Report - jhaqc.com/

Report Overview

Submitted URL
jhaqc.com/
IP
104.148.25.71
ASN
#46573 LAYER-HOST
Submitted
2022-11-15 02:18:17
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
24

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.jhaqc.com	unknown			916 B	2.1 kB	104.148.25.71
p.qlogo.cn	48578	2014-01-15T12:11:45Z	2023-03-10T14:24:00Z	456 B	332 kB	43.154.254.32
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-10T05:11:21Z	729 B	3.8 kB	104.18.21.226
sysupload.csiteadmin.com	unknown	2022-02-20T11:34:59Z	2023-02-21T13:32:54Z	4.3 kB	2.8 MB	52.184.85.124
8499483.com	unknown	2022-10-27T07:23:31Z	2023-03-10T00:39:28Z	380 B	331 kB	172.247.50.227
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	333 B	229 B	34.117.237.239
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	1.4 kB	2.8 kB	142.250.74.35
zerossl.ocsp.sectigo.com	4049	2020-05-09T21:05:29Z	2023-03-10T05:16:10Z	1.7 kB	6.1 kB	104.18.32.68
n0522.com	unknown	2021-02-01T02:45:29Z	2023-03-09T22:06:19Z	399 B	234 kB	20.243.252.217
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	3.4 kB	8.9 kB	23.36.76.226
push.zhanzhang.baidu.com	57139	2015-07-22T07:44:02Z	2023-03-10T12:46:20Z	283 B	750 B	182.61.201.94
www.towelioctltykddpdt.xyz	unknown	2022-07-14T03:19:18Z	2023-03-09T03:17:48Z	671 B	2.4 kB	172.247.28.61
ak-d.tripcdn.com	71581	2020-10-16T07:21:44Z	2023-03-10T11:59:08Z	402 B	1.2 MB	96.6.16.143
592773xgg.com	unknown	2022-10-27T12:51:33Z	2023-02-19T11:05:56Z	403 B	679 kB	103.170.15.94
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	606 B	127 B	100.20.30.105
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	3.2 kB	67 kB	34.120.237.76
gif.naigou1002.top	unknown	2022-06-04T18:05:56Z	2022-11-25T10:31:41Z	307 B	988 B	104.21.233.253
www.tupku.top	unknown	2022-06-30T23:26:11Z	2023-03-09T19:45:44Z	383 B	1.6 MB	172.67.200.40
e1.o.lencr.org	6159	2021-08-20T09:36:30Z	2023-03-10T11:39:59Z	676 B	1.5 kB	23.36.77.32
kvkggg.top	unknown	2022-11-08T07:39:56Z	2023-03-06T08:21:35Z	400 B	401 kB	104.21.5.141
u1022.com	unknown	2021-02-01T02:45:41Z	2023-03-09T14:49:25Z	399 B	528 kB	103.170.15.45
537882736.com	unknown	2022-09-15T10:58:37Z	2023-01-15T04:59:10Z	403 B	580 kB	47.75.19.145
js.users.51.la	53024	2012-05-30T17:10:11Z	2023-03-10T12:46:20Z	277 B	2.7 kB	103.143.19.103
cdn.jsdelivr.net	439	2012-09-30T02:15:09Z	2023-03-10T11:13:22Z	395 B	1.1 MB	151.101.85.229
628536nyv.com	unknown	2022-10-29T16:32:10Z	2023-02-25T10:33:58Z	403 B	102 kB	45.61.212.127
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	682 B	1.6 kB	93.184.220.29
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-10T05:10:00Z	782 B	2.4 kB	34.102.187.140
www.bbniu.xyz	unknown			2.6 kB	131 kB	156.251.184.244
dimg04.c-ctrip.com	139731	2014-05-08T18:11:10Z	2023-03-10T00:26:51Z	404 B	894 kB	104.110.17.24
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-10T14:35:32Z	2.7 kB	7.7 kB	104.18.32.68
kvezz.com	237784	2021-10-17T10:32:09Z	2023-03-09T23:57:52Z	399 B	422 B	45.154.215.92
ocsp2.globalsign.com	1544	2012-05-23T20:10:04Z	2023-03-10T05:13:37Z	367 B	1.9 kB	104.18.21.226
u1099.com	unknown	2021-01-31T00:32:48Z	2023-03-09T22:19:59Z	798 B	742 kB	103.189.108.97
jhaqc.com	unknown			341 B	194 B	104.148.25.71
kzeaa.com	unknown	2022-05-22T08:40:48Z	2023-03-09T17:38:51Z	798 B	844 B	66.150.130.123
kvkeee.top	unknown	2022-11-08T07:30:57Z	2023-02-08T16:24:03Z	800 B	2.3 MB	104.21.55.165

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-15	medium	towelioctltykddpdt.xyz	Sinkholed
2022-11-15	medium	towelioctltykddpdt.xyz	Sinkholed
2022-11-15	medium	bbniu.xyz	Sinkholed
2022-11-15	medium	bbniu.xyz	Sinkholed
2022-11-15	medium	bbniu.xyz	Sinkholed
2022-11-15	medium	bbniu.xyz	Sinkholed
2022-11-15	medium	bbniu.xyz	Sinkholed
2022-11-15	medium	bbniu.xyz	Sinkholed
2022-11-15	medium	bbniu.xyz	Sinkholed
2022-11-15	medium	bbniu.xyz	Sinkholed
2022-11-14	medium	628536nyv.com	Sinkholed
2022-11-14	medium	592773xgg.com	Sinkholed

JavaScript (13)

	URL	Size	First Seen	Last Seen
	push.zhanzhang.baidu.com/push.js	281 B	2023-03-07	2024-05-08
Pretty URL push.zhanzhang.baidu.com/push.js IP 182.61.201.94 ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-05-08 14:39:44 Times Seen19380 Hash 1bb5a3267c9865ad4abe8d937734b62b b5478dd2edb3e64242eced1db2dbd945ef81f592 674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2 Loading...

	www.towelioctltykddpdt.xyz/js/jlys.js	3.9 kB	2023-03-07	2023-05-12
Pretty URL www.towelioctltykddpdt.xyz/js/jlys.js IP 172.247.28.61 ASN #40065 CNSERVERS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:21:45 Last Seen2023-05-12 09:08:41 Times Seen10 Hash 814c2484c1fe16dff3ef9a1407d61cad 1379beed7aa943d7c78990c50a4c80e376695a23 eb749a89daea7d137bb1b9f7ab0e39382379c62a60aaf6bab425649614e1768b Loading...

	www.jhaqc.com/tj.js	214 B	2023-03-09	2023-03-26
Pretty URL www.jhaqc.com/tj.js IP 104.148.25.71 ASN #46573 LAYER-HOST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 21:36:31 Last Seen2023-03-26 13:10:25 Times Seen2 Hash bdb59b05453bf6baed64d3003a7528bc 8005fd48ee13bbfc72f4aa4245356bca32219948 d9794733843db10e8c8498f8f313048a6b06148aa081a4c8e20ed17a3dc21cfe Loading...

	www.bbniu.xyz/static/js/jquery.js	90 kB	2023-03-07	2024-05-07
Pretty URL www.bbniu.xyz/static/js/jquery.js IP 156.251.184.244 ASN #40065 CNSERVERS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:57:17 Last Seen2024-05-07 16:36:06 Times Seen537 Hash f9bdfd807c7561b5a4eb97516f348321 0fa72756e48c33a6feeace1ffa5d790d58b53729 131c0d82967fed05e1920e519e0ea6ec91ab97b7c40480f72f8af8680bba1f0a Loading...

	www.bbniu.xyz/	1.1 kB	2023-03-11	2023-03-11
Pretty URL www.bbniu.xyz/ IP 156.251.184.244 ASN #40065 CNSERVERS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 12:13:15 Last Seen2023-03-11 19:44:37 Times Seen1 Hash ae3ccaf7a84ee5496f403b323aa514d4 7f9021dc50408dd2313dac2399f28d521f8f6131 f5d2f02e391d38e546c1e3b6c7a9c52a5f62b1c6a87feea7c6ada574e7bf80a7 Loading...

	www.jhaqc.com/index.php	404 B	2023-03-07	2024-05-06
Pretty URL www.jhaqc.com/index.php IP 104.148.25.71 ASN #46573 LAYER-HOST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-05-06 05:43:26 Times Seen3014 Hash 91862680df880ab56f799547b01a5900 bd184fe6e0e046873c1a606c89ce2d3eed4b689f 6520359b93c2e43efd5a58f422af308b43c718769a0989344a10f00b345ca0b2 Loading...

	www.jhaqc.com/common.js	1.1 kB	2023-03-07	2023-05-12
Pretty URL www.jhaqc.com/common.js IP 104.148.25.71 ASN #46573 LAYER-HOST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:21:45 Last Seen2023-05-12 09:08:41 Times Seen10 Hash e2e96d214a8e7f0ca2a37277ece233f5 fbbdb205a058fc8101b45951b64d3cda6fdeb6aa 93bdbe0f178532159cdb7bcbb6b8af856b114954228637f8a0186530e0897c28 Loading...

		Size	First Seen	Last Seen
	#1 Eval - c534ea5f393e823e554b4fbe8cbe92a2	466 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 12:13:15 Last Seen2023-03-11 12:13:15 Times Seen1 Hash c534ea5f393e823e554b4fbe8cbe92a2 b785b263fddd5a8bf7b2b4ed9935b36a5e92faff 4f8be6a170aa76fa6c997fe42b26130d323a2e29bc11962efc871b37ef063058 Loading...

		Size	First Seen	Last Seen
	#1 Write - fe2a627626946e41d441edfeab0df862	81 B	2023-03-09	2023-03-26
Pretty Observations First Seen2023-03-09 21:36:31 Last Seen2023-03-26 13:10:25 Times Seen2 Hash fe2a627626946e41d441edfeab0df862 accf8ce0c4515d8c27ac2c92614a9b7632a07acf 5b7334bdd581690865ef7de31db07a6d4a5a22841fc8cadcd82fe0f486d00c8b Loading...

	#2 Write - 325ab5f86de7be5b4c9b2abf73506645	81 B	2023-03-09	2023-03-26
Pretty Observations First Seen2023-03-09 21:36:31 Last Seen2023-03-26 13:10:25 Times Seen2 Hash 325ab5f86de7be5b4c9b2abf73506645 9b8ad5512966f17a308590cbc6f54ebac0be1007 05f6809f5f35014ec72cf073ba24b24fd7b883f30ba0bd7cd5a9a5d3dc97e433 Loading...

	#3 Write - 7208bed9f91873865be384cf41859653	447 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 12:13:15 Last Seen2023-03-11 12:13:15 Times Seen1 Hash 7208bed9f91873865be384cf41859653 375cdab1d4a3109c3dad6f0185011678324d21d9 45aee4566305a03ab273ef5c11f77e0e5340747b937e648a3c7d9d776414f321 Loading...

	#4 Write - 72510c5457db7dce1f5c37b98c6ef6bb	100 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 12:13:15 Last Seen2023-03-11 12:13:15 Times Seen1 Hash 72510c5457db7dce1f5c37b98c6ef6bb d5f8bd22d3eb98680763e0df1aa7a5d219589f1a 1e84b214ef390a1bbca48003f1a78e2e27ca4191696c6027379e223e6626a218 Loading...

	#5 Write - 8cad1ba47d55856571e2dbd35da5e1fc	92 B	2023-03-07	2023-05-12
Pretty Observations First Seen2023-03-07 13:21:45 Last Seen2023-05-12 09:08:41 Times Seen8 Hash 8cad1ba47d55856571e2dbd35da5e1fc a2b94a6907d662b23b9711248105156d1d418d69 8be486cf9cc27e59e5f3602b910afdb976ea731f6f3334250cde5405e8550bf4 Loading...

HTTP Transactions (91)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7786cd9bd97e024b3a1d16215defaad2
786ddbb74b0b6bd9270622dbe0258d6caee407c1
9c297ccfd178eec7e472fb64a6b2e34d4c7a6dec32870f49982353e590196ba0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C297CCFD178EEC7E472FB64A6B2E34D4C7A6DEC32870F49982353E590196BA0"
Last-Modified: Mon, 14 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8795
Expires: Tue, 15 Nov 2022 04:44:39 GMT
Date: Tue, 15 Nov 2022 02:18:04 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
832aecaba9f06ee2d39d4d4bea65f13c
7195d6ffadfdbc6fc8e92c63ae28d4a3038a72dc
a437509314a97065de6c7b9e5e2b4b61f0234b45f5f5bf2649cbdf499577bfd3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2764
Cache-Control: max-age=118757
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 02:18:04 GMT
Etag: "637218f5-1d7"
Expires: Wed, 16 Nov 2022 11:17:21 GMT
Last-Modified: Mon, 14 Nov 2022 10:31:17 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c88bc06741ab9fb81c2544acfcc34aa2
362cab19cff5aba27f472cc00071d5dfa38192e4
314ba27975f458e13917b2be91c9d5989a3e57c9e94b5a84dd52d0e21d27ae7f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "314BA27975F458E13917B2BE91C9D5989A3E57C9E94B5A84DD52D0E21D27AE7F"
Last-Modified: Mon, 14 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14136
Expires: Tue, 15 Nov 2022 06:13:40 GMT
Date: Tue, 15 Nov 2022 02:18:04 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
4736bac84ca28f2b1e961159fb4ea098
1319612979f53896fcfeacd4215c2715d4951e4c
5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 15 Nov 2022 01:44:19 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2025
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: eRYrDyXxpEXmEGW+bFMQDao+512W1KtLb/c8OewPwJVTH/YIhy7yMb3EiAvDoBUVFZfhnXXpp9E=
x-amz-request-id: QWMM17WJ6R54C5PM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 15 Nov 2022 01:51:22 GMT
age: 1602
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

jhaqc.com/

104.148.25.71

301 Moved Permanently

0 B

URL HTTP/1.1
jhaqc.com/
IP
104.148.25.71:0
ASN
#46573 LAYER-HOST

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: jhaqc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 14 Nov 2022 10:18:58 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.jhaqc.com/index.php

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 02:18:04 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Cache-Control, Pragma, Retry-After, ETag, Alert, Expires, Backoff, Content-Type, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 15 Nov 2022 01:44:48 GMT
cache-control: public,max-age=3600
age: 1997
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

www.jhaqc.com/index.php

104.148.25.71

200 OK

804 B

URL HTTP/1.1
www.jhaqc.com/index.php
IP
104.148.25.71:0
ASN
#46573 LAYER-HOST

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (836), with CRLF line terminators
Size
804 B (804 bytes)
Hash
8bf242ddca41f9c31dd2f5339ad14276
4ea8acd2adc25b4ea23ccafb004041f3efa7e24f
6d7f066b835a929e5dbc965412b2796a4958013093f5b39b6bfda9b392d159ba

HTTP Headers

GET /index.php HTTP/1.1
Host: www.jhaqc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 14 Nov 2022 10:18:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3200044057cb585f1a435c0efece61c8
8305d5b5891288aa9996b4b4ca6fce2265413194
df45704534a24928e7659a6d8cd1b5ac9ffa9b224b02b34a2d6aed5ef69fd586

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6263
Cache-Control: max-age=117199
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 02:18:05 GMT
Etag: "63720535-1d7"
Expires: Wed, 16 Nov 2022 10:51:24 GMT
Last-Modified: Mon, 14 Nov 2022 09:07:01 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

www.jhaqc.com/common.js

104.148.25.71

200 OK

507 B

URL HTTP/1.1
www.jhaqc.com/common.js
IP
104.148.25.71:0
ASN
#46573 LAYER-HOST

File type
ASCII text, with very long lines (1065), with no line terminators
Size
507 B (507 bytes)
Hash
3a94a5fefad82e37a781a8613b63edb2
33fdcfcbc94b9e641c8c32943c48a5257920bf02
c2436c695d7e01e6a193f911bcacfb4211e93a86f7806795bc1bfc571f281d20

HTTP Headers

GET /common.js HTTP/1.1
Host: www.jhaqc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.jhaqc.com/index.php

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 14 Nov 2022 10:18:59 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

www.jhaqc.com/tj.js

104.148.25.71

200 OK

214 B

URL HTTP/1.1
www.jhaqc.com/tj.js
IP
104.148.25.71:0
ASN
#46573 LAYER-HOST

File type
HTML document, ASCII text, with CRLF line terminators
Size
214 B (214 bytes)
Hash
bdb59b05453bf6baed64d3003a7528bc
8005fd48ee13bbfc72f4aa4245356bca32219948
d9794733843db10e8c8498f8f313048a6b06148aa081a4c8e20ed17a3dc21cfe

HTTP Headers

GET /tj.js HTTP/1.1
Host: www.jhaqc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.jhaqc.com/index.php

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 14 Nov 2022 10:18:59 GMT
Content-Type: application/x-javascript
Content-Length: 214
Connection: keep-alive

push.services.mozilla.com/

100.20.30.105

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
100.20.30.105:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: dUTk2N58wrHM3dRrGXRpQg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8DAaEgZ9fw2NXxjO/K8WLMol7VE=

push.zhanzhang.baidu.com/push.js

182.61.201.94

200 OK

227 B

URL HTTP/1.1
push.zhanzhang.baidu.com/push.js
IP
182.61.201.94:0
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with no line terminators
Size
227 B (227 bytes)
Hash
e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5

HTTP Headers

GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.jhaqc.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Tue, 15 Nov 2022 02:18:05 GMT
Etag: "4078521116"
Expires: Wed, 15 Nov 2023 02:18:05 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=68670EE48A797F18FD4F9FB7395F93D5:FG=1; max-age=31536000; expires=Wed, 15-Nov-23 02:18:05 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding

www.towelioctltykddpdt.xyz/js/jlys.js

172.247.28.61

200 OK

1.8 kB

URL HTTP/1.1
www.towelioctltykddpdt.xyz/js/jlys.js
IP
172.247.28.61:0
ASN
#40065 CNSERVERS

File type
HTML document text\012- HTML document, ASCII text, with very long lines (447), with CRLF line terminators
Size
1.8 kB (1822 bytes)
Hash
88facc9844ed555fcd48540ca500e724
dea6514308a73bf471b55dca6155be10ccf55263
440a96acdbbe4eaeb3ddd12ce300a541b578fae83a1b01d1ee956d7d9cbaa965

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /js/jlys.js HTTP/1.1
Host: www.towelioctltykddpdt.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.jhaqc.com/

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 10:18:33 GMT
Content-Type: application/javascript
Last-Modified: Thu, 02 Jun 2022 07:24:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"629865a6-f3a"
Expires: Tue, 15 Nov 2022 22:18:33 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

www.towelioctltykddpdt.xyz/jlys_data.php?zq=jlys&val=smplink&t=0.9120073854395201?v=043795782458320964

172.247.28.61

200 OK

58 B

URL HTTP/1.1
www.towelioctltykddpdt.xyz/jlys_data.php?zq=jlys&val=smplink&t=0.9120073854395201?v=043795782458320964
IP
172.247.28.61:0
ASN
#40065 CNSERVERS

File type
JSON data\012- , ASCII text, with no line terminators
Size
58 B (58 bytes)
Hash
430433ea8416ba28d64609d5ce6c0c25
5fb122125c46fd446105cbf712ca1feb8fb58fe9
0aa094a8a48f5e4a3cabb84ebc6da27d1933dd50b19bbdf2c15305a4e3512c86

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /jlys_data.php?zq=jlys&val=smplink&t=0.9120073854395201?v=043795782458320964 HTTP/1.1
Host: www.towelioctltykddpdt.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.jhaqc.com
Connection: keep-alive
Referer: http://www.jhaqc.com/

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 10:18:33 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *

ocsp.globalsign.com/gsgccr3dvtlsca2020

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1414 bytes)
Hash
9eb4da35fd2a97c342fd91d3c9a1aae8
2622d8c8bc0f812ab3e7753d9c4362d4fa844b07
fe822b6b501d9c1f49cb4c985e5d37d2b08ccdc8758dea03863c7e3a3ae2d7fb

HTTP Headers

POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 02:18:06 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sat, 19 Nov 2022 00:35:14 GMT
ETag: "2622d8c8bc0f812ab3e7753d9c4362d4fa844b07"
Last-Modified: Tue, 15 Nov 2022 00:35:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 138
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76a47e8fbddeb4f9-OSL

www.bbniu.xyz/

156.251.184.244

200 OK

13 kB

URL HTTP/1.1
www.bbniu.xyz/
IP
156.251.184.244:0
ASN
#40065 CNSERVERS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (406)
Size
13 kB (13237 bytes)
Hash
baca12c735d0ad33f24d5ef2e312655c
dfc507017010dbff560568ce678df8059f42627c
f87d01d567644d11944636fdc459fbaa0638c0c704eb1ef6c83ce6db682df586

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: www.bbniu.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.jhaqc.com/
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 10:18:33 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
29b1503232a9cf0843bd9f0d01c0a9a5
620b3b98a58cd32175d40534dca81ef4a26d880f
1f54c0fa57ea62f131e173d4a365d6d2d4d10e0993eb69eaf9e27d3788a5daf8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F54C0FA57EA62F131E173D4A365D6D2D4D10E0993EB69EAF9E27D3788A5DAF8"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14489
Expires: Tue, 15 Nov 2022 06:19:35 GMT
Date: Tue, 15 Nov 2022 02:18:06 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
29b1503232a9cf0843bd9f0d01c0a9a5
620b3b98a58cd32175d40534dca81ef4a26d880f
1f54c0fa57ea62f131e173d4a365d6d2d4d10e0993eb69eaf9e27d3788a5daf8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F54C0FA57EA62F131E173D4A365D6D2D4D10E0993EB69EAF9E27D3788A5DAF8"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14489
Expires: Tue, 15 Nov 2022 06:19:35 GMT
Date: Tue, 15 Nov 2022 02:18:06 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
29b1503232a9cf0843bd9f0d01c0a9a5
620b3b98a58cd32175d40534dca81ef4a26d880f
1f54c0fa57ea62f131e173d4a365d6d2d4d10e0993eb69eaf9e27d3788a5daf8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F54C0FA57EA62F131E173D4A365D6D2D4D10E0993EB69EAF9E27D3788A5DAF8"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14489
Expires: Tue, 15 Nov 2022 06:19:35 GMT
Date: Tue, 15 Nov 2022 02:18:06 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
29b1503232a9cf0843bd9f0d01c0a9a5
620b3b98a58cd32175d40534dca81ef4a26d880f
1f54c0fa57ea62f131e173d4a365d6d2d4d10e0993eb69eaf9e27d3788a5daf8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F54C0FA57EA62F131E173D4A365D6D2D4D10E0993EB69EAF9E27D3788A5DAF8"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14489
Expires: Tue, 15 Nov 2022 06:19:35 GMT
Date: Tue, 15 Nov 2022 02:18:06 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11715 bytes)
Hash
cd5bdc050716bb76afe8090fc81617e7
5109c156b180727767fc03c411190ccc0d3fb5fc
9b13e7838946c6654dda17886c2ca8d42de934acb93f4bddb1008dfa1bd1ea99

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11715
x-amzn-requestid: 20e508bd-6568-4225-9bee-c683a49d44f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhUHkpIAMFfJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-7dc726b94a37fc667e2e6646;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: X3SUo1LP97TxraRav0ftskBhzWkTJInHaS44PW26yloF-dgD-bHBuA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 21:45:57 GMT
age: 16329
etag: "5109c156b180727767fc03c411190ccc0d3fb5fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c3081d3-ef42-45da-adea-67bbc90bf9a6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.4 kB (4394 bytes)
Hash
b18dc101656c2e449e5f54ff7b7fb10b
d5ba3b6a069a74b5db3560a265728e627f6fe18d
53a73577e37651a936a5841fe06e40475e06ce6fa9e14fc0590ddc7aba421dd2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c3081d3-ef42-45da-adea-67bbc90bf9a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4394
x-amzn-requestid: fd389a5e-b816-4bd8-a073-2f52fea5bfab
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bnEhtFfnIAMF1rQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6372b471-133a3285137912af436daffd;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 21:34:41 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 6i-blK0B05DT_CvizlmYpcDTpDV8IZLOIrukIQPW6FISAuXa1T0FdQ==
via: 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 21:47:22 GMT
age: 16244
etag: "d5ba3b6a069a74b5db3560a265728e627f6fe18d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31dd31c5-7b83-42d7-b534-fb8391ac7086.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10594 bytes)
Hash
e02b1cef4506be68e4a6fb309a88698c
7da0425161b8c34ccf9837a56bf77d498cdb65ad
c886c7d128895c62a8ecde5202f4383d22555298d78ef91d63b5d3ebedf448a7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31dd31c5-7b83-42d7-b534-fb8391ac7086.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10594
x-amzn-requestid: 528e9b30-ba34-4aef-b5b0-71cad9580bd0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bKuo_EXhoAMFtEA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63675e39-71222ac908406eeb061848f2;Sampled=0
x-amzn-remapped-date: Sun, 06 Nov 2022 07:11:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: vjOM-57TBG0yPsmFlS2ch7_ylKWffHpajgmCM7A7dVxQetoKYPXo6w==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 21:46:24 GMT
age: 16302
etag: "7da0425161b8c34ccf9837a56bf77d498cdb65ad"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

15 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdf53960-f239-44a8-b66a-ca2ce9268f98.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
15 kB (15206 bytes)
Hash
962f43862a852bfa6766b9a2d8bfb99d
a5283e68020826f085fb4f06e3dcd36cef9eb067
7eee8aa0f5c6bce04a86fa16fb5d3e632d54792d79c550b044a40a6f070b89d4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdf53960-f239-44a8-b66a-ca2ce9268f98.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 15206
x-amzn-requestid: a04dc971-de49-4dc4-8bc2-2d3244d33ace
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bnEhpEJkoAMFV9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6372b470-632efaa725c2b959692e9e77;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 21:34:40 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _ucLWmapHlWoKDoeb_ff2qbZOKGJLLQuq6RoP9mpFWOCVAJ70t13yw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 21:47:22 GMT
age: 16244
etag: "a5283e68020826f085fb4f06e3dcd36cef9eb067"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd744cf1f-bbfc-4306-bf3d-5e1e6b8b1c90.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.9 kB (7873 bytes)
Hash
edc9d97a2396dfc326736cb9b2b3b474
2c5a98ad27133575ef4fa48a8ff379ee5ad51490
a89e1e9a13b72b0a826ed77a71ec92ac5548a996f6c17b11a4c002480a429333

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd744cf1f-bbfc-4306-bf3d-5e1e6b8b1c90.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7873
x-amzn-requestid: 4a968a3c-c6ca-4d18-83b4-6a1d42e85fee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bef9SFIMoAMFYuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636f46bb-2cd01e7d191b3eda7d743866;Sampled=0
x-amzn-remapped-date: Sat, 12 Nov 2022 07:09:47 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Dd7LRmqYma1DJjtrhRR-6yMEx3nfHCXybm94gdjydLyjn6eFi4Cl7w==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 07:16:52 GMT
age: 68474
etag: "2c5a98ad27133575ef4fa48a8ff379ee5ad51490"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
29b1503232a9cf0843bd9f0d01c0a9a5
620b3b98a58cd32175d40534dca81ef4a26d880f
1f54c0fa57ea62f131e173d4a365d6d2d4d10e0993eb69eaf9e27d3788a5daf8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F54C0FA57EA62F131E173D4A365D6D2D4D10E0993EB69EAF9E27D3788A5DAF8"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14489
Expires: Tue, 15 Nov 2022 06:19:35 GMT
Date: Tue, 15 Nov 2022 02:18:06 GMT
Connection: keep-alive

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50ad5043-e51e-4766-8f6a-d0782645cc84.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11290 bytes)
Hash
49fc9477e5982c76b5205fe284f50848
2ca4915631ddcda64c1cb70674f4b1379e288050
496e4e4317538bd34bc6bc28f0c772b7afaf0edac6d2a8686f5e6c4f44331bb4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50ad5043-e51e-4766-8f6a-d0782645cc84.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11290
x-amzn-requestid: e56e4731-696e-4c63-9b48-1be184b32098
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bhPzMHOEoAMFVJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63706014-22c49f066ed90cf35d5bba3d;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 03:10:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: RXdcX1PweMfXctBjufkeOtyV8F9Yb8OyZJaUX38cdaswfBHCim7mGQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 03:38:09 GMT
age: 81597
etag: "2ca4915631ddcda64c1cb70674f4b1379e288050"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.bbniu.xyz/template/jlys/static/css/bootstrap.min.css

156.251.184.244

200 OK

27 kB

URL HTTP/1.1
www.bbniu.xyz/template/jlys/static/css/bootstrap.min.css
IP
156.251.184.244:0
ASN
#40065 CNSERVERS

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (493)
Size
27 kB (27078 bytes)
Hash
009318d8ae281e66da9d7eaf20de9350
5598f58336a95bd4208b7ebddeb204d43865a70e
80683f9d898f82ebd9b8335a25cf57e68b84c836c4765a42c7bc17b43bea16e2

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/jlys/static/css/bootstrap.min.css HTTP/1.1
Host: www.bbniu.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bbniu.xyz/

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 10:18:34 GMT
Content-Type: text/css
Last-Modified: Wed, 27 May 2020 23:55:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5ecefdf0-2212e"
Expires: Tue, 15 Nov 2022 22:18:34 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

www.bbniu.xyz/template/jlys/static/css/swiper.min.css

156.251.184.244

200 OK

3.3 kB

URL HTTP/1.1
www.bbniu.xyz/template/jlys/static/css/swiper.min.css
IP
156.251.184.244:0
ASN
#40065 CNSERVERS

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (17459)
Size
3.3 kB (3298 bytes)
Hash
3b0f19c6e3d95b50787117fc26d47c7f
33799bc7c5f9ebda4adde8d59116a87fc2cce23f
39c608aa9656788524e36287f3a9e0070085695a439e4081a5bfd48c3b6f83b3

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/jlys/static/css/swiper.min.css HTTP/1.1
Host: www.bbniu.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bbniu.xyz/

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 10:18:34 GMT
Content-Type: text/css
Last-Modified: Wed, 27 May 2020 23:55:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5ecefdf2-4562"
Expires: Tue, 15 Nov 2022 22:18:34 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

www.bbniu.xyz/template/jlys/static/css/white.css

156.251.184.244

200 OK

2.8 kB

URL HTTP/1.1
www.bbniu.xyz/template/jlys/static/css/white.css
IP
156.251.184.244:0
ASN
#40065 CNSERVERS

File type
assembler source, ASCII text, with very long lines (1029), with CRLF line terminators
Size
2.8 kB (2820 bytes)
Hash
a5eccc7e2836315f7bb04b7898a027fd
b0df7401bdd8d1c8e70596bcf988254afafd6805
2bce05beec599deec60a00af27e41f9af335ca0684f93e22a6e3c2f6d5169590

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/jlys/static/css/white.css HTTP/1.1
Host: www.bbniu.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bbniu.xyz/

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 10:18:34 GMT
Content-Type: text/css
Last-Modified: Wed, 21 Apr 2021 20:48:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60808fb6-29da"
Expires: Tue, 15 Nov 2022 22:18:34 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

www.bbniu.xyz/template/jlys/static/css/mm-content.css

156.251.184.244

200 OK

1.4 kB

URL HTTP/1.1
www.bbniu.xyz/template/jlys/static/css/mm-content.css
IP
156.251.184.244:0
ASN
#40065 CNSERVERS

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
1.4 kB (1418 bytes)
Hash
52aa59d2204183f0387403c70b429fe9
834ea6ae81fa673cf95f01619c727198d4954f6f
57ce4e3e4ddc6bb24d3d25a9ef34a5a3076395b049f6fa832eb05b3d62b95d00

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/jlys/static/css/mm-content.css HTTP/1.1
Host: www.bbniu.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bbniu.xyz/

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 10:18:34 GMT
Content-Type: text/css
Last-Modified: Mon, 09 May 2022 14:28:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62792503-1cd0"
Expires: Tue, 15 Nov 2022 22:18:34 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

www.bbniu.xyz/template/jlys/static/css/style.css

156.251.184.244

200 OK

15 kB

URL HTTP/1.1
www.bbniu.xyz/template/jlys/static/css/style.css
IP
156.251.184.244:0
ASN
#40065 CNSERVERS

File type
assembler source, Unicode text, UTF-8 text, with very long lines (350), with CRLF line terminators
Size
15 kB (14728 bytes)
Hash
4495e8aa756dc2cda90f57239ecad9ea
c8aaebce7643d7c46edc3b4e2ae426ae6b8c6ed5
d56b5cf774c910d16c7c11a36322205fd47fe3f64688fb79e3f59b1f2a9a9257

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/jlys/static/css/style.css HTTP/1.1
Host: www.bbniu.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bbniu.xyz/

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 10:18:34 GMT
Content-Type: text/css
Last-Modified: Thu, 08 Jul 2021 15:56:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60e72017-10b00"
Expires: Tue, 15 Nov 2022 22:18:34 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

www.bbniu.xyz/static/js/jquery.js

156.251.184.244

200 OK

35 kB

URL HTTP/1.1
www.bbniu.xyz/static/js/jquery.js
IP
156.251.184.244:0
ASN
#40065 CNSERVERS

File type
ASCII text, with very long lines (65447)
Size
35 kB (34877 bytes)
Hash
abedc8bae88e267ba9ab2db769d1eee4
e2e0efd271d8a6564837e7226c7586a0d96047b5
a33a11a3922bed1ab922e13cd825e1fdf1fff5a9695aa9359acaa2a6e8d30066

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /static/js/jquery.js HTTP/1.1
Host: www.bbniu.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bbniu.xyz/

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 10:18:34 GMT
Content-Type: application/javascript
Last-Modified: Sat, 12 Nov 2022 17:31:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"636fd867-15e3f"
Expires: Tue, 15 Nov 2022 22:18:34 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

ak-d.tripcdn.com/images/0Z03f223495fl86ls3FAF.gif

96.6.16.143

200 OK

1.2 MB

URL HTTP/2
ak-d.tripcdn.com/images/0Z03f223495fl86ls3FAF.gif
IP
96.6.16.143:0
ASN
#16625 AKAMAI-AS

File type
GIF image data, version 89a, 960 x 80\012- data
Size
1.2 MB (1197751 bytes)
Hash
6938343bc2a842c4d2c9c96f4dde0298
00e2b1b902b196b3c005facb934c10e2a2ca1961
5ccc1726994dfc6d2667e13bf946785f79bb01401fedb59db1cbdf6942dbaee6

HTTP Headers

GET /images/0Z03f223495fl86ls3FAF.gif HTTP/1.1
Host: ak-d.tripcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 1197751
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=7446806
expires: Thu, 09 Feb 2023 06:51:33 GMT
date: Tue, 15 Nov 2022 02:18:07 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2

js.users.51.la/21285005.js

103.143.19.103

200 OK

2.3 kB

URL HTTP/1.1
js.users.51.la/21285005.js
IP
103.143.19.103:0
ASN
#4837 CHINA UNICOM China169 Backbone

File type
ASCII text, with very long lines (4898)
Size
2.3 kB (2310 bytes)
Hash
c827032af976c243b7bd48054094e6c9
bc5327afcec506ecd4a4e5af1b891f788a3e24bc
e5a1e6ee76c05c78cf4654d9f917125112c358781afbbb1ecae66724472dd496

HTTP Headers

GET /21285005.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bbniu.xyz/

HTTP/1.1 200 OK
Server: CloudWAF
Date: Tue, 15 Nov 2022 02:18:07 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=8ac71f73c2b49bcc07; path=/
HWWAFSESTIME=1668478686889; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip

gif.naigou1002.top/GIF/1241242.gif

104.21.233.253

200 OK

276 B

URL HTTP/1.1
gif.naigou1002.top/GIF/1241242.gif
IP
104.21.233.253:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (426), with no line terminators
Size
276 B (276 bytes)
Hash
6aea6632fb7397ddad30b57084bff67b
9f657259a61190add63aeb4b279b7666804fdbc8
e8ec9623f6a21304a8d9246e3bc820283a341e3a0837a52d949cdaebd52e3468

HTTP Headers

GET /GIF/1241242.gif HTTP/1.1
Host: gif.naigou1002.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bbniu.xyz/

HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 02:18:07 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=259200
CF-Cache-Status: HIT
Age: 7341
Last-Modified: Tue, 15 Nov 2022 00:15:46 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=65vIjnFQpx%2BsvEOTe7eTAp%2FwlA%2FLWQNe0uMkfguDtmwZ6KQG6NGUnZMmjPwnEKY%2Bxke46tz%2FWqjGqdB2Pd1nw9BlMeYH2TLyDMSv3cwVYZvjGED1YgZz467pFJ57ChcEiC67zm4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76a47e94de2c7777-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
5ec2bfda068843ba8f42630bf3e4b0cd
0c6ea9a3894a2fc4fa451597f77328623e7427d3
2e28d1cf20bd85ac5506e2820628701ca9af04493aba71d4f602ed988bca707b

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 02:18:07 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "0397957C68CE5A5C99FD228AF31652DDBB16A689"
Expires: Tue, 15 Nov 2022 12:00:00 GMT
Last-Modified: Tue, 15 Nov 2022 00:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3134
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76a47e95a87fb4f9-OSL

cdn.jsdelivr.net/gh/re341/ipad@main/112.ww

151.101.85.229

200 OK

1.1 MB

URL HTTP/2
cdn.jsdelivr.net/gh/re341/ipad@main/112.ww
IP
151.101.85.229:0
ASN
#54113 FASTLY

File type
GIF image data, version 89a, 206 x 206\012- data
Size
1.1 MB (1127941 bytes)
Hash
0e7eec6edceaeea89caf8f918078ac38
1d7f2cc8f2b17e529e52d2bf4594be2a1934ef25
a1dae3e6252e4cc2d7d8ef59a9b8b7484fd5e4a10f7276e975c3654f6c9391c8

HTTP Headers

GET /gh/re341/ipad@main/112.ww HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: main
x-jsd-version-type: branch
content-type: application/octet-stream
etag: W/"113605-HX8syPKxflKeUtK/RZS+Khk07yU"
accept-ranges: bytes
date: Tue, 15 Nov 2022 02:18:07 GMT
age: 7991
x-served-by: cache-fra-eddf8230116-FRA, cache-bma1674-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1127941
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/8PiKUJKCkz4

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/8PiKUJKCkz4
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
77fe12c5b087586bb996f0eec132b212
db3c4dcb5248f9e8ff2b2b6d22a0a2ed28644a05
5c765f792c15fcfe3311b8897af99936c5ae0f7a37f3970b8ba410225db93b87

HTTP Headers

POST /s/gts1p5/8PiKUJKCkz4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 02:18:07 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.tupku.top/lm/031815-80.gif

172.67.200.40

200 OK

1.6 MB

URL HTTP/2
www.tupku.top/lm/031815-80.gif
IP
172.67.200.40:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 500 x 281\012- data
Size
1.6 MB (1626999 bytes)
Hash
17244f3a8b60a0f7b291f5621c873713
c523f5d5b60d2eabc9084e9ba5803647ac08c2cd
4aed8c090aa7bff3de4c028efced6a87dd7645bc15d265cdddf106f3f5dd9435

HTTP Headers

GET /lm/031815-80.gif HTTP/1.1
Host: www.tupku.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 15 Nov 2022 02:18:07 GMT
content-type: image/gif
content-length: 1626999
last-modified: Thu, 07 Jul 2022 15:13:11 GMT
etag: "62c6f807-18d377"
expires: Tue, 15 Nov 2022 22:22:38 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2479415
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1jjxv4NxpaeuTD8MoBJstnwdepAH%2BDO8%2FQWNEmD3gvBQwGPQjChZXMAdChDCTNS4wDlai84yVKHk%2B25iLxUmSJUKrEVNYuvoqIlSqoX7RyLDMbu1ZOirUr%2F9iZ1dUh%2FW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a47e95fd66b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

dimg04.c-ctrip.com/images/03950120009rs7dn26B5E.gif

104.110.17.24

200 OK

894 kB

URL HTTP/2
dimg04.c-ctrip.com/images/03950120009rs7dn26B5E.gif
IP
104.110.17.24:0
ASN
#16625 AKAMAI-AS

File type
GIF image data, version 89a, 960 x 80\012- data
Size
894 kB (893726 bytes)
Hash
1e34697200f13da14c5bfabeba617325
9a18ed38d5d385f885c28a4280b4c61302745b65
b63a862a0f65ff9f685e9b67fd171a6df96878469b0a85d1da2f644399c0409f

HTTP Headers

GET /images/03950120009rs7dn26B5E.gif HTTP/1.1
Host: dimg04.c-ctrip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
content-length: 893726
access-control-allow-origin: *
last-modified: Tue, 12 May 2015 01:00:00 GMT
cache-control: max-age=6913095
expires: Fri, 03 Feb 2023 02:36:22 GMT
date: Tue, 15 Nov 2022 02:18:07 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2

www.bbniu.xyz/template/jlys//images/logo.png

156.251.184.244

200 OK

31 kB

URL HTTP/1.1
www.bbniu.xyz/template/jlys//images/logo.png
IP
156.251.184.244:0
ASN
#40065 CNSERVERS

File type
PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Size
31 kB (31224 bytes)
Hash
9e193b97a7e7ad03e60ea7e0525d1cc2
8a65564e9be25b8c9130ca5f46e42440f455f747
5b91ad20822478a84eb4018c93feb80184e765c4d7997383def9160c92e00757

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /template/jlys//images/logo.png HTTP/1.1
Host: www.bbniu.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bbniu.xyz/

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 10:18:34 GMT
Content-Type: image/png
Content-Length: 31224
Last-Modified: Thu, 16 Jun 2022 13:35:12 GMT
Connection: keep-alive
ETag: "62ab3190-79f8"
Expires: Thu, 15 Dec 2022 10:18:34 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

ocsp.pki.goog/s/gts1p5/8PiKUJKCkz4

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/8PiKUJKCkz4
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
77fe12c5b087586bb996f0eec132b212
db3c4dcb5248f9e8ff2b2b6d22a0a2ed28644a05
5c765f792c15fcfe3311b8897af99936c5ae0f7a37f3970b8ba410225db93b87

HTTP Headers

POST /s/gts1p5/8PiKUJKCkz4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 02:18:07 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ef13e64d486b8332de0065e428c2e5b5
a771f04866e0ac6b334bbcf657f8aaeaa6970d0c
e7fd310f11e4aef9c0cdec1738d7f1d71258ae19c255e8d8bd33411e4824b609

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E7FD310F11E4AEF9C0CDEC1738D7F1D71258AE19C255E8D8BD33411E4824B609"
Last-Modified: Sat, 12 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5385
Expires: Tue, 15 Nov 2022 03:47:52 GMT
Date: Tue, 15 Nov 2022 02:18:07 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ef13e64d486b8332de0065e428c2e5b5
a771f04866e0ac6b334bbcf657f8aaeaa6970d0c
e7fd310f11e4aef9c0cdec1738d7f1d71258ae19c255e8d8bd33411e4824b609

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E7FD310F11E4AEF9C0CDEC1738D7F1D71258AE19C255E8D8BD33411E4824B609"
Last-Modified: Sat, 12 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5385
Expires: Tue, 15 Nov 2022 03:47:52 GMT
Date: Tue, 15 Nov 2022 02:18:07 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
63566c18d5d70ea474eacf73bab096a6
5d76af6485973806839972ea3d2885dc0527f4a6
ef083a9b50db42e6f35d8c9086e09a710cc347d217fccc8b2913f3d1bfc16954

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF083A9B50DB42E6F35D8C9086E09A710CC347D217FCCC8B2913F3D1BFC16954"
Last-Modified: Sun, 13 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1912
Expires: Tue, 15 Nov 2022 02:49:59 GMT
Date: Tue, 15 Nov 2022 02:18:07 GMT
Connection: keep-alive

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
b3619f496c3bc45fc74e00b3085e28e0
f49aad323ab65f4ccf79b2ff4230969132f83b5e
c79360ea186c6351f1b16c193953b991b46bb87a50d94d78197f34ae7b9bce8f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 02:18:07 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 13 Nov 2022 03:39:08 GMT
Expires: Sun, 20 Nov 2022 03:39:07 GMT
Etag: "f49aad323ab65f4ccf79b2ff4230969132f83b5e"
Cache-Control: max-age=436259,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a47e97ae290b06-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
c721fb64fe0c60ef4efaa77a9b5d09c6
9b1f289c7eb2b7da219de322ce3862b2091194c0
5b4e68ff04ae58ec58079534ea115b4d49346c23ac299a2a2d7050cb384b9a28

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 02:18:07 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 11 Nov 2022 16:32:08 GMT
Expires: Fri, 18 Nov 2022 16:32:07 GMT
Etag: "9b1f289c7eb2b7da219de322ce3862b2091194c0"
Cache-Control: max-age=309839,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a47e97b9a5b521-OSL

kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif

66.150.130.123

301 Moved Permanently

162 B

URL HTTP/2
kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif
IP
66.150.130.123:0
ASN
#35913 DEDIPATH-LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /92f0c144d76dd785f7c04f84ae149b33.gif HTTP/1.1
Host: kzeaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 15 Nov 2022 02:18:07 GMT
content-type: text/html
content-length: 162
location: https://kvkeee.top/92f0c144d76dd785f7c04f84ae149b33.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

kzeaa.com/52324facff4bd070699ce4cddb8e2c5d.gif

66.150.130.123

301 Moved Permanently

162 B

URL HTTP/2
kzeaa.com/52324facff4bd070699ce4cddb8e2c5d.gif
IP
66.150.130.123:0
ASN
#35913 DEDIPATH-LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /52324facff4bd070699ce4cddb8e2c5d.gif HTTP/1.1
Host: kzeaa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 15 Nov 2022 02:18:07 GMT
content-type: text/html
content-length: 162
location: https://kvkeee.top/52324facff4bd070699ce4cddb8e2c5d.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

zerossl.ocsp.sectigo.com/

104.18.32.68

200 OK

728 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
728 B (728 bytes)
Hash
f61516b4dfce0dbc333dd8306c60f1de
17a77026f84a2120bf163626741c2d695eb44584
0e76a7a25953ab6ff331ab62bdf24b0f82f1faaeca447574b0f574339e1dcd2a

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 02:18:08 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 23:09:42 GMT
Expires: Mon, 21 Nov 2022 23:09:41 GMT
Etag: "17a77026f84a2120bf163626741c2d695eb44584"
Cache-Control: max-age=592892,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a47e983871b509-OSL

zerossl.ocsp.sectigo.com/

104.18.32.68

200 OK

727 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
d0ac36671c1e542999f2d5b5f3e28517
f2bdb4f815073e3f724d2eebb072f992b5378643
c1130c5c88ceb556b77b8535d6b8063bfc607c66be4e19ff8ab460ce8cdedcc6

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 02:18:08 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 19:09:56 GMT
Expires: Mon, 21 Nov 2022 19:09:55 GMT
Etag: "f2bdb4f815073e3f724d2eebb072f992b5378643"
Cache-Control: max-age=578506,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a47e9868700b61-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
730ab8084dfe5815ab10cd8d7be9dae1
f94bc3ff5b18cd5a99913c50a79605fb3a458342
7f8c72d7d1e4feabda08e13507bdd0c67c8c5ff7558b4fef87e2658ab59a76cb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 02:18:08 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 13 Nov 2022 15:31:13 GMT
Expires: Sun, 20 Nov 2022 15:31:12 GMT
Etag: "f94bc3ff5b18cd5a99913c50a79605fb3a458342"
Cache-Control: max-age=478983,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a47e978828b509-OSL

kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif

45.154.215.92

301 Moved Permanently

162 B

URL HTTP/2
kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP
45.154.215.92:0
ASN
#201106 Spartan Host Ltd

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: kvezz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 15 Nov 2022 02:18:08 GMT
content-type: text/html
content-length: 162
location: https://kvkggg.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

zerossl.ocsp.sectigo.com/

104.18.32.68

200 OK

727 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
d0ac36671c1e542999f2d5b5f3e28517
f2bdb4f815073e3f724d2eebb072f992b5378643
c1130c5c88ceb556b77b8535d6b8063bfc607c66be4e19ff8ab460ce8cdedcc6

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 02:18:08 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 19:09:56 GMT
Expires: Mon, 21 Nov 2022 19:09:55 GMT
Etag: "f2bdb4f815073e3f724d2eebb072f992b5378643"
Cache-Control: max-age=578506,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a47e987852b51e-OSL

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
22cae5578e56d3d740e35685ede70a88
2c215d6ef1512e79a8f7b828686ac129965bf605
230f1ba159c1471964bdba88fc6ac016be18a8c64d9b2f2d0c73c330109f08bd

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "230F1BA159C1471964BDBA88FC6AC016BE18A8C64D9B2F2D0C73C330109F08BD"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21206
Expires: Tue, 15 Nov 2022 08:11:34 GMT
Date: Tue, 15 Nov 2022 02:18:08 GMT
Connection: keep-alive

zerossl.ocsp.sectigo.com/

104.18.32.68

200 OK

727 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
d0ac36671c1e542999f2d5b5f3e28517
f2bdb4f815073e3f724d2eebb072f992b5378643
c1130c5c88ceb556b77b8535d6b8063bfc607c66be4e19ff8ab460ce8cdedcc6

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 02:18:08 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 19:09:56 GMT
Expires: Mon, 21 Nov 2022 19:09:55 GMT
Etag: "f2bdb4f815073e3f724d2eebb072f992b5378643"
Cache-Control: max-age=578506,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a47e987b8cb523-OSL

zerossl.ocsp.sectigo.com/

104.18.32.68

200 OK

727 B

URL HTTP/1.1
zerossl.ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
d0ac36671c1e542999f2d5b5f3e28517
f2bdb4f815073e3f724d2eebb072f992b5378643
c1130c5c88ceb556b77b8535d6b8063bfc607c66be4e19ff8ab460ce8cdedcc6

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 02:18:08 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 19:09:56 GMT
Expires: Mon, 21 Nov 2022 19:09:55 GMT
Etag: "f2bdb4f815073e3f724d2eebb072f992b5378643"
Cache-Control: max-age=578506,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a47e98989cb509-OSL

kvkeee.top/92f0c144d76dd785f7c04f84ae149b33.gif

104.21.55.165

200 OK

1.0 MB

URL HTTP/2
kvkeee.top/92f0c144d76dd785f7c04f84ae149b33.gif
IP
104.21.55.165:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
1.0 MB (1024160 bytes)
Hash
52748c8ca30fe48c822541046bceafc0
8640926f83b9c0d635fb28403505a7c0f0753857
2e292531362f37bf7a1cd01330efb234450b1f836e975c55f2b2179c0be32ae6

HTTP Headers

GET /92f0c144d76dd785f7c04f84ae149b33.gif HTTP/1.1
Host: kvkeee.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.bbniu.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 15 Nov 2022 02:18:08 GMT
content-type: image/gif
content-length: 1024160
last-modified: Wed, 25 May 2022 13:49:10 GMT
etag: "628e33d6-fa0a0"
expires: Sat, 10 Dec 2022 16:37:24 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 380444
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=froaTzOXXKea%2BmwR7Ap39vQN88uRXcjHVmmTl4IgNArpYTzxBqFpDYNG2dVBxR5s%2BxoLy0WpeQWwt%2FyzgCjRIV%2F1%2B41Fr%2FYlM5tAd%2BtL4b49U4Crzo930euf3lER"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a47e99dfcdb500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

kvkeee.top/52324facff4bd070699ce4cddb8e2c5d.gif

104.21.55.165

200 OK

1.3 MB

URL HTTP/2
kvkeee.top/52324facff4bd070699ce4cddb8e2c5d.gif
IP
104.21.55.165:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 80\012- data
Size
1.3 MB (1298074 bytes)
Hash
85b9a672c120f7478c57ca77aa1aed79
2dfe0f0557d29d30b86081052810d6fdd7ca36b7
29b8db3afafa2d2558af310a1c0da25048104389f4126b5fc19b458dc3b0af46

HTTP Headers

GET /52324facff4bd070699ce4cddb8e2c5d.gif HTTP/1.1
Host: kvkeee.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.bbniu.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 15 Nov 2022 02:18:08 GMT
content-type: image/gif
content-length: 1298074
last-modified: Wed, 25 May 2022 13:49:49 GMT
etag: "628e33fd-13ce9a"
expires: Sat, 10 Dec 2022 13:53:41 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 390267
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1989idBEBlCExYQLEqZp%2BSkV1R6g5xxMkX43MV7pzeG%2Bzi58qHQzfx%2FrQCcZ%2FJ59cn3PdGm6hgje1FqIMpE9GA2qjJOaKvX8HgtPydA9eycblRKujhLmttJNZ3Nd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a47e99dfd1b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp2.globalsign.com/gsorganizationvalsha2g2

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1459 bytes)
Hash
f19b79c796747d5238899551ae2dede4
5ed3c91ec46ff194320be3f27fe0c0f6a3ff37ed
118f6d6a25a2240570e23371e72974a7afb05d7074e568aca37a0db1038b602a

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 02:18:08 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Fri, 18 Nov 2022 23:06:37 GMT
ETag: "5ed3c91ec46ff194320be3f27fe0c0f6a3ff37ed"
Last-Modified: Mon, 14 Nov 2022 23:06:38 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1495
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76a47e9a6eb5b4ff-OSL

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
22cae5578e56d3d740e35685ede70a88
2c215d6ef1512e79a8f7b828686ac129965bf605
230f1ba159c1471964bdba88fc6ac016be18a8c64d9b2f2d0c73c330109f08bd

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "230F1BA159C1471964BDBA88FC6AC016BE18A8C64D9B2F2D0C73C330109F08BD"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21206
Expires: Tue, 15 Nov 2022 08:11:34 GMT
Date: Tue, 15 Nov 2022 02:18:08 GMT
Connection: keep-alive

ocsp.pki.goog/s/gts1p5/yJiqwzofsT4

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/yJiqwzofsT4
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a190e06a3c2f374d829ac3ef97006feb
53ab0f07a8039d6ec123af53832bea592a5a0733
fbcde414bbaefa9b6a815443ad995a616a70c6c33ae4e213194fc42684fa2f81

HTTP Headers

POST /s/gts1p5/yJiqwzofsT4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 02:18:08 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

kvkggg.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif

104.21.5.141

200 OK

400 kB

URL HTTP/2
kvkggg.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
IP
104.21.5.141:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 960 x 60\012- data
Size
400 kB (400264 bytes)
Hash
b722c3905b96f11823e04826aafdd50e
68b63b572a042d40ab210aa313b7ebbc372be5a1
630c6a955789d5bb6311db75ce52e57ff4c12074ef5a5a080cf5459f907e9dc1

HTTP Headers

GET /95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP/1.1
Host: kvkggg.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.bbniu.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 15 Nov 2022 02:18:08 GMT
content-type: image/gif
content-length: 400264
last-modified: Mon, 02 May 2022 19:22:39 GMT
etag: "62702f7f-61b88"
expires: Sat, 10 Dec 2022 11:40:47 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 398241
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RgnUHE9Sqwu8gIqFJZ9OzdHuPArCSgQVNQpLooe11t6r5wFaFcY6K9EbMnHJpqMMehmrcUP79SE5HMWhauMh%2FBsEagjqNqKMu2l9SHnj6S53cOcP6cEMmKoD6%2FvB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a47e9ae977b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
0097ef0fb7aff4740673bbe3dc0671fc
a500c24387cb3964155499a6566097d0afee65a3
15b21a9cc8b96a0a5d559c99a5cb4bc2064ec3368a91137386daa5a2655e11b5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 02:18:08 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 13 Nov 2022 12:08:09 GMT
Expires: Sun, 20 Nov 2022 12:08:08 GMT
Etag: "a500c24387cb3964155499a6566097d0afee65a3"
Cache-Control: max-age=466799,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a47e9a7aadb521-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
0097ef0fb7aff4740673bbe3dc0671fc
a500c24387cb3964155499a6566097d0afee65a3
15b21a9cc8b96a0a5d559c99a5cb4bc2064ec3368a91137386daa5a2655e11b5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 02:18:08 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 13 Nov 2022 12:08:09 GMT
Expires: Sun, 20 Nov 2022 12:08:08 GMT
Etag: "a500c24387cb3964155499a6566097d0afee65a3"
Cache-Control: max-age=466799,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a47e9a7984b509-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
299cd3df5ae7031d1ba704b87ec99816
987333c5e3227c1df119b96d74da201d5f82663c
7b6831d1b91f6bd50412f841a8992271851811d8a7f07660f4d2bc27df0f1b55

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 02:18:08 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 11 Nov 2022 21:27:21 GMT
Expires: Fri, 18 Nov 2022 21:27:20 GMT
Etag: "987333c5e3227c1df119b96d74da201d5f82663c"
Cache-Control: max-age=327551,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a47e9aaec6b4ff-OSL

628536nyv.com/7f4326a942de44468e832f3775975026.gif

45.61.212.127

200 OK

102 kB

URL HTTP/1.1
628536nyv.com/7f4326a942de44468e832f3775975026.gif
IP
45.61.212.127:0
ASN
#53587 AZT

File type
GIF image data, version 89a, 750 x 150\012- data
Size
102 kB (102151 bytes)
Hash
eb2d786404404d76068eecb94ed0fea3
222b3896c1f7dac188d9d04b69990fb2888e89a4
acb9ec9b6d3000bf1a24d0a1c167aa1dd137438f8ef339cf7be7ebff9b26f824

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /7f4326a942de44468e832f3775975026.gif HTTP/1.1
Host: 628536nyv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "633a7a7c-18f07"
Date: Fri, 28 Oct 2022 10:48:25 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Mon, 03 Oct 2022 06:00:28 GMT
Accept-Ranges: bytes
X-Cache: HIT from cloud-us2-cdnb-27
Content-Length: 102151

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
299cd3df5ae7031d1ba704b87ec99816
987333c5e3227c1df119b96d74da201d5f82663c
7b6831d1b91f6bd50412f841a8992271851811d8a7f07660f4d2bc27df0f1b55

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 02:18:08 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 11 Nov 2022 21:27:21 GMT
Expires: Fri, 18 Nov 2022 21:27:20 GMT
Etag: "987333c5e3227c1df119b96d74da201d5f82663c"
Cache-Control: max-age=327551,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a47e98de720b06-OSL

ocsp.pki.goog/s/gts1p5/yJiqwzofsT4

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/yJiqwzofsT4
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a190e06a3c2f374d829ac3ef97006feb
53ab0f07a8039d6ec123af53832bea592a5a0733
fbcde414bbaefa9b6a815443ad995a616a70c6c33ae4e213194fc42684fa2f81

HTTP Headers

POST /s/gts1p5/yJiqwzofsT4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 02:18:08 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

u1022.com/fdb81046090e418b958f9fc3d83528d0.gif

103.170.15.45

200 OK

528 kB

URL HTTP/2
u1022.com/fdb81046090e418b958f9fc3d83528d0.gif
IP
103.170.15.45:0
ASN
#7483 Skycloud Computing co., Ltd.

File type
GIF image data, version 89a, 960 x 100\012- data
Size
528 kB (528107 bytes)
Hash
b835921ae97148cb73e491e4288ae077
392c16f2ee23667d7956bc601ee2f5927c16160d
acbe56eb9498265786e993eebf99780215d02e1cb27ea3a755f43a6134f10a55

HTTP Headers

GET /fdb81046090e418b958f9fc3d83528d0.gif HTTP/1.1
Host: u1022.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: max-age=86400
etag: "6367a25b-80eeb"
server: nginx
date: Tue, 08 Nov 2022 02:48:53 GMT
content-type: image/gif
last-modified: Sun, 06 Nov 2022 12:02:35 GMT
accept-ranges: bytes
x-cache: HIT from yd11_02-cdn-g01-la2-35
content-length: 528107
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
319e7a4a8a2b1e1d7c4240564de5d429
8f796c252635d1a38a35e00b6022977d90f652c3
907274baac112ebd20283906f185a878cf150ed50bc357b953ab37993c5ffcba

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 02:18:08 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 11:55:13 GMT
Expires: Sat, 19 Nov 2022 11:55:12 GMT
Etag: "8f796c252635d1a38a35e00b6022977d90f652c3"
Cache-Control: max-age=379623,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a47e9cbb7db521-OSL

sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894243920576.gif

52.184.85.124

200 OK

133 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894243920576.gif
IP
52.184.85.124:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 60\012- data
Size
133 kB (133073 bytes)
Hash
f44f18314d520e89498d1f67557c2697
bbdd1041f6be7316f0a565d525761a902959b6e6
303b74f93a5d4a4d3232e66f67e7e0f3f7a034495afdb766585e1aef792bded8

HTTP Headers

GET /static/uploads/image/x26/20221004/1664894243920576.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 16:53:20 GMT
ETag: "1667494400"
Expires: Sat, 03 Dec 2022 16:53:20 GMT
Last-Modified: Thu, 03 Nov 2022 16:53:20 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894286620122.gif

52.184.85.124

200 OK

132 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x26/20221004/1664894286620122.gif
IP
52.184.85.124:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 60\012- data
Size
132 kB (131724 bytes)
Hash
6815a174b1da262bb85e17910991d3ed
cbf03ab57a46f9301dac7cd0f7cf99c777b686c7
d0089533769022907251b9dd2fbd0c51fbd14b1326dda3cc2d990c1931fabc01

HTTP Headers

GET /static/uploads/image/x26/20221004/1664894286620122.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 16:53:20 GMT
ETag: "1667494400"
Expires: Sat, 03 Dec 2022 16:53:20 GMT
Last-Modified: Thu, 03 Nov 2022 16:53:20 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

8499483.com/8499/960x60.gif

172.247.50.227

200 OK

331 kB

URL HTTP/2
8499483.com/8499/960x60.gif
IP
172.247.50.227:0
ASN
#40065 CNSERVERS

File type
GIF image data, version 89a, 960 x 60\012- data
Size
331 kB (331043 bytes)
Hash
09f29e56330449942571a66f47f82fb5
30fc3421671176f6f724f32ee910470f03661ddc
b1a0f29b0a924b51c844351bddb87fddf9fa4ef5909f69f818e968f18413a725

HTTP Headers

GET /8499/960x60.gif HTTP/1.1
Host: 8499483.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 15 Nov 2022 02:18:08 GMT
content-type: image/gif
content-length: 331043
last-modified: Wed, 09 Nov 2022 06:22:39 GMT
etag: "50d23-5ed03aef4304d"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

592773xgg.com/56e348b7f7c348f1922df8e109029a89.gif

103.170.15.94

200 OK

679 kB

URL HTTP/1.1
592773xgg.com/56e348b7f7c348f1922df8e109029a89.gif
IP
103.170.15.94:0
ASN
#7483 Skycloud Computing co., Ltd.

File type
GIF image data, version 89a, 960 x 80\012- data
Size
679 kB (679154 bytes)
Hash
31a2c8b304c60ba0149121ba24738944
b7e41db8a64cd0e82db9423dc5feeaeae6be5d3e
a8de43276d16854ef7935475d9bb2cece4d62f93628a0546dc6587c147a135fa

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /56e348b7f7c348f1922df8e109029a89.gif HTTP/1.1
Host: 592773xgg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "635b8eeb-a5cf2"
Date: Wed, 02 Nov 2022 01:41:08 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Fri, 28 Oct 2022 08:12:27 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-24
Content-Length: 679154

sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894417817771.gif

52.184.85.124

200 OK

212 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894417817771.gif
IP
52.184.85.124:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 60\012- data
Size
212 kB (212163 bytes)
Hash
14c76e87c5da9f7226cf412026035c9d
a6cbebd6fd70a1975c7900dbacea379c7722bf94
b1cd2e21b685362b7688cc2444535ff135de009483da19cb9b5de4a0624eb9a4

HTTP Headers

GET /static/uploads/image/x22/20221004/1664894417817771.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 14:40:44 GMT
ETag: "1667486444"
Expires: Sat, 03 Dec 2022 14:40:44 GMT
Last-Modified: Thu, 03 Nov 2022 14:40:44 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894380503898.gif

52.184.85.124

200 OK

245 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894380503898.gif
IP
52.184.85.124:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 60\012- data
Size
245 kB (245365 bytes)
Hash
15b01b59267acae7726f30675e79d8bf
7449390411869cdc7b1b4ae6bee7e4fb7e893675
3c17fb36844b4fc9ead50ffc421dba8367ff08b4e307195f72323a2d9edec46d

HTTP Headers

GET /static/uploads/image/x22/20221004/1664894380503898.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 14:40:42 GMT
ETag: "1667486442"
Expires: Sat, 03 Dec 2022 14:40:42 GMT
Last-Modified: Thu, 03 Nov 2022 14:40:42 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

sysupload.csiteadmin.com/static/uploads/image/x51/20221111/1668166428315380.gif

52.184.85.124

200 OK

212 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x51/20221111/1668166428315380.gif
IP
52.184.85.124:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 60\012- data
Size
212 kB (211695 bytes)
Hash
0b39ec7c3e074e11a5629819f3aa4700
df59dbbb9d99b72d01f518d9c8484cd188440f0f
f89a04cd56e853388cad8b34084879771c6f49885033bb0a5c51402e60d468c8

HTTP Headers

GET /static/uploads/image/x51/20221111/1668166428315380.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 11 Nov 2022 11:38:09 GMT
ETag: "1668166689"
Expires: Sun, 11 Dec 2022 11:38:09 GMT
Last-Modified: Fri, 11 Nov 2022 11:38:09 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894322248517.gif

52.184.85.124

200 OK

258 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894322248517.gif
IP
52.184.85.124:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 60\012- data
Size
258 kB (257993 bytes)
Hash
038ba2e11d90524678f7762f4628513f
a41054637ff263d13570f7eec83a3286957edc80
51d5f69d306345589b0c376bcff99c50c48bda07e3d61a5d3c1a96181acefa71

HTTP Headers

GET /static/uploads/image/x22/20221004/1664894322248517.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 16:53:00 GMT
ETag: "1667494383"
Expires: Sat, 03 Dec 2022 16:53:00 GMT
Last-Modified: Thu, 03 Nov 2022 16:53:03 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

sysupload.csiteadmin.com/static/uploads/image/x26/20221021/1666352814488575.gif

52.184.85.124

200 OK

460 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x26/20221021/1666352814488575.gif
IP
52.184.85.124:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 120\012- data
Size
460 kB (459715 bytes)
Hash
d4e74dbadc18d9e35bc48b815b8f37de
07562effc5109ea41403466d5d8795ededa57030
7973bc38aaf7332a150691990b844ce1efb79ab82e4d262fcd5901e77a53112b

HTTP Headers

GET /static/uploads/image/x26/20221021/1666352814488575.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 21 Oct 2022 11:47:02 GMT
ETag: "1666352823"
Expires: Sun, 20 Nov 2022 11:47:02 GMT
Last-Modified: Fri, 21 Oct 2022 11:47:03 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894599409102.gif

52.184.85.124

200 OK

252 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221004/1664894599409102.gif
IP
52.184.85.124:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 60\012- data
Size
252 kB (251962 bytes)
Hash
feb5419ef22c0a10470f6cfe2b0f1517
412e6b8e6f4244071851549b9d5ba5fdf9a5b631
d889e702650ec0543cef9a6d281f576366872f31463f3b707498aac5cef2ae07

HTTP Headers

GET /static/uploads/image/x22/20221004/1664894599409102.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Thu, 03 Nov 2022 14:43:22 GMT
ETag: "1667486603"
Expires: Sat, 03 Dec 2022 14:43:22 GMT
Last-Modified: Thu, 03 Nov 2022 14:43:23 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

sysupload.csiteadmin.com/static/uploads/image/x22/20221021/1666352753192348.gif

52.184.85.124

200 OK

429 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221021/1666352753192348.gif
IP
52.184.85.124:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 120\012- data
Size
429 kB (428593 bytes)
Hash
60de0e198b93e9f487d4f1c77ed5db88
fa3070711f791e218c5235ff20bba7c086697f75
ab8489fad65bf627642df428a3ba8b3733ce209f60b5c5e4064d76a0d160dd41

HTTP Headers

GET /static/uploads/image/x22/20221021/1666352753192348.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 21 Oct 2022 11:45:54 GMT
ETag: "1666352754"
Expires: Sun, 20 Nov 2022 11:45:54 GMT
Last-Modified: Fri, 21 Oct 2022 11:45:54 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

sysupload.csiteadmin.com/static/uploads/image/x22/20221021/1666352536705082.gif

52.184.85.124

200 OK

423 kB

URL HTTP/1.1
sysupload.csiteadmin.com/static/uploads/image/x22/20221021/1666352536705082.gif
IP
52.184.85.124:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 120\012- data
Size
423 kB (423091 bytes)
Hash
05cb648d84c2606c9892128f3ae9892d
aacbe8019ae2afaf01cb75f291ecb852ab21e94e
1ecea29ead7cf4e13e61b83bf6b40832727c259807f3a5f963f6ba435ce0eeb1

HTTP Headers

GET /static/uploads/image/x22/20221021/1666352536705082.gif HTTP/1.1
Host: sysupload.csiteadmin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Encoding: gzip
Content-Type: image/gif
Date: Fri, 21 Oct 2022 11:42:20 GMT
ETag: "1666352541"
Expires: Sun, 20 Nov 2022 11:42:20 GMT
Last-Modified: Fri, 21 Oct 2022 11:42:21 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache: HIT, server, disk
Transfer-Encoding: chunked

p.qlogo.cn/qqmail_head/PiajxSqBRaEJ9B4UlyASnW3oH3MPQFqEtXG2iaiak1YbXXGG6NXuTKLQqz8Mo6C2CJ3MbwcCrQRmHw/0

43.154.254.32

200 OK

331 kB

URL HTTP/2
p.qlogo.cn/qqmail_head/PiajxSqBRaEJ9B4UlyASnW3oH3MPQFqEtXG2iaiak1YbXXGG6NXuTKLQqz8Mo6C2CJ3MbwcCrQRmHw/0
IP
43.154.254.32:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type
GIF image data, version 89a, 960 x 60\012- data
Size
331 kB (331043 bytes)
Hash
09f29e56330449942571a66f47f82fb5
30fc3421671176f6f724f32ee910470f03661ddc
b1a0f29b0a924b51c844351bddb87fddf9fa4ef5909f69f818e968f18413a725

HTTP Headers

GET /qqmail_head/PiajxSqBRaEJ9B4UlyASnW3oH3MPQFqEtXG2iaiak1YbXXGG6NXuTKLQqz8Mo6C2CJ3MbwcCrQRmHw/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Qnginx/1.4.4
date: Tue, 15 Nov 2022 02:18:08 GMT
content-type: image/gif
content-length: 331043
vary: Accept,Origin
last-modified: Sat, 12 Nov 2022 13:28:23 GMT
cache-control: max-age=2592000
x-delay: 198 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 331043
chid: 0
fid: 0
x-nws-log-uuid: 56ad57ca-07e7-4b34-8120-e207f9b7bbdb
X-Firefox-Spdy: h2

u1099.com/55792d2a5cc94721b2eb699169888cc7.gif

103.189.108.97

200 OK

358 kB

URL HTTP/2
u1099.com/55792d2a5cc94721b2eb699169888cc7.gif
IP
103.189.108.97:0
ASN
#0

File type
GIF image data, version 89a, 960 x 100\012- data
Size
358 kB (358424 bytes)
Hash
f129f8e22c360e9cc0b2de3a5e9cfe7b
d1371245e93d9600249330e7e3e2452f0b47d60a
15fa066d45d105edab17a539250f4293713408b03f9e04460b78dfa499dfad42

HTTP Headers

GET /55792d2a5cc94721b2eb699169888cc7.gif HTTP/1.1
Host: u1099.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: max-age=86400
etag: "6367a27f-57818"
server: nginx
date: Mon, 14 Nov 2022 10:57:09 GMT
content-type: image/gif
last-modified: Sun, 06 Nov 2022 12:03:11 GMT
accept-ranges: bytes
x-cache: HIT from ty8-cdn108-087
content-length: 358424
X-Firefox-Spdy: h2

n0522.com/4d6f5c464538416c8a4367f41accb357.gif

20.243.252.217

200 OK

234 kB

URL HTTP/1.1
n0522.com/4d6f5c464538416c8a4367f41accb357.gif
IP
20.243.252.217:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 960 x 100\012- data
Size
234 kB (234083 bytes)
Hash
4accb5edc5dd748c790fadf9b37bb1e4
f7b4853dfa6d176c56863a976e3ba723a24e00ce
4306964c6de77a1def7c9b8d0f97c8d08ec81a5e62dd01a1a364feb22bf7fd42

HTTP Headers

GET /4d6f5c464538416c8a4367f41accb357.gif HTTP/1.1
Host: n0522.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 02:18:09 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 06 Nov 2022 12:03:50 GMT
ETag: W/"6367a2a6-64308"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip

u1099.com/3cd54835899b4244a452da12a2401f29.gif

103.189.108.97

200 OK

383 kB

URL HTTP/2
u1099.com/3cd54835899b4244a452da12a2401f29.gif
IP
103.189.108.97:0
ASN
#0

File type
GIF image data, version 89a, 960 x 100\012- data
Size
383 kB (382842 bytes)
Hash
3ee8c68d9bcee9dba9e18883f7a79dd7
ca6173103323ab2685f5c50c81c2e80d50583ab9
150795ba625225a034b7d362f7f69c1523bbbafb9820610a47b9abad1c030af9

HTTP Headers

GET /3cd54835899b4244a452da12a2401f29.gif HTTP/1.1
Host: u1099.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: max-age=86400
etag: "6367a229-5d77a"
server: nginx
date: Mon, 14 Nov 2022 10:57:09 GMT
content-type: image/gif
last-modified: Sun, 06 Nov 2022 12:01:45 GMT
accept-ranges: bytes
x-cache: HIT from ty8-cdn108-087
content-length: 382842
X-Firefox-Spdy: h2

537882736.com/41a28e3efa3841c89761a8f637921969.gif

47.75.19.145

200 OK

579 kB

URL HTTP/1.1
537882736.com/41a28e3efa3841c89761a8f637921969.gif
IP
47.75.19.145:0
ASN
#45102 Alibaba US Technology Co., Ltd.

File type
GIF image data, version 89a, 750 x 120\012- data
Size
579 kB (579018 bytes)
Hash
54c2a3fb838c8e711bbe07220637d637
77e33ed77eb68c23320c059105fb2c900141301e
fc832269e62682138155c4f5e7f34f36512d1bfe69482fbc4a2cc3d27251c8e1

HTTP Headers

GET /41a28e3efa3841c89761a8f637921969.gif HTTP/1.1
Host: 537882736.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bbniu.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: AliyunOSS
Date: Tue, 15 Nov 2022 02:18:08 GMT
Content-Type: image/gif
Content-Length: 579018
Connection: keep-alive
x-oss-request-id: 6372F6E0FDBA0C3038991E52
Accept-Ranges: bytes
ETag: "54C2A3FB838C8E711BBE07220637D637"
Last-Modified: Thu, 20 Oct 2022 10:49:39 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8834985976416227178
x-oss-storage-class: Standard
Content-MD5: VMKj+4OMjnEbvgciBjfWNw==
x-oss-server-time: 2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash