Report - lxrvzdvv.top/

Report Overview

Visited public
2023-09-28 10:42:38
Tags
URL
lxrvzdvv.top/
Finishing URL
lxrvzdvv.top/
IP / ASN
172.67.205.218
#13335 CLOUDFLARENET
Title
WWW.38SV,COM_WWW38SVCOM_成人首頁

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ia.51.la	59607	2005-01-17	2017-10-31 09:01:51	2023-09-27 20:07:03	1.0 kB	0 B	0.0.0.0
lxrvzdvv.top	unknown	unknown	2021-07-20 05:42:09	2023-06-13 16:55:26	12 kB	1.5 MB	172.67.205.218
www.lelifi.com	unknown	2015-11-26	2020-05-02 09:32:26	2023-09-14 05:56:56	842 B	9.4 kB	104.21.46.15
js.users.51.la	53024	2005-01-17	2012-05-30 17:10:11	2023-09-27 20:07:01	399 B	2.7 kB	42.236.73.40
sp0.baidu.com	18423	1999-10-11	2014-12-06 00:12:12	2023-09-28 05:59:20	464 B	114 B	104.193.88.123
collect-v6.51.la	91421	2005-01-17	2021-03-08 17:03:54	2023-09-28 04:27:21	455 B	487 B	203.107.86.226
sdk.51.la	88367	2005-01-17	2021-03-08 17:03:51	2023-09-27 11:49:11	402 B	35 kB	47.246.44.205

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-09-28 10:42:18	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-09-28	medium	lxrvzdvv.top	Sinkholed
2023-09-28	medium	lxrvzdvv.top	Sinkholed
2023-09-28	medium	lxrvzdvv.top	Sinkholed
2023-09-28	medium	lxrvzdvv.top	Sinkholed
2023-09-28	medium	lxrvzdvv.top	Sinkholed
2023-09-28	medium	lxrvzdvv.top	Sinkholed
2023-09-28	medium	lxrvzdvv.top	Sinkholed
2023-09-28	medium	lxrvzdvv.top	Sinkholed
2023-09-28	medium	lxrvzdvv.top	Sinkholed
2023-09-28	medium	lxrvzdvv.top	Sinkholed
2023-09-28	medium	lxrvzdvv.top	Sinkholed
2023-09-28	medium	lxrvzdvv.top	Sinkholed
2023-09-28	medium	lxrvzdvv.top	Sinkholed
2023-09-28	medium	lxrvzdvv.top	Sinkholed
2023-09-28	medium	lxrvzdvv.top	Sinkholed
2023-09-28	medium	lxrvzdvv.top	Sinkholed
2023-09-28	medium	lxrvzdvv.top	Sinkholed
2023-09-28	medium	lxrvzdvv.top	Sinkholed
2023-09-28	medium	lxrvzdvv.top	Sinkholed
2023-09-28	medium	lxrvzdvv.top	Sinkholed
2023-09-28	medium	lxrvzdvv.top	Sinkholed
2023-09-28	medium	lxrvzdvv.top	Sinkholed
2023-09-28	medium	lxrvzdvv.top	Sinkholed
2023-09-28	medium	lxrvzdvv.top	Sinkholed

ThreatFox

No alerts detected

JavaScript (13)

	URL	From	Size	First Seen	Last Seen
	www.lelifi.com/app/app.js?t=shang&c=google&mb=1	ScriptElement	3.9 kB	2023-09-28	2023-10-01
Pretty URL www.lelifi.com/app/app.js?t=shang&c=google&mb=1 IP 104.21.46.15 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-28 12:42 Last Seen2023-10-01 16:44 Times Seen4 Hash 75c44ed39c5b0b00b71579d585d80093 23d2ca7d7b6434cc1d66790f89245ee875d9dac0 c679926897f89f6e8f8de17c20580c97fc5f4bdd1fd17747c26c6eba69306a0d Loading...

	lxrvzdvv.top/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	ScriptElement	1.2 kB	2023-03-07	2025-05-09
Pretty URL lxrvzdvv.top/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 172.67.205.218 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 12:24 Times Seen68212 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

	lxrvzdvv.top/	ScriptElement	856 B	2023-03-07	2025-04-21
Pretty URL lxrvzdvv.top/ IP 172.67.205.218 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 13:50 Last Seen2025-04-21 04:41 Times Seen247 Hash 813d5eee2d857d7bea86c632ba03a904 ceb7a51474c47805318da22a1c955e84f833c344 4c642a5a127c0cef85f75c4bdcaae5649b7536990656809c74a32040418d9426 Loading...

	lxrvzdvv.top/Baidu.js	ScriptElement	656 B	2023-06-19	2024-08-21
Pretty URL lxrvzdvv.top/Baidu.js IP 172.67.205.218 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-19 10:55 Last Seen2024-08-21 07:46 Times Seen5 Hash 25e32362c5ef85bec57d1bf51187f856 b029fb3fc5722f9a9084de716bb1fb699ab9432f 762f83f0bd3defd57aecc60ab2731aeccd464d59b1638f289eef9df5a869ed68 Loading...

	sdk.51.la/js-sdk-pro.min.js	ScriptElement	34 kB	2023-04-05	2025-05-09
Pretty URL sdk.51.la/js-sdk-pro.min.js IP 47.246.44.205 ASN #24429 Zhejiang Taobao Network Co.,Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 07:31 Last Seen2025-05-09 04:56 Times Seen8540 Hash 8fc0b01d35300e8398d6e957987c01e7 f1eb32c75b8d8e4b0555ebc2a5f5d1d60296f41e b164aafa0bb83dfe511912ca2ca475880bfffac8d8f098c947fd3d4af440d3a4 Loading...

	lxrvzdvv.top/Aquery.js	ScriptElement	540 B	2023-04-19	2025-04-21
Pretty URL lxrvzdvv.top/Aquery.js IP 172.67.205.218 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-19 08:29 Last Seen2025-04-21 04:41 Times Seen371 Hash f6b7afcc4a01363d039ba7138ac342f2 13d5b83bef56227c24f19d38a57a6849bec94945 e6d112f55c1cb75702e1b5abd7634c6e1a97ce467f6cf51e8946d54f4d9bde81 Loading...

	unknown	ScriptElement	848 B	2023-07-23	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-23 13:27 Last Seen2024-08-21 05:37 Times Seen1 Hash aac315fa7dd09da0d8fd76fbaa5e8885 15b13ad3ba0065d63748dbd0e87ed4db6c3df485 67026c81023928494ed0541556d8e6595f7448a0d035d26eb07c0195d19e4013 Loading...

	js.users.51.la/21599467.js	ScriptElement	4.9 kB	2023-06-19	2024-08-21
Pretty URL js.users.51.la/21599467.js IP 42.236.73.40 ASN #4837 CHINA UNICOM China169 Backbone Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-19 10:55 Last Seen2024-08-21 07:46 Times Seen5 Hash a330a374322f826ada7beb199b494123 76ea226b24cd50d78f6a894cac212a513a9e88a8 0e4a686399728ac5016c8671155be159ba22414339e9498de33e6ef416ea9f72 Loading...

		Size	First Seen	Last Seen
	#1 Eval - dc3a1051aa2ba934cd62b5d757a7c6e5	196 B	2023-03-07 13:50	2025-04-21 04:41
Pretty Observations First Seen2023-03-07 13:50 Last Seen2025-04-21 04:41 Times Seen368 Hash dc3a1051aa2ba934cd62b5d757a7c6e5 a464c2307e5e740dad89fdc9fa3400adc498efad bd5aeb37068d06e56b6d1cf0fe66f8e8d22456fdc32fe65c767c200c456e4322 Loading...

		Size	First Seen	Last Seen
	#1 Write - 6d58da5507e1a234ecbf7cdc4514884e	508 B	2023-05-27 07:37	2024-08-21 08:34
Pretty Observations First Seen2023-05-27 07:37 Last Seen2024-08-21 08:34 Times Seen30 Hash 6d58da5507e1a234ecbf7cdc4514884e f19c14ea2788c1e88459bf180cb7eec333f7ad9f 2430e0ea9e4090d6f43f761ca0c42ff88c3b60017478f4d920f308cdd096e010 Loading...

	#2 Write - 92cb4aa91297d41aa3fe0aa42d430beb	81 B	2023-06-19 10:55	2024-08-21 07:46
Pretty Observations First Seen2023-06-19 10:55 Last Seen2024-08-21 07:46 Times Seen5 Hash 92cb4aa91297d41aa3fe0aa42d430beb 1228a21bcdcf4de03b7ed8a22aa139b5f17ba39f 5b95c3fd561729032950daf5f8a759a2d8e18a8e0a05daf01e67ced59ca9b9f2 Loading...

	#3 Write - 51772793ebecc704e9e0e86e6e2ce9be	79 B	2023-03-07 13:50	2025-04-21 04:41
Pretty Observations First Seen2023-03-07 13:50 Last Seen2025-04-21 04:41 Times Seen334 Hash 51772793ebecc704e9e0e86e6e2ce9be 3da0e353c7ad33e25ff3748452a6c0595bc3eaf5 b4830d355ac6ef649ad71c2e4c55dbb5ed68f89d348b337f65471b48360a75fd Loading...

	#4 Write - a3019cd92bd80a5f16a3dfba4cafe210	79 B	2023-03-07 13:50	2025-04-21 04:41
Pretty Observations First Seen2023-03-07 13:50 Last Seen2025-04-21 04:41 Times Seen336 Hash a3019cd92bd80a5f16a3dfba4cafe210 b5134581876849ce1285db5bd03abc7b9df22366 dfdc1ca42f286d643fedd269f3d04bbcbf9338937003f4071c6c9a3652f28f22 Loading...

HTTP Transactions (31)

URL IP Response Size

lxrvzdvv.top/template/1999/images/w-2.jpg

172.67.205.218

200 OK

5.3 kB

URL GET HTTP/3
lxrvzdvv.top/template/1999/images/w-2.jpg
IP
172.67.205.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lxrvzdvv.top/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint92:77:C3:9E:B4:DF:17:E3:AE:EE:16:5B:DB:6D:88:D3:B5:F0:21:11
ValidityTue, 13 Jun 2023 00:00:00 GMT - Wed, 12 Jun 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x230, components 3\012- data
Size
5.3 kB (5319 bytes)
Hash
50bca1d3a73547cc74cdcf66e0b3a103
de1d3fc9a587810675fb3fed5bf5d9f744f5b945
6040718d2bbdb2b61eac2573d6003c8cf4b9750cc2f526e98ec1ef93bdfc2b44

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /template/1999/images/w-2.jpg HTTP/1.1
Host: lxrvzdvv.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lxrvzdvv.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 28 Sep 2023 10:42:19 GMT
content-type: image/jpeg
content-length: 5319
last-modified: Wed, 16 Oct 2019 06:00:58 GMT
etag: "5da6b21a-14c7"
expires: Sat, 28 Oct 2023 10:42:19 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JwnObUfRbk7Lskuhk6n4FxYYfncTCvki67hgA7YxSTMbSkqBzAwavHnAT%2FJIDX4WEq5Z2K8qqhWiGmF%2FwsjceUp9ZRwZONKcLSPbrVmrqvRO6zw2Cip9sPMAG611sKE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80db6107edf3568f-OSL
alt-svc: h3=":443"; ma=86400

lxrvzdvv.top/template/1999/images/w-1.jpg

172.67.205.218

200 OK

6.5 kB

URL GET HTTP/3
lxrvzdvv.top/template/1999/images/w-1.jpg
IP
172.67.205.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lxrvzdvv.top/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint92:77:C3:9E:B4:DF:17:E3:AE:EE:16:5B:DB:6D:88:D3:B5:F0:21:11
ValidityTue, 13 Jun 2023 00:00:00 GMT - Wed, 12 Jun 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x230, components 3\012- data
Size
6.5 kB (6479 bytes)
Hash
cc84983efd394e18f4cd97314e0c81a8
b01139d1d592dffec3cb0baeba182a843a201bae
e541ae244642cd94838419b061241d2540af6faebd21d4aff8834e1867c12c03

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /template/1999/images/w-1.jpg HTTP/1.1
Host: lxrvzdvv.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lxrvzdvv.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 28 Sep 2023 10:42:19 GMT
content-type: image/jpeg
content-length: 6479
last-modified: Wed, 16 Oct 2019 06:00:58 GMT
etag: "5da6b21a-194f"
expires: Sat, 28 Oct 2023 10:42:19 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ON1BisEspk3wlBLcbvJcbGkgAcABNFP3oVkKiIlylo5tw9S2xRsHwhU6lvCTMvE2stSsXl7v828PC6pBmn98LZRJXdr8ICX6T1B5ZhAWG6KvO9qE%2BY%2BetAODSzaGWos%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80db6107edf2568f-OSL
alt-svc: h3=":443"; ma=86400

lxrvzdvv.top/template/1999/images/w-3.jpg

172.67.205.218

200 OK

3.7 kB

URL GET HTTP/3
lxrvzdvv.top/template/1999/images/w-3.jpg
IP
172.67.205.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lxrvzdvv.top/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint92:77:C3:9E:B4:DF:17:E3:AE:EE:16:5B:DB:6D:88:D3:B5:F0:21:11
ValidityTue, 13 Jun 2023 00:00:00 GMT - Wed, 12 Jun 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x230, components 3\012- data
Size
3.7 kB (3690 bytes)
Hash
866662e7830a017d358a106e5b756cd1
cf45e39bee663fe7809eca55a8446184ee0b137b
26fe5fbe764944c895a4cd9e9f90412c09dff2a7cf2ac6b17b0b8fb078535745

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /template/1999/images/w-3.jpg HTTP/1.1
Host: lxrvzdvv.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lxrvzdvv.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 28 Sep 2023 10:42:19 GMT
content-type: image/jpeg
content-length: 3690
last-modified: Wed, 16 Oct 2019 06:00:58 GMT
etag: "5da6b21a-e6a"
expires: Sat, 28 Oct 2023 10:42:19 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lIXmHalGsipLPY4omIhKj0RoS1szG%2FIkI3qCC8nykCRC%2FGEioAXOatMTeU0qDaYtrIhKLSRytNUOG3sMhsl9DsQwAhESXsmK6AhCx93ewa4G4BTwj3mFFR9W0TxLvyI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80db6107edf4568f-OSL
alt-svc: h3=":443"; ma=86400

lxrvzdvv.top/template/1999/images/o-1.jpg

172.67.205.218

200 OK

9.7 kB

URL GET HTTP/3
lxrvzdvv.top/template/1999/images/o-1.jpg
IP
172.67.205.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lxrvzdvv.top/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint92:77:C3:9E:B4:DF:17:E3:AE:EE:16:5B:DB:6D:88:D3:B5:F0:21:11
ValidityTue, 13 Jun 2023 00:00:00 GMT - Wed, 12 Jun 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 475x300, components 3\012- data
Size
9.7 kB (9744 bytes)
Hash
f83966983adba3a39957fc316b3c79b2
6207043e1a2f9f08e8f351ccba09d861742ac790
457871b50e638b9920eaf5cb589edfe2300ec19dc4e19e3c02cb37c54eb60509

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /template/1999/images/o-1.jpg HTTP/1.1
Host: lxrvzdvv.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lxrvzdvv.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 28 Sep 2023 10:42:19 GMT
content-type: image/jpeg
content-length: 9744
last-modified: Wed, 16 Oct 2019 06:00:58 GMT
etag: "5da6b21a-2610"
expires: Sat, 28 Oct 2023 10:42:19 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cyp4lBBPbS7B497nFLOCnoL9d8fTyaPcFGN3JZFgmdzjrVzNhHL%2BKTEEu4Ilvfhp4hC0sxs9e32Ww1PoVucMv%2FBrDNUaCkwCDTeA%2BIeVsinX1%2BEpbvrtRLH29jK41AY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80db6107edf6568f-OSL
alt-svc: h3=":443"; ma=86400

lxrvzdvv.top/template/1999/images/o-3.jpg

172.67.205.218

200 OK

8.8 kB

URL GET HTTP/3
lxrvzdvv.top/template/1999/images/o-3.jpg
IP
172.67.205.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lxrvzdvv.top/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint92:77:C3:9E:B4:DF:17:E3:AE:EE:16:5B:DB:6D:88:D3:B5:F0:21:11
ValidityTue, 13 Jun 2023 00:00:00 GMT - Wed, 12 Jun 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 475x300, components 3\012- data
Size
8.8 kB (8826 bytes)
Hash
31c4b4db93bce01a331840809e0ab11e
2eeb68b4bf8e0cdb4a0be96f9c4a015382741bb7
6af7c6bd84401f7c780377b3b767ad8ac6a9273ec2bfd00645e30e1476b92074

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /template/1999/images/o-3.jpg HTTP/1.1
Host: lxrvzdvv.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lxrvzdvv.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 28 Sep 2023 10:42:19 GMT
content-type: image/jpeg
content-length: 8826
last-modified: Wed, 16 Oct 2019 06:00:58 GMT
etag: "5da6b21a-227a"
expires: Sat, 28 Oct 2023 10:42:19 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mstdc0G3GHd5clU960FONr1YUvXQTuJKVZyAqijn3IQawkNc93kT6W5ncaPR5NhUv%2Fv40OlbTBXhFfGq9fwVmuQ6hPyr5veNO%2BsJUz2f8F7SJNdP6hBj43g%2FDooxRZU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80db6107edfa568f-OSL
alt-svc: h3=":443"; ma=86400

lxrvzdvv.top/template/1999/images/n-3.jpg

172.67.205.218

200 OK

6.7 kB

URL GET HTTP/3
lxrvzdvv.top/template/1999/images/n-3.jpg
IP
172.67.205.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lxrvzdvv.top/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint92:77:C3:9E:B4:DF:17:E3:AE:EE:16:5B:DB:6D:88:D3:B5:F0:21:11
ValidityTue, 13 Jun 2023 00:00:00 GMT - Wed, 12 Jun 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 350x270, components 3\012- data
Size
6.7 kB (6686 bytes)
Hash
af1f80a29a5a067ae19fd84e5c5e9844
c07a451477e7dd6f0c014e3b992df080ea8dc8c8
4c3cd294d1870009d902f2d1f1c6a1cfceccffd81caa845b3a27f1d3347e58fd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /template/1999/images/n-3.jpg HTTP/1.1
Host: lxrvzdvv.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lxrvzdvv.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 28 Sep 2023 10:42:19 GMT
content-type: image/jpeg
content-length: 6686
last-modified: Wed, 16 Oct 2019 06:00:58 GMT
etag: "5da6b21a-1a1e"
expires: Sat, 28 Oct 2023 10:42:19 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rft3V%2B5KQ6%2FBJXVWIbUDtb7wIKf1jrw1Shlal%2F9zQJCUku04hJwek0zps0Cqok2ilzn4OXEYqXwUVPvUJH6gssvTZ60svRJXAsqQK6O17Pekz4RjTaa9KQT5lvBOP1o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80db61084e3d568f-OSL
alt-svc: h3=":443"; ma=86400

lxrvzdvv.top/template/1999/images/n-2.jpg

172.67.205.218

200 OK

8.8 kB

URL GET HTTP/3
lxrvzdvv.top/template/1999/images/n-2.jpg
IP
172.67.205.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lxrvzdvv.top/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint92:77:C3:9E:B4:DF:17:E3:AE:EE:16:5B:DB:6D:88:D3:B5:F0:21:11
ValidityTue, 13 Jun 2023 00:00:00 GMT - Wed, 12 Jun 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 350x270, components 3\012- data
Size
8.8 kB (8811 bytes)
Hash
28c80012b1cf2d3f711d6e9f5f69387f
916a578b67baaf7f73d261bd38567e286b100edd
6428557daa328192a63d73136baaf7cb05bdc92c4c58a2bafae5861a803ddefc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /template/1999/images/n-2.jpg HTTP/1.1
Host: lxrvzdvv.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lxrvzdvv.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 28 Sep 2023 10:42:19 GMT
content-type: image/jpeg
content-length: 8811
last-modified: Wed, 16 Oct 2019 06:00:58 GMT
etag: "5da6b21a-226b"
expires: Sat, 28 Oct 2023 10:42:19 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z2fi%2FM5KsUT9zRV%2FyzEUFRRayTxsPnjzKdZiMojWNzzclK9lRMYvWnBXRHWDGb4bie2gspnKZ2BRlHMGmuyzjwtoiq0odNzYWKEkozO3%2BSDwQ%2FHIkgSbslAR2YWvxsA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80db61084e3c568f-OSL
alt-svc: h3=":443"; ma=86400

lxrvzdvv.top/template/1999/images/n-1.jpg

172.67.205.218

200 OK

9.4 kB

URL GET HTTP/3
lxrvzdvv.top/template/1999/images/n-1.jpg
IP
172.67.205.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lxrvzdvv.top/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint92:77:C3:9E:B4:DF:17:E3:AE:EE:16:5B:DB:6D:88:D3:B5:F0:21:11
ValidityTue, 13 Jun 2023 00:00:00 GMT - Wed, 12 Jun 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 350x270, components 3\012- data
Size
9.4 kB (9364 bytes)
Hash
49b308eeb3070f777f273ee7bfc9921b
97d27d432ffcc8e78d13318230f617228584b6e4
136c232d1547e86b92af94794e962974da311b62da5270c8a6d8e08aad9d3270

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /template/1999/images/n-1.jpg HTTP/1.1
Host: lxrvzdvv.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lxrvzdvv.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 28 Sep 2023 10:42:19 GMT
content-type: image/jpeg
content-length: 9364
last-modified: Wed, 16 Oct 2019 06:00:58 GMT
etag: "5da6b21a-2494"
expires: Sat, 28 Oct 2023 10:42:19 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pFAMDeCWXuvd1RPIUbQRCYfB%2Bb5tB9UG0at2effAuNA%2BLaXccc4WamZq1ddIUqgUhiUShrwo2rxznWo4cXXObZRNqP4iE04FLpFM0Ge5Hlv035a0tG39v8IGGAezYaY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80db61084e3a568f-OSL
alt-svc: h3=":443"; ma=86400

lxrvzdvv.top/template/1999/images/p-1.jpg

172.67.205.218

200 OK

6.2 kB

URL GET HTTP/3
lxrvzdvv.top/template/1999/images/p-1.jpg
IP
172.67.205.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lxrvzdvv.top/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint92:77:C3:9E:B4:DF:17:E3:AE:EE:16:5B:DB:6D:88:D3:B5:F0:21:11
ValidityTue, 13 Jun 2023 00:00:00 GMT - Wed, 12 Jun 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 335x180, components 3\012- data
Size
6.2 kB (6182 bytes)
Hash
ffba33c3f79c79e78c1df53d85ce33dd
3f459ce4ac555273764fce47b584b8940f62fd87
7ede6502d97054ad3440c0f3e3edf747b03212ae2a49599bde139887ebba9fb6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /template/1999/images/p-1.jpg HTTP/1.1
Host: lxrvzdvv.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lxrvzdvv.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 28 Sep 2023 10:42:19 GMT
content-type: image/jpeg
content-length: 6182
last-modified: Wed, 16 Oct 2019 06:00:58 GMT
etag: "5da6b21a-1826"
expires: Sat, 28 Oct 2023 10:42:19 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sm5%2Bcwj38rSLb5%2BrgH%2B5u4KxTRAG%2BmAofthhijv6KRu%2FlN74ZzrM9VLZltUiURRmaZokULV0kjPW45y6kwhWR25YrW1jHFWdELLVI20VHoaQeTFdfV7aIGTlgi8xbyE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80db61084e48568f-OSL
alt-svc: h3=":443"; ma=86400

lxrvzdvv.top/template/1999/images/o-2.jpg

172.67.205.218

200 OK

20 kB

URL GET HTTP/3
lxrvzdvv.top/template/1999/images/o-2.jpg
IP
172.67.205.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lxrvzdvv.top/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint92:77:C3:9E:B4:DF:17:E3:AE:EE:16:5B:DB:6D:88:D3:B5:F0:21:11
ValidityTue, 13 Jun 2023 00:00:00 GMT - Wed, 12 Jun 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 665x300, components 3\012- data
Size
20 kB (20044 bytes)
Hash
e14e3bcc00e7f96445b1ba8fcc3ac5f9
2026cfc1eaf85d124bf206c7713a57c557e9cc1d
082b028bc8d1be797cf2ade4a4f5a885a0646b71fce6c99e287818b3e647ac95

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /template/1999/images/o-2.jpg HTTP/1.1
Host: lxrvzdvv.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lxrvzdvv.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 28 Sep 2023 10:42:20 GMT
content-type: image/jpeg
content-length: 20044
last-modified: Wed, 16 Oct 2019 06:00:58 GMT
etag: "5da6b21a-4e4c"
expires: Sat, 28 Oct 2023 10:42:19 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2BIp8vvliMqQCQdPU2djl1qE3mOA6UMbfg5HBtJivuIzgHWYT0EB4nA5I8mP2xJNpcyPq8EswsAWQSkcv8ctTEMnkDPJ1VK0xLg7JYz%2FwMPEYcj2SCoxcxCYieQ5zps%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80db6107edf8568f-OSL
alt-svc: h3=":443"; ma=86400

www.lelifi.com/app/app.js?t=xia&c=googleee&mb=1

104.21.46.15

200 OK

4.1 kB

URL GET HTTP/2
www.lelifi.com/app/app.js?t=xia&c=googleee&mb=1
IP
104.21.46.15:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lxrvzdvv.top/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA7:86:67:95:65:3F:9F:95:2C:EB:56:1E:31:DA:D9:C2:31:58:79:9F
ValidityWed, 24 May 2023 00:00:00 GMT - Thu, 23 May 2024 23:59:59 GMT

File type
HTML document text\012- HTML document, ASCII text, with very long lines (318)
Size
4.1 kB (4102 bytes)
Hash
75c44ed39c5b0b00b71579d585d80093
23d2ca7d7b6434cc1d66790f89245ee875d9dac0
c679926897f89f6e8f8de17c20580c97fc5f4bdd1fd17747c26c6eba69306a0d

HTTP Headers

GET /app/app.js?t=xia&c=googleee&mb=1 HTTP/1.1
Host: www.lelifi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lxrvzdvv.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 28 Sep 2023 10:42:20 GMT
content-type: application/javascript
last-modified: Wed, 27 Sep 2023 12:41:13 GMT
vary: Accept-Encoding
etag: W/"651422e9-f1e"
expires: Thu, 28 Sep 2023 22:42:20 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SLvWcdRjQJiD%2B6jlGPMH4%2B%2FFqu51mlrNTvN5cvkiMK6c%2FguFsrDEif0cD2gxMT8qAY9Ra%2FFmSrSL%2Bfc4NgHA2uqAX5X3oDXdUGk4DoymRK8%2FKqgMskdSk8lWab3WpCl1rg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80db610bfb3a56ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

lxrvzdvv.top/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

172.67.205.218

200 OK

14 kB

URL GET HTTP/3
lxrvzdvv.top/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
172.67.205.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lxrvzdvv.top/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint92:77:C3:9E:B4:DF:17:E3:AE:EE:16:5B:DB:6D:88:D3:B5:F0:21:11
ValidityTue, 13 Jun 2023 00:00:00 GMT - Wed, 12 Jun 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (34110)
Size
14 kB (13501 bytes)
Hash
b8d51e17209ef0eb338a411ee20a7462
55d2ab8bfc9c7a3847da13538de4aa7091853a19
0032b86b61f1d2fe78d6d6c7d37f6b86a9ff5ab978e055ed289404d39feb2a8f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: lxrvzdvv.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lxrvzdvv.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 28 Sep 2023 10:42:19 GMT
content-type: application/javascript
last-modified: Mon, 25 Sep 2023 16:02:33 GMT
etag: W/"6511af19-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0QmSiKhuPG3J4%2Ft03eKcjEy3Im48ZGi42SD8VyuRh1o4wx526fHgTJAf5mIfv4JOk%2F2m8OxbYjtDp4BxtgUIlQTCykYL4bz1XUDgNMTecpuQxNqdOpBOvmMf7PpdWv4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80db6108ae9c568f-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sat, 30 Sep 2023 10:42:19 GMT
cache-control: max-age=172800, public
content-encoding: gzip

lxrvzdvv.top/template/1999/images/s-arw.png

172.67.205.218

200 OK

3.0 kB

URL GET HTTP/3
lxrvzdvv.top/template/1999/images/s-arw.png
IP
172.67.205.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lxrvzdvv.top/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint92:77:C3:9E:B4:DF:17:E3:AE:EE:16:5B:DB:6D:88:D3:B5:F0:21:11
ValidityTue, 13 Jun 2023 00:00:00 GMT - Wed, 12 Jun 2024 23:59:59 GMT

File type
PNG image data, 8 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
3.0 kB (2987 bytes)
Hash
7ff078526d9ce3f91c68b520cb689733
2617d2df9a8e314eaef1f51ce3982337c11d37d8
6efae4ea0217078013521ada1bdca68a1b3556d91e536db3b9486abe3d29d82c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /template/1999/images/s-arw.png HTTP/1.1
Host: lxrvzdvv.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lxrvzdvv.top/template/1999/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 28 Sep 2023 10:42:21 GMT
content-type: image/png
content-length: 2987
last-modified: Tue, 15 Oct 2019 07:56:48 GMT
etag: "5da57bc0-bab"
expires: Sat, 28 Oct 2023 10:42:21 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BEtz049jFSm%2FLdzDL3DVw7GN0cXGEAQvQCV%2FVI%2Fhyla3EBstFrpEN7rgcCGPA%2FOcrPzl6t6AO5ahCEDV2K9TPyKj46EuR3CJbcYMhpaHvmMFaJo7psSBOCm0ki3xK%2B0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80db61112dca568f-OSL
alt-svc: h3=":443"; ma=86400

lxrvzdvv.top/template/1999/fonts/glyphicons-halflings-regular.woff2

172.67.205.218

200 OK

18 kB

URL GET HTTP/3
lxrvzdvv.top/template/1999/fonts/glyphicons-halflings-regular.woff2
IP
172.67.205.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lxrvzdvv.top/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint92:77:C3:9E:B4:DF:17:E3:AE:EE:16:5B:DB:6D:88:D3:B5:F0:21:11
ValidityTue, 13 Jun 2023 00:00:00 GMT - Wed, 12 Jun 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18028, version 1.589\012- data
Size
18 kB (18028 bytes)
Hash
448c34a56d699c29117adc64c43affeb
ca35b697d99cae4d1b60f2d60fcd37771987eb07
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /template/1999/fonts/glyphicons-halflings-regular.woff2 HTTP/1.1
Host: lxrvzdvv.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://lxrvzdvv.top/template/1999/css/bootstrap.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 28 Sep 2023 10:42:21 GMT
content-type: font/woff2
content-length: 18028
last-modified: Tue, 15 Oct 2019 07:56:48 GMT
etag: "5da57bc0-466c"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5gw00zQ%2FCQzh9OIS9O3CtSc1LmbIAK5xBLVu68%2FZsagVeamljPWoOHBXmV4vpX%2FUDsbyP2m6oTDzlMORos48x5RHI2nobOaFs2KOATlemQ0dG%2F3v7vG1fiTdFKE6mA4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80db61115df3568f-OSL
alt-svc: h3=":443"; ma=86400

lxrvzdvv.top/template/1999/fonts/Roboto-Regular.ttf

172.67.205.218

200 OK

163 kB

URL GET HTTP/3
lxrvzdvv.top/template/1999/fonts/Roboto-Regular.ttf
IP
172.67.205.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lxrvzdvv.top/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint92:77:C3:9E:B4:DF:17:E3:AE:EE:16:5B:DB:6D:88:D3:B5:F0:21:11
ValidityTue, 13 Jun 2023 00:00:00 GMT - Wed, 12 Jun 2024 23:59:59 GMT

File type
TrueType Font data, 18 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.RobotoRegularVersion 2.001101; 2014Roboto-Regular\012- data
Size
163 kB (162876 bytes)
Hash
ac3f799d5bbaf5196fab15ab8de8431c
cb0cb91a31f43293bd7042ddab945ce161c29d3d
f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /template/1999/fonts/Roboto-Regular.ttf HTTP/1.1
Host: lxrvzdvv.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lxrvzdvv.top/template/1999/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 28 Sep 2023 10:42:21 GMT
content-type: application/octet-stream
content-length: 162876
last-modified: Tue, 15 Oct 2019 07:56:48 GMT
etag: "5da57bc0-27c3c"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8U%2Fb%2FucSTyE9MAQGhO6H%2FPJtVn24B1PjQTfQaLUqJqrSaXbsEtZLeHSlaVHYiunLGZOLLTDUSZe55e05JwxOWiMVf32eEbGXams90JTgFe5sBxtKI2UD1RzSZd7gg2Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80db61112dd2568f-OSL
alt-svc: h3=":443"; ma=86400

lxrvzdvv.top/template/1999/fonts/Play-Regular.ttf

172.67.205.218

200 OK

171 kB

URL GET HTTP/3
lxrvzdvv.top/template/1999/fonts/Play-Regular.ttf
IP
172.67.205.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lxrvzdvv.top/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint92:77:C3:9E:B4:DF:17:E3:AE:EE:16:5B:DB:6D:88:D3:B5:F0:21:11
ValidityTue, 13 Jun 2023 00:00:00 GMT - Wed, 12 Jun 2024 23:59:59 GMT

File type
TrueType Font data, 17 tables, 1st "FFTM", 115 names, Macintosh\012- data
Size
171 kB (171084 bytes)
Hash
caf6ce847a7441c579e0ce2e47a11fd3
2b14bfd6ece67b71793768875776c191c2fb54ce
a16d8a926b82d5391cb041f928ac8a1597fc713e9bbb65e09f923b4990b58b22

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /template/1999/fonts/Play-Regular.ttf HTTP/1.1
Host: lxrvzdvv.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lxrvzdvv.top/template/1999/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 28 Sep 2023 10:42:21 GMT
content-type: application/octet-stream
content-length: 171084
last-modified: Tue, 15 Oct 2019 07:56:48 GMT
etag: "5da57bc0-29c4c"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LCN36jHkHUck8UT9W8Utx3Uf314nZuKYAvK3YbE0HlJX5hsL9KXLKsasMEi1msHyEhYHKC2wpS7vce5a3gKL56ZTfWes4DgT1JTBiNrN%2FyL3%2Bs%2FXrOTCptOW%2BR9HoJU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80db61114de3568f-OSL
alt-svc: h3=":443"; ma=86400

lxrvzdvv.top/template/1999/images/bnr-1.jpg

172.67.205.218

404 Not Found

435 B

URL GET HTTP/3
lxrvzdvv.top/template/1999/images/bnr-1.jpg
IP
172.67.205.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lxrvzdvv.top/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint92:77:C3:9E:B4:DF:17:E3:AE:EE:16:5B:DB:6D:88:D3:B5:F0:21:11
ValidityTue, 13 Jun 2023 00:00:00 GMT - Wed, 12 Jun 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
435 B (435 bytes)
Hash
7d4abb90e0acffebd415bc3572b97053
5185f2697596d3f7409c9e0c3a11e4d120b353ba
6612c76dbfca4350d273cb9c935564f23efeb6a1af663f89fd0ea4cc7ca08fc1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /template/1999/images/bnr-1.jpg HTTP/1.1
Host: lxrvzdvv.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lxrvzdvv.top/template/1999/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Thu, 28 Sep 2023 10:42:21 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QqN9NJXzEF9L1kd1DJo06WAGk2XsV1QTU%2BQa7I5fJXFmR8LQYi9S5zpPUHB2GZhW56cCbcFMMDUlcTZ2vNAutUA5bJlaNRP%2FfLQsYAUgmjqovX7iZLqQ35uq9gJBUHY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80db6110cd72568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

js.users.51.la/21599467.js

42.236.73.40

200 OK

2.3 kB

URL GET HTTP/1.1
js.users.51.la/21599467.js
IP
42.236.73.40:443
ASN
#4837 CHINA UNICOM China169 Backbone

Requested by
https://lxrvzdvv.top/
Certificate
IssuerGlobalSign nv-sa
Subject*.users.51.la
Fingerprint8E:9F:59:98:28:F2:49:A9:E1:19:45:C2:49:ED:B2:F6:B8:E1:C6:39
ValidityFri, 14 Apr 2023 03:17:41 GMT - Wed, 15 May 2024 03:17:40 GMT

File type
ASCII text, with very long lines (4898), with no line terminators
Size
2.3 kB (2307 bytes)
Hash
a330a374322f826ada7beb199b494123
76ea226b24cd50d78f6a894cac212a513a9e88a8
0e4a686399728ac5016c8671155be159ba22414339e9498de33e6ef416ea9f72

HTTP Headers

GET /21599467.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lxrvzdvv.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Thu, 28 Sep 2023 10:42:22 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: *
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Content-Encoding: gzip

sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://lxrvzdvv.top/

104.193.88.123

200 OK

0 B

URL GET HTTP/1.1
sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://lxrvzdvv.top/
IP
104.193.88.123:443
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

Requested by
https://lxrvzdvv.top/
Certificate
IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://lxrvzdvv.top/ HTTP/1.1
Host: sp0.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lxrvzdvv.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Thu, 28 Sep 2023 10:42:23 GMT

collect-v6.51.la/v6/collect?dt=4

203.107.86.226

403

0 B

URL POST HTTP/1.1
collect-v6.51.la/v6/collect?dt=4
IP
203.107.86.226:443
ASN
#0

Requested by
https://lxrvzdvv.top/
Certificate
IssuerGlobalSign nv-sa
Subject*.51.la
Fingerprint9E:F3:EB:9A:59:E9:6D:6E:48:13:64:78:3C:33:1D:AA:79:52:5B:79
ValidityThu, 20 Apr 2023 01:12:57 GMT - Tue, 21 May 2024 01:12:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 349
Origin: https://lxrvzdvv.top
DNT: 1
Connection: keep-alive
Referer: https://lxrvzdvv.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 
Date: Thu, 28 Sep 2023 10:42:22 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: aliyungf_tc=6c4dc1afd0347eee45ed884fbfa608e05a347544b1b7e5c957ceaca83c93050f; Path=/; HttpOnly
acw_tc=0bc5049016958977424505707e9ad82f686ce378e14ef50b72bcce44cd8c76;path=/;HttpOnly;Max-Age=1800
Server: nginx
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: https://lxrvzdvv.top
Access-Control-Allow-Credentials: true

lxrvzdvv.top/favicon.ico

172.67.205.218

200 OK

1.2 kB

URL GET HTTP/3
lxrvzdvv.top/favicon.ico
IP
172.67.205.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lxrvzdvv.top/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint92:77:C3:9E:B4:DF:17:E3:AE:EE:16:5B:DB:6D:88:D3:B5:F0:21:11
ValidityTue, 13 Jun 2023 00:00:00 GMT - Wed, 12 Jun 2024 23:59:59 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
591676289e8a2b06c3fc31137810d2c0
f53c4f56f983f6b96198806a60624ba16741a156
2cab8e512dc07af44384a4e2c0e7020b04e03331affaa96aa54d489d6274e4de

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: lxrvzdvv.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lxrvzdvv.top/
Cookie: __vtins__K1uQHKYeOMFb5rQK=%7B%22sid%22%3A%20%225d97473e-339d-5026-b94b-b80664fffe03%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201695899541643%2C%20%22ct%22%3A%201695897741643%7D; __51uvsct__K1uQHKYeOMFb5rQK=1; __51vcke__K1uQHKYeOMFb5rQK=4307a52f-5177-535d-8025-f4395715667b; __51vuft__K1uQHKYeOMFb5rQK=1695897741647; __tins__21599467=%7B%22sid%22%3A%201695897743160%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201695899543160%7D; __51cke__=; __51laig__=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 28 Sep 2023 10:42:23 GMT
content-type: image/x-icon
last-modified: Thu, 17 Oct 2019 11:19:32 GMT
etag: W/"5da84e44-47e"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eqndt%2FS2eI6w2U27M%2BhYxbYpr%2FJ4NpwkIo%2B9giXgMbFpWjs%2F%2BdauILisXWOWyU439d1ABsBJHjAwEpYxf%2FHzXqP%2B4d79FAdCw%2F%2FMod1XbuPEVlJf2K%2BFE0P9HHJboxk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80db611e1fa2568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

lxrvzdvv.top/template/1999/css/style.css

172.67.205.218

200 OK

45 kB

URL GET HTTP/3
lxrvzdvv.top/template/1999/css/style.css
IP
172.67.205.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lxrvzdvv.top/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint92:77:C3:9E:B4:DF:17:E3:AE:EE:16:5B:DB:6D:88:D3:B5:F0:21:11
ValidityTue, 13 Jun 2023 00:00:00 GMT - Wed, 12 Jun 2024 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
45 kB (45103 bytes)
Hash
422a833ae152e2f539c64237aa178011
483ae8e0864ed5d84f1a864fb4afaa9d1cc3e6ce
cee744f951adf22e069c184126417af97b90798b816437f75076a98afd2ff4a5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /template/1999/css/style.css HTTP/1.1
Host: lxrvzdvv.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lxrvzdvv.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 28 Sep 2023 10:42:19 GMT
content-type: text/css
last-modified: Tue, 15 Oct 2019 07:56:48 GMT
vary: Accept-Encoding
etag: W/"5da57bc0-b02f"
expires: Thu, 28 Sep 2023 22:42:19 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C5rkBen1Ch2neOOO0XVutYVdz7O4gCkVl0KZ%2BP%2BpvyABQh85bEgN1upMWEF1q4F2Xw51MIi1aVHqn%2FijiZrsNPPAhpM8Nsx54rF00PJoFzTnrzdmFQ%2B5USAcp%2BtkNpg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80db6107dde8568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

sdk.51.la/js-sdk-pro.min.js

47.246.44.205

200 OK

34 kB

URL GET HTTP/2
sdk.51.la/js-sdk-pro.min.js
IP
47.246.44.205:443
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

Requested by
https://lxrvzdvv.top/
Certificate
IssuerGlobalSign nv-sa
Subject*.51.la
Fingerprint9E:F3:EB:9A:59:E9:6D:6E:48:13:64:78:3C:33:1D:AA:79:52:5B:79
ValidityThu, 20 Apr 2023 01:12:57 GMT - Tue, 21 May 2024 01:12:56 GMT

File type

Size
34 kB (34330 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lxrvzdvv.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 12846
date: Thu, 21 Sep 2023 16:07:28 GMT
x-oss-request-id: 650C6A40B1F5253639E6185C
x-oss-cdn-auth: success
accept-ranges: bytes
x-oss-object-type: Normal
x-oss-storage-class: Standard
content-md5: JLtSDpUX8u0+2Ye0aur3Iw==
x-oss-server-time: 3
ali-swift-global-savetime: 1695312448
via: cache15.l2de2[0,0,304-0,H], cache11.l2de2[1,0], cache3.se1[0,0,200-0,H], cache2.se1[1,0]
etag: "24BB520E9517F2ED3ED987B46AEAF723"
last-modified: Thu, 08 Jun 2023 02:24:34 GMT
vary: Accept-Encoding
x-oss-hash-crc64ecma: 5143829838470429443
content-encoding: gzip
age: 585293
x-cache: HIT TCP_MEM_HIT dirn:7:153293023
x-swift-savetime: Thu, 21 Sep 2023 16:07:29 GMT
x-swift-cachetime: 1295999
access-control-allow-origin: *
timing-allow-origin: *
eagleid: 2ff62c9616958977412492761e
X-Firefox-Spdy: h2

lxrvzdvv.top/

172.67.205.218

200 OK

849 kB

URL User Request GET HTTP/2
lxrvzdvv.top/
IP
172.67.205.218:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint92:77:C3:9E:B4:DF:17:E3:AE:EE:16:5B:DB:6D:88:D3:B5:F0:21:11
ValidityTue, 13 Jun 2023 00:00:00 GMT - Wed, 12 Jun 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (36303), with CRLF, LF line terminators
Size
849 kB (848784 bytes)
Hash
2d1acc50a5e8a488723db0bfb6c30fd0
0512c4cef0851ebf5e8f5a728e7a3dd62c1fcb6e
f7df31915bfa7c35a09ae9d9d988ebc758de9122d354caa343294d0789990eb9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: lxrvzdvv.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 28 Sep 2023 10:42:19 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GQ3O2U3TR4Aj0jW1gBgD6vWB1x4IJQ9oFcqM8hvXxKqsmVwmv%2Ff9AstUTeKcYQHcwyAi05y3NaFbuXxkurWkFGv3p1zZ%2ByvHkYNhAEhkEWjZFwupGumOicr7LFzeoow%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80db6102b9020b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

lxrvzdvv.top/template/1999/images/bnr-3.jpg

172.67.205.218

404 Not Found

1.2 kB

URL GET HTTP/3
lxrvzdvv.top/template/1999/images/bnr-3.jpg
IP
172.67.205.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lxrvzdvv.top/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint92:77:C3:9E:B4:DF:17:E3:AE:EE:16:5B:DB:6D:88:D3:B5:F0:21:11
ValidityTue, 13 Jun 2023 00:00:00 GMT - Wed, 12 Jun 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1309), with no line terminators
Size
1.2 kB (1217 bytes)
Hash
1cb8f287f9cfc71109ed95c261f2ae00
0d2aee1f4ad2bbfa7a77535a92dcddb960993cc7
5b049d7f99b526ea9a4329f8676aad3e40fc7472f56aff96563623ddcd34741c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /template/1999/images/bnr-3.jpg HTTP/1.1
Host: lxrvzdvv.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lxrvzdvv.top/template/1999/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Thu, 28 Sep 2023 10:42:21 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SUyzWY03D9aZ%2B8Dd1UVM8lYI5GQSJwRCnXLpRlEtpnqVE1mjtLzlf01h2FyI76ybMjk2dpoZiKCM9lAgusm%2B%2B44y7QZaw1vc3KQq3iq3xwz%2BIjJhJYJeOIJ6vBRONy0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80db6110cd79568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ia.51.la/go1?id=21599467&rt=1695897743160&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25EF%25BB%25BF%25E6%2595%25AC%25E5%2591%258A%253A%25E6%259C%25AA%25E6%25BB%25BF18%25E5%25B2%2581%25E8%2580%2585%25E8%25AB%258B%25E5%258B%25BF%25E9%2580%25B2%25E5%2585%25A5WWW.38SV%252CCOM_WWW&ing=1&ekc=&sid=1695897743160&tt=WWW.38SV%252CCOM_WWW38SVCOM_%25E6%2588%2590%25E4%25BA%25BA%25E9%25A6%2596%25E9%25A0%2581&kw=%25EF%25BB%25BFWWW.38SV%252CCOM_WWW38SVCOM%252C%25E7%259C%258B%25E7%2589%2587X%25E5%258C%25BA%252C%25E6%2588%2590%25E4%25BA%25BA%25E9%25A6%2596%25E9%25A0%2581&cu=https%253A%252F%252Flxrvzdvv.top%252F&pu=

0.0.0.0

0 B

URL GET
ia.51.la/go1?id=21599467&rt=1695897743160&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25EF%25BB%25BF%25E6%2595%25AC%25E5%2591%258A%253A%25E6%259C%25AA%25E6%25BB%25BF18%25E5%25B2%2581%25E8%2580%2585%25E8%25AB%258B%25E5%258B%25BF%25E9%2580%25B2%25E5%2585%25A5WWW.38SV%252CCOM_WWW&ing=1&ekc=&sid=1695897743160&tt=WWW.38SV%252CCOM_WWW38SVCOM_%25E6%2588%2590%25E4%25BA%25BA%25E9%25A6%2596%25E9%25A0%2581&kw=%25EF%25BB%25BFWWW.38SV%252CCOM_WWW38SVCOM%252C%25E7%259C%258B%25E7%2589%2587X%25E5%258C%25BA%252C%25E6%2588%2590%25E4%25BA%25BA%25E9%25A6%2596%25E9%25A0%2581&cu=https%253A%252F%252Flxrvzdvv.top%252F&pu=
IP
0.0.0.0:0
ASN
#0

Requested by
https://lxrvzdvv.top/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /go1?id=21599467&rt=1695897743160&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25EF%25BB%25BF%25E6%2595%25AC%25E5%2591%258A%253A%25E6%259C%25AA%25E6%25BB%25BF18%25E5%25B2%2581%25E8%2580%2585%25E8%25AB%258B%25E5%258B%25BF%25E9%2580%25B2%25E5%2585%25A5WWW.38SV%252CCOM_WWW&ing=1&ekc=&sid=1695897743160&tt=WWW.38SV%252CCOM_WWW38SVCOM_%25E6%2588%2590%25E4%25BA%25BA%25E9%25A6%2596%25E9%25A0%2581&kw=%25EF%25BB%25BFWWW.38SV%252CCOM_WWW38SVCOM%252C%25E7%259C%258B%25E7%2589%2587X%25E5%258C%25BA%252C%25E6%2588%2590%25E4%25BA%25BA%25E9%25A6%2596%25E9%25A0%2581&cu=https%253A%252F%252Flxrvzdvv.top%252F&pu= HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lxrvzdvv.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

lxrvzdvv.top/template/1999/css/bootstrap.css

172.67.205.218

200 OK

141 kB

URL GET HTTP/3
lxrvzdvv.top/template/1999/css/bootstrap.css
IP
172.67.205.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lxrvzdvv.top/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint92:77:C3:9E:B4:DF:17:E3:AE:EE:16:5B:DB:6D:88:D3:B5:F0:21:11
ValidityTue, 13 Jun 2023 00:00:00 GMT - Wed, 12 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (540)
Size
141 kB (141391 bytes)
Hash
ba57110b0015ea3d80a9b4b299b52b6f
aa31617e1933f09cde597573a9e541cb8bd39399
05b7681d498c6753ace2e0fe33d74a51ff1739db7e1c3d6c9b56444c81ebfe92

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /template/1999/css/bootstrap.css HTTP/1.1
Host: lxrvzdvv.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lxrvzdvv.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 28 Sep 2023 10:42:20 GMT
content-type: text/css
last-modified: Tue, 15 Oct 2019 07:56:48 GMT
vary: Accept-Encoding
etag: W/"5da57bc0-2284f"
expires: Thu, 28 Sep 2023 22:42:19 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2FynT%2FHPlyUBqCWTwe5YJP4NUBPFl6qyDKUlYI5I5JK9%2B0uIR8CXOJyWdQY1D%2Fp54LyqR%2BnmEHH74M69WRmzWipzUu5Mk9SHwV98zfQhYmkGi6%2FXEkvYN0Pl3Vw14pE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80db6107cde1568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

lxrvzdvv.top/Aquery.js

172.67.205.218

200 OK

540 B

URL GET HTTP/3
lxrvzdvv.top/Aquery.js
IP
172.67.205.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lxrvzdvv.top/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint92:77:C3:9E:B4:DF:17:E3:AE:EE:16:5B:DB:6D:88:D3:B5:F0:21:11
ValidityTue, 13 Jun 2023 00:00:00 GMT - Wed, 12 Jun 2024 23:59:59 GMT

File type
ASCII text, with very long lines (556), with no line terminators
Size
540 B (540 bytes)
Hash
9988d60d2af7295734e3bd6d7acd296e
3e98c7ac2dde441b5fe9ab4666c2f206a15aebf1
553ac2cc49df373a2e138fb5d962a306250472c5785d33ec91de2957d188c976

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /Aquery.js HTTP/1.1
Host: lxrvzdvv.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lxrvzdvv.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 28 Sep 2023 10:42:19 GMT
content-type: application/javascript
last-modified: Thu, 27 Apr 2023 11:43:43 GMT
etag: W/"644a5fef-21c"
expires: Thu, 28 Sep 2023 22:42:19 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P84IQiH4%2BwFKNyUCHrhkweRIEw7iLyt1Zd765jXnBrdqXKP2pTNPnksKPidlT2NhS9IcBMLvtHTssxsfGAfYhER%2FlAundRgL7zcpn31%2Bf%2Bhtnj5To8hT2IjXHdrBKFk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80db6107edef568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.lelifi.com/app/app.js?t=shang&c=google&mb=1

104.21.46.15

200 OK

3.9 kB

URL GET HTTP/2
www.lelifi.com/app/app.js?t=shang&c=google&mb=1
IP
104.21.46.15:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lxrvzdvv.top/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA7:86:67:95:65:3F:9F:95:2C:EB:56:1E:31:DA:D9:C2:31:58:79:9F
ValidityWed, 24 May 2023 00:00:00 GMT - Thu, 23 May 2024 23:59:59 GMT

File type
HTML document text\012- HTML document, ASCII text, with very long lines (4038), with no line terminators
Size
3.9 kB (3870 bytes)
Hash
edddb32c266f563ed5439ccaabd5c013
56e909aa503353690a94e1553628d9339b9ad8f4
b1a32a318e076cad16291cec02c4f14fddabf3ed78c26607a104c4525a87a02d

HTTP Headers

GET /app/app.js?t=shang&c=google&mb=1 HTTP/1.1
Host: www.lelifi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lxrvzdvv.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 28 Sep 2023 10:42:20 GMT
content-type: application/javascript
last-modified: Wed, 27 Sep 2023 12:41:13 GMT
vary: Accept-Encoding
etag: W/"651422e9-f1e"
expires: Thu, 28 Sep 2023 22:42:20 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mQBhTgReChcbmi5dCbgmUag2y%2F%2FdooVdrC1u4L1fmvThYoQiqmep4DTGjl9rEejFIOTxvtL%2B62tRdJ8%2FqO6H5WEABjyutukXHPuGDx76sbfKnqweCjQRWpJKtla3ZkfHcg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80db610beb3856ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

lxrvzdvv.top/Baidu.js

172.67.205.218

200 OK

656 B

URL GET HTTP/3
lxrvzdvv.top/Baidu.js
IP
172.67.205.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lxrvzdvv.top/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint92:77:C3:9E:B4:DF:17:E3:AE:EE:16:5B:DB:6D:88:D3:B5:F0:21:11
ValidityTue, 13 Jun 2023 00:00:00 GMT - Wed, 12 Jun 2024 23:59:59 GMT

File type
HTML document text\012- HTML document, ASCII text, with very long lines (719), with no line terminators
Size
656 B (656 bytes)
Hash
e0f12ea623a6560c41dd23c913dd6ac6
dd58ca325927cc98d88779d6e5c62cb108fd84e8
f3441e7e638fe718f8b6d17d9fa4e7ca53bbb89486e64ed1e7286f72ff23ac17

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /Baidu.js HTTP/1.1
Host: lxrvzdvv.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lxrvzdvv.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 28 Sep 2023 10:42:19 GMT
content-type: application/javascript
last-modified: Tue, 11 Apr 2023 03:46:29 GMT
etag: W/"6434d815-290"
expires: Thu, 28 Sep 2023 22:42:19 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=97wsiBbV%2BtfBHx87baak7xoszUFZV68%2BwZLIl0gDQOXScWF1bLivb34QloHvtSGpgo7kta31LhidMUOeAQNwlzpbw3LlMs5iHytjb%2B2y3E9lOcvRGnNArBc%2FqpXirNs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80db6108ae9d568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

lxrvzdvv.top/template/1999/images/search.png

172.67.205.218

200 OK

3.1 kB

URL GET HTTP/3
lxrvzdvv.top/template/1999/images/search.png
IP
172.67.205.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lxrvzdvv.top/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint92:77:C3:9E:B4:DF:17:E3:AE:EE:16:5B:DB:6D:88:D3:B5:F0:21:11
ValidityTue, 13 Jun 2023 00:00:00 GMT - Wed, 12 Jun 2024 23:59:59 GMT

File type
PNG image data, 15 x 15, 8-bit/color RGBA, non-interlaced\012- data
Size
3.1 kB (3124 bytes)
Hash
bdfc6d732c1fc509fa3f738786d2e563
1251796c781b99552e10f4c942c8a44483fb6514
fc47f99332b12bbfd7d555d1f48b16c5ea98d12e249d9c57f94a48006cfb4391

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /template/1999/images/search.png HTTP/1.1
Host: lxrvzdvv.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lxrvzdvv.top/template/1999/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 28 Sep 2023 10:42:21 GMT
content-type: image/png
content-length: 3124
last-modified: Tue, 15 Oct 2019 07:56:48 GMT
etag: "5da57bc0-c34"
expires: Sat, 28 Oct 2023 10:42:21 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AuQR6vcS%2Bb1uSDnZUIDxDZOGcxuLV25lX1B1tXurpuD4XCQoC3XmHXP7z2NwiV7O1EEAXOxEsM0fSCCscOjncMFvHjwpssKJxptUudEJs%2F7DCx29xHAugNkiIxAptXs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80db6110cd6e568f-OSL
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

HTTP Transactions (31)

URL GET HTTP/3

IP

ASN