Report - xk12zju7cx5j4z.xyz/

Report Overview

Submitted URL
xk12zju7cx5j4z.xyz/
IP
216.240.130.67
ASN
#35916 MULTA-ASN1
Submitted
2022-12-07 20:57:40
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
86

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
xk12zju7cx5j4z.xyz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	14 kB	1.2 MB	216.240.130.67
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.76.226
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	797 B	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.166.172.24
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	55 kB	34.120.237.76
cdn1.edgedatg.com	67552	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	419 B	22 kB	2.18.173.166

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-07	medium	xk12zju7cx5j4z.xyz	Sinkholed
2022-12-07	medium	xk12zju7cx5j4z.xyz	Sinkholed
2022-12-07	medium	xk12zju7cx5j4z.xyz	Sinkholed
2022-12-07	medium	xk12zju7cx5j4z.xyz	Sinkholed
2022-12-07	medium	xk12zju7cx5j4z.xyz	Sinkholed
2022-12-07	medium	xk12zju7cx5j4z.xyz	Sinkholed
2022-12-07	medium	xk12zju7cx5j4z.xyz	Sinkholed
2022-12-07	medium	xk12zju7cx5j4z.xyz	Sinkholed
2022-12-07	medium	xk12zju7cx5j4z.xyz	Sinkholed
2022-12-07	medium	xk12zju7cx5j4z.xyz	Sinkholed
2022-12-07	medium	xk12zju7cx5j4z.xyz	Sinkholed
2022-12-07	medium	xk12zju7cx5j4z.xyz	Sinkholed
2022-12-07	medium	xk12zju7cx5j4z.xyz	Sinkholed
2022-12-07	medium	xk12zju7cx5j4z.xyz	Sinkholed
2022-12-07	medium	xk12zju7cx5j4z.xyz	Sinkholed
2022-12-07	medium	xk12zju7cx5j4z.xyz	Sinkholed
2022-12-07	medium	xk12zju7cx5j4z.xyz	Sinkholed
2022-12-07	medium	xk12zju7cx5j4z.xyz	Sinkholed
2022-12-07	medium	xk12zju7cx5j4z.xyz	Sinkholed
2022-12-07	medium	xk12zju7cx5j4z.xyz	Sinkholed
2022-12-07	medium	xk12zju7cx5j4z.xyz	Sinkholed
2022-12-07	medium	xk12zju7cx5j4z.xyz	Sinkholed
2022-12-07	medium	xk12zju7cx5j4z.xyz	Sinkholed
2022-12-07	medium	xk12zju7cx5j4z.xyz	Sinkholed
2022-12-07	medium	xk12zju7cx5j4z.xyz	Sinkholed
2022-12-07	medium	xk12zju7cx5j4z.xyz	Sinkholed
2022-12-07	medium	xk12zju7cx5j4z.xyz	Sinkholed
2022-12-07	medium	xk12zju7cx5j4z.xyz	Sinkholed
2022-12-07	medium	xk12zju7cx5j4z.xyz	Sinkholed
2022-12-07	medium	xk12zju7cx5j4z.xyz	Sinkholed
2022-12-07	medium	xk12zju7cx5j4z.xyz	Sinkholed
2022-12-07	medium	xk12zju7cx5j4z.xyz	Sinkholed
2022-12-07	medium	xk12zju7cx5j4z.xyz	Sinkholed
2022-12-07	medium	xk12zju7cx5j4z.xyz	Sinkholed
2022-12-07	medium	xk12zju7cx5j4z.xyz	Sinkholed
2022-12-07	medium	xk12zju7cx5j4z.xyz	Sinkholed
2022-12-07	medium	xk12zju7cx5j4z.xyz	Sinkholed
2022-12-07	medium	xk12zju7cx5j4z.xyz	Sinkholed
2022-12-07	medium	xk12zju7cx5j4z.xyz	Sinkholed
2022-12-07	medium	xk12zju7cx5j4z.xyz	Sinkholed
2022-12-07	medium	xk12zju7cx5j4z.xyz	Sinkholed
2022-12-07	medium	xk12zju7cx5j4z.xyz	Sinkholed
2022-12-07	medium	xk12zju7cx5j4z.xyz	Sinkholed

JavaScript (8)

	URL	Size	First Seen	Last Seen
	xk12zju7cx5j4z.xyz/?type=really	1.1 kB	2023-03-08	2023-04-01
Pretty URL xk12zju7cx5j4z.xyz/?type=really IP 216.240.130.67 ASN #35916 MULTA-ASN1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:33:41 Last Seen2023-04-01 10:49:03 Times Seen3 Hash fbd59944e53655af92a14a6a87d8b411 a39f0e6b68cd5768e282f41abc64bad3314c3633 2e0f236a01a1da47e6bb3f719269bd433b6cbd39bdf347300f43b2d87dd8c300 Loading...

	xk12zju7cx5j4z.xyz/?type=really	1.0 kB	2023-03-08	2023-04-01
Pretty URL xk12zju7cx5j4z.xyz/?type=really IP 216.240.130.67 ASN #35916 MULTA-ASN1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:33:41 Last Seen2023-04-01 10:49:03 Times Seen3 Hash 9b2031aaa2ffbb0efe41792ee21bae2a 87a20e5f918c4b045bce15d4486c5089dec9279e fd347ab290d072dc2d551600c269daae281ba46f5fe4c160dcdb63e24749cb4c Loading...

	xk12zju7cx5j4z.xyz/?type=really	1.1 kB	2023-03-08	2023-03-14
Pretty URL xk12zju7cx5j4z.xyz/?type=really IP 216.240.130.67 ASN #35916 MULTA-ASN1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:33:41 Last Seen2023-03-14 07:01:37 Times Seen1 Hash 78aae8643045484b83b0b2453db8515f 03f0c703b0c96a4c6215b9bfe59f9f4e5aaaa3f2 e4ccceb104a7754fa448bdb1bdd03d6a437d1cf0d817a1caa15cbb124b65fb11 Loading...

	xk12zju7cx5j4z.xyz/?type=really	395 B	2023-03-08	2023-12-30
Pretty URL xk12zju7cx5j4z.xyz/?type=really IP 216.240.130.67 ASN #35916 MULTA-ASN1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:33:41 Last Seen2023-12-30 00:46:01 Times Seen5 Hash 973c8a7628b19254cad808afaf7471fd 008f0086aec35a4597339d3c64d84141436d89f5 b538be3256d8451ffd02c5a341f04ca5b2ba609cdbea5f8603e77d8a722e86c7 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 87816eb390ebc3ee5a98b70763f600f5	63 B	2023-03-07	2024-04-13
Pretty Observations First Seen2023-03-07 01:07:06 Last Seen2024-04-13 18:14:23 Times Seen313 Hash 87816eb390ebc3ee5a98b70763f600f5 506cd38ead4b9a7c02411247c76da5e8f8db1182 7beb7938591dd375a15a478331d461a56e9e6dc2460a2b886ecdc3e163d11d88 Loading...

		Size	First Seen	Last Seen
	#1 Write - f8f6166c5d23f1d7741521a16235ca76	26 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 20:33:41 Last Seen2023-03-08 21:09:51 Times Seen1 Hash f8f6166c5d23f1d7741521a16235ca76 14b0cbb2c378c4fb18a7250c763d60f23fdcc91b 88001ed4f98bdea5dd38dbe653d9e10d6a08bfd3f27f517a70f41e999773708f Loading...

	#2 Write - 3b9d844fab193c203a9009c961b55e21	27 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 20:33:41 Last Seen2023-03-08 21:09:51 Times Seen1 Hash 3b9d844fab193c203a9009c961b55e21 46dc7de45861531b6595ed59c13806e3c711761b 690e0c1fcb4d8e45184e04dc96255611a3d963ac570422e2b1d3fcf85c39c35e Loading...

	#3 Write - dbec22f4353f2ac9c82b3e99656c24c5	27 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 20:33:41 Last Seen2023-03-08 21:09:51 Times Seen1 Hash dbec22f4353f2ac9c82b3e99656c24c5 0df7f614aee117dff04be60f61b81b308af2c915 f0cae1ec6a7b0f641b342291019efe015b15f9941613bee0b4e733881d22edcd Loading...

HTTP Transactions (62)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3330
Expires: Wed, 07 Dec 2022 21:52:59 GMT
Date: Wed, 07 Dec 2022 20:57:29 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20088
Expires: Thu, 08 Dec 2022 02:32:17 GMT
Date: Wed, 07 Dec 2022 20:57:29 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 07 Dec 2022 20:08:05 GMT
content-type: application/json
age: 2964
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
00e7703bd74975689fc9050356aaca6b
9788fe6a36d6f278e8da329ebc5dd87bcd212317
593bc437ff8a8233516c62613d50220fcb25b9f967ed5fb384c253f0db135103

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "593BC437FF8A8233516C62613D50220FCB25B9F967ED5FB384C253F0DB135103"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10841
Expires: Wed, 07 Dec 2022 23:58:10 GMT
Date: Wed, 07 Dec 2022 20:57:29 GMT
Connection: keep-alive

xk12zju7cx5j4z.xyz/

216.240.130.67

200 OK

168 B

URL HTTP/1.1
xk12zju7cx5j4z.xyz/
IP
216.240.130.67:0
ASN
#35916 MULTA-ASN1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
168 B (168 bytes)
Hash
b7949a2c2cec5d0fc76270710f132d4e
a51a1a70d14193182bc1cca339efbf805da63a34
0de73e0545467494dda68a11a3203376a2653991d9b4ec3d0376175f23802a21

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: xk12zju7cx5j4z.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 20:57:29 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 168
Content-Type: text/html; charset=UTF-8

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: an/82lVRfsf+1Nh09oO43qQJEel0blhEIumcGwdSmQLW9bBwbxkcNmPCEKlaiafJERc2I9Ap/rAGzr98HQaMtg==
x-amz-request-id: QE2DX2YRMW325BNC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 07 Dec 2022 20:49:30 GMT
age: 479
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 20:57:29 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

xk12zju7cx5j4z.xyz/favicon.ico

216.240.130.67

200 OK

168 B

URL HTTP/1.1
xk12zju7cx5j4z.xyz/favicon.ico
IP
216.240.130.67:0
ASN
#35916 MULTA-ASN1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
168 B (168 bytes)
Hash
b7949a2c2cec5d0fc76270710f132d4e
a51a1a70d14193182bc1cca339efbf805da63a34
0de73e0545467494dda68a11a3203376a2653991d9b4ec3d0376175f23802a21

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: xk12zju7cx5j4z.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xk12zju7cx5j4z.xyz/

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 20:57:29 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 168
Content-Type: text/html; charset=UTF-8

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 07 Dec 2022 20:07:55 GMT
age: 2974
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
053aff7451e55d4269dd9610ab070f3f
b3376256d11d159b0c7280ba1515b78d7d9e12ca
24114ca560fe70d03185bd66985603fd5a03dc310aa9a8ea7a7b3723ed46ce3e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4513
Cache-Control: max-age=134673
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 20:57:30 GMT
Etag: "639057aa-1d7"
Expires: Fri, 09 Dec 2022 10:22:03 GMT
Last-Modified: Wed, 07 Dec 2022 09:06:50 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

xk12zju7cx5j4z.xyz/?type=really

216.240.130.67

200 OK

12 kB

URL HTTP/1.1
xk12zju7cx5j4z.xyz/?type=really
IP
216.240.130.67:0
ASN
#35916 MULTA-ASN1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (631)
Size
12 kB (12519 bytes)
Hash
123de0a37726ff16068422219a410c65
8df3219686b299c70e2a6affc3f6fcf27a221f0b
4159fdef58c7ae97a72dcd30ad551458f7d4074b0e459ace99ce203d4fb43095

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /?type=really HTTP/1.1
Host: xk12zju7cx5j4z.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xk12zju7cx5j4z.xyz/
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 20:57:30 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12519
Content-Type: text/html; charset=utf-8

push.services.mozilla.com/

35.166.172.24

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.166.172.24:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: y5TVz0k2OZeXam+xVfQx/Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ndltxO5MumSwAf2oC2z9493Bj5g=

xk12zju7cx5j4z.xyz/index_files/abc.css

216.240.130.67

200 OK

59 kB

URL HTTP/1.1
xk12zju7cx5j4z.xyz/index_files/abc.css
IP
216.240.130.67:0
ASN
#35916 MULTA-ASN1

File type
ASCII text, with very long lines (65536), with no line terminators
Size
59 kB (59021 bytes)
Hash
8bde0852a89c4d5610cb17f1933c12de
7a480266bc1b063df5e5200f72835f2d6f8f133f
56aa2434b912606a09e590ab586cae8cedb39ef3fe3a220f0d1c23d06bce76ed

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/abc.css HTTP/1.1
Host: xk12zju7cx5j4z.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xk12zju7cx5j4z.xyz/?type=really

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 20:57:30 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Mon, 14 Nov 2022 15:21:09 GMT
ETag: "6d00f-5ed6fc9f747d7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 59021
Content-Type: text/css

xk12zju7cx5j4z.xyz/index_files/abcfonts.css

216.240.130.67

200 OK

171 kB

URL HTTP/1.1
xk12zju7cx5j4z.xyz/index_files/abcfonts.css
IP
216.240.130.67:0
ASN
#35916 MULTA-ASN1

File type
ASCII text, with very long lines (65536), with no line terminators
Size
171 kB (170634 bytes)
Hash
cf954b8f5af69c00c0907fc9f82e0fab
0ce7e8d7fa0c33958f6a29e1bb1f1c75fcdb7d71
a18878df172a742d1cde6f1b9ff6bd0d89e12c68af20e7bb26cb81b47b392491

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/abcfonts.css HTTP/1.1
Host: xk12zju7cx5j4z.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xk12zju7cx5j4z.xyz/?type=really

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 20:57:30 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Mon, 14 Nov 2022 15:21:09 GMT
ETag: "3aa02-5ed6fca011b8b-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/css

xk12zju7cx5j4z.xyz/index_files/59.jpg

216.240.130.67

200 OK

1.7 kB

URL HTTP/1.1
xk12zju7cx5j4z.xyz/index_files/59.jpg
IP
216.240.130.67:0
ASN
#35916 MULTA-ASN1

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Size
1.7 kB (1671 bytes)
Hash
4bdd2042d29565c8929c4f48da676630
e63d5fb4f70341e2a04899d52a42e6a561a0e9f0
8b2512514be8d054e7999cbc442ce4ecba69f6a63b6800f142f7a5fddafe96ba

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/59.jpg HTTP/1.1
Host: xk12zju7cx5j4z.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xk12zju7cx5j4z.xyz/?type=really

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 20:57:31 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Mon, 14 Nov 2022 15:21:08 GMT
ETag: "687-5ed6fc9ea5355"
Accept-Ranges: bytes
Content-Length: 1671
Content-Type: image/jpeg

xk12zju7cx5j4z.xyz/index_files/399.jpg

216.240.130.67

200 OK

1.5 kB

URL HTTP/1.1
xk12zju7cx5j4z.xyz/index_files/399.jpg
IP
216.240.130.67:0
ASN
#35916 MULTA-ASN1

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Size
1.5 kB (1507 bytes)
Hash
23e920fd3d75f74127a85fc05178cf73
001902776ae526ba4c4cc532b8e0deae59aa1e29
c10aee17327a39c0dae8c9f3b33a1608ff289f7f09468bc8dc7ebc4f84f67fe6

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/399.jpg HTTP/1.1
Host: xk12zju7cx5j4z.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xk12zju7cx5j4z.xyz/?type=really

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 20:57:31 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Mon, 14 Nov 2022 15:21:02 GMT
ETag: "5e3-5ed6fc9936c8b"
Accept-Ranges: bytes
Content-Length: 1507
Content-Type: image/jpeg

xk12zju7cx5j4z.xyz/index_files/379.jpg

216.240.130.67

200 OK

1.6 kB

URL HTTP/1.1
xk12zju7cx5j4z.xyz/index_files/379.jpg
IP
216.240.130.67:0
ASN
#35916 MULTA-ASN1

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Size
1.6 kB (1644 bytes)
Hash
0bca2f389670ea953f1951e2f2d7ceed
619da07ea64a28b3fdc199a1a78e17a26cd1ca27
b131df0cada0d3b958224ef819bd8908a94aff0e22b017e25adac5709b1a16d2

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/379.jpg HTTP/1.1
Host: xk12zju7cx5j4z.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xk12zju7cx5j4z.xyz/?type=really

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 20:57:31 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Mon, 14 Nov 2022 15:21:00 GMT
ETag: "66c-5ed6fc97681f8"
Accept-Ranges: bytes
Content-Length: 1644
Content-Type: image/jpeg

xk12zju7cx5j4z.xyz/index_files/334.jpg

216.240.130.67

200 OK

1.9 kB

URL HTTP/1.1
xk12zju7cx5j4z.xyz/index_files/334.jpg
IP
216.240.130.67:0
ASN
#35916 MULTA-ASN1

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Size
1.9 kB (1857 bytes)
Hash
06961cedc6aab457a53029ade5ee6946
0b5cecf3ac49d51745acf55f1b611e14b0efb3d4
5bc371748b36101982a37bc45a1ce874ec15986098acaadb67bdee45e1014d37

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/334.jpg HTTP/1.1
Host: xk12zju7cx5j4z.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xk12zju7cx5j4z.xyz/?type=really

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 20:57:31 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Mon, 14 Nov 2022 15:20:59 GMT
ETag: "741-5ed6fc9630971"
Accept-Ranges: bytes
Content-Length: 1857
Content-Type: image/jpeg

xk12zju7cx5j4z.xyz/index_files/2.png

216.240.130.67

200 OK

7.9 kB

URL HTTP/1.1
xk12zju7cx5j4z.xyz/index_files/2.png
IP
216.240.130.67:0
ASN
#35916 MULTA-ASN1

File type
PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
7.9 kB (7895 bytes)
Hash
8f9f2a5174d281cb8428339461ab2a9d
def269fc36780b4c49ae2b52698f79f496c3d538
cfe2ebd293b46dcad35c1fd6fc4dc65269a2d9874cc601ddfda45f1d86b184bb

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/2.png HTTP/1.1
Host: xk12zju7cx5j4z.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xk12zju7cx5j4z.xyz/?type=really

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 20:57:31 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Mon, 14 Nov 2022 15:20:58 GMT
ETag: "1ed7-5ed6fc94fc799"
Accept-Ranges: bytes
Content-Length: 7895
Content-Type: image/png

xk12zju7cx5j4z.xyz/index_files/1.png

216.240.130.67

200 OK

8.5 kB

URL HTTP/1.1
xk12zju7cx5j4z.xyz/index_files/1.png
IP
216.240.130.67:0
ASN
#35916 MULTA-ASN1

File type
PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
8.5 kB (8495 bytes)
Hash
3dcb2b6235077b548d0756e9b487258c
1bda0f9fc5c35e5d48962760415dbd4faab6fcab
48d99ce86194a9d45c989f65899388a2896c0f2c7be91b172a12962a12519069

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/1.png HTTP/1.1
Host: xk12zju7cx5j4z.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xk12zju7cx5j4z.xyz/?type=really

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 20:57:31 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Mon, 14 Nov 2022 15:20:57 GMT
ETag: "212f-5ed6fc94626ae"
Accept-Ranges: bytes
Content-Length: 8495
Content-Type: image/png

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8945
Expires: Wed, 07 Dec 2022 23:26:36 GMT
Date: Wed, 07 Dec 2022 20:57:31 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8945
Expires: Wed, 07 Dec 2022 23:26:36 GMT
Date: Wed, 07 Dec 2022 20:57:31 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8945
Expires: Wed, 07 Dec 2022 23:26:36 GMT
Date: Wed, 07 Dec 2022 20:57:31 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6557 bytes)
Hash
210b27f5f6310d8fad640acce3d9ae0e
08d241e56622cb900754d95bc5d58ed8826d9f32
64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcuMG6bIAMFUng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: va_vly0iX6rzm_aTWrryPRjoTWlI-_0m6rpS6VrTx-nsd71dk1cSZw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 06:11:41 GMT
age: 53150
etag: "08d241e56622cb900754d95bc5d58ed8826d9f32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8701 bytes)
Hash
604a4132da78a0c013b5818644adb121
ddf982c6ff7a0d8e5376c119b6642fe7e0ba8566
eecab519c33596c67f2d2021dfd1af24e7fd8f2ed403f99b4ba0c265c08a259f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8701
x-amzn-requestid: 653284c3-ee7f-45f1-9513-3a6c81e1d6e3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cm3-2HRWIAMFjfg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c39f8-6f8969a26787a9463ba6c2ec;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 06:11:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EpyIdH9YEXjxbGhZpBIfzoZHQxMvAKl0eCFQsgMt0e1SSeWsiuey7g==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:15:06 GMT
age: 81745
etag: "ddf982c6ff7a0d8e5376c119b6642fe7e0ba8566"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc501a87-1b50-43f3-8031-2c93f724dc91.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9613 bytes)
Hash
b92721cbe24623f1713a5248d6a7c1b2
3628390c62642dcc375b28f58c9b48180c4abd73
37d0451c03bc7cf0253aba6d3204cbf38502692a0fbc751a3ead01b07e9a65d6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc501a87-1b50-43f3-8031-2c93f724dc91.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9613
x-amzn-requestid: 3542fd4f-74e3-450b-b7fc-04034d680bf4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cslIEEDtIAMFfuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e8233-40eaebed627d374d0910e456;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 23:43:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2aI7z8gOkQiNDlj2tbsoWibfupjl25ZjoO_QRbfmXQKwO-yF455yXg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 07:18:37 GMT
age: 49134
etag: "3628390c62642dcc375b28f58c9b48180c4abd73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80a12c85-454b-4e03-bf75-3fa8228659c0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6846 bytes)
Hash
a7ee62c5e846e8ad4808f4724f15146d
6d55b299f906908309f91eaf0a720ad65866db04
0d8f51d6f7f3bad4bb9d9c3000999739147f6dd718b290b0dca71a4cba85cb38

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80a12c85-454b-4e03-bf75-3fa8228659c0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6846
x-amzn-requestid: 53452103-6559-460c-ac40-4685e6816aa4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGx4E-mIAMFatg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a5-5327ec9a2f247cc91654df80;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Znjnq24wuXoi43Bfc9aPdcUHhMh-a00hSCXUHFpHq3sTtQQoUYe6Uw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 07:10:36 GMT
age: 49615
etag: "6d55b299f906908309f91eaf0a720ad65866db04"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11224 bytes)
Hash
b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ViuPsZBEVJ-aGOcsfrl3nXu244mzMUMQVhpPeNlO7W3sBrrfuUfXpA==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:32:04 GMT
age: 80727
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ffa93b-2002-4f40-ab8b-aa163e9b5939.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6186 bytes)
Hash
535710165275856757bd7d1689f79de3
d51162b7fcba50022482b7130a556f3a7dfe822f
c93e2df13b78cd4b718eb4fe3fe70a9d6d12fd0a0d7f505219ec0d5e6a70653c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ffa93b-2002-4f40-ab8b-aa163e9b5939.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6186
x-amzn-requestid: 53d1d373-ff6c-4c59-bdeb-fff592bca586
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUsyGOEIAMFwfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e67eb-0156077b52dc07fb124c087b;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:51:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4ORpzqbzQyJz_i3wpxf_07mXK3ovj1JT8kn-M9fdrGRgDVig7hhN5w==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 12:20:15 GMT
age: 31036
etag: "d51162b7fcba50022482b7130a556f3a7dfe822f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

cdn1.edgedatg.com/abc/prod/images/abc-tile-image-fallback.png

2.18.173.166

200 OK

22 kB

URL HTTP/1.1
cdn1.edgedatg.com/abc/prod/images/abc-tile-image-fallback.png
IP
2.18.173.166:0
ASN
#16625 AKAMAI-AS

File type
PNG image data, 850 x 478, 8-bit/color RGBA, interlaced\012- data
Size
22 kB (21715 bytes)
Hash
7991459a5225857a2a700442a4f44e7f
f83450965da8c4af6e218d9bcd1108a1490ba152
7b5eb345ec60fe35eda4003c8ea5876177ab2e60e3e8e53c72c75b0988216aa7

HTTP Headers

GET /abc/prod/images/abc-tile-image-fallback.png HTTP/1.1
Host: cdn1.edgedatg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://xk12zju7cx5j4z.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 21715
x-amz-id-2: ItrLNAXbJcdOGAdjdnyW4bMpg/t26Y0lrX/bessRRh8bvx3rppAMgOIjlaBUJZCRy96c7H8DlFc=
x-amz-request-id: 1H5H14XFKDG6WZH1
Last-Modified: Fri, 09 Feb 2018 08:10:20 GMT
x-amz-version-id: null
ETag: "7991459a5225857a2a700442a4f44e7f"
Server: AmazonS3
X-VG-WebCache: 140
X-Cacheable: YES
Accept-Ranges: bytes
X-Varnish: 1708082221
Access-Control-Allow-Origin: *
Unused62: 8096267
Cache-Control: max-age=29253448
Date: Wed, 07 Dec 2022 20:57:31 GMT
Connection: keep-alive

xk12zju7cx5j4z.xyz/index_files/unc1.jpg

216.240.130.67

200 OK

23 kB

URL HTTP/1.1
xk12zju7cx5j4z.xyz/index_files/unc1.jpg
IP
216.240.130.67:0
ASN
#35916 MULTA-ASN1

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 400x227, components 3\012- data
Size
23 kB (23148 bytes)
Hash
c9059637ff4f1d01278bd8a28d51c68c
35ed586ad15154b340001128eee931e9beb225e6
1d58057044670441633de71b0fb129202e36c44ead84b43bde9357e1c0024440

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/unc1.jpg HTTP/1.1
Host: xk12zju7cx5j4z.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xk12zju7cx5j4z.xyz/?type=really

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 20:57:31 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Mon, 14 Nov 2022 15:21:19 GMT
ETag: "5a6c-5ed6fca9ceb81"
Accept-Ranges: bytes
Content-Length: 23148
Content-Type: image/jpeg

xk12zju7cx5j4z.xyz/index_files/unc2.jpg

216.240.130.67

200 OK

23 kB

URL HTTP/1.1
xk12zju7cx5j4z.xyz/index_files/unc2.jpg
IP
216.240.130.67:0
ASN
#35916 MULTA-ASN1

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 400x227, components 3\012- data
Size
23 kB (23247 bytes)
Hash
66440d4605e291eb398c5b894545077e
46299f5cdabae863ab1a2b021ea202c6e8adba64
271c931da0879fd77b211bf0455bef82d92d2ffb2fb1e7bb3683c5a28e383481

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/unc2.jpg HTTP/1.1
Host: xk12zju7cx5j4z.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xk12zju7cx5j4z.xyz/?type=really

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 20:57:31 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Mon, 14 Nov 2022 15:21:20 GMT
ETag: "5acf-5ed6fcaa6b765"
Accept-Ranges: bytes
Content-Length: 23247
Content-Type: image/jpeg

xk12zju7cx5j4z.xyz/index_files/unc3.jpg

216.240.130.67

200 OK

24 kB

URL HTTP/1.1
xk12zju7cx5j4z.xyz/index_files/unc3.jpg
IP
216.240.130.67:0
ASN
#35916 MULTA-ASN1

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 400x227, components 3\012- data
Size
24 kB (23615 bytes)
Hash
b4305b70f34b9f6f910680b4ad64b376
2e79dfc896a19c1f11c1d3cc48af8aa7d0fc21dc
928cfc3070e5da61dfad45a29dae5017e669d00a4f4a39d822d957632a039db3

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/unc3.jpg HTTP/1.1
Host: xk12zju7cx5j4z.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xk12zju7cx5j4z.xyz/?type=really

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 20:57:31 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Mon, 14 Nov 2022 15:21:21 GMT
ETag: "5c3f-5ed6fcab06409"
Accept-Ranges: bytes
Content-Length: 23615
Content-Type: image/jpeg

xk12zju7cx5j4z.xyz/index_files/hoel.jpg

216.240.130.67

200 OK

87 kB

URL HTTP/1.1
xk12zju7cx5j4z.xyz/index_files/hoel.jpg
IP
216.240.130.67:0
ASN
#35916 MULTA-ASN1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1440x812, components 3\012- data
Size
87 kB (87308 bytes)
Hash
798e6851859d5f45b5c1cde009f35e67
71d914cdc2c3e68c9767dffb61d587a000443fef
f5f07a4a2f1e673913c917a571012537209aff05fe24317264531e093cfbeee8

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/hoel.jpg HTTP/1.1
Host: xk12zju7cx5j4z.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xk12zju7cx5j4z.xyz/?type=really

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 20:57:31 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Mon, 14 Nov 2022 15:21:14 GMT
ETag: "1550c-5ed6fca4ef9c2"
Accept-Ranges: bytes
Content-Length: 87308
Content-Type: image/jpeg

xk12zju7cx5j4z.xyz/index_files/Figur-1.jpg

216.240.130.67

200 OK

80 kB

URL HTTP/1.1
xk12zju7cx5j4z.xyz/index_files/Figur-1.jpg
IP
216.240.130.67:0
ASN
#35916 MULTA-ASN1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x500, components 3\012- data
Size
80 kB (79922 bytes)
Hash
a0751060e1a50fb8f2914a3ec0dfadfd
f97d2fc41c3a3f0e29d109124df5c763abe6760b
3a863bbf37839eedbc99dbf871b7167e6f4d83e59c22a377024974ae631fe795

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/Figur-1.jpg HTTP/1.1
Host: xk12zju7cx5j4z.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xk12zju7cx5j4z.xyz/?type=really

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 20:57:31 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Mon, 14 Nov 2022 15:21:12 GMT
ETag: "13832-5ed6fca31dc67"
Accept-Ranges: bytes
Content-Length: 79922
Content-Type: image/jpeg

xk12zju7cx5j4z.xyz/index_files/Figur-2.jpg

216.240.130.67

200 OK

110 kB

URL HTTP/1.1
xk12zju7cx5j4z.xyz/index_files/Figur-2.jpg
IP
216.240.130.67:0
ASN
#35916 MULTA-ASN1

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=500, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=750], progressive, precision 8, 750x500, components 3\012- data
Size
110 kB (110533 bytes)
Hash
f28ea977ea1b3912fa58c50d2d5a1059
a97be4d0ec5687122a599217f548f4bf2d593736
3e908f9cba00ae3909830697398ea6d752b52f23c5ffe1a87d5a53f7189e135c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/Figur-2.jpg HTTP/1.1
Host: xk12zju7cx5j4z.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xk12zju7cx5j4z.xyz/?type=really

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 20:57:31 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Mon, 14 Nov 2022 15:21:13 GMT
ETag: "1afc5-5ed6fca3b94c3"
Accept-Ranges: bytes
Content-Length: 110533
Content-Type: image/jpeg

xk12zju7cx5j4z.xyz/index_files/ba.jpg

216.240.130.67

200 OK

40 kB

URL HTTP/1.1
xk12zju7cx5j4z.xyz/index_files/ba.jpg
IP
216.240.130.67:0
ASN
#35916 MULTA-ASN1

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 750x326, components 3\012- data
Size
40 kB (39721 bytes)
Hash
595e00d27216e9b611cd7bbbd4dd50f8
c81585caa3e26bd39a90bd15c0412a26f18275a9
e8448e3fd4224b490ab0c03294cbd81c3caefa32aba925f5111d0cf7f68b5ddc

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/ba.jpg HTTP/1.1
Host: xk12zju7cx5j4z.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xk12zju7cx5j4z.xyz/?type=really

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 20:57:32 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Mon, 14 Nov 2022 15:21:10 GMT
ETag: "9b29-5ed6fca0acfff"
Accept-Ranges: bytes
Content-Length: 39721
Content-Type: image/jpeg

xk12zju7cx5j4z.xyz/index_files/schwestern.jpg

216.240.130.67

200 OK

67 kB

URL HTTP/1.1
xk12zju7cx5j4z.xyz/index_files/schwestern.jpg
IP
216.240.130.67:0
ASN
#35916 MULTA-ASN1

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 618x375, components 3\012- data
Size
67 kB (66915 bytes)
Hash
1dd6003ffbbc81e992c7952a69dec5ce
2454a74de1cf25802155321fce5ab958c3bdb89f
ab7b5c11219462c952c4f284f281ffc7ef69d4e554ea940f387102162edc67ec

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/schwestern.jpg HTTP/1.1
Host: xk12zju7cx5j4z.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xk12zju7cx5j4z.xyz/?type=really

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 20:57:31 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Mon, 14 Nov 2022 15:21:19 GMT
ETag: "10563-5ed6fca934a96"
Accept-Ranges: bytes
Content-Length: 66915
Content-Type: image/jpeg

xk12zju7cx5j4z.xyz/index_files/research.jpg

216.240.130.67

200 OK

54 kB

URL HTTP/1.1
xk12zju7cx5j4z.xyz/index_files/research.jpg
IP
216.240.130.67:0
ASN
#35916 MULTA-ASN1

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 609x317, components 3\012- data
Size
54 kB (54083 bytes)
Hash
836ef2327e041bd48ff85b3a23b8ee3e
9b7c538423b0b4e1872bb986ed6f92c447a547ed
3997dd8ba395b70911f7caca57a83b85ae1b7cc5d059d41249f9d8281e7730d4

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/research.jpg HTTP/1.1
Host: xk12zju7cx5j4z.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xk12zju7cx5j4z.xyz/?type=really

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 20:57:31 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Mon, 14 Nov 2022 15:21:16 GMT
ETag: "d343-5ed6fca6262aa"
Accept-Ranges: bytes
Content-Length: 54083
Content-Type: image/jpeg

xk12zju7cx5j4z.xyz/index_files/right2.jpg

216.240.130.67

200 OK

14 kB

URL HTTP/1.1
xk12zju7cx5j4z.xyz/index_files/right2.jpg
IP
216.240.130.67:0
ASN
#35916 MULTA-ASN1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 284x280, components 3\012- data
Size
14 kB (14156 bytes)
Hash
1d00f4724c158da40749c1ef18370936
a92dccb9dd8b0f0bbc8178fceab2dbb0b9501b64
68ce93c4ae7df095ca56fc73eb77ef3fc7bb3254db6597a37b490a6e9e203dbb

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/right2.jpg HTTP/1.1
Host: xk12zju7cx5j4z.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xk12zju7cx5j4z.xyz/?type=really

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 20:57:32 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Mon, 14 Nov 2022 15:21:16 GMT
ETag: "374c-5ed6fca6c3276"
Accept-Ranges: bytes
Content-Length: 14156
Content-Type: image/jpeg

xk12zju7cx5j4z.xyz/index_files/ba10.jpg

216.240.130.67

200 OK

66 kB

URL HTTP/1.1
xk12zju7cx5j4z.xyz/index_files/ba10.jpg
IP
216.240.130.67:0
ASN
#35916 MULTA-ASN1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 696x473, components 3\012- data
Size
66 kB (65639 bytes)
Hash
38d34f81668aa0bb76b4658fed4c87ae
f638a8cea967ebcb6788025829e129685d2494a3
5d4b4c8043b616627df1fe4782160aac98ff6c43b96dfa127cda0963a4ee59b2

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/ba10.jpg HTTP/1.1
Host: xk12zju7cx5j4z.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xk12zju7cx5j4z.xyz/?type=really

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 20:57:32 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Mon, 14 Nov 2022 15:21:11 GMT
ETag: "10067-5ed6fca1478bb"
Accept-Ranges: bytes
Content-Length: 65639
Content-Type: image/jpeg

xk12zju7cx5j4z.xyz/index_files/ba2.jpg

216.240.130.67

200 OK

61 kB

URL HTTP/1.1
xk12zju7cx5j4z.xyz/index_files/ba2.jpg
IP
216.240.130.67:0
ASN
#35916 MULTA-ASN1

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 750x326, components 3\012- data
Size
61 kB (61327 bytes)
Hash
21ab4f3c314b777953eb3754ca532495
f1b5fbab6651a74128651b8b7f0dcc89ceab8006
114f33dd3a23163045f5940cc8b7ecc111164bcdf04ea2b169236a727dc57bc3

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/ba2.jpg HTTP/1.1
Host: xk12zju7cx5j4z.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xk12zju7cx5j4z.xyz/?type=really

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 20:57:32 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Mon, 14 Nov 2022 15:21:11 GMT
ETag: "ef8f-5ed6fca1e5ff7"
Accept-Ranges: bytes
Content-Length: 61327
Content-Type: image/jpeg

xk12zju7cx5j4z.xyz/index_files/ba4.jpg

216.240.130.67

200 OK

39 kB

URL HTTP/1.1
xk12zju7cx5j4z.xyz/index_files/ba4.jpg
IP
216.240.130.67:0
ASN
#35916 MULTA-ASN1

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 379x340, components 3\012- data
Size
39 kB (39282 bytes)
Hash
5ba11e92f7e4b2b25ddc7499e6c53b92
a38e85e33a593dd3225de4e5f69620b0cc5a487b
34ba35f5f9477d71fd3d82d38cd2c965b2f37a3ba97387e6312689ad2f77f30e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/ba4.jpg HTTP/1.1
Host: xk12zju7cx5j4z.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xk12zju7cx5j4z.xyz/?type=really

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 20:57:32 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Mon, 14 Nov 2022 15:21:12 GMT
ETag: "9972-5ed6fca281083"
Accept-Ranges: bytes
Content-Length: 39282
Content-Type: image/jpeg

xk12zju7cx5j4z.xyz/index_files/right3.jpg

216.240.130.67

200 OK

19 kB

URL HTTP/1.1
xk12zju7cx5j4z.xyz/index_files/right3.jpg
IP
216.240.130.67:0
ASN
#35916 MULTA-ASN1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 284x280, components 3\012- data
Size
19 kB (19100 bytes)
Hash
a610c7acb515ae918f9a07406a823474
15943cd392ad98d79601a1a581b11de88f1fdce6
659dce22b5eec0534617ac0a13f46bafdfdaaa8d5e2e3e43ef30fe1ff5344bc4

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/right3.jpg HTTP/1.1
Host: xk12zju7cx5j4z.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xk12zju7cx5j4z.xyz/?type=really

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 20:57:32 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Mon, 14 Nov 2022 15:21:17 GMT
ETag: "4a9c-5ed6fca75fa72"
Accept-Ranges: bytes
Content-Length: 19100
Content-Type: image/jpeg

xk12zju7cx5j4z.xyz/index_files/right4.jpg

216.240.130.67

200 OK

21 kB

URL HTTP/1.1
xk12zju7cx5j4z.xyz/index_files/right4.jpg
IP
216.240.130.67:0
ASN
#35916 MULTA-ASN1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 284x280, components 3\012- data
Size
21 kB (20986 bytes)
Hash
b9846b12388ced33f2ff0a2442d1b9de
50f2b5ae820f1bdb52810c496bf6e4ef11259f4f
e6e67d723610ae4ec99dd0d7e2ebf2685144bc7196ee95dd09f686cb1dee4d41

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/right4.jpg HTTP/1.1
Host: xk12zju7cx5j4z.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xk12zju7cx5j4z.xyz/?type=really

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 20:57:32 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Mon, 14 Nov 2022 15:21:18 GMT
ETag: "51fa-5ed6fca7fbe86"
Accept-Ranges: bytes
Content-Length: 20986
Content-Type: image/jpeg

xk12zju7cx5j4z.xyz/index_files/right5.jpg

216.240.130.67

200 OK

26 kB

URL HTTP/1.1
xk12zju7cx5j4z.xyz/index_files/right5.jpg
IP
216.240.130.67:0
ASN
#35916 MULTA-ASN1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 259x300, components 3\012- data
Size
26 kB (26194 bytes)
Hash
1461b39acb0176bfffe56fe5dbe112f2
8005aeae8f18489dd27e6f556ec26d68422af8fa
4181d43d69a1121ef3ea820b9ee77d41589aa9fee55de75d83857eb845224a12

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/right5.jpg HTTP/1.1
Host: xk12zju7cx5j4z.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xk12zju7cx5j4z.xyz/?type=really

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 20:57:32 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Mon, 14 Nov 2022 15:21:18 GMT
ETag: "6652-5ed6fca8976e2"
Accept-Ranges: bytes
Content-Length: 26194
Content-Type: image/jpeg

xk12zju7cx5j4z.xyz/index_files/image_1_.png

216.240.130.67

200 OK

32 kB

URL HTTP/1.1
xk12zju7cx5j4z.xyz/index_files/image_1_.png
IP
216.240.130.67:0
ASN
#35916 MULTA-ASN1

File type
PNG image data, 463 x 99, 8-bit/color RGBA, non-interlaced\012- data
Size
32 kB (31652 bytes)
Hash
89ee0be0987035a4bb6807a27aa40df9
8f3719913178f87b4fae4e617516c718507e9624
c33554819fda829ec5f1ebfd293176b72bc63f3aa6c1a53b9c7716898fe1f291

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/image_1_.png HTTP/1.1
Host: xk12zju7cx5j4z.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xk12zju7cx5j4z.xyz/?type=really

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 20:57:32 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Mon, 14 Nov 2022 15:21:15 GMT
ETag: "7ba4-5ed6fca58a27e"
Accept-Ranges: bytes
Content-Length: 31652
Content-Type: image/png

xk12zju7cx5j4z.xyz/index_files/579x579-Q90_1f830a30280e776d84f9929ab3539b20.jpg

216.240.130.67

200 OK

5.9 kB

URL HTTP/1.1
xk12zju7cx5j4z.xyz/index_files/579x579-Q90_1f830a30280e776d84f9929ab3539b20.jpg
IP
216.240.130.67:0
ASN
#35916 MULTA-ASN1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 226x226, components 3\012- data
Size
5.9 kB (5868 bytes)
Hash
015686d0388a9d0e6d800be5d064abda
fd6e25933e50f08062018cecf985f9ba949d8d39
55a22189d4277fa132423602bfb5ea09311de7ae0a3650cb73b1a1032736eb8c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/579x579-Q90_1f830a30280e776d84f9929ab3539b20.jpg HTTP/1.1
Host: xk12zju7cx5j4z.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xk12zju7cx5j4z.xyz/?type=really

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 20:57:33 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Mon, 14 Nov 2022 15:21:05 GMT
ETag: "16ec-5ed6fc9c3a0c6"
Accept-Ranges: bytes
Content-Length: 5868
Content-Type: image/jpeg

xk12zju7cx5j4z.xyz/index_files/579x579-Q90_d21d6784dc3bc6f48e2bce4258e01f7a.jpg

216.240.130.67

200 OK

5.6 kB

URL HTTP/1.1
xk12zju7cx5j4z.xyz/index_files/579x579-Q90_d21d6784dc3bc6f48e2bce4258e01f7a.jpg
IP
216.240.130.67:0
ASN
#35916 MULTA-ASN1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 226x226, components 3\012- data
Size
5.6 kB (5590 bytes)
Hash
e22bf71c99eee8bfa0689df82d50cef8
ff5a349ae84f0fc84c083758eb52e9a1b9a1e5c1
2bff51ea1d217bad96581b58eae9266bd63517749ac245ccb7ebebb695352c27

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/579x579-Q90_d21d6784dc3bc6f48e2bce4258e01f7a.jpg HTTP/1.1
Host: xk12zju7cx5j4z.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xk12zju7cx5j4z.xyz/?type=really

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 20:57:33 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Mon, 14 Nov 2022 15:21:07 GMT
ETag: "15d6-5ed6fc9e09711"
Accept-Ranges: bytes
Content-Length: 5590
Content-Type: image/jpeg

xk12zju7cx5j4z.xyz/index_files/528x528-Q90_99e3eab952fe1571b9cca3339c7817ee.jpg

216.240.130.67

200 OK

5.9 kB

URL HTTP/1.1
xk12zju7cx5j4z.xyz/index_files/528x528-Q90_99e3eab952fe1571b9cca3339c7817ee.jpg
IP
216.240.130.67:0
ASN
#35916 MULTA-ASN1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 226x226, components 3\012- data
Size
5.9 kB (5923 bytes)
Hash
fbf66ca394ac05906c8dfd03fb0da6e1
d21b2363f845791c2352c3604c1747d9e3c9bed6
e60f729a024f4ea4974ab373a390bdeac811df9579ca7673ea6aea4bf70c6577

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/528x528-Q90_99e3eab952fe1571b9cca3339c7817ee.jpg HTTP/1.1
Host: xk12zju7cx5j4z.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xk12zju7cx5j4z.xyz/?type=really

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 20:57:33 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Mon, 14 Nov 2022 15:21:05 GMT
ETag: "1723-5ed6fc9ba03c2"
Accept-Ranges: bytes
Content-Length: 5923
Content-Type: image/jpeg

xk12zju7cx5j4z.xyz/index_files/Figur.png

216.240.130.67

200 OK

61 kB

URL HTTP/1.1
xk12zju7cx5j4z.xyz/index_files/Figur.png
IP
216.240.130.67:0
ASN
#35916 MULTA-ASN1

File type
PNG image data, 684 x 434, 8-bit colormap, non-interlaced\012- data
Size
61 kB (61408 bytes)
Hash
b2e6b0a8397515596f2527d3b3039d38
492a55c8ca0a3374908fa304cda2a22db66f94ce
ed852946f368caff0c0fc9f2b3afce56fd30cbc4c1e7f934bcfac75b568e418f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/Figur.png HTTP/1.1
Host: xk12zju7cx5j4z.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xk12zju7cx5j4z.xyz/?type=really

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 20:57:32 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Mon, 14 Nov 2022 15:21:14 GMT
ETag: "efe0-5ed6fca454936"
Accept-Ranges: bytes
Content-Length: 61408
Content-Type: image/png

xk12zju7cx5j4z.xyz/index_files/579x579-Q90_53a9772b8919d202965eaed44732baca.jpg

216.240.130.67

200 OK

7.6 kB

URL HTTP/1.1
xk12zju7cx5j4z.xyz/index_files/579x579-Q90_53a9772b8919d202965eaed44732baca.jpg
IP
216.240.130.67:0
ASN
#35916 MULTA-ASN1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 226x226, components 3\012- data
Size
7.6 kB (7645 bytes)
Hash
f9dd8780201cd408fd84b236383cb389
774fde8be012155ca495a6e8d666b2ae0ee845a7
48314353a155360700fcfe1645185fa881320aa244987e8e7eab32a0cd286e0a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/579x579-Q90_53a9772b8919d202965eaed44732baca.jpg HTTP/1.1
Host: xk12zju7cx5j4z.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xk12zju7cx5j4z.xyz/?type=really

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 20:57:33 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Mon, 14 Nov 2022 15:21:06 GMT
ETag: "1ddd-5ed6fc9cd5152"
Accept-Ranges: bytes
Content-Length: 7645
Content-Type: image/jpeg

xk12zju7cx5j4z.xyz/index_files/579x579-Q90_8512aeec9a1fc6b1b1e521bc026b04b2.jpg

216.240.130.67

200 OK

10 kB

URL HTTP/1.1
xk12zju7cx5j4z.xyz/index_files/579x579-Q90_8512aeec9a1fc6b1b1e521bc026b04b2.jpg
IP
216.240.130.67:0
ASN
#35916 MULTA-ASN1

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 226x226, components 3\012- data
Size
10 kB (10128 bytes)
Hash
a272e203057b841a82445c71853ab5ab
9cc5a774ad679f9d0420852829f3331b91faee9d
0c4b63447faf8f1e44320bfba04ab9ba85bb59ab3d1472541474368b99e8a5e7

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/579x579-Q90_8512aeec9a1fc6b1b1e521bc026b04b2.jpg HTTP/1.1
Host: xk12zju7cx5j4z.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xk12zju7cx5j4z.xyz/?type=really

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 20:57:33 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Mon, 14 Nov 2022 15:21:07 GMT
ETag: "2790-5ed6fc9d6ee55"
Accept-Ranges: bytes
Content-Length: 10128
Content-Type: image/jpeg

xk12zju7cx5j4z.xyz/index_files/368.jpg

216.240.130.67

200 OK

1.6 kB

URL HTTP/1.1
xk12zju7cx5j4z.xyz/index_files/368.jpg
IP
216.240.130.67:0
ASN
#35916 MULTA-ASN1

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Size
1.6 kB (1616 bytes)
Hash
4ef0e8c0aff27bea338e3181c55cf91f
6ba8d6946834a6153761cacb25f1fc2b8b8a04ab
72a7bb013aa62c527db8b359e0e9b62eb12212a5b4c509dca1017da1c734f91e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/368.jpg HTTP/1.1
Host: xk12zju7cx5j4z.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xk12zju7cx5j4z.xyz/?type=really

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 20:57:33 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Mon, 14 Nov 2022 15:21:00 GMT
ETag: "650-5ed6fc96ce8dd"
Accept-Ranges: bytes
Content-Length: 1616
Content-Type: image/jpeg

xk12zju7cx5j4z.xyz/index_files/407.jpg

216.240.130.67

200 OK

1.9 kB

URL HTTP/1.1
xk12zju7cx5j4z.xyz/index_files/407.jpg
IP
216.240.130.67:0
ASN
#35916 MULTA-ASN1

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Size
1.9 kB (1919 bytes)
Hash
b39223404ab41bdc8365f091fc51ba14
3be4f15f8016a780037f8a62309f1425462e9a3b
cca9f833ffaff20cde29d656b1c7c10b1eea86081180b9ab8aa04b61b959f31f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/407.jpg HTTP/1.1
Host: xk12zju7cx5j4z.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xk12zju7cx5j4z.xyz/?type=really

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 20:57:33 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Mon, 14 Nov 2022 15:21:03 GMT
ETag: "77f-5ed6fc9a6ae63"
Accept-Ranges: bytes
Content-Length: 1919
Content-Type: image/jpeg

xk12zju7cx5j4z.xyz/index_files/396.jpg

216.240.130.67

200 OK

1.8 kB

URL HTTP/1.1
xk12zju7cx5j4z.xyz/index_files/396.jpg
IP
216.240.130.67:0
ASN
#35916 MULTA-ASN1

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Size
1.8 kB (1750 bytes)
Hash
8ae68cf1d96afdfae1627b1a4a097598
7b8bf44dc94836e28d93a4d756ebf77a0bbe1843
687266fe358504c3224e8e62d89572224f78b8cd8e79db855d19cd8a68b15cd8

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/396.jpg HTTP/1.1
Host: xk12zju7cx5j4z.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xk12zju7cx5j4z.xyz/?type=really

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 20:57:33 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Mon, 14 Nov 2022 15:21:01 GMT
ETag: "6d6-5ed6fc98026cc"
Accept-Ranges: bytes
Content-Length: 1750
Content-Type: image/jpeg

xk12zju7cx5j4z.xyz/index_files/397.jpg

216.240.130.67

200 OK

1.8 kB

URL HTTP/1.1
xk12zju7cx5j4z.xyz/index_files/397.jpg
IP
216.240.130.67:0
ASN
#35916 MULTA-ASN1

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Size
1.8 kB (1824 bytes)
Hash
39e076d3ac33ed5040646ce7cccc75d8
e8fde93c690c3e667104f59fe5d7b76b548191c0
8d670cb710fb8e0c101439ae53bbd4954d2a3f6a7a24f64da6ea8e954a4900ff

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/397.jpg HTTP/1.1
Host: xk12zju7cx5j4z.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xk12zju7cx5j4z.xyz/?type=really

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 20:57:33 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Mon, 14 Nov 2022 15:21:01 GMT
ETag: "720-5ed6fc989bfe8"
Accept-Ranges: bytes
Content-Length: 1824
Content-Type: image/jpeg

xk12zju7cx5j4z.xyz/index_files/3.png

216.240.130.67

200 OK

8.4 kB

URL HTTP/1.1
xk12zju7cx5j4z.xyz/index_files/3.png
IP
216.240.130.67:0
ASN
#35916 MULTA-ASN1

File type
PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
8.4 kB (8354 bytes)
Hash
c018bc686847fca329aadb9c8524d786
fcfd8d6c5bde8d9145ebf39e3cf03b0f32a87799
bcbbecaa6376d1c8d5139fea37604e7903fc3d4bef1c1c5423e9c02c829fd587

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/3.png HTTP/1.1
Host: xk12zju7cx5j4z.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xk12zju7cx5j4z.xyz/?type=really

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 20:57:33 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Mon, 14 Nov 2022 15:20:58 GMT
ETag: "20a2-5ed6fc9597c0d"
Accept-Ranges: bytes
Content-Length: 8354
Content-Type: image/png

xk12zju7cx5j4z.xyz/index_files/4.png

216.240.130.67

200 OK

8.5 kB

URL HTTP/1.1
xk12zju7cx5j4z.xyz/index_files/4.png
IP
216.240.130.67:0
ASN
#35916 MULTA-ASN1

File type
PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
8.5 kB (8459 bytes)
Hash
6b15a3634237ba067a1a5b1b17285470
4b470dc2ace413e1eb641978728becf2b7b00fbc
3c71e413703815d190c58370e64112932b7b4770b9f3c9c6a1abfc955a0b89a5

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/4.png HTTP/1.1
Host: xk12zju7cx5j4z.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xk12zju7cx5j4z.xyz/?type=really

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 20:57:33 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Mon, 14 Nov 2022 15:21:03 GMT
ETag: "210b-5ed6fc99d0d77"
Accept-Ranges: bytes
Content-Length: 8459
Content-Type: image/png

xk12zju7cx5j4z.xyz/index_files/5.png

216.240.130.67

200 OK

8.2 kB

URL HTTP/1.1
xk12zju7cx5j4z.xyz/index_files/5.png
IP
216.240.130.67:0
ASN
#35916 MULTA-ASN1

File type
PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size
8.2 kB (8190 bytes)
Hash
b3b31a45209c7e31c10312a4679f9b69
1c7786f5b1260877c107d5a896d45fe5a8aa6d1a
df5eb92ee83a8c4fcf3fa61b5d6dcc0acf682dba4b27552aa2ee961a3a627253

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/5.png HTTP/1.1
Host: xk12zju7cx5j4z.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xk12zju7cx5j4z.xyz/?type=really

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 20:57:33 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Mon, 14 Nov 2022 15:21:04 GMT
ETag: "1ffe-5ed6fc9b05b06"
Accept-Ranges: bytes
Content-Length: 8190
Content-Type: image/png

xk12zju7cx5j4z.xyz/Sprite.png

216.240.130.67

200 OK

168 B

URL HTTP/1.1
xk12zju7cx5j4z.xyz/Sprite.png
IP
216.240.130.67:0
ASN
#35916 MULTA-ASN1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
168 B (168 bytes)
Hash
b7949a2c2cec5d0fc76270710f132d4e
a51a1a70d14193182bc1cca339efbf805da63a34
0de73e0545467494dda68a11a3203376a2653991d9b4ec3d0376175f23802a21

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /Sprite.png HTTP/1.1
Host: xk12zju7cx5j4z.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xk12zju7cx5j4z.xyz/?type=really

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 20:57:33 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 168
Content-Type: text/html; charset=UTF-8

xk12zju7cx5j4z.xyz/index_files/mobile%E2%80%93header.jpg

216.240.130.67

200 OK

168 B

URL HTTP/1.1
xk12zju7cx5j4z.xyz/index_files/mobile%E2%80%93header.jpg
IP
216.240.130.67:0
ASN
#35916 MULTA-ASN1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
168 B (168 bytes)
Hash
b7949a2c2cec5d0fc76270710f132d4e
a51a1a70d14193182bc1cca339efbf805da63a34
0de73e0545467494dda68a11a3203376a2653991d9b4ec3d0376175f23802a21

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /index_files/mobile%E2%80%93header.jpg HTTP/1.1
Host: xk12zju7cx5j4z.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://xk12zju7cx5j4z.xyz/?type=really

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 20:57:33 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 168
Content-Type: text/html; charset=UTF-8

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

HTTP Transactions (62)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type