Report - yyybbb1132.cfd/?invite=MDAKG6QB

Report Overview

Submitted URL
yyybbb1132.cfd/?invite=MDAKG6QB
IP
137.220.128.143
ASN
#64050 BGPNET Global ASN
Submitted
2024-04-24 22:58:36
Access
public
Website Title
yyybbb2222.cfd-😈 小女孩训练营
Final URL
yyybbb1132.cfd/?invite=MDAKG6QB
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
60

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
yyybbb1132.cfd	unknown	2024-04-17	2024-04-18	2024-04-18	15 kB	1.5 MB	137.220.128.143

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-24	medium	yyybbb1132.cfd	Sinkholed
2024-04-24	medium	yyybbb1132.cfd	Sinkholed
2024-04-24	medium	yyybbb1132.cfd	Sinkholed
2024-04-24	medium	yyybbb1132.cfd	Sinkholed
2024-04-24	medium	yyybbb1132.cfd	Sinkholed
2024-04-24	medium	yyybbb1132.cfd	Sinkholed
2024-04-24	medium	yyybbb1132.cfd	Sinkholed
2024-04-24	medium	yyybbb1132.cfd	Sinkholed
2024-04-24	medium	yyybbb1132.cfd	Sinkholed
2024-04-24	medium	yyybbb1132.cfd	Sinkholed
2024-04-24	medium	yyybbb1132.cfd	Sinkholed
2024-04-24	medium	yyybbb1132.cfd	Sinkholed
2024-04-24	medium	yyybbb1132.cfd	Sinkholed
2024-04-24	medium	yyybbb1132.cfd	Sinkholed
2024-04-24	medium	yyybbb1132.cfd	Sinkholed
2024-04-24	medium	yyybbb1132.cfd	Sinkholed
2024-04-24	medium	yyybbb1132.cfd	Sinkholed
2024-04-24	medium	yyybbb1132.cfd	Sinkholed
2024-04-24	medium	yyybbb1132.cfd	Sinkholed
2024-04-24	medium	yyybbb1132.cfd	Sinkholed
2024-04-24	medium	yyybbb1132.cfd	Sinkholed
2024-04-24	medium	yyybbb1132.cfd	Sinkholed
2024-04-24	medium	yyybbb1132.cfd	Sinkholed
2024-04-24	medium	yyybbb1132.cfd	Sinkholed
2024-04-24	medium	yyybbb1132.cfd	Sinkholed
2024-04-24	medium	yyybbb1132.cfd	Sinkholed
2024-04-24	medium	yyybbb1132.cfd	Sinkholed
2024-04-24	medium	yyybbb1132.cfd	Sinkholed
2024-04-24	medium	yyybbb1132.cfd	Sinkholed
2024-04-24	medium	yyybbb1132.cfd	Sinkholed

ThreatFox

No alerts detected

JavaScript (7)

	URL	Size	First Seen	Last Seen
	yyybbb1132.cfd/?invite=MDAKG6QB	91 B	2023-11-18	2024-05-03
Pretty URL yyybbb1132.cfd/?invite=MDAKG6QB IP 137.220.128.143 ASN #64050 BGPNET Global ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-18 03:45:47 Last Seen2024-05-03 08:09:28 Times Seen10 Hash 4501124266190b6934364e9ea14bb6ea c5a5405c05caa60b43037ecb96ff2ea3925edc11 65acb1254db8bf3a61f46d81ed53513df96bbc89bf0bf43e5a6f3ce2e669c338 Loading...

	yyybbb1132.cfd/?invite=MDAKG6QB	1.1 kB	2023-11-18	2024-05-03
Pretty URL yyybbb1132.cfd/?invite=MDAKG6QB IP 137.220.128.143 ASN #64050 BGPNET Global ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-18 03:45:47 Last Seen2024-05-03 08:09:28 Times Seen10 Hash 9e69225a88cd5a97e5a58a7f3fda7dda 11c2882cc90e1992b9369e7e52543a4941d879f6 4acc18f431010e9d397010d94cba37218f2ddf50d61a71f2f14f7a9f0677c5bd Loading...

	yyybbb1132.cfd/MDassets/js/jquery.js	93 kB	2023-03-07	2024-05-04
Pretty URL yyybbb1132.cfd/MDassets/js/jquery.js IP 137.220.128.143 ASN #64050 BGPNET Global ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-05-04 10:44:25 Times Seen23765 Hash 397754ba49e9e0cf4e7c190da78dda05 ae49e56999d82802727455f0ba83b63acd90a22b c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4 Loading...

	yyybbb1132.cfd/MDassets/js/madouset.js	52 kB	2023-11-18	2024-05-03
Pretty URL yyybbb1132.cfd/MDassets/js/madouset.js IP 137.220.128.143 ASN #64050 BGPNET Global ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-18 03:45:47 Last Seen2024-05-03 08:09:28 Times Seen11 Hash 5f31b3fb5ce2b1257ebf21219a0009d2 30afeaeeeb01de4458b5d2ff1447852417884d44 70196287cea3b87c4bc3e482cc71f63726f57e8502050df0e45bac045bd94c9a Loading...

	yyybbb1132.cfd/MDassets/js/madouym.js	18 kB	2023-11-18	2024-05-03
Pretty URL yyybbb1132.cfd/MDassets/js/madouym.js IP 137.220.128.143 ASN #64050 BGPNET Global ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-18 03:45:47 Last Seen2024-05-03 08:09:28 Times Seen10 Hash 8bf1f452e83e1f4918fa130a20a624c7 3ac6c42fa52d23c918d9afc7bed65238d2aff707 ea9554e3d370debb14795e7e6b5d11366b225eb38e95e3de6b935c5bb17a1422 Loading...

	yyybbb1132.cfd/MDassets/js/home.js	38 kB	2023-05-07	2024-05-03
Pretty URL yyybbb1132.cfd/MDassets/js/home.js IP 137.220.128.143 ASN #64050 BGPNET Global ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-07 20:53:24 Last Seen2024-05-03 08:09:28 Times Seen51 Hash ad761aba5fe163a5894346b043059171 533b41ea4088ec28bc7d976f5b2aaa6af757239d 6a02b83cc1e0b375bbf5078f18c317e027060a210c5f3aa04e73af5928d331fb Loading...

		Size	First Seen	Last Seen
	#1 Eval - 152007192226c69c4a44f39e0a7b74db	140 kB	2023-03-07	2024-05-03
Pretty Observations First Seen2023-03-07 17:50:14 Last Seen2024-05-03 08:09:29 Times Seen57 Hash 152007192226c69c4a44f39e0a7b74db cd7823b59b4912d6548966e5eafaaa2203304cfa 846eb98bb04859bbe614b010dbf82cd4bceb94c67846778dd0e8e4f3fd0668bc Loading...

HTTP Transactions (30)

URL IP Response Size

yyybbb1132.cfd/MDassets/img/logo.png

137.220.128.143

200 OK

2.9 kB

URL GET HTTP/2
yyybbb1132.cfd/MDassets/img/logo.png
IP
137.220.128.143:443
ASN
#64050 BGPNET Global ASN

Requested by
https://yyybbb1132.cfd/?invite=MDAKG6QB
Certificate
IssuerLet's Encrypt
Subjectwww.yyybbb833.cfd
Fingerprint22:0D:F6:6E:E5:3E:EF:63:17:98:20:19:2B:ED:1D:C3:E5:73:7F:30
ValidityFri, 19 Apr 2024 04:44:04 GMT - Thu, 18 Jul 2024 04:44:03 GMT

File type
PNG image data, 324 x 66, 8-bit colormap, non-interlaced
Size
2.9 kB (2913 bytes)
Hash
0152d2dfa9d7b60813134cd8e8dc577f
329e4c831a258be284c52a870851eca5702f8281
63697efaf8b5870ba5ae44e436b5d154988d9d73e50c79f35ba8a92eb038fb8c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /MDassets/img/logo.png HTTP/1.1
Host: yyybbb1132.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: invite=MDAKG6QB; tj=666; load_time=0; notice_state=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 22:58:10 GMT
content-type: image/png
content-length: 2913
last-modified: Sat, 23 Sep 2023 16:14:12 GMT
etag: "650f0ed4-b61"
expires: Fri, 24 May 2024 22:58:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

yyybbb1132.cfd/MDassets/img/triangle.png

137.220.128.143

200 OK

371 B

URL GET HTTP/2
yyybbb1132.cfd/MDassets/img/triangle.png
IP
137.220.128.143:443
ASN
#64050 BGPNET Global ASN

Requested by
https://yyybbb1132.cfd/?invite=MDAKG6QB
Certificate
IssuerLet's Encrypt
Subjectwww.yyybbb833.cfd
Fingerprint22:0D:F6:6E:E5:3E:EF:63:17:98:20:19:2B:ED:1D:C3:E5:73:7F:30
ValidityFri, 19 Apr 2024 04:44:04 GMT - Thu, 18 Jul 2024 04:44:03 GMT

File type
PNG image data, 32 x 60, 8-bit/color RGBA, non-interlaced
Size
371 B (371 bytes)
Hash
5b25adfe7484ae3f5e9cbcf7cb1be19d
11d4d45c14b95bfa12c511079a049bd46d87ef43
84b8cb82085d34293d82bf23c044bc9e56d9530cd67b6056314ac60a5f76ecbb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /MDassets/img/triangle.png HTTP/1.1
Host: yyybbb1132.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: invite=MDAKG6QB; tj=666; load_time=0; notice_state=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 22:58:10 GMT
content-type: image/png
content-length: 371
last-modified: Sat, 23 Sep 2023 16:14:12 GMT
etag: "650f0ed4-173"
expires: Fri, 24 May 2024 22:58:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

yyybbb1132.cfd/MDassets/img/gotop.png

137.220.128.143

200 OK

2.8 kB

URL GET HTTP/2
yyybbb1132.cfd/MDassets/img/gotop.png
IP
137.220.128.143:443
ASN
#64050 BGPNET Global ASN

Requested by
https://yyybbb1132.cfd/?invite=MDAKG6QB
Certificate
IssuerLet's Encrypt
Subjectwww.yyybbb833.cfd
Fingerprint22:0D:F6:6E:E5:3E:EF:63:17:98:20:19:2B:ED:1D:C3:E5:73:7F:30
ValidityFri, 19 Apr 2024 04:44:04 GMT - Thu, 18 Jul 2024 04:44:03 GMT

File type
PNG image data, 57 x 59, 8-bit/color RGBA, non-interlaced
Size
2.8 kB (2774 bytes)
Hash
1aeae4b293c9035e595ef7ac57ed8c6e
20ea4c63148bcaf3a62f81abfb29d64439953d41
66b5ee7b280446615a924d461e2750659816148e194f8c006e420123103d9f88

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /MDassets/img/gotop.png HTTP/1.1
Host: yyybbb1132.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: invite=MDAKG6QB; tj=666; load_time=0; notice_state=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 22:58:10 GMT
content-type: image/png
content-length: 2774
last-modified: Sat, 23 Sep 2023 16:14:12 GMT
etag: "650f0ed4-ad6"
expires: Fri, 24 May 2024 22:58:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

yyybbb1132.cfd/MDassets/img/shopicon.gif

137.220.128.143

200 OK

116 kB

URL GET HTTP/2
yyybbb1132.cfd/MDassets/img/shopicon.gif
IP
137.220.128.143:443
ASN
#64050 BGPNET Global ASN

Requested by
https://yyybbb1132.cfd/?invite=MDAKG6QB
Certificate
IssuerLet's Encrypt
Subjectwww.yyybbb833.cfd
Fingerprint22:0D:F6:6E:E5:3E:EF:63:17:98:20:19:2B:ED:1D:C3:E5:73:7F:30
ValidityFri, 19 Apr 2024 04:44:04 GMT - Thu, 18 Jul 2024 04:44:03 GMT

File type
GIF image data, version 89a, 137 x 157
Size
116 kB (116089 bytes)
Hash
919b9dee46db898c9ef5d8c195d58461
232b5b5bb6a544f951896f30f11e0280d60b1ee2
ef5d41e64f546e11f902e4e180cb309136d3c8518a7365c46100a88c05ca46d9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /MDassets/img/shopicon.gif HTTP/1.1
Host: yyybbb1132.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: invite=MDAKG6QB; tj=666; load_time=0; notice_state=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 22:58:10 GMT
content-type: image/gif
content-length: 116089
last-modified: Sat, 23 Sep 2023 16:14:12 GMT
etag: "650f0ed4-1c579"
expires: Fri, 24 May 2024 22:58:10 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

yyybbb1132.cfd/MDassets/img/loading_h.png

137.220.128.143

200 OK

5.1 kB

URL GET HTTP/2
yyybbb1132.cfd/MDassets/img/loading_h.png
IP
137.220.128.143:443
ASN
#64050 BGPNET Global ASN

Requested by
https://yyybbb1132.cfd/?invite=MDAKG6QB
Certificate
IssuerLet's Encrypt
Subjectwww.yyybbb833.cfd
Fingerprint22:0D:F6:6E:E5:3E:EF:63:17:98:20:19:2B:ED:1D:C3:E5:73:7F:30
ValidityFri, 19 Apr 2024 04:44:04 GMT - Thu, 18 Jul 2024 04:44:03 GMT

File type
PNG image data, 340 x 227, 8-bit colormap, non-interlaced
Size
5.1 kB (5097 bytes)
Hash
3fb82d96c8fcd4b8ea5a8b6fe8135c02
6fec7527d517e9842d26c88c00863953d9adc4c7
f89fa2acd64a3da25c5314347ba88af44ef70749c42671c274b3f5461f6a0cd9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /MDassets/img/loading_h.png HTTP/1.1
Host: yyybbb1132.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: invite=MDAKG6QB; tj=666; load_time=0; notice_state=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 22:58:11 GMT
content-type: image/png
content-length: 5097
last-modified: Sat, 23 Sep 2023 16:14:12 GMT
etag: "650f0ed4-13e9"
expires: Fri, 24 May 2024 22:58:11 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

yyybbb1132.cfd/MDassets/img/long_active.png

137.220.128.143

200 OK

760 B

URL GET HTTP/2
yyybbb1132.cfd/MDassets/img/long_active.png
IP
137.220.128.143:443
ASN
#64050 BGPNET Global ASN

Requested by
https://yyybbb1132.cfd/?invite=MDAKG6QB
Certificate
IssuerLet's Encrypt
Subjectwww.yyybbb833.cfd
Fingerprint22:0D:F6:6E:E5:3E:EF:63:17:98:20:19:2B:ED:1D:C3:E5:73:7F:30
ValidityFri, 19 Apr 2024 04:44:04 GMT - Thu, 18 Jul 2024 04:44:03 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
760 B (760 bytes)
Hash
202b803a9d536a29e717e8bee2cbb8a6
0bac9bd4cd18ce4a4abc63a823cc3df420a4f68b
3ca8946a24c04ac910d8283fc6ef71801e214efae56d9aadb3089fd86f005368

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /MDassets/img/long_active.png HTTP/1.1
Host: yyybbb1132.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yyybbb1132.cfd/MDassets/css/app.css?v=666
Cookie: invite=MDAKG6QB; tj=666; load_time=0; notice_state=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 22:58:11 GMT
content-type: image/png
content-length: 760
last-modified: Sat, 23 Sep 2023 16:14:12 GMT
etag: "650f0ed4-2f8"
expires: Fri, 24 May 2024 22:58:11 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

yyybbb1132.cfd/MDassets/img/category.png

137.220.128.143

200 OK

391 B

URL GET HTTP/2
yyybbb1132.cfd/MDassets/img/category.png
IP
137.220.128.143:443
ASN
#64050 BGPNET Global ASN

Requested by
https://yyybbb1132.cfd/?invite=MDAKG6QB
Certificate
IssuerLet's Encrypt
Subjectwww.yyybbb833.cfd
Fingerprint22:0D:F6:6E:E5:3E:EF:63:17:98:20:19:2B:ED:1D:C3:E5:73:7F:30
ValidityFri, 19 Apr 2024 04:44:04 GMT - Thu, 18 Jul 2024 04:44:03 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced
Size
391 B (391 bytes)
Hash
e3f6d56833c281176d850aa23206032d
04ea23ebe5352d2f148c50f7ba3da6460b5ac092
ee35b1223a8835d8b68f15db71b866144f5ace6fc56650a197eaefac94da47c8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /MDassets/img/category.png HTTP/1.1
Host: yyybbb1132.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yyybbb1132.cfd/MDassets/css/app.css?v=666
Cookie: invite=MDAKG6QB; tj=666; load_time=0; notice_state=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 22:58:11 GMT
content-type: image/png
content-length: 391
last-modified: Sat, 23 Sep 2023 16:14:12 GMT
etag: "650f0ed4-187"
expires: Fri, 24 May 2024 22:58:11 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

yyybbb1132.cfd/MDassets/img/collect.png

137.220.128.143

200 OK

788 B

URL GET HTTP/2
yyybbb1132.cfd/MDassets/img/collect.png
IP
137.220.128.143:443
ASN
#64050 BGPNET Global ASN

Requested by
https://yyybbb1132.cfd/?invite=MDAKG6QB
Certificate
IssuerLet's Encrypt
Subjectwww.yyybbb833.cfd
Fingerprint22:0D:F6:6E:E5:3E:EF:63:17:98:20:19:2B:ED:1D:C3:E5:73:7F:30
ValidityFri, 19 Apr 2024 04:44:04 GMT - Thu, 18 Jul 2024 04:44:03 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced
Size
788 B (788 bytes)
Hash
46e501426ace4e9d006856effd51897c
8baeebde03d2604c890204d22d3070181fc92404
b6f62294654776a048d100fd19eca5bcc121110287052b6b7d40d69a7b01fd13

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /MDassets/img/collect.png HTTP/1.1
Host: yyybbb1132.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yyybbb1132.cfd/MDassets/css/app.css?v=666
Cookie: invite=MDAKG6QB; tj=666; load_time=0; notice_state=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 22:58:11 GMT
content-type: image/png
content-length: 788
last-modified: Sat, 23 Sep 2023 16:14:12 GMT
etag: "650f0ed4-314"
expires: Fri, 24 May 2024 22:58:11 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

yyybbb1132.cfd/MDassets/img/member.png

137.220.128.143

200 OK

1.1 kB

URL GET HTTP/2
yyybbb1132.cfd/MDassets/img/member.png
IP
137.220.128.143:443
ASN
#64050 BGPNET Global ASN

Requested by
https://yyybbb1132.cfd/?invite=MDAKG6QB
Certificate
IssuerLet's Encrypt
Subjectwww.yyybbb833.cfd
Fingerprint22:0D:F6:6E:E5:3E:EF:63:17:98:20:19:2B:ED:1D:C3:E5:73:7F:30
ValidityFri, 19 Apr 2024 04:44:04 GMT - Thu, 18 Jul 2024 04:44:03 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced
Size
1.1 kB (1055 bytes)
Hash
1902935df78ca5465e6f6b215bde677c
e73a75134c93b342f5a0749514752292bba5dd95
96df3fd7629b59de7e354fc0f3dbffcbb041e7bd39e1641dd9874475eb2ff9b4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /MDassets/img/member.png HTTP/1.1
Host: yyybbb1132.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://yyybbb1132.cfd/MDassets/css/app.css?v=666
Cookie: invite=MDAKG6QB; tj=666; load_time=0; notice_state=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 22:58:11 GMT
content-type: image/png
content-length: 1055
last-modified: Sat, 23 Sep 2023 16:14:12 GMT
etag: "650f0ed4-41f"
expires: Fri, 24 May 2024 22:58:11 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

yyybbb1132.cfd/MDassets/fonts/fa-solid-900.b15db15.woff2

137.220.128.143

200 OK

79 kB

URL GET HTTP/2
yyybbb1132.cfd/MDassets/fonts/fa-solid-900.b15db15.woff2
IP
137.220.128.143:443
ASN
#64050 BGPNET Global ASN

Requested by
https://yyybbb1132.cfd/?invite=MDAKG6QB
Certificate
IssuerLet's Encrypt
Subjectwww.yyybbb833.cfd
Fingerprint22:0D:F6:6E:E5:3E:EF:63:17:98:20:19:2B:ED:1D:C3:E5:73:7F:30
ValidityFri, 19 Apr 2024 04:44:04 GMT - Thu, 18 Jul 2024 04:44:03 GMT

File type
Web Open Font Format (Version 2), TrueType, length 79444, version 331.524
Size
79 kB (79444 bytes)
Hash
b15db15f746f29ffa02638cb455b8ec0
75a88815c47a249eadb5f0edc1675957f860cca7
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /MDassets/fonts/fa-solid-900.b15db15.woff2 HTTP/1.1
Host: yyybbb1132.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://yyybbb1132.cfd/MDassets/css/app.css?v=666
Cookie: invite=MDAKG6QB; tj=666; load_time=0; notice_state=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 22:58:11 GMT
content-type: font/woff2
content-length: 79444
last-modified: Sat, 23 Sep 2023 16:14:12 GMT
etag: "650f0ed4-13654"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

yyybbb1132.cfd/MDassets/img/infobg.png

137.220.128.143

200 OK

8.7 kB

URL GET HTTP/2
yyybbb1132.cfd/MDassets/img/infobg.png
IP
137.220.128.143:443
ASN
#64050 BGPNET Global ASN

Requested by
https://yyybbb1132.cfd/?invite=MDAKG6QB
Certificate
IssuerLet's Encrypt
Subjectwww.yyybbb833.cfd
Fingerprint22:0D:F6:6E:E5:3E:EF:63:17:98:20:19:2B:ED:1D:C3:E5:73:7F:30
ValidityFri, 19 Apr 2024 04:44:04 GMT - Thu, 18 Jul 2024 04:44:03 GMT

File type
PNG image data, 560 x 174, 8-bit colormap, non-interlaced
Size
8.7 kB (8654 bytes)
Hash
924543ee9462c199425ffbf0c1ed7e67
4e03fd6e33ea47eb03b81fda56737c9bc78c9b6b
e71566f528e854ce6a3cc02de409f7424051a88928ed66107e1c629e0f09ff7f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /MDassets/img/infobg.png HTTP/1.1
Host: yyybbb1132.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: invite=MDAKG6QB; tj=666; load_time=0; notice_state=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 22:58:11 GMT
content-type: image/png
content-length: 8654
last-modified: Sat, 23 Sep 2023 16:14:12 GMT
etag: "650f0ed4-21ce"
expires: Fri, 24 May 2024 22:58:11 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

yyybbb1132.cfd/MDassets/js/theme/default/layer.css?v=3.1.1

137.220.128.143

200 OK

59 kB

URL GET HTTP/2
yyybbb1132.cfd/MDassets/js/theme/default/layer.css?v=3.1.1
IP
137.220.128.143:443
ASN
#64050 BGPNET Global ASN

Requested by
https://yyybbb1132.cfd/?invite=MDAKG6QB
Certificate
IssuerLet's Encrypt
Subjectwww.yyybbb833.cfd
Fingerprint22:0D:F6:6E:E5:3E:EF:63:17:98:20:19:2B:ED:1D:C3:E5:73:7F:30
ValidityFri, 19 Apr 2024 04:44:04 GMT - Thu, 18 Jul 2024 04:44:03 GMT

File type
gzip compressed data, from Unix
Size
59 kB (59170 bytes)
Hash
0b9351ba8f520486c66afd8b06c53b13
6e78484baad9f3b8574b2e155ed82815152325ac
2afb75091275ba046b76c89d3d721d45055633f93a33f7feffb9323330264714

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /MDassets/js/theme/default/layer.css?v=3.1.1 HTTP/1.1
Host: yyybbb1132.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: invite=MDAKG6QB; tj=666; load_time=0; notice_state=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 22:58:11 GMT
content-type: text/css
last-modified: Sat, 23 Sep 2023 16:14:12 GMT
vary: Accept-Encoding
etag: W/"650f0ed4-44c4"
expires: Thu, 25 Apr 2024 10:58:11 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

yyybbb1132.cfd/thumb/20240424/cfdfc3dc/6001.jpg

137.220.128.143

200 OK

57 kB

URL GET HTTP/2
yyybbb1132.cfd/thumb/20240424/cfdfc3dc/6001.jpg
IP
137.220.128.143:443
ASN
#64050 BGPNET Global ASN

Requested by
https://yyybbb1132.cfd/?invite=MDAKG6QB
Certificate
IssuerLet's Encrypt
Subjectwww.yyybbb833.cfd
Fingerprint22:0D:F6:6E:E5:3E:EF:63:17:98:20:19:2B:ED:1D:C3:E5:73:7F:30
ValidityFri, 19 Apr 2024 04:44:04 GMT - Thu, 18 Jul 2024 04:44:03 GMT

File type
JPEG image data, baseline, precision 8, 720x1280, components 3
Size
57 kB (56734 bytes)
Hash
f225ebe3f7c141c19ee88e2e2edb3d52
8d69a061f915c36b3dbb50625feca1ea95129e4e
d4086b9a3ef69c39599559330a0ad7e7faba6e5ad4ae6e7167eb09e6440f4e20

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /thumb/20240424/cfdfc3dc/6001.jpg HTTP/1.1
Host: yyybbb1132.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: invite=MDAKG6QB; tj=666; load_time=0; notice_state=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 22:58:11 GMT
content-type: image/jpeg
content-length: 56734
last-modified: Wed, 24 Apr 2024 01:44:04 GMT
etag: "662863e4-dd9e"
expires: Fri, 24 May 2024 22:58:11 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

yyybbb1132.cfd/thumb/20240424/0f2da833/6000.jpg

137.220.128.143

200 OK

56 kB

URL GET HTTP/2
yyybbb1132.cfd/thumb/20240424/0f2da833/6000.jpg
IP
137.220.128.143:443
ASN
#64050 BGPNET Global ASN

Requested by
https://yyybbb1132.cfd/?invite=MDAKG6QB
Certificate
IssuerLet's Encrypt
Subjectwww.yyybbb833.cfd
Fingerprint22:0D:F6:6E:E5:3E:EF:63:17:98:20:19:2B:ED:1D:C3:E5:73:7F:30
ValidityFri, 19 Apr 2024 04:44:04 GMT - Thu, 18 Jul 2024 04:44:03 GMT

File type
JPEG image data, baseline, precision 8, 1448x1080, components 3
Size
56 kB (55779 bytes)
Hash
11bf052768bc7e3601c92982fa341894
a51fdfe064fb2a1056e0593544aae3e354e6c629
d229139c30e5042c9f34119051ace0a155ee35c8de94e9335a6094aee8785ce3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /thumb/20240424/0f2da833/6000.jpg HTTP/1.1
Host: yyybbb1132.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: invite=MDAKG6QB; tj=666; load_time=0; notice_state=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 22:58:11 GMT
content-type: image/jpeg
content-length: 55779
last-modified: Wed, 24 Apr 2024 01:43:58 GMT
etag: "662863de-d9e3"
expires: Fri, 24 May 2024 22:58:11 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

yyybbb1132.cfd/MDassets/css/alert.css

137.220.128.143

200 OK

32 kB

URL GET HTTP/2
yyybbb1132.cfd/MDassets/css/alert.css
IP
137.220.128.143:443
ASN
#64050 BGPNET Global ASN

Requested by
https://yyybbb1132.cfd/?invite=MDAKG6QB
Certificate
IssuerLet's Encrypt
Subjectwww.yyybbb833.cfd
Fingerprint22:0D:F6:6E:E5:3E:EF:63:17:98:20:19:2B:ED:1D:C3:E5:73:7F:30
ValidityFri, 19 Apr 2024 04:44:04 GMT - Thu, 18 Jul 2024 04:44:03 GMT

File type
gzip compressed data, from Unix
Size
32 kB (31615 bytes)
Hash
61b43c7afeba2726151d29b11e01eb44
1f18a2e27b1cb3d546c72b6defe745d6d39df818
c53b6816f44f0c2f3675a535980ecc6c55af900738267e0bed0f35f955cd8c10

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /MDassets/css/alert.css HTTP/1.1
Host: yyybbb1132.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: invite=MDAKG6QB; tj=666; load_time=0; notice_state=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 22:58:11 GMT
content-type: text/css
last-modified: Sat, 23 Sep 2023 16:14:12 GMT
vary: Accept-Encoding
etag: W/"650f0ed4-1565"
expires: Thu, 25 Apr 2024 10:58:11 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

yyybbb1132.cfd/thumb/20240424/4956ac26/6004.jpg

137.220.128.143

200 OK

62 kB

URL GET HTTP/2
yyybbb1132.cfd/thumb/20240424/4956ac26/6004.jpg
IP
137.220.128.143:443
ASN
#64050 BGPNET Global ASN

Requested by
https://yyybbb1132.cfd/?invite=MDAKG6QB
Certificate
IssuerLet's Encrypt
Subjectwww.yyybbb833.cfd
Fingerprint22:0D:F6:6E:E5:3E:EF:63:17:98:20:19:2B:ED:1D:C3:E5:73:7F:30
ValidityFri, 19 Apr 2024 04:44:04 GMT - Thu, 18 Jul 2024 04:44:03 GMT

File type
JPEG image data, baseline, precision 8, 1920x1052, components 3
Size
62 kB (62400 bytes)
Hash
a872aaafc88bcaaeeb8dc53ea353851a
29b24e66501959af18293434b0dc3bc9b41506a4
397e27652e3f9464d245c786a8e17754500bb786b79ef29b900f0e28fe392d52

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /thumb/20240424/4956ac26/6004.jpg HTTP/1.1
Host: yyybbb1132.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: invite=MDAKG6QB; tj=666; load_time=0; notice_state=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 22:58:11 GMT
content-type: image/jpeg
content-length: 62400
last-modified: Wed, 24 Apr 2024 01:43:34 GMT
etag: "662863c6-f3c0"
expires: Fri, 24 May 2024 22:58:11 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

yyybbb1132.cfd/thumb/20240424/b9c782e3/5999.jpg

137.220.128.143

200 OK

62 kB

URL GET HTTP/2
yyybbb1132.cfd/thumb/20240424/b9c782e3/5999.jpg
IP
137.220.128.143:443
ASN
#64050 BGPNET Global ASN

Requested by
https://yyybbb1132.cfd/?invite=MDAKG6QB
Certificate
IssuerLet's Encrypt
Subjectwww.yyybbb833.cfd
Fingerprint22:0D:F6:6E:E5:3E:EF:63:17:98:20:19:2B:ED:1D:C3:E5:73:7F:30
ValidityFri, 19 Apr 2024 04:44:04 GMT - Thu, 18 Jul 2024 04:44:03 GMT

File type
JPEG image data, baseline, precision 8, 1552x1080, components 3
Size
62 kB (61928 bytes)
Hash
1c776f85ad686cf394b86da8dcb1d814
292953af415721e7d1c4576641722010d5e66923
6c126b1b3e0cdc16ead7915ba4e7476c2b118e658ef5161ba11906dafce1fe62

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /thumb/20240424/b9c782e3/5999.jpg HTTP/1.1
Host: yyybbb1132.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: invite=MDAKG6QB; tj=666; load_time=0; notice_state=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 22:58:11 GMT
content-type: image/jpeg
content-length: 61928
last-modified: Wed, 24 Apr 2024 01:43:25 GMT
etag: "662863bd-f1e8"
expires: Fri, 24 May 2024 22:58:11 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

yyybbb1132.cfd/MDassets/img/icons/apple-touch-icon-152x152.png

137.220.128.143

200 OK

9.0 kB

URL GET HTTP/2
yyybbb1132.cfd/MDassets/img/icons/apple-touch-icon-152x152.png
IP
137.220.128.143:443
ASN
#64050 BGPNET Global ASN

Requested by
https://yyybbb1132.cfd/?invite=MDAKG6QB
Certificate
IssuerLet's Encrypt
Subjectwww.yyybbb833.cfd
Fingerprint22:0D:F6:6E:E5:3E:EF:63:17:98:20:19:2B:ED:1D:C3:E5:73:7F:30
ValidityFri, 19 Apr 2024 04:44:04 GMT - Thu, 18 Jul 2024 04:44:03 GMT

File type
PNG image data, 152 x 152, 8-bit/color RGB, non-interlaced
Size
9.0 kB (9013 bytes)
Hash
80f4331a8e2711d076e3344a57b6ec6b
21bdafc5799e1cfeb5a0b5145e856e79b4c67f6a
d220d6670b94e024f553f1744a7159439bdd19abf8021a2bcd8c7f541a618b52

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /MDassets/img/icons/apple-touch-icon-152x152.png HTTP/1.1
Host: yyybbb1132.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: invite=MDAKG6QB; tj=666; load_time=0; notice_state=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 22:58:12 GMT
content-type: image/png
content-length: 9013
last-modified: Sat, 23 Sep 2023 16:14:12 GMT
etag: "650f0ed4-2335"
expires: Fri, 24 May 2024 22:58:12 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

yyybbb1132.cfd/favicon.ico

137.220.128.143

200 OK

1.2 kB

URL GET HTTP/2
yyybbb1132.cfd/favicon.ico
IP
137.220.128.143:443
ASN
#64050 BGPNET Global ASN

Requested by
https://yyybbb1132.cfd/?invite=MDAKG6QB
Certificate
IssuerLet's Encrypt
Subjectwww.yyybbb833.cfd
Fingerprint22:0D:F6:6E:E5:3E:EF:63:17:98:20:19:2B:ED:1D:C3:E5:73:7F:30
ValidityFri, 19 Apr 2024 04:44:04 GMT - Thu, 18 Jul 2024 04:44:03 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Size
1.2 kB (1150 bytes)
Hash
e491a5cc2e92ecc7319ec1cf6992550e
3afe14f34a96bc28e5ed0673e1dff0af53f1f850
2aec32b9e2848c7215569d4269a567af10fb4a955925290042ca376488c176e8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: yyybbb1132.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: invite=MDAKG6QB; tj=666; load_time=0; notice_state=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 22:58:12 GMT
content-type: image/x-icon
content-length: 1150
last-modified: Sun, 15 Oct 2023 05:07:27 GMT
etag: "652b738f-47e"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

yyybbb1132.cfd/MDassets/js/home.js

137.220.128.143

200 OK

38 kB

URL GET HTTP/2
yyybbb1132.cfd/MDassets/js/home.js
IP
137.220.128.143:443
ASN
#64050 BGPNET Global ASN

Requested by
https://yyybbb1132.cfd/?invite=MDAKG6QB
Certificate
IssuerLet's Encrypt
Subjectwww.yyybbb833.cfd
Fingerprint22:0D:F6:6E:E5:3E:EF:63:17:98:20:19:2B:ED:1D:C3:E5:73:7F:30
ValidityFri, 19 Apr 2024 04:44:04 GMT - Thu, 18 Jul 2024 04:44:03 GMT

File type

Size
38 kB (37906 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /MDassets/js/home.js HTTP/1.1
Host: yyybbb1132.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: invite=MDAKG6QB; tj=666; load_time=0; notice_state=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 22:58:10 GMT
content-type: application/javascript
last-modified: Sat, 23 Sep 2023 16:14:12 GMT
vary: Accept-Encoding
etag: W/"650f0ed4-9412"
expires: Thu, 25 Apr 2024 10:58:10 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

yyybbb1132.cfd/MDassets/css/swiper.min.css

137.220.128.143

200 OK

16 kB

URL GET HTTP/2
yyybbb1132.cfd/MDassets/css/swiper.min.css
IP
137.220.128.143:443
ASN
#64050 BGPNET Global ASN

Requested by
https://yyybbb1132.cfd/?invite=MDAKG6QB
Certificate
IssuerLet's Encrypt
Subjectwww.yyybbb833.cfd
Fingerprint22:0D:F6:6E:E5:3E:EF:63:17:98:20:19:2B:ED:1D:C3:E5:73:7F:30
ValidityFri, 19 Apr 2024 04:44:04 GMT - Thu, 18 Jul 2024 04:44:03 GMT

File type
ASCII text, with very long lines (2254), with CRLF line terminators
Size
16 kB (15722 bytes)
Hash
b391cb7a46bd7431b031b9a9b782f3b5
fb4925183db37d4d503af50ed56db2f95984a9fa
3444efd696844e7b8985870859a1799275ed6ffb25bbf1e352ecc3b0840ca48e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /MDassets/css/swiper.min.css HTTP/1.1
Host: yyybbb1132.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: invite=MDAKG6QB; tj=666; load_time=0; notice_state=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 22:58:10 GMT
content-type: text/css
last-modified: Sat, 23 Sep 2023 16:14:12 GMT
vary: Accept-Encoding
etag: W/"650f0ed4-3d6a"
expires: Thu, 25 Apr 2024 10:58:10 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

yyybbb1132.cfd/MDassets/js/madouset.js

137.220.128.143

200 OK

52 kB

URL GET HTTP/2
yyybbb1132.cfd/MDassets/js/madouset.js
IP
137.220.128.143:443
ASN
#64050 BGPNET Global ASN

Requested by
https://yyybbb1132.cfd/?invite=MDAKG6QB
Certificate
IssuerLet's Encrypt
Subjectwww.yyybbb833.cfd
Fingerprint22:0D:F6:6E:E5:3E:EF:63:17:98:20:19:2B:ED:1D:C3:E5:73:7F:30
ValidityFri, 19 Apr 2024 04:44:04 GMT - Thu, 18 Jul 2024 04:44:03 GMT

File type

Size
52 kB (52173 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /MDassets/js/madouset.js HTTP/1.1
Host: yyybbb1132.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: invite=MDAKG6QB; tj=666; load_time=0; notice_state=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 22:58:10 GMT
content-type: application/javascript
last-modified: Sat, 23 Sep 2023 16:14:12 GMT
vary: Accept-Encoding
etag: W/"650f0ed4-cbcd"
expires: Thu, 25 Apr 2024 10:58:10 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

yyybbb1132.cfd/MDassets/css/app.css?v=666

137.220.128.143

200 OK

217 kB

URL GET HTTP/2
yyybbb1132.cfd/MDassets/css/app.css?v=666
IP
137.220.128.143:443
ASN
#64050 BGPNET Global ASN

Requested by
https://yyybbb1132.cfd/?invite=MDAKG6QB
Certificate
IssuerLet's Encrypt
Subjectwww.yyybbb833.cfd
Fingerprint22:0D:F6:6E:E5:3E:EF:63:17:98:20:19:2B:ED:1D:C3:E5:73:7F:30
ValidityFri, 19 Apr 2024 04:44:04 GMT - Thu, 18 Jul 2024 04:44:03 GMT

File type
ASCII text
Size
217 kB (216955 bytes)
Hash
5b9d9e226c3697928c30b0afc4a1986a
a271568455dee0f522f325a84f03c63e34879338
d3af0ee066fb75e5ffde922a8d1ad940432b2a596ca19962cb66118ea88f10c1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /MDassets/css/app.css?v=666 HTTP/1.1
Host: yyybbb1132.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: invite=MDAKG6QB; tj=666; load_time=0; notice_state=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 22:58:10 GMT
content-type: text/css
last-modified: Tue, 26 Sep 2023 14:21:39 GMT
vary: Accept-Encoding
etag: W/"6512e8f3-34f7b"
expires: Thu, 25 Apr 2024 10:58:10 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

yyybbb1132.cfd/?invite=MDAKG6QB

137.220.128.143

200 OK

94 kB

URL User Request GET HTTP/2
yyybbb1132.cfd/?invite=MDAKG6QB
IP
137.220.128.143:443
ASN
#64050 BGPNET Global ASN

Certificate
IssuerLet's Encrypt
Subjectwww.yyybbb833.cfd
Fingerprint22:0D:F6:6E:E5:3E:EF:63:17:98:20:19:2B:ED:1D:C3:E5:73:7F:30
ValidityFri, 19 Apr 2024 04:44:04 GMT - Thu, 18 Jul 2024 04:44:03 GMT

File type

Size
94 kB (94248 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?invite=MDAKG6QB HTTP/1.1
Host: yyybbb1132.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 22:58:10 GMT
content-type: text/html; charset=utf-8
set-cookie: user_ts=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
invite=MDAKG6QB; path=/
tj=666; path=/
load_state=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
load_autoe=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
load_img=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
load_url=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
load_time=0
notice_state=1
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

yyybbb1132.cfd/thumb/20240424/16f91fb9/6002.jpg

137.220.128.143

200 OK

30 kB

URL GET HTTP/2
yyybbb1132.cfd/thumb/20240424/16f91fb9/6002.jpg
IP
137.220.128.143:443
ASN
#64050 BGPNET Global ASN

Requested by
https://yyybbb1132.cfd/?invite=MDAKG6QB
Certificate
IssuerLet's Encrypt
Subjectwww.yyybbb833.cfd
Fingerprint22:0D:F6:6E:E5:3E:EF:63:17:98:20:19:2B:ED:1D:C3:E5:73:7F:30
ValidityFri, 19 Apr 2024 04:44:04 GMT - Thu, 18 Jul 2024 04:44:03 GMT

File type
JPEG image data, baseline, precision 8, 704x1280, components 3
Size
30 kB (30026 bytes)
Hash
e31ed2af6521af0f666ff113ac17ac99
63c2db7ce0f706b6a8fe7828e4c199138309ddad
08d41f7ed1fd714e805b00e9d61b272d0bc6afb4dc7eb7a3920ba744b64959d3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /thumb/20240424/16f91fb9/6002.jpg HTTP/1.1
Host: yyybbb1132.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: invite=MDAKG6QB; tj=666; load_time=0; notice_state=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 22:58:11 GMT
content-type: image/jpeg
content-length: 30026
last-modified: Wed, 24 Apr 2024 01:43:43 GMT
etag: "662863cf-754a"
expires: Fri, 24 May 2024 22:58:11 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

yyybbb1132.cfd/MDassets/js/madouym.js

137.220.128.143

200 OK

18 kB

URL GET HTTP/2
yyybbb1132.cfd/MDassets/js/madouym.js
IP
137.220.128.143:443
ASN
#64050 BGPNET Global ASN

Requested by
https://yyybbb1132.cfd/?invite=MDAKG6QB
Certificate
IssuerLet's Encrypt
Subjectwww.yyybbb833.cfd
Fingerprint22:0D:F6:6E:E5:3E:EF:63:17:98:20:19:2B:ED:1D:C3:E5:73:7F:30
ValidityFri, 19 Apr 2024 04:44:04 GMT - Thu, 18 Jul 2024 04:44:03 GMT

File type

Size
18 kB (18044 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /MDassets/js/madouym.js HTTP/1.1
Host: yyybbb1132.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: invite=MDAKG6QB; tj=666; load_time=0; notice_state=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 22:58:10 GMT
content-type: application/javascript
last-modified: Sun, 05 Nov 2023 04:35:04 GMT
vary: Accept-Encoding
etag: W/"65471b78-467c"
expires: Thu, 25 Apr 2024 10:58:10 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

yyybbb1132.cfd/MDassets/js/jquery.js

137.220.128.143

200 OK

93 kB

URL GET HTTP/2
yyybbb1132.cfd/MDassets/js/jquery.js
IP
137.220.128.143:443
ASN
#64050 BGPNET Global ASN

Requested by
https://yyybbb1132.cfd/?invite=MDAKG6QB
Certificate
IssuerLet's Encrypt
Subjectwww.yyybbb833.cfd
Fingerprint22:0D:F6:6E:E5:3E:EF:63:17:98:20:19:2B:ED:1D:C3:E5:73:7F:30
ValidityFri, 19 Apr 2024 04:44:04 GMT - Thu, 18 Jul 2024 04:44:03 GMT

File type
JavaScript source, ASCII text, with very long lines (32089)
Size
93 kB (92629 bytes)
Hash
397754ba49e9e0cf4e7c190da78dda05
ae49e56999d82802727455f0ba83b63acd90a22b
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /MDassets/js/jquery.js HTTP/1.1
Host: yyybbb1132.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: invite=MDAKG6QB; tj=666; load_time=0; notice_state=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 22:58:10 GMT
content-type: application/javascript
last-modified: Sat, 23 Sep 2023 16:14:12 GMT
vary: Accept-Encoding
etag: W/"650f0ed4-169d5"
expires: Thu, 25 Apr 2024 10:58:10 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

yyybbb1132.cfd/thumb/20240424/00433e8c/5993.jpg

137.220.128.143

200 OK

56 kB

URL GET HTTP/2
yyybbb1132.cfd/thumb/20240424/00433e8c/5993.jpg
IP
137.220.128.143:443
ASN
#64050 BGPNET Global ASN

Requested by
https://yyybbb1132.cfd/?invite=MDAKG6QB
Certificate
IssuerLet's Encrypt
Subjectwww.yyybbb833.cfd
Fingerprint22:0D:F6:6E:E5:3E:EF:63:17:98:20:19:2B:ED:1D:C3:E5:73:7F:30
ValidityFri, 19 Apr 2024 04:44:04 GMT - Thu, 18 Jul 2024 04:44:03 GMT

File type
JPEG image data, baseline, precision 8, 1080x1702, components 3
Size
56 kB (55653 bytes)
Hash
fe9bd174cbddb24004fa905461f7148a
e2cf982bacc45b439d8f785410ed7be5416f5887
42d06eb2ba90c18d8196cbe41052734a41a0de36c9fc738bcf1e4fc2cbb596bb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /thumb/20240424/00433e8c/5993.jpg HTTP/1.1
Host: yyybbb1132.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: invite=MDAKG6QB; tj=666; load_time=0; notice_state=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 22:58:11 GMT
content-type: image/jpeg
content-length: 55653
last-modified: Wed, 24 Apr 2024 01:44:08 GMT
etag: "662863e8-d965"
expires: Fri, 24 May 2024 22:58:11 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

yyybbb1132.cfd/MDassets/js/swiper-bundle.min.js?_=1713999491281

137.220.128.143

200 OK

140 kB

URL GET HTTP/2
yyybbb1132.cfd/MDassets/js/swiper-bundle.min.js?_=1713999491281
IP
137.220.128.143:443
ASN
#64050 BGPNET Global ASN

Requested by
https://yyybbb1132.cfd/?invite=MDAKG6QB
Certificate
IssuerLet's Encrypt
Subjectwww.yyybbb833.cfd
Fingerprint22:0D:F6:6E:E5:3E:EF:63:17:98:20:19:2B:ED:1D:C3:E5:73:7F:30
ValidityFri, 19 Apr 2024 04:44:04 GMT - Thu, 18 Jul 2024 04:44:03 GMT

File type
JavaScript source, ASCII text, with very long lines (65280)
Size
140 kB (139760 bytes)
Hash
152007192226c69c4a44f39e0a7b74db
cd7823b59b4912d6548966e5eafaaa2203304cfa
846eb98bb04859bbe614b010dbf82cd4bceb94c67846778dd0e8e4f3fd0668bc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /MDassets/js/swiper-bundle.min.js?_=1713999491281 HTTP/1.1
Host: yyybbb1132.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: invite=MDAKG6QB; tj=666; load_time=0; notice_state=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 22:58:11 GMT
content-type: application/javascript
last-modified: Sat, 23 Sep 2023 16:14:12 GMT
vary: Accept-Encoding
etag: W/"650f0ed4-221f0"
expires: Thu, 25 Apr 2024 10:58:11 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

yyybbb1132.cfd/MDassets/js/swiper-bundle.min.js

137.220.128.143

200 OK

140 kB

URL GET HTTP/2
yyybbb1132.cfd/MDassets/js/swiper-bundle.min.js
IP
137.220.128.143:443
ASN
#64050 BGPNET Global ASN

Requested by
https://yyybbb1132.cfd/?invite=MDAKG6QB
Certificate
IssuerLet's Encrypt
Subjectwww.yyybbb833.cfd
Fingerprint22:0D:F6:6E:E5:3E:EF:63:17:98:20:19:2B:ED:1D:C3:E5:73:7F:30
ValidityFri, 19 Apr 2024 04:44:04 GMT - Thu, 18 Jul 2024 04:44:03 GMT

File type
JavaScript source, ASCII text, with very long lines (65280)
Size
140 kB (139760 bytes)
Hash
152007192226c69c4a44f39e0a7b74db
cd7823b59b4912d6548966e5eafaaa2203304cfa
846eb98bb04859bbe614b010dbf82cd4bceb94c67846778dd0e8e4f3fd0668bc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /MDassets/js/swiper-bundle.min.js HTTP/1.1
Host: yyybbb1132.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: invite=MDAKG6QB; tj=666; load_time=0; notice_state=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 22:58:10 GMT
content-type: application/javascript
last-modified: Sat, 23 Sep 2023 16:14:12 GMT
vary: Accept-Encoding
etag: W/"650f0ed4-221f0"
expires: Thu, 25 Apr 2024 10:58:10 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

HTTP Transactions (30)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections