| uydf3.fxrdojbstqiijqx.com/html/20240423/87485.html | 23.249.191.126 | 200 OK | 8.4 kB |
URL User Request GET HTTP/1.1uydf3.fxrdojbstqiijqx.com/html/20240423/87485.html IP23.249.191.126:80
File typeHTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1308), with CRLF line terminators Hash3358ba8e748175e844778d7dc9e4809f a486d837c7fde27b3f2d0c80a16f418d2fbc18ed cf71aae10f675ecf0cc778937e9608f8c1de015eb948cb76de19d0e0fc379803
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /html/20240423/87485.html HTTP/1.1
Host: uydf3.fxrdojbstqiijqx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 23 Apr 2024 21:58:51 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: Hm_lvt=zh; expires=Wed, 24-Apr-2024 09:58:51 GMT; Max-Age=43200
Content-Encoding: gzip
|
|
| uydf3.fxrdojbstqiijqx.com/template/news/newsblue/css/base.css | 23.249.191.126 | 200 OK | 3.8 kB |
URL GET HTTP/1.1uydf3.fxrdojbstqiijqx.com/template/news/newsblue/css/base.css IP23.249.191.126:80
Requested byhttp://uydf3.fxrdojbstqiijqx.com/html/20240423/87485.html
File typeISO-8859 text, with CRLF line terminators Hash8fd64732d533560505eb50249a4b94eb 55943e5641b08418c121f90f06c01832e67d6283 0f561fff4dc4b0957936b36fb2d65b5ff39aea9e5f149f1e146ead7a0c1c7c98
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /template/news/newsblue/css/base.css HTTP/1.1
Host: uydf3.fxrdojbstqiijqx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://uydf3.fxrdojbstqiijqx.com/html/20240423/87485.html
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 23 Apr 2024 21:58:51 GMT
Content-Type: text/css
Last-Modified: Sun, 12 Jul 2020 13:37:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5f0b122e-2bf1"
Expires: Wed, 24 Apr 2024 09:58:51 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
|
|
| static.bdsgsm360.com/google/image/e88fdedf359f5d851f1103fe07e43998.jpg | 104.21.86.75 | 200 OK | 25 kB |
URL GET HTTP/2static.bdsgsm360.com/google/image/e88fdedf359f5d851f1103fe07e43998.jpg IP104.21.86.75:443
Requested byhttp://uydf3.fxrdojbstqiijqx.com/html/20240423/87485.html CertificateIssuerGoogle Trust Services LLC Subjectbdsgsm360.com Fingerprint48:4F:26:23:0A:C7:E6:A3:23:FA:49:84:5B:6A:EE:DD:97:FB:33:92 ValidityTue, 26 Mar 2024 18:17:37 GMT - Mon, 24 Jun 2024 18:17:36 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 250x375, components 3 Hash2094f86a36a872b191bc325ea692bc38 7f28cbbb3ad4e32d0650cdd06f4b0d0b572cb05f a1161080df5db6539ba0e4d18eef3071b6d6588c6a0ecc96d09d3e9739f1b5aa
GET /google/image/e88fdedf359f5d851f1103fe07e43998.jpg HTTP/1.1
Host: static.bdsgsm360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://uydf3.fxrdojbstqiijqx.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 23 Apr 2024 21:58:52 GMT
content-type: image/jpeg
content-length: 25226
last-modified: Thu, 27 Jul 2023 08:25:26 GMT
etag: "64c229f6-628a"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YJvOX1lxoBKpwz3EmIGWKDhydrHYt41tSnIqlLJri%2BxjrylwPatJk0NoQIcjbVDgrRcWFs5GVwMssdVp22wRLZ7Mxu7Sonf0sadErHvqbv%2BXjfEmAJm4TBhhfz9vkieibcAUbz2TNA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87911e0e6f6756ab-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.bdsgsm360.com/google/image/ec134d69da27fee466ee4ceecaa407ab.jpg | 104.21.86.75 | 200 OK | 4.5 kB |
URL GET HTTP/2static.bdsgsm360.com/google/image/ec134d69da27fee466ee4ceecaa407ab.jpg IP104.21.86.75:443
Requested byhttp://uydf3.fxrdojbstqiijqx.com/html/20240423/87485.html CertificateIssuerGoogle Trust Services LLC Subjectbdsgsm360.com Fingerprint48:4F:26:23:0A:C7:E6:A3:23:FA:49:84:5B:6A:EE:DD:97:FB:33:92 ValidityTue, 26 Mar 2024 18:17:37 GMT - Mon, 24 Jun 2024 18:17:36 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 110x73, components 3 Hash1bd3d57f7daa2214da3ba06088fcbb99 7833745c1a65ef7ad66e436ae511eb24ecd59448 a3ac3e59af1af28bca555cd6832258a3d87d2c20a14c9c7b8efb8b74b3ff65a0
GET /google/image/ec134d69da27fee466ee4ceecaa407ab.jpg HTTP/1.1
Host: static.bdsgsm360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://uydf3.fxrdojbstqiijqx.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 23 Apr 2024 21:58:52 GMT
content-type: image/jpeg
content-length: 4500
last-modified: Thu, 27 Jul 2023 08:09:58 GMT
etag: "64c22656-1194"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BfFarDZuR%2B3molv%2FywJwYDKTthELmJm8seFa6WQ1dNoY7%2FnjjNo1UKvfcXBLGWK9pUEhNkxOC9LVD6Fxvi%2FJom5eRKZQ4%2Bfs1g8AJ4qd0qhpjsarseEpmsELib%2FIMHcL8Ofoq2bNqA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87911e0e6f6056ab-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.bdsgsm360.com/google/image/a212696f51b6aba95b92551478a2f441.jpg | 104.21.86.75 | 200 OK | 11 kB |
URL GET HTTP/2static.bdsgsm360.com/google/image/a212696f51b6aba95b92551478a2f441.jpg IP104.21.86.75:443
Requested byhttp://uydf3.fxrdojbstqiijqx.com/html/20240423/87485.html CertificateIssuerGoogle Trust Services LLC Subjectbdsgsm360.com Fingerprint48:4F:26:23:0A:C7:E6:A3:23:FA:49:84:5B:6A:EE:DD:97:FB:33:92 ValidityTue, 26 Mar 2024 18:17:37 GMT - Mon, 24 Jun 2024 18:17:36 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=10, manufacturer=Canon, model=Canon EOS 5D Mark III, xresolution=162, yresolution=170, resolutionunit=2, software=www.meitu.com, datetime=2015:09:19 05:13:18], baseline, precision 8, 110x165, components 3 Hashcb0491d5561652e0854d948cc91647db 9418a3a40262b3c3bcc5301439c017aa0087fccc 99b9e16cfe993b3397e621b03549ef86d4c180ce6bdf7656662b7962d7f052a7
GET /google/image/a212696f51b6aba95b92551478a2f441.jpg HTTP/1.1
Host: static.bdsgsm360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://uydf3.fxrdojbstqiijqx.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 23 Apr 2024 21:58:52 GMT
content-type: image/jpeg
content-length: 10837
last-modified: Thu, 27 Jul 2023 08:32:56 GMT
etag: "64c22bb8-2a55"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vs1zhDqapeDcfBKkIj2fR7HKP7ycazSBtrOxW83BXgaWJAoD6LOCLu%2BHd4iJC%2FVioe%2BgqMtYmj%2FsuvGu65cVsQeiieL0%2BvZuFiro4jSHdi%2BjoZiwq8EWSb%2FBBQ0RkgNCqmmGwFNNQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87911e0e6f6656ab-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.bdsgsm360.com/google/image/389c2b5ecb2dd0737a9e6fb8f89d0c53.jpg | 104.21.86.75 | 200 OK | 16 kB |
URL GET HTTP/2static.bdsgsm360.com/google/image/389c2b5ecb2dd0737a9e6fb8f89d0c53.jpg IP104.21.86.75:443
Requested byhttp://uydf3.fxrdojbstqiijqx.com/html/20240423/87485.html CertificateIssuerGoogle Trust Services LLC Subjectbdsgsm360.com Fingerprint48:4F:26:23:0A:C7:E6:A3:23:FA:49:84:5B:6A:EE:DD:97:FB:33:92 ValidityTue, 26 Mar 2024 18:17:37 GMT - Mon, 24 Jun 2024 18:17:36 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 250x375, components 3 Hash5037f4d2ca9fd6ab6cc637edf5ac22c2 dfa021d497631c1331037972f4d865dcdebc7ab9 707eb0b913e9e4aa31348f1e4469400a9665fe09e8982cabea26620169f272dc
GET /google/image/389c2b5ecb2dd0737a9e6fb8f89d0c53.jpg HTTP/1.1
Host: static.bdsgsm360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://uydf3.fxrdojbstqiijqx.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 23 Apr 2024 21:58:52 GMT
content-type: image/jpeg
content-length: 16457
last-modified: Thu, 27 Jul 2023 08:20:46 GMT
etag: "64c228de-4049"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H6uZCb%2BlRW9YWvTjdhz6J2RarGpg2np2f%2B5hp681VcrzeidMGYULkLNGEuex35bVQOvK1WDaWcjSZgFhBjeW1bCMdwVOx9sd1v3qM7oTtBbed42o1%2BgzjMlYfYn6JVhYF3mkSb48Dw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87911e0e6f6356ab-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| uydf3.fxrdojbstqiijqx.com/template/news/newsblue/css/common.css | 23.249.191.126 | 200 OK | 18 kB |
URL GET HTTP/1.1uydf3.fxrdojbstqiijqx.com/template/news/newsblue/css/common.css IP23.249.191.126:80
Requested byhttp://uydf3.fxrdojbstqiijqx.com/html/20240423/87485.html
File typeISO-8859 text, with very long lines (1336), with CRLF line terminators Hashbcf811b4cbdb1f7e4213bd563cfa1295 5a01f8dc731459b36ffba71ceaf9afd7ee41cd37 662383a8737fdb7a98f71305c883f6d33fa6c13df465947eb3a9834a54531a6c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /template/news/newsblue/css/common.css HTTP/1.1
Host: uydf3.fxrdojbstqiijqx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://uydf3.fxrdojbstqiijqx.com/html/20240423/87485.html
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 23 Apr 2024 21:58:52 GMT
Content-Type: text/css
Last-Modified: Sun, 12 Jul 2020 13:38:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5f0b123c-108d3"
Expires: Wed, 24 Apr 2024 09:58:52 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
|
|
| static.bdsgsm360.com/google/image/a197b11cbba754dce0890e569a1fa608.jpg | 104.21.86.75 | 200 OK | 21 kB |
URL GET HTTP/2static.bdsgsm360.com/google/image/a197b11cbba754dce0890e569a1fa608.jpg IP104.21.86.75:443
Requested byhttp://uydf3.fxrdojbstqiijqx.com/html/20240423/87485.html CertificateIssuerGoogle Trust Services LLC Subjectbdsgsm360.com Fingerprint48:4F:26:23:0A:C7:E6:A3:23:FA:49:84:5B:6A:EE:DD:97:FB:33:92 ValidityTue, 26 Mar 2024 18:17:37 GMT - Mon, 24 Jun 2024 18:17:36 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 250x375, components 3 Hash35b79a9ae65b8240561cccf4cbdb1e84 f1f3651ec47a20da73f676416cf784606727d5c2 b1186fef523b6e3fdfd88b9bd0ad34624fa7716f69a7659c883339838bfef38d
GET /google/image/a197b11cbba754dce0890e569a1fa608.jpg HTTP/1.1
Host: static.bdsgsm360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://uydf3.fxrdojbstqiijqx.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 23 Apr 2024 21:58:52 GMT
content-type: image/jpeg
content-length: 20630
last-modified: Thu, 27 Jul 2023 08:18:52 GMT
etag: "64c2286c-5096"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RQyADntFtR8ip08aZ%2BAl9GcxApsBvkJ6rXk4iKVryKOjUOL7dvKqNlGCQmRGnH7vewe5zmhdvO65wBiDRrxn5pap%2F%2FpJEr0I5y%2Fh7P408QF%2BfvIEjfFrbga41l3IMErGIKLV%2BP8PVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87911e0e6f5f56ab-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.bdsgsm360.com/google/image/4c4ab6d7f43d05c53b0fc9b947b99d84.jpg | 104.21.86.75 | 200 OK | 36 kB |
URL GET HTTP/2static.bdsgsm360.com/google/image/4c4ab6d7f43d05c53b0fc9b947b99d84.jpg IP104.21.86.75:443
Requested byhttp://uydf3.fxrdojbstqiijqx.com/html/20240423/87485.html CertificateIssuerGoogle Trust Services LLC Subjectbdsgsm360.com Fingerprint48:4F:26:23:0A:C7:E6:A3:23:FA:49:84:5B:6A:EE:DD:97:FB:33:92 ValidityTue, 26 Mar 2024 18:17:37 GMT - Mon, 24 Jun 2024 18:17:36 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 250x375, components 3 Hash9b7a5dd93f7269fe489304026f0d3cea c7ea1dec07a9b856d5c93e7274bfe27933e51087 423fd862707c141d78e71fa3042280dc16d84c17c75fb440944db2577ba77180
GET /google/image/4c4ab6d7f43d05c53b0fc9b947b99d84.jpg HTTP/1.1
Host: static.bdsgsm360.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://uydf3.fxrdojbstqiijqx.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 23 Apr 2024 21:58:52 GMT
content-type: image/jpeg
content-length: 36027
last-modified: Thu, 27 Jul 2023 08:23:00 GMT
etag: "64c22964-8cbb"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F%2FBJx4k4%2BvXjqtZ1lcwfCzWHLx8oxaOOjbbIK96tuiKG%2FFsRDi%2Bj51F7gW3NhQ3FZOg2HUQ38vFiinoy3dRYE4uFJ%2BIJqQkiwTjteqdHD%2Fao3f9iiIgQ7vnUENzPJC4f3G0Rlbx1DA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87911e0e6f6156ab-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| uydf3.fxrdojbstqiijqx.com/uploads/images/logo.png?n=42w2hznyrts25nxfqw36nhej5gmzbzmfvtsy7oa&w=250 | 23.249.191.126 | 200 OK | 3.8 kB |
URL GET HTTP/1.1uydf3.fxrdojbstqiijqx.com/uploads/images/logo.png?n=42w2hznyrts25nxfqw36nhej5gmzbzmfvtsy7oa&w=250 IP23.249.191.126:80
Requested byhttp://uydf3.fxrdojbstqiijqx.com/html/20240423/87485.html
File typePNG image data, 250 x 66, 8-bit colormap, non-interlaced Hash0c622b645c0f43cf64f3d6659cce5a14 fbaff76f34d0c132b691b074e2a6d83c58499537 2ffcb7d6fef54441dadcfd24e6b4bc74476e1ad1e54d35459a978e946c09465a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /uploads/images/logo.png?n=42w2hznyrts25nxfqw36nhej5gmzbzmfvtsy7oa&w=250 HTTP/1.1
Host: uydf3.fxrdojbstqiijqx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://uydf3.fxrdojbstqiijqx.com/html/20240423/87485.html
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 23 Apr 2024 21:58:52 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: Hm_lvt=zh; expires=Wed, 24-Apr-2024 09:58:52 GMT; Max-Age=43200
|
|
| uydf3.fxrdojbstqiijqx.com/skin/2018/images/text-message.png | 23.249.191.126 | 200 OK | 7.9 kB |
URL GET HTTP/1.1uydf3.fxrdojbstqiijqx.com/skin/2018/images/text-message.png IP23.249.191.126:80
Requested byhttp://uydf3.fxrdojbstqiijqx.com/html/20240423/87485.html
File typeHTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1356), with CRLF line terminators Hash0a10a00aed663fa4b919e3235c95a2f9 aa29d66335b575f9c0081c1c734bcb97fb294332 ee507bac35346e4764f97014b7b64a208d1f9908170be65344a43bd1a484b2bd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /skin/2018/images/text-message.png HTTP/1.1
Host: uydf3.fxrdojbstqiijqx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://uydf3.fxrdojbstqiijqx.com/html/20240423/87485.html
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 23 Apr 2024 21:58:52 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: Hm_lvt=zh; expires=Wed, 24-Apr-2024 09:58:52 GMT; Max-Age=43200
Content-Encoding: gzip
|
|
| icws.jb51.net/images/newsli.gif | 185.244.209.62 | 200 OK | 44 B |
URL GET HTTP/1.1icws.jb51.net/images/newsli.gif IP185.244.209.62:80 ASN#199524 G-Core Labs S.A.
Requested byhttp://uydf3.fxrdojbstqiijqx.com/html/20240423/87485.html
File typeGIF image data, version 89a, 3 x 3 Hash2ef6767f3a54a1e7c749421ef0ffad20 6b7bea57d385a7d57c084afd11f22af120c68362 8982ed211bb30a49a7ce244b18752f32995cac16b2f840b904ade831a83e4886
GET /images/newsli.gif HTTP/1.1
Host: icws.jb51.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://uydf3.fxrdojbstqiijqx.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 23 Apr 2024 21:58:52 GMT
Content-Type: image/gif
Content-Length: 44
Connection: keep-alive
ETag: "012399d5beca1:0"
Last-Modified: Mon, 08 Mar 2010 15:39:54 GMT
X-NWS-LOG-UUID: 16640292662123860315
X-Cache-Lookup: Cache Miss
X-ID-SHIELD: sg1-hw-edge-gc50
traceparent: 00-5a7fb57920f0afe1dcb7eff8cd2a4723-a67848b55540d9e0-01
X-ID: osix-hw-edge-gc4
Cache: HIT, HIT
X-Cached-Since: 2024-03-21T13:07:53+00:00, 2024-04-21T00:54:57+00:00
Accept-Ranges: bytes
X-ID-FE: osix-hw-edge-gc4
|
|
| uydf3.fxrdojbstqiijqx.com/favicon.ico | 23.249.191.126 | 200 OK | 0 B |
URL GET HTTP/1.1uydf3.fxrdojbstqiijqx.com/favicon.ico IP23.249.191.126:80
Requested byhttp://uydf3.fxrdojbstqiijqx.com/html/20240423/87485.html
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: uydf3.fxrdojbstqiijqx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://uydf3.fxrdojbstqiijqx.com/html/20240423/87485.html
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 23 Apr 2024 21:58:53 GMT
Content-Type: image/x-icon
Content-Length: 0
Last-Modified: Tue, 30 Jul 2019 15:51:36 GMT
Connection: keep-alive
ETag: "5d406788-0"
Accept-Ranges: bytes
|
|
| img.jbzj.com/skin/2018/images/index_icon.png | 104.18.222.225 | 403 Forbidden | 29 B |
URL GET HTTP/1.1img.jbzj.com/skin/2018/images/index_icon.png IP104.18.222.225:80
Requested byhttp://uydf3.fxrdojbstqiijqx.com/html/20240423/87485.html
Hash0ad88312b491679cf6171ba18eb4f0b9 6d694bc3f09150c1058ac2184e5f5a4e7adc9b44 689d6ef23e5ff4913f43cf406b243d2839771522d4b8d841a41dbb0042f65ae5
GET /skin/2018/images/index_icon.png HTTP/1.1
Host: img.jbzj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://uydf3.fxrdojbstqiijqx.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Tue, 23 Apr 2024 21:58:54 GMT
Content-Type: application/json
Content-Length: 29
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
X-Reqid: dyQAAABuSg2kB8kX
X-Svr: IO
X-Log: X-Log
CF-Cache-Status: MISS
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87911e18fbd60afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.jbzj.com/skin/2018/images/icon.png | 104.18.222.225 | 403 Forbidden | 29 B |
URL GET HTTP/1.1img.jbzj.com/skin/2018/images/icon.png IP104.18.222.225:80
Requested byhttp://uydf3.fxrdojbstqiijqx.com/html/20240423/87485.html
Hash0ad88312b491679cf6171ba18eb4f0b9 6d694bc3f09150c1058ac2184e5f5a4e7adc9b44 689d6ef23e5ff4913f43cf406b243d2839771522d4b8d841a41dbb0042f65ae5
GET /skin/2018/images/icon.png HTTP/1.1
Host: img.jbzj.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://uydf3.fxrdojbstqiijqx.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Tue, 23 Apr 2024 21:58:54 GMT
Content-Type: application/json
Content-Length: 29
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Access-Control-Max-Age: 2592000
X-Reqid: yYQAAAAEdw6kB8kX
X-Svr: IO
X-Log: X-Log
CF-Cache-Status: MISS
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87911e18fa83569b-OSL
alt-svc: h3=":443"; ma=86400
|
|