hncwwl.com/static/pic/logo.jpg
104.21.9.81200 OK 10 kB URL GET HTTP/3 hncwwl.com/static/pic/logo.jpg
IP 104.21.9.81:443
Certificate IssuerLet's Encrypt
Subjecthncwwl.com
Fingerprint36:E8:E2:3C:0F:3F:FF:D1:85:D1:A4:EC:EE:96:38:CF:D8:6B:DE:60
ValidityThu, 21 Mar 2024 06:27:29 GMT - Wed, 19 Jun 2024 06:27:28 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 280x100, components 3
Hash 3ab2a6878ac86777d5f3a365304099d4
0d420dac5f08a34a1c5500007fee3cf8f1ba74e6
67fcbb401595b090cd820e2485823c01af5315c4ec768a9d05f5703e7df8885e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/pic/logo.jpg HTTP/1.1
Host: hncwwl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hncwwl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 11:06:58 GMT
content-type: image/jpeg
content-length: 9979
last-modified: Tue, 07 Nov 2023 03:28:06 GMT
etag: "6549aec6-26fb"
expires: Sat, 18 May 2024 11:06:57 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1pqgptzhCcABSKuBXDXYY9kPrxPKgwuTgD0H4ob2RYADqhHmJdejzgLycGRD9YuwWKvH0nDLksD0ToHiXGM3HIYk1pHitdMmXzrSAJ40ltpGecRyk1O1mnGuZO5g"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764303d6a9bb51d-OSL
alt-svc: h3=":443"; ma=86400
hncwwl.com/static/pic/90bb.jpg
104.21.9.81200 OK 8.5 kB URL GET HTTP/3 hncwwl.com/static/pic/90bb.jpg
IP 104.21.9.81:443
Certificate IssuerLet's Encrypt
Subjecthncwwl.com
Fingerprint36:E8:E2:3C:0F:3F:FF:D1:85:D1:A4:EC:EE:96:38:CF:D8:6B:DE:60
ValidityThu, 21 Mar 2024 06:27:29 GMT - Wed, 19 Jun 2024 06:27:28 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 120x120, components 3
Hash 5a29fb4b556eac0608585bb760673e35
50105cd1ad7525321d6e7e1d413d13acc7dbcf9f
d18e8044540650040caaee4ee9ee51fe98a35d850a76e90be5eced23153f1090
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/pic/90bb.jpg HTTP/1.1
Host: hncwwl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hncwwl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 11:06:58 GMT
content-type: image/jpeg
content-length: 8540
last-modified: Thu, 23 Nov 2023 05:59:39 GMT
etag: "655eea4b-215c"
expires: Sat, 18 May 2024 11:06:57 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KJ2kOICbufCveCSdEcpuUhrRCPr7q%2FHEwBZ1Yk6EXCOqacFOClMhAo5fE6sQatqAkZPfwfjPwray63vuOIYpYbPyCTDCQVfR%2F7yngwaDZW6rJHyvoZz%2FPFbYOPQe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764303d6aafb51d-OSL
alt-svc: h3=":443"; ma=86400
hncwwl.com/static/pic/5223.jpg
104.21.9.81200 OK 8.3 kB URL GET HTTP/3 hncwwl.com/static/pic/5223.jpg
IP 104.21.9.81:443
Certificate IssuerLet's Encrypt
Subjecthncwwl.com
Fingerprint36:E8:E2:3C:0F:3F:FF:D1:85:D1:A4:EC:EE:96:38:CF:D8:6B:DE:60
ValidityThu, 21 Mar 2024 06:27:29 GMT - Wed, 19 Jun 2024 06:27:28 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 120x120, components 3
Hash 922acab4bbda25e310a1e0c667a88322
aa1379307778c5c4506bf3f3163b5b81680214b3
0dad93c60c7eac0e726eec0995dd57fb415572da3c966c1e2b923f9b6b9e9156
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/pic/5223.jpg HTTP/1.1
Host: hncwwl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hncwwl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 11:06:58 GMT
content-type: image/jpeg
content-length: 8275
last-modified: Tue, 07 Nov 2023 06:11:55 GMT
etag: "6549d52b-2053"
expires: Sat, 18 May 2024 11:06:57 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RwDXnSc76WjhZAgOF3O1RMM0JLJokehCX%2BWYUcqehp4eUPinLxyn4nkaxOH%2BEASOfC42zfgUOr0mlgT7S5zkM6FLbzDGF9bKY0S7pW%2BSsDaIix%2BWeeMedfHwKXEq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764303d6ab2b51d-OSL
alt-svc: h3=":443"; ma=86400
hncwwl.com/static/pic/eb33.jpg
104.21.9.81200 OK 6.1 kB URL GET HTTP/3 hncwwl.com/static/pic/eb33.jpg
IP 104.21.9.81:443
Certificate IssuerLet's Encrypt
Subjecthncwwl.com
Fingerprint36:E8:E2:3C:0F:3F:FF:D1:85:D1:A4:EC:EE:96:38:CF:D8:6B:DE:60
ValidityThu, 21 Mar 2024 06:27:29 GMT - Wed, 19 Jun 2024 06:27:28 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 120x120, components 3
Hash 1b565de4cba132a47c028ce149c5e89f
a870946ec2835ab6ddb3bcef02eb6779c12593f6
3c45f362fb8d2cc371d4422601abe3de06a2c313fe6b1ab6d0d985d2b04a4154
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/pic/eb33.jpg HTTP/1.1
Host: hncwwl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hncwwl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 11:06:58 GMT
content-type: image/jpeg
content-length: 6147
last-modified: Tue, 07 Nov 2023 03:28:12 GMT
etag: "6549aecc-1803"
expires: Sat, 18 May 2024 11:06:57 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lmCeYo9sCaFhNlREW20WH0G22DumWXopzmIN%2BujgRA571lCBGungZDvsyfl6hQr8EJmfm%2FEoFsSFNc5LlCsJQabnk1CdHIeTD%2Fje854uuJTXoUlcgVrHURWbuKhC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764303d6aa9b51d-OSL
alt-svc: h3=":443"; ma=86400
hncwwl.com/static/pic/fe4c.jpg
104.21.9.81200 OK 17 kB URL GET HTTP/3 hncwwl.com/static/pic/fe4c.jpg
IP 104.21.9.81:443
Certificate IssuerLet's Encrypt
Subjecthncwwl.com
Fingerprint36:E8:E2:3C:0F:3F:FF:D1:85:D1:A4:EC:EE:96:38:CF:D8:6B:DE:60
ValidityThu, 21 Mar 2024 06:27:29 GMT - Wed, 19 Jun 2024 06:27:28 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 435x315, components 3
Hash b86078454b064838a78cf20ff2faae0c
276acea97ce81c938ea7ba26fa9a08854ce08336
63d35138cbf7b3b25838cb29400eb74b96c6672bc8b062b60596ae138b6863d5
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/pic/fe4c.jpg HTTP/1.1
Host: hncwwl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hncwwl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 11:06:58 GMT
content-type: image/jpeg
content-length: 17297
last-modified: Fri, 20 Oct 2023 02:59:58 GMT
etag: "6531ed2e-4391"
expires: Sat, 18 May 2024 11:06:57 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aERrVpgm4ZeFRDdLkAmKwKPY2lYDltFE6qTC9zlxVddqU%2Bwqj5xaTPVymUN%2BOCrsx4yQQ6pEfkcUuhda0HOyP%2FWGCnWUBwSqTvKhp5ZVjGzq3iGmQywS2DTQyVKl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764303d6a9fb51d-OSL
alt-svc: h3=":443"; ma=86400
hncwwl.com/static/pic/52dd.jpg
104.21.9.81200 OK 27 kB URL GET HTTP/3 hncwwl.com/static/pic/52dd.jpg
IP 104.21.9.81:443
Certificate IssuerLet's Encrypt
Subjecthncwwl.com
Fingerprint36:E8:E2:3C:0F:3F:FF:D1:85:D1:A4:EC:EE:96:38:CF:D8:6B:DE:60
ValidityThu, 21 Mar 2024 06:27:29 GMT - Wed, 19 Jun 2024 06:27:28 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, software=Adobe ImageReady], baseline, precision 8, 500x360, components 3
Hash ba1421b2b7661587a16dffe0d73a7bd9
8646426600872c2249df10c125b9a1b80f8a3f6c
a1c860484efa374cf8ed8438814e0245961a72a7c9b5bfd1437513a0b98caef2
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/pic/52dd.jpg HTTP/1.1
Host: hncwwl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hncwwl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 11:06:58 GMT
content-type: image/jpeg
content-length: 26934
last-modified: Fri, 20 Oct 2023 02:59:58 GMT
etag: "6531ed2e-6936"
expires: Sat, 18 May 2024 11:06:57 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xb6ynuCCrGsvMFxqeg0BROnYKF7xhDydyLIjUlrj2qXrpkGs5VvydcU3vPskaYGjzTUjYqR9Jo7AieO00WqUmnCEOTlgsY8gSXdYWEcHGVRtuCDDqOdsy8c4f1LM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764303d6ab7b51d-OSL
alt-svc: h3=":443"; ma=86400
www.sniii.org/ajax2.js
45.60.197.77200 OK 195 B IP 45.60.197.77:443
Certificate IssuerSectigo Limited
Subjectfdfd.sswfb.com
Fingerprint76:51:E1:E2:A3:AD:30:09:62:16:0E:6E:17:52:0D:3A:BF:0F:D8:AA
ValiditySat, 24 Jun 2023 00:00:00 GMT - Sun, 23 Jun 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with no line terminators
Hash 9ae2a89d53afa105030e2ecbe0c022bf
027486400e254009c92cdba3e8fee8ea625c4597
e7c387b55a085ab9361e3864283cfa7d43e166286d54ce594e4ee8eb7494e479
GET /ajax2.js HTTP/1.1
Host: www.sniii.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hncwwl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
etag: "655dffee-fc"
last-modified: Wed, 22 Nov 2023 13:19:42 GMT
content-type: application/javascript
content-length: 195
content-encoding: gzip
cache-control: max-age=18080, public
expires: Thu, 18 Apr 2024 16:08:18 GMT
date: Thu, 18 Apr 2024 11:06:58 GMT
x-incap-sess-cookie-hdr: bbbhZuRP+BJ5e9bhL8dgZNL+IGYAAAAAxRoEIy1kPVaHfRqnMEvhZQ==
set-cookie: visid_incap_2944795=R0caob3ZSxy+zzS7XUMhttL+IGYAAAAAQUIPAAAAAACKFIR83OLLl1bE7gJr3xYj; expires=Fri, 18 Apr 2025 05:17:27 GMT; HttpOnly; path=/; Domain=.sniii.org; Secure; SameSite=None
incap_ses_7233_2944795=aPwEfUJcahB5e9bhL8dgZNL+IGYAAAAAbjGuRFaZULVL/7LiNzfOjw==; path=/; Domain=.sniii.org; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-iinfo: 1005-5623112-5617350 3CNN RT(1713438418410 217) q(0 0 0 0) r(3 3) U18
X-Firefox-Spdy: h2
hncwwl.com/static/pic/26bc.jpg
104.21.9.81404 Not Found 13 kB URL GET HTTP/3 hncwwl.com/static/pic/26bc.jpg
IP 104.21.9.81:443
Certificate IssuerLet's Encrypt
Subjecthncwwl.com
Fingerprint36:E8:E2:3C:0F:3F:FF:D1:85:D1:A4:EC:EE:96:38:CF:D8:6B:DE:60
ValidityThu, 21 Mar 2024 06:27:29 GMT - Wed, 19 Jun 2024 06:27:28 GMT
File type HTML document, Unicode text, UTF-8 text
Hash 57dd7bfa6c07bfe5eeada45d4bdd78ec
395c6ad5c3ae0e8ea47281f5007c369551b32ad7
c870990950ca5802e260be6786d1e6a148b1acdfeed4fa9bb6acce744488c0b5
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/pic/26bc.jpg HTTP/1.1
Host: hncwwl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hncwwl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Thu, 18 Apr 2024 11:06:59 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3qMulJD%2FGps898IKddnJXGokrIYIecAZ06t%2FoqLKaca4Bupn%2Bo8L7WX8rPp5LCPOiRsmJlAJCv%2FXYOCduhTH9uSMYrPwwdlyXAabGfQ5URAshYBicNg6pE06KjVZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87643049fa1cb51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
hncwwl.com/static/css/swiper.min.css
104.21.9.81200 OK 23 kB URL GET HTTP/3 hncwwl.com/static/css/swiper.min.css
IP 104.21.9.81:443
Certificate IssuerLet's Encrypt
Subjecthncwwl.com
Fingerprint36:E8:E2:3C:0F:3F:FF:D1:85:D1:A4:EC:EE:96:38:CF:D8:6B:DE:60
ValidityThu, 21 Mar 2024 06:27:29 GMT - Wed, 19 Jun 2024 06:27:28 GMT
File type ASCII text, with very long lines (1467), with CRLF line terminators
Hash 0df27b9a317c772145cb5a0814719137
edb5e936c7fe0da460315392e28f8f6fe36f155b
6061fc6fb89ced9891b1cd6b793aa725116c71ec412c5f50e741a289a2981309
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/css/swiper.min.css HTTP/1.1
Host: hncwwl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hncwwl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 11:06:58 GMT
content-type: text/css
last-modified: Tue, 28 Mar 2023 09:05:34 GMT
vary: Accept-Encoding
etag: W/"6422adde-554b"
expires: Thu, 18 Apr 2024 23:06:57 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R7tjZJA6JsD5YYDQaj4nWBGsoTXIlkW84F%2FQpKkZdjMjWyhuJG03g2g8HXNmH5eYBQwUt7piKpLineoUab6Qfx9%2BlVomSOTuJxns2imRde3pk1uyg%2B%2BNQbN7o6fH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8764303d5a7fb51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
hncwwl.com/static/image/901_top9.png
104.21.9.81200 OK 1.3 kB URL GET HTTP/3 hncwwl.com/static/image/901_top9.png
IP 104.21.9.81:443
Certificate IssuerLet's Encrypt
Subjecthncwwl.com
Fingerprint36:E8:E2:3C:0F:3F:FF:D1:85:D1:A4:EC:EE:96:38:CF:D8:6B:DE:60
ValidityThu, 21 Mar 2024 06:27:29 GMT - Wed, 19 Jun 2024 06:27:28 GMT
File type PNG image data, 39 x 38, 8-bit/color RGBA, non-interlaced
Hash 9b735bbb3f879f48ff05ac88c9e4221a
eb4ae28901d29ba5310bdaf042b7a7281aceff57
52eea8c82ef74a126d0388778391f94062097eb055074765d0f58bd91fd2614c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/image/901_top9.png HTTP/1.1
Host: hncwwl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hncwwl.com/static/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 11:07:00 GMT
content-type: image/png
content-length: 1330
last-modified: Tue, 28 Mar 2023 09:05:36 GMT
etag: "6422ade0-532"
expires: Sat, 18 May 2024 11:06:59 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xJjsjCs0bkSwXBZnQ9Lr6UWKM4CqbFby0TFxqzTaiQY694qrF4VUR%2B9lb2Y2%2F3mYlc8eIlFnnhU6ppohaIwTLt%2ByUbOk4N7X77PzPSjPFFkUIcNHHGM6F7ryv14s"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764304a0a72b51d-OSL
alt-svc: h3=":443"; ma=86400
hncwwl.com/static/pic/7a33.jpg
104.21.9.81200 OK 18 kB URL GET HTTP/3 hncwwl.com/static/pic/7a33.jpg
IP 104.21.9.81:443
Certificate IssuerLet's Encrypt
Subjecthncwwl.com
Fingerprint36:E8:E2:3C:0F:3F:FF:D1:85:D1:A4:EC:EE:96:38:CF:D8:6B:DE:60
ValidityThu, 21 Mar 2024 06:27:29 GMT - Wed, 19 Jun 2024 06:27:28 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=美图秀秀], baseline, precision 8, 400x260, components 3
Hash 320bc481c4f757da9d25f197be35c2cf
8bd1a35c9a847974c1c293ea04afdc3b7f4bbbcf
3aa8205c8ad0e8cfd8693ab409a712a64bc2452986fc3611d0ab1548bf7f7f15
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/pic/7a33.jpg HTTP/1.1
Host: hncwwl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hncwwl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 11:07:00 GMT
content-type: image/jpeg
content-length: 17521
last-modified: Fri, 20 Oct 2023 02:59:57 GMT
etag: "6531ed2d-4471"
expires: Sat, 18 May 2024 11:06:59 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tF%2Ft5V0L1HqunBRzwzJoyfS7LJSB3L%2BKtoeYxlPWZg4K0FyyZ1qGHT%2FBjtyaZhR0%2FCdPHHQz0ZmjFkuJu3klElxAZ31YBIlq6eDcEaTlXlPJGe4fEg8A83hBbc2r"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764304a1a80b51d-OSL
alt-svc: h3=":443"; ma=86400
hm.baidu.com/hm.js?3932781d57bdd2973f966ead68e92cad
183.240.98.228200 OK 11 kB URL GET HTTP/1.1 hm.baidu.com/hm.js?3932781d57bdd2973f966ead68e92cad
IP 183.240.98.228:443
ASN #56040 China Mobile communications corporation
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type JavaScript source, ASCII text, with very long lines (621)
Hash bd94e50d652400893f4260d05e4be79a
a76f59addda6ccf5a43a61a17044ceaf5c433dba
45832fca4062fa5b117804b8723741a3eb41600adcd5d243ca44054193a1fc1c
GET /hm.js?3932781d57bdd2973f966ead68e92cad HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hncwwl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11259
Content-Type: application/javascript
Date: Thu, 18 Apr 2024 11:07:00 GMT
Etag: a1a40625f97a13a9795196dbb2aa450f
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=499B18C0F17F813D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1327015135&si=3932781d57bdd2973f966ead68e92cad&v=1.3.0&lv=1&sn=25846&r=0&ww=1280&u=https%3A%2F%2Fhncwwl.com%2F&tt=TP%E9%92%B1%E5%8C%85%E5%AE%98%E7%BD%91%E4%B8%8B%E8%BD%BDapp%E6%9C%80%E6%96%B0%E7%89%88%E6%9C%AC_TokenPocket-%E4%BD%A0%E7%9A%84%E9%80%9A%E7%94%A8%E6%95%B0%E5%AD%97%E9%92%B1%E5%8C%85
183.240.98.228200 OK 43 B URL GET HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1327015135&si=3932781d57bdd2973f966ead68e92cad&v=1.3.0&lv=1&sn=25846&r=0&ww=1280&u=https%3A%2F%2Fhncwwl.com%2F&tt=TP%E9%92%B1%E5%8C%85%E5%AE%98%E7%BD%91%E4%B8%8B%E8%BD%BDapp%E6%9C%80%E6%96%B0%E7%89%88%E6%9C%AC_TokenPocket-%E4%BD%A0%E7%9A%84%E9%80%9A%E7%94%A8%E6%95%B0%E5%AD%97%E9%92%B1%E5%8C%85
IP 183.240.98.228:443
ASN #56040 China Mobile communications corporation
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1327015135&si=3932781d57bdd2973f966ead68e92cad&v=1.3.0&lv=1&sn=25846&r=0&ww=1280&u=https%3A%2F%2Fhncwwl.com%2F&tt=TP%E9%92%B1%E5%8C%85%E5%AE%98%E7%BD%91%E4%B8%8B%E8%BD%BDapp%E6%9C%80%E6%96%B0%E7%89%88%E6%9C%AC_TokenPocket-%E4%BD%A0%E7%9A%84%E9%80%9A%E7%94%A8%E6%95%B0%E5%AD%97%E9%92%B1%E5%8C%85 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hncwwl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 18 Apr 2024 11:07:00 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=5FFF41D0E4759A2F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
104.21.9.81200 OK 15 kB URL User Request GET HTTP/2 IP 104.21.9.81:443
Certificate IssuerLet's Encrypt
Subjecthncwwl.com
Fingerprint36:E8:E2:3C:0F:3F:FF:D1:85:D1:A4:EC:EE:96:38:CF:D8:6B:DE:60
ValidityThu, 21 Mar 2024 06:27:29 GMT - Wed, 19 Jun 2024 06:27:28 GMT
File type HTML document, Unicode text, UTF-8 text, with very long lines (2982), with CRLF, LF line terminators
Hash e583dbabf1491f5856a6cacf0a962317
e6f8864b472eafe974ef62ceac4b04685bf1fd71
6b3bac1678fae9d05029c9ca2f7a463337a07a3eb91326cefc8df0670e977a16
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET / HTTP/1.1
Host: hncwwl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:06:57 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GQWl6v5Gq5VVGaTBtwHpnseI8wPB9PJwbmdEeCDQA1bojFFAnhpyIhvPnmzmv%2Bl%2Bq0BEiwGbehUsCnmaHGbFOaiAMAqFfO8ww5a3djzGiMnGP0dAx%2BY7cLBNigV9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87643037e81856a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
hncwwl.com/static/pic/adff.jpg
104.21.9.81404 Not Found 5.8 kB URL GET HTTP/3 hncwwl.com/static/pic/adff.jpg
IP 104.21.9.81:443
Certificate IssuerLet's Encrypt
Subjecthncwwl.com
Fingerprint36:E8:E2:3C:0F:3F:FF:D1:85:D1:A4:EC:EE:96:38:CF:D8:6B:DE:60
ValidityThu, 21 Mar 2024 06:27:29 GMT - Wed, 19 Jun 2024 06:27:28 GMT
File type HTML document, Unicode text, UTF-8 text
Hash 57dd7bfa6c07bfe5eeada45d4bdd78ec
395c6ad5c3ae0e8ea47281f5007c369551b32ad7
c870990950ca5802e260be6786d1e6a148b1acdfeed4fa9bb6acce744488c0b5
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/pic/adff.jpg HTTP/1.1
Host: hncwwl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hncwwl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Thu, 18 Apr 2024 11:06:59 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NdX1M2T84P6j%2B2fWegFmfLUrRk08wJWliVcNUiMVuplZHVIW02ZomPSQRvdQ9qQQMgUrOoMwk7AiDjkbC5X7QLfmzPFgrZ7qxycqeWipkkpGO542s7orXRjhG%2Ff6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87643049ea08b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
hncwwl.com/ajax2.js
104.21.9.81200 OK 4.1 kB IP 104.21.9.81:443
Certificate IssuerLet's Encrypt
Subjecthncwwl.com
Fingerprint36:E8:E2:3C:0F:3F:FF:D1:85:D1:A4:EC:EE:96:38:CF:D8:6B:DE:60
ValidityThu, 21 Mar 2024 06:27:29 GMT - Wed, 19 Jun 2024 06:27:28 GMT
File type HTML document, ASCII text, with no line terminators
Hash a1c4528a99d25f19eb05902f7b412699
cdbc1a1195be4ac354b7bf79bc2b232f68ae2a99
cf626ce10ee69bf2269d20afb195879edc7412bdd9e7964dc643e58dc4681f6a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ajax2.js HTTP/1.1
Host: hncwwl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hncwwl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 11:06:58 GMT
content-type: application/javascript
last-modified: Sun, 26 Nov 2023 10:38:41 GMT
etag: W/"65632031-4d"
expires: Thu, 18 Apr 2024 23:06:58 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UxkWhnOUrwLrmQw7M4vP81qahokASR3GyoVd8tQhR4b7ZzMKYHZO62MV3nyhoa5asjOju8t2SmToO4Jc%2FAjY2%2BkV0HRA%2F79spO5ieN6A6%2BeqZIU5lOCDd%2Bl2noOp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87643042ed0bb51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
hncwwl.com/static/static/pic/902_ys_bg.jpg
104.21.9.81404 Not Found 479 B URL GET HTTP/3 hncwwl.com/static/static/pic/902_ys_bg.jpg
IP 104.21.9.81:443
Certificate IssuerLet's Encrypt
Subjecthncwwl.com
Fingerprint36:E8:E2:3C:0F:3F:FF:D1:85:D1:A4:EC:EE:96:38:CF:D8:6B:DE:60
ValidityThu, 21 Mar 2024 06:27:29 GMT - Wed, 19 Jun 2024 06:27:28 GMT
File type HTML document, Unicode text, UTF-8 text, with very long lines (513), with no line terminators
Hash c2f8ebcbc864008b77633204e44ea281
b5673c3fdb80d9eebb7def4bc611fbedd860efe8
d14177aeb3ec96cadd31d60d65a9d00c84fe488efbca3368244391c88db75e90
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/static/pic/902_ys_bg.jpg HTTP/1.1
Host: hncwwl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hncwwl.com/static/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Thu, 18 Apr 2024 11:06:59 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wk3Ne6q4NkfDkPiIMBQ%2FOlao40NzxYHbCAyswOsOSiwuxVybMw7gbs0KYoLTGomQnVULMNjdV8GzzZIndAx8stdpNZXkHF3kLGAlUF1qGmBwU8gm8lX4Y%2BZKjOan"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764304a1a7db51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
hncwwl.com/static/js/jquery.min.js
104.21.9.81200 OK 86 kB URL GET HTTP/3 hncwwl.com/static/js/jquery.min.js
IP 104.21.9.81:443
Certificate IssuerLet's Encrypt
Subjecthncwwl.com
Fingerprint36:E8:E2:3C:0F:3F:FF:D1:85:D1:A4:EC:EE:96:38:CF:D8:6B:DE:60
ValidityThu, 21 Mar 2024 06:27:29 GMT - Wed, 19 Jun 2024 06:27:28 GMT
File type JavaScript source, ASCII text, with very long lines (32065)
Hash 2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/jquery.min.js HTTP/1.1
Host: hncwwl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hncwwl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 11:06:58 GMT
content-type: application/javascript
last-modified: Tue, 28 Mar 2023 09:05:38 GMT
vary: Accept-Encoding
etag: W/"6422ade2-14e4a"
expires: Thu, 18 Apr 2024 23:06:57 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n8n661iQdkNYh7BX1NlyfmOmwMVNL6h7tgIyfqNG2KWic14JeElWN6r3%2BFsGYLjgo1d%2FY9%2FGI5DoYeP2dSrbIkQF5cKuNlrg8Scmi67D5HejoT6QyxrIFnfTBVcC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8764303d5a85b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
hncwwl.com/static/css/style.css
104.21.9.81200 OK 66 kB URL GET HTTP/3 hncwwl.com/static/css/style.css
IP 104.21.9.81:443
Certificate IssuerLet's Encrypt
Subjecthncwwl.com
Fingerprint36:E8:E2:3C:0F:3F:FF:D1:85:D1:A4:EC:EE:96:38:CF:D8:6B:DE:60
ValidityThu, 21 Mar 2024 06:27:29 GMT - Wed, 19 Jun 2024 06:27:28 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/css/style.css HTTP/1.1
Host: hncwwl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hncwwl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 11:06:58 GMT
content-type: text/css
last-modified: Sat, 16 Dec 2023 07:16:46 GMT
vary: Accept-Encoding
etag: W/"657d4ede-1015e"
expires: Thu, 18 Apr 2024 23:06:57 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CvZb%2BWkbhHGrO3ObDX29sxRmdLHz9DnU%2BsygHJC1Nn8cIPp8jbfy7DfNz3h05DAEsSiAQMkbwYbKKW%2Fd5k7CPK1er97UO5DIFRxD1k66PmueVB4rshpPJYeG3%2B3e"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8764303d5a81b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
hncwwl.com/ajax1.js
104.21.9.81200 OK 56 B IP 104.21.9.81:443
Certificate IssuerLet's Encrypt
Subjecthncwwl.com
Fingerprint36:E8:E2:3C:0F:3F:FF:D1:85:D1:A4:EC:EE:96:38:CF:D8:6B:DE:60
ValidityThu, 21 Mar 2024 06:27:29 GMT - Wed, 19 Jun 2024 06:27:28 GMT
File type HTML document, ASCII text, with no line terminators
Hash ff0036e131fbc55d5d199b6308682d3e
56007c015beaa1d474145dc2a021413cda63cba0
9fc001f530e29d7b811264a04f96a41e2a5945ac4992404515f9e354f136a562
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ajax1.js HTTP/1.1
Host: hncwwl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hncwwl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 11:06:58 GMT
content-type: application/javascript
last-modified: Sun, 26 Nov 2023 10:38:39 GMT
etag: W/"6563202f-38"
expires: Thu, 18 Apr 2024 23:06:57 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=922t6h5Blv1vRULPCv7RtvTEQYxAmXBsDY0%2FxLl7tZD91Fyh%2B356bhHKxcTCxpKHXTuzLSNBM7Xb39R9OgmAENscET%2BJnEntuV%2BBktaRMpWYCE7huUyBtbhUKcTb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764303d5a9ab51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
hncwwl.com/static/js/swiper.min.js
104.21.9.81200 OK 128 kB URL GET HTTP/3 hncwwl.com/static/js/swiper.min.js
IP 104.21.9.81:443
Certificate IssuerLet's Encrypt
Subjecthncwwl.com
Fingerprint36:E8:E2:3C:0F:3F:FF:D1:85:D1:A4:EC:EE:96:38:CF:D8:6B:DE:60
ValidityThu, 21 Mar 2024 06:27:29 GMT - Wed, 19 Jun 2024 06:27:28 GMT
File type JavaScript source, ASCII text, with very long lines (65270)
Size 128 kB (127934 bytes)
Hash 53fc0155c6c3cb55f34b749325ebb370
a0738b4767a38b90e17792041d648ed621dab2ae
b9c90c601bc81ad71ed8be557ff9b095de5aae947926e84011e2728cf65250a6
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/swiper.min.js HTTP/1.1
Host: hncwwl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hncwwl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 11:06:58 GMT
content-type: application/javascript
last-modified: Tue, 28 Mar 2023 09:05:38 GMT
vary: Accept-Encoding
etag: W/"6422ade2-1f3be"
expires: Thu, 18 Apr 2024 23:06:57 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R0zo%2FaD7BhufEjDHi73bQeTTrEC60n5WwyouAUjiumqEalfK3WWxdt0DPqU%2BoRAUQKX5Mc3uBvtorv4jzwwVrRN9yNo5mTBo6xTUKdXw3aGHVi6ZBjrGRLBmButh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8764303d5a93b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
hncwwl.com/static/pic/af6b.jpg
104.21.9.81200 OK 13 kB URL GET HTTP/3 hncwwl.com/static/pic/af6b.jpg
IP 104.21.9.81:443
Certificate IssuerLet's Encrypt
Subjecthncwwl.com
Fingerprint36:E8:E2:3C:0F:3F:FF:D1:85:D1:A4:EC:EE:96:38:CF:D8:6B:DE:60
ValidityThu, 21 Mar 2024 06:27:29 GMT - Wed, 19 Jun 2024 06:27:28 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=美图秀秀], baseline, precision 8, 400x260, components 3
Hash c5a5a6d26278054f3e7d9a3dc44cb556
594a86521083dc436627a1d9482720d1fae5893d
cc246bd8e7effd79eb4b766d231ba968e0e42068963512f87ffbc44107bd6d66
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/pic/af6b.jpg HTTP/1.1
Host: hncwwl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hncwwl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 11:07:00 GMT
content-type: image/jpeg
content-length: 13152
last-modified: Fri, 20 Oct 2023 02:59:58 GMT
etag: "6531ed2e-3360"
expires: Sat, 18 May 2024 11:06:59 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9LiQsL5RMlSQiG9rn2sf4J%2Fp62rVUnbtdSsyqZc2wRtHP2EyLi3%2F7Vdg4q0R15ASoBrXkTvcUSZyIUAfG%2FsguAt2xOsY7ziZZaQ4dLgrfkh807rfsy0bFR4Sv5OI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764304a1a8ab51d-OSL
alt-svc: h3=":443"; ma=86400
hncwwl.com/static/css/animate.min.css
104.21.9.81200 OK 67 kB URL GET HTTP/3 hncwwl.com/static/css/animate.min.css
IP 104.21.9.81:443
Certificate IssuerLet's Encrypt
Subjecthncwwl.com
Fingerprint36:E8:E2:3C:0F:3F:FF:D1:85:D1:A4:EC:EE:96:38:CF:D8:6B:DE:60
ValidityThu, 21 Mar 2024 06:27:29 GMT - Wed, 19 Jun 2024 06:27:28 GMT
File type ASCII text, with CRLF line terminators
Hash 4d5ffe9fc2f8bdf29a5dff560b349cea
323413d8a63a930c175ed7e0423875e5999467ee
12e834512fd4042a4922467eda8ae4261afe5b08d3d5597ae530240e8ed0c672
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/css/animate.min.css HTTP/1.1
Host: hncwwl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hncwwl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 11:06:58 GMT
content-type: text/css
last-modified: Tue, 28 Mar 2023 09:05:34 GMT
vary: Accept-Encoding
etag: W/"6422adde-106c0"
expires: Thu, 18 Apr 2024 23:06:57 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VewNwfXL07LYfZzXSSG5Jhb7b0HR7qnRil8zVvz9iJpFFdeoaEHGex8hdyKY6cPshmx58gM%2FKJHX0%2FjEQExQ0w4mHdmCJnAEOhx%2BOD2fMsh9vaA%2BRmGZ9D1ArblA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8764303d5a7cb51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
hncwwl.com/static/js/index.js
104.21.9.81200 OK 2.8 kB URL GET HTTP/3 hncwwl.com/static/js/index.js
IP 104.21.9.81:443
Certificate IssuerLet's Encrypt
Subjecthncwwl.com
Fingerprint36:E8:E2:3C:0F:3F:FF:D1:85:D1:A4:EC:EE:96:38:CF:D8:6B:DE:60
ValidityThu, 21 Mar 2024 06:27:29 GMT - Wed, 19 Jun 2024 06:27:28 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (3022), with no line terminators
Hash f0c5d75eff75f52eb5d71ed165f80789
bdef303e46eb97ef042ad3f866ff74209a78e4d0
3f714958bb383845df2f7c5a2723ea7064bb06882ec9108de54adeb2a945e6d5
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/index.js HTTP/1.1
Host: hncwwl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hncwwl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 11:06:58 GMT
content-type: application/javascript
last-modified: Tue, 28 Mar 2023 09:05:38 GMT
vary: Accept-Encoding
etag: W/"6422ade2-b1e"
expires: Thu, 18 Apr 2024 23:06:57 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kHtz2PL9BSPFfqz1ysDrMOXn%2BrCUTipAEsU5CE0IY815eV%2Fd%2FhIdxCtaE5zBksnPpexYXnWiviDWYfReYSnJe0b%2FaWghOLNq0%2FLMQvkWNlJ3WE2V0VVx8PZrF0%2BO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8764303d5a97b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
hncwwl.com/static/pic/9e0d.jpg
104.21.9.81200 OK 20 kB URL GET HTTP/3 hncwwl.com/static/pic/9e0d.jpg
IP 104.21.9.81:443
Certificate IssuerLet's Encrypt
Subjecthncwwl.com
Fingerprint36:E8:E2:3C:0F:3F:FF:D1:85:D1:A4:EC:EE:96:38:CF:D8:6B:DE:60
ValidityThu, 21 Mar 2024 06:27:29 GMT - Wed, 19 Jun 2024 06:27:28 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 400x260, components 3
Hash f1d744bfa89a5a4012805e043e2016e0
e59046e01d4932b23ac41e7135abbe15aa3a63a3
b56712249c12618d025ad53deff6e1f58faa0b3b4a72c9b90ddd6f0d775e6ab4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/pic/9e0d.jpg HTTP/1.1
Host: hncwwl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hncwwl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 11:07:00 GMT
content-type: image/jpeg
content-length: 19728
last-modified: Fri, 24 Nov 2023 05:33:46 GMT
etag: "656035ba-4d10"
expires: Sat, 18 May 2024 11:06:59 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MKMvY1cvzsJ4%2FnnlIj9%2BNqg9cjKgYEHyOot9kTl6Bgtmr8yso%2BvG3tPojtam43lKFZHMeN7w5aneSbGJibLQushYGE7Hl7kHrXk7rz5jMA0KxWeTKQ7CPpoUFXba"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764304a1a8cb51d-OSL
alt-svc: h3=":443"; ma=86400
hncwwl.com/favicon.ico
104.21.9.81200 OK 15 kB IP 104.21.9.81:443
Certificate IssuerLet's Encrypt
Subjecthncwwl.com
Fingerprint36:E8:E2:3C:0F:3F:FF:D1:85:D1:A4:EC:EE:96:38:CF:D8:6B:DE:60
ValidityThu, 21 Mar 2024 06:27:29 GMT - Wed, 19 Jun 2024 06:27:28 GMT
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Hash be1f9374b813a2e49bea0b1b4fcf5e32
dd47d4852c5b0903a24ccc019947e58a6c724ff8
125b3611f9a911b38a8d44fe209e9d80a656360dcd969c6be46311c5beb7dc02
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /favicon.ico HTTP/1.1
Host: hncwwl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hncwwl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 11:07:01 GMT
content-type: image/x-icon
last-modified: Sat, 14 Oct 2023 04:30:22 GMT
etag: W/"652a195e-3c2e"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FcQNcLIhtpAj1HTrhfkM6IyKrAasy4HO6gtgWw1xXwURC2Id0IaeDb1cPoRK66lK55L8ybnxHrLIVBOw63XK49NbL1110pOAIWtXtCj77UJGPT6gX%2FQDSUYofx9i"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87643050bf46b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
hncwwl.com/static/js/wow.min.js
104.21.9.81200 OK 8.4 kB URL GET HTTP/3 hncwwl.com/static/js/wow.min.js
IP 104.21.9.81:443
Certificate IssuerLet's Encrypt
Subjecthncwwl.com
Fingerprint36:E8:E2:3C:0F:3F:FF:D1:85:D1:A4:EC:EE:96:38:CF:D8:6B:DE:60
ValidityThu, 21 Mar 2024 06:27:29 GMT - Wed, 19 Jun 2024 06:27:28 GMT
File type JavaScript source, ASCII text, with very long lines (8515), with no line terminators
Hash da4ec6a3e988677b1eff06cb90e95927
4083d1ec23a24f9f0eeb025501b9806b567249aa
85a9285b248eb56c2268288cfcea3ea7806c912ebb82d256fcd7c4e5b7e9c740
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/wow.min.js HTTP/1.1
Host: hncwwl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hncwwl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 11:06:58 GMT
content-type: application/javascript
last-modified: Tue, 28 Mar 2023 09:05:38 GMT
vary: Accept-Encoding
etag: W/"6422ade2-20df"
expires: Thu, 18 Apr 2024 23:06:57 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AjDwXVKfgH4kKcuR7qV9BxrOJIMUn05lluozEHLN8nGA%2FSdKYHIDhqQxvCMRdnb7zZp73K2exiw3nqTc7pLEFzK7yZvwkbRiNmUqeJprPJclpp1ev1YdHmz5QEN9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8764303d5a8fb51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://hncwwl.com/
103.235.46.40200 OK 0 B URL GET HTTP/1.1 sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://hncwwl.com/
IP 103.235.46.40:443
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://hncwwl.com/ HTTP/1.1
Host: sp0.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hncwwl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Thu, 18 Apr 2024 11:07:01 GMT