%2Bree%2BrcxTn3vs92slMSIqMna%2B%2BbkdKaLrXrgX9xXcXC5M6%2FddcPg3pw2V9X8XLrsj%2Bskh1cCoN2PXjdf1fyTbPUCMIgCIPQv66sjMxwacZCJQfdsN4N6q1GPWy3MLT%2FxS7z4KgHMTglL0CJ8tzG40dQfIq4%2F9016TZTk7zxTj%2FTNDUWA7H%2FYbwZmzxGf9FG1kMU78%2BnYVxJyJdnYOL9uQOYwW7lAEyVxPslBIv35zLBBnvPlDINGYOJ55APppB6CkWn4OYelHhCAC5waxVx%2F8EtY3O69YylFVuS2tO%2FoPKS1H57EXH%2F8KpWQ%2F%2BO0VmqTOwwjAqo4RSqN0WSHSEdeVD5EXj6KZT4mSw9vYm4v7vqtIESxcy9UlOoaAotx6DOQ1Z9ykMWecgSD31x4tN2NwqClYhFzWanxTlvNjlvd5ZFWzRbnShAxit5Y6TJGFyPwe02EruNTTWGzX6E2yjghAeXlsT7YBsDUSCXBLkjyClBrgjylCAfFHtCu4YrHgjtMhbOa2Nem8XEpL0dumfSnowJqB3vJKfkQrUb75L2sClP%2FOVGO2i1BOuIBmWtLlvpduQybzREu9VeDhmHUwWUOzOzO1IlefPjDhJVknP%2FuwhGj%2BD0Ebi6AJqFoPlkpRGAbkxanQCj%2BDCyUo6krXMZp9JCmAJJWkO65e3oU%2FLS7Er%2Bq59D8uMrD18%2BOB%2B%2B9ie4LZDYAh%2Bpnwh6%2Bv7ktsnJ7m2TO%2FJoNUlVX41odcE7KU3l2Yfvya3cWHHjmht%2F8xaviKo9uCtdepPGQsU9R769qoSQ9rqxXJLvb7h1ydYyt3E1s3GW3Fx7%2B%2FqNfmKlc8rEU1D1ZPVvcFWS2ic%2FzN7m8%2BUhlJ3CZgX62TGZB5Q5Ak%2B24ZKFemcIrF7MsMRDnhUT22CLn1oRaLnAlBVw%2F8Js0e%2B4%2B%2BjZGmh6D3G%2FwMAWGOgCVI%2Fhsv9P0sQeX3n8VRVfg%2BnahGlb22Xa6i9mqy3JK2dPq%2FRrlX6HUye%2BbEdBJIOGZFGXRSs0EN2o1WW0G8oV1qYhUldKff6PfwAAAP%2F%2FAQAA%2F%2F%2Fo%2B9q2ggQAAA%3D%3D
IP
173.233.139.164:443
ASN
#7979 SERVERS-COM

Requested by
https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Certificate
IssuerLet's Encrypt
Subjectpersecutionmachinery.com
Fingerprint7B:46:00:20:38:FB:57:02:01:FD:7A:AE:8D:B8:2B:73:C4:72:4C:22
ValidityTue, 28 Nov 2023 07:58:59 GMT - Mon, 26 Feb 2024 07:58:58 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSzYsc1Rd9lXR%2BhJ8LibgRXBSCEkF7qvpjpjtZBGOMBGNmTCKzfl%2FV85zX9Yr3qrp6GhejAcnCRS9cqKua0zMZjMNg%2FgBFetyEASG1kQEdcelaCC6lOg2tF%2Bree%2BrcxTn3vs92slMSIqMna%2B%2BbkdKaLrXrgX9xXcXC5M6%2FddcPg3pw2V9X8XLrsj%2Bskh1cCoN2PXjdf1fyTbPUCMIgCIPQv66sjMxwacZCJQfdsN4N6q1GPWy3MLT%2FxS7z4KgHMTglL0CJ8tzG40dQfIq4%2F9016TZTk7zxTj%2FTNDUWA7H%2FYbwZmzxGf9FG1kMU78%2BnYVxJyJdnYOL9uQOYwW7lAEyVxPslBIv35zLBBnvPlDINGYOJ55APppB6CkWn4OYelHhCAC5waxVx%2F8EtY3O69YylFVuS2tO%2FoPKS1H57EXH%2F8KpWQ%2F%2BO0VmqTOwwjAqo4RSqN0WSHSEdeVD5EXj6KZT4mSw9vYm4v7vqtIESxcy9UlOoaAotx6DOQ1Z9ykMWecgSD31x4tN2NwqClYhFzWanxTlvNjlvd5ZFWzRbnShAxit5Y6TJGFyPwe02EruNTTWGzX6E2yjghAeXlsT7YBsDUSCXBLkjyClBrgjylCAfFHtCu4YrHgjtMhbOa2Nem8XEpL0dumfSnowJqB3vJKfkQrUb75L2sClP%2FOVGO2i1BOuIBmWtLlvpduQybzREu9VeDhmHUwWUOzOzO1IlefPjDhJVknP%2FuwhGj%2BD0Ebi6AJqFoPlkpRGAbkxanQCj%2BDCyUo6krXMZp9JCmAJJWkO65e3oU%2FLS7Er%2Bq59D8uMrD18%2BOB%2B%2B9ie4LZDYAh%2Bpnwh6%2Bv7ktsnJ7m2TO%2FJoNUlVX41odcE7KU3l2Yfvya3cWHHjmht%2F8xaviKo9uCtdepPGQsU9R769qoSQ9rqxXJLvb7h1ydYyt3E1s3GW3Fx7%2B%2FqNfmKlc8rEU1D1ZPVvcFWS2ic%2FzN7m8%2BUhlJ3CZgX62TGZB5Q5Ak%2B24ZKFemcIrF7MsMRDnhUT22CLn1oRaLnAlBVw%2F8Js0e%2B4%2B%2BjZGmh6D3G%2FwMAWGOgCVI%2Fhsv9P0sQeX3n8VRVfg%2BnahGlb22Xa6i9mqy3JK2dPq%2FRrlX6HUye%2BbEdBJIOGZFGXRSs0EN2o1WW0G8oV1qYhUldKff6PfwAAAP%2F%2FAQAA%2F%2F%2Fo%2B9q2ggQAAA%3D%3D HTTP/1.1
Host: persecutionmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freezer.center/
Cookie: u_pl=20605953; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 04:49:38 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 434100533bcd0fe58bb18fa1a5d35081
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.cloudimagesb.com/cti/5d/60/ed/5d60edea793259cd719bfa3d19bcae3e/1628587069.jpg

45.133.44.9

200 OK

28 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/5d/60/ed/5d60edea793259cd719bfa3d19bcae3e/1628587069.jpg
IP
45.133.44.9:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint71:EC:C0:22:20:76:60:90:92:4C:5C:F3:AD:17:3C:41:B5:00:25:AF
ValidityThu, 23 Nov 2023 05:00:53 GMT - Wed, 21 Feb 2024 05:00:52 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 321x240, components 3\012- data
Size
28 kB (27606 bytes)
Hash
f4fabf64be47ce667e0cfc150667b36c
234d722efa06cbedfdad9c1bb497a942997741dd
272b7875492a55c6f53a4e4704e715cc5b3cc4e5093758cbfedd95441bfe98d8

HTTP Headers

GET /cti/5d/60/ed/5d60edea793259cd719bfa3d19bcae3e/1628587069.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freezer.center/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 04:49:38 GMT
content-type: image/jpeg
content-length: 27606
server: nginx/1.21.6
last-modified: Tue, 10 Aug 2021 09:17:59 GMT
etag: "61124447-6bd6"
expires: Tue, 05 Dec 2023 04:49:38 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/cti/4e/61/98/4e619871efbab123abb0e0121e08e11d/1628586907.jpg

45.133.44.9

200 OK

23 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/4e/61/98/4e619871efbab123abb0e0121e08e11d/1628586907.jpg
IP
45.133.44.9:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint71:EC:C0:22:20:76:60:90:92:4C:5C:F3:AD:17:3C:41:B5:00:25:AF
ValidityThu, 23 Nov 2023 05:00:53 GMT - Wed, 21 Feb 2024 05:00:52 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Size
23 kB (22883 bytes)
Hash
c6f19781c79ff746b99178f813cfbff2
5c307e43c63001535aa3a3683777dbb1a7f0775b
816b5a5d078f27271fa2d7c210d708f386a6f9fbd9242531b07f0b051382870d

HTTP Headers

GET /cti/4e/61/98/4e619871efbab123abb0e0121e08e11d/1628586907.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freezer.center/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 04:49:38 GMT
content-type: image/jpeg
content-length: 22883
server: nginx/1.21.6
last-modified: Tue, 10 Aug 2021 09:15:16 GMT
etag: "611243a4-5963"
expires: Tue, 05 Dec 2023 04:49:38 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/cti/51/bb/80/51bb807c8b914e3cc08eace2b0587473/1628586935.jpg

45.133.44.9

200 OK

30 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/51/bb/80/51bb807c8b914e3cc08eace2b0587473/1628586935.jpg
IP
45.133.44.9:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint71:EC:C0:22:20:76:60:90:92:4C:5C:F3:AD:17:3C:41:B5:00:25:AF
ValidityThu, 23 Nov 2023 05:00:53 GMT - Wed, 21 Feb 2024 05:00:52 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Size
30 kB (30127 bytes)
Hash
a87779ccaaa4021b0b4f33812742679a
87322480f885dc0b6463c182b7bdb3eb60ab2592
a8f8dbc930527f94496d5a9883b6034e27a673090a89b518596d6e2b656df96f

HTTP Headers

GET /cti/51/bb/80/51bb807c8b914e3cc08eace2b0587473/1628586935.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freezer.center/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 04:49:38 GMT
content-type: image/jpeg
content-length: 30127
server: nginx/1.21.6
last-modified: Tue, 10 Aug 2021 09:15:44 GMT
etag: "611243c0-75af"
expires: Tue, 05 Dec 2023 04:49:38 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/cti/28/5d/66/285d66474f8eb1391e6c869128c7a3ea/1628587131.jpg

45.133.44.9

200 OK

29 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/28/5d/66/285d66474f8eb1391e6c869128c7a3ea/1628587131.jpg
IP
45.133.44.9:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint71:EC:C0:22:20:76:60:90:92:4C:5C:F3:AD:17:3C:41:B5:00:25:AF
ValidityThu, 23 Nov 2023 05:00:53 GMT - Wed, 21 Feb 2024 05:00:52 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Size
29 kB (28852 bytes)
Hash
76f54f42b70d14a6d6bfe2f8b1945265
197daa3737be8968bf39ff28000663c1c17deeb2
c864fde3026e05a2cc34b4348fa4888d3ae44202179277877d082cadd9971abc

HTTP Headers

GET /cti/28/5d/66/285d66474f8eb1391e6c869128c7a3ea/1628587131.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freezer.center/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 04:49:38 GMT
content-type: image/jpeg
content-length: 28852
server: nginx/1.21.6
last-modified: Tue, 10 Aug 2021 09:18:59 GMT
etag: "61124483-70b4"
expires: Tue, 05 Dec 2023 04:49:38 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

persecutionmachinery.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWtc1Rs%2Bt53%2BKD83VtwILi6CUkEn985HMtMuirVGgjGJbSXr83Unx5y553LOvXMng4toRbpwMQsX6urmmaTBGor9AxSZuClBobORgEZcuhaKS7nTgdEX7vtxn3fxPM97Pt3LzkiIjJ5uvGsGSmu60KwG%2FuVNFQuTO3%2Ftth8G1eCqv6nixcZVv18m27sSBs1q8Kr%2FtuTbZqEWhEEQBqG%2FrKyMTH9hikIlR%2B2w2g6qjVo1bDbQt%2F%2BdXebBUQ%2Bid0aegxKTC1uPHkLxMeLutzek205N8tpb3UzT1Fj0xOH78XZs8hjdeRtZD1F8ONuGcRNCvjgHEx%2FOFMD09ksFYGpCvF9CsPhwRhOsd%2FCUKdOQMZh4BnlvDKnHUHQMbu5AiccE4AJr64i799aMzenOU5SW6IRUnvwFlU9I5bfnEXcfXNeq798yOkuViR36UQHVH0N1xkiyY6QDDyo%2FBk8%2FhhI%2Fk4Unq4i7%2B%2BtOGyhRTNUrNYaKxtByCOo8ZOWnPGSRhyzx0BWnPm22oyBYilhUr7canPN6nfNma1E0Rb3RigJkvKQ3RJoMwfUQ3O4isbvYVkPY7Ae4rQJOeHDphHjv7aInCuSSIHcEOSXIFUGeEuS94kBoV3PFPaFdxsJZrc1qvRiZtLNHD0zakTEBtcO95IxcKr3xrmgP2%2FLUX6w1g0ZDsJaoUdZos6V2Sy7yWk00G83FkHE4VUC5c1O5AzUhr3%2FYQqIm5ML%2FLoPRYzh9DK4ugWYhaD5aqgWgW6NGK8AgfhBZKQfSVrmMU2khTIEkrSDd8fb0GXlheqWXzv8KyU%2Bu3X%2Fx6GL4yp%2FgtkBiC3ygfiTo6LujmyYn%2BzdN7sjD9SRVXTWg5QVvpTSV5%2B%2B%2FI3dyY8XKDTf8%2Bg1eAmV7dFu6dJXGQsUdR765roSQdtlYLsl3K25Tso3MbV3PbJwlqxtvLq90EyudUyYeg6rH63%2BDqwmpfPT99G0%2B%2B9MnUHYMmxXoZidkFlDmGDzZhUvm7J0hsHq%2Bw5LzyLNiZGts%2FlMrAi3nM2UF3L9mNu%2F33F10bAU0vYO4W6BnC%2FR0AaqHcNn%2FR2liT649%2BrKMr8B0ZcS0rewzbfXnE%2BK%2F%2FFnp79nU5DL9DqdOfdmMgkgGNcmiNouWaCDaUaPNaDuUS6xJQ6RuIvXFP%2F4BAAD%2F%2FwEAAP%2F%2F6NDonYIEAAA%3D

173.233.139.164

200 OK

7 B

URL GET HTTP/1.1
persecutionmachinery.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWtc1Rs%2Bt53%2BKD83VtwILi6CUkEn985HMtMuirVGgjGJbSXr83Unx5y553LOvXMng4toRbpwMQsX6urmmaTBGor9AxSZuClBobORgEZcuhaKS7nTgdEX7vtxn3fxPM97Pt3LzkiIjJ5uvGsGSmu60KwG%2FuVNFQuTO3%2Ftth8G1eCqv6nixcZVv18m27sSBs1q8Kr%2FtuTbZqEWhEEQBqG%2FrKyMTH9hikIlR%2B2w2g6qjVo1bDbQt%2F%2BdXebBUQ%2Bid0aegxKTC1uPHkLxMeLutzek205N8tpb3UzT1Fj0xOH78XZs8hjdeRtZD1F8ONuGcRNCvjgHEx%2FOFMD09ksFYGpCvF9CsPhwRhOsd%2FCUKdOQMZh4BnlvDKnHUHQMbu5AiccE4AJr64i799aMzenOU5SW6IRUnvwFlU9I5bfnEXcfXNeq798yOkuViR36UQHVH0N1xkiyY6QDDyo%2FBk8%2FhhI%2Fk4Unq4i7%2B%2BtOGyhRTNUrNYaKxtByCOo8ZOWnPGSRhyzx0BWnPm22oyBYilhUr7canPN6nfNma1E0Rb3RigJkvKQ3RJoMwfUQ3O4isbvYVkPY7Ae4rQJOeHDphHjv7aInCuSSIHcEOSXIFUGeEuS94kBoV3PFPaFdxsJZrc1qvRiZtLNHD0zakTEBtcO95IxcKr3xrmgP2%2FLUX6w1g0ZDsJaoUdZos6V2Sy7yWk00G83FkHE4VUC5c1O5AzUhr3%2FYQqIm5ML%2FLoPRYzh9DK4ugWYhaD5aqgWgW6NGK8AgfhBZKQfSVrmMU2khTIEkrSDd8fb0GXlheqWXzv8KyU%2Bu3X%2Fx6GL4yp%2FgtkBiC3ygfiTo6LujmyYn%2BzdN7sjD9SRVXTWg5QVvpTSV5%2B%2B%2FI3dyY8XKDTf8%2Bg1eAmV7dFu6dJXGQsUdR765roSQdtlYLsl3K25Tso3MbV3PbJwlqxtvLq90EyudUyYeg6rH63%2BDqwmpfPT99G0%2B%2B9MnUHYMmxXoZidkFlDmGDzZhUvm7J0hsHq%2Bw5LzyLNiZGts%2FlMrAi3nM2UF3L9mNu%2F33F10bAU0vYO4W6BnC%2FR0AaqHcNn%2FR2liT649%2BrKMr8B0ZcS0rewzbfXnE%2BK%2F%2FFnp79nU5DL9DqdOfdmMgkgGNcmiNouWaCDaUaPNaDuUS6xJQ6RuIvXFP%2F4BAAD%2F%2FwEAAP%2F%2F6NDonYIEAAA%3D
IP
173.233.139.164:443
ASN
#7979 SERVERS-COM

Requested by
https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Certificate
IssuerLet's Encrypt
Subjectpersecutionmachinery.com
Fingerprint7B:46:00:20:38:FB:57:02:01:FD:7A:AE:8D:B8:2B:73:C4:72:4C:22
ValidityTue, 28 Nov 2023 07:58:59 GMT - Mon, 26 Feb 2024 07:58:58 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSzWtc1Rs%2Bt53%2BKD83VtwILi6CUkEn985HMtMuirVGgjGJbSXr83Unx5y553LOvXMng4toRbpwMQsX6urmmaTBGor9AxSZuClBobORgEZcuhaKS7nTgdEX7vtxn3fxPM97Pt3LzkiIjJ5uvGsGSmu60KwG%2FuVNFQuTO3%2Ftth8G1eCqv6nixcZVv18m27sSBs1q8Kr%2FtuTbZqEWhEEQBqG%2FrKyMTH9hikIlR%2B2w2g6qjVo1bDbQt%2F%2BdXebBUQ%2Bid0aegxKTC1uPHkLxMeLutzek205N8tpb3UzT1Fj0xOH78XZs8hjdeRtZD1F8ONuGcRNCvjgHEx%2FOFMD09ksFYGpCvF9CsPhwRhOsd%2FCUKdOQMZh4BnlvDKnHUHQMbu5AiccE4AJr64i799aMzenOU5SW6IRUnvwFlU9I5bfnEXcfXNeq798yOkuViR36UQHVH0N1xkiyY6QDDyo%2FBk8%2FhhI%2Fk4Unq4i7%2B%2BtOGyhRTNUrNYaKxtByCOo8ZOWnPGSRhyzx0BWnPm22oyBYilhUr7canPN6nfNma1E0Rb3RigJkvKQ3RJoMwfUQ3O4isbvYVkPY7Ae4rQJOeHDphHjv7aInCuSSIHcEOSXIFUGeEuS94kBoV3PFPaFdxsJZrc1qvRiZtLNHD0zakTEBtcO95IxcKr3xrmgP2%2FLUX6w1g0ZDsJaoUdZos6V2Sy7yWk00G83FkHE4VUC5c1O5AzUhr3%2FYQqIm5ML%2FLoPRYzh9DK4ugWYhaD5aqgWgW6NGK8AgfhBZKQfSVrmMU2khTIEkrSDd8fb0GXlheqWXzv8KyU%2Bu3X%2Fx6GL4yp%2FgtkBiC3ygfiTo6LujmyYn%2BzdN7sjD9SRVXTWg5QVvpTSV5%2B%2B%2FI3dyY8XKDTf8%2Bg1eAmV7dFu6dJXGQsUdR765roSQdtlYLsl3K25Tso3MbV3PbJwlqxtvLq90EyudUyYeg6rH63%2BDqwmpfPT99G0%2B%2B9MnUHYMmxXoZidkFlDmGDzZhUvm7J0hsHq%2Bw5LzyLNiZGts%2FlMrAi3nM2UF3L9mNu%2F33F10bAU0vYO4W6BnC%2FR0AaqHcNn%2FR2liT649%2BrKMr8B0ZcS0rewzbfXnE%2BK%2F%2FFnp79nU5DL9DqdOfdmMgkgGNcmiNouWaCDaUaPNaDuUS6xJQ6RuIvXFP%2F4BAAD%2F%2FwEAAP%2F%2F6NDonYIEAAA%3D HTTP/1.1
Host: persecutionmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freezer.center/
Cookie: u_pl=20605953; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 04:49:38 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: daf616c157ef3cba102c8513fb0ad45f
Strict-Transport-Security: max-age=0; includeSubdomains

persecutionmachinery.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz28bRRuebdxP1ceFIi5IHFZIoCKBs7tex3Z7qAglKCIkoS3KeXZm7AwZ76xmdr2OxSFQhHrg4AMH4LR5nDSiRBX9A0DI4VJFINUXFAmCOHJGqjiidS0ZXmnfH%2Fu8h%2Bd53vl0PzsnPjJ6tvmuHkil6GK96rlXtmTMdW7d9duu71W9a%2B6WjJfCa26%2FTKZ31ffqVe9V923BdvRi4Pme53u%2BuyKNaOv%2B4hSFTI5bfrXlVcOg6tdD9M1%2FZ5s5sNQB752T5yD55OL2o4eQbIy4%2B%2B0NYXdSnbz2VjdTNNUGPX70frwT6zxGd962jYN2fDTbhrYTQr64AB0fzRRA9w5KBYjkhDi%2F%2BIjioxlNRL3Dp0wjBREj4s8g740h1BiSjsH0HUj%2BmACMY30DcffeujY53X2K0hKdkMqTvyDzCan89jzi7oNlJfvuLa2yVOrYot8uIPtjyM4YSXaCdOBA5idg6ceQ%2FGey%2BGQNcfdgwyoNyYupeinHkO0xlBiCWgdZ%2BUkHWdtBljjo8jOX1lttz2u0o3at1gwZY7UaY%2FXmEq%2FzWthse8hYSW%2BINBmCqSGY2UNi9rAjhzDZD7DbBSx3YNMJcd7bQ48XyAVBbglySpBLgjwlyHvFIVc2sMU9rmwW%2BbMazGqtGOm0s08PddoRMQE1w%2F3knFwuvXGuKgc74sxdCupeGPKoyQMaha2o0WqKJRYEvB7Wl%2FyIwcoC0l6Yyh3ICXn9wyYSOSEX%2F3cFET2BVSdg8jJo5oPmo0bggW6PwqaHQfygbYQYCFNlIk6FAdcFkrSCdNfZV%2BfkhemVXlr4FYKdXr%2F%2F4vEl%2F5U%2FwUyBxBT4QP5I0FF3Rzd1Tg5u6tyShxtJKrtyQMsL3kppKhbuvyN2c2346g07%2FPoNVgJle3xb2HSNxlzGHUu%2BWZacC7OiDRPku1W7JaLNzG4vZybOkrXNN1dWu4kR1kodj0Hl442%2FweSEVD76fvo2n%2F3pE0gzhskKdLNTMgtIfQKW7MEmc%2FZWExg134mSBeRZMTJBNP%2BpJIES85lGBey%2F5mje79u76JgKaHoHcbdAzxToqQJUDWGz%2F4%2FSxJxef%2FRlGV8hUpVRpEzlIFJGfT4h7suflf6eT00u0%2B%2Bw8syt%2B6FoRs0G4zwSjPuNoNaseV7AedhoCb%2BF1E6EuvTHPwAAAP%2F%2FAQAA%2F%2F%2F82GZ7ggQAAA%3D%3D

173.233.139.164

200 OK

7 B

URL GET HTTP/1.1
persecutionmachinery.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz28bRRuebdxP1ceFIi5IHFZIoCKBs7tex3Z7qAglKCIkoS3KeXZm7AwZ76xmdr2OxSFQhHrg4AMH4LR5nDSiRBX9A0DI4VJFINUXFAmCOHJGqjiidS0ZXmnfH%2Fu8h%2Bd53vl0PzsnPjJ6tvmuHkil6GK96rlXtmTMdW7d9duu71W9a%2B6WjJfCa26%2FTKZ31ffqVe9V923BdvRi4Pme53u%2BuyKNaOv%2B4hSFTI5bfrXlVcOg6tdD9M1%2FZ5s5sNQB752T5yD55OL2o4eQbIy4%2B%2B0NYXdSnbz2VjdTNNUGPX70frwT6zxGd962jYN2fDTbhrYTQr64AB0fzRRA9w5KBYjkhDi%2F%2BIjioxlNRL3Dp0wjBREj4s8g740h1BiSjsH0HUj%2BmACMY30DcffeujY53X2K0hKdkMqTvyDzCan89jzi7oNlJfvuLa2yVOrYot8uIPtjyM4YSXaCdOBA5idg6ceQ%2FGey%2BGQNcfdgwyoNyYupeinHkO0xlBiCWgdZ%2BUkHWdtBljjo8jOX1lttz2u0o3at1gwZY7UaY%2FXmEq%2FzWthse8hYSW%2BINBmCqSGY2UNi9rAjhzDZD7DbBSx3YNMJcd7bQ48XyAVBbglySpBLgjwlyHvFIVc2sMU9rmwW%2BbMazGqtGOm0s08PddoRMQE1w%2F3knFwuvXGuKgc74sxdCupeGPKoyQMaha2o0WqKJRYEvB7Wl%2FyIwcoC0l6Yyh3ICXn9wyYSOSEX%2F3cFET2BVSdg8jJo5oPmo0bggW6PwqaHQfygbYQYCFNlIk6FAdcFkrSCdNfZV%2BfkhemVXlr4FYKdXr%2F%2F4vEl%2F5U%2FwUyBxBT4QP5I0FF3Rzd1Tg5u6tyShxtJKrtyQMsL3kppKhbuvyN2c2346g07%2FPoNVgJle3xb2HSNxlzGHUu%2BWZacC7OiDRPku1W7JaLNzG4vZybOkrXNN1dWu4kR1kodj0Hl442%2FweSEVD76fvo2n%2F3pE0gzhskKdLNTMgtIfQKW7MEmc%2FZWExg134mSBeRZMTJBNP%2BpJIES85lGBey%2F5mje79u76JgKaHoHcbdAzxToqQJUDWGz%2F4%2FSxJxef%2FRlGV8hUpVRpEzlIFJGfT4h7suflf6eT00u0%2B%2Bw8syt%2B6FoRs0G4zwSjPuNoNaseV7AedhoCb%2BF1E6EuvTHPwAAAP%2F%2FAQAA%2F%2F%2F82GZ7ggQAAA%3D%3D
IP
173.233.139.164:443
ASN
#7979 SERVERS-COM

Requested by
https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Certificate
IssuerLet's Encrypt
Subjectpersecutionmachinery.com
Fingerprint7B:46:00:20:38:FB:57:02:01:FD:7A:AE:8D:B8:2B:73:C4:72:4C:22
ValidityTue, 28 Nov 2023 07:58:59 GMT - Mon, 26 Feb 2024 07:58:58 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz28bRRuebdxP1ceFIi5IHFZIoCKBs7tex3Z7qAglKCIkoS3KeXZm7AwZ76xmdr2OxSFQhHrg4AMH4LR5nDSiRBX9A0DI4VJFINUXFAmCOHJGqjiidS0ZXmnfH%2Fu8h%2Bd53vl0PzsnPjJ6tvmuHkil6GK96rlXtmTMdW7d9duu71W9a%2B6WjJfCa26%2FTKZ31ffqVe9V923BdvRi4Pme53u%2BuyKNaOv%2B4hSFTI5bfrXlVcOg6tdD9M1%2FZ5s5sNQB752T5yD55OL2o4eQbIy4%2B%2B0NYXdSnbz2VjdTNNUGPX70frwT6zxGd962jYN2fDTbhrYTQr64AB0fzRRA9w5KBYjkhDi%2F%2BIjioxlNRL3Dp0wjBREj4s8g740h1BiSjsH0HUj%2BmACMY30DcffeujY53X2K0hKdkMqTvyDzCan89jzi7oNlJfvuLa2yVOrYot8uIPtjyM4YSXaCdOBA5idg6ceQ%2FGey%2BGQNcfdgwyoNyYupeinHkO0xlBiCWgdZ%2BUkHWdtBljjo8jOX1lttz2u0o3at1gwZY7UaY%2FXmEq%2FzWthse8hYSW%2BINBmCqSGY2UNi9rAjhzDZD7DbBSx3YNMJcd7bQ48XyAVBbglySpBLgjwlyHvFIVc2sMU9rmwW%2BbMazGqtGOm0s08PddoRMQE1w%2F3knFwuvXGuKgc74sxdCupeGPKoyQMaha2o0WqKJRYEvB7Wl%2FyIwcoC0l6Yyh3ICXn9wyYSOSEX%2F3cFET2BVSdg8jJo5oPmo0bggW6PwqaHQfygbYQYCFNlIk6FAdcFkrSCdNfZV%2BfkhemVXlr4FYKdXr%2F%2F4vEl%2F5U%2FwUyBxBT4QP5I0FF3Rzd1Tg5u6tyShxtJKrtyQMsL3kppKhbuvyN2c2346g07%2FPoNVgJle3xb2HSNxlzGHUu%2BWZacC7OiDRPku1W7JaLNzG4vZybOkrXNN1dWu4kR1kodj0Hl442%2FweSEVD76fvo2n%2F3pE0gzhskKdLNTMgtIfQKW7MEmc%2FZWExg134mSBeRZMTJBNP%2BpJIES85lGBey%2F5mje79u76JgKaHoHcbdAzxToqQJUDWGz%2F4%2FSxJxef%2FRlGV8hUpVRpEzlIFJGfT4h7suflf6eT00u0%2B%2Bw8syt%2B6FoRs0G4zwSjPuNoNaseV7AedhoCb%2BF1E6EuvTHPwAAAP%2F%2FAQAA%2F%2F%2F82GZ7ggQAAA%3D%3D HTTP/1.1
Host: persecutionmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freezer.center/
Cookie: u_pl=20605953; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 04:49:38 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fb7b409f0f228d19824319f01706a213
Strict-Transport-Security: max-age=0; includeSubdomains

persecutionmachinery.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzYsc1Rd9lXR%2BhJ8bI24EF4WgRNCeqv6Y6U4WwRhHBseZMYnM%2Bn1Vz3Ne1yveq%2BrqaVyMBkIWLnrhQl3VnJ7JYByC%2BQMU6XETBoX0RgZ0xKVrIbiU6jS0Xqh776lzF%2Bfc%2B%2B7uZWckREZPN943A6U1XWhWA%2F%2FypoqFyZ2%2FdtsPg2pw1d9U8WLjqt8vk%2B1dCYNmNXjdf1fybbNQC8IgCIPQX1ZWRqa%2FMGWhkqN2WG0H1UatGjYb6Nv%2FYpd5cNSD6J2RF6DE5MLW40dQfIy4%2B%2B0N6bZTk7zxTjfTNDUWPXH4YbwdmzxGd95G1kMUH86mYdyEkC%2FOwcSHMwcwvf3SAZiaEO%2BXECw%2BnMkE6x08U8o0ZAwmnkPeG0PqMRQdg5s7UOIJAbjA2jri7v01Y3O684ylJTshlad%2FQeUTUvntRcTdh9e16vu3jM5SZWKHflRA9cdQnTGS7BjpwIPKj8HTT6HEz2Th6Sri7v660wZKFFP3So2hojG0HII6D1n5KQ9Z5CFLPHTFqU%2Bb7SgIliIW1eutBue8Xue82VoUTVFvtKIAGS%2FlDZEmQ3A9BLe7SOwuttUQNvsBbquAEx5cOiHeB7voiQK5JMgdQU4JckWQpwR5rzgQ2tVccV9ol7FwVmuzWi9GJu3s0QOTdmRMQO1wLzkjl8rdeFe0h2156i%2FWmkGjIVhL1ChrtNlSuyUXea0mmo3mYsg4nCqg3Lmp3YGakDc%2FbiFRE3Lhf5fB6DGcPgZXl0CzEDQfLdUC0K1RoxVgED%2BMrJQDaatcxqm0EKZAklaQ7nh7%2Boy8NL3SK%2BfPIPnJtQcvH10MX%2FsT3BZIbIGP1I8EHX1vdNPkZP%2BmyR15tJ6kqqsGtLzgrZSm8vyD9%2BRObqxYueGGX7%2FFS6Jsj25Ll67SWKi448g315UQ0i4byyX5bsVtSraRua3rmY2zZHXj7eWVbmKlc8rEY1D1ZP1vcDUhlU%2B%2Bn77N53%2B6C2XHsFmBbnZCZgFljsGTXbhkrt4ZAqvnMyw5hzwrRrbG5j%2B1ItByjikr4P6F2bzfc%2FfQsRXQ9A7iboGeLdDTBagewmX%2FH6WJPbn2%2BMsyvgLTlRHTtrLPtNWfT4j%2F6mfT%2FZbp1zL9DqdOfdmMgkgGNcmiNouWaCDaUaPNaDuUS6xJQ6RuIvXFP%2F4BAAD%2F%2FwEAAP%2F%2FjByhPYIEAAA%3D

173.233.137.52

200 OK

7 B

URL GET HTTP/1.1
persecutionmachinery.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzYsc1Rd9lXR%2BhJ8bI24EF4WgRNCeqv6Y6U4WwRhHBseZMYnM%2Bn1Vz3Ne1yveq%2BrqaVyMBkIWLnrhQl3VnJ7JYByC%2BQMU6XETBoX0RgZ0xKVrIbiU6jS0Xqh776lzF%2Bfc%2B%2B7uZWckREZPN943A6U1XWhWA%2F%2FypoqFyZ2%2FdtsPg2pw1d9U8WLjqt8vk%2B1dCYNmNXjdf1fybbNQC8IgCIPQX1ZWRqa%2FMGWhkqN2WG0H1UatGjYb6Nv%2FYpd5cNSD6J2RF6DE5MLW40dQfIy4%2B%2B0N6bZTk7zxTjfTNDUWPXH4YbwdmzxGd95G1kMUH86mYdyEkC%2FOwcSHMwcwvf3SAZiaEO%2BXECw%2BnMkE6x08U8o0ZAwmnkPeG0PqMRQdg5s7UOIJAbjA2jri7v01Y3O684ylJTshlad%2FQeUTUvntRcTdh9e16vu3jM5SZWKHflRA9cdQnTGS7BjpwIPKj8HTT6HEz2Th6Sri7v660wZKFFP3So2hojG0HII6D1n5KQ9Z5CFLPHTFqU%2Bb7SgIliIW1eutBue8Xue82VoUTVFvtKIAGS%2FlDZEmQ3A9BLe7SOwuttUQNvsBbquAEx5cOiHeB7voiQK5JMgdQU4JckWQpwR5rzgQ2tVccV9ol7FwVmuzWi9GJu3s0QOTdmRMQO1wLzkjl8rdeFe0h2156i%2FWmkGjIVhL1ChrtNlSuyUXea0mmo3mYsg4nCqg3Lmp3YGakDc%2FbiFRE3Lhf5fB6DGcPgZXl0CzEDQfLdUC0K1RoxVgED%2BMrJQDaatcxqm0EKZAklaQ7nh7%2Boy8NL3SK%2BfPIPnJtQcvH10MX%2FsT3BZIbIGP1I8EHX1vdNPkZP%2BmyR15tJ6kqqsGtLzgrZSm8vyD9%2BRObqxYueGGX7%2FFS6Jsj25Ll67SWKi448g315UQ0i4byyX5bsVtSraRua3rmY2zZHXj7eWVbmKlc8rEY1D1ZP1vcDUhlU%2B%2Bn77N53%2B6C2XHsFmBbnZCZgFljsGTXbhkrt4ZAqvnMyw5hzwrRrbG5j%2B1ItByjikr4P6F2bzfc%2FfQsRXQ9A7iboGeLdDTBagewmX%2FH6WJPbn2%2BMsyvgLTlRHTtrLPtNWfT4j%2F6mfT%2FZbp1zL9DqdOfdmMgkgGNcmiNouWaCDaUaPNaDuUS6xJQ6RuIvXFP%2F4BAAD%2F%2FwEAAP%2F%2FjByhPYIEAAA%3D
IP
173.233.137.52:443
ASN
#7979 SERVERS-COM

Requested by
https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Certificate
IssuerLet's Encrypt
Subjectpersecutionmachinery.com
Fingerprint7B:46:00:20:38:FB:57:02:01:FD:7A:AE:8D:B8:2B:73:C4:72:4C:22
ValidityTue, 28 Nov 2023 07:58:59 GMT - Mon, 26 Feb 2024 07:58:58 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSzYsc1Rd9lXR%2BhJ8bI24EF4WgRNCeqv6Y6U4WwRhHBseZMYnM%2Bn1Vz3Ne1yveq%2BrqaVyMBkIWLnrhQl3VnJ7JYByC%2BQMU6XETBoX0RgZ0xKVrIbiU6jS0Xqh776lzF%2Bfc%2B%2B7uZWckREZPN943A6U1XWhWA%2F%2FypoqFyZ2%2FdtsPg2pw1d9U8WLjqt8vk%2B1dCYNmNXjdf1fybbNQC8IgCIPQX1ZWRqa%2FMGWhkqN2WG0H1UatGjYb6Nv%2FYpd5cNSD6J2RF6DE5MLW40dQfIy4%2B%2B0N6bZTk7zxTjfTNDUWPXH4YbwdmzxGd95G1kMUH86mYdyEkC%2FOwcSHMwcwvf3SAZiaEO%2BXECw%2BnMkE6x08U8o0ZAwmnkPeG0PqMRQdg5s7UOIJAbjA2jri7v01Y3O684ylJTshlad%2FQeUTUvntRcTdh9e16vu3jM5SZWKHflRA9cdQnTGS7BjpwIPKj8HTT6HEz2Th6Sri7v660wZKFFP3So2hojG0HII6D1n5KQ9Z5CFLPHTFqU%2Bb7SgIliIW1eutBue8Xue82VoUTVFvtKIAGS%2FlDZEmQ3A9BLe7SOwuttUQNvsBbquAEx5cOiHeB7voiQK5JMgdQU4JckWQpwR5rzgQ2tVccV9ol7FwVmuzWi9GJu3s0QOTdmRMQO1wLzkjl8rdeFe0h2156i%2FWmkGjIVhL1ChrtNlSuyUXea0mmo3mYsg4nCqg3Lmp3YGakDc%2FbiFRE3Lhf5fB6DGcPgZXl0CzEDQfLdUC0K1RoxVgED%2BMrJQDaatcxqm0EKZAklaQ7nh7%2Boy8NL3SK%2BfPIPnJtQcvH10MX%2FsT3BZIbIGP1I8EHX1vdNPkZP%2BmyR15tJ6kqqsGtLzgrZSm8vyD9%2BRObqxYueGGX7%2FFS6Jsj25Ll67SWKi448g315UQ0i4byyX5bsVtSraRua3rmY2zZHXj7eWVbmKlc8rEY1D1ZP1vcDUhlU%2B%2Bn77N53%2B6C2XHsFmBbnZCZgFljsGTXbhkrt4ZAqvnMyw5hzwrRrbG5j%2B1ItByjikr4P6F2bzfc%2FfQsRXQ9A7iboGeLdDTBagewmX%2FH6WJPbn2%2BMsyvgLTlRHTtrLPtNWfT4j%2F6mfT%2FZbp1zL9DqdOfdmMgkgGNcmiNouWaCDaUaPNaDuUS6xJQ6RuIvXFP%2F4BAAD%2F%2FwEAAP%2F%2FjByhPYIEAAA%3D HTTP/1.1
Host: persecutionmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freezer.center/
Cookie: u_pl=20605953; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 04:49:38 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 997bd2c6c43501455f2c524353ec10b2
Strict-Transport-Security: max-age=0; includeSubdomains

persecutionmachinery.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz28bRRuebd1P1ceFIi5IHFZIoCKBs7tex3Z7qCilKCIkoS3KeXZm7AwZ76xmdr2OxSFQCXrg4AMH4LR5nDSiRBX9A0DI4VJFIHUvKBIEceSMVHFEm1gyvNK%2BP%2FZ5D8%2FzvPPJTnZCfGT0eO1dPZJK0YVm3XMvr8uY69y6K3dc36t7V911GS%2BGV91hlczgiu81696r7tuCbeqFwPM9z%2Fd896Y0oquHC6coZHLQ8esdrx4Gdb8ZYmj%2BO9vMgaUO%2BOCEPAfJywsbjx9Bsini%2Frc3hN1MdfLaW%2F1M0VQbDPj%2B%2B%2FFmrPMY%2FXnbNQ668f5sG9qWhHxxDjrenymAHuxWChDJkji%2F%2BIji%2FRlNRIO9M6aRgogR8WeQD6YQagpJp2D6LiR%2FQgDGsbKKuH9%2FRZucbp2htEJLUnv6F2RektpvzyPuP7yu5NC9rVWWSh1bDLsF5HAK2ZsiyQ6RjhzI%2FBAs%2FRiS%2F0wWni4j7u%2BuWqUheXGqXsopZHcKJcag1kFWfdJB1nWQJQ76%2FNilzU7X81rdqNtotEPGWKPBWLO9yJu8Eba7HjJW0RsjTcZgagxmtpGYbWzKMUz2A%2BxGAcsd2LQkznvbGPACuSDILUFOCXJJkKcE%2BaDY48oGtrjPlc0if1aDWW0UE532duieTnsiJqBmvJOckEuVN84V5WBTHLuLQdMLQx61eUCjsBO1Om2xyIKAN8Pmoh8xWFlA2nOnckeyJK9%2F2EYiS3Lhf5cR0UNYdQgmL4FmPmg%2BaQUe6MYkbHsYxQ%2B7RoiRMHUm4lQYcF0gSWtIt5wddUJeOL3SS%2Bd%2Fh2BH1x68eHDRf%2BVPMFMgMQU%2BkD8S9NS9yS2dk91bOrfk0WqSyr4c0eqCt1OaivMP3hFbuTZ86YYdf%2F0Gq4CqPbgjbLpMYy7jniXfXJecC3NTGybId0t2XURrmd24npk4S5bX3ry51E%2BMsFbqeAoqn6z%2BDSZLUvvo%2B9O3%2BexPn0KaKUxWoJ8dkVlA6kOwZBs2mbO3msCo%2BU6U1JBnxcQE0fynkgRKzGcaFbD%2FmqN5v2PvoWdqoOldxP0CA1NgoApQNYbN%2Fj9JE3N07fGXVXyFSNUmkTK13UgZ9XlJ3Jc%2Fq%2Fw9qdKvZ05beew2%2FVC0o3aLcR4Jxv1W0Gg3PC%2FgPGx1hN9BakuhLv7xDwAAAP%2F%2FAQAA%2F%2F8%2BoDFPggQAAA%3D%3D

173.233.139.164

200 OK

7 B

URL GET HTTP/1.1
persecutionmachinery.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz28bRRuebd1P1ceFIi5IHFZIoCKBs7tex3Z7qCilKCIkoS3KeXZm7AwZ76xmdr2OxSFQCXrg4AMH4LR5nDSiRBX9A0DI4VJFIHUvKBIEceSMVHFEm1gyvNK%2BP%2FZ5D8%2FzvPPJTnZCfGT0eO1dPZJK0YVm3XMvr8uY69y6K3dc36t7V911GS%2BGV91hlczgiu81696r7tuCbeqFwPM9z%2Fd896Y0oquHC6coZHLQ8esdrx4Gdb8ZYmj%2BO9vMgaUO%2BOCEPAfJywsbjx9Bsini%2Frc3hN1MdfLaW%2F1M0VQbDPj%2B%2B%2FFmrPMY%2FXnbNQ668f5sG9qWhHxxDjrenymAHuxWChDJkji%2F%2BIji%2FRlNRIO9M6aRgogR8WeQD6YQagpJp2D6LiR%2FQgDGsbKKuH9%2FRZucbp2htEJLUnv6F2RektpvzyPuP7yu5NC9rVWWSh1bDLsF5HAK2ZsiyQ6RjhzI%2FBAs%2FRiS%2F0wWni4j7u%2BuWqUheXGqXsopZHcKJcag1kFWfdJB1nWQJQ76%2FNilzU7X81rdqNtotEPGWKPBWLO9yJu8Eba7HjJW0RsjTcZgagxmtpGYbWzKMUz2A%2BxGAcsd2LQkznvbGPACuSDILUFOCXJJkKcE%2BaDY48oGtrjPlc0if1aDWW0UE532duieTnsiJqBmvJOckEuVN84V5WBTHLuLQdMLQx61eUCjsBO1Om2xyIKAN8Pmoh8xWFlA2nOnckeyJK9%2F2EYiS3Lhf5cR0UNYdQgmL4FmPmg%2BaQUe6MYkbHsYxQ%2B7RoiRMHUm4lQYcF0gSWtIt5wddUJeOL3SS%2Bd%2Fh2BH1x68eHDRf%2BVPMFMgMQU%2BkD8S9NS9yS2dk91bOrfk0WqSyr4c0eqCt1OaivMP3hFbuTZ86YYdf%2F0Gq4CqPbgjbLpMYy7jniXfXJecC3NTGybId0t2XURrmd24npk4S5bX3ry51E%2BMsFbqeAoqn6z%2BDSZLUvvo%2B9O3%2BexPn0KaKUxWoJ8dkVlA6kOwZBs2mbO3msCo%2BU6U1JBnxcQE0fynkgRKzGcaFbD%2FmqN5v2PvoWdqoOldxP0CA1NgoApQNYbN%2Fj9JE3N07fGXVXyFSNUmkTK13UgZ9XlJ3Jc%2Fq%2Fw9qdKvZ05beew2%2FVC0o3aLcR4Jxv1W0Gg3PC%2FgPGx1hN9BakuhLv7xDwAAAP%2F%2FAQAA%2F%2F8%2BoDFPggQAAA%3D%3D
IP
173.233.139.164:443
ASN
#7979 SERVERS-COM

Requested by
https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Certificate
IssuerLet's Encrypt
Subjectpersecutionmachinery.com
Fingerprint7B:46:00:20:38:FB:57:02:01:FD:7A:AE:8D:B8:2B:73:C4:72:4C:22
ValidityTue, 28 Nov 2023 07:58:59 GMT - Mon, 26 Feb 2024 07:58:58 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz28bRRuebd1P1ceFIi5IHFZIoCKBs7tex3Z7qCilKCIkoS3KeXZm7AwZ76xmdr2OxSFQCXrg4AMH4LR5nDSiRBX9A0DI4VJFIHUvKBIEceSMVHFEm1gyvNK%2BP%2FZ5D8%2FzvPPJTnZCfGT0eO1dPZJK0YVm3XMvr8uY69y6K3dc36t7V911GS%2BGV91hlczgiu81696r7tuCbeqFwPM9z%2Fd896Y0oquHC6coZHLQ8esdrx4Gdb8ZYmj%2BO9vMgaUO%2BOCEPAfJywsbjx9Bsini%2Frc3hN1MdfLaW%2F1M0VQbDPj%2B%2B%2FFmrPMY%2FXnbNQ668f5sG9qWhHxxDjrenymAHuxWChDJkji%2F%2BIji%2FRlNRIO9M6aRgogR8WeQD6YQagpJp2D6LiR%2FQgDGsbKKuH9%2FRZucbp2htEJLUnv6F2RektpvzyPuP7yu5NC9rVWWSh1bDLsF5HAK2ZsiyQ6RjhzI%2FBAs%2FRiS%2F0wWni4j7u%2BuWqUheXGqXsopZHcKJcag1kFWfdJB1nWQJQ76%2FNilzU7X81rdqNtotEPGWKPBWLO9yJu8Eba7HjJW0RsjTcZgagxmtpGYbWzKMUz2A%2BxGAcsd2LQkznvbGPACuSDILUFOCXJJkKcE%2BaDY48oGtrjPlc0if1aDWW0UE532duieTnsiJqBmvJOckEuVN84V5WBTHLuLQdMLQx61eUCjsBO1Om2xyIKAN8Pmoh8xWFlA2nOnckeyJK9%2F2EYiS3Lhf5cR0UNYdQgmL4FmPmg%2BaQUe6MYkbHsYxQ%2B7RoiRMHUm4lQYcF0gSWtIt5wddUJeOL3SS%2Bd%2Fh2BH1x68eHDRf%2BVPMFMgMQU%2BkD8S9NS9yS2dk91bOrfk0WqSyr4c0eqCt1OaivMP3hFbuTZ86YYdf%2F0Gq4CqPbgjbLpMYy7jniXfXJecC3NTGybId0t2XURrmd24npk4S5bX3ry51E%2BMsFbqeAoqn6z%2BDSZLUvvo%2B9O3%2BexPn0KaKUxWoJ8dkVlA6kOwZBs2mbO3msCo%2BU6U1JBnxcQE0fynkgRKzGcaFbD%2FmqN5v2PvoWdqoOldxP0CA1NgoApQNYbN%2Fj9JE3N07fGXVXyFSNUmkTK13UgZ9XlJ3Jc%2Fq%2Fw9qdKvZ05beew2%2FVC0o3aLcR4Jxv1W0Gg3PC%2FgPGx1hN9BakuhLv7xDwAAAP%2F%2FAQAA%2F%2F8%2BoDFPggQAAA%3D%3D HTTP/1.1
Host: persecutionmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freezer.center/
Cookie: u_pl=20605953; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 04:49:38 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d29d8520dc4099a37d2e123bd50a8506
Strict-Transport-Security: max-age=0; includeSubdomains

persecutionmachinery.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWsk1Rd9NdPzY%2Fi5ccSN4KIQlBG0U9UfSffMYjCOkWBM4sxI1u%2BrOs%2B8rle8V9XVaVxEB3QWLnrhQl1VTicTHMPg%2FAGKdNwMQWF6IwGNuHQtDC6lkobWC3U%2F6tzFOee%2BT3azUxIioyfr75qB0prONauBf3VDxcLkzl%2B944dBNbjub6h4vnHd75fJ9q6FQbMavOq%2FLfmWmasFYRCEQegvKSsj0587Q6GSw3ZYbQfVRq0aNhvo2%2F%2FOLvPgqAfROyXPQYnJpc3Hj6D4GHH325vSbaUmee2tbqZpaix64uD9eCs2eYzurI2shyg%2BmG7DuAkhX1yAiQ%2BmCmB6e6UCMDUh3i8hWHwwpQnW2z9nyjRkDCaeQd4bQ%2BoxFB2Dm7tQ4gkBuMDqGuLu%2FVVjc7p9jtISnZDK07%2Bg8gmp%2FPY84u7DRa36%2Fm2js1SZ2KEfFVD9MVRnjCQ7QjrwoPIj8PRjKPEzmXu6gri7t%2Ba0gRLFmXqlxlDRGFoOQZ2HrPyUhyzykCUeuuLEp812FAQLEYvq9VaDc16vc95szYumqDdaUYCMl%2FSGSJMhuB6C2x0kdgdbagib%2FQC3WcAJDy6dEO%2B9HfREgVwS5I4gpwS5IshTgrxX7Avtaq64L7TLWDittWmtFyOTdnbpvkk7MiagdribnJIrpTfeNe1hS57487Vm0GgI1hI1yhptttBuyXleq4lmozkfMg6nCih34UzuQE3I6x%2B2kKgJufS%2Fq2D0CE4fgasroFkImo8WagHo5qjRCjCIH0ZWyoG0VS7jVFoIUyBJK0i3vV19Sl44u9JLF3%2BH5Mc3Hrx4eDl85U9wWyCxBT5QPxJ09L3RLZOTvVsmd%2BTRWpKqrhrQ8oK3U5rKiw%2Fekdu5sWL5pht%2B%2FQYvgbI9vCNdukJjoeKOI98sKiGkXTKWS%2FLdstuQbD1zm4uZjbNkZf3NpeVuYqVzysRjUPVk7W9wNSGVj74%2Fe5vP%2FvQplB3DZgW62TGZBpQ5Ak924JIZe2cIrJ7tsKSCPCtGtsZmP7Ui0HI2U1bA%2FWtms37X3UPHVkDTu4i7BXq2QE8XoHoIl%2F1%2FlCb2%2BMbjL8v4CkxXRkzbyh7TVn8%2BIf7Ln5X%2Bnpbp13OnnTrxZTMKIhnUJIvaLFqggWhHjTaj7VAusCYNkbqJ1Jf%2F%2BAcAAP%2F%2FAQAA%2F%2F8qqL%2BpggQAAA%3D%3D

173.233.137.52

200 OK

7 B

URL GET HTTP/1.1
persecutionmachinery.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWsk1Rd9NdPzY%2Fi5ccSN4KIQlBG0U9UfSffMYjCOkWBM4sxI1u%2BrOs%2B8rle8V9XVaVxEB3QWLnrhQl1VTicTHMPg%2FAGKdNwMQWF6IwGNuHQtDC6lkobWC3U%2F6tzFOee%2BT3azUxIioyfr75qB0prONauBf3VDxcLkzl%2B944dBNbjub6h4vnHd75fJ9q6FQbMavOq%2FLfmWmasFYRCEQegvKSsj0587Q6GSw3ZYbQfVRq0aNhvo2%2F%2FOLvPgqAfROyXPQYnJpc3Hj6D4GHH325vSbaUmee2tbqZpaix64uD9eCs2eYzurI2shyg%2BmG7DuAkhX1yAiQ%2BmCmB6e6UCMDUh3i8hWHwwpQnW2z9nyjRkDCaeQd4bQ%2BoxFB2Dm7tQ4gkBuMDqGuLu%2FVVjc7p9jtISnZDK07%2Bg8gmp%2FPY84u7DRa36%2Fm2js1SZ2KEfFVD9MVRnjCQ7QjrwoPIj8PRjKPEzmXu6gri7t%2Ba0gRLFmXqlxlDRGFoOQZ2HrPyUhyzykCUeuuLEp812FAQLEYvq9VaDc16vc95szYumqDdaUYCMl%2FSGSJMhuB6C2x0kdgdbagib%2FQC3WcAJDy6dEO%2B9HfREgVwS5I4gpwS5IshTgrxX7Avtaq64L7TLWDittWmtFyOTdnbpvkk7MiagdribnJIrpTfeNe1hS57487Vm0GgI1hI1yhptttBuyXleq4lmozkfMg6nCih34UzuQE3I6x%2B2kKgJufS%2Fq2D0CE4fgasroFkImo8WagHo5qjRCjCIH0ZWyoG0VS7jVFoIUyBJK0i3vV19Sl44u9JLF3%2BH5Mc3Hrx4eDl85U9wWyCxBT5QPxJ09L3RLZOTvVsmd%2BTRWpKqrhrQ8oK3U5rKiw%2Fekdu5sWL5pht%2B%2FQYvgbI9vCNdukJjoeKOI98sKiGkXTKWS%2FLdstuQbD1zm4uZjbNkZf3NpeVuYqVzysRjUPVk7W9wNSGVj74%2Fe5vP%2FvQplB3DZgW62TGZBpQ5Ak924JIZe2cIrJ7tsKSCPCtGtsZmP7Ui0HI2U1bA%2FWtms37X3UPHVkDTu4i7BXq2QE8XoHoIl%2F1%2FlCb2%2BMbjL8v4CkxXRkzbyh7TVn8%2BIf7Ln5X%2Bnpbp13OnnTrxZTMKIhnUJIvaLFqggWhHjTaj7VAusCYNkbqJ1Jf%2F%2BAcAAP%2F%2FAQAA%2F%2F8qqL%2BpggQAAA%3D%3D
IP
173.233.137.52:443
ASN
#7979 SERVERS-COM

Requested by
https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Certificate
IssuerLet's Encrypt
Subjectpersecutionmachinery.com
Fingerprint7B:46:00:20:38:FB:57:02:01:FD:7A:AE:8D:B8:2B:73:C4:72:4C:22
ValidityTue, 28 Nov 2023 07:58:59 GMT - Mon, 26 Feb 2024 07:58:58 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSzWsk1Rd9NdPzY%2Fi5ccSN4KIQlBG0U9UfSffMYjCOkWBM4sxI1u%2BrOs%2B8rle8V9XVaVxEB3QWLnrhQl1VTicTHMPg%2FAGKdNwMQWF6IwGNuHQtDC6lkobWC3U%2F6tzFOee%2BT3azUxIioyfr75qB0prONauBf3VDxcLkzl%2B944dBNbjub6h4vnHd75fJ9q6FQbMavOq%2FLfmWmasFYRCEQegvKSsj0587Q6GSw3ZYbQfVRq0aNhvo2%2F%2FOLvPgqAfROyXPQYnJpc3Hj6D4GHH325vSbaUmee2tbqZpaix64uD9eCs2eYzurI2shyg%2BmG7DuAkhX1yAiQ%2BmCmB6e6UCMDUh3i8hWHwwpQnW2z9nyjRkDCaeQd4bQ%2BoxFB2Dm7tQ4gkBuMDqGuLu%2FVVjc7p9jtISnZDK07%2Bg8gmp%2FPY84u7DRa36%2Fm2js1SZ2KEfFVD9MVRnjCQ7QjrwoPIj8PRjKPEzmXu6gri7t%2Ba0gRLFmXqlxlDRGFoOQZ2HrPyUhyzykCUeuuLEp812FAQLEYvq9VaDc16vc95szYumqDdaUYCMl%2FSGSJMhuB6C2x0kdgdbagib%2FQC3WcAJDy6dEO%2B9HfREgVwS5I4gpwS5IshTgrxX7Avtaq64L7TLWDittWmtFyOTdnbpvkk7MiagdribnJIrpTfeNe1hS57487Vm0GgI1hI1yhptttBuyXleq4lmozkfMg6nCih34UzuQE3I6x%2B2kKgJufS%2Fq2D0CE4fgasroFkImo8WagHo5qjRCjCIH0ZWyoG0VS7jVFoIUyBJK0i3vV19Sl44u9JLF3%2BH5Mc3Hrx4eDl85U9wWyCxBT5QPxJ09L3RLZOTvVsmd%2BTRWpKqrhrQ8oK3U5rKiw%2Fekdu5sWL5pht%2B%2FQYvgbI9vCNdukJjoeKOI98sKiGkXTKWS%2FLdstuQbD1zm4uZjbNkZf3NpeVuYqVzysRjUPVk7W9wNSGVj74%2Fe5vP%2FvQplB3DZgW62TGZBpQ5Ak924JIZe2cIrJ7tsKSCPCtGtsZmP7Ui0HI2U1bA%2FWtms37X3UPHVkDTu4i7BXq2QE8XoHoIl%2F1%2FlCb2%2BMbjL8v4CkxXRkzbyh7TVn8%2BIf7Ln5X%2Bnpbp13OnnTrxZTMKIhnUJIvaLFqggWhHjTaj7VAusCYNkbqJ1Jf%2F%2BAcAAP%2F%2FAQAA%2F%2F8qqL%2BpggQAAA%3D%3D HTTP/1.1
Host: persecutionmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freezer.center/
Cookie: u_pl=20605953; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 04:49:38 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ffcc071a12a10149eeb63263adee6f1e
Strict-Transport-Security: max-age=0; includeSubdomains

persecutionmachinery.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSwYscxReuTiY%2Fws%2BDRLwIHhpBiaCz3T09OzPJIRhjJLjurklkz9VVNbPl1nQ1Vd3Ts4OH1YDk4GEOHtRT7ze7WYzLYv4ARWa9hAUhfZEFXfHoWQgepScDow%2F6vff19w7f9159tpudER8ZPV1%2FX4%2BkUnSpWffcyxsy5jq37upd1%2Ffq3lV3Q8bL4VV3WCUzuOJ7zbr3uvuuYFt6KfB8z%2FM9370pjejq4dKMhUwOO36949XDoO43QwzNf7HNHFjqgA%2FOyAuQvLyw%2BfgRJJsi7n93Q9itVCdvvNPPFE21wYAffBhvxTqP0V%2B0XeOgGx%2FMp6FtSciX56Djg7kD6MFe5QCRLInzi48oPpjLRDTYf6Y0UhAxIv4c8sEUQk0h6RRM34PkTwjAOFbXEPcfrGqT0%2B1nLK3YktSe%2FgWZl6T224uI%2B0fXlRy6d7TKUqlji2G3gBxOIXtTJNkx0pEDmR%2BDpZ9C8p%2FJ0tMVxP29Nas0JC9m7qWcQnanUGIMah1k1ScdZF0HWeKgz09d2ux0Pa%2FVjbqNRjtkjDUajDXby7zJG2G76yFjlbwx0mQMpsZgZgeJ2cGWHMNkP8JuFrDcgU1L4nywgwEvkAuC3BLklCCXBHlKkA%2BKfa5sYIsHXNks8uc1mNdGMdFpb5fu67QnYgJqxrvJGblU7ca5ohxsiVN3OWh6YcijNg9oFHaiVqctllkQ8GbYXPYjBisLSHtuZnckS%2FLmx20ksiQX%2FncZET2GVcdg8hJo5oPmk1bggW5OwraHUXzUNUKMhKkzEafCgOsCSVpDuu3sqjPy0uxK7qufQ7CTaw9fPrzov%2FYnmCmQmAIfyZ8Ieur%2B5LbOyd5tnVvyaC1JZV%2BOaHXBOylNxfmH74ntXBt%2B64Ydf%2FMWq4iqPbwrbLpCYy7jniXfXpecC3NTGybI97fshojWM7t5PTNxlqysv33zVj8xwlqp4ymofLL2N5gsSe2TH2Zv8%2FnyCNJMYbIC%2FeyEzANSH4MlO7DJQr3VBEYtZqLEQZ4VExNEi59KEiixwDQqYP%2BFo0W%2Fa%2B%2BjZ2qg6T3E%2FQIDU2CgClA1hs3%2BP0kTc3Lt8VdVfI1I1SaRMrW9SBn1xWy1JXnl%2FFmVfq3S77Dy1G36oWhH7RbjPBKM%2B62g0W54XsB52OoIv4PUlkJd%2FOMfAAAA%2F%2F8BAAD%2F%2F%2FzzVFCCBAAA

173.233.137.52

200 OK

7 B

URL GET HTTP/1.1
persecutionmachinery.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSwYscxReuTiY%2Fws%2BDRLwIHhpBiaCz3T09OzPJIRhjJLjurklkz9VVNbPl1nQ1Vd3Ts4OH1YDk4GEOHtRT7ze7WYzLYv4ARWa9hAUhfZEFXfHoWQgepScDow%2F6vff19w7f9159tpudER8ZPV1%2FX4%2BkUnSpWffcyxsy5jq37upd1%2Ffq3lV3Q8bL4VV3WCUzuOJ7zbr3uvuuYFt6KfB8z%2FM9370pjejq4dKMhUwOO36949XDoO43QwzNf7HNHFjqgA%2FOyAuQvLyw%2BfgRJJsi7n93Q9itVCdvvNPPFE21wYAffBhvxTqP0V%2B0XeOgGx%2FMp6FtSciX56Djg7kD6MFe5QCRLInzi48oPpjLRDTYf6Y0UhAxIv4c8sEUQk0h6RRM34PkTwjAOFbXEPcfrGqT0%2B1nLK3YktSe%2FgWZl6T224uI%2B0fXlRy6d7TKUqlji2G3gBxOIXtTJNkx0pEDmR%2BDpZ9C8p%2FJ0tMVxP29Nas0JC9m7qWcQnanUGIMah1k1ScdZF0HWeKgz09d2ux0Pa%2FVjbqNRjtkjDUajDXby7zJG2G76yFjlbwx0mQMpsZgZgeJ2cGWHMNkP8JuFrDcgU1L4nywgwEvkAuC3BLklCCXBHlKkA%2BKfa5sYIsHXNks8uc1mNdGMdFpb5fu67QnYgJqxrvJGblU7ca5ohxsiVN3OWh6YcijNg9oFHaiVqctllkQ8GbYXPYjBisLSHtuZnckS%2FLmx20ksiQX%2FncZET2GVcdg8hJo5oPmk1bggW5OwraHUXzUNUKMhKkzEafCgOsCSVpDuu3sqjPy0uxK7qufQ7CTaw9fPrzov%2FYnmCmQmAIfyZ8Ieur%2B5LbOyd5tnVvyaC1JZV%2BOaHXBOylNxfmH74ntXBt%2B64Ydf%2FMWq4iqPbwrbLpCYy7jniXfXpecC3NTGybI97fshojWM7t5PTNxlqysv33zVj8xwlqp4ymofLL2N5gsSe2TH2Zv8%2FnyCNJMYbIC%2FeyEzANSH4MlO7DJQr3VBEYtZqLEQZ4VExNEi59KEiixwDQqYP%2BFo0W%2Fa%2B%2BjZ2qg6T3E%2FQIDU2CgClA1hs3%2BP0kTc3Lt8VdVfI1I1SaRMrW9SBn1xWy1JXnl%2FFmVfq3S77Dy1G36oWhH7RbjPBKM%2B62g0W54XsB52OoIv4PUlkJd%2FOMfAAAA%2F%2F8BAAD%2F%2F%2FzzVFCCBAAA
IP
173.233.137.52:443
ASN
#7979 SERVERS-COM

Requested by
https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Certificate
IssuerLet's Encrypt
Subjectpersecutionmachinery.com
Fingerprint7B:46:00:20:38:FB:57:02:01:FD:7A:AE:8D:B8:2B:73:C4:72:4C:22
ValidityTue, 28 Nov 2023 07:58:59 GMT - Mon, 26 Feb 2024 07:58:58 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSwYscxReuTiY%2Fws%2BDRLwIHhpBiaCz3T09OzPJIRhjJLjurklkz9VVNbPl1nQ1Vd3Ts4OH1YDk4GEOHtRT7ze7WYzLYv4ARWa9hAUhfZEFXfHoWQgepScDow%2F6vff19w7f9159tpudER8ZPV1%2FX4%2BkUnSpWffcyxsy5jq37upd1%2Ffq3lV3Q8bL4VV3WCUzuOJ7zbr3uvuuYFt6KfB8z%2FM9370pjejq4dKMhUwOO36949XDoO43QwzNf7HNHFjqgA%2FOyAuQvLyw%2BfgRJJsi7n93Q9itVCdvvNPPFE21wYAffBhvxTqP0V%2B0XeOgGx%2FMp6FtSciX56Djg7kD6MFe5QCRLInzi48oPpjLRDTYf6Y0UhAxIv4c8sEUQk0h6RRM34PkTwjAOFbXEPcfrGqT0%2B1nLK3YktSe%2FgWZl6T224uI%2B0fXlRy6d7TKUqlji2G3gBxOIXtTJNkx0pEDmR%2BDpZ9C8p%2FJ0tMVxP29Nas0JC9m7qWcQnanUGIMah1k1ScdZF0HWeKgz09d2ux0Pa%2FVjbqNRjtkjDUajDXby7zJG2G76yFjlbwx0mQMpsZgZgeJ2cGWHMNkP8JuFrDcgU1L4nywgwEvkAuC3BLklCCXBHlKkA%2BKfa5sYIsHXNks8uc1mNdGMdFpb5fu67QnYgJqxrvJGblU7ca5ohxsiVN3OWh6YcijNg9oFHaiVqctllkQ8GbYXPYjBisLSHtuZnckS%2FLmx20ksiQX%2FncZET2GVcdg8hJo5oPmk1bggW5OwraHUXzUNUKMhKkzEafCgOsCSVpDuu3sqjPy0uxK7qufQ7CTaw9fPrzov%2FYnmCmQmAIfyZ8Ieur%2B5LbOyd5tnVvyaC1JZV%2BOaHXBOylNxfmH74ntXBt%2B64Ydf%2FMWq4iqPbwrbLpCYy7jniXfXpecC3NTGybI97fshojWM7t5PTNxlqysv33zVj8xwlqp4ymofLL2N5gsSe2TH2Zv8%2FnyCNJMYbIC%2FeyEzANSH4MlO7DJQr3VBEYtZqLEQZ4VExNEi59KEiixwDQqYP%2BFo0W%2Fa%2B%2BjZ2qg6T3E%2FQIDU2CgClA1hs3%2BP0kTc3Lt8VdVfI1I1SaRMrW9SBn1xWy1JXnl%2FFmVfq3S77Dy1G36oWhH7RbjPBKM%2B62g0W54XsB52OoIv4PUlkJd%2FOMfAAAA%2F%2F8BAAD%2F%2F%2FzzVFCCBAAA HTTP/1.1
Host: persecutionmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freezer.center/
Cookie: u_pl=20605953; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 04:49:38 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a0badc24bda2587e74646e8141dd2112
Strict-Transport-Security: max-age=0; includeSubdomains

persecutionmachinery.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSwW8bxReeTd2fqh8XirggcVghgYoEzu56HdvtoSKUoIiQhLYo59mZsTNkvLOa2fU6FodApaoHDj5wAE6bz0kjSlTRPwCEHC5VBFJ9QZEgiCNnpIojWteS4Un73vv2e4fve2%2Fu7mfnxEdGzzbf1wOpFF2sVz33ypaMuc6tu37b9b2qd83dkvFSeM3tl8n0rvpeveq97r4r2I5eDDzf83zPd1ekEW3dX5yykMlxy6%2B2vGoYVP16iL75L7aZA0sd8N45eQGSTy5uP34EycaIu9%2FeEHYn1ckb73QzRVNt0ONHH8Y7sc5jdOdt2zhox0ezaWg7IeSLBej4aOYAundQOkAkJ8T5xUcUH81kIuodPlMaKYgYEX8OeW8MocaQdAym70DyJwRgHOsbiLv317XJ6e4zlpbshFSe%2FgWZT0jltxcRdx8uK9l3b2mVpVLHFv12AdkfQ3bGSLITpAMHMj8BSz%2BF5D%2BTxadriLsHG1ZpSF5M3Us5hmyPocQQ1DrIyk86yNoOssRBl5%2B5tN5qe16jHbVrtWbIGKvVGKs3l3id18Jm20PGSnlDpMkQTA3BzB4Ss4cdOYTJfoDdLmC5A5tOiPPBHnq8QC4IckuQU4JcEuQpQd4rDrmygS3uc2WzyJ%2FVYFZrxUinnX16qNOOiAmoGe4n5%2BRyuRvnqnKwI87cpaDuhSGPmjygUdiKGq2mWGJBwOthfcmPGKwsIO3C1O5ATsibHzeRyAm5%2BL8riOgJrDoBk5dBMx80HzUCD3R7FDY9DOKHbSPEQJgqE3EqDLgukKQVpLvOvjonL02v9MqFcwh2ev3By8eX%2FNf%2BBDMFElPgI%2FkjQUfdG93UOTm4qXNLHm0kqezKAS0veCulqbjw4D2xm2vDV2%2FY4ddvsZIo2%2BPbwqZrNOYy7ljyzbLkXJgVbZgg363aLRFtZnZ7OTNxlqxtvr2y2k2MsFbqeAwqn2z8DSYnpPLJ99O3%2BfxPdyHNGCYr0M1OySwg9QlYsgebzNVbTWDUfCZKFpBnxcgE0fynkgRKzDGNCth%2F4Wje79t76JgKaHoHcbdAzxToqQJUDWGz%2F4%2FSxJxef%2FxlGV8hUpVRpEzlIFJGfT4h7qufTfdbpl%2FL9DusPHPrfiiaUbPBOI8E434jqDVrnhdwHjZawm8htROhLv3xDwAAAP%2F%2FAQAA%2F%2F%2BYFC%2FbggQAAA%3D%3D

173.233.137.52

200 OK

7 B

URL GET HTTP/1.1
persecutionmachinery.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSwW8bxReeTd2fqh8XirggcVghgYoEzu56HdvtoSKUoIiQhLYo59mZsTNkvLOa2fU6FodApaoHDj5wAE6bz0kjSlTRPwCEHC5VBFJ9QZEgiCNnpIojWteS4Un73vv2e4fve2%2Fu7mfnxEdGzzbf1wOpFF2sVz33ypaMuc6tu37b9b2qd83dkvFSeM3tl8n0rvpeveq97r4r2I5eDDzf83zPd1ekEW3dX5yykMlxy6%2B2vGoYVP16iL75L7aZA0sd8N45eQGSTy5uP34EycaIu9%2FeEHYn1ckb73QzRVNt0ONHH8Y7sc5jdOdt2zhox0ezaWg7IeSLBej4aOYAundQOkAkJ8T5xUcUH81kIuodPlMaKYgYEX8OeW8MocaQdAym70DyJwRgHOsbiLv317XJ6e4zlpbshFSe%2FgWZT0jltxcRdx8uK9l3b2mVpVLHFv12AdkfQ3bGSLITpAMHMj8BSz%2BF5D%2BTxadriLsHG1ZpSF5M3Us5hmyPocQQ1DrIyk86yNoOssRBl5%2B5tN5qe16jHbVrtWbIGKvVGKs3l3id18Jm20PGSnlDpMkQTA3BzB4Ss4cdOYTJfoDdLmC5A5tOiPPBHnq8QC4IckuQU4JcEuQpQd4rDrmygS3uc2WzyJ%2FVYFZrxUinnX16qNOOiAmoGe4n5%2BRyuRvnqnKwI87cpaDuhSGPmjygUdiKGq2mWGJBwOthfcmPGKwsIO3C1O5ATsibHzeRyAm5%2BL8riOgJrDoBk5dBMx80HzUCD3R7FDY9DOKHbSPEQJgqE3EqDLgukKQVpLvOvjonL02v9MqFcwh2ev3By8eX%2FNf%2BBDMFElPgI%2FkjQUfdG93UOTm4qXNLHm0kqezKAS0veCulqbjw4D2xm2vDV2%2FY4ddvsZIo2%2BPbwqZrNOYy7ljyzbLkXJgVbZgg363aLRFtZnZ7OTNxlqxtvr2y2k2MsFbqeAwqn2z8DSYnpPLJ99O3%2BfxPdyHNGCYr0M1OySwg9QlYsgebzNVbTWDUfCZKFpBnxcgE0fynkgRKzDGNCth%2F4Wje79t76JgKaHoHcbdAzxToqQJUDWGz%2F4%2FSxJxef%2FxlGV8hUpVRpEzlIFJGfT4h7qufTfdbpl%2FL9DusPHPrfiiaUbPBOI8E434jqDVrnhdwHjZawm8htROhLv3xDwAAAP%2F%2FAQAA%2F%2F%2BYFC%2FbggQAAA%3D%3D
IP
173.233.137.52:443
ASN
#7979 SERVERS-COM

Requested by
https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Certificate
IssuerLet's Encrypt
Subjectpersecutionmachinery.com
Fingerprint7B:46:00:20:38:FB:57:02:01:FD:7A:AE:8D:B8:2B:73:C4:72:4C:22
ValidityTue, 28 Nov 2023 07:58:59 GMT - Mon, 26 Feb 2024 07:58:58 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSwW8bxReeTd2fqh8XirggcVghgYoEzu56HdvtoSKUoIiQhLYo59mZsTNkvLOa2fU6FodApaoHDj5wAE6bz0kjSlTRPwCEHC5VBFJ9QZEgiCNnpIojWteS4Un73vv2e4fve2%2Fu7mfnxEdGzzbf1wOpFF2sVz33ypaMuc6tu37b9b2qd83dkvFSeM3tl8n0rvpeveq97r4r2I5eDDzf83zPd1ekEW3dX5yykMlxy6%2B2vGoYVP16iL75L7aZA0sd8N45eQGSTy5uP34EycaIu9%2FeEHYn1ckb73QzRVNt0ONHH8Y7sc5jdOdt2zhox0ezaWg7IeSLBej4aOYAundQOkAkJ8T5xUcUH81kIuodPlMaKYgYEX8OeW8MocaQdAym70DyJwRgHOsbiLv317XJ6e4zlpbshFSe%2FgWZT0jltxcRdx8uK9l3b2mVpVLHFv12AdkfQ3bGSLITpAMHMj8BSz%2BF5D%2BTxadriLsHG1ZpSF5M3Us5hmyPocQQ1DrIyk86yNoOssRBl5%2B5tN5qe16jHbVrtWbIGKvVGKs3l3id18Jm20PGSnlDpMkQTA3BzB4Ss4cdOYTJfoDdLmC5A5tOiPPBHnq8QC4IckuQU4JcEuQpQd4rDrmygS3uc2WzyJ%2FVYFZrxUinnX16qNOOiAmoGe4n5%2BRyuRvnqnKwI87cpaDuhSGPmjygUdiKGq2mWGJBwOthfcmPGKwsIO3C1O5ATsibHzeRyAm5%2BL8riOgJrDoBk5dBMx80HzUCD3R7FDY9DOKHbSPEQJgqE3EqDLgukKQVpLvOvjonL02v9MqFcwh2ev3By8eX%2FNf%2BBDMFElPgI%2FkjQUfdG93UOTm4qXNLHm0kqezKAS0veCulqbjw4D2xm2vDV2%2FY4ddvsZIo2%2BPbwqZrNOYy7ljyzbLkXJgVbZgg363aLRFtZnZ7OTNxlqxtvr2y2k2MsFbqeAwqn2z8DSYnpPLJ99O3%2BfxPdyHNGCYr0M1OySwg9QlYsgebzNVbTWDUfCZKFpBnxcgE0fynkgRKzDGNCth%2F4Wje79t76JgKaHoHcbdAzxToqQJUDWGz%2F4%2FSxJxef%2FxlGV8hUpVRpEzlIFJGfT4h7qufTfdbpl%2FL9DusPHPrfiiaUbPBOI8E434jqDVrnhdwHjZawm8htROhLv3xDwAAAP%2F%2FAQAA%2F%2F%2BYFC%2FbggQAAA%3D%3D HTTP/1.1
Host: persecutionmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freezer.center/
Cookie: u_pl=20605953; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 04:49:38 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a09272596f36aa4b69d99676f0cf50a9
Strict-Transport-Security: max-age=0; includeSubdomains

persecutionmachinery.com/65/aa/28/65aa283021630dfd9030555c4c61a78c.js

173.233.137.52

200 OK

23 kB

URL GET HTTP/1.1
persecutionmachinery.com/65/aa/28/65aa283021630dfd9030555c4c61a78c.js
IP
173.233.137.52:443
ASN
#7979 SERVERS-COM

Requested by
https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Certificate
IssuerLet's Encrypt
Subjectpersecutionmachinery.com
Fingerprint7B:46:00:20:38:FB:57:02:01:FD:7A:AE:8D:B8:2B:73:C4:72:4C:22
ValidityTue, 28 Nov 2023 07:58:59 GMT - Mon, 26 Feb 2024 07:58:58 GMT

File type
ASCII text, with very long lines (59653), with no line terminators
Size
23 kB (23360 bytes)
Hash
a3a6804707b9f4f5b7f8bf9d50e5cf4b
2f1f693f9931606747ff986014360e5e50096e3d
3a6e64992fb73fb235d3d7867216eaee739dfc3b9e5bc09370a5cb2908d2132f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /65/aa/28/65aa283021630dfd9030555c4c61a78c.js HTTP/1.1
Host: persecutionmachinery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freezer.center/
Cookie: u_pl=20605953; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 04:49:38 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 47d903ee3eef6570ea93998b3b230879
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

swindlehumorfossil.com/pixel/purst?dl=0&th=0&sc=0&rs=2784&rd=2784&fd=507&bv=23.11.v.8&tmpl=136

173.233.139.164

200 OK

0 B

URL GET HTTP/1.1
swindlehumorfossil.com/pixel/purst?dl=0&th=0&sc=0&rs=2784&rd=2784&fd=507&bv=23.11.v.8&tmpl=136
IP
173.233.139.164:443
ASN
#7979 SERVERS-COM

Requested by
https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Certificate
IssuerLet's Encrypt
Subjectswindlehumorfossil.com
Fingerprint6A:48:09:87:B3:BC:CA:34:8C:89:81:44:2C:DE:1D:37:9A:B3:27:B5
ValidityTue, 28 Nov 2023 08:16:30 GMT - Mon, 26 Feb 2024 08:16:29 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=2784&rd=2784&fd=507&bv=23.11.v.8&tmpl=136 HTTP/1.1
Host: swindlehumorfossil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freezer.center/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 04:49:39 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

banquetunarmedgrater.com/advertisers.js

104.21.86.121

200 OK

0 B

URL GET HTTP/2
banquetunarmedgrater.com/advertisers.js
IP
104.21.86.121:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbanquetunarmedgrater.com
Fingerprint92:8E:AD:72:AC:AD:3B:21:99:CD:21:A0:9F:BD:F2:AF:0D:98:D8:57
ValidityThu, 09 Nov 2023 11:40:15 GMT - Wed, 07 Feb 2024 11:40:14 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freezer.center/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 04:49:39 GMT
content-type: application/javascript
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=172800
x-request-id: b97c6db991bdee34ed89764a31b8a7a9
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 03 Dec 2023 04:49:33 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y2mWlsQtMfaB5rgEFPYYLXakHi0%2FUQJZiKZYKgebGiHXJ1ryA3i%2FR8HbbwNbWwE6TYpbHUY8mlSPdJ8l5UVmM9edqO6JjOoY9GjO3m7xUD5j6D64GnxF%2FLZEdQ9fwCs4N8TMgok6tBofWaw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82f92f2a092056aa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

freezer.center/cdn-cgi/challenge-platform/scripts/jsd/main.js

188.114.97.1

302 Found

7.3 kB

URL GET HTTP/3
freezer.center/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Certificate
IssuerGoogle Trust Services LLC
Subjectfreezer.center
Fingerprint13:AE:64:07:75:2D:32:0A:9D:F1:5E:55:75:17:89:FC:C7:96:EC:21
ValidityTue, 14 Nov 2023 22:46:29 GMT - Mon, 12 Feb 2024 22:46:28 GMT

File type

Size
7.3 kB (7269 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: freezer.center
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=7ee0ae58hn6t7e1f53k05cvsqs; cf_clearance=Ig4RA7gw.sEwvd8wqYsRbk1xjHy17yZ26sMpY4eusPI-1701578976-0-1-730ca2d2.73a07051.5b213570-0.2.1701578976; _ga_V6YQY2S72L=GS1.1.1701578982.1.0.1701578982.60.0.0; _ga=GA1.1.1542527870.1701578982; dom3ic8zudi28v8lr6fgphwffqoz0j6c=d155b52b-bb84-471e-aa37-951444e6fd85%3A1%3A1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 302 Found
date: Sun, 03 Dec 2023 04:49:37 GMT
cache-control: max-age=300, public
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yC1v6mW13E0lVdq5CB51qfEQ2nxRX%2FVn8skoIJZKphAsGzZbNtUHYSh%2BVQFyeQDDHUlO6pBsXUGo86GyiJpNvhKs0wcIl6VrI7bmSntERYfgtFIwg7h5vKitUPxROxperA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f92f215f7c56b1-OSL
alt-svc: h3=":443"; ma=86400

friendshipmale.com/sfp.js

104.21.234.32

200 OK

86 kB

URL GET HTTP/3
friendshipmale.com/sfp.js
IP
104.21.234.32:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT

File type

Size
86 kB (85468 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freezer.center/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 03 Dec 2023 04:49:38 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: ec3dc0e6fb1c9a62a5530102b7e27b09
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 03 Dec 2023 04:49:37 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=36ltcoKMw62p%2BYDmHjvyhkDLfZM0GpaTeym5rtjbmanx%2Bcd9QUI9QCq342v6F60YpNvXtN4b5%2FgssoAzGFMAXvd5SgCD%2FApEzRmw1SnE0IbnoecN4m8YJlukl11P9iXDNYOqiSw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82f92f28cc434c88-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=d1ae51d6ab

172.64.205.20

200 OK

60 kB

URL GET HTTP/2
ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=d1ae51d6ab
IP
172.64.205.20:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Certificate
IssuerGoogle Trust Services LLC
Subjectka-f.fontawesome.com
FingerprintBC:9B:12:21:8D:67:FE:B5:D3:76:65:FC:D3:F7:91:AE:B4:65:CA:81
ValidityWed, 08 Nov 2023 07:11:36 GMT - Tue, 06 Feb 2024 07:11:35 GMT

File type
ASCII text, with very long lines (60130)
Size
60 kB (60312 bytes)
Hash
a12ec7ebe75a4d59a5dd6b79e2ba2e16
28f5dcc595ee6d4163481ef64170180502c8629b
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

HTTP Headers

GET /releases/v5.15.4/css/free.min.css?token=d1ae51d6ab HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freezer.center/
Origin: https://freezer.center
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 04:49:37 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 af69af45a94f94ec264bfb9a5a28f3aa.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: kjr_PZ-zgDw8a16RAkQKK-TknEhXKdyWt15CjX8hqjNedIWD0NLvnQ==
age: 2684784
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IuTYzfxRNXqG7GZGXGO0P0R2BOlJkor9zkKkRs%2F6UOY%2F12W4v%2BKoctUgvsDX1oPHvn5JAvoArwlaxbY2q2KRrxq7O1c0%2FNz6rqYlHtbQBEceCEBEZsRrh8d2L1sdFH4LcwSKUuRyEg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f92f21def96439-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

freezer.center/styles/freezer/js/jquery.min.js

188.114.97.1

200 OK

87 kB

URL GET HTTP/3
freezer.center/styles/freezer/js/jquery.min.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Certificate
IssuerGoogle Trust Services LLC
Subjectfreezer.center
Fingerprint13:AE:64:07:75:2D:32:0A:9D:F1:5E:55:75:17:89:FC:C7:96:EC:21
ValidityTue, 14 Nov 2023 22:46:29 GMT - Mon, 12 Feb 2024 22:46:28 GMT

File type
ASCII text, with very long lines (65451)
Size
87 kB (86927 bytes)
Hash
a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

HTTP Headers

GET /styles/freezer/js/jquery.min.js HTTP/1.1
Host: freezer.center
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Cookie: PHPSESSID=7ee0ae58hn6t7e1f53k05cvsqs
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 03 Dec 2023 04:49:36 GMT
content-type: application/javascript
last-modified: Sat, 04 Feb 2023 16:23:10 GMT
etag: W/"1538f-5f3e236bbf780-gzip"
vary: Accept-Encoding
cache-control: max-age=691200
cf-cache-status: HIT
age: 6126
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cZBShxbaIyrts%2BQCkF2urXowb7UyUDKhtwE73hh0NyAKzclOB7PnQJjNkqv%2F8iifyPJ4hrksp0WyzIzA%2BX1mP5ZyJBs7WJ8263MOVsqIZshzeLvqEN%2Bz3WVC%2FYdTSBE3cg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f92f1bae0656b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freezer.center/cdn-cgi/challenge-platform/scripts/jsd/main.js

188.114.97.1

302 Found

7.4 kB

URL GET HTTP/3
freezer.center/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Certificate
IssuerGoogle Trust Services LLC
Subjectfreezer.center
Fingerprint13:AE:64:07:75:2D:32:0A:9D:F1:5E:55:75:17:89:FC:C7:96:EC:21
ValidityTue, 14 Nov 2023 22:46:29 GMT - Mon, 12 Feb 2024 22:46:28 GMT

File type

Size
7.4 kB (7351 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: freezer.center
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=7ee0ae58hn6t7e1f53k05cvsqs
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 302 Found
date: Sun, 03 Dec 2023 04:49:36 GMT
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
cache-control: max-age=300, public
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PSCRVSlCaxAnD3BgN%2BGMGswfZ4%2BwJJlqgbgoc%2B7kNXYsx%2FVZrLXaE7CszziQnsXoQQXwnzMgSuVhIIKd%2FG%2B1YVDizftuJVRP1O4gIbaWJRf7KsMknqbGo6H8b3G0m1nOKw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f92f1bee1356b1-OSL
alt-svc: h3=":443"; ma=86400

freezer.center/images/favicon.ico

188.114.97.1

200 OK

15 kB

URL GET HTTP/3
freezer.center/images/favicon.ico
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Certificate
IssuerGoogle Trust Services LLC
Subjectfreezer.center
Fingerprint13:AE:64:07:75:2D:32:0A:9D:F1:5E:55:75:17:89:FC:C7:96:EC:21
ValidityTue, 14 Nov 2023 22:46:29 GMT - Mon, 12 Feb 2024 22:46:28 GMT

File type
MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
15 kB (15086 bytes)
Hash
b9882be986d46f3b4d543f8533ff4a70
ae09aef259b9eeea927ee0ba65b4f6794ec31959
68f12226570843cd5ca7295acb6dfc229d7ded7f02600fd80a36cfbcb842187a

HTTP Headers

GET /images/favicon.ico HTTP/1.1
Host: freezer.center
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Cookie: PHPSESSID=7ee0ae58hn6t7e1f53k05cvsqs; cf_clearance=Ig4RA7gw.sEwvd8wqYsRbk1xjHy17yZ26sMpY4eusPI-1701578976-0-1-730ca2d2.73a07051.5b213570-0.2.1701578976
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 03 Dec 2023 04:49:37 GMT
content-type: image/vnd.microsoft.icon
last-modified: Tue, 14 Feb 2023 21:54:18 GMT
etag: W/"3aee-5f4b0015f5680"
cache-control: max-age=691200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qgUf0PDcz509Jp80VvXk3xk%2FqXyWur%2BATFOSqvp4t2ZIJxxyEOc9SxmE%2Fz3S4sanHLXQkSeDpfYMTTUq0pAyr2ZxZvfd7%2FloEWZFaZdZLE1m9a6vZFRkf%2FIOfNJcZ6b2iw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82f92f1e7eb356b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

kit.fontawesome.com/d1ae51d6ab.js

104.18.40.68

200 OK

12 kB

URL GET HTTP/2
kit.fontawesome.com/d1ae51d6ab.js
IP
104.18.40.68:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (11461)
Size
12 kB (11894 bytes)
Hash
1dfcee7cfff84d0d76c1e5b96fcf5662
7bb69256df6fa5c7e5d8368b38b9be36aeaddd1a
f1b0d8f1417efe8dc0569af90f9e8ddffd5fba5ed06c3d5c6cbd5cf1dd69ec7b

HTTP Headers

GET /d1ae51d6ab.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://freezer.center
DNT: 1
Connection: keep-alive
Referer: https://freezer.center/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 04:49:36 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, stale-while-revalidate=30
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: F5yEmf_bqfxKbSwADgDh
cf-cache-status: HIT
server: cloudflare
cf-ray: 82f92f1bcd9f7129-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

friendshipmale.com/sfp.js

104.21.234.32

200 OK

86 kB

URL GET HTTP/2
friendshipmale.com/sfp.js
IP
104.21.234.32:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT

File type

Size
86 kB (85468 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freezer.center/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 04:49:37 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: ef0a17f531e54eac7f62900166b2bcb4
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 03 Dec 2023 04:49:37 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8idcVdZopG%2BK%2FqEPLanDkZkdjnneBYYfhu8jfSZ3cDClTM5G0Z0cyNvRVfOaLDIWEBUt48j6Dnt81Y74Mf%2FdpqhJwEGkpJ0P7UbV4NzhMiWlq%2FhzaZc7xrRgzTPn10%2BDx31Yiw8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82f92f216a384c86-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

freezer.center/plugins/progressive_uploader/ready.js?v=1701578976

188.114.97.1

200 OK

11 kB

URL GET HTTP/3
freezer.center/plugins/progressive_uploader/ready.js?v=1701578976
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Certificate
IssuerGoogle Trust Services LLC
Subjectfreezer.center
Fingerprint13:AE:64:07:75:2D:32:0A:9D:F1:5E:55:75:17:89:FC:C7:96:EC:21
ValidityTue, 14 Nov 2023 22:46:29 GMT - Mon, 12 Feb 2024 22:46:28 GMT

File type
ASCII text, with CRLF line terminators
Size
11 kB (11089 bytes)
Hash
8e50a2f5b1fb7e3322af263e7282cbe5
e5edf6e9caa220306bb7b3bacf974aa7da95e888
e9c9da22a371319a054e6258e722b00a3178ba8a513f3cfe4105fd2954418933

HTTP Headers

GET /plugins/progressive_uploader/ready.js?v=1701578976 HTTP/1.1
Host: freezer.center
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Cookie: PHPSESSID=7ee0ae58hn6t7e1f53k05cvsqs
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 03 Dec 2023 04:49:36 GMT
content-type: application/javascript
last-modified: Sat, 05 Aug 2023 09:02:32 GMT
etag: W/"2b51-6022946065a00-gzip"
vary: Accept-Encoding
cache-control: max-age=691200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ggaAVGktELhA%2BfWWZ9EHbI2RHZN3a1isIiynP6nbK%2Fe25ocEN%2BjwwlL3ovHVr%2FbPZEZ5aHXu6Bb9nQWjGdKQdsc6Qc8T4HMKmvc8DcdYSLg3Ayjku5zxWIJ%2F9nyUf%2BgKw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f92f1bae0356b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html

188.114.97.1

200 OK

15 kB

URL User Request GET HTTP/2
freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectfreezer.center
Fingerprint13:AE:64:07:75:2D:32:0A:9D:F1:5E:55:75:17:89:FC:C7:96:EC:21
ValidityTue, 14 Nov 2023 22:46:29 GMT - Mon, 12 Feb 2024 22:46:28 GMT

File type

Size
15 kB (14785 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html HTTP/1.1
Host: freezer.center
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 04:49:36 GMT
content-type: text/html; charset=UTF-8
cache-control: private, no-cache="set-cookie"
pragma: no-cache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
set-cookie: PHPSESSID=7ee0ae58hn6t7e1f53k05cvsqs; path=/; domain=.freezer.center
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eaASrxVLn56RIY%2F6iRbQzGK%2Bsir3Jvw1z9N1VRO3KoIrdqJP6JcqCUPwmiethWX%2FecnJ%2F%2Bp0YdIm4gFrNL1D2yzODeUd%2BaFLt4FvcXjPoom1GtI%2BaeIkOrEk98sNEYuGUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f92f176bcfb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

freezer.center/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

188.114.97.1

200 OK

12 kB

URL GET HTTP/3
freezer.center/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Certificate
IssuerGoogle Trust Services LLC
Subjectfreezer.center
Fingerprint13:AE:64:07:75:2D:32:0A:9D:F1:5E:55:75:17:89:FC:C7:96:EC:21
ValidityTue, 14 Nov 2023 22:46:29 GMT - Mon, 12 Feb 2024 22:46:28 GMT

File type
ASCII text, with very long lines (12331)
Size
12 kB (12332 bytes)
Hash
88a769d2fe35899fd45a332a0a032cc0
514c6c1d8475d17e412849a4c90159517d0fa10a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

HTTP Headers

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: freezer.center
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Cookie: PHPSESSID=7ee0ae58hn6t7e1f53k05cvsqs
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 03 Dec 2023 04:49:36 GMT
content-type: application/javascript
last-modified: Tue, 28 Nov 2023 16:06:21 GMT
etag: W/"65660ffd-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kgU1Q6Mtqf0jRLwUlFBbmo9fzPlVePzQDlG%2Bnlx60XugUT25LdBK1tnK%2BEkZxWipYRktYM%2BEr5%2BeiP4nMLK6vf3DI7IJhQ4M9FJmIzsHwmav0RLjNSOjcqaGJnbPR9Ca3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82f92f1a5dae56b1-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Tue, 05 Dec 2023 04:49:36 GMT
cache-control: max-age=172800, public
content-encoding: gzip

region1.analytics.google.com/g/collect?v=2&tid=G-V6YQY2S72L&gtm=45je3bt0v9103851048&_p=1701578982349&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1542527870.1701578982&ul=en-us&sr=1280x1024&_s=1&sid=1701578982&sct=1&seg=0&dl=https%3A%2F%2Ffreezer.center%2Fdownloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html&dt=Download%20Litchi%20For%20dJI%20drones%20v4%2026%203%20Mod%20apk%20jimtechs%20biz%20-%20Freezer%20Center&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1386

216.239.34.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-V6YQY2S72L&gtm=45je3bt0v9103851048&_p=1701578982349&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1542527870.1701578982&ul=en-us&sr=1280x1024&_s=1&sid=1701578982&sct=1&seg=0&dl=https%3A%2F%2Ffreezer.center%2Fdownloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html&dt=Download%20Litchi%20For%20dJI%20drones%20v4%2026%203%20Mod%20apk%20jimtechs%20biz%20-%20Freezer%20Center&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1386
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-V6YQY2S72L&gtm=45je3bt0v9103851048&_p=1701578982349&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1542527870.1701578982&ul=en-us&sr=1280x1024&_s=1&sid=1701578982&sct=1&seg=0&dl=https%3A%2F%2Ffreezer.center%2Fdownloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html&dt=Download%20Litchi%20For%20dJI%20drones%20v4%2026%203%20Mod%20apk%20jimtechs%20biz%20-%20Freezer%20Center&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1386 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://freezer.center
DNT: 1
Connection: keep-alive
Referer: https://freezer.center/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://freezer.center
date: Sun, 03 Dec 2023 04:49:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

freezer.center/styles/freezer/css/stylesheet.css?v=1

188.114.97.1

200 OK

1.6 kB

URL GET HTTP/3
freezer.center/styles/freezer/css/stylesheet.css?v=1
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Certificate
IssuerGoogle Trust Services LLC
Subjectfreezer.center
Fingerprint13:AE:64:07:75:2D:32:0A:9D:F1:5E:55:75:17:89:FC:C7:96:EC:21
ValidityTue, 14 Nov 2023 22:46:29 GMT - Mon, 12 Feb 2024 22:46:28 GMT

File type
ASCII text, with very long lines (1557), with no line terminators
Size
1.6 kB (1557 bytes)
Hash
7a17f68ceff090c257c600513adbe79b
b4f9333531f35c3e710c5aed12a635034452b956
efd84ad0f5423dd4409ce61e2634f28839f2b4eaf5f23449b28a91292b979748

HTTP Headers

GET /styles/freezer/css/stylesheet.css?v=1 HTTP/1.1
Host: freezer.center
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Cookie: PHPSESSID=7ee0ae58hn6t7e1f53k05cvsqs
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 03 Dec 2023 04:49:36 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=2055
etag: W/"807-6032f1e6bee40-gzip"
last-modified: Fri, 18 Aug 2023 09:26:09 GMT
vary: Accept-Encoding
cache-control: max-age=691200
cf-cache-status: HIT
age: 6127
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ccA85%2F2ESToAVOV5rTFDfPX6U5oFFehqXB79g67uYRcsaR0UWN%2Bl%2F9993jiZ2PCaEdQISmBrlCgKzWZLvVPQI6%2BFELeORsujEtSXlKQVXznS8GQJvMHKG6PxX1lTiXJNiw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f92f1a4da856b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.ezojs.com/ezoic/sa.min.js

104.21.63.106

200 OK

124 kB

URL GET HTTP/2
www.ezojs.com/ezoic/sa.min.js
IP
104.21.63.106:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freezer.center/downloadf-Litchi-For-dJI-drones-v4-26-3-Mod-apk-jimtechs-biz-1-apk.html
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.ezojs.com
Fingerprint1E:09:AE:00:88:A0:CE:57:C6:01:3C:40:25:7D:BD:1F:38:CE:18:14
ValidityWed, 08 Nov 2023 03:49:27 GMT - Tue, 06 Feb 2024 03:49:26 GMT

File type

Size
124 kB (123952 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ezoic/sa.min.js HTTP/1.1
Host: www.ezojs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freezer.center/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 03 Dec 2023 04:49:36 GMT
content-type: application/javascript
cache-control: public, max-age=86400
vary: Accept-Encoding
x-middleton-display: sol-js
x-robots-tag: noindex
last-modified: Sat, 02 Dec 2023 16:48:32 GMT
cf-cache-status: HIT
age: 43257
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BLBGAB7HQaVHLqUEeWc%2BT5nq7dcOscAdANyO0tSpy%2BrgVgHixdBBDqSE%2BZjs8Qn2P7t5c%2BMhpUUI%2B8HX5qNcCWiMtcdQIwVqQFfmm%2FxAdBaTNvNjeJ%2F4a2d1eHFSaZWx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f92f1c0c1db4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (20)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations