demo.zeeroq.com/email/combos.vip-tlen.pl.txt
67.227.226.240 0 B URL User Request GET demo.zeeroq.com/email/combos.vip-tlen.pl.txt
IP 67.227.226.240:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /email/combos.vip-tlen.pl.txt HTTP/1.1
Host: demo.zeeroq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Cache-Control: no-cache
Content-Type: text/html; charset=UTF-8
Date: Sun, 21 May 2023 17:32:20 GMT
Location: http://ww1.zeeroq.com/email/combos.vip-tlen.pl.txt
Pragma: no-cache
Connection: Keep-Alive
X-Powered-By: PHP/5.4.16
Content-Length: 0
ww1.zeeroq.com/email/combos.vip-tlen.pl.txt
64.190.63.136200 OK 7.0 kB URL User Request GET HTTP/1.1 ww1.zeeroq.com/email/combos.vip-tlen.pl.txt
IP 64.190.63.136:80
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (10263)
Hash b7d29f1f0c67cab69132897f89b4a8c6
df05fd3820707e3abf6e48367c568c9ea1175727
d5fed2b2c4bf3439271c2a7cfbb3e127790b0782514b3de5edddcc09d2c58889
Analyzer Verdict Alert fortinet Phishing
GET /email/combos.vip-tlen.pl.txt HTTP/1.1
Host: ww1.zeeroq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Sun, 21 May 2023 17:32:21 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
vary: Accept-Encoding
x-powered-by: PHP/8.1.17
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_G5GtIPwZNiAJARH+Ups1kDNkxip1GH89RUSmGdHKc30lTVOTCZEO0swQ8CYc2WfVbUnTca+Ncv6gsEQ9jliYQA==
last-modified: Sun, 21 May 2023 17:32:21 GMT
x-cache-miss-from: parking-74ccf657ff-78s8h
server: NginX
content-encoding: gzip
img.sedoparking.com/templates/bg/arrows.png
205.234.175.175200 OK 13 kB URL GET HTTP/1.1 img.sedoparking.com/templates/bg/arrows.png
IP 205.234.175.175:80
Requested by http://ww1.zeeroq.com/email/combos.vip-tlen.pl.txt
File type PNG image data, 426 x 475, 8-bit/color RGBA, non-interlaced\012- data
Hash 6dc0bad9aa452ff871b282dabd47131e
01411e6726e033240caa3926141a6adbc18a2d73
3059fbd6cd3550047483dca4071c93e5cf4cc79ce8bafc4388166fbc5279644b
GET /templates/bg/arrows.png HTTP/1.1
Host: img.sedoparking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ww1.zeeroq.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 21 May 2023 17:32:21 GMT
Content-Type: image/png
Content-Length: 12642
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Expires: Sun, 28 May 2023 17:32:21 GMT
X-CFHash: "6dc0bad9aa452ff871b282dabd47131e"
X-CFF: B
Last-Modified: Mon, 11 Oct 2021 05:39:44 GMT
X-CF3: M
CF4Age: 0
x-cf-tsc: 1674017007
CF4ttl: 31536000.000
X-CF2: M
Server: CFS 0215
X-CF-ReqID: 421a79cb289519c7abd5526732ee850f
X-CF1: 11696:fA.arn1:cf:cacheN.arn1-01:H
Accept-Ranges: bytes
www.google.com/adsense/domains/caf.js
142.250.74.164200 OK 54 kB URL GET HTTP/1.1 www.google.com/adsense/domains/caf.js
IP 142.250.74.164:80
Requested by http://ww1.zeeroq.com/email/combos.vip-tlen.pl.txt
File type ASCII text, with very long lines (2125)
Hash e43bf8f0bc6300006745dda4615d52cd
22d322afff93f07f206762d5e5e59e6920dccad8
5ac33e9b60659702f9140aad6c28232d02af8a41d565950b116c5a7325bc1346
GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ww1.zeeroq.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Date: Sun, 21 May 2023 17:32:21 GMT
Expires: Sun, 21 May 2023 17:32:21 GMT
Cache-Control: private, max-age=3600
ETag: "8256449125891766681"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: sffe
X-XSS-Protection: 0
ww1.zeeroq.com/search/tsc.php?200=NTA1Mjg1ODE2&21=OTEuOTAuNDIuMTU0&681=MTY4NDY5MDM0MWRhZWU2NDZlY2UyODcyYmQ5YWUxMmY5MzkxMGQzY2U1&crc=5bf6b687b43b4a8309edceca38f9aab9056508d2&cv=1
64.190.63.136200 OK 0 B URL GET HTTP/1.1 ww1.zeeroq.com/search/tsc.php?200=NTA1Mjg1ODE2&21=OTEuOTAuNDIuMTU0&681=MTY4NDY5MDM0MWRhZWU2NDZlY2UyODcyYmQ5YWUxMmY5MzkxMGQzY2U1&crc=5bf6b687b43b4a8309edceca38f9aab9056508d2&cv=1
IP 64.190.63.136:80
Requested by http://ww1.zeeroq.com/email/combos.vip-tlen.pl.txt
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /search/tsc.php?200=NTA1Mjg1ODE2&21=OTEuOTAuNDIuMTU0&681=MTY4NDY5MDM0MWRhZWU2NDZlY2UyODcyYmQ5YWUxMmY5MzkxMGQzY2U1&crc=5bf6b687b43b4a8309edceca38f9aab9056508d2&cv=1 HTTP/1.1
Host: ww1.zeeroq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ww1.zeeroq.com/email/combos.vip-tlen.pl.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Sun, 21 May 2023 17:32:21 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.1.17
x-cache-miss-from: parking-74ccf657ff-7c5zr
server: NginX
img.sedoparking.com/templates/logos/sedo_logo.png
205.234.175.175200 OK 15 kB URL GET HTTP/1.1 img.sedoparking.com/templates/logos/sedo_logo.png
IP 205.234.175.175:80
Requested by http://ww1.zeeroq.com/email/combos.vip-tlen.pl.txt
File type MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash def00c11b1596db4efee6a9fbe64fc27
bd298981e6d8d7e4ffa18abcf687041f4246672d
95c427fa3143b1896faf42a6406686ce7602cb39052081bb32d12b51c9e047e4
GET /templates/logos/sedo_logo.png HTTP/1.1
Host: img.sedoparking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ww1.zeeroq.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 21 May 2023 17:32:21 GMT
Content-Type: image/png
Content-Length: 15086
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Expires: Sun, 28 May 2023 17:32:21 GMT
X-CFHash: "def00c11b1596db4efee6a9fbe64fc27"
X-CFF: B
Last-Modified: Mon, 11 Jan 2021 07:44:34 GMT
X-CF3: H
CF4Age: 10
x-cf-tsc: 1665141939
CF4ttl: 31536000.000
X-CF2: M
Server: CFS 0215
X-CF-ReqID: 7c73ff9b8b1cc2cd50d64187ec31fe5f
X-CF1: 11696:fA.arn1:cf:cacheN.arn1-01:H
Accept-Ranges: bytes