k9pplm.cc/invite/i=5702https:/bskeaf.de/invite/i=6405https:/kobae.de/invite/i=49873https:/nwokolo3.cc/invite/i=59609
200 OK 817 B URL User Request GET HTTP/2 k9pplm.cc/invite/i=5702https:/bskeaf.de/invite/i=6405https:/kobae.de/invite/i=49873https:/nwokolo3.cc/invite/i=59609
IP
Certificate IssuerGoogle Trust Services LLC
Subjectk9pplm.cc
Fingerprint89:BB:08:F5:77:08:12:B4:A1:9B:75:D5:E4:86:D3:02:3D:28:72:51
ValiditySat, 05 Aug 2023 15:55:05 GMT - Fri, 03 Nov 2023 15:55:04 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2441), with no line terminators
Hash 8c3643aef96d2306d1aa670eeebb5dcc
7dd937e703ba35641aef093ed2d478dad36c4eda
ba5d62078e7aa60f5db84d9504ea065355e18881c8ed4914977f62236ae3bee7
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /invite/i=5702https:/bskeaf.de/invite/i=6405https:/kobae.de/invite/i=49873https:/nwokolo3.cc/invite/i=59609 HTTP/1.1
Host: k9pplm.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 20 Aug 2023 18:31:56 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YPpMKtG8n6Ajlz73RhV8%2Bao%2BoJHkqC%2BYlZnkVkQgLOkrho9HeXLSbK2ygz%2B6XwQ6yJGmbWhhOSyAsIGJ%2BX4p77iQC602LQzdvm4f9kVTEbIr1T6pFmBRTZZXk2w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f9cb74e5d11fac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.discordapp.com/attachments/1142026965566623826/1142027002094813244/555.mp4
2.0 MB URL cdn.discordapp.com/attachments/1142026965566623826/1142027002094813244/555.mp4
IP
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size 2.0 MB (1960692 bytes)
Hash f975a6048c0c498771d4264714e304b7
15514ee10ddb412a0c389b414d29e626c6ce4728
5d0cf72ceaba054efcb23b30aca51c8c7967e2fccf031441266a233167588a9a
GET /attachments/1142026965566623826/1142027002094813244/555.mp4 HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://k9pplm.cc/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
date: Sun, 20 Aug 2023 18:31:58 GMT
content-type: video/mp4
content-length: 4909812
content-range: bytes 0-4909811/4909812
cf-ray: 7f9cb75c9b01b529-OSL
cf-cache-status: HIT
age: 153840
cache-control: public, max-age=31536000
content-disposition: attachment; filename=555.mp4
etag: "074f497fa07807c89a643962875b1326"
expires: Mon, 19 Aug 2024 18:31:58 GMT
last-modified: Fri, 18 Aug 2023 09:27:35 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-goog-generation: 1692350855245406
x-goog-hash: crc32c=vzsn/A==, md5=B09Jf6B4B8iaZDlih1sTJg==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 4909812
x-guploader-uploadid: ADPycduZvZHz-R4zLUmpCrIvZ6JrTjeOSC6FE3g_v2wi9q2H3JrsNdJo7mdbGbgzA5xQVmSCRGw2bc2_v5hM0Qg1RepAXcfajNP_
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
set-cookie: __cf_bm=8x5wSMqlCGqTCLf9pAGyDqQy14c25prn3lLYY73S9fk-1692556318-0-AfLslY9GnSYYErlmT6wi5IO9pxcrK3IZ+7xPFJsmf8suweODsOCJRduvhkdeQ2EOY6H1eDzDyFJvOS2yun0c4hM=; path=/; expires=Sun, 20-Aug-23 19:01:58 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vrhh8kP6L7WgYqconObSqIK%2B7aTJXt%2B55sACTzSoebwYjs%2FrIMAgIyafd2b6sOGdx69nhVwSFKf36BguQ5pflmDqui68lieTpd54bVFXk2kM2zNVvVROL%2FhmxM5AkOhkpbd%2B9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.discordapp.com/attachments/1142026965566623826/1142027002094813244/555.mp4
563 kB URL cdn.discordapp.com/attachments/1142026965566623826/1142027002094813244/555.mp4
IP
Size 563 kB (562557 bytes)
Hash 6b7bd7eba0478cedea9e66d34fa10df5
1fdb4b80e50b7858dfe1ef02927975701c0cbb33
0771ade60e42955dbd64c0595e9510e58b4573869f55d5554021a35dfeff3655
GET /attachments/1142026965566623826/1142027002094813244/555.mp4 HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=786432-
DNT: 1
Connection: keep-alive
Referer: https://k9pplm.cc/
Cookie: __cf_bm=8x5wSMqlCGqTCLf9pAGyDqQy14c25prn3lLYY73S9fk-1692556318-0-AfLslY9GnSYYErlmT6wi5IO9pxcrK3IZ+7xPFJsmf8suweODsOCJRduvhkdeQ2EOY6H1eDzDyFJvOS2yun0c4hM=
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 206 Partial Content
date: Sun, 20 Aug 2023 18:31:58 GMT
content-type: video/mp4
content-length: 4123380
content-range: bytes 786432-4909811/4909812
cf-ray: 7f9cb75f2b87b517-OSL
cf-cache-status: HIT
age: 153840
cache-control: public, max-age=31536000
content-disposition: attachment; filename=555.mp4
etag: "074f497fa07807c89a643962875b1326"
expires: Mon, 19 Aug 2024 18:31:58 GMT
last-modified: Fri, 18 Aug 2023 09:27:35 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-goog-generation: 1692350855245406
x-goog-hash: crc32c=vzsn/A==, md5=B09Jf6B4B8iaZDlih1sTJg==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 4909812
x-guploader-uploadid: ADPycduZvZHz-R4zLUmpCrIvZ6JrTjeOSC6FE3g_v2wi9q2H3JrsNdJo7mdbGbgzA5xQVmSCRGw2bc2_v5hM0Qg1RepAXcfajNP_
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sg0SIVEp3v2952J2y61o%2F40R%2Btf1jU%2F6YiNb0aXi1%2BT70%2BJPQ3a8vyy%2BMDXFcx1pIUn91AOeBxffG2FpI4R%2B5XgeiEj3KM0acpLUE9PCAXlWd%2Fe7qfvbVccIgoLTES%2Bc1zgR9A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
statuse.digitalcertvalidation.com/
471 B URL statuse.digitalcertvalidation.com/
IP
Hash 182de2a8e9fe5d16dac74524550cd2a6
b73bac9e51ee07d91a1372b1f1d750d72d77b4fb
c5aafbc1db8d603c583101abc644c32ddd2a485159db2d475ac3f1f50e21ea36
POST / HTTP/1.1
Host: statuse.digitalcertvalidation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1403
Cache-Control: max-age=7200
Content-Type: application/ocsp-response
Date: Sun, 20 Aug 2023 18:31:58 GMT
Last-Modified: Sun, 20 Aug 2023 18:08:36 GMT
Server: ECAcc (ska/F775)
X-Cache: HIT
Content-Length: 471
b.yzcdn.cn/vant/icon-demo-1126.png
200 OK 8.9 kB URL GET HTTP/2 b.yzcdn.cn/vant/icon-demo-1126.png
IP
ASN #139879 Galaxy Broadband
Requested by https://k9pplm.cc/invite/i=5702https:/bskeaf.de/invite/i=6405https:/kobae.de/invite/i=49873https:/nwokolo3.cc/invite/i=59609
Certificate IssuerTrustAsia Technologies, Inc.
Subject*.yzcdn.cn
Fingerprint01:AC:4A:6F:29:20:56:58:D8:9C:1E:AD:13:3D:42:1E:43:48:EC:CE
ValidityMon, 31 Oct 2022 00:00:00 GMT - Wed, 29 Nov 2023 23:59:59 GMT
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash f87c46f346a5548224ccbe0b6bd75df5
8e8b8bd4ba3e6b6c8557d94a726061fdd62492fd
b6304eb9b754d38d3ad74d0acce42c156536840351368ed3e4895a6b50cd9370
GET /vant/icon-demo-1126.png HTTP/1.1
Host: b.yzcdn.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k9pplm.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 20 Aug 2023 18:31:59 GMT
content-type: image/png
content-length: 8886
server: openresty
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: X-Log, X-Reqid
access-control-max-age: 2592000
cache-control: public, max-age=2592000
content-disposition: inline; filename="icon-demo-1126.png"; filename*=utf-8''icon-demo-1126.png
content-md5: +HxG80alVIIkzL4La9dd9Q==
content-transfer-encoding: binary
etag: "Fo6Li9S6PmtshVfZSnJgYf3WJJL9"
last-modified: Mon, 26 Nov 2018 11:08:05 GMT
x-reqid: YyIAAAASg9geDiAX
x-svr: IO
x-qiniu-zone: 0
x-log: X-Log
x-ser: BC5_dx-lt-yd-zhejiang-huzhou-3-cache-7, BC132_IT-Lombardia-Milan-1-cache-1, BC2_DE-Frankfurt-Frankfurt-11-cache-1
x-cache: HIT from BC2_DE-Frankfurt-Frankfurt-11-cache-1(baishan)
X-Firefox-Spdy: h2
k9pplm.cc/js/app.86a1b664.js
200 OK 183 kB URL GET HTTP/3 k9pplm.cc/js/app.86a1b664.js
IP
Requested by https://k9pplm.cc/invite/i=5702https:/bskeaf.de/invite/i=6405https:/kobae.de/invite/i=49873https:/nwokolo3.cc/invite/i=59609
Certificate IssuerGoogle Trust Services LLC
Subjectk9pplm.cc
Fingerprint89:BB:08:F5:77:08:12:B4:A1:9B:75:D5:E4:86:D3:02:3D:28:72:51
ValiditySat, 05 Aug 2023 15:55:05 GMT - Fri, 03 Nov 2023 15:55:04 GMT
Size 183 kB (182697 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /js/app.86a1b664.js HTTP/1.1
Host: k9pplm.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k9pplm.cc/invite/i=5702https:/bskeaf.de/invite/i=6405https:/kobae.de/invite/i=49873https:/nwokolo3.cc/invite/i=59609
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 20 Aug 2023 18:31:56 GMT
content-type: text/javascript; charset=utf-8
last-modified: Fri, 18 Aug 2023 20:56:51 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZYwC5qvHBI5ZhkDRZgiBrUscY7qQypEQhJnyXDXA%2FeAPxA8xbWi9Ai0SdbauN7hDpuX7olI7a4AOmhiKwUgLdrleNCQ6TMYa%2FeEzxJiSbbJ6frM0gKcSbXTkEhM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f9cb7525cdbb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
k9pplm.cc/getlog
200 OK 11 kB IP
Requested by https://k9pplm.cc/invite/i=5702https:/bskeaf.de/invite/i=6405https:/kobae.de/invite/i=49873https:/nwokolo3.cc/invite/i=59609
Certificate IssuerGoogle Trust Services LLC
Subjectk9pplm.cc
Fingerprint89:BB:08:F5:77:08:12:B4:A1:9B:75:D5:E4:86:D3:02:3D:28:72:51
ValiditySat, 05 Aug 2023 15:55:05 GMT - Fri, 03 Nov 2023 15:55:04 GMT
File type JSON data\012- , ASCII text, with very long lines (11402), with no line terminators
Hash 185fe919c5a8861e2d945f182f548e66
ef439f26adc8288443895640d2847eeea572b596
04851f72e04f1ef1ba0008e32971de01a677f6f2a8c958541b1418f1c31d389b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /getlog HTTP/1.1
Host: k9pplm.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k9pplm.cc/enter/register
Cookie: inviteNumber=-1; username=; hasLogin=false; tier=-1; password=; userId=-1; hasGuide=false
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 20 Aug 2023 18:31:58 GMT
content-type: application/json; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QVlZxGkVIqa5L4pOCTtqjfTlbAoifnVBPK%2B6oN81RankehMuhjJcSsOTj9EWuVToNRR3jaCY5yklyTmQfpGaAFmWaPge%2Fd9NMjyjAa1A%2B8b7cYGIpOiMlB9mDFI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f9cb75beddbb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cdn.discordapp.com/attachments/1142026965566623826/1142027002094813244/555.mp4
206 Partial Content 1.6 MB URL GET HTTP/2 cdn.discordapp.com/attachments/1142026965566623826/1142027002094813244/555.mp4
IP
Requested by https://k9pplm.cc/invite/i=5702https:/bskeaf.de/invite/i=6405https:/kobae.de/invite/i=49873https:/nwokolo3.cc/invite/i=59609
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint6E:02:1B:20:66:69:87:FB:2C:CB:B1:55:96:C9:78:3A:9C:81:1D:F4
ValiditySat, 19 Nov 2022 00:00:00 GMT - Sun, 19 Nov 2023 23:59:59 GMT
Size 1.6 MB (1572864 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /attachments/1142026965566623826/1142027002094813244/555.mp4 HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://k9pplm.cc/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
date: Sun, 20 Aug 2023 18:31:58 GMT
content-type: video/mp4
content-length: 4909812
content-range: bytes 0-4909811/4909812
cf-ray: 7f9cb75c9b01b529-OSL
cf-cache-status: HIT
age: 153840
cache-control: public, max-age=31536000
content-disposition: attachment; filename=555.mp4
etag: "074f497fa07807c89a643962875b1326"
expires: Mon, 19 Aug 2024 18:31:58 GMT
last-modified: Fri, 18 Aug 2023 09:27:35 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-goog-generation: 1692350855245406
x-goog-hash: crc32c=vzsn/A==, md5=B09Jf6B4B8iaZDlih1sTJg==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 4909812
x-guploader-uploadid: ADPycduZvZHz-R4zLUmpCrIvZ6JrTjeOSC6FE3g_v2wi9q2H3JrsNdJo7mdbGbgzA5xQVmSCRGw2bc2_v5hM0Qg1RepAXcfajNP_
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
set-cookie: __cf_bm=8x5wSMqlCGqTCLf9pAGyDqQy14c25prn3lLYY73S9fk-1692556318-0-AfLslY9GnSYYErlmT6wi5IO9pxcrK3IZ+7xPFJsmf8suweODsOCJRduvhkdeQ2EOY6H1eDzDyFJvOS2yun0c4hM=; path=/; expires=Sun, 20-Aug-23 19:01:58 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vrhh8kP6L7WgYqconObSqIK%2B7aTJXt%2B55sACTzSoebwYjs%2FrIMAgIyafd2b6sOGdx69nhVwSFKf36BguQ5pflmDqui68lieTpd54bVFXk2kM2zNVvVROL%2FhmxM5AkOhkpbd%2B9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
X-Firefox-Spdy: h2
cdn.discordapp.com/attachments/1142026965566623826/1142027002094813244/555.mp4
206 Partial Content 27 kB URL GET HTTP/3 cdn.discordapp.com/attachments/1142026965566623826/1142027002094813244/555.mp4
IP
Requested by https://k9pplm.cc/invite/i=5702https:/bskeaf.de/invite/i=6405https:/kobae.de/invite/i=49873https:/nwokolo3.cc/invite/i=59609
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint6E:02:1B:20:66:69:87:FB:2C:CB:B1:55:96:C9:78:3A:9C:81:1D:F4
ValiditySat, 19 Nov 2022 00:00:00 GMT - Sun, 19 Nov 2023 23:59:59 GMT
Hash 5fe35a886ee330c8f38644bc1b77ee0b
73ee1f91513ce07cbc1675699bfbf02983d174dd
3e49183eade9a3fb456c5d9b674a2250f126306c1943a86439ca417b192d477c
GET /attachments/1142026965566623826/1142027002094813244/555.mp4 HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=4882432-
DNT: 1
Connection: keep-alive
Referer: https://k9pplm.cc/
Cookie: __cf_bm=8x5wSMqlCGqTCLf9pAGyDqQy14c25prn3lLYY73S9fk-1692556318-0-AfLslY9GnSYYErlmT6wi5IO9pxcrK3IZ+7xPFJsmf8suweODsOCJRduvhkdeQ2EOY6H1eDzDyFJvOS2yun0c4hM=
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 206 Partial Content
date: Sun, 20 Aug 2023 18:31:58 GMT
content-type: video/mp4
content-length: 27380
content-range: bytes 4882432-4909811/4909812
cf-ray: 7f9cb75e69deb517-OSL
cf-cache-status: HIT
age: 153840
cache-control: public, max-age=31536000
content-disposition: attachment; filename=555.mp4
etag: "074f497fa07807c89a643962875b1326"
expires: Mon, 19 Aug 2024 18:31:58 GMT
last-modified: Fri, 18 Aug 2023 09:27:35 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-goog-generation: 1692350855245406
x-goog-hash: crc32c=vzsn/A==, md5=B09Jf6B4B8iaZDlih1sTJg==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 4909812
x-guploader-uploadid: ADPycduZvZHz-R4zLUmpCrIvZ6JrTjeOSC6FE3g_v2wi9q2H3JrsNdJo7mdbGbgzA5xQVmSCRGw2bc2_v5hM0Qg1RepAXcfajNP_
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UyG%2BI%2FquxsXR5VDaE1lduKUChot8DGY6AxFZc3ZBHi07tO0ONCGed8xn1fJ9TxVOJpkRt%2BfLKZjcbGH4bPk0Un1voNRJ9oTMcVnQXztXQbg8XxDcL%2BoJ79lj0uXxy19zrPfsvw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
k9pplm.cc/img/icons/apple-touch-icon-152x152.png
200 OK 4.0 kB URL GET HTTP/3 k9pplm.cc/img/icons/apple-touch-icon-152x152.png
IP
Requested by https://k9pplm.cc/invite/i=5702https:/bskeaf.de/invite/i=6405https:/kobae.de/invite/i=49873https:/nwokolo3.cc/invite/i=59609
Certificate IssuerGoogle Trust Services LLC
Subjectk9pplm.cc
Fingerprint89:BB:08:F5:77:08:12:B4:A1:9B:75:D5:E4:86:D3:02:3D:28:72:51
ValiditySat, 05 Aug 2023 15:55:05 GMT - Fri, 03 Nov 2023 15:55:04 GMT
File type PNG image data, 152 x 152, 8-bit/color RGB, non-interlaced\012- data
Hash 1a034e64d80905128113e5272a5ab95e
92328e60f63d690f33cd4961b9934a539dc29b82
4d9685d610c4411caadd8d36ce94d3303cf5b05c8e04d67fc232c16a4469a135
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /img/icons/apple-touch-icon-152x152.png HTTP/1.1
Host: k9pplm.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k9pplm.cc/invite/i=5702https:/bskeaf.de/invite/i=6405https:/kobae.de/invite/i=49873https:/nwokolo3.cc/invite/i=59609
Cookie: inviteNumber=-1; username=; hasLogin=false; tier=-1; password=; userId=-1; hasGuide=false
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 20 Aug 2023 18:31:58 GMT
content-type: image/png
content-length: 4046
last-modified: Fri, 18 Aug 2023 20:56:44 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5863
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5aseC0HbHQ8n3zgtJiFJIyI%2BOAFduiBKXx%2F%2BkPeOhPGJToQ%2FX%2BVk7RjHWnj1IvdDPebVFhYgLKGAObnE8Qb65WBT44LYPibOfNvkDDGEzGthcB%2Ff70vquL196N8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f9cb7603d34b527-OSL
alt-svc: h3=":443"; ma=86400
k9pplm.cc/img/icons/favicon.svg
200 OK 2.4 kB URL GET HTTP/3 k9pplm.cc/img/icons/favicon.svg
IP
Requested by https://k9pplm.cc/invite/i=5702https:/bskeaf.de/invite/i=6405https:/kobae.de/invite/i=49873https:/nwokolo3.cc/invite/i=59609
Certificate IssuerGoogle Trust Services LLC
Subjectk9pplm.cc
Fingerprint89:BB:08:F5:77:08:12:B4:A1:9B:75:D5:E4:86:D3:02:3D:28:72:51
ValiditySat, 05 Aug 2023 15:55:05 GMT - Fri, 03 Nov 2023 15:55:04 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2607), with no line terminators
Hash 24ff0adcc30153207dc8a52b97a0656f
d62a655786fd12d313c6fd835fa2ef713b0e5c6f
3d1b0722bd73fc9542327adbe1b2c84877ea07bfee50a998ce509320b12e8eed
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /img/icons/favicon.svg HTTP/1.1
Host: k9pplm.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k9pplm.cc/invite/i=5702https:/bskeaf.de/invite/i=6405https:/kobae.de/invite/i=49873https:/nwokolo3.cc/invite/i=59609
Cookie: inviteNumber=-1; username=; hasLogin=false; tier=-1; password=; userId=-1; hasGuide=false
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 20 Aug 2023 18:31:58 GMT
content-type: text/html; charset=utf-8
cache-control: max-age=14400
cf-cache-status: HIT
age: 5978
last-modified: Sun, 20 Aug 2023 16:52:20 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=13TssyM7BiyAI%2FTDzNVWL%2B6wnZtAWIAZsTkpPdd5tutzTUZF40fkwzd4MT8SjyO4wlRO77%2BH7rEuR%2FOoN9RARvly7fpu8B64Ior1tPgr%2BNUhfTJ4yDwENc8s3D8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f9cb7603d36b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
k9pplm.cc/js/chunk-vendors.ea790e22.js
200 OK 949 kB URL GET HTTP/3 k9pplm.cc/js/chunk-vendors.ea790e22.js
IP
Requested by https://k9pplm.cc/invite/i=5702https:/bskeaf.de/invite/i=6405https:/kobae.de/invite/i=49873https:/nwokolo3.cc/invite/i=59609
Certificate IssuerGoogle Trust Services LLC
Subjectk9pplm.cc
Fingerprint89:BB:08:F5:77:08:12:B4:A1:9B:75:D5:E4:86:D3:02:3D:28:72:51
ValiditySat, 05 Aug 2023 15:55:05 GMT - Fri, 03 Nov 2023 15:55:04 GMT
Size 949 kB (949174 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /js/chunk-vendors.ea790e22.js HTTP/1.1
Host: k9pplm.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k9pplm.cc/invite/i=5702https:/bskeaf.de/invite/i=6405https:/kobae.de/invite/i=49873https:/nwokolo3.cc/invite/i=59609
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 20 Aug 2023 18:31:57 GMT
content-type: text/javascript; charset=utf-8
last-modified: Fri, 18 Aug 2023 20:57:02 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vrtiFPgUHS5bPgU7VW8Fr7aJ%2BsL9M1xVtwxUY6dTOLKtR0164dopENV5T%2B3ZGgUIULTREuB09nYYem22MbZCBBNs2WUUQ0n2yyPsp6QLWVt3T%2BfhphoH1YRzuto%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f9cb7525cd4b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
k9pplm.cc/css/chunk-vendors.c57533e1.css
200 OK 156 kB URL GET HTTP/3 k9pplm.cc/css/chunk-vendors.c57533e1.css
IP
Requested by https://k9pplm.cc/invite/i=5702https:/bskeaf.de/invite/i=6405https:/kobae.de/invite/i=49873https:/nwokolo3.cc/invite/i=59609
Certificate IssuerGoogle Trust Services LLC
Subjectk9pplm.cc
Fingerprint89:BB:08:F5:77:08:12:B4:A1:9B:75:D5:E4:86:D3:02:3D:28:72:51
ValiditySat, 05 Aug 2023 15:55:05 GMT - Fri, 03 Nov 2023 15:55:04 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 156 kB (156544 bytes)
Hash ebfffebc1f62c3be51082e6595a0a005
e278fbd6fd48150b3f366b50ed388983d934978c
f5ce9e73e1f7cea326eedd4f39d9b2d703ba4ccb31a6078cdc1fb16481298a32
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /css/chunk-vendors.c57533e1.css HTTP/1.1
Host: k9pplm.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k9pplm.cc/invite/i=5702https:/bskeaf.de/invite/i=6405https:/kobae.de/invite/i=49873https:/nwokolo3.cc/invite/i=59609
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 20 Aug 2023 18:31:56 GMT
content-type: text/css; charset=utf-8
last-modified: Fri, 18 Aug 2023 20:56:41 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5977
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AjKOlAmLduhA2MLElwUWYKKWUDcdnhbsfdLrwowOHdknJQa73Gu9cHylxqpkBdzB%2FAyLhBYvQJ3Ohyv649TIE3RmY9rY1PgmVqqbn6dL3NYCcJDdNsY1qoWWw04%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f9cb7525ce0b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
k9pplm.cc/css/app.1c049ee3.css
200 OK 14 kB URL GET HTTP/3 k9pplm.cc/css/app.1c049ee3.css
IP
Requested by https://k9pplm.cc/invite/i=5702https:/bskeaf.de/invite/i=6405https:/kobae.de/invite/i=49873https:/nwokolo3.cc/invite/i=59609
Certificate IssuerGoogle Trust Services LLC
Subjectk9pplm.cc
Fingerprint89:BB:08:F5:77:08:12:B4:A1:9B:75:D5:E4:86:D3:02:3D:28:72:51
ValiditySat, 05 Aug 2023 15:55:05 GMT - Fri, 03 Nov 2023 15:55:04 GMT
File type ASCII text, with very long lines (14103), with no line terminators
Hash b5cb858649c01972110e0b795eadc029
801ebe384ca7360f0daf2ca5496c4bc496fdf041
70c3334f888871760f8a23114bf1cb886fe93f0aaeac8af667a0752b0271a282
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /css/app.1c049ee3.css HTTP/1.1
Host: k9pplm.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://k9pplm.cc/invite/i=5702https:/bskeaf.de/invite/i=6405https:/kobae.de/invite/i=49873https:/nwokolo3.cc/invite/i=59609
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 20 Aug 2023 18:31:56 GMT
content-type: text/css; charset=utf-8
last-modified: Fri, 18 Aug 2023 20:56:38 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5977
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xyqtaHDH7YT8kQcpLeEIhaPyZO1lVw0HE7NTTsjsKKFUDhc%2FF5nvFQlYUplBaxCP5PWCKJKmKB2x2OJnC%2FcUaUh6hD8aFMU3pTv97M0cnCTX%2BECMQyx6B1K%2BcQ8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f9cb7525ce1b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
9rev2w1.cc/socket.io/?EIO=3&transport=websocket
101 Switching Protocols 0 B URL GET HTTP/1.1 9rev2w1.cc/socket.io/?EIO=3&transport=websocket
IP
Requested by https://k9pplm.cc/invite/i=5702https:/bskeaf.de/invite/i=6405https:/kobae.de/invite/i=49873https:/nwokolo3.cc/invite/i=59609
Certificate IssuerLet's Encrypt
Subject9rev2w1.cc
FingerprintF7:33:C1:74:3E:0F:C3:D1:0C:22:2E:02:AA:5F:4C:2E:09:09:AF:EB
ValidityWed, 16 Aug 2023 10:01:33 GMT - Tue, 14 Nov 2023 10:01:32 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?EIO=3&transport=websocket HTTP/1.1
Host: 9rev2w1.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://k9pplm.cc
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 55u/xqWNpGs5bu3qwRek1g==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Sun, 20 Aug 2023 18:31:58 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: eRLD9xGpzneDw+RwLxbT6q4Nkjg=
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lee8Hzayi5DRmtLWSh85gXqMBXmSrdgGoz99hDPSSNaQ4DKNXv23%2BdIRd%2BRx1rMgR9rtiWpaAdy18QkTvwnDMTL4fIRwo3P3wELq5xvBGKhP%2F%2BYeW9W3%2B5v74vCW"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7f9cb75c9d40b51b-OSL
alt-svc: h3=":443"; ma=86400
cdn.discordapp.com/attachments/1142026965566623826/1142027002094813244/555.mp4
206 Partial Content 558 kB URL GET HTTP/3 cdn.discordapp.com/attachments/1142026965566623826/1142027002094813244/555.mp4
IP
Requested by https://k9pplm.cc/invite/i=5702https:/bskeaf.de/invite/i=6405https:/kobae.de/invite/i=49873https:/nwokolo3.cc/invite/i=59609
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint6E:02:1B:20:66:69:87:FB:2C:CB:B1:55:96:C9:78:3A:9C:81:1D:F4
ValiditySat, 19 Nov 2022 00:00:00 GMT - Sun, 19 Nov 2023 23:59:59 GMT
Size 558 kB (558511 bytes)
Hash a46433389988eca7396002d7608e6cf6
86139d0b815799467a5eb76e85471fe6cdb9ea27
178525b50a8f7165a2470d090c246e8517a244cd994d0683e6d4cdfd5bc4b8a0
GET /attachments/1142026965566623826/1142027002094813244/555.mp4 HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=786432-
DNT: 1
Connection: keep-alive
Referer: https://k9pplm.cc/
Cookie: __cf_bm=8x5wSMqlCGqTCLf9pAGyDqQy14c25prn3lLYY73S9fk-1692556318-0-AfLslY9GnSYYErlmT6wi5IO9pxcrK3IZ+7xPFJsmf8suweODsOCJRduvhkdeQ2EOY6H1eDzDyFJvOS2yun0c4hM=
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 206 Partial Content
date: Sun, 20 Aug 2023 18:31:58 GMT
content-type: video/mp4
content-length: 4123380
content-range: bytes 786432-4909811/4909812
cf-ray: 7f9cb75f2b87b517-OSL
cf-cache-status: HIT
age: 153840
cache-control: public, max-age=31536000
content-disposition: attachment; filename=555.mp4
etag: "074f497fa07807c89a643962875b1326"
expires: Mon, 19 Aug 2024 18:31:58 GMT
last-modified: Fri, 18 Aug 2023 09:27:35 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-goog-generation: 1692350855245406
x-goog-hash: crc32c=vzsn/A==, md5=B09Jf6B4B8iaZDlih1sTJg==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 4909812
x-guploader-uploadid: ADPycduZvZHz-R4zLUmpCrIvZ6JrTjeOSC6FE3g_v2wi9q2H3JrsNdJo7mdbGbgzA5xQVmSCRGw2bc2_v5hM0Qg1RepAXcfajNP_
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sg0SIVEp3v2952J2y61o%2F40R%2Btf1jU%2F6YiNb0aXi1%2BT70%2BJPQ3a8vyy%2BMDXFcx1pIUn91AOeBxffG2FpI4R%2B5XgeiEj3KM0acpLUE9PCAXlWd%2Fe7qfvbVccIgoLTES%2Bc1zgR9A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
104.21.91.162
172.67.217.118
154.85.69.2