| the-shop.info/index.php?key=21ltcce0i96lhgaanr0u&visitor_id=809590855508692992&cost=0.000000&zoneid=6962929&campaignid=8152546&device=other&browser=firefox&os=android&osversion=android14&country=IT&language=it&isp=colttechnologyservicesgrouplimited/ | 65.109.112.53 | 302 Found | 0 B |
URL User Request GET HTTP/1.1the-shop.info/index.php?key=21ltcce0i96lhgaanr0u&visitor_id=809590855508692992&cost=0.000000&zoneid=6962929&campaignid=8152546&device=other&browser=firefox&os=android&osversion=android14&country=IT&language=it&isp=colttechnologyservicesgrouplimited/ IP65.109.112.53:443 ASN#24940 Hetzner Online GmbH
CertificateIssuerLet's Encrypt Subjectthe-shop.info Fingerprint8C:87:EE:C0:F4:90:24:F9:64:3B:1F:88:D3:D3:F4:D7:19:C7:E5:9E ValidityMon, 08 Apr 2024 18:30:37 GMT - Sun, 07 Jul 2024 18:30:36 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /index.php?key=21ltcce0i96lhgaanr0u&visitor_id=809590855508692992&cost=0.000000&zoneid=6962929&campaignid=8152546&device=other&browser=firefox&os=android&osversion=android14&country=IT&language=it&isp=colttechnologyservicesgrouplimited/ HTTP/1.1
Host: the-shop.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.24.0
Date: Wed, 01 May 2024 21:54:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=e2a79zci; expires=Fri, 03-May-2024 09:54:58 GMT; Max-Age=129600; path=/; secure; SameSite=none
uclickhash=e2a79zci-e2a79zci-6ji4-fe-i4-ci-oj-58f5e2; expires=Fri, 03-May-2024 09:54:58 GMT; Max-Age=129600; path=/; secure; SameSite=none
Location: https://ftgheeudxnlc.shop/index/index.php?lpkey=176714b5603f109598&isp=Blix%20Group%20As&uclick=e2a79zci&uclickhash=e2a79zci-e2a79zci-6ji4-fe-i4-ci-oj-58f5e2
Strict-Transport-Security: max-age=31536000
|
|
| ftgheeudxnlc.shop/index/ultra.png | 104.21.95.248 | 200 OK | 33 kB |
URL GET HTTP/3ftgheeudxnlc.shop/index/ultra.png IP104.21.95.248:443
Requested byhttps://ftgheeudxnlc.shop/index/index.php?lpkey=176714b5603f109598&isp=Blix%20Group%20As&uclick=e2a79zci&uclickhash=e2a79zci-e2a79zci-6ji4-fe-i4-ci-oj-58f5e2 CertificateIssuerLet's Encrypt Subjectftgheeudxnlc.shop Fingerprint6D:47:E0:CB:6D:60:6F:F7:94:04:0A:FB:B5:E7:7B:B4:C6:45:E3:60 ValiditySun, 07 Apr 2024 12:35:05 GMT - Sat, 06 Jul 2024 12:35:04 GMT
File typePNG image data, 150 x 190, 8-bit/color RGBA, non-interlaced Hash563bac82cb3328779786343daa4e656d 08b970ddb76ffe00fd5d5c7f74f01867b261728a a0bba5e6432d864e5d19d153b198b0a57b4d3ae15d13903db644891d36d9586d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index/ultra.png HTTP/1.1
Host: ftgheeudxnlc.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ftgheeudxnlc.shop/index/index.php?lpkey=176714b5603f109598&isp=Blix%20Group%20As&uclick=e2a79zci&uclickhash=e2a79zci-e2a79zci-6ji4-fe-i4-ci-oj-58f5e2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 May 2024 21:54:58 GMT
content-type: image/png
content-length: 33372
last-modified: Wed, 17 Feb 2021 14:04:58 GMT
etag: "602d228a-825c"
cf-cache-status: HIT
age: 5012
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8r4iO9cw1DzTkuNKU6wZiRlvJ%2FnHMP5hvAXM85WQRF3aZwovlnz6TaH0o7%2FGWXZ0HeVNmLq3xERBHvIacTUjDVfWPkpV%2BtCKT3fMQq2mGUfjmqX6LJFOQSBah76kBajcmwSHrg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d3035c5ed456ae-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ftgheeudxnlc.shop/index/note10.png | 104.21.95.248 | 200 OK | 33 kB |
URL GET HTTP/3ftgheeudxnlc.shop/index/note10.png IP104.21.95.248:443
Requested byhttps://ftgheeudxnlc.shop/index/index.php?lpkey=176714b5603f109598&isp=Blix%20Group%20As&uclick=e2a79zci&uclickhash=e2a79zci-e2a79zci-6ji4-fe-i4-ci-oj-58f5e2 CertificateIssuerLet's Encrypt Subjectftgheeudxnlc.shop Fingerprint6D:47:E0:CB:6D:60:6F:F7:94:04:0A:FB:B5:E7:7B:B4:C6:45:E3:60 ValiditySun, 07 Apr 2024 12:35:05 GMT - Sat, 06 Jul 2024 12:35:04 GMT
File typePNG image data, 402 x 376, 8-bit colormap, non-interlaced Hash5aacc9ad24e522ec83285215d77124ad 85cd5284dd95c796d7400784a191cfb9d40eae58 7531d18074d86eba9d0ed1b39cc7fd94eb5f2474300157e3ec40fe54f4000451
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index/note10.png HTTP/1.1
Host: ftgheeudxnlc.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ftgheeudxnlc.shop/index/index.php?lpkey=176714b5603f109598&isp=Blix%20Group%20As&uclick=e2a79zci&uclickhash=e2a79zci-e2a79zci-6ji4-fe-i4-ci-oj-58f5e2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 May 2024 21:54:58 GMT
content-type: image/png
content-length: 32602
last-modified: Wed, 17 Feb 2021 14:04:58 GMT
etag: "602d228a-7f5a"
cf-cache-status: HIT
age: 5012
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7auL0Bufz2BfFSvRjPWCa%2BuhiKvQ9SvTiZqy7fV48KXIpl5G%2Fcvz%2Fg%2FLkbiWK8csm4ycEdWVfyVVZfu77CAtvJer9zPRF1x4aduaxm1RrVnD7GzEo2gHEa47myfwru8BfIiMgA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d3035c5ee356ae-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ftgheeudxnlc.shop/index/img/s20_comment1.jpg | 104.21.95.248 | 200 OK | 16 kB |
URL GET HTTP/3ftgheeudxnlc.shop/index/img/s20_comment1.jpg IP104.21.95.248:443
Requested byhttps://ftgheeudxnlc.shop/index/index.php?lpkey=176714b5603f109598&isp=Blix%20Group%20As&uclick=e2a79zci&uclickhash=e2a79zci-e2a79zci-6ji4-fe-i4-ci-oj-58f5e2 CertificateIssuerLet's Encrypt Subjectftgheeudxnlc.shop Fingerprint6D:47:E0:CB:6D:60:6F:F7:94:04:0A:FB:B5:E7:7B:B4:C6:45:E3:60 ValiditySun, 07 Apr 2024 12:35:05 GMT - Sat, 06 Jul 2024 12:35:04 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 150x269, components 3 Hashf90f9eefd62b5275e7ffac00b9b52686 c7414e8b7aabc3dd21045fddd63c6e7f5b8bbeec 9239ec9a7f86227854f61bb3c1134b8f1a3f0815d1909795b321d48fdf8f9d37
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index/img/s20_comment1.jpg HTTP/1.1
Host: ftgheeudxnlc.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ftgheeudxnlc.shop/index/index.php?lpkey=176714b5603f109598&isp=Blix%20Group%20As&uclick=e2a79zci&uclickhash=e2a79zci-e2a79zci-6ji4-fe-i4-ci-oj-58f5e2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 May 2024 21:54:58 GMT
content-type: image/jpeg
content-length: 16101
last-modified: Fri, 23 Sep 2022 06:56:50 GMT
etag: "632d58b2-3ee5"
cf-cache-status: HIT
age: 5011
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hm4ttyzIO0hNqZPIdQYDkYFh%2B8ClfLFC8ohnLJgsgWKdD2iXeswzKC8Jbb%2Fn3b4suFkjNE0pP9gDxeNTG6qQixpd%2BYspSWHp2lH3%2FqubaU%2FG7NqI75wv1kq8gz6Q1wImvMV8iQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d3035c5ee856ae-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ftgheeudxnlc.shop/index/img/s20_comment2.jpg | 104.21.95.248 | 200 OK | 18 kB |
URL GET HTTP/3ftgheeudxnlc.shop/index/img/s20_comment2.jpg IP104.21.95.248:443
Requested byhttps://ftgheeudxnlc.shop/index/index.php?lpkey=176714b5603f109598&isp=Blix%20Group%20As&uclick=e2a79zci&uclickhash=e2a79zci-e2a79zci-6ji4-fe-i4-ci-oj-58f5e2 CertificateIssuerLet's Encrypt Subjectftgheeudxnlc.shop Fingerprint6D:47:E0:CB:6D:60:6F:F7:94:04:0A:FB:B5:E7:7B:B4:C6:45:E3:60 ValiditySun, 07 Apr 2024 12:35:05 GMT - Sat, 06 Jul 2024 12:35:04 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 200x200, components 3 Hasha9e4cd59be6114dfdec76393397498b6 452e793400244e4e2ff2adae1d3cb216511e487a 9b6384ca70110d9caf641050b2f9979bc832b64cff4affe3888a508d8efa876e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index/img/s20_comment2.jpg HTTP/1.1
Host: ftgheeudxnlc.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ftgheeudxnlc.shop/index/index.php?lpkey=176714b5603f109598&isp=Blix%20Group%20As&uclick=e2a79zci&uclickhash=e2a79zci-e2a79zci-6ji4-fe-i4-ci-oj-58f5e2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 May 2024 21:54:58 GMT
content-type: image/jpeg
content-length: 18039
last-modified: Fri, 23 Sep 2022 06:56:50 GMT
etag: "632d58b2-4677"
cf-cache-status: HIT
age: 5011
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vqRaG5biskLk%2BF6yuMxg6NTPeULXS%2FunY9rbMGmox%2FlWEHAJsks5mIq5tK02kLB2bnFtPHEKzmaspz6hIBDhY1OYLZP4xt1mpdA3zTTW2FvEOT5OCxBxLU6urfsqJ5rBwBDXZw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d3035c5eec56ae-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ftgheeudxnlc.shop/index/isp-logo.png | 104.21.95.248 | 200 OK | 2.5 kB |
URL GET HTTP/3ftgheeudxnlc.shop/index/isp-logo.png IP104.21.95.248:443
Requested byhttps://ftgheeudxnlc.shop/index/index.php?lpkey=176714b5603f109598&isp=Blix%20Group%20As&uclick=e2a79zci&uclickhash=e2a79zci-e2a79zci-6ji4-fe-i4-ci-oj-58f5e2 CertificateIssuerLet's Encrypt Subjectftgheeudxnlc.shop Fingerprint6D:47:E0:CB:6D:60:6F:F7:94:04:0A:FB:B5:E7:7B:B4:C6:45:E3:60 ValiditySun, 07 Apr 2024 12:35:05 GMT - Sat, 06 Jul 2024 12:35:04 GMT
File typePNG image data, 100 x 100, 8-bit colormap, non-interlaced Hash41f5877335f188c5e1e249c307b467a9 1d2c947b98fde0825c4ac752b4b686d8c7dd45ad 3e76fb1bd400d464ae7efd63266e36b6166ccf908de94a0c5e6b066a14e5f188
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index/isp-logo.png HTTP/1.1
Host: ftgheeudxnlc.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ftgheeudxnlc.shop/index/index.php?lpkey=176714b5603f109598&isp=Blix%20Group%20As&uclick=e2a79zci&uclickhash=e2a79zci-e2a79zci-6ji4-fe-i4-ci-oj-58f5e2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 May 2024 21:54:58 GMT
content-type: image/png
content-length: 2506
last-modified: Wed, 17 Feb 2021 14:05:24 GMT
etag: "602d22a4-9ca"
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J1sOR3Hhkkyh5t21wBB%2BSoUJDt4tE5O%2B4Y4b5x2tXG5gfia6WTaFs7GCLhJ6Y5eHowxCdblw4l%2BnyiZy2v3xwqKCOGcKgg8Ugs6REQwug8G7rFWf8vlLfLTtloSKD0qAh60D4w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d3035c4eca56ae-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ftgheeudxnlc.shop/index/isp-loading1.gif | 104.21.95.248 | 200 OK | 1.5 kB |
URL GET HTTP/3ftgheeudxnlc.shop/index/isp-loading1.gif IP104.21.95.248:443
Requested byhttps://ftgheeudxnlc.shop/index/index.php?lpkey=176714b5603f109598&isp=Blix%20Group%20As&uclick=e2a79zci&uclickhash=e2a79zci-e2a79zci-6ji4-fe-i4-ci-oj-58f5e2 CertificateIssuerLet's Encrypt Subjectftgheeudxnlc.shop Fingerprint6D:47:E0:CB:6D:60:6F:F7:94:04:0A:FB:B5:E7:7B:B4:C6:45:E3:60 ValiditySun, 07 Apr 2024 12:35:05 GMT - Sat, 06 Jul 2024 12:35:04 GMT
File typeGIF image data, version 89a, 25 x 25 Hashe77529aa1a83920de7897a4c5c5f9707 d78e86f851a13d500ffc9e84baab79b502392cbd 735ee02711d4d62d8cfba0c075237f227491a044441540d39f8c8203ccd54cea
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index/isp-loading1.gif HTTP/1.1
Host: ftgheeudxnlc.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ftgheeudxnlc.shop/index/index.php?lpkey=176714b5603f109598&isp=Blix%20Group%20As&uclick=e2a79zci&uclickhash=e2a79zci-e2a79zci-6ji4-fe-i4-ci-oj-58f5e2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 May 2024 21:54:58 GMT
content-type: image/gif
content-length: 1457
last-modified: Wed, 17 Feb 2021 14:05:24 GMT
etag: "602d22a4-5b1"
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rdd6xjNkGIt1qFVRc9fVCwUTIztPNNk%2B3nUIcEY9yOe6u59KP0vg7UP1Qq96vkgrX8hfJZsAlzGccxXumi4%2Flhef0EQdFjYGtNqvFPcjxQ1iNT8BOz3TYuLo6X%2BZ8gtT29LhwA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d3035c5ed556ae-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ftgheeudxnlc.shop/index/isp-greenchk-1.jpg | 104.21.95.248 | 200 OK | 646 B |
URL GET HTTP/3ftgheeudxnlc.shop/index/isp-greenchk-1.jpg IP104.21.95.248:443
Requested byhttps://ftgheeudxnlc.shop/index/index.php?lpkey=176714b5603f109598&isp=Blix%20Group%20As&uclick=e2a79zci&uclickhash=e2a79zci-e2a79zci-6ji4-fe-i4-ci-oj-58f5e2 CertificateIssuerLet's Encrypt Subjectftgheeudxnlc.shop Fingerprint6D:47:E0:CB:6D:60:6F:F7:94:04:0A:FB:B5:E7:7B:B4:C6:45:E3:60 ValiditySun, 07 Apr 2024 12:35:05 GMT - Sat, 06 Jul 2024 12:35:04 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 25x22, components 3 Hash3d0f87c98f70c57b535974b34862a8e9 ee98b5772fb273a6a97f023194696bb025ae85c6 8fccb5c96c54856548fbad584f0e41f72313b94b33ec32d328985b3267f4035e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index/isp-greenchk-1.jpg HTTP/1.1
Host: ftgheeudxnlc.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ftgheeudxnlc.shop/index/index.php?lpkey=176714b5603f109598&isp=Blix%20Group%20As&uclick=e2a79zci&uclickhash=e2a79zci-e2a79zci-6ji4-fe-i4-ci-oj-58f5e2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 May 2024 21:54:58 GMT
content-type: image/jpeg
content-length: 646
last-modified: Wed, 17 Feb 2021 14:05:26 GMT
etag: "602d22a6-286"
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IM2JLlRyReJXuVooYxWjS6t%2BwZUxW%2B0EcZCCc%2BIv0zSJv%2Btxwop5Qa7VntIatSQHxcdkn7BCprO18vlRyl8Qijf4VN38uNfsYSmGOITg1UBUxFMRKbbofFYk%2FfDRTE9Oby61Cg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d3035c5ed856ae-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ftgheeudxnlc.shop/index/img/t-v6-1.png | 104.21.95.248 | 200 OK | 6.4 kB |
URL GET HTTP/3ftgheeudxnlc.shop/index/img/t-v6-1.png IP104.21.95.248:443
Requested byhttps://ftgheeudxnlc.shop/index/index.php?lpkey=176714b5603f109598&isp=Blix%20Group%20As&uclick=e2a79zci&uclickhash=e2a79zci-e2a79zci-6ji4-fe-i4-ci-oj-58f5e2 CertificateIssuerLet's Encrypt Subjectftgheeudxnlc.shop Fingerprint6D:47:E0:CB:6D:60:6F:F7:94:04:0A:FB:B5:E7:7B:B4:C6:45:E3:60 ValiditySun, 07 Apr 2024 12:35:05 GMT - Sat, 06 Jul 2024 12:35:04 GMT
File typePNG image data, 100 x 100, 8-bit colormap, non-interlaced Hashf9dbc65a0a0a7a49a9a7c2ad4235c19e 0ef0d4aba0b8d3e3961ec30ac49e4d88ee79a13a 1687947df9d65fc9950e8bbad9a2b569e100a8fa61c3e18d168dbee3c1ed51e0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index/img/t-v6-1.png HTTP/1.1
Host: ftgheeudxnlc.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ftgheeudxnlc.shop/index/index.php?lpkey=176714b5603f109598&isp=Blix%20Group%20As&uclick=e2a79zci&uclickhash=e2a79zci-e2a79zci-6ji4-fe-i4-ci-oj-58f5e2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 May 2024 21:54:58 GMT
content-type: image/png
content-length: 6445
last-modified: Wed, 17 Feb 2021 14:05:32 GMT
etag: "602d22ac-192d"
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fCdPSUvC%2BIMPr7%2FoZY7CJJZI%2FNRZ%2BToJYYlk8pFBiPyfOBOcIbJW4JsiiA8xoCVB03gyh5a65%2BjM016izoaHvMgW7WdDyTzGo35ZqnrCTLdoDhPJ%2BBI%2BIMuCGDv%2BVbQl8k76TA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d3035c5ee456ae-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ftgheeudxnlc.shop/index/img/t-v6-3.png | 104.21.95.248 | 200 OK | 5.9 kB |
URL GET HTTP/3ftgheeudxnlc.shop/index/img/t-v6-3.png IP104.21.95.248:443
Requested byhttps://ftgheeudxnlc.shop/index/index.php?lpkey=176714b5603f109598&isp=Blix%20Group%20As&uclick=e2a79zci&uclickhash=e2a79zci-e2a79zci-6ji4-fe-i4-ci-oj-58f5e2 CertificateIssuerLet's Encrypt Subjectftgheeudxnlc.shop Fingerprint6D:47:E0:CB:6D:60:6F:F7:94:04:0A:FB:B5:E7:7B:B4:C6:45:E3:60 ValiditySun, 07 Apr 2024 12:35:05 GMT - Sat, 06 Jul 2024 12:35:04 GMT
File typePNG image data, 100 x 100, 8-bit colormap, non-interlaced Hashfbddf5ad7297aaded0b36312c047913d f0f8ccd0f582130ed30bea86defb89c6f50a913c b984d9455bf8cb336cc821285d7c66812f4a38ca9483e63d50baed48dd3fd036
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index/img/t-v6-3.png HTTP/1.1
Host: ftgheeudxnlc.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ftgheeudxnlc.shop/index/index.php?lpkey=176714b5603f109598&isp=Blix%20Group%20As&uclick=e2a79zci&uclickhash=e2a79zci-e2a79zci-6ji4-fe-i4-ci-oj-58f5e2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 May 2024 21:54:58 GMT
content-type: image/png
content-length: 5857
last-modified: Wed, 17 Feb 2021 14:05:30 GMT
etag: "602d22aa-16e1"
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OxtN4qpSaYaFBk86vdnIfKy1eDQoZX0r4%2BifNl2NjmueNICYJ%2FK6oCLmZWdj6KkyLifYnWAIaT0AsIkAWabNFTia75UKvpRX1c3eE1lpQfW406PHJfDKcaPL1dkPL1xKstjU5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d3035c5eea56ae-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ftgheeudxnlc.shop/index/isp-iphone11-2.png | 104.21.95.248 | 200 OK | 9.1 kB |
URL GET HTTP/3ftgheeudxnlc.shop/index/isp-iphone11-2.png IP104.21.95.248:443
Requested byhttps://ftgheeudxnlc.shop/index/index.php?lpkey=176714b5603f109598&isp=Blix%20Group%20As&uclick=e2a79zci&uclickhash=e2a79zci-e2a79zci-6ji4-fe-i4-ci-oj-58f5e2 CertificateIssuerLet's Encrypt Subjectftgheeudxnlc.shop Fingerprint6D:47:E0:CB:6D:60:6F:F7:94:04:0A:FB:B5:E7:7B:B4:C6:45:E3:60 ValiditySun, 07 Apr 2024 12:35:05 GMT - Sat, 06 Jul 2024 12:35:04 GMT
File typePNG image data, 220 x 168, 8-bit colormap, non-interlaced Hash553384b165d1fa8e805fb062509221e8 1272815c6a64243da403bf998eaa7475aacbd210 fb9ca7349d5d4200bf5ded9b571a849a3cdce6c2237e26cb4c10464762124197
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index/isp-iphone11-2.png HTTP/1.1
Host: ftgheeudxnlc.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ftgheeudxnlc.shop/index/index.php?lpkey=176714b5603f109598&isp=Blix%20Group%20As&uclick=e2a79zci&uclickhash=e2a79zci-e2a79zci-6ji4-fe-i4-ci-oj-58f5e2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 May 2024 21:54:58 GMT
content-type: image/png
content-length: 9135
last-modified: Wed, 17 Feb 2021 14:05:24 GMT
etag: "602d22a4-23af"
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=96yq2qsXcxSIO2Cs5R%2FDs8cFskXHHXlYbjcS0O0vnj4lJGibfnhIT0C3aCSTCouE1hwjuHDwJ8u4q4%2B3Ljk96x%2Ffz1dJ29j4A6rjtkWnAopOyWOBmaNF%2F%2Fz4G2I4FEed8Zj2MQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d3035c5ee256ae-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ftgheeudxnlc.shop/index/img/t-v6-2.png | 104.21.95.248 | 200 OK | 6.6 kB |
URL GET HTTP/3ftgheeudxnlc.shop/index/img/t-v6-2.png IP104.21.95.248:443
Requested byhttps://ftgheeudxnlc.shop/index/index.php?lpkey=176714b5603f109598&isp=Blix%20Group%20As&uclick=e2a79zci&uclickhash=e2a79zci-e2a79zci-6ji4-fe-i4-ci-oj-58f5e2 CertificateIssuerLet's Encrypt Subjectftgheeudxnlc.shop Fingerprint6D:47:E0:CB:6D:60:6F:F7:94:04:0A:FB:B5:E7:7B:B4:C6:45:E3:60 ValiditySun, 07 Apr 2024 12:35:05 GMT - Sat, 06 Jul 2024 12:35:04 GMT
File typePNG image data, 100 x 100, 8-bit colormap, non-interlaced Hash2bc416642a102c374e8e4f92834d2781 a510890ab5ec292fae76940aa1916953c7338e20 852f0cbd525e418f72b996e330696a8a38f872b1e2bb182b18a73c1080fa7058
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index/img/t-v6-2.png HTTP/1.1
Host: ftgheeudxnlc.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ftgheeudxnlc.shop/index/index.php?lpkey=176714b5603f109598&isp=Blix%20Group%20As&uclick=e2a79zci&uclickhash=e2a79zci-e2a79zci-6ji4-fe-i4-ci-oj-58f5e2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 May 2024 21:54:58 GMT
content-type: image/png
content-length: 6564
last-modified: Wed, 17 Feb 2021 14:05:32 GMT
etag: "602d22ac-19a4"
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ugA30aEqixf34idcxftMu4xEXhzBsx%2Fb8OPNtS43xqTmVvVnvkI9iLlxFsrgBeIpzMPFB7yrLk9bUszy0uD6UhNmf8KoNg%2BVCKLeo9e4Y6XhXQ7ObpQOBqOra2wnLWh5lVFN%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d3035c5ee556ae-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ftgheeudxnlc.shop/index/img/t-v6-4.png | 104.21.95.248 | 200 OK | 8.1 kB |
URL GET HTTP/3ftgheeudxnlc.shop/index/img/t-v6-4.png IP104.21.95.248:443
Requested byhttps://ftgheeudxnlc.shop/index/index.php?lpkey=176714b5603f109598&isp=Blix%20Group%20As&uclick=e2a79zci&uclickhash=e2a79zci-e2a79zci-6ji4-fe-i4-ci-oj-58f5e2 CertificateIssuerLet's Encrypt Subjectftgheeudxnlc.shop Fingerprint6D:47:E0:CB:6D:60:6F:F7:94:04:0A:FB:B5:E7:7B:B4:C6:45:E3:60 ValiditySun, 07 Apr 2024 12:35:05 GMT - Sat, 06 Jul 2024 12:35:04 GMT
File typePNG image data, 100 x 100, 8-bit colormap, non-interlaced Hash7db7d39fe8d41804a38d77b9673f503e daf3a78eca57ab6949437ee822f99a077ba1ff3a 8057f27640708e6209c8a19cdd2cd2cc3ecaeef8f5940f54f73b14bd04ed0e0d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index/img/t-v6-4.png HTTP/1.1
Host: ftgheeudxnlc.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ftgheeudxnlc.shop/index/index.php?lpkey=176714b5603f109598&isp=Blix%20Group%20As&uclick=e2a79zci&uclickhash=e2a79zci-e2a79zci-6ji4-fe-i4-ci-oj-58f5e2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 May 2024 21:54:58 GMT
content-type: image/png
content-length: 8106
last-modified: Wed, 17 Feb 2021 14:05:30 GMT
etag: "602d22aa-1faa"
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sLEovq8k9CxwIqbMVwE6QF%2FWaOSviSx4dB3aPuVF7fg%2FanW6nM6GVhRNPYdnZk%2FTRNUL%2BBF%2Futkoe2CTa%2BB3upeFi6WABi5RZneS8VvlCNF1XK3eZyn5u7aT9HtLhz9InygoLw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d3035c5eeb56ae-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ftgheeudxnlc.shop/index/f_guarantee.png | 104.21.95.248 | 200 OK | 5.5 kB |
URL GET HTTP/3ftgheeudxnlc.shop/index/f_guarantee.png IP104.21.95.248:443
Requested byhttps://ftgheeudxnlc.shop/index/index.php?lpkey=176714b5603f109598&isp=Blix%20Group%20As&uclick=e2a79zci&uclickhash=e2a79zci-e2a79zci-6ji4-fe-i4-ci-oj-58f5e2 CertificateIssuerLet's Encrypt Subjectftgheeudxnlc.shop Fingerprint6D:47:E0:CB:6D:60:6F:F7:94:04:0A:FB:B5:E7:7B:B4:C6:45:E3:60 ValiditySun, 07 Apr 2024 12:35:05 GMT - Sat, 06 Jul 2024 12:35:04 GMT
File typePNG image data, 94 x 93, 8-bit colormap, non-interlaced Hashe96328a64e57e815f2ae881b330227b1 4b11d64b73ff7b3394278384576074da1f48ccee c49aa7c724f6637b861177d2da95e1da011570a970b38ce3043bf019f0f6d2b7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index/f_guarantee.png HTTP/1.1
Host: ftgheeudxnlc.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ftgheeudxnlc.shop/index/index.php?lpkey=176714b5603f109598&isp=Blix%20Group%20As&uclick=e2a79zci&uclickhash=e2a79zci-e2a79zci-6ji4-fe-i4-ci-oj-58f5e2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 May 2024 21:54:58 GMT
content-type: image/png
content-length: 5476
last-modified: Wed, 17 Feb 2021 14:05:36 GMT
etag: "602d22b0-1564"
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xGmGz5cn4l6hdbGZW9YXvJqC5IGB7E1MR0hcjNZTiWA62K4nB%2BkMTVBSvoFcXy56a%2BO0lcWDGv2%2BfD2x77esinARY1twpFc4VQzki%2Bg6ddeW8u5yNGjy9pWWoXv2LhKGHduFGA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d3035c6eee56ae-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ftgheeudxnlc.shop/index/img/t-v6-5.png | 104.21.95.248 | 200 OK | 8.3 kB |
URL GET HTTP/3ftgheeudxnlc.shop/index/img/t-v6-5.png IP104.21.95.248:443
Requested byhttps://ftgheeudxnlc.shop/index/index.php?lpkey=176714b5603f109598&isp=Blix%20Group%20As&uclick=e2a79zci&uclickhash=e2a79zci-e2a79zci-6ji4-fe-i4-ci-oj-58f5e2 CertificateIssuerLet's Encrypt Subjectftgheeudxnlc.shop Fingerprint6D:47:E0:CB:6D:60:6F:F7:94:04:0A:FB:B5:E7:7B:B4:C6:45:E3:60 ValiditySun, 07 Apr 2024 12:35:05 GMT - Sat, 06 Jul 2024 12:35:04 GMT
File typePNG image data, 100 x 100, 8-bit colormap, non-interlaced Hashb472a2b485b9d5791bf192e620105733 99fa90c0304b8c684186910ac94ce0efb155e03c 8a2fc773bf2eab9e1059be22277b4475df051990a69cdff90ac134c73075dd32
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index/img/t-v6-5.png HTTP/1.1
Host: ftgheeudxnlc.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ftgheeudxnlc.shop/index/index.php?lpkey=176714b5603f109598&isp=Blix%20Group%20As&uclick=e2a79zci&uclickhash=e2a79zci-e2a79zci-6ji4-fe-i4-ci-oj-58f5e2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 May 2024 21:54:58 GMT
content-type: image/png
content-length: 8288
last-modified: Wed, 17 Feb 2021 14:05:28 GMT
etag: "602d22a8-2060"
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g9y0mmrmJnQTAZfF5sSfzCqn5oeDbvMumadN2TLCmRZnyQ5Z%2BmaHAVVkFaRdtzampLj19Q0wtxhhhbPKlLh05aJOa4wZsEhDnIA4Llj%2FVQBxySF8wiy84WTqPri8LzIvSPu9dA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d3035c5eed56ae-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ftgheeudxnlc.shop/index/f_secure_1.png | 104.21.95.248 | 200 OK | 7.9 kB |
URL GET HTTP/3ftgheeudxnlc.shop/index/f_secure_1.png IP104.21.95.248:443
Requested byhttps://ftgheeudxnlc.shop/index/index.php?lpkey=176714b5603f109598&isp=Blix%20Group%20As&uclick=e2a79zci&uclickhash=e2a79zci-e2a79zci-6ji4-fe-i4-ci-oj-58f5e2 CertificateIssuerLet's Encrypt Subjectftgheeudxnlc.shop Fingerprint6D:47:E0:CB:6D:60:6F:F7:94:04:0A:FB:B5:E7:7B:B4:C6:45:E3:60 ValiditySun, 07 Apr 2024 12:35:05 GMT - Sat, 06 Jul 2024 12:35:04 GMT
File typePNG image data, 138 x 133, 8-bit colormap, non-interlaced Hashd20b7ca43d07211b60f8739c775a151e 153c13946ef3d3e6bcf3759eb4b5f072bf15a972 ca7696ce16353b1551bfe7eb4bab73d051c224f3dbb57b881af26c5823d6b7b2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index/f_secure_1.png HTTP/1.1
Host: ftgheeudxnlc.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ftgheeudxnlc.shop/index/index.php?lpkey=176714b5603f109598&isp=Blix%20Group%20As&uclick=e2a79zci&uclickhash=e2a79zci-e2a79zci-6ji4-fe-i4-ci-oj-58f5e2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 May 2024 21:54:58 GMT
content-type: image/png
content-length: 7929
last-modified: Wed, 17 Feb 2021 14:05:36 GMT
etag: "602d22b0-1ef9"
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z5bwcHAJNES2x23oJ7Ggaf7qUeuE8w6lFbCaBPfnIznUrr8MXZTmc2g2mPUL0Po3RfsHngYjY3t6lNhUmUK5FQAZqEo82fOtb7ETZ3cTaHkxZqp3EnH1sC3%2B%2FUuoePLsLDZKEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d3035c6eef56ae-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js | 104.17.25.14 | 200 OK | 28 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js IP104.17.25.14:443
Requested byhttps://ftgheeudxnlc.shop/index/index.php?lpkey=176714b5603f109598&isp=Blix%20Group%20As&uclick=e2a79zci&uclickhash=e2a79zci-e2a79zci-6ji4-fe-i4-ci-oj-58f5e2 CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hash220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ftgheeudxnlc.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 May 2024 21:54:58 GMT
content-type: application/javascript; charset=utf-8
content-length: 27748
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15851"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 92593
expires: Mon, 21 Apr 2025 21:54:58 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TGB3ms5795nWK9wkwO%2BGThJPDugWX%2Bz%2F%2BBAOs4VEVVt73qb5%2BLGrgpBU4OKiaxhvzQ9Rnm0oUwVcrOeBXzGTg78kzQIih6N0%2BRlHUpXQFylSvTzJZHhw11BnYSU7kPO9%2BY3Ce4tB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87d3035c8f8bb503-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ftgheeudxnlc.shop/index/img/s20.png | 104.21.95.248 | 200 OK | 24 kB |
URL GET HTTP/3ftgheeudxnlc.shop/index/img/s20.png IP104.21.95.248:443
Requested byhttps://ftgheeudxnlc.shop/index/index.php?lpkey=176714b5603f109598&isp=Blix%20Group%20As&uclick=e2a79zci&uclickhash=e2a79zci-e2a79zci-6ji4-fe-i4-ci-oj-58f5e2 CertificateIssuerLet's Encrypt Subjectftgheeudxnlc.shop Fingerprint6D:47:E0:CB:6D:60:6F:F7:94:04:0A:FB:B5:E7:7B:B4:C6:45:E3:60 ValiditySun, 07 Apr 2024 12:35:05 GMT - Sat, 06 Jul 2024 12:35:04 GMT
File typePNG image data, 120 x 159, 8-bit/color RGB, non-interlaced Hashd384805b7283cb4a55e9285b3d1f5ebc a4ed4ba011ef70bdade55c6e1facbf31744b3943 6d882c4051b58d76f18cfae2171be93e1edd2c2614b69360d1a2e78a07d97e9b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index/img/s20.png HTTP/1.1
Host: ftgheeudxnlc.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ftgheeudxnlc.shop/index/index.php?lpkey=176714b5603f109598&isp=Blix%20Group%20As&uclick=e2a79zci&uclickhash=e2a79zci-e2a79zci-6ji4-fe-i4-ci-oj-58f5e2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 May 2024 21:54:58 GMT
content-type: image/png
content-length: 23506
last-modified: Fri, 23 Sep 2022 06:56:48 GMT
etag: "632d58b0-5bd2"
cf-cache-status: HIT
age: 5011
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F%2BgE2jF9QmIyzxaHNVQEYG9SAm4MAdREMfP9RTrYwJhU2Mrr7XyswoxMDhjhS4E9uqFdpJpPzbDHWSaFsW5%2BQvmKysbpiJDty%2B2tjvuPLLCWZggHNx1BaIljlFIny61qpo0RLA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d3035e183156ae-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ftgheeudxnlc.shop/index/favicon-isp.png | 104.21.95.248 | 200 OK | 2.2 kB |
URL GET HTTP/3ftgheeudxnlc.shop/index/favicon-isp.png IP104.21.95.248:443
Requested byhttps://ftgheeudxnlc.shop/index/index.php?lpkey=176714b5603f109598&isp=Blix%20Group%20As&uclick=e2a79zci&uclickhash=e2a79zci-e2a79zci-6ji4-fe-i4-ci-oj-58f5e2 CertificateIssuerLet's Encrypt Subjectftgheeudxnlc.shop Fingerprint6D:47:E0:CB:6D:60:6F:F7:94:04:0A:FB:B5:E7:7B:B4:C6:45:E3:60 ValiditySun, 07 Apr 2024 12:35:05 GMT - Sat, 06 Jul 2024 12:35:04 GMT
File typePNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced Hash60eb0dc8cc7745e3d0da9f35c7016a20 c7adf7f8946f44e59546db8ee3f881c3b48401fb ccbe0999fcbaed0e3d8a5121a9f5ac5af3306526cce928beadbc0c340770088a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index/favicon-isp.png HTTP/1.1
Host: ftgheeudxnlc.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ftgheeudxnlc.shop/index/index.php?lpkey=176714b5603f109598&isp=Blix%20Group%20As&uclick=e2a79zci&uclickhash=e2a79zci-e2a79zci-6ji4-fe-i4-ci-oj-58f5e2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 May 2024 21:54:59 GMT
content-type: image/png
content-length: 2174
last-modified: Wed, 17 Feb 2021 14:05:54 GMT
etag: "602d22c2-87e"
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nO3lgbk%2FzmN8B4CYB%2FVAPmyGcdDF6RZ9YHDSljNfets9wBQ3SzBInVVDdZjnEjK8XqTGe8ki8GJuABDDyQaScXS%2Fx3j1XuSmVG354CjeIs9qXLDnn2VI9otOFQqiIuOt9ND7GA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d3035f394256ae-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ip.nf/me.json | 3.73.104.221 | 200 OK | 254 B |
IP3.73.104.221:443
Requested byhttps://ftgheeudxnlc.shop/index/index.php?lpkey=176714b5603f109598&isp=Blix%20Group%20As&uclick=e2a79zci&uclickhash=e2a79zci-e2a79zci-6ji4-fe-i4-ci-oj-58f5e2 CertificateIssuerLet's Encrypt Subjectip.nf FingerprintC3:D4:14:31:CF:C1:4F:5D:C4:46:F3:03:87:08:27:54:F2:B7:6D:46 ValiditySun, 14 Apr 2024 23:40:49 GMT - Sat, 13 Jul 2024 23:40:48 GMT
Hash7ee77928b92f62af3fe4b740de6f1a40 9c66c2951deb18e4a4550dd0ba3a553757bab9b0 394b5969965237c7dea346b42d7abdac52c05ce3f416b7e0c0da59a42d99ebbd
GET /me.json HTTP/1.1
Host: ip.nf
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ftgheeudxnlc.shop
DNT: 1
Connection: keep-alive
Referer: https://ftgheeudxnlc.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://ftgheeudxnlc.shop
content-type: application/json
date: Wed, 01 May 2024 21:54:59 GMT
x-robots-tag: noindex
content-length: 254
X-Firefox-Spdy: h2
|
|
| ftgheeudxnlc.shop/index/isp-v1-css6.css | 104.21.95.248 | 200 OK | 6.2 kB |
URL GET HTTP/3ftgheeudxnlc.shop/index/isp-v1-css6.css IP104.21.95.248:443
Requested byhttps://ftgheeudxnlc.shop/index/index.php?lpkey=176714b5603f109598&isp=Blix%20Group%20As&uclick=e2a79zci&uclickhash=e2a79zci-e2a79zci-6ji4-fe-i4-ci-oj-58f5e2 CertificateIssuerLet's Encrypt Subjectftgheeudxnlc.shop Fingerprint6D:47:E0:CB:6D:60:6F:F7:94:04:0A:FB:B5:E7:7B:B4:C6:45:E3:60 ValiditySun, 07 Apr 2024 12:35:05 GMT - Sat, 06 Jul 2024 12:35:04 GMT
File typeASCII text, with very long lines (6122), with no line terminators Hash20f9457b505b3fb4c7989733569158ec 9310522ab509b2b81f313473752ab5951c36aa0c ca3ea6d1fe5120e313bcbce9d4801fe23d609beedc46da2ce0fa34fc7d224c54
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index/isp-v1-css6.css HTTP/1.1
Host: ftgheeudxnlc.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ftgheeudxnlc.shop/index/index.php?lpkey=176714b5603f109598&isp=Blix%20Group%20As&uclick=e2a79zci&uclickhash=e2a79zci-e2a79zci-6ji4-fe-i4-ci-oj-58f5e2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 May 2024 21:54:58 GMT
content-type: text/css
last-modified: Wed, 17 Feb 2021 14:05:22 GMT
etag: W/"602d22a2-17ea"
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mOohRPIWL0L8xRJnjr%2FI5tPdM6ugYBnUQoIKOI4m2Z7HVHzMSThDNaWAoliw1fqmQA4sEoElpUBP%2BKCOEJIU9x76uptb9hc6Ac4R6Nrj1%2BbUh7xp4NvUSgcgytT%2FjIUjT4Mx4w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d3035c3ec356ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ftgheeudxnlc.shop/index/flags/no.svg | 104.21.95.248 | 404 Not Found | 8.1 kB |
URL GET HTTP/3ftgheeudxnlc.shop/index/flags/no.svg IP104.21.95.248:443
Requested byhttps://ftgheeudxnlc.shop/index/index.php?lpkey=176714b5603f109598&isp=Blix%20Group%20As&uclick=e2a79zci&uclickhash=e2a79zci-e2a79zci-6ji4-fe-i4-ci-oj-58f5e2 CertificateIssuerLet's Encrypt Subjectftgheeudxnlc.shop Fingerprint6D:47:E0:CB:6D:60:6F:F7:94:04:0A:FB:B5:E7:7B:B4:C6:45:E3:60 ValiditySun, 07 Apr 2024 12:35:05 GMT - Sat, 06 Jul 2024 12:35:04 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash8eec510e57f5f732fd2cce73df7b73ef 3c0af39ecb3753c5fee3b53d063c7286019eac3b 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index/flags/no.svg HTTP/1.1
Host: ftgheeudxnlc.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ftgheeudxnlc.shop/index/index.php?lpkey=176714b5603f109598&isp=Blix%20Group%20As&uclick=e2a79zci&uclickhash=e2a79zci-e2a79zci-6ji4-fe-i4-ci-oj-58f5e2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Wed, 01 May 2024 21:54:59 GMT
content-type: text/html
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wlcEvvqLsCkyAI1A4udEPVegxC5rdV4xy6CZBck8L%2F7CFpnBgV2Q2T14C2JFrrLyCjhrUCtdiZKmglIw4VKsNHk4BPa%2BBuTbjdn%2Bckr47YamJinGqNIbnPkqgl3wMXvD%2BnmAWg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d3035fd9ae56ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ftgheeudxnlc.shop/index/lng/en.json | 104.21.95.248 | 200 OK | 11 kB |
URL GET HTTP/3ftgheeudxnlc.shop/index/lng/en.json IP104.21.95.248:443
Requested byhttps://ftgheeudxnlc.shop/index/index.php?lpkey=176714b5603f109598&isp=Blix%20Group%20As&uclick=e2a79zci&uclickhash=e2a79zci-e2a79zci-6ji4-fe-i4-ci-oj-58f5e2 CertificateIssuerLet's Encrypt Subjectftgheeudxnlc.shop Fingerprint6D:47:E0:CB:6D:60:6F:F7:94:04:0A:FB:B5:E7:7B:B4:C6:45:E3:60 ValiditySun, 07 Apr 2024 12:35:05 GMT - Sat, 06 Jul 2024 12:35:04 GMT
Hashb7022c2bef695b0501b732f8654aed52 00ce95f23c13ee54128889293cf6598e9a5c2df7 0457252191a18498b6ea4810c6dce3ba475dde952e85a18b5d4dcc67863549c6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index/lng/en.json HTTP/1.1
Host: ftgheeudxnlc.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://ftgheeudxnlc.shop/index/index.php?lpkey=176714b5603f109598&isp=Blix%20Group%20As&uclick=e2a79zci&uclickhash=e2a79zci-e2a79zci-6ji4-fe-i4-ci-oj-58f5e2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 May 2024 21:54:58 GMT
content-type: application/json
last-modified: Wed, 17 Feb 2021 14:05:14 GMT
etag: W/"602d229a-f7c"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=scUKDRsBN2fadgth4rfftUFWKfJ%2FULNJlS7IYi%2Bqu51tSsFU44CbbA77VuDPo4S%2FSI2yS2xLBJa9WzlGKwTI4QZveKkI9KTr3os1Zr7MsX2bJZv69Dqp7KHujOF4BelcJ4dayg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d3035e283b56ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ftgheeudxnlc.shop/index/index.php?lpkey=176714b5603f109598&isp=Blix%20Group%20As&uclick=e2a79zci&uclickhash=e2a79zci-e2a79zci-6ji4-fe-i4-ci-oj-58f5e2 | 104.21.95.248 | 200 OK | 34 kB |
URL User Request GET HTTP/2ftgheeudxnlc.shop/index/index.php?lpkey=176714b5603f109598&isp=Blix%20Group%20As&uclick=e2a79zci&uclickhash=e2a79zci-e2a79zci-6ji4-fe-i4-ci-oj-58f5e2 IP104.21.95.248:443
CertificateIssuerLet's Encrypt Subjectftgheeudxnlc.shop Fingerprint6D:47:E0:CB:6D:60:6F:F7:94:04:0A:FB:B5:E7:7B:B4:C6:45:E3:60 ValiditySun, 07 Apr 2024 12:35:05 GMT - Sat, 06 Jul 2024 12:35:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index/index.php?lpkey=176714b5603f109598&isp=Blix%20Group%20As&uclick=e2a79zci&uclickhash=e2a79zci-e2a79zci-6ji4-fe-i4-ci-oj-58f5e2 HTTP/1.1
Host: ftgheeudxnlc.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 May 2024 21:54:58 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qrjSCquWec5wHWXIS1JX1Ue8F5emtw45lj2kkF%2FEZzr8ZpI6Tub4kjgq1mTQEfxI0ZihO3PhvlsXScCGKPRqHtrKPPyYFKTPLXTSPhH6BJ%2Fi25zX9ftYyLr17EcY9Rotc4yR5g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d3035a5d24b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ftgheeudxnlc.shop/index/isp-v1-css1.css | 104.21.95.248 | 200 OK | 5.4 kB |
URL GET HTTP/3ftgheeudxnlc.shop/index/isp-v1-css1.css IP104.21.95.248:443
Requested byhttps://ftgheeudxnlc.shop/index/index.php?lpkey=176714b5603f109598&isp=Blix%20Group%20As&uclick=e2a79zci&uclickhash=e2a79zci-e2a79zci-6ji4-fe-i4-ci-oj-58f5e2 CertificateIssuerLet's Encrypt Subjectftgheeudxnlc.shop Fingerprint6D:47:E0:CB:6D:60:6F:F7:94:04:0A:FB:B5:E7:7B:B4:C6:45:E3:60 ValiditySun, 07 Apr 2024 12:35:05 GMT - Sat, 06 Jul 2024 12:35:04 GMT
File typeASCII text, with very long lines (5415), with no line terminators Hash2678c7ec26525c6e9cb3be600759c2e8 9645ee8d735b2a1fe2b1b298baf964d64bcf89c5 404e4b9aff110997a0bbecef33738ef571ac4ffc3572c268233508a7ba8f10e5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index/isp-v1-css1.css HTTP/1.1
Host: ftgheeudxnlc.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ftgheeudxnlc.shop/index/index.php?lpkey=176714b5603f109598&isp=Blix%20Group%20As&uclick=e2a79zci&uclickhash=e2a79zci-e2a79zci-6ji4-fe-i4-ci-oj-58f5e2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 01 May 2024 21:54:58 GMT
content-type: text/css
last-modified: Wed, 17 Feb 2021 14:05:22 GMT
etag: W/"602d22a2-1525"
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jDWYTcHgVhTXxGUcnjkmsDHJTIjtXXP0%2FYmtMyxhJPhye0HkJfMqCTtN57vu9WwRfmBO4uSVSrKfwyJu4axKJjLUv4iWTBIn%2FXzFu1kjaJSyKcX%2Bh4mDjA8i6ti3%2FHCMk3E4Jg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d3035c3ec656ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|