| cn.cctv-baidu-163-sina-sohu.xyz/tj.js |  107.148.14.135 | 200 OK | 21 B |
URL GET HTTP/2cn.cctv-baidu-163-sina-sohu.xyz/tj.js IP107.148.14.135:443
CertificateIssuerLet's Encrypt Subjectcctv-baidu-163-sina-sohu.xyz Fingerprint88:E2:21:D0:5A:EB:82:C8:19:44:03:19:D5:4F:48:AD:AD:21:36:CD ValiditySat, 23 Mar 2024 07:19:32 GMT - Fri, 21 Jun 2024 07:19:31 GMT
File typeASCII text, with no line terminators Hash990ba5e3d9d2eef63fd13e1333b7de44 eeb9ec9a27627e5019a0b047ca950cc4af6f3950 5c28b82d80fd32c972a910cf16b32239f4952fc838fd7e16aede693573709809
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /tj.js HTTP/1.1
Host: cn.cctv-baidu-163-sina-sohu.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://avxx-473.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 03 May 2024 19:16:03 GMT
content-type: application/javascript
content-length: 21
last-modified: Sat, 20 Apr 2024 04:38:55 GMT
etag: "662346df-15"
expires: Sat, 04 May 2024 07:16:03 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| |  188.114.97.1 | 200 OK | 6.2 kB |
URL User Request GET HTTP/2IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectavxx-473.xyz Fingerprint80:09:0F:61:C5:DE:EE:52:B5:30:F2:AD:46:1F:5A:CE:B7:62:44:65 ValidityThu, 11 Apr 2024 03:51:26 GMT - Wed, 10 Jul 2024 03:51:25 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (1007), with CRLF, LF line terminators Hash9e3c79e9252ef69d1eddf4a2751bfb74 37cddb8272dcebc0a640110f93c8ea70b61e00e8 d6383a3173e133a0fa52536ab1c9647ab2e6cf8a222b6f6bde7920ac1f2dfcac
GET / HTTP/1.1
Host: avxx-473.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 May 2024 19:16:15 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2ayb%2FG%2B3PUA953z80DRLmKRcpoqvRaUFT8Ozhw%2Ba985L11M4gADKB7yh4iUQtD%2B5QZHA%2FXqVyJh%2B5YjxzDfT6h8h2qswtNceDuexqKBLj8tTPHeG9GJW71NyqeUIPNM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87e2953908a5b511-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| avxx-473.xyz/template/mb2/js/lazyload.js |  0.0.0.0 | | 0 B |
URL GET avxx-473.xyz/template/mb2/js/lazyload.js IP0.0.0.0:0
CertificateIssuerGoogle Trust Services LLC Subjectavxx-473.xyz Fingerprint80:09:0F:61:C5:DE:EE:52:B5:30:F2:AD:46:1F:5A:CE:B7:62:44:65 ValidityThu, 11 Apr 2024 03:51:26 GMT - Wed, 10 Jul 2024 03:51:25 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /template/mb2/js/lazyload.js HTTP/1.1
Host: avxx-473.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://avxx-473.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
|
|
| avxx-473.xyz/template/mb2/js/jquery-3.0.1.min.js | 0.0.0.0 | | 0 B |
URL GET avxx-473.xyz/template/mb2/js/jquery-3.0.1.min.js IP0.0.0.0:0
CertificateIssuerGoogle Trust Services LLC Subjectavxx-473.xyz Fingerprint80:09:0F:61:C5:DE:EE:52:B5:30:F2:AD:46:1F:5A:CE:B7:62:44:65 ValidityThu, 11 Apr 2024 03:51:26 GMT - Wed, 10 Jul 2024 03:51:25 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /template/mb2/js/jquery-3.0.1.min.js HTTP/1.1
Host: avxx-473.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://avxx-473.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
|
|
| cn.cctv-baidu-163-sina-sohu.xyz/vip.js | 107.148.14.135 | 200 OK | 1.2 kB |
URL GET HTTP/2cn.cctv-baidu-163-sina-sohu.xyz/vip.js IP107.148.14.135:443
CertificateIssuerLet's Encrypt Subjectcctv-baidu-163-sina-sohu.xyz Fingerprint88:E2:21:D0:5A:EB:82:C8:19:44:03:19:D5:4F:48:AD:AD:21:36:CD ValiditySat, 23 Mar 2024 07:19:32 GMT - Fri, 21 Jun 2024 07:19:31 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (1185), with no line terminators Hash276861debbc8b474b73c264a5adc53d7 cec7f3865bb990a114c3e47da0121b4431457aae 1f68088dec5c668a4b430fb930eec4a6f76b2fb6c7f9c3cc4917f15911a4bd58
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /vip.js HTTP/1.1
Host: cn.cctv-baidu-163-sina-sohu.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://avxx-473.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 03 May 2024 19:16:03 GMT
content-type: application/javascript
last-modified: Thu, 02 May 2024 11:03:09 GMT
vary: Accept-Encoding
etag: W/"663372ed-4b5"
expires: Sat, 04 May 2024 07:16:03 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| avxx-473.xyz/template/mb2/image/loading.svg | 0.0.0.0 | | 0 B |
URL GET avxx-473.xyz/template/mb2/image/loading.svg IP0.0.0.0:0
CertificateIssuerGoogle Trust Services LLC Subjectavxx-473.xyz Fingerprint80:09:0F:61:C5:DE:EE:52:B5:30:F2:AD:46:1F:5A:CE:B7:62:44:65 ValidityThu, 11 Apr 2024 03:51:26 GMT - Wed, 10 Jul 2024 03:51:25 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /template/mb2/image/loading.svg HTTP/1.1
Host: avxx-473.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://avxx-473.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
|
|
| avxx-473.xyz/template/mb2/js/script.js | 0.0.0.0 | | 0 B |
URL GET avxx-473.xyz/template/mb2/js/script.js IP0.0.0.0:0
CertificateIssuerGoogle Trust Services LLC Subjectavxx-473.xyz Fingerprint80:09:0F:61:C5:DE:EE:52:B5:30:F2:AD:46:1F:5A:CE:B7:62:44:65 ValidityThu, 11 Apr 2024 03:51:26 GMT - Wed, 10 Jul 2024 03:51:25 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /template/mb2/js/script.js HTTP/1.1
Host: avxx-473.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://avxx-473.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
|
|
| avxx-473.xyz/template/mb2/css/new.css | 0.0.0.0 | | 0 B |
URL GET avxx-473.xyz/template/mb2/css/new.css IP0.0.0.0:0
CertificateIssuerGoogle Trust Services LLC Subjectavxx-473.xyz Fingerprint80:09:0F:61:C5:DE:EE:52:B5:30:F2:AD:46:1F:5A:CE:B7:62:44:65 ValidityThu, 11 Apr 2024 03:51:26 GMT - Wed, 10 Jul 2024 03:51:25 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /template/mb2/css/new.css HTTP/1.1
Host: avxx-473.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://avxx-473.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
|
|
| avxx-473.xyz/template/mb2/css/style.css | 0.0.0.0 | | 0 B |
URL GET avxx-473.xyz/template/mb2/css/style.css IP0.0.0.0:0
CertificateIssuerGoogle Trust Services LLC Subjectavxx-473.xyz Fingerprint80:09:0F:61:C5:DE:EE:52:B5:30:F2:AD:46:1F:5A:CE:B7:62:44:65 ValidityThu, 11 Apr 2024 03:51:26 GMT - Wed, 10 Jul 2024 03:51:25 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /template/mb2/css/style.css HTTP/1.1
Host: avxx-473.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://avxx-473.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
|
|
| avxx-473.xyz/static/js/jquery.js | 188.114.97.1 | 200 OK | 93 kB |
URL GET HTTP/3avxx-473.xyz/static/js/jquery.js IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectavxx-473.xyz Fingerprint80:09:0F:61:C5:DE:EE:52:B5:30:F2:AD:46:1F:5A:CE:B7:62:44:65 ValidityThu, 11 Apr 2024 03:51:26 GMT - Wed, 10 Jul 2024 03:51:25 GMT
File typeJavaScript source, ASCII text, with very long lines (32089) Hash397754ba49e9e0cf4e7c190da78dda05 ae49e56999d82802727455f0ba83b63acd90a22b c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
GET /static/js/jquery.js HTTP/1.1
Host: avxx-473.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://avxx-473.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 19:16:13 GMT
content-type: application/javascript
last-modified: Tue, 27 Feb 2024 06:21:04 GMT
vary: Accept-Encoding
etag: W/"65dd7f50-169d5"
expires: Sat, 04 May 2024 07:16:12 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CseCP8F5oGL7tm8zySbZXv8GupD5dnE1TzjRsbgN3YzUReRTBzhVqryWMpYnZEagCK9qUZ0BhicM8m26c01IzLgwZ74API9wJkSWC%2FHEhssQfXKHh3BmnPx3PLZSMro%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e2958b0f685691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| avxx-473.xyz/img/url.js | 0.0.0.0 | | 0 B |
IP0.0.0.0:0
CertificateIssuerGoogle Trust Services LLC Subjectavxx-473.xyz Fingerprint80:09:0F:61:C5:DE:EE:52:B5:30:F2:AD:46:1F:5A:CE:B7:62:44:65 ValidityThu, 11 Apr 2024 03:51:26 GMT - Wed, 10 Jul 2024 03:51:25 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /img/url.js HTTP/1.1
Host: avxx-473.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://avxx-473.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
|
|
| avxx-473.xyz/template/mb2/js/clipboard.min.js | 0.0.0.0 | | 0 B |
URL GET avxx-473.xyz/template/mb2/js/clipboard.min.js IP0.0.0.0:0
CertificateIssuerGoogle Trust Services LLC Subjectavxx-473.xyz Fingerprint80:09:0F:61:C5:DE:EE:52:B5:30:F2:AD:46:1F:5A:CE:B7:62:44:65 ValidityThu, 11 Apr 2024 03:51:26 GMT - Wed, 10 Jul 2024 03:51:25 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /template/mb2/js/clipboard.min.js HTTP/1.1
Host: avxx-473.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://avxx-473.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
|
|